summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rwxr-xr-x.papr.sh40
-rw-r--r--.papr.yml33
-rw-r--r--.pylintrc3
-rw-r--r--.tito/packages/openshift-ansible2
-rw-r--r--.tito/releasers.conf9
-rw-r--r--DEPLOYMENT_TYPES.md4
-rw-r--r--README.md51
-rw-r--r--README_CONTAINERIZED_INSTALLATION.md2
-rw-r--r--README_CONTAINER_IMAGE.md4
-rw-r--r--ansible.cfg16
-rw-r--r--callback_plugins/aa_version_requirement.py60
-rw-r--r--docs/proposals/crt_management_proposal.md113
-rw-r--r--docs/proposals/role_decomposition.md2
-rw-r--r--files/origin-components/apiserver-template.yaml3
-rw-r--r--filter_plugins/oo_filters.py1239
-rw-r--r--filter_plugins/openshift_version.py127
-rw-r--r--images/installer/README_INVENTORY_GENERATOR.md2
-rw-r--r--images/installer/root/exports/manifest.json2
-rwxr-xr-ximages/installer/root/usr/local/bin/run2
-rw-r--r--inventory/.gitignore (renamed from inventory/byo/.gitignore)0
-rw-r--r--inventory/README.md6
-rw-r--r--inventory/byo/hosts.byo.glusterfs.external.example56
-rw-r--r--inventory/byo/hosts.byo.glusterfs.mixed.example59
-rw-r--r--inventory/byo/hosts.byo.glusterfs.native.example46
-rw-r--r--inventory/byo/hosts.byo.glusterfs.registry-only.example52
-rw-r--r--inventory/byo/hosts.byo.glusterfs.storage-and-registry.example63
-rw-r--r--inventory/byo/hosts.example1076
-rw-r--r--inventory/byo/hosts.openstack37
-rw-r--r--inventory/hosts.example1095
-rw-r--r--inventory/hosts.glusterfs.external.example60
-rw-r--r--inventory/hosts.glusterfs.mixed.example63
-rw-r--r--inventory/hosts.glusterfs.native.example50
-rw-r--r--inventory/hosts.glusterfs.registry-only.example56
-rw-r--r--inventory/hosts.glusterfs.storage-and-registry.example67
-rw-r--r--inventory/hosts.openstack37
-rw-r--r--lookup_plugins/README.md1
-rw-r--r--openshift-ansible.spec786
-rw-r--r--playbooks/adhoc/openshift_hosted_logging_efk.yaml2
-rw-r--r--playbooks/adhoc/uninstall.yml90
-rw-r--r--playbooks/aws/README.md6
-rwxr-xr-xplaybooks/aws/openshift-cluster/accept.yml6
-rw-r--r--playbooks/aws/openshift-cluster/build_ami.yml6
l---------playbooks/aws/openshift-cluster/filter_plugins1
-rw-r--r--playbooks/aws/openshift-cluster/hosted.yml25
-rw-r--r--playbooks/aws/openshift-cluster/install.yml33
l---------playbooks/aws/openshift-cluster/lookup_plugins1
-rw-r--r--playbooks/aws/openshift-cluster/prerequisites.yml8
-rw-r--r--playbooks/aws/openshift-cluster/provision_install.yml15
-rw-r--r--playbooks/aws/openshift-cluster/provision_sec_group.yml2
-rw-r--r--playbooks/aws/provisioning-inventory.example.ini1
-rw-r--r--playbooks/byo/config.yml2
l---------playbooks/byo/filter_plugins1
l---------playbooks/byo/lookup_plugins1
-rw-r--r--playbooks/byo/openshift-checks/README.md104
-rw-r--r--playbooks/byo/openshift-checks/adhoc.yml27
l---------playbooks/byo/openshift-checks/certificate_expiry/roles1
-rw-r--r--playbooks/byo/openshift-checks/health.yml6
-rw-r--r--playbooks/byo/openshift-checks/pre-install.yml6
-rw-r--r--playbooks/byo/openshift-cluster/config.yml10
-rw-r--r--playbooks/byo/openshift-cluster/enable_dnsmasq.yml4
l---------playbooks/byo/openshift-cluster/filter_plugins1
-rw-r--r--playbooks/byo/openshift-cluster/initialize_groups.yml10
l---------playbooks/byo/openshift-cluster/lookup_plugins1
-rw-r--r--playbooks/byo/openshift-cluster/openshift-hosted.yml6
-rw-r--r--playbooks/byo/openshift-cluster/openshift-logging.yml15
-rw-r--r--playbooks/byo/openshift-cluster/openshift-metrics.yml10
-rw-r--r--playbooks/byo/openshift-cluster/openshift-prometheus.yml6
-rw-r--r--playbooks/byo/openshift-cluster/openshift-provisioners.yml6
-rw-r--r--playbooks/byo/openshift-cluster/redeploy-certificates.yml44
-rw-r--r--playbooks/byo/openshift-cluster/redeploy-etcd-ca.yml10
-rw-r--r--playbooks/byo/openshift-cluster/redeploy-etcd-certificates.yml24
-rw-r--r--playbooks/byo/openshift-cluster/redeploy-master-certificates.yml16
-rw-r--r--playbooks/byo/openshift-cluster/redeploy-node-certificates.yml16
-rw-r--r--playbooks/byo/openshift-cluster/redeploy-openshift-ca.yml10
-rw-r--r--playbooks/byo/openshift-cluster/redeploy-registry-certificates.yml10
-rw-r--r--playbooks/byo/openshift-cluster/redeploy-router-certificates.yml10
-rw-r--r--playbooks/byo/openshift-cluster/service-catalog.yml15
-rw-r--r--playbooks/byo/openshift-cluster/upgrades/README.md3
-rw-r--r--playbooks/byo/openshift-cluster/upgrades/docker/upgrade.yml4
-rw-r--r--playbooks/byo/openshift-cluster/upgrades/upgrade_etcd.yml6
-rw-r--r--playbooks/byo/openshift-cluster/upgrades/v3_3/README.md18
-rw-r--r--playbooks/byo/openshift-cluster/upgrades/v3_3/upgrade.yml7
-rw-r--r--playbooks/byo/openshift-cluster/upgrades/v3_3/upgrade_control_plane.yml16
-rw-r--r--playbooks/byo/openshift-cluster/upgrades/v3_3/upgrade_nodes.yml9
-rw-r--r--playbooks/byo/openshift-cluster/upgrades/v3_4/README.md18
-rw-r--r--playbooks/byo/openshift-cluster/upgrades/v3_4/upgrade.yml7
-rw-r--r--playbooks/byo/openshift-cluster/upgrades/v3_4/upgrade_control_plane.yml16
-rw-r--r--playbooks/byo/openshift-cluster/upgrades/v3_4/upgrade_nodes.yml9
-rw-r--r--playbooks/byo/openshift-cluster/upgrades/v3_5/README.md18
-rw-r--r--playbooks/byo/openshift-cluster/upgrades/v3_5/upgrade.yml7
-rw-r--r--playbooks/byo/openshift-cluster/upgrades/v3_5/upgrade_control_plane.yml16
-rw-r--r--playbooks/byo/openshift-cluster/upgrades/v3_5/upgrade_nodes.yml9
-rw-r--r--playbooks/byo/openshift-cluster/upgrades/v3_6/upgrade.yml4
-rw-r--r--playbooks/byo/openshift-cluster/upgrades/v3_6/upgrade_control_plane.yml4
-rw-r--r--playbooks/byo/openshift-cluster/upgrades/v3_6/upgrade_nodes.yml4
-rw-r--r--playbooks/byo/openshift-cluster/upgrades/v3_7/README.md2
-rw-r--r--playbooks/byo/openshift-cluster/upgrades/v3_7/upgrade.yml4
-rw-r--r--playbooks/byo/openshift-cluster/upgrades/v3_7/upgrade_control_plane.yml4
-rw-r--r--playbooks/byo/openshift-cluster/upgrades/v3_7/upgrade_nodes.yml4
-rw-r--r--playbooks/byo/openshift-cluster/upgrades/v3_7/upgrade_scale_groups.yml7
-rw-r--r--playbooks/byo/openshift-cluster/upgrades/v3_8/README.md20
-rw-r--r--playbooks/byo/openshift-cluster/upgrades/v3_8/upgrade.yml5
-rw-r--r--playbooks/byo/openshift-cluster/upgrades/v3_8/upgrade_control_plane.yml14
-rw-r--r--playbooks/byo/openshift-cluster/upgrades/v3_8/upgrade_nodes.yml7
-rw-r--r--playbooks/byo/openshift-cluster/upgrades/v3_9/README.md20
-rw-r--r--playbooks/byo/openshift-cluster/upgrades/v3_9/upgrade.yml5
-rw-r--r--playbooks/byo/openshift-cluster/upgrades/v3_9/upgrade_control_plane.yml14
-rw-r--r--playbooks/byo/openshift-cluster/upgrades/v3_9/upgrade_nodes.yml7
-rw-r--r--playbooks/byo/openshift-etcd/certificates.yml8
-rw-r--r--playbooks/byo/openshift-etcd/config.yml6
-rw-r--r--playbooks/byo/openshift-etcd/embedded2external.yml6
l---------playbooks/byo/openshift-etcd/filter_plugins1
l---------playbooks/byo/openshift-etcd/lookup_plugins1
-rw-r--r--playbooks/byo/openshift-etcd/migrate.yml6
-rw-r--r--playbooks/byo/openshift-etcd/restart.yml6
-rw-r--r--playbooks/byo/openshift-etcd/scaleup.yml6
-rw-r--r--playbooks/byo/openshift-glusterfs/README.md98
-rw-r--r--playbooks/byo/openshift-glusterfs/config.yml10
l---------playbooks/byo/openshift-glusterfs/filter_plugins1
l---------playbooks/byo/openshift-glusterfs/lookup_plugins1
-rw-r--r--playbooks/byo/openshift-glusterfs/registry.yml10
-rw-r--r--playbooks/byo/openshift-loadbalancer/config.yml6
-rw-r--r--playbooks/byo/openshift-management/add_container_provider.yml6
-rw-r--r--playbooks/byo/openshift-management/config.yml6
-rw-r--r--playbooks/byo/openshift-management/uninstall.yml2
-rw-r--r--playbooks/byo/openshift-master/additional_config.yml6
-rw-r--r--playbooks/byo/openshift-master/certificates.yml6
-rw-r--r--playbooks/byo/openshift-master/config.yml6
l---------playbooks/byo/openshift-master/filter_plugins1
l---------playbooks/byo/openshift-master/lookup_plugins1
-rw-r--r--playbooks/byo/openshift-master/restart.yml6
-rw-r--r--playbooks/byo/openshift-master/scaleup.yml20
-rw-r--r--playbooks/byo/openshift-nfs/config.yml6
-rw-r--r--playbooks/byo/openshift-node/certificates.yml6
-rw-r--r--playbooks/byo/openshift-node/config.yml6
l---------playbooks/byo/openshift-node/filter_plugins1
l---------playbooks/byo/openshift-node/lookup_plugins1
-rw-r--r--playbooks/byo/openshift-node/network_manager.yml4
-rw-r--r--playbooks/byo/openshift-node/restart.yml6
-rw-r--r--playbooks/byo/openshift-node/scaleup.yml19
-rw-r--r--playbooks/byo/openshift-preflight/check.yml3
-rw-r--r--playbooks/byo/openshift_facts.yml17
-rw-r--r--playbooks/byo/rhel_subscribe.yml10
l---------playbooks/certificate_expiry1
-rw-r--r--playbooks/common/openshift-checks/install.yml47
-rw-r--r--playbooks/common/openshift-cluster/cockpit-ui.yml6
-rw-r--r--playbooks/common/openshift-cluster/config.yml41
-rw-r--r--playbooks/common/openshift-cluster/create_persistent_volumes.yml18
-rw-r--r--playbooks/common/openshift-cluster/enable_dnsmasq.yml60
-rw-r--r--playbooks/common/openshift-cluster/evaluate_groups.yml190
l---------playbooks/common/openshift-cluster/filter_plugins1
-rw-r--r--playbooks/common/openshift-cluster/initialize_facts.yml169
-rw-r--r--playbooks/common/openshift-cluster/initialize_openshift_repos.yml8
l---------playbooks/common/openshift-cluster/library1
l---------playbooks/common/openshift-cluster/lookup_plugins1
-rw-r--r--playbooks/common/openshift-cluster/openshift_hosted.yml40
-rw-r--r--playbooks/common/openshift-cluster/openshift_logging.yml33
-rw-r--r--playbooks/common/openshift-cluster/openshift_metrics.yml34
-rw-r--r--playbooks/common/openshift-cluster/openshift_prometheus.yml25
-rw-r--r--playbooks/common/openshift-cluster/redeploy-certificates/check-expiry.yml12
-rw-r--r--playbooks/common/openshift-cluster/redeploy-certificates/etcd-backup.yml19
-rw-r--r--playbooks/common/openshift-cluster/redeploy-certificates/etcd-ca.yml103
l---------playbooks/common/openshift-cluster/redeploy-certificates/filter_plugins1
l---------playbooks/common/openshift-cluster/redeploy-certificates/library1
l---------playbooks/common/openshift-cluster/redeploy-certificates/lookup_plugins1
-rw-r--r--playbooks/common/openshift-cluster/redeploy-certificates/openshift-ca.yml303
-rw-r--r--playbooks/common/openshift-cluster/redeploy-certificates/registry.yml102
l---------playbooks/common/openshift-cluster/redeploy-certificates/roles1
-rw-r--r--playbooks/common/openshift-cluster/redeploy-certificates/router.yml141
-rw-r--r--playbooks/common/openshift-cluster/service_catalog.yml29
-rw-r--r--playbooks/common/openshift-cluster/std_include.yml46
-rw-r--r--playbooks/common/openshift-cluster/tasks/set_etcd_launch_facts.yml13
-rw-r--r--playbooks/common/openshift-cluster/tasks/set_master_launch_facts.yml13
-rw-r--r--playbooks/common/openshift-cluster/tasks/set_node_launch_facts.yml15
-rw-r--r--playbooks/common/openshift-cluster/upgrades/cleanup_unused_images.yml21
-rw-r--r--playbooks/common/openshift-cluster/upgrades/disable_excluders.yml11
-rw-r--r--playbooks/common/openshift-cluster/upgrades/disable_master_excluders.yml12
-rw-r--r--playbooks/common/openshift-cluster/upgrades/disable_node_excluders.yml12
-rw-r--r--playbooks/common/openshift-cluster/upgrades/docker/docker_upgrade.yml21
-rw-r--r--playbooks/common/openshift-cluster/upgrades/docker/nuke_images.sh25
-rw-r--r--playbooks/common/openshift-cluster/upgrades/docker/tasks/restart.yml12
-rw-r--r--playbooks/common/openshift-cluster/upgrades/docker/tasks/upgrade.yml12
-rw-r--r--playbooks/common/openshift-cluster/upgrades/docker/upgrade_check.yml57
-rw-r--r--playbooks/common/openshift-cluster/upgrades/etcd/backup.yml29
l---------playbooks/common/openshift-cluster/upgrades/etcd/filter_plugins1
l---------playbooks/common/openshift-cluster/upgrades/etcd/lookup_plugins1
-rw-r--r--playbooks/common/openshift-cluster/upgrades/etcd/main.yml29
l---------playbooks/common/openshift-cluster/upgrades/etcd/roles1
-rw-r--r--playbooks/common/openshift-cluster/upgrades/etcd/upgrade.yml108
-rw-r--r--playbooks/common/openshift-cluster/upgrades/etcd/upgrade_image_members.yml18
-rw-r--r--playbooks/common/openshift-cluster/upgrades/etcd/upgrade_rpm_members.yml19
l---------playbooks/common/openshift-cluster/upgrades/filter_plugins1
-rw-r--r--playbooks/common/openshift-cluster/upgrades/init.yml11
l---------playbooks/common/openshift-cluster/upgrades/lookup_plugins1
-rw-r--r--playbooks/common/openshift-cluster/upgrades/post_control_plane.yml17
-rw-r--r--playbooks/common/openshift-cluster/upgrades/pre/config.yml77
-rw-r--r--playbooks/common/openshift-cluster/upgrades/pre/gate_checks.yml6
-rw-r--r--playbooks/common/openshift-cluster/upgrades/pre/tasks/verify_docker_upgrade_targets.yml22
-rw-r--r--playbooks/common/openshift-cluster/upgrades/pre/verify_cluster.yml99
-rw-r--r--playbooks/common/openshift-cluster/upgrades/pre/verify_control_plane_running.yml37
-rw-r--r--playbooks/common/openshift-cluster/upgrades/pre/verify_etcd3_backend.yml22
-rw-r--r--playbooks/common/openshift-cluster/upgrades/pre/verify_health_checks.yml16
-rw-r--r--playbooks/common/openshift-cluster/upgrades/pre/verify_inventory_vars.yml37
-rw-r--r--playbooks/common/openshift-cluster/upgrades/pre/verify_upgrade_targets.yml10
-rw-r--r--playbooks/common/openshift-cluster/upgrades/rpm_upgrade.yml38
-rw-r--r--playbooks/common/openshift-cluster/upgrades/upgrade_control_plane.yml165
-rw-r--r--playbooks/common/openshift-cluster/upgrades/upgrade_nodes.yml52
-rw-r--r--playbooks/common/openshift-cluster/upgrades/upgrade_scale_group.yml66
-rw-r--r--playbooks/common/openshift-cluster/upgrades/v3_3/master_config_upgrade.yml66
-rw-r--r--playbooks/common/openshift-cluster/upgrades/v3_3/node_config_upgrade.yml20
l---------playbooks/common/openshift-cluster/upgrades/v3_3/roles1
-rw-r--r--playbooks/common/openshift-cluster/upgrades/v3_3/upgrade.yml118
-rw-r--r--playbooks/common/openshift-cluster/upgrades/v3_3/upgrade_control_plane.yml118
-rw-r--r--playbooks/common/openshift-cluster/upgrades/v3_3/upgrade_nodes.yml113
-rw-r--r--playbooks/common/openshift-cluster/upgrades/v3_4/master_config_upgrade.yml10
l---------playbooks/common/openshift-cluster/upgrades/v3_4/roles1
-rw-r--r--playbooks/common/openshift-cluster/upgrades/v3_4/upgrade.yml116
-rw-r--r--playbooks/common/openshift-cluster/upgrades/v3_4/upgrade_control_plane.yml118
-rw-r--r--playbooks/common/openshift-cluster/upgrades/v3_4/upgrade_nodes.yml111
l---------playbooks/common/openshift-cluster/upgrades/v3_5/filter_plugins1
-rw-r--r--playbooks/common/openshift-cluster/upgrades/v3_5/master_config_upgrade.yml10
-rw-r--r--playbooks/common/openshift-cluster/upgrades/v3_5/upgrade.yml120
-rw-r--r--playbooks/common/openshift-cluster/upgrades/v3_5/upgrade_control_plane.yml122
-rw-r--r--playbooks/common/openshift-cluster/upgrades/v3_5/upgrade_nodes.yml111
-rw-r--r--playbooks/common/openshift-cluster/upgrades/v3_5/validator.yml67
l---------playbooks/common/openshift-cluster/upgrades/v3_6/filter_plugins1
-rw-r--r--playbooks/common/openshift-cluster/upgrades/v3_6/upgrade.yml113
-rw-r--r--playbooks/common/openshift-cluster/upgrades/v3_6/upgrade_control_plane.yml114
-rw-r--r--playbooks/common/openshift-cluster/upgrades/v3_6/upgrade_nodes.yml109
l---------playbooks/common/openshift-cluster/upgrades/v3_7/filter_plugins1
-rw-r--r--playbooks/common/openshift-cluster/upgrades/v3_7/upgrade.yml127
-rw-r--r--playbooks/common/openshift-cluster/upgrades/v3_7/upgrade_control_plane.yml128
-rw-r--r--playbooks/common/openshift-cluster/upgrades/v3_7/upgrade_nodes.yml109
-rw-r--r--playbooks/common/openshift-cluster/upgrades/v3_7/validator.yml8
-rw-r--r--playbooks/common/openshift-cluster/upgrades/v3_8/master_config_upgrade.yml (renamed from playbooks/common/openshift-cluster/upgrades/v3_7/master_config_upgrade.yml)0
l---------playbooks/common/openshift-cluster/upgrades/v3_8/roles (renamed from playbooks/common/openshift-cluster/upgrades/v3_5/roles)0
-rw-r--r--playbooks/common/openshift-cluster/upgrades/v3_8/upgrade.yml59
-rw-r--r--playbooks/common/openshift-cluster/upgrades/v3_8/upgrade_control_plane.yml64
-rw-r--r--playbooks/common/openshift-cluster/upgrades/v3_8/upgrade_nodes.yml38
-rw-r--r--playbooks/common/openshift-cluster/upgrades/v3_8/validator.yml7
-rw-r--r--playbooks/common/openshift-cluster/upgrades/v3_9/master_config_upgrade.yml20
l---------playbooks/common/openshift-cluster/upgrades/v3_9/roles1
-rw-r--r--playbooks/common/openshift-cluster/upgrades/v3_9/upgrade.yml55
-rw-r--r--playbooks/common/openshift-cluster/upgrades/v3_9/upgrade_control_plane.yml65
-rw-r--r--playbooks/common/openshift-cluster/upgrades/v3_9/upgrade_nodes.yml34
-rw-r--r--playbooks/common/openshift-cluster/upgrades/v3_9/validator.yml7
-rw-r--r--playbooks/common/openshift-cluster/validate_hostnames.yml23
-rw-r--r--playbooks/common/openshift-etcd/ca.yml15
-rw-r--r--playbooks/common/openshift-etcd/certificates.yml4
-rw-r--r--playbooks/common/openshift-etcd/config.yml36
-rw-r--r--playbooks/common/openshift-etcd/embedded2external.yml172
l---------playbooks/common/openshift-etcd/filter_plugins1
l---------playbooks/common/openshift-etcd/lookup_plugins1
-rw-r--r--playbooks/common/openshift-etcd/master_etcd_certificates.yml14
-rw-r--r--playbooks/common/openshift-etcd/migrate.yml169
-rw-r--r--playbooks/common/openshift-etcd/restart.yml27
-rw-r--r--playbooks/common/openshift-etcd/scaleup.yml83
-rw-r--r--playbooks/common/openshift-etcd/server_certificates.yml15
-rw-r--r--playbooks/common/openshift-glusterfs/config.yml56
l---------playbooks/common/openshift-glusterfs/filter_plugins1
l---------playbooks/common/openshift-glusterfs/lookup_plugins1
-rw-r--r--playbooks/common/openshift-glusterfs/registry.yml49
-rw-r--r--playbooks/common/openshift-loadbalancer/config.yml47
l---------playbooks/common/openshift-loadbalancer/filter_plugins1
l---------playbooks/common/openshift-loadbalancer/lookup_plugins1
-rw-r--r--playbooks/common/openshift-management/config.yml35
l---------playbooks/common/openshift-management/filter_plugins1
l---------playbooks/common/openshift-management/library1
-rw-r--r--playbooks/common/openshift-master/additional_config.yml46
-rw-r--r--playbooks/common/openshift-master/certificates.yml14
-rw-r--r--playbooks/common/openshift-master/config.yml242
-rw-r--r--playbooks/common/openshift-master/files/openshift-ansible-catalog-console.js2
l---------playbooks/common/openshift-master/filter_plugins1
l---------playbooks/common/openshift-master/library1
l---------playbooks/common/openshift-master/lookup_plugins1
-rw-r--r--playbooks/common/openshift-master/restart.yml19
-rw-r--r--playbooks/common/openshift-master/restart_services.yml22
-rw-r--r--playbooks/common/openshift-master/scaleup.yml56
-rw-r--r--playbooks/common/openshift-master/tasks/wire_aggregator.yml215
-rw-r--r--playbooks/common/openshift-master/validate_restart.yml65
-rw-r--r--playbooks/common/openshift-nfs/config.yml26
l---------playbooks/common/openshift-nfs/filter_plugins1
l---------playbooks/common/openshift-nfs/lookup_plugins1
-rw-r--r--playbooks/common/openshift-node/additional_config.yml64
-rw-r--r--playbooks/common/openshift-node/config.yml34
-rw-r--r--playbooks/common/openshift-node/configure_nodes.yml17
-rw-r--r--playbooks/common/openshift-node/containerized_nodes.yml19
-rw-r--r--playbooks/common/openshift-node/enable_excluders.yml8
l---------playbooks/common/openshift-node/filter_plugins1
-rw-r--r--playbooks/common/openshift-node/image_prep.yml24
l---------playbooks/common/openshift-node/lookup_plugins1
-rw-r--r--playbooks/common/openshift-node/manage_node.yml12
-rw-r--r--playbooks/common/openshift-node/network_manager.yml28
-rw-r--r--playbooks/common/openshift-node/restart.yml61
l---------playbooks/common/openshift-node/roles1
-rw-r--r--playbooks/common/openshift-node/setup.yml27
-rw-r--r--playbooks/container-runtime/config.yml6
-rw-r--r--playbooks/container-runtime/private/config.yml28
l---------playbooks/container-runtime/private/roles1
-rw-r--r--playbooks/deploy_cluster.yml46
-rw-r--r--playbooks/gcp/openshift-cluster/provision.yml19
-rw-r--r--playbooks/gcp/provision.yml13
-rw-r--r--playbooks/init/evaluate_groups.yml188
-rw-r--r--playbooks/init/facts.yml147
-rw-r--r--playbooks/init/main.yml39
-rw-r--r--playbooks/init/repos.yml16
l---------playbooks/init/roles1
-rw-r--r--playbooks/init/sanity_checks.yml (renamed from playbooks/common/openshift-cluster/sanity_checks.yml)0
-rw-r--r--playbooks/init/validate_hostnames.yml43
-rw-r--r--playbooks/init/vars/cluster_hosts.yml (renamed from playbooks/byo/openshift-cluster/cluster_hosts.yml)0
-rw-r--r--playbooks/init/version.yml (renamed from playbooks/common/openshift-cluster/initialize_openshift_version.yml)0
-rw-r--r--playbooks/openshift-checks/README.md104
-rw-r--r--playbooks/openshift-checks/adhoc.yml25
-rw-r--r--playbooks/openshift-checks/certificate_expiry/default.yaml (renamed from playbooks/byo/openshift-checks/certificate_expiry/default.yaml)0
-rw-r--r--playbooks/openshift-checks/certificate_expiry/easy-mode-upload.yaml (renamed from playbooks/byo/openshift-checks/certificate_expiry/easy-mode-upload.yaml)0
-rw-r--r--playbooks/openshift-checks/certificate_expiry/easy-mode.yaml (renamed from playbooks/byo/openshift-checks/certificate_expiry/easy-mode.yaml)0
-rw-r--r--playbooks/openshift-checks/certificate_expiry/html_and_json_default_paths.yaml (renamed from playbooks/byo/openshift-checks/certificate_expiry/html_and_json_default_paths.yaml)0
-rw-r--r--playbooks/openshift-checks/certificate_expiry/html_and_json_timestamp.yaml (renamed from playbooks/byo/openshift-checks/certificate_expiry/html_and_json_timestamp.yaml)0
-rw-r--r--playbooks/openshift-checks/certificate_expiry/longer-warning-period-json-results.yaml (renamed from playbooks/byo/openshift-checks/certificate_expiry/longer-warning-period-json-results.yaml)0
-rw-r--r--playbooks/openshift-checks/certificate_expiry/longer_warning_period.yaml (renamed from playbooks/byo/openshift-checks/certificate_expiry/longer_warning_period.yaml)0
l---------playbooks/openshift-checks/certificate_expiry/roles (renamed from playbooks/byo/openshift-checks/roles)0
-rw-r--r--playbooks/openshift-checks/health.yml4
-rw-r--r--playbooks/openshift-checks/pre-install.yml4
-rw-r--r--playbooks/openshift-checks/private/adhoc.yml (renamed from playbooks/common/openshift-checks/adhoc.yml)0
-rw-r--r--playbooks/openshift-checks/private/health.yml (renamed from playbooks/common/openshift-checks/health.yml)0
-rw-r--r--playbooks/openshift-checks/private/install.yml51
-rw-r--r--playbooks/openshift-checks/private/pre-install.yml (renamed from playbooks/common/openshift-checks/pre-install.yml)0
l---------playbooks/openshift-checks/private/roles (renamed from playbooks/byo/openshift-etcd/roles)0
l---------playbooks/openshift-checks/roles1
-rw-r--r--playbooks/openshift-etcd/certificates.yml6
-rw-r--r--playbooks/openshift-etcd/config.yml4
-rw-r--r--playbooks/openshift-etcd/embedded2external.yml4
-rw-r--r--playbooks/openshift-etcd/migrate.yml4
-rw-r--r--playbooks/openshift-etcd/private/ca.yml16
-rw-r--r--playbooks/openshift-etcd/private/certificates-backup.yml19
-rw-r--r--playbooks/openshift-etcd/private/certificates.yml4
-rw-r--r--playbooks/openshift-etcd/private/config.yml39
-rw-r--r--playbooks/openshift-etcd/private/embedded2external.yml162
-rw-r--r--playbooks/openshift-etcd/private/master_etcd_certificates.yml13
-rw-r--r--playbooks/openshift-etcd/private/migrate.yml162
-rw-r--r--playbooks/openshift-etcd/private/redeploy-ca.yml101
-rw-r--r--playbooks/openshift-etcd/private/redeploy-certificates.yml18
-rw-r--r--playbooks/openshift-etcd/private/restart.yml19
l---------playbooks/openshift-etcd/private/roles (renamed from playbooks/byo/openshift-glusterfs/roles)0
-rw-r--r--playbooks/openshift-etcd/private/scaleup.yml81
-rw-r--r--playbooks/openshift-etcd/private/server_certificates.yml14
-rw-r--r--playbooks/openshift-etcd/private/upgrade_backup.yml27
-rw-r--r--playbooks/openshift-etcd/private/upgrade_image_members.yml17
-rw-r--r--playbooks/openshift-etcd/private/upgrade_main.yml29
-rw-r--r--playbooks/openshift-etcd/private/upgrade_rpm_members.yml18
-rw-r--r--playbooks/openshift-etcd/private/upgrade_step.yml64
-rw-r--r--playbooks/openshift-etcd/redeploy-ca.yml4
-rw-r--r--playbooks/openshift-etcd/redeploy-certificates.yml10
-rw-r--r--playbooks/openshift-etcd/restart.yml4
-rw-r--r--playbooks/openshift-etcd/scaleup.yml4
-rw-r--r--playbooks/openshift-etcd/upgrade.yml4
-rw-r--r--playbooks/openshift-glusterfs/README.md101
-rw-r--r--playbooks/openshift-glusterfs/config.yml4
-rw-r--r--playbooks/openshift-glusterfs/private/config.yml60
-rw-r--r--playbooks/openshift-glusterfs/private/registry.yml20
l---------playbooks/openshift-glusterfs/private/roles (renamed from playbooks/common/openshift-etcd/roles)0
-rw-r--r--playbooks/openshift-glusterfs/registry.yml4
-rw-r--r--playbooks/openshift-hosted/config.yml4
-rw-r--r--playbooks/openshift-hosted/private/cockpit-ui.yml8
-rw-r--r--playbooks/openshift-hosted/private/config.yml41
-rw-r--r--playbooks/openshift-hosted/private/create_persistent_volumes.yml5
-rw-r--r--playbooks/openshift-hosted/private/install_docker_gc.yml (renamed from playbooks/common/openshift-cluster/install_docker_gc.yml)0
-rw-r--r--playbooks/openshift-hosted/private/openshift_default_storage_class.yml (renamed from playbooks/common/openshift-cluster/openshift_default_storage_class.yml)0
-rw-r--r--playbooks/openshift-hosted/private/openshift_hosted_create_projects.yml (renamed from playbooks/common/openshift-cluster/openshift_hosted_create_projects.yml)0
-rw-r--r--playbooks/openshift-hosted/private/openshift_hosted_registry.yml (renamed from playbooks/common/openshift-cluster/openshift_hosted_registry.yml)0
-rw-r--r--playbooks/openshift-hosted/private/openshift_hosted_router.yml (renamed from playbooks/common/openshift-cluster/openshift_hosted_router.yml)0
-rw-r--r--playbooks/openshift-hosted/private/redeploy-registry-certificates.yml100
-rw-r--r--playbooks/openshift-hosted/private/redeploy-router-certificates.yml141
l---------playbooks/openshift-hosted/private/roles (renamed from playbooks/byo/openshift-management/roles)0
-rw-r--r--playbooks/openshift-hosted/redeploy-registry-certificates.yml4
-rw-r--r--playbooks/openshift-hosted/redeploy-router-certificates.yml4
-rw-r--r--playbooks/openshift-loadbalancer/config.yml4
-rw-r--r--playbooks/openshift-loadbalancer/private/config.yml42
l---------playbooks/openshift-loadbalancer/private/roles (renamed from playbooks/byo/openshift-master/roles)0
-rw-r--r--playbooks/openshift-logging/config.yml9
-rw-r--r--playbooks/openshift-logging/private/config.yml37
l---------playbooks/openshift-logging/private/roles (renamed from playbooks/byo/openshift-node/roles)0
-rw-r--r--playbooks/openshift-management/add_container_provider.yml4
-rw-r--r--playbooks/openshift-management/add_many_container_providers.yml (renamed from playbooks/byo/openshift-management/add_many_container_providers.yml)0
-rw-r--r--playbooks/openshift-management/config.yml4
-rw-r--r--playbooks/openshift-management/private/add_container_provider.yml (renamed from playbooks/common/openshift-management/add_container_provider.yml)0
-rw-r--r--playbooks/openshift-management/private/config.yml39
l---------playbooks/openshift-management/private/roles (renamed from playbooks/common/openshift-checks/roles)0
-rw-r--r--playbooks/openshift-management/private/uninstall.yml (renamed from playbooks/common/openshift-management/uninstall.yml)0
l---------playbooks/openshift-management/roles1
-rw-r--r--playbooks/openshift-management/uninstall.yml2
-rw-r--r--playbooks/openshift-master/additional_config.yml4
-rw-r--r--playbooks/openshift-master/certificates.yml4
-rw-r--r--playbooks/openshift-master/config.yml4
-rw-r--r--playbooks/openshift-master/private/additional_config.yml50
-rw-r--r--playbooks/openshift-master/private/certificates-backup.yml (renamed from playbooks/common/openshift-cluster/redeploy-certificates/masters-backup.yml)0
-rw-r--r--playbooks/openshift-master/private/certificates.yml14
-rw-r--r--playbooks/openshift-master/private/config.yml250
-rw-r--r--playbooks/openshift-master/private/redeploy-certificates.yml6
-rw-r--r--playbooks/openshift-master/private/redeploy-openshift-ca.yml300
-rw-r--r--playbooks/openshift-master/private/restart.yml18
-rw-r--r--playbooks/openshift-master/private/revert-client-ca.yml17
l---------playbooks/openshift-master/private/roles (renamed from playbooks/common/openshift-glusterfs/roles)0
-rw-r--r--playbooks/openshift-master/private/scaleup.yml57
-rw-r--r--playbooks/openshift-master/private/set_network_facts.yml (renamed from playbooks/common/openshift-master/set_network_facts.yml)0
-rw-r--r--playbooks/openshift-master/private/tasks/restart_hosts.yml (renamed from playbooks/common/openshift-master/restart_hosts.yml)0
-rw-r--r--playbooks/openshift-master/private/tasks/restart_services.yml4
-rw-r--r--playbooks/openshift-master/private/tasks/wire_aggregator.yml214
-rw-r--r--playbooks/openshift-master/private/templates/openshift-ansible-catalog-console.js1
-rw-r--r--playbooks/openshift-master/private/validate_restart.yml62
-rw-r--r--playbooks/openshift-master/redeploy-certificates.yml6
-rw-r--r--playbooks/openshift-master/redeploy-openshift-ca.yml4
-rw-r--r--playbooks/openshift-master/restart.yml4
-rw-r--r--playbooks/openshift-master/scaleup.yml23
-rw-r--r--playbooks/openshift-metrics/config.yml4
-rw-r--r--playbooks/openshift-metrics/private/config.yml38
l---------playbooks/openshift-metrics/private/roles (renamed from playbooks/common/openshift-management/roles)0
-rw-r--r--playbooks/openshift-nfs/config.yml4
-rw-r--r--playbooks/openshift-nfs/private/config.yml29
l---------playbooks/openshift-nfs/private/roles (renamed from playbooks/common/openshift-loadbalancer/roles)0
-rw-r--r--playbooks/openshift-node/certificates.yml4
-rw-r--r--playbooks/openshift-node/config.yml4
-rw-r--r--playbooks/openshift-node/network_manager.yml4
-rw-r--r--playbooks/openshift-node/private/additional_config.yml63
-rw-r--r--playbooks/openshift-node/private/certificates-backup.yml (renamed from playbooks/common/openshift-cluster/redeploy-certificates/nodes-backup.yml)0
-rw-r--r--playbooks/openshift-node/private/certificates.yml (renamed from playbooks/common/openshift-node/certificates.yml)0
-rw-r--r--playbooks/openshift-node/private/clean_image.yml (renamed from playbooks/common/openshift-node/clean_image.yml)0
-rw-r--r--playbooks/openshift-node/private/config.yml38
-rw-r--r--playbooks/openshift-node/private/configure_nodes.yml16
-rw-r--r--playbooks/openshift-node/private/containerized_nodes.yml18
-rw-r--r--playbooks/openshift-node/private/enable_excluders.yml7
-rw-r--r--playbooks/openshift-node/private/etcd_client_config.yml (renamed from playbooks/common/openshift-node/etcd_client_config.yml)0
-rw-r--r--playbooks/openshift-node/private/image_prep.yml19
-rw-r--r--playbooks/openshift-node/private/manage_node.yml13
-rw-r--r--playbooks/openshift-node/private/network_manager.yml28
-rw-r--r--playbooks/openshift-node/private/redeploy-certificates.yml6
-rw-r--r--playbooks/openshift-node/private/restart.yml58
l---------playbooks/openshift-node/private/roles (renamed from playbooks/common/openshift-master/roles)0
-rw-r--r--playbooks/openshift-node/private/setup.yml26
-rw-r--r--playbooks/openshift-node/redeploy-certificates.yml6
-rw-r--r--playbooks/openshift-node/restart.yml4
-rw-r--r--playbooks/openshift-node/scaleup.yml21
-rw-r--r--playbooks/openshift-prometheus/config.yml4
-rw-r--r--playbooks/openshift-prometheus/private/config.yml29
l---------playbooks/openshift-prometheus/private/roles1
-rw-r--r--playbooks/openshift-provisioners/config.yml4
-rw-r--r--playbooks/openshift-provisioners/private/config.yml (renamed from playbooks/common/openshift-cluster/openshift_provisioners.yml)0
l---------playbooks/openshift-provisioners/private/roles1
-rw-r--r--playbooks/openshift-service-catalog/config.yml4
-rw-r--r--playbooks/openshift-service-catalog/private/config.yml33
l---------playbooks/openshift-service-catalog/private/roles1
-rw-r--r--playbooks/openstack/README.md235
-rw-r--r--playbooks/openstack/advanced-configuration.md641
-rw-r--r--playbooks/openstack/openshift-cluster/install.yml12
-rw-r--r--playbooks/openstack/openshift-cluster/prerequisites.yml12
-rw-r--r--playbooks/openstack/openshift-cluster/provision.yml74
-rw-r--r--playbooks/openstack/openshift-cluster/provision_install.yml9
l---------playbooks/openstack/openshift-cluster/roles (renamed from playbooks/common/openshift-nfs/roles)0
-rw-r--r--playbooks/openstack/sample-inventory/group_vars/OSEv3.yml59
-rw-r--r--playbooks/openstack/sample-inventory/group_vars/all.yml121
-rwxr-xr-xplaybooks/openstack/sample-inventory/inventory.py105
-rw-r--r--playbooks/prerequisites.yml14
-rw-r--r--playbooks/redeploy-certificates.yml26
l---------playbooks/roles1
-rw-r--r--requirements.txt3
-rw-r--r--roles/ansible_service_broker/defaults/main.yml5
-rw-r--r--roles/ansible_service_broker/meta/main.yml1
-rw-r--r--roles/ansible_service_broker/tasks/generate_certs.yml44
-rw-r--r--roles/ansible_service_broker/tasks/install.yml222
-rw-r--r--roles/ansible_service_broker/tasks/main.yml8
-rw-r--r--roles/ansible_service_broker/tasks/remove.yml32
-rw-r--r--roles/ansible_service_broker/tasks/validate_facts.yml6
-rw-r--r--roles/ansible_service_broker/vars/default_images.yml2
-rw-r--r--roles/calico/handlers/main.yml6
-rw-r--r--roles/calico/meta/main.yml1
-rw-r--r--roles/calico/tasks/main.yml1
-rw-r--r--roles/calico/templates/calico.service.j24
-rw-r--r--roles/calico_master/meta/main.yml1
-rw-r--r--roles/cockpit-ui/meta/main.yml1
-rw-r--r--roles/cockpit-ui/tasks/main.yml2
-rw-r--r--roles/cockpit/meta/main.yml2
-rw-r--r--roles/cockpit/tasks/main.yml5
-rw-r--r--roles/container_runtime/README.md44
-rw-r--r--roles/container_runtime/defaults/main.yml133
-rw-r--r--roles/container_runtime/handlers/main.yml18
-rw-r--r--roles/container_runtime/meta/main.yml14
-rw-r--r--roles/container_runtime/tasks/common/atomic_proxy.yml (renamed from roles/openshift_atomic/tasks/proxy.yml)0
-rw-r--r--roles/container_runtime/tasks/common/post.yml26
-rw-r--r--roles/container_runtime/tasks/common/pre.yml12
-rw-r--r--roles/container_runtime/tasks/common/setup_docker_symlink.yml38
-rw-r--r--roles/container_runtime/tasks/common/syscontainer_packages.yml28
-rw-r--r--roles/container_runtime/tasks/common/udev_workaround.yml (renamed from roles/docker/tasks/udev_workaround.yml)0
-rw-r--r--roles/container_runtime/tasks/crio_firewall.yml (renamed from roles/docker/tasks/crio_firewall.yml)0
-rw-r--r--roles/container_runtime/tasks/docker_sanity.yml42
-rw-r--r--roles/container_runtime/tasks/docker_upgrade_check.yml74
-rw-r--r--roles/container_runtime/tasks/main.yml2
-rw-r--r--roles/container_runtime/tasks/package_docker.yml150
-rw-r--r--roles/container_runtime/tasks/registry_auth.yml32
-rw-r--r--roles/container_runtime/tasks/systemcontainer_crio.yml96
-rw-r--r--roles/container_runtime/tasks/systemcontainer_docker.yml101
-rw-r--r--roles/container_runtime/templates/80-openshift-sdn.conf.j2 (renamed from roles/docker/templates/80-openshift-sdn.conf.j2)0
-rw-r--r--roles/container_runtime/templates/crio.conf.j2164
-rw-r--r--roles/container_runtime/templates/custom.conf.j2 (renamed from roles/docker/templates/custom.conf.j2)0
-rw-r--r--roles/container_runtime/templates/daemon.json20
-rw-r--r--roles/container_runtime/templates/overlay.conf.j2 (renamed from roles/docker/templates/overlay.conf.j2)0
-rw-r--r--roles/container_runtime/templates/registries.conf (renamed from roles/docker/templates/registries.conf)0
-rw-r--r--roles/container_runtime/templates/systemcontainercustom.conf.j2 (renamed from roles/docker/templates/systemcontainercustom.conf.j2)0
-rw-r--r--roles/container_runtime/vars/main.yml (renamed from roles/docker/vars/main.yml)0
-rw-r--r--roles/contiv/defaults/main.yml2
-rw-r--r--roles/contiv/meta/main.yml3
-rw-r--r--roles/contiv/tasks/default_network.yml13
-rw-r--r--roles/contiv/tasks/download_bins.yml2
-rw-r--r--roles/contiv/tasks/main.yml6
-rw-r--r--roles/contiv/tasks/netmaster.yml8
-rw-r--r--roles/contiv/tasks/netmaster_iptables.yml8
-rw-r--r--roles/contiv/tasks/netplugin.yml14
-rw-r--r--roles/contiv/tasks/ovs.yml2
-rw-r--r--roles/contiv/tasks/packageManagerInstall.yml2
-rw-r--r--roles/contiv/tasks/pkgMgrInstallers/centos-install.yml8
-rw-r--r--roles/contiv/templates/aci-gw.service7
-rw-r--r--roles/contiv/templates/netmaster.service5
-rw-r--r--roles/contiv/templates/netplugin.service5
-rw-r--r--roles/contiv_facts/tasks/fedora-install.yml2
-rw-r--r--roles/contiv_facts/tasks/main.yml4
-rw-r--r--roles/contiv_facts/tasks/rpm.yml9
-rw-r--r--roles/docker/README.md43
-rw-r--r--roles/docker/defaults/main.yml35
-rw-r--r--roles/docker/handlers/main.yml18
-rw-r--r--roles/docker/meta/main.yml14
-rw-r--r--roles/docker/tasks/main.yml38
-rw-r--r--roles/docker/tasks/package_docker.yml159
-rw-r--r--roles/docker/tasks/registry_auth.yml16
-rw-r--r--roles/docker/tasks/systemcontainer_crio.yml185
-rw-r--r--roles/docker/tasks/systemcontainer_docker.yml178
-rw-r--r--roles/docker/templates/crio.conf.j2159
-rw-r--r--roles/docker/templates/daemon.json20
-rw-r--r--roles/etcd/defaults/main.yaml12
-rw-r--r--roles/etcd/meta/main.yml2
-rw-r--r--roles/etcd/tasks/auxiliary/drop_etcdctl.yml2
-rw-r--r--roles/etcd/tasks/backup.archive.yml4
-rw-r--r--roles/etcd/tasks/backup.copy.yml4
-rw-r--r--roles/etcd/tasks/backup.fetch.yml4
-rw-r--r--roles/etcd/tasks/backup.force_new_cluster.yml4
-rw-r--r--roles/etcd/tasks/backup.unarchive.yml4
-rw-r--r--roles/etcd/tasks/backup.yml2
-rw-r--r--roles/etcd/tasks/backup/backup.yml4
-rw-r--r--roles/etcd/tasks/backup_ca_certificates.yml2
-rw-r--r--roles/etcd/tasks/backup_generated_certificates.yml2
-rw-r--r--roles/etcd/tasks/backup_master_etcd_certificates.yml2
-rw-r--r--roles/etcd/tasks/backup_server_certificates.yml2
-rw-r--r--roles/etcd/tasks/ca.yml2
-rw-r--r--roles/etcd/tasks/certificates/deploy_ca.yml2
-rw-r--r--roles/etcd/tasks/certificates/fetch_client_certificates_from_ca.yml2
-rw-r--r--roles/etcd/tasks/certificates/fetch_server_certificates_from_ca.yml4
-rw-r--r--roles/etcd/tasks/check_cluster_health.yml2
-rw-r--r--roles/etcd/tasks/clean_data.yml2
-rw-r--r--roles/etcd/tasks/client_certificates.yml2
-rw-r--r--roles/etcd/tasks/disable_etcd.yml2
-rw-r--r--roles/etcd/tasks/distribute_ca2
-rw-r--r--roles/etcd/tasks/distribute_ca.yml2
-rw-r--r--roles/etcd/tasks/drop_etcdctl.yml2
-rw-r--r--roles/etcd/tasks/fetch_backup.yml8
-rw-r--r--roles/etcd/tasks/main.yml25
-rw-r--r--roles/etcd/tasks/migrate.add_ttls.yml2
-rw-r--r--roles/etcd/tasks/migrate.configure_master.yml2
-rw-r--r--roles/etcd/tasks/migrate.pre_check.yml2
-rw-r--r--roles/etcd/tasks/migrate.yml2
-rw-r--r--roles/etcd/tasks/migration/add_ttls.yml6
-rw-r--r--roles/etcd/tasks/migration/check.yml8
-rw-r--r--roles/etcd/tasks/remove_ca_certificates.yml2
-rw-r--r--roles/etcd/tasks/remove_generated_certificates.yml2
-rw-r--r--roles/etcd/tasks/restart.yml21
-rw-r--r--roles/etcd/tasks/retrieve_ca_certificates.yml2
-rw-r--r--roles/etcd/tasks/server_certificates.yml4
-rw-r--r--roles/etcd/tasks/system_container.yml17
-rw-r--r--roles/etcd/tasks/upgrade/upgrade_image.yml2
-rw-r--r--roles/etcd/tasks/upgrade/upgrade_rpm.yml2
-rw-r--r--roles/etcd/tasks/upgrade_image.yml2
-rw-r--r--roles/etcd/tasks/upgrade_rpm.yml2
-rw-r--r--roles/etcd/tasks/version_detect.yml55
-rw-r--r--roles/etcd/templates/etcd.docker.service10
-rw-r--r--roles/flannel/defaults/main.yaml8
-rw-r--r--roles/flannel/handlers/main.yml8
-rw-r--r--roles/flannel/meta/main.yml3
-rw-r--r--roles/flannel/tasks/main.yml2
-rw-r--r--roles/flannel_register/defaults/main.yaml2
-rw-r--r--roles/flannel_register/meta/main.yml3
-rw-r--r--roles/installer_checkpoint/README.md65
-rw-r--r--roles/installer_checkpoint/callback_plugins/installer_checkpoint.py99
-rw-r--r--roles/kuryr/README.md5
-rw-r--r--roles/kuryr/meta/main.yml5
-rw-r--r--roles/kuryr/tasks/master.yaml4
-rw-r--r--roles/kuryr/tasks/node.yaml4
-rw-r--r--roles/kuryr/templates/configmap.yaml.j29
-rw-r--r--roles/lib_openshift/library/oc_adm_policy_user.py19
-rw-r--r--roles/lib_openshift/library/oc_adm_registry.py5
-rw-r--r--roles/lib_openshift/library/oc_adm_router.py11
-rw-r--r--roles/lib_openshift/library/oc_edit.py15
-rw-r--r--roles/lib_openshift/library/oc_service.py16
-rw-r--r--roles/lib_openshift/library/oc_storageclass.py2
-rw-r--r--roles/lib_openshift/src/ansible/oc_adm_policy_user.py1
-rw-r--r--roles/lib_openshift/src/ansible/oc_adm_router.py6
-rw-r--r--roles/lib_openshift/src/ansible/oc_edit.py15
-rw-r--r--roles/lib_openshift/src/ansible/oc_service.py1
-rw-r--r--roles/lib_openshift/src/ansible/oc_storageclass.py2
-rw-r--r--roles/lib_openshift/src/class/oc_adm_policy_user.py4
-rw-r--r--roles/lib_openshift/src/class/oc_service.py4
-rw-r--r--roles/lib_openshift/src/doc/policy_user14
-rw-r--r--roles/lib_openshift/src/doc/service6
-rw-r--r--roles/lib_openshift/src/lib/service.py5
-rwxr-xr-xroles/lib_openshift/src/test/unit/test_oc_service.py4
-rw-r--r--roles/lib_os_firewall/README.md63
-rw-r--r--roles/lib_utils/callback_plugins/aa_version_requirement.py60
-rw-r--r--roles/lib_utils/callback_plugins/openshift_quick_installer.py (renamed from callback_plugins/openshift_quick_installer.py)0
-rw-r--r--roles/lib_utils/filter_plugins/oo_filters.py621
-rw-r--r--roles/lib_utils/library/docker_creds.py207
-rw-r--r--roles/lib_utils/library/kubeclient_ca.py (renamed from library/kubeclient_ca.py)0
-rw-r--r--[-rwxr-xr-x]roles/lib_utils/library/modify_yaml.py (renamed from library/modify_yaml.py)0
-rw-r--r--roles/lib_utils/library/oo_ec2_group.py903
-rw-r--r--[-rwxr-xr-x]roles/lib_utils/library/os_firewall_manage_iptables.py (renamed from roles/lib_os_firewall/library/os_firewall_manage_iptables.py)0
-rw-r--r--roles/lib_utils/library/rpm_q.py (renamed from library/rpm_q.py)0
-rw-r--r--roles/nickhammond.logrotate/tasks/main.yml2
-rw-r--r--roles/nickhammond.logrotate/templates/logrotate.d.j22
-rw-r--r--roles/nuage_ca/meta/main.yml2
-rw-r--r--roles/nuage_ca/tasks/main.yaml2
-rw-r--r--roles/nuage_master/handlers/main.yaml15
-rw-r--r--roles/nuage_master/meta/main.yml2
-rw-r--r--roles/nuage_master/tasks/main.yaml7
-rw-r--r--roles/nuage_node/handlers/main.yaml2
-rw-r--r--roles/nuage_node/meta/main.yml2
-rw-r--r--roles/nuage_node/tasks/main.yaml7
-rw-r--r--roles/nuage_node/vars/main.yaml2
-rw-r--r--roles/openshift_atomic/README.md28
-rw-r--r--roles/openshift_atomic/meta/main.yml13
-rw-r--r--roles/openshift_aws/defaults/main.yml107
-rw-r--r--roles/openshift_aws/files/describeinstances.json15
-rw-r--r--roles/openshift_aws/files/trustpolicy.json12
-rw-r--r--roles/openshift_aws/filter_plugins/openshift_aws_filters.py48
-rw-r--r--roles/openshift_aws/meta/main.yml1
-rw-r--r--roles/openshift_aws/tasks/accept_nodes.yml39
-rw-r--r--roles/openshift_aws/tasks/build_node_group.yml42
-rw-r--r--roles/openshift_aws/tasks/elb.yml36
-rw-r--r--roles/openshift_aws/tasks/iam_role.yml34
-rw-r--r--roles/openshift_aws/tasks/launch_config.yml31
-rw-r--r--roles/openshift_aws/tasks/master_facts.yml2
-rw-r--r--roles/openshift_aws/tasks/provision.yml52
-rw-r--r--roles/openshift_aws/tasks/provision_instance.yml17
-rw-r--r--roles/openshift_aws/tasks/provision_nodes.yml53
-rw-r--r--roles/openshift_aws/tasks/remove_scale_group.yml30
-rw-r--r--roles/openshift_aws/tasks/s3.yml2
-rw-r--r--roles/openshift_aws/tasks/scale_group.yml48
-rw-r--r--roles/openshift_aws/tasks/seal_ami.yml8
-rw-r--r--roles/openshift_aws/tasks/security_group.yml30
-rw-r--r--roles/openshift_aws/tasks/setup_master_group.yml8
-rw-r--r--roles/openshift_aws/tasks/setup_scale_group_facts.yml49
-rw-r--r--roles/openshift_aws/tasks/upgrade_node_group.yml26
-rw-r--r--roles/openshift_aws/tasks/vpc_and_subnet_id.yml21
-rw-r--r--roles/openshift_aws/tasks/wait_for_groups.yml41
-rw-r--r--roles/openshift_aws/templates/user_data.j27
-rw-r--r--roles/openshift_builddefaults/meta/main.yml1
-rw-r--r--roles/openshift_builddefaults/tasks/main.yml5
-rw-r--r--roles/openshift_buildoverrides/meta/main.yml1
-rw-r--r--roles/openshift_ca/meta/main.yml2
-rw-r--r--roles/openshift_ca/tasks/main.yml47
-rw-r--r--roles/openshift_certificate_expiry/README.md48
-rw-r--r--roles/openshift_certificate_expiry/meta/main.yml3
-rw-r--r--roles/openshift_cli/defaults/main.yml10
-rw-r--r--roles/openshift_cli/library/openshift_container_binary_sync.py36
-rw-r--r--roles/openshift_cli/meta/main.yml3
-rw-r--r--roles/openshift_cli/tasks/main.yml20
-rw-r--r--roles/openshift_clock/tasks/main.yaml2
-rw-r--r--roles/openshift_cloud_provider/meta/main.yml1
-rw-r--r--roles/openshift_cloud_provider/tasks/main.yml6
-rw-r--r--roles/openshift_cloud_provider/tasks/openstack.yml4
-rw-r--r--roles/openshift_cluster_autoscaler/README.md58
-rw-r--r--roles/openshift_cluster_autoscaler/defaults/main.yml40
-rw-r--r--roles/openshift_cluster_autoscaler/files/clusterrole.yml41
-rw-r--r--roles/openshift_cluster_autoscaler/files/role.yml33
-rw-r--r--roles/openshift_cluster_autoscaler/meta/main.yml4
-rw-r--r--roles/openshift_cluster_autoscaler/tasks/aws.yml17
-rw-r--r--roles/openshift_cluster_autoscaler/tasks/main.yml72
-rw-r--r--roles/openshift_cluster_autoscaler/templates/aws-creds.j23
-rw-r--r--roles/openshift_cluster_autoscaler/templates/cluster-autoscaler.j258
-rw-r--r--roles/openshift_default_storage_class/meta/main.yml1
-rw-r--r--roles/openshift_docker/defaults/main.yml1
-rw-r--r--roles/openshift_docker/meta/main.yml16
-rw-r--r--roles/openshift_docker/tasks/main.yml1
-rw-r--r--roles/openshift_docker_facts/defaults/main.yml1
-rw-r--r--roles/openshift_docker_facts/meta/main.yml15
-rw-r--r--roles/openshift_docker_facts/tasks/main.yml39
-rw-r--r--roles/openshift_docker_facts/vars/main.yml2
-rw-r--r--roles/openshift_docker_gc/meta/main.yml1
-rw-r--r--roles/openshift_docker_gc/templates/dockergc-ds.yaml.j22
-rw-r--r--roles/openshift_etcd/meta/main.yml4
-rw-r--r--roles/openshift_etcd_client_certificates/meta/main.yml3
-rw-r--r--roles/openshift_etcd_facts/meta/main.yml1
-rw-r--r--roles/openshift_etcd_facts/tasks/main.yml4
-rw-r--r--roles/openshift_examples/defaults/main.yml8
-rwxr-xr-xroles/openshift_examples/examples-sync.sh3
l---------roles/openshift_examples/files/examples/latest2
-rw-r--r--roles/openshift_examples/files/examples/v1.5/image-streams/dotnet_imagestreams_centos.json104
-rw-r--r--roles/openshift_examples/files/examples/v3.6/image-streams/dotnet_imagestreams_centos.json104
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-streams/jboss-image-streams.json316
-rw-r--r--roles/openshift_examples/files/examples/v3.7/image-streams/dotnet_imagestreams_centos.json104
-rw-r--r--roles/openshift_examples/files/examples/v3.7/quickstart-templates/cakephp-mysql-persistent.json8
-rw-r--r--roles/openshift_examples/files/examples/v3.7/quickstart-templates/cakephp-mysql.json8
-rw-r--r--roles/openshift_examples/files/examples/v3.7/quickstart-templates/dancer-mysql-persistent.json8
-rw-r--r--roles/openshift_examples/files/examples/v3.7/quickstart-templates/dancer-mysql.json8
-rw-r--r--roles/openshift_examples/files/examples/v3.7/quickstart-templates/django-postgresql-persistent.json8
-rw-r--r--roles/openshift_examples/files/examples/v3.7/quickstart-templates/django-postgresql.json8
-rw-r--r--roles/openshift_examples/files/examples/v3.7/quickstart-templates/httpd.json8
-rw-r--r--roles/openshift_examples/files/examples/v3.7/quickstart-templates/nodejs-mongodb-persistent.json8
-rw-r--r--roles/openshift_examples/files/examples/v3.7/quickstart-templates/nodejs-mongodb.json8
-rw-r--r--roles/openshift_examples/files/examples/v3.7/quickstart-templates/rails-postgresql-persistent.json14
-rw-r--r--roles/openshift_examples/files/examples/v3.7/quickstart-templates/rails-postgresql.json14
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-streams/jboss-image-streams.json986
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/amq62-basic.json24
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/amq62-persistent-ssl.json32
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/amq62-persistent.json26
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/amq62-ssl.json24
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/amq63-basic.json24
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/amq63-persistent-ssl.json31
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/amq63-persistent.json31
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/amq63-ssl.json29
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/datagrid65-basic.json13
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/datagrid65-https.json17
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/datagrid65-mysql-persistent.json22
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/datagrid65-mysql.json17
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/datagrid65-postgresql-persistent.json21
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/datagrid65-postgresql.json17
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/datagrid71-basic.json62
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/datagrid71-https.json66
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/datagrid71-mysql-persistent.json66
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/datagrid71-mysql.json66
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/datagrid71-partition.json501
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/datagrid71-postgresql-persistent.json66
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/datagrid71-postgresql.json66
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/datavirt63-basic-s2i.json27
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/datavirt63-extensions-support-s2i.json42
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/datavirt63-secure-s2i.json42
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/decisionserver62-amq-s2i.json716
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/decisionserver62-basic-s2i.json355
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/decisionserver62-https-s2i.json496
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/decisionserver63-amq-s2i.json748
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/decisionserver63-basic-s2i.json376
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/decisionserver63-https-s2i.json517
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/decisionserver64-amq-s2i.json20
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/decisionserver64-basic-s2i.json8
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/decisionserver64-https-s2i.json17
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap64-amq-persistent-s2i.json20
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap64-amq-s2i.json20
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap64-basic-s2i.json18
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap64-https-s2i.json18
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap64-mongodb-persistent-s2i.json18
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap64-mongodb-s2i.json18
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap64-mysql-persistent-s2i.json18
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap64-mysql-s2i.json18
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap64-postgresql-persistent-s2i.json18
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap64-postgresql-s2i.json18
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap64-sso-s2i.json18
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap64-third-party-db-s2i.json20
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap70-amq-persistent-s2i.json20
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap70-amq-s2i.json20
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap70-basic-s2i.json29
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap70-https-s2i.json29
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap70-mongodb-persistent-s2i.json29
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap70-mongodb-s2i.json29
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap70-mysql-persistent-s2i.json29
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap70-mysql-s2i.json29
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap70-postgresql-persistent-s2i.json29
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap70-postgresql-s2i.json29
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap70-sso-s2i.json61
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap70-third-party-db-s2i.json31
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap71-amq-persistent-s2i.json20
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap71-amq-s2i.json20
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap71-basic-s2i.json29
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap71-https-s2i.json29
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap71-mongodb-persistent-s2i.json29
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap71-mongodb-s2i.json29
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap71-mysql-persistent-s2i.json29
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap71-mysql-s2i.json29
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap71-postgresql-persistent-s2i.json29
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap71-postgresql-s2i.json29
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap71-sso-s2i.json29
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap71-third-party-db-s2i.json31
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws30-tomcat7-basic-s2i.json319
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws30-tomcat7-https-s2i.json438
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws30-tomcat7-mongodb-persistent-s2i.json715
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws30-tomcat7-mongodb-s2i.json674
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws30-tomcat7-mysql-persistent-s2i.json718
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws30-tomcat7-mysql-s2i.json677
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws30-tomcat7-postgresql-persistent-s2i.json692
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws30-tomcat7-postgresql-s2i.json651
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws30-tomcat8-basic-s2i.json319
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws30-tomcat8-https-s2i.json438
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws30-tomcat8-mongodb-persistent-s2i.json715
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws30-tomcat8-mongodb-s2i.json674
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws30-tomcat8-mysql-persistent-s2i.json718
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws30-tomcat8-mysql-s2i.json677
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws30-tomcat8-postgresql-persistent-s2i.json692
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws30-tomcat8-postgresql-s2i.json649
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws31-tomcat7-basic-s2i.json15
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws31-tomcat7-https-s2i.json21
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws31-tomcat7-mongodb-persistent-s2i.json20
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws31-tomcat7-mongodb-s2i.json15
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws31-tomcat7-mysql-persistent-s2i.json21
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws31-tomcat7-mysql-s2i.json15
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws31-tomcat7-postgresql-persistent-s2i.json20
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws31-tomcat7-postgresql-s2i.json15
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws31-tomcat8-basic-s2i.json20
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws31-tomcat8-https-s2i.json21
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws31-tomcat8-mongodb-persistent-s2i.json21
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws31-tomcat8-mongodb-s2i.json15
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws31-tomcat8-mysql-persistent-s2i.json20
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws31-tomcat8-mysql-s2i.json15
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws31-tomcat8-postgresql-persistent-s2i.json15
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws31-tomcat8-postgresql-s2i.json15
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/openjdk18-web-basic-s2i.json18
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver63-amq-mysql-persistent-s2i.json1156
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver63-amq-mysql-s2i.json1034
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver63-amq-postgresql-persistent-s2i.json1126
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver63-amq-postgresql-s2i.json1004
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver63-basic-s2i.json383
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver63-mysql-persistent-s2i.json860
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver63-mysql-s2i.json783
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver63-postgresql-persistent-s2i.json830
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver63-postgresql-s2i.json753
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver64-amq-mysql-persistent-s2i.json20
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver64-amq-mysql-s2i.json20
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver64-amq-postgresql-persistent-s2i.json20
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver64-amq-postgresql-s2i.json19
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver64-basic-s2i.json18
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver64-mysql-persistent-s2i.json17
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver64-mysql-s2i.json18
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver64-postgresql-persistent-s2i.json18
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver64-postgresql-s2i.json18
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/sso70-https.json544
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/sso70-mysql-persistent.json799
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/sso70-mysql.json767
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/sso70-postgresql-persistent.json773
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/sso70-postgresql.json741
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/sso71-https.json21
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/sso71-mysql-persistent.json21
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/sso71-mysql.json21
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/sso71-postgresql-persistent.json21
-rw-r--r--roles/openshift_examples/files/examples/v3.7/xpaas-templates/sso71-postgresql.json21
-rw-r--r--roles/openshift_examples/files/examples/v3.8/cfme-templates/cfme-pv-db-example.yaml13
-rw-r--r--roles/openshift_examples/files/examples/v3.8/cfme-templates/cfme-pv-region-example.yaml13
-rw-r--r--roles/openshift_examples/files/examples/v3.8/cfme-templates/cfme-pv-server-example.yaml13
-rw-r--r--roles/openshift_examples/files/examples/v3.8/cfme-templates/cfme-template.yaml545
-rw-r--r--roles/openshift_examples/files/examples/v3.8/cfme-templates/jboss-middleware-manager-pv-example.yaml58
-rw-r--r--roles/openshift_examples/files/examples/v3.8/cfme-templates/jboss-middleware-manager-template.yaml254
-rw-r--r--roles/openshift_examples/files/examples/v3.8/db-templates/OWNERS12
-rw-r--r--roles/openshift_examples/files/examples/v3.8/db-templates/README.md76
-rw-r--r--roles/openshift_examples/files/examples/v3.8/db-templates/mariadb-ephemeral-template.json247
-rw-r--r--roles/openshift_examples/files/examples/v3.8/db-templates/mariadb-persistent-template.json271
-rw-r--r--roles/openshift_examples/files/examples/v3.8/db-templates/mongodb-ephemeral-template.json272
-rw-r--r--roles/openshift_examples/files/examples/v3.8/db-templates/mongodb-persistent-template.json296
-rw-r--r--roles/openshift_examples/files/examples/v3.8/db-templates/mysql-ephemeral-template.json273
-rw-r--r--roles/openshift_examples/files/examples/v3.8/db-templates/mysql-persistent-template.json278
-rw-r--r--roles/openshift_examples/files/examples/v3.8/db-templates/postgresql-ephemeral-template.json253
-rw-r--r--roles/openshift_examples/files/examples/v3.8/db-templates/postgresql-persistent-template.json277
-rw-r--r--roles/openshift_examples/files/examples/v3.8/db-templates/redis-ephemeral-template.json216
-rw-r--r--roles/openshift_examples/files/examples/v3.8/db-templates/redis-persistent-template.json240
-rw-r--r--roles/openshift_examples/files/examples/v3.8/image-streams/OWNERS14
-rw-r--r--roles/openshift_examples/files/examples/v3.8/image-streams/dotnet_imagestreams.json140
-rw-r--r--roles/openshift_examples/files/examples/v3.8/image-streams/dotnet_imagestreams_centos.json104
-rw-r--r--roles/openshift_examples/files/examples/v3.8/image-streams/image-streams-centos7.json971
-rw-r--r--roles/openshift_examples/files/examples/v3.8/image-streams/image-streams-rhel7.json873
-rw-r--r--roles/openshift_examples/files/examples/v3.8/quickstart-templates/OWNERS12
-rw-r--r--roles/openshift_examples/files/examples/v3.8/quickstart-templates/README.md28
-rw-r--r--roles/openshift_examples/files/examples/v3.8/quickstart-templates/amp.yml1261
-rw-r--r--roles/openshift_examples/files/examples/v3.8/quickstart-templates/apicast-gateway-template.yml0
-rw-r--r--roles/openshift_examples/files/examples/v3.8/quickstart-templates/apicast.yml157
-rw-r--r--roles/openshift_examples/files/examples/v3.8/quickstart-templates/cakephp-mysql-persistent.json587
-rw-r--r--roles/openshift_examples/files/examples/v3.8/quickstart-templates/cakephp-mysql.json561
-rw-r--r--roles/openshift_examples/files/examples/v3.8/quickstart-templates/dancer-mysql-persistent.json531
-rw-r--r--roles/openshift_examples/files/examples/v3.8/quickstart-templates/dancer-mysql.json505
-rw-r--r--roles/openshift_examples/files/examples/v3.8/quickstart-templates/django-postgresql-persistent.json541
-rw-r--r--roles/openshift_examples/files/examples/v3.8/quickstart-templates/django-postgresql.json515
-rw-r--r--roles/openshift_examples/files/examples/v3.8/quickstart-templates/dotnet-example.json333
-rw-r--r--roles/openshift_examples/files/examples/v3.8/quickstart-templates/dotnet-pgsql-persistent.json565
-rw-r--r--roles/openshift_examples/files/examples/v3.8/quickstart-templates/dotnet-runtime-example.json412
-rw-r--r--roles/openshift_examples/files/examples/v3.8/quickstart-templates/httpd.json275
-rw-r--r--roles/openshift_examples/files/examples/v3.8/quickstart-templates/jenkins-ephemeral-template.json287
-rw-r--r--roles/openshift_examples/files/examples/v3.8/quickstart-templates/jenkins-persistent-template.json311
-rw-r--r--roles/openshift_examples/files/examples/v3.8/quickstart-templates/nodejs-mongodb-persistent.json550
-rw-r--r--roles/openshift_examples/files/examples/v3.8/quickstart-templates/nodejs-mongodb.json526
-rw-r--r--roles/openshift_examples/files/examples/v3.8/quickstart-templates/pvc.yml49
-rw-r--r--roles/openshift_examples/files/examples/v3.8/quickstart-templates/rails-postgresql-persistent.json607
-rw-r--r--roles/openshift_examples/files/examples/v3.8/quickstart-templates/rails-postgresql.json581
-rw-r--r--roles/openshift_examples/files/examples/v3.8/quickstart-templates/wildcard.yml158
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-streams/fis-image-streams.json76
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-streams/jboss-image-streams.json1480
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/amq62-basic.json346
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/amq62-persistent-ssl.json693
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/amq62-persistent.json506
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/amq62-ssl.json533
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/amq63-basic.json346
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/amq63-persistent-ssl.json692
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/amq63-persistent.json509
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/amq63-ssl.json536
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/datagrid65-basic.json373
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/datagrid65-https.json555
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/datagrid65-mysql-persistent.json860
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/datagrid65-mysql.json816
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/datagrid65-postgresql-persistent.json833
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/datagrid65-postgresql.json788
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/datagrid71-basic.json420
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/datagrid71-https.json602
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/datagrid71-mysql-persistent.json904
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/datagrid71-mysql.json863
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/datagrid71-partition.json501
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/datagrid71-postgresql-persistent.json876
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/datagrid71-postgresql.json835
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/datavirt63-basic-s2i.json491
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/datavirt63-extensions-support-s2i.json844
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/datavirt63-secure-s2i.json964
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/decisionserver64-amq-s2i.json752
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/decisionserver64-basic-s2i.json376
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/decisionserver64-https-s2i.json522
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap64-amq-persistent-s2i.json876
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap64-amq-s2i.json821
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap64-basic-s2i.json382
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap64-https-s2i.json578
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap64-mongodb-persistent-s2i.json855
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap64-mongodb-s2i.json814
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap64-mysql-persistent-s2i.json867
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap64-mysql-s2i.json826
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap64-postgresql-persistent-s2i.json841
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap64-postgresql-s2i.json800
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap64-sso-s2i.json816
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap64-third-party-db-s2i.json650
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap70-amq-persistent-s2i.json876
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap70-amq-s2i.json821
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap70-basic-s2i.json382
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap70-https-s2i.json578
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap70-mongodb-persistent-s2i.json855
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap70-mongodb-s2i.json814
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap70-mysql-persistent-s2i.json871
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap70-mysql-s2i.json830
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap70-postgresql-persistent-s2i.json845
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap70-postgresql-s2i.json804
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap70-sso-s2i.json816
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap70-third-party-db-s2i.json650
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap71-amq-persistent-s2i.json876
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap71-amq-s2i.json821
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap71-basic-s2i.json382
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap71-https-s2i.json578
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap71-mongodb-persistent-s2i.json855
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap71-mongodb-s2i.json814
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap71-mysql-persistent-s2i.json871
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap71-mysql-s2i.json830
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap71-postgresql-persistent-s2i.json845
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap71-postgresql-s2i.json804
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap71-sso-s2i.json816
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap71-third-party-db-s2i.json650
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/jws31-tomcat7-basic-s2i.json320
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/jws31-tomcat7-https-s2i.json443
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/jws31-tomcat7-mongodb-persistent-s2i.json719
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/jws31-tomcat7-mongodb-s2i.json675
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/jws31-tomcat7-mysql-persistent-s2i.json723
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/jws31-tomcat7-mysql-s2i.json678
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/jws31-tomcat7-postgresql-persistent-s2i.json696
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/jws31-tomcat7-postgresql-s2i.json652
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/jws31-tomcat8-basic-s2i.json323
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/jws31-tomcat8-https-s2i.json443
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/jws31-tomcat8-mongodb-persistent-s2i.json720
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/jws31-tomcat8-mongodb-s2i.json675
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/jws31-tomcat8-mysql-persistent-s2i.json722
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/jws31-tomcat8-mysql-s2i.json678
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/jws31-tomcat8-postgresql-persistent-s2i.json693
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/jws31-tomcat8-postgresql-s2i.json650
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/karaf2-camel-amq-template.json362
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/karaf2-camel-log-template.json336
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/karaf2-camel-rest-sql-template.json421
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/karaf2-cxf-rest-template.json385
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/openjdk18-web-basic-s2i.json272
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/processserver64-amq-mysql-persistent-s2i.json1160
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/processserver64-amq-mysql-s2i.json1038
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/processserver64-amq-postgresql-persistent-s2i.json1130
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/processserver64-amq-postgresql-s2i.json1009
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/processserver64-basic-s2i.json387
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/processserver64-mysql-persistent-s2i.json865
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/processserver64-mysql-s2i.json787
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/processserver64-postgresql-persistent-s2i.json834
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/processserver64-postgresql-s2i.json757
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/spring-boot-camel-amq-template.json331
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/spring-boot-camel-config-template.json327
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/spring-boot-camel-drools-template.json334
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/spring-boot-camel-infinispan-template.json315
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/spring-boot-camel-rest-sql-template.json403
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/spring-boot-camel-teiid-template.json343
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/spring-boot-camel-template.json305
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/spring-boot-camel-xml-template.json305
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/spring-boot-cxf-jaxrs-template.json364
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/spring-boot-cxf-jaxws-template.json364
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/sso71-https.json549
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/sso71-mysql-persistent.json804
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/sso71-mysql.json772
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/sso71-postgresql-persistent.json778
-rw-r--r--roles/openshift_examples/files/examples/v3.8/xpaas-templates/sso71-postgresql.json746
-rw-r--r--roles/openshift_examples/files/examples/v3.9/cfme-templates/cfme-pv-db-example.yaml13
-rw-r--r--roles/openshift_examples/files/examples/v3.9/cfme-templates/cfme-pv-region-example.yaml13
-rw-r--r--roles/openshift_examples/files/examples/v3.9/cfme-templates/cfme-pv-server-example.yaml13
-rw-r--r--roles/openshift_examples/files/examples/v3.9/cfme-templates/cfme-template.yaml545
-rw-r--r--roles/openshift_examples/files/examples/v3.9/cfme-templates/jboss-middleware-manager-pv-example.yaml58
-rw-r--r--roles/openshift_examples/files/examples/v3.9/cfme-templates/jboss-middleware-manager-template.yaml254
-rw-r--r--roles/openshift_examples/files/examples/v3.9/db-templates/OWNERS12
-rw-r--r--roles/openshift_examples/files/examples/v3.9/db-templates/README.md76
-rw-r--r--roles/openshift_examples/files/examples/v3.9/db-templates/mariadb-ephemeral-template.json247
-rw-r--r--roles/openshift_examples/files/examples/v3.9/db-templates/mariadb-persistent-template.json271
-rw-r--r--roles/openshift_examples/files/examples/v3.9/db-templates/mongodb-ephemeral-template.json272
-rw-r--r--roles/openshift_examples/files/examples/v3.9/db-templates/mongodb-persistent-template.json296
-rw-r--r--roles/openshift_examples/files/examples/v3.9/db-templates/mysql-ephemeral-template.json273
-rw-r--r--roles/openshift_examples/files/examples/v3.9/db-templates/mysql-persistent-template.json278
-rw-r--r--roles/openshift_examples/files/examples/v3.9/db-templates/postgresql-ephemeral-template.json253
-rw-r--r--roles/openshift_examples/files/examples/v3.9/db-templates/postgresql-persistent-template.json277
-rw-r--r--roles/openshift_examples/files/examples/v3.9/db-templates/redis-ephemeral-template.json216
-rw-r--r--roles/openshift_examples/files/examples/v3.9/db-templates/redis-persistent-template.json240
-rw-r--r--roles/openshift_examples/files/examples/v3.9/image-streams/OWNERS14
-rw-r--r--roles/openshift_examples/files/examples/v3.9/image-streams/dotnet_imagestreams.json140
-rw-r--r--roles/openshift_examples/files/examples/v3.9/image-streams/dotnet_imagestreams_centos.json104
-rw-r--r--roles/openshift_examples/files/examples/v3.9/image-streams/image-streams-centos7.json954
-rw-r--r--roles/openshift_examples/files/examples/v3.9/image-streams/image-streams-rhel7.json856
-rw-r--r--roles/openshift_examples/files/examples/v3.9/quickstart-templates/OWNERS12
-rw-r--r--roles/openshift_examples/files/examples/v3.9/quickstart-templates/README.md28
-rw-r--r--roles/openshift_examples/files/examples/v3.9/quickstart-templates/amp.yml1261
-rw-r--r--roles/openshift_examples/files/examples/v3.9/quickstart-templates/apicast-gateway-template.yml0
-rw-r--r--roles/openshift_examples/files/examples/v3.9/quickstart-templates/apicast.yml157
-rw-r--r--roles/openshift_examples/files/examples/v3.9/quickstart-templates/cakephp-mysql-persistent.json586
-rw-r--r--roles/openshift_examples/files/examples/v3.9/quickstart-templates/cakephp-mysql.json560
-rw-r--r--roles/openshift_examples/files/examples/v3.9/quickstart-templates/dancer-mysql-persistent.json530
-rw-r--r--roles/openshift_examples/files/examples/v3.9/quickstart-templates/dancer-mysql.json504
-rw-r--r--roles/openshift_examples/files/examples/v3.9/quickstart-templates/django-postgresql-persistent.json540
-rw-r--r--roles/openshift_examples/files/examples/v3.9/quickstart-templates/django-postgresql.json514
-rw-r--r--roles/openshift_examples/files/examples/v3.9/quickstart-templates/dotnet-example.json333
-rw-r--r--roles/openshift_examples/files/examples/v3.9/quickstart-templates/dotnet-pgsql-persistent.json565
-rw-r--r--roles/openshift_examples/files/examples/v3.9/quickstart-templates/dotnet-runtime-example.json412
-rw-r--r--roles/openshift_examples/files/examples/v3.9/quickstart-templates/httpd.json274
-rw-r--r--roles/openshift_examples/files/examples/v3.9/quickstart-templates/jenkins-ephemeral-template.json284
-rw-r--r--roles/openshift_examples/files/examples/v3.9/quickstart-templates/jenkins-persistent-template.json308
-rw-r--r--roles/openshift_examples/files/examples/v3.9/quickstart-templates/nodejs-mongodb-persistent.json549
-rw-r--r--roles/openshift_examples/files/examples/v3.9/quickstart-templates/nodejs-mongodb.json525
-rw-r--r--roles/openshift_examples/files/examples/v3.9/quickstart-templates/pvc.yml49
-rw-r--r--roles/openshift_examples/files/examples/v3.9/quickstart-templates/rails-postgresql-persistent.json606
-rw-r--r--roles/openshift_examples/files/examples/v3.9/quickstart-templates/rails-postgresql.json580
-rw-r--r--roles/openshift_examples/files/examples/v3.9/quickstart-templates/wildcard.yml158
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-streams/fis-image-streams.json76
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-streams/jboss-image-streams.json1480
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/amq62-basic.json346
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/amq62-persistent-ssl.json693
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/amq62-persistent.json506
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/amq62-ssl.json533
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/amq63-basic.json346
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/amq63-persistent-ssl.json692
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/amq63-persistent.json509
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/amq63-ssl.json536
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/datagrid65-basic.json373
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/datagrid65-https.json555
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/datagrid65-mysql-persistent.json860
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/datagrid65-mysql.json816
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/datagrid65-postgresql-persistent.json833
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/datagrid65-postgresql.json788
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/datagrid71-basic.json420
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/datagrid71-https.json602
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/datagrid71-mysql-persistent.json904
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/datagrid71-mysql.json863
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/datagrid71-partition.json501
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/datagrid71-postgresql-persistent.json876
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/datagrid71-postgresql.json835
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/datavirt63-basic-s2i.json491
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/datavirt63-extensions-support-s2i.json844
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/datavirt63-secure-s2i.json964
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/decisionserver64-amq-s2i.json752
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/decisionserver64-basic-s2i.json376
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/decisionserver64-https-s2i.json522
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap64-amq-persistent-s2i.json876
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap64-amq-s2i.json821
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap64-basic-s2i.json382
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap64-https-s2i.json578
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap64-mongodb-persistent-s2i.json855
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap64-mongodb-s2i.json814
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap64-mysql-persistent-s2i.json867
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap64-mysql-s2i.json826
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap64-postgresql-persistent-s2i.json841
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap64-postgresql-s2i.json800
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap64-sso-s2i.json816
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap64-third-party-db-s2i.json650
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap70-amq-persistent-s2i.json876
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap70-amq-s2i.json821
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap70-basic-s2i.json382
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap70-https-s2i.json578
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap70-mongodb-persistent-s2i.json855
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap70-mongodb-s2i.json814
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap70-mysql-persistent-s2i.json871
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap70-mysql-s2i.json830
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap70-postgresql-persistent-s2i.json845
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap70-postgresql-s2i.json804
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap70-sso-s2i.json816
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap70-third-party-db-s2i.json650
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap71-amq-persistent-s2i.json876
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap71-amq-s2i.json821
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap71-basic-s2i.json382
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap71-https-s2i.json578
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap71-mongodb-persistent-s2i.json855
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap71-mongodb-s2i.json814
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap71-mysql-persistent-s2i.json871
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap71-mysql-s2i.json830
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap71-postgresql-persistent-s2i.json845
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap71-postgresql-s2i.json804
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap71-sso-s2i.json816
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap71-third-party-db-s2i.json650
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/jws31-tomcat7-basic-s2i.json320
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/jws31-tomcat7-https-s2i.json443
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/jws31-tomcat7-mongodb-persistent-s2i.json719
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/jws31-tomcat7-mongodb-s2i.json675
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/jws31-tomcat7-mysql-persistent-s2i.json723
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/jws31-tomcat7-mysql-s2i.json678
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/jws31-tomcat7-postgresql-persistent-s2i.json696
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/jws31-tomcat7-postgresql-s2i.json652
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/jws31-tomcat8-basic-s2i.json323
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/jws31-tomcat8-https-s2i.json443
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/jws31-tomcat8-mongodb-persistent-s2i.json720
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/jws31-tomcat8-mongodb-s2i.json675
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/jws31-tomcat8-mysql-persistent-s2i.json722
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/jws31-tomcat8-mysql-s2i.json678
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/jws31-tomcat8-postgresql-persistent-s2i.json693
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/jws31-tomcat8-postgresql-s2i.json650
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/karaf2-camel-amq-template.json362
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/karaf2-camel-log-template.json336
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/karaf2-camel-rest-sql-template.json421
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/karaf2-cxf-rest-template.json385
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/openjdk18-web-basic-s2i.json272
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/processserver64-amq-mysql-persistent-s2i.json1160
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/processserver64-amq-mysql-s2i.json1038
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/processserver64-amq-postgresql-persistent-s2i.json1130
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/processserver64-amq-postgresql-s2i.json1009
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/processserver64-basic-s2i.json387
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/processserver64-mysql-persistent-s2i.json865
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/processserver64-mysql-s2i.json787
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/processserver64-postgresql-persistent-s2i.json834
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/processserver64-postgresql-s2i.json757
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/spring-boot-camel-amq-template.json331
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/spring-boot-camel-config-template.json327
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/spring-boot-camel-drools-template.json334
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/spring-boot-camel-infinispan-template.json315
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/spring-boot-camel-rest-sql-template.json403
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/spring-boot-camel-teiid-template.json343
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/spring-boot-camel-template.json305
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/spring-boot-camel-xml-template.json305
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/spring-boot-cxf-jaxrs-template.json364
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/spring-boot-cxf-jaxws-template.json364
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/sso71-https.json549
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/sso71-mysql-persistent.json804
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/sso71-mysql.json772
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/sso71-postgresql-persistent.json778
-rw-r--r--roles/openshift_examples/files/examples/v3.9/xpaas-templates/sso71-postgresql.json746
-rw-r--r--roles/openshift_examples/meta/main.yml3
-rw-r--r--roles/openshift_examples/tasks/main.yml4
-rw-r--r--roles/openshift_excluder/README.md5
-rw-r--r--roles/openshift_excluder/defaults/main.yml2
-rw-r--r--roles/openshift_excluder/meta/main.yml1
-rw-r--r--roles/openshift_excluder/tasks/disable.yml10
-rw-r--r--roles/openshift_excluder/tasks/enable.yml4
-rw-r--r--roles/openshift_excluder/tasks/install.yml16
-rw-r--r--roles/openshift_excluder/tasks/main.yml7
-rw-r--r--roles/openshift_excluder/tasks/verify_excluder.yml2
-rw-r--r--roles/openshift_excluder/tasks/verify_upgrade.yml4
-rw-r--r--roles/openshift_expand_partition/tasks/main.yml2
-rw-r--r--roles/openshift_facts/defaults/main.yml101
-rwxr-xr-xroles/openshift_facts/library/openshift_facts.py838
-rw-r--r--roles/openshift_health_checker/HOWTO_CHECKS.md2
-rw-r--r--roles/openshift_health_checker/defaults/main.yml6
-rw-r--r--roles/openshift_health_checker/meta/main.yml1
-rw-r--r--roles/openshift_health_checker/openshift_checks/docker_image_availability.py36
-rw-r--r--roles/openshift_health_checker/openshift_checks/ovs_version.py3
-rw-r--r--roles/openshift_health_checker/openshift_checks/package_availability.py4
-rw-r--r--roles/openshift_health_checker/openshift_checks/package_version.py7
-rw-r--r--roles/openshift_health_checker/test/docker_image_availability_test.py48
-rw-r--r--roles/openshift_health_checker/test/etcd_traffic_test.py5
-rw-r--r--roles/openshift_health_checker/test/ovs_version_test.py12
-rw-r--r--roles/openshift_health_checker/test/package_availability_test.py8
-rw-r--r--roles/openshift_health_checker/test/package_version_test.py7
-rw-r--r--roles/openshift_hosted/README.md24
-rw-r--r--roles/openshift_hosted/defaults/main.yml13
-rw-r--r--roles/openshift_hosted/filter_plugins/openshift_hosted_filters.py2
-rw-r--r--roles/openshift_hosted/meta/main.yml4
-rw-r--r--roles/openshift_hosted/tasks/registry.yml58
-rw-r--r--roles/openshift_hosted/tasks/router.yml31
-rw-r--r--roles/openshift_hosted/tasks/secure.yml16
-rw-r--r--roles/openshift_hosted/tasks/storage/glusterfs.yml23
-rw-r--r--roles/openshift_hosted/tasks/storage/glusterfs_endpoints.yml16
-rw-r--r--roles/openshift_hosted/tasks/storage/object_storage.yml4
-rw-r--r--roles/openshift_hosted/tasks/storage/s3.yml4
-rw-r--r--roles/openshift_hosted/templates/v3.6/glusterfs-registry-endpoints.yml.j212
-rw-r--r--roles/openshift_hosted/templates/v3.6/glusterfs-registry-service.yml.j210
-rw-r--r--roles/openshift_hosted/templates/v3.7/glusterfs-registry-endpoints.yml.j212
-rw-r--r--roles/openshift_hosted/templates/v3.7/glusterfs-registry-service.yml.j210
-rw-r--r--roles/openshift_hosted/templates/v3.8/glusterfs-registry-endpoints.yml.j212
-rw-r--r--roles/openshift_hosted/templates/v3.8/glusterfs-registry-service.yml.j210
-rw-r--r--roles/openshift_hosted/templates/v3.9/glusterfs-registry-endpoints.yml.j212
-rw-r--r--roles/openshift_hosted/templates/v3.9/glusterfs-registry-service.yml.j210
-rw-r--r--roles/openshift_hosted_facts/meta/main.yml15
-rw-r--r--roles/openshift_hosted_facts/tasks/main.yml19
-rw-r--r--roles/openshift_hosted_metrics/README.md54
-rw-r--r--roles/openshift_hosted_metrics/defaults/main.yml2
-rw-r--r--roles/openshift_hosted_metrics/handlers/main.yml30
-rw-r--r--roles/openshift_hosted_metrics/meta/main.yaml18
-rw-r--r--roles/openshift_hosted_metrics/tasks/install.yml132
-rw-r--r--roles/openshift_hosted_metrics/tasks/main.yaml75
-rw-r--r--roles/openshift_hosted_metrics/vars/main.yaml21
-rw-r--r--roles/openshift_hosted_templates/files/v3.6/enterprise/registry-console.yaml9
-rw-r--r--roles/openshift_hosted_templates/files/v3.6/origin/registry-console.yaml13
-rw-r--r--roles/openshift_hosted_templates/files/v3.7/enterprise/registry-console.yaml9
-rw-r--r--roles/openshift_hosted_templates/files/v3.7/origin/registry-console.yaml13
-rw-r--r--roles/openshift_hosted_templates/files/v3.8/enterprise/registry-console.yaml127
-rw-r--r--roles/openshift_hosted_templates/files/v3.8/origin/registry-console.yaml127
-rw-r--r--roles/openshift_hosted_templates/files/v3.9/enterprise/registry-console.yaml127
-rw-r--r--roles/openshift_hosted_templates/files/v3.9/origin/registry-console.yaml127
-rw-r--r--roles/openshift_hosted_templates/meta/main.yml3
-rw-r--r--roles/openshift_loadbalancer/defaults/main.yml8
-rw-r--r--roles/openshift_loadbalancer/meta/main.yml2
-rw-r--r--roles/openshift_loadbalancer/tasks/main.yml9
-rw-r--r--roles/openshift_loadbalancer/templates/haproxy.docker.service.j210
-rw-r--r--roles/openshift_logging/README.md1
-rw-r--r--roles/openshift_logging/defaults/main.yml12
-rw-r--r--roles/openshift_logging/handlers/main.yml17
-rw-r--r--roles/openshift_logging/meta/main.yaml1
-rw-r--r--roles/openshift_logging/tasks/annotate_ops_projects.yaml19
-rw-r--r--roles/openshift_logging/tasks/delete_logging.yaml18
-rw-r--r--roles/openshift_logging/tasks/generate_certs.yaml22
-rw-r--r--roles/openshift_logging/tasks/generate_jks.yaml6
-rw-r--r--roles/openshift_logging/tasks/install_logging.yaml12
-rw-r--r--roles/openshift_logging/tasks/main.yaml16
-rw-r--r--roles/openshift_logging/vars/default_images.yml3
-rw-r--r--roles/openshift_logging/vars/openshift-enterprise.yml3
-rw-r--r--roles/openshift_logging_curator/defaults/main.yml2
-rw-r--r--roles/openshift_logging_curator/meta/main.yaml2
-rw-r--r--roles/openshift_logging_curator/tasks/determine_version.yaml10
-rw-r--r--roles/openshift_logging_curator/tasks/main.yaml31
-rw-r--r--roles/openshift_logging_curator/templates/curator.j22
-rw-r--r--roles/openshift_logging_curator/vars/default_images.yml3
-rw-r--r--roles/openshift_logging_curator/vars/openshift-enterprise.yml3
-rw-r--r--roles/openshift_logging_elasticsearch/defaults/main.yml3
-rw-r--r--roles/openshift_logging_elasticsearch/handlers/main.yml13
-rw-r--r--roles/openshift_logging_elasticsearch/meta/main.yaml2
-rw-r--r--roles/openshift_logging_elasticsearch/tasks/determine_version.yaml12
-rw-r--r--roles/openshift_logging_elasticsearch/tasks/main.yaml37
-rw-r--r--roles/openshift_logging_elasticsearch/tasks/restart_cluster.yml35
-rw-r--r--roles/openshift_logging_elasticsearch/tasks/restart_es_node.yml35
-rw-r--r--roles/openshift_logging_elasticsearch/templates/es.j26
-rw-r--r--roles/openshift_logging_elasticsearch/templates/pvc.j24
-rw-r--r--roles/openshift_logging_elasticsearch/templates/route_reencrypt.j22
-rw-r--r--roles/openshift_logging_elasticsearch/vars/default_images.yml6
-rw-r--r--roles/openshift_logging_elasticsearch/vars/main.yml2
-rw-r--r--roles/openshift_logging_elasticsearch/vars/openshift-enterprise.yml4
-rw-r--r--roles/openshift_logging_eventrouter/defaults/main.yaml2
-rw-r--r--roles/openshift_logging_eventrouter/meta/main.yaml17
-rw-r--r--roles/openshift_logging_eventrouter/tasks/main.yaml17
-rw-r--r--roles/openshift_logging_eventrouter/templates/eventrouter-template.j24
-rw-r--r--roles/openshift_logging_eventrouter/vars/default_images.yml3
-rw-r--r--roles/openshift_logging_eventrouter/vars/openshift-enterprise.yml3
-rw-r--r--roles/openshift_logging_fluentd/defaults/main.yml2
-rw-r--r--roles/openshift_logging_fluentd/files/secure-forward.conf2
-rw-r--r--roles/openshift_logging_fluentd/meta/main.yaml2
-rw-r--r--roles/openshift_logging_fluentd/tasks/determine_version.yaml10
-rw-r--r--roles/openshift_logging_fluentd/tasks/label_and_wait.yaml3
-rw-r--r--roles/openshift_logging_fluentd/tasks/main.yaml33
-rw-r--r--roles/openshift_logging_fluentd/templates/fluentd.j22
-rw-r--r--roles/openshift_logging_fluentd/vars/default_images.yml3
-rw-r--r--roles/openshift_logging_fluentd/vars/openshift-enterprise.yml3
-rw-r--r--roles/openshift_logging_kibana/defaults/main.yml6
-rw-r--r--roles/openshift_logging_kibana/meta/main.yaml2
-rw-r--r--roles/openshift_logging_kibana/tasks/determine_version.yaml10
-rw-r--r--roles/openshift_logging_kibana/tasks/main.yaml80
-rw-r--r--roles/openshift_logging_kibana/templates/kibana.j22
-rw-r--r--roles/openshift_logging_kibana/templates/route_reencrypt.j22
-rw-r--r--roles/openshift_logging_kibana/vars/default_images.yml5
-rw-r--r--roles/openshift_logging_kibana/vars/openshift-enterprise.yml5
-rw-r--r--roles/openshift_logging_mux/defaults/main.yml6
-rw-r--r--roles/openshift_logging_mux/files/secure-forward.conf2
-rw-r--r--roles/openshift_logging_mux/meta/main.yaml2
-rw-r--r--roles/openshift_logging_mux/tasks/determine_version.yaml10
-rw-r--r--roles/openshift_logging_mux/tasks/main.yaml51
-rw-r--r--roles/openshift_logging_mux/templates/mux.j24
-rw-r--r--roles/openshift_logging_mux/vars/default_images.yml3
-rw-r--r--roles/openshift_logging_mux/vars/openshift-enterprise.yml3
-rw-r--r--roles/openshift_manage_node/defaults/main.yml6
-rw-r--r--roles/openshift_manage_node/meta/main.yml1
-rw-r--r--roles/openshift_manage_node/tasks/main.yml13
-rw-r--r--roles/openshift_manageiq/meta/main.yml1
-rw-r--r--roles/openshift_management/README.md10
-rw-r--r--roles/openshift_management/defaults/main.yml4
-rw-r--r--roles/openshift_management/meta/main.yml1
-rw-r--r--roles/openshift_management/tasks/add_container_provider.yml6
-rw-r--r--roles/openshift_management/tasks/main.yml16
-rw-r--r--roles/openshift_management/tasks/storage/storage.yml2
-rw-r--r--roles/openshift_master/defaults/main.yml158
-rw-r--r--roles/openshift_master/handlers/main.yml17
-rw-r--r--roles/openshift_master/meta/main.yml2
-rw-r--r--roles/openshift_master/tasks/bootstrap.yml67
-rw-r--r--roles/openshift_master/tasks/bootstrap_settings.yml15
-rw-r--r--roles/openshift_master/tasks/journald.yml2
-rw-r--r--roles/openshift_master/tasks/main.yml128
-rw-r--r--roles/openshift_master/tasks/registry_auth.yml26
-rw-r--r--roles/openshift_master/tasks/restart.yml22
-rw-r--r--roles/openshift_master/tasks/set_loopback_context.yml4
-rw-r--r--roles/openshift_master/tasks/system_container.yml16
-rw-r--r--roles/openshift_master/tasks/systemd_units.yml64
-rw-r--r--roles/openshift_master/tasks/upgrade.yml45
-rw-r--r--roles/openshift_master/tasks/upgrade/rpm_upgrade.yml22
-rw-r--r--roles/openshift_master/tasks/upgrade/upgrade_scheduler.yml (renamed from playbooks/common/openshift-cluster/upgrades/upgrade_scheduler.yml)0
-rw-r--r--roles/openshift_master/tasks/upgrade/v3_6/master_config_upgrade.yml (renamed from playbooks/common/openshift-cluster/upgrades/v3_6/master_config_upgrade.yml)0
-rw-r--r--roles/openshift_master/tasks/upgrade/v3_7/master_config_upgrade.yml20
-rw-r--r--roles/openshift_master/templates/docker-cluster/atomic-openshift-master-api.service.j226
-rw-r--r--roles/openshift_master/templates/docker-cluster/atomic-openshift-master-controllers.service.j226
-rw-r--r--roles/openshift_master/templates/htpasswd.j22
-rw-r--r--roles/openshift_master/templates/master.yaml.v1.j2102
-rw-r--r--roles/openshift_master/templates/native-cluster/atomic-openshift-master-api.service.j26
-rw-r--r--roles/openshift_master/templates/native-cluster/atomic-openshift-master-controllers.service.j212
-rw-r--r--roles/openshift_master/vars/main.yml41
-rw-r--r--roles/openshift_master_certificates/meta/main.yml3
-rw-r--r--roles/openshift_master_certificates/tasks/main.yml22
-rw-r--r--roles/openshift_master_cluster/README.md34
-rw-r--r--roles/openshift_master_cluster/meta/main.yml15
-rw-r--r--roles/openshift_master_cluster/tasks/configure.yml43
-rw-r--r--roles/openshift_master_cluster/tasks/main.yml18
-rw-r--r--roles/openshift_master_facts/defaults/main.yml1
l---------roles/openshift_master_facts/filter_plugins/oo_filters.py1
-rw-r--r--roles/openshift_master_facts/filter_plugins/openshift_master.py69
-rw-r--r--roles/openshift_master_facts/lookup_plugins/openshift_master_facts_default_predicates.py8
-rw-r--r--roles/openshift_master_facts/lookup_plugins/openshift_master_facts_default_priorities.py8
-rw-r--r--roles/openshift_master_facts/meta/main.yml1
-rw-r--r--roles/openshift_master_facts/tasks/main.yml23
-rw-r--r--roles/openshift_master_facts/test/openshift_master_facts_default_predicates_tests.py6
-rw-r--r--roles/openshift_master_facts/test/openshift_master_facts_default_priorities_tests.py6
-rw-r--r--roles/openshift_metrics/handlers/main.yml17
-rw-r--r--roles/openshift_metrics/meta/main.yaml5
-rw-r--r--roles/openshift_metrics/tasks/generate_certificates.yaml2
-rw-r--r--roles/openshift_metrics/tasks/generate_hawkular_certificates.yaml6
-rw-r--r--roles/openshift_metrics/tasks/install_hawkular.yaml6
-rw-r--r--roles/openshift_metrics/tasks/install_heapster.yaml2
-rw-r--r--roles/openshift_metrics/tasks/install_metrics.yaml18
-rw-r--r--roles/openshift_metrics/tasks/install_support.yaml8
-rw-r--r--roles/openshift_metrics/tasks/main.yaml6
-rw-r--r--roles/openshift_metrics/tasks/setup_certificate.yaml4
-rw-r--r--roles/openshift_metrics/tasks/uninstall_metrics.yaml2
-rw-r--r--roles/openshift_metrics/templates/hawkular_cassandra_rc.j22
-rw-r--r--roles/openshift_metrics/templates/hawkular_metrics_rc.j24
-rw-r--r--roles/openshift_metrics/templates/hawkular_openshift_agent_ds.j22
-rw-r--r--roles/openshift_metrics/templates/heapster.j22
-rw-r--r--roles/openshift_metrics/templates/pvc.j26
-rw-r--r--roles/openshift_metrics/templates/rolebinding.j22
-rw-r--r--roles/openshift_metrics/templates/route.j22
-rw-r--r--roles/openshift_metrics/templates/secret.j26
-rw-r--r--roles/openshift_metrics/templates/service.j28
-rw-r--r--roles/openshift_metrics/templates/serviceaccount.j22
-rw-r--r--roles/openshift_named_certificates/meta/main.yml1
-rw-r--r--roles/openshift_named_certificates/tasks/main.yml4
-rw-r--r--roles/openshift_nfs/meta/main.yml2
-rw-r--r--roles/openshift_nfs/tasks/create_export.yml2
-rw-r--r--roles/openshift_nfs/tasks/setup.yml7
-rw-r--r--roles/openshift_node/README.md6
-rw-r--r--roles/openshift_node/defaults/main.yml91
-rw-r--r--roles/openshift_node/files/bootstrap.yml8
-rwxr-xr-xroles/openshift_node/files/networkmanager/99-origin-dns.sh (renamed from roles/openshift_node_dnsmasq/files/networkmanager/99-origin-dns.sh)0
-rw-r--r--roles/openshift_node/handlers/main.yml23
-rw-r--r--roles/openshift_node/meta/main.yml7
-rw-r--r--roles/openshift_node/tasks/aws.yml2
-rw-r--r--roles/openshift_node/tasks/bootstrap.yml6
-rw-r--r--roles/openshift_node/tasks/config.yml36
-rw-r--r--roles/openshift_node/tasks/config/configure-node-settings.yml2
-rw-r--r--roles/openshift_node/tasks/config/configure-proxy-settings.yml2
-rw-r--r--roles/openshift_node/tasks/config/install-node-deps-docker-service-file.yml2
-rw-r--r--roles/openshift_node/tasks/config/install-node-docker-service-file.yml8
-rw-r--r--roles/openshift_node/tasks/container_images.yml20
-rw-r--r--roles/openshift_node/tasks/dnsmasq.yml26
-rw-r--r--roles/openshift_node/tasks/dnsmasq/network-manager.yml (renamed from roles/openshift_node_dnsmasq/tasks/network-manager.yml)0
-rw-r--r--roles/openshift_node/tasks/dnsmasq/no-network-manager.yml13
-rw-r--r--roles/openshift_node/tasks/dnsmasq_install.yml43
-rw-r--r--roles/openshift_node/tasks/install.yml14
-rw-r--r--roles/openshift_node/tasks/main.yml38
-rw-r--r--roles/openshift_node/tasks/node_system_container.yml14
-rw-r--r--roles/openshift_node/tasks/openvswitch_system_container.yml18
-rw-r--r--roles/openshift_node/tasks/registry_auth.yml25
-rw-r--r--roles/openshift_node/tasks/storage_plugins/ceph.yml2
-rw-r--r--roles/openshift_node/tasks/storage_plugins/glusterfs.yml6
-rw-r--r--roles/openshift_node/tasks/storage_plugins/iscsi.yml2
-rw-r--r--roles/openshift_node/tasks/storage_plugins/nfs.yml6
-rw-r--r--roles/openshift_node/tasks/systemd_units.yml35
-rw-r--r--roles/openshift_node/tasks/upgrade.yml55
-rw-r--r--roles/openshift_node/tasks/upgrade/config_changes.yml77
-rw-r--r--roles/openshift_node/tasks/upgrade/containerized_upgrade_pull.yml15
-rw-r--r--roles/openshift_node/tasks/upgrade/restart.yml51
-rw-r--r--roles/openshift_node/tasks/upgrade/rpm_upgrade.yml24
-rw-r--r--roles/openshift_node/tasks/upgrade/rpm_upgrade_install.yml19
-rw-r--r--roles/openshift_node/tasks/upgrade/stop_services.yml43
-rw-r--r--roles/openshift_node/tasks/upgrade_pre.yml56
-rw-r--r--roles/openshift_node/templates/node-dnsmasq.conf.j2 (renamed from roles/openshift_node_dnsmasq/templates/node-dnsmasq.conf.j2)0
-rw-r--r--roles/openshift_node/templates/node.service.j26
-rw-r--r--roles/openshift_node/templates/node.yaml.v1.j224
-rw-r--r--roles/openshift_node/templates/openshift.docker.node.dep.service14
-rw-r--r--roles/openshift_node/templates/openshift.docker.node.service34
-rw-r--r--roles/openshift_node/templates/openvswitch.docker.service10
-rw-r--r--roles/openshift_node/templates/origin-dns.conf.j2 (renamed from roles/openshift_node_dnsmasq/templates/origin-dns.conf.j2)0
-rw-r--r--roles/openshift_node_certificates/defaults/main.yml2
-rw-r--r--roles/openshift_node_certificates/handlers/main.yml6
-rw-r--r--roles/openshift_node_certificates/meta/main.yml3
-rw-r--r--roles/openshift_node_certificates/tasks/main.yml18
-rw-r--r--roles/openshift_node_dnsmasq/README.md27
-rw-r--r--roles/openshift_node_dnsmasq/defaults/main.yml7
-rw-r--r--roles/openshift_node_dnsmasq/handlers/main.yml11
-rw-r--r--roles/openshift_node_dnsmasq/meta/main.yml15
-rw-r--r--roles/openshift_node_dnsmasq/tasks/main.yml67
-rw-r--r--roles/openshift_node_dnsmasq/tasks/no-network-manager.yml11
-rw-r--r--roles/openshift_node_facts/filter_plugins/openshift_node_facts_filters.py32
-rw-r--r--roles/openshift_node_facts/meta/main.yml15
-rw-r--r--roles/openshift_node_facts/tasks/main.yml27
-rw-r--r--roles/openshift_node_group/defaults/main.yml32
-rw-r--r--roles/openshift_node_group/meta/main.yml4
-rw-r--r--roles/openshift_node_group/tasks/create_config.yml62
-rw-r--r--roles/openshift_node_group/tasks/main.yml10
-rw-r--r--roles/openshift_node_group/templates/node-config.yaml.j253
-rw-r--r--roles/openshift_node_upgrade/README.md111
-rw-r--r--roles/openshift_node_upgrade/defaults/main.yml14
-rw-r--r--roles/openshift_node_upgrade/files/nuke_images.sh25
-rw-r--r--roles/openshift_node_upgrade/handlers/main.yml36
-rw-r--r--roles/openshift_node_upgrade/meta/main.yml13
-rw-r--r--roles/openshift_node_upgrade/tasks/config/configure-node-settings.yml16
-rw-r--r--roles/openshift_node_upgrade/tasks/config/configure-proxy-settings.yml17
-rw-r--r--roles/openshift_node_upgrade/tasks/config/install-node-deps-docker-service-file.yml8
-rw-r--r--roles/openshift_node_upgrade/tasks/config/install-node-docker-service-file.yml8
-rw-r--r--roles/openshift_node_upgrade/tasks/config/install-ovs-docker-service-file.yml8
-rw-r--r--roles/openshift_node_upgrade/tasks/config/install-ovs-service-env-file.yml8
-rw-r--r--roles/openshift_node_upgrade/tasks/config/workaround-bz1331590-ovs-oom-fix.yml13
-rw-r--r--roles/openshift_node_upgrade/tasks/containerized_node_upgrade.yml14
-rw-r--r--roles/openshift_node_upgrade/tasks/docker/upgrade.yml40
-rw-r--r--roles/openshift_node_upgrade/tasks/main.yml179
-rw-r--r--roles/openshift_node_upgrade/tasks/registry_auth.yml27
-rw-r--r--roles/openshift_node_upgrade/tasks/restart.yml46
-rw-r--r--roles/openshift_node_upgrade/tasks/rpm_upgrade.yml29
-rw-r--r--roles/openshift_node_upgrade/tasks/systemd_units.yml37
-rw-r--r--roles/openshift_node_upgrade/templates/node.service.j231
-rw-r--r--roles/openshift_node_upgrade/templates/openshift.docker.node.dep.service11
-rw-r--r--roles/openshift_node_upgrade/templates/openshift.docker.node.service50
-rw-r--r--roles/openshift_node_upgrade/templates/openvswitch-avoid-oom.conf3
-rw-r--r--roles/openshift_node_upgrade/templates/openvswitch.docker.service17
-rw-r--r--roles/openshift_node_upgrade/templates/openvswitch.sysconfig.j21
-rw-r--r--roles/openshift_openstack/defaults/main.yml90
-rw-r--r--roles/openshift_openstack/tasks/check-prerequisites.yml105
-rw-r--r--roles/openshift_openstack/tasks/cleanup.yml6
-rw-r--r--roles/openshift_openstack/tasks/container-storage-setup.yml37
-rw-r--r--roles/openshift_openstack/tasks/custom_flavor_check.yaml10
-rw-r--r--roles/openshift_openstack/tasks/custom_image_check.yaml10
-rw-r--r--roles/openshift_openstack/tasks/generate-templates.yml29
-rw-r--r--roles/openshift_openstack/tasks/net_vars_check.yaml14
-rw-r--r--roles/openshift_openstack/tasks/node-configuration.yml9
-rw-r--r--roles/openshift_openstack/tasks/node-network.yml19
-rw-r--r--roles/openshift_openstack/tasks/node-packages.yml19
-rw-r--r--roles/openshift_openstack/tasks/populate-dns.yml121
-rw-r--r--roles/openshift_openstack/tasks/prepare-and-format-cinder-volume.yaml59
-rw-r--r--roles/openshift_openstack/tasks/provision.yml25
-rw-r--r--roles/openshift_openstack/templates/docker-storage-setup-dm.j24
-rw-r--r--roles/openshift_openstack/templates/docker-storage-setup-overlayfs.j27
-rw-r--r--roles/openshift_openstack/templates/heat_stack.yaml.j2766
-rw-r--r--roles/openshift_openstack/templates/heat_stack_server.yaml.j2270
-rw-r--r--roles/openshift_openstack/templates/user_data.j213
-rw-r--r--roles/openshift_persistent_volumes/action_plugins/generate_pv_pvcs_list.py157
-rw-r--r--roles/openshift_persistent_volumes/defaults/main.yml9
-rw-r--r--roles/openshift_persistent_volumes/meta/main.yml4
-rw-r--r--roles/openshift_persistent_volumes/tasks/main.yml57
-rw-r--r--roles/openshift_persistent_volumes/tasks/pv.yml17
-rw-r--r--roles/openshift_persistent_volumes/tasks/pvc.yml17
-rw-r--r--roles/openshift_persistent_volumes/templates/persistent-volume-claim.yml.j22
-rw-r--r--roles/openshift_persistent_volumes/templates/persistent-volume.yml.j26
-rw-r--r--roles/openshift_project_request_template/README.md33
-rw-r--r--roles/openshift_project_request_template/defaults/main.yml5
-rw-r--r--roles/openshift_project_request_template/meta/main.yml15
-rw-r--r--roles/openshift_project_request_template/tasks/main.yml40
-rw-r--r--roles/openshift_prometheus/README.md13
-rw-r--r--roles/openshift_prometheus/defaults/main.yaml12
-rw-r--r--roles/openshift_prometheus/meta/main.yaml5
-rw-r--r--roles/openshift_prometheus/tasks/install_prometheus.yaml68
-rw-r--r--roles/openshift_prometheus/tasks/main.yaml21
-rw-r--r--roles/openshift_prometheus/tasks/uninstall_prometheus.yaml7
-rw-r--r--roles/openshift_prometheus/templates/prometheus.j257
-rw-r--r--roles/openshift_prometheus/vars/default_images.yml17
-rw-r--r--roles/openshift_prometheus/vars/openshift-enterprise.yml17
-rw-r--r--roles/openshift_provisioners/meta/main.yaml1
-rw-r--r--roles/openshift_provisioners/tasks/install_efs.yaml2
-rw-r--r--roles/openshift_provisioners/tasks/install_provisioners.yaml8
-rw-r--r--roles/openshift_provisioners/tasks/install_support.yaml6
-rw-r--r--roles/openshift_provisioners/tasks/main.yaml4
-rw-r--r--roles/openshift_provisioners/tasks/uninstall_provisioners.yaml2
-rw-r--r--roles/openshift_provisioners/templates/clusterrolebinding.j22
-rw-r--r--roles/openshift_provisioners/templates/efs.j22
-rw-r--r--roles/openshift_provisioners/templates/pv.j24
-rw-r--r--roles/openshift_provisioners/templates/pvc.j24
-rw-r--r--roles/openshift_provisioners/templates/secret.j22
-rw-r--r--roles/openshift_provisioners/templates/serviceaccount.j22
-rw-r--r--roles/openshift_repos/tasks/main.yaml11
-rw-r--r--roles/openshift_repos/tasks/rhel_repos.yml33
-rw-r--r--roles/openshift_repos/templates/CentOS-OpenShift-Origin37.repo.j227
-rw-r--r--roles/openshift_sanitize_inventory/meta/main.yml3
-rw-r--r--roles/openshift_sanitize_inventory/tasks/deprecations.yml2
-rw-r--r--roles/openshift_sanitize_inventory/tasks/main.yml6
-rw-r--r--roles/openshift_sanitize_inventory/tasks/unsupported.yml24
-rw-r--r--roles/openshift_service_catalog/files/kubeservicecatalog_roles_bindings.yml2
-rw-r--r--roles/openshift_service_catalog/tasks/install.yml16
-rw-r--r--roles/openshift_service_catalog/tasks/main.yml4
-rw-r--r--roles/openshift_service_catalog/tasks/start_api_server.yml2
-rw-r--r--roles/openshift_service_catalog/templates/api_server.j22
-rw-r--r--roles/openshift_service_catalog/templates/controller_manager.j22
-rw-r--r--roles/openshift_storage_glusterfs/README.md37
-rw-r--r--roles/openshift_storage_glusterfs/defaults/main.yml39
-rw-r--r--roles/openshift_storage_glusterfs/files/v3.7/deploy-heketi-template.yml12
-rw-r--r--roles/openshift_storage_glusterfs/files/v3.7/gluster-s3-pvcs-template.yml67
-rw-r--r--roles/openshift_storage_glusterfs/files/v3.7/gluster-s3-template.yml140
-rw-r--r--roles/openshift_storage_glusterfs/files/v3.7/glusterblock-provisioner.yml104
-rw-r--r--roles/openshift_storage_glusterfs/files/v3.7/glusterfs-template.yml20
-rw-r--r--roles/openshift_storage_glusterfs/files/v3.7/heketi-template.yml16
-rw-r--r--roles/openshift_storage_glusterfs/files/v3.8/deploy-heketi-template.yml133
-rw-r--r--roles/openshift_storage_glusterfs/files/v3.8/gluster-s3-pvcs-template.yml67
-rw-r--r--roles/openshift_storage_glusterfs/files/v3.8/gluster-s3-template.yml140
-rw-r--r--roles/openshift_storage_glusterfs/files/v3.8/glusterblock-provisioner.yml104
-rw-r--r--roles/openshift_storage_glusterfs/files/v3.8/glusterfs-template.yml154
-rw-r--r--roles/openshift_storage_glusterfs/files/v3.8/heketi-template.yml136
-rw-r--r--roles/openshift_storage_glusterfs/meta/main.yml4
-rw-r--r--roles/openshift_storage_glusterfs/tasks/gluster_s3_deploy.yml113
-rw-r--r--roles/openshift_storage_glusterfs/tasks/glusterblock_deploy.yml66
-rw-r--r--roles/openshift_storage_glusterfs/tasks/glusterfs_common.yml114
-rw-r--r--roles/openshift_storage_glusterfs/tasks/glusterfs_config.yml22
-rw-r--r--roles/openshift_storage_glusterfs/tasks/glusterfs_deploy.yml19
-rw-r--r--roles/openshift_storage_glusterfs/tasks/glusterfs_registry.yml65
-rw-r--r--roles/openshift_storage_glusterfs/tasks/heketi_deploy_part1.yml2
-rw-r--r--roles/openshift_storage_glusterfs/tasks/heketi_deploy_part2.yml8
-rw-r--r--roles/openshift_storage_glusterfs/tasks/kernel_modules.yml2
-rw-r--r--roles/openshift_storage_glusterfs/tasks/main.yml10
-rw-r--r--roles/openshift_storage_glusterfs/templates/v1.5/glusterfs-storageclass.yml.j24
-rw-r--r--roles/openshift_storage_glusterfs/templates/v3.6/glusterfs-storageclass.yml.j24
-rw-r--r--roles/openshift_storage_glusterfs/templates/v3.7/glusterfs-storageclass.yml.j24
-rw-r--r--roles/openshift_storage_glusterfs/templates/v3.7/heketi.json.j28
-rw-r--r--roles/openshift_storage_glusterfs/templates/v3.8/glusterfs-registry-endpoints.yml.j212
-rw-r--r--roles/openshift_storage_glusterfs/templates/v3.8/glusterfs-registry-service.yml.j210
-rw-r--r--roles/openshift_storage_glusterfs/templates/v3.8/glusterfs-storageclass.yml.j217
-rw-r--r--roles/openshift_storage_glusterfs/templates/v3.8/heketi-endpoints.yml.j212
-rw-r--r--roles/openshift_storage_glusterfs/templates/v3.8/heketi-service.yml.j210
-rw-r--r--roles/openshift_storage_glusterfs/templates/v3.8/heketi.json.j242
-rw-r--r--roles/openshift_storage_glusterfs/templates/v3.8/topology.json.j249
-rw-r--r--roles/openshift_storage_nfs/meta/main.yml4
-rw-r--r--roles/openshift_storage_nfs/tasks/main.yml29
-rw-r--r--roles/openshift_storage_nfs/templates/exports.j216
-rw-r--r--roles/openshift_storage_nfs_lvm/meta/main.yml1
-rw-r--r--roles/openshift_storage_nfs_lvm/tasks/main.yml2
-rw-r--r--roles/openshift_storage_nfs_lvm/tasks/nfs.yml2
-rw-r--r--roles/openshift_version/defaults/main.yml8
-rw-r--r--roles/openshift_version/meta/main.yml4
-rw-r--r--roles/openshift_version/tasks/main.yml16
-rw-r--r--roles/openshift_version/tasks/set_version_containerized.yml17
-rw-r--r--roles/openshift_version/tasks/set_version_rpm.yml6
-rw-r--r--roles/os_firewall/tasks/firewalld.yml12
-rw-r--r--roles/os_firewall/tasks/iptables.yml10
-rw-r--r--roles/os_firewall/tasks/main.yml4
-rw-r--r--roles/os_update_latest/tasks/main.yml2
-rw-r--r--roles/rhel_subscribe/README.md29
-rw-r--r--roles/rhel_subscribe/defaults/main.yml2
-rw-r--r--roles/rhel_subscribe/tasks/enterprise.yml25
-rw-r--r--roles/rhel_subscribe/tasks/main.yml79
-rw-r--r--roles/rhel_subscribe/tasks/satellite.yml5
-rw-r--r--roles/template_service_broker/defaults/main.yml3
-rw-r--r--roles/template_service_broker/files/openshift-ansible-catalog-console.js1
-rw-r--r--roles/template_service_broker/meta/main.yml2
-rw-r--r--roles/template_service_broker/tasks/install.yml16
-rw-r--r--roles/template_service_broker/tasks/main.yml8
-rw-r--r--roles/template_service_broker/tasks/remove.yml4
-rw-r--r--setup.py54
-rw-r--r--[-rwxr-xr-x]test/integration/build-images.sh0
-rw-r--r--test/integration/openshift_health_checker/preflight/playbooks/package_availability_missing_required.yml6
-rw-r--r--test/integration/openshift_health_checker/preflight/playbooks/package_availability_succeeds.yml4
-rw-r--r--test/integration/openshift_health_checker/preflight/playbooks/package_update_dep_missing.yml6
-rw-r--r--test/integration/openshift_health_checker/preflight/playbooks/package_update_repo_broken.yml6
-rw-r--r--test/integration/openshift_health_checker/preflight/playbooks/package_update_repo_disabled.yml4
-rw-r--r--test/integration/openshift_health_checker/preflight/playbooks/package_update_repo_unreachable.yml6
-rw-r--r--test/integration/openshift_health_checker/preflight/playbooks/package_version_matches.yml6
-rw-r--r--test/integration/openshift_health_checker/preflight/playbooks/package_version_mismatches.yml8
-rw-r--r--test/integration/openshift_health_checker/preflight/playbooks/package_version_multiple.yml8
-rw-r--r--test/integration/openshift_health_checker/preflight/playbooks/package_version_origin.yml4
-rw-r--r--test/integration/openshift_health_checker/setup_container.yml8
-rw-r--r--[-rwxr-xr-x]test/integration/run-tests.sh0
-rw-r--r--test/openshift_version_tests.py76
-rw-r--r--tox.ini5
-rw-r--r--utils/etc/ansible.cfg4
-rw-r--r--utils/src/ooinstall/cli_installer.py18
-rw-r--r--utils/src/ooinstall/openshift_ansible.py4
1595 files changed, 199171 insertions, 41146 deletions
diff --git a/.papr.sh b/.papr.sh
index 2d66fdacd..c7b06f059 100755
--- a/.papr.sh
+++ b/.papr.sh
@@ -1,6 +1,21 @@
#!/bin/bash
set -xeuo pipefail
+# Essentially use a similar procedure other openshift-ansible PR tests use to
+# determine which image tag should be used. This allows us to avoid hardcoding a
+# specific version which quickly becomes stale.
+
+if [ -n "${PAPR_BRANCH:-}" ]; then
+ target_branch=$PAPR_BRANCH
+else
+ target_branch=$PAPR_PULL_TARGET_BRANCH
+fi
+
+# this is a bit wasteful, though there's no easy way to say "only clone up to
+# the first tag in the branch" -- ideally, PAPR could help with caching here
+git clone --branch $target_branch --single-branch https://github.com/openshift/origin
+export OPENSHIFT_IMAGE_TAG=$(git -C origin describe --abbrev=0)
+
echo "Targeting OpenShift Origin $OPENSHIFT_IMAGE_TAG"
pip install -r requirements.txt
@@ -20,14 +35,17 @@ trap upload_journals ERR
# run the actual installer
# FIXME: override openshift_image_tag defined in the inventory until
# https://github.com/openshift/openshift-ansible/issues/4478 is fixed.
-ansible-playbook -vvv -i .papr.inventory playbooks/byo/config.yml -e "openshift_image_tag=$OPENSHIFT_IMAGE_TAG"
-
-# run a small subset of origin conformance tests to sanity
-# check the cluster NB: we run it on the master since we may
-# be in a different OSP network
-ssh ocp-master docker run --rm --net=host --privileged \
- -v /etc/origin/master/admin.kubeconfig:/config \
- registry.fedoraproject.org/fedora:26 sh -c \
- '"dnf install -y origin-tests && \
- KUBECONFIG=/config /usr/libexec/origin/extended.test --ginkgo.v=1 \
- --ginkgo.noColor --ginkgo.focus=\"Services.*NodePort|EmptyDir\""'
+ansible-playbook -vvv -i .papr.inventory playbooks/deploy_cluster.yml -e "openshift_image_tag=$OPENSHIFT_IMAGE_TAG"
+
+### DISABLING TESTS FOR NOW, SEE:
+### https://github.com/openshift/openshift-ansible/pull/6132
+
+### # run a small subset of origin conformance tests to sanity
+### # check the cluster NB: we run it on the master since we may
+### # be in a different OSP network
+### ssh ocp-master docker run --rm --net=host --privileged \
+### -v /etc/origin/master/admin.kubeconfig:/config \
+### registry.fedoraproject.org/fedora:27 sh -c \
+### '"dnf install -y origin-tests && \
+### KUBECONFIG=/config /usr/libexec/origin/extended.test --ginkgo.v=1 \
+### --ginkgo.noColor --ginkgo.focus=\"Services.*NodePort|EmptyDir\""'
diff --git a/.papr.yml b/.papr.yml
index 119dd5fcf..2b30f84fc 100644
--- a/.papr.yml
+++ b/.papr.yml
@@ -14,35 +14,28 @@
cluster:
hosts:
- name: ocp-master
- distro: fedora/26/atomic
+ distro: fedora/27/atomic
specs:
ram: 4096
- name: ocp-node1
- distro: fedora/26/atomic
+ distro: fedora/27/atomic
- name: ocp-node2
- distro: fedora/26/atomic
+ distro: fedora/27/atomic
container:
- image: registry.fedoraproject.org/fedora:26
+ image: registry.fedoraproject.org/fedora:27
-# temp workaround for https://bugzilla.redhat.com/show_bug.cgi?id=1483553
-#packages:
-# - gcc
-# - python-pip
-# - python-devel
-# - libffi-devel
-# - openssl-devel
-# - redhat-rpm-config
+packages:
+ - gcc
+ - git
+ - python-pip
+ - python-devel
+ - libffi-devel
+ - openssl-devel
+ - redhat-rpm-config
-context: 'fedora/26/atomic'
-
-env:
- OPENSHIFT_IMAGE_TAG: v3.6.0
+context: 'fedora/27/atomic'
tests:
- # temp workaround for https://bugzilla.redhat.com/show_bug.cgi?id=1483553
- - if (dnf distro-sync -y || :) |& grep -q -e BDB1539; then
- rpm --rebuilddb; dnf distro-sync;
- fi; dnf install -y gcc python-pip python-devel libffi-devel openssl-devel redhat-rpm-config
- ./.papr.sh
artifacts:
diff --git a/.pylintrc b/.pylintrc
index e85987de3..80c74b734 100644
--- a/.pylintrc
+++ b/.pylintrc
@@ -214,7 +214,8 @@ ignore-mixin-members=yes
# (useful for modules/projects where namespaces are manipulated during runtime
# and thus existing member attributes cannot be deduced by static analysis. It
# supports qualified module names, as well as Unix pattern matching.
-ignored-modules=
+# Ignoring ansible.constants to suppress `no-member` warnings
+ignored-modules=ansible.constants
# List of classes names for which member attributes should not be checked
# (useful for classes with attributes dynamically set). This supports can work
diff --git a/.tito/packages/openshift-ansible b/.tito/packages/openshift-ansible
index 8ab4493f6..1ca23082d 100644
--- a/.tito/packages/openshift-ansible
+++ b/.tito/packages/openshift-ansible
@@ -1 +1 @@
-3.7.0-0.195.0 ./
+3.9.0-0.10.0 ./
diff --git a/.tito/releasers.conf b/.tito/releasers.conf
index 17baaa1bd..1768c4581 100644
--- a/.tito/releasers.conf
+++ b/.tito/releasers.conf
@@ -42,6 +42,15 @@ releaser = tito.release.DistGitReleaser
branches = rhaos-3.7-rhel-7
srpm_disttag = .el7aos
+[aos-3.8]
+releaser = tito.release.DistGitReleaser
+branches = rhaos-3.8-rhel-7
+srpm_disttag = .el7aos
+
+[aos-3.9]
+releaser = tito.release.DistGitReleaser
+branches = rhaos-3.9-rhel-7
+srpm_disttag = .el7aos
[copr-openshift-ansible]
releaser = tito.release.CoprReleaser
diff --git a/DEPLOYMENT_TYPES.md b/DEPLOYMENT_TYPES.md
index e52e47202..3e93f3fc8 100644
--- a/DEPLOYMENT_TYPES.md
+++ b/DEPLOYMENT_TYPES.md
@@ -10,8 +10,8 @@ The table below outlines the defaults per `openshift_deployment_type`:
| openshift_deployment_type | origin | openshift-enterprise |
|-----------------------------------------------------------------|------------------------------------------|----------------------------------------|
-| **openshift.common.service_type** (also used for package names) | origin | atomic-openshift |
+| **openshift_service_type** (also used for package names) | origin | atomic-openshift |
| **openshift.common.config_base** | /etc/origin | /etc/origin |
| **openshift_data_dir** | /var/lib/origin | /var/lib/origin |
-| **openshift.master.registry_url openshift.node.registry_url** | openshift/origin-${component}:${version} | openshift3/ose-${component}:${version} |
+| **openshift.master.registry_url oreg_url_node** | openshift/origin-${component}:${version} | openshift3/ose-${component}:${version} |
| **Image Streams** | centos | rhel |
diff --git a/README.md b/README.md
index 03dac2282..fdedf2f19 100644
--- a/README.md
+++ b/README.md
@@ -16,20 +16,27 @@ tracked by
[#2720](https://github.com/openshift/openshift-ansible/issues/2720).
## Getting the correct version
+When choosing an openshift release, ensure that the necessary origin packages
+are available in your distribution's repository. By default, openshift-ansible
+will not configure extra repositories for testing or staging packages for
+end users.
-The
+We recommend using a release branch. We maintain stable branches
+corresponding to upstream Origin releases, e.g.: we guarantee an
+openshift-ansible 3.2 release will fully support an origin
+[1.2 release](https://github.com/openshift/openshift-ansible/tree/release-1.2).
+
+The most recent branch will often receive minor feature backports and
+fixes. Older branches will receive only critical fixes.
+
+In addition to the release branches, the master branch
[master branch](https://github.com/openshift/openshift-ansible/tree/master)
tracks our current work **in development** and should be compatible
with the
[Origin master branch](https://github.com/openshift/origin/tree/master)
(code in development).
-In addition to the master branch, we maintain stable branches
-corresponding to upstream Origin releases, e.g.: we guarantee an
-openshift-ansible 3.2 release will fully support an origin
-[1.2 release](https://github.com/openshift/openshift-ansible/tree/release-1.2).
-The most recent branch will often receive minor feature backports and
-fixes. Older branches will receive only critical fixes.
+
**Getting the right openshift-ansible release**
@@ -50,27 +57,27 @@ you are not running a stable release.
## Setup
-1. Install base dependencies:
+Install base dependencies:
+
+Requirements:
- ***
+- Ansible >= 2.4.1.0
+- Jinja >= 2.7
+- pyOpenSSL
+- python-lxml
- Requirements:
- - Ansible >= 2.3.0.0
- - Jinja >= 2.7
- - pyOpenSSL
- - python-lxml
+----
- ***
+Fedora:
- Fedora:
- ```
- dnf install -y ansible pyOpenSSL python-cryptography python-lxml
- ```
+```
+dnf install -y ansible pyOpenSSL python-cryptography python-lxml
+```
-2. OpenShift Installation Documentation:
+## OpenShift Installation Documentation:
- - [OpenShift Enterprise](https://docs.openshift.com/enterprise/latest/install_config/install/advanced_install.html)
- - [OpenShift Origin](https://docs.openshift.org/latest/install_config/install/advanced_install.html)
+- [OpenShift Enterprise](https://docs.openshift.com/enterprise/latest/install_config/install/advanced_install.html)
+- [OpenShift Origin](https://docs.openshift.org/latest/install_config/install/advanced_install.html)
## Containerized OpenShift Ansible
diff --git a/README_CONTAINERIZED_INSTALLATION.md b/README_CONTAINERIZED_INSTALLATION.md
index 8eaa69deb..395d5c49a 100644
--- a/README_CONTAINERIZED_INSTALLATION.md
+++ b/README_CONTAINERIZED_INSTALLATION.md
@@ -16,7 +16,7 @@ Currently the default installation method for traditional operating systems is
via RPMs. If you wish to deploy using containerized installation you may set the
ansible variable 'containerized=true' on a per host basis. This means that you
may easily deploy environments mixing containerized and RPM based installs. At
-this point we suggest deploying heterogeneous environments.
+this point we don't suggest deploying heterogeneous environments.
## CLI Wrappers
diff --git a/README_CONTAINER_IMAGE.md b/README_CONTAINER_IMAGE.md
index a2151352d..712c7c4b0 100644
--- a/README_CONTAINER_IMAGE.md
+++ b/README_CONTAINER_IMAGE.md
@@ -28,7 +28,7 @@ Here is an example of how to run a containerized `openshift-ansible` playbook th
-v $HOME/.ssh/id_rsa:/opt/app-root/src/.ssh/id_rsa:Z \
-v /etc/ansible/hosts:/tmp/inventory \
-e INVENTORY_FILE=/tmp/inventory \
- -e PLAYBOOK_FILE=playbooks/byo/openshift-checks/certificate_expiry/default.yaml \
+ -e PLAYBOOK_FILE=playbooks/openshift-checks/certificate_expiry/default.yaml \
-e OPTS="-v" -t \
openshift/origin-ansible
@@ -44,7 +44,7 @@ Here is a detailed explanation of the options used in the command above:
* `-v /etc/ansible/hosts:/tmp/inventory` and `-e INVENTORY_FILE=/tmp/inventory` mount the Ansible inventory file into the container as `/tmp/inventory` and set the corresponding environment variable to point at it respectively. The example uses `/etc/ansible/hosts` as the inventory file as this is a default location, but your inventory is likely to be elsewhere so please adjust as needed. Note that depending on the file you point to you might have to handle SELinux labels in a similar way as with the ssh keys, e.g. by adding a `:z` flag to the volume mount, so again you might prefer to copy the inventory to a dedicated location first.
-* `-e PLAYBOOK_FILE=playbooks/byo/openshift-checks/certificate_expiry/default.yaml` specifies the playbook to run as a relative path from the top level directory of openshift-ansible.
+* `-e PLAYBOOK_FILE=playbooks/openshift-checks/certificate_expiry/default.yaml` specifies the playbook to run as a relative path from the top level directory of openshift-ansible.
* `-e OPTS="-v"` and `-t` make the output look nicer: the `default.yaml` playbook does not generate results and runs quietly unless we add the `-v` option to the `ansible-playbook` invocation, and a TTY is allocated via `-t` so that Ansible adds color to the output.
diff --git a/ansible.cfg b/ansible.cfg
index 589a58e9d..c1c76a496 100644
--- a/ansible.cfg
+++ b/ansible.cfg
@@ -10,7 +10,6 @@
#log_path = /tmp/ansible.log
# Additional default options for OpenShift Ansible
-callback_plugins = callback_plugins/
forks = 20
host_key_checking = False
retry_files_enabled = False
@@ -23,15 +22,16 @@ fact_caching = jsonfile
fact_caching_connection = $HOME/ansible/facts
fact_caching_timeout = 600
callback_whitelist = profile_tasks
+inventory_ignore_extensions = secrets.py, .pyc, .cfg, .crt
+# work around privilege escalation timeouts in ansible:
+timeout = 30
-# Uncomment to use the provided BYO inventory
-#hostfile = inventory/byo/hosts
+# Uncomment to use the provided example inventory
+#inventory = inventory/hosts.example
-# Uncomment to use the provided GCE dynamic inventory script
-#hostfile = inventory/gce/gce.py
-
-# Uncomment to use the provided AWS dynamic inventory script
-#hostfile = inventory/aws/ec2.py
+[inventory]
+# fail more helpfully when the inventory file does not parse (Ansible 2.4+)
+unparsed_is_failed=true
# Additional ssh options for OpenShift Ansible
[ssh_connection]
diff --git a/callback_plugins/aa_version_requirement.py b/callback_plugins/aa_version_requirement.py
deleted file mode 100644
index 9562adb28..000000000
--- a/callback_plugins/aa_version_requirement.py
+++ /dev/null
@@ -1,60 +0,0 @@
-#!/usr/bin/python
-
-"""
-This callback plugin verifies the required minimum version of Ansible
-is installed for proper operation of the OpenShift Ansible Installer.
-The plugin is named with leading `aa_` to ensure this plugin is loaded
-first (alphanumerically) by Ansible.
-"""
-import sys
-from ansible import __version__
-
-if __version__ < '2.0':
- # pylint: disable=import-error,no-name-in-module
- # Disabled because pylint warns when Ansible v2 is installed
- from ansible.callbacks import display as pre2_display
- CallbackBase = object
-
- def display(*args, **kwargs):
- """Set up display function for pre Ansible v2"""
- pre2_display(*args, **kwargs)
-else:
- from ansible.plugins.callback import CallbackBase
- from ansible.utils.display import Display
-
- def display(*args, **kwargs):
- """Set up display function for Ansible v2"""
- display_instance = Display()
- display_instance.display(*args, **kwargs)
-
-
-# Set to minimum required Ansible version
-REQUIRED_VERSION = '2.3.0.0'
-DESCRIPTION = "Supported versions: %s or newer" % REQUIRED_VERSION
-
-
-def version_requirement(version):
- """Test for minimum required version"""
- return version >= REQUIRED_VERSION
-
-
-class CallbackModule(CallbackBase):
- """
- Ansible callback plugin
- """
-
- CALLBACK_VERSION = 1.0
- CALLBACK_NAME = 'version_requirement'
-
- def __init__(self):
- """
- Version verification is performed in __init__ to catch the
- requirement early in the execution of Ansible and fail gracefully
- """
- super(CallbackModule, self).__init__()
-
- if not version_requirement(__version__):
- display(
- 'FATAL: Current Ansible version (%s) is not supported. %s'
- % (__version__, DESCRIPTION), color='red')
- sys.exit(1)
diff --git a/docs/proposals/crt_management_proposal.md b/docs/proposals/crt_management_proposal.md
new file mode 100644
index 000000000..5fc1ad08d
--- /dev/null
+++ b/docs/proposals/crt_management_proposal.md
@@ -0,0 +1,113 @@
+# Container Runtime Management
+
+## Description
+origin and openshift-ansible support multiple container runtimes. This proposal
+is related to refactoring how we handle those runtimes in openshift-ansible.
+
+### Problems addressed
+We currently don't install docker during the install at a point early enough to
+not fail health checks, and we don't have a good story around when/how to do it.
+This is complicated by logic around containerized and non-containerized installs.
+
+A web of dependencies can cause changes to docker that are unintended and has
+resulted in a series of work-around such as 'skip_docker' boolean.
+
+We don't handle docker storage because it's BYO. By moving docker to a prerequisite
+play, we can tackle storage up front and never have to touch it again.
+
+container_runtime logic is currently spread across 3 roles: docker, openshift_docker,
+and openshift_docker_facts. The name 'docker' does not accurately portray what
+the role(s) do.
+
+## Rationale
+* Refactor docker (and related meta/fact roles) into 'container_runtime' role.
+* Strip all meta-depends on container runtime out of other roles and plays.
+* Create a 'prerequisites.yml' entry point that will setup various items
+such as container storage and container runtime before executing installation.
+* All other roles and plays should merely consume container runtime, should not
+configure, restart, or change the container runtime as much as feasible.
+
+## Design
+
+The container_runtime role should be comprised of 3 'pseudo-roles' which will be
+consumed using include_role; each component area should be enabled/disabled with
+a boolean value, defaulting to true.
+
+I call them 'pseudo-roles' because they are more or less independent functional
+areas that may share some variables and act on closely related components. This
+is an effort to reuse as much code as possible, limit role-bloat (we already have
+an abundance of roles), and make things as modular as possible.
+
+```yaml
+# prerequisites.yml
+- include: std_include.yml
+- include: container_runtime_setup.yml
+...
+# container_runtime_setup.yml
+- hosts: "{{ openshift_runtime_manage_hosts | default('oo_nodes_to_config') }}"
+ tasks:
+ - include_role:
+ name: container_runtime
+ tasks_from: install.yml
+ when: openshift_container_runtime_install | default(True) | bool
+ - include_role:
+ name: container_runtime
+ tasks_from: storage.yml
+ when: openshift_container_runtime_storage | default(True) | bool
+ - include_role:
+ name: container_runtime
+ tasks_from: configure.yml
+ when: openshift_container_runtime_configure | default(True) | bool
+```
+
+Note the host group on the above play. No more guessing what hosts to run this
+stuff against. If you want to use an atomic install, specify what hosts will need
+us to setup container runtime (such as etcd hosts, loadbalancers, etc);
+
+We should direct users that are using atomic hosts to disable install in the docs,
+let's not add a bunch of logic.
+
+Alternatively, we can create a new group.
+
+### Part 1, container runtime install
+Install the container runtime components of the desired type.
+
+```yaml
+# install.yml
+- include: docker.yml
+ when: openshift_container_runtime_install_docker | bool
+
+- include: crio.yml
+ when: openshift_container_runtime_install_crio | bool
+
+... other container run times...
+```
+
+Alternatively to using booleans for each run time, we could use a variable like
+"openshift_container_runtime_type". This would be my preference, as we could
+use this information in later roles.
+
+### Part 2, configure/setup container runtime storage
+Configure a supported storage solution for containers.
+
+Similar setup to the previous section. We might need to add some logic for the
+different runtimes here, or we maybe create a matrix of possible options.
+
+### Part 3, configure container runtime.
+Place config files, environment files, systemd units, etc. Start/restart
+the container runtime as needed.
+
+Similar to Part 1 with how we should do things.
+
+## Checklist
+* Strip docker from meta dependencies.
+* Combine docker facts and meta roles into container_runtime role.
+* Docs
+
+## User Story
+As a user of openshift-ansible, I want to be able to manage my container runtime
+and related components independent of openshift itself.
+
+## Acceptance Criteria
+* Verify that each container runtime installs with this new method.
+* Verify that openshift installs with this new method.
diff --git a/docs/proposals/role_decomposition.md b/docs/proposals/role_decomposition.md
index 6434e24e7..37d080d5c 100644
--- a/docs/proposals/role_decomposition.md
+++ b/docs/proposals/role_decomposition.md
@@ -262,7 +262,7 @@ dependencies:
- name: "Create logging project"
command: >
- {{ openshift.common.admin_binary }} --config={{ mktemp.stdout }}/admin.kubeconfig new-project {{openshift_logging_namespace}}
+ {{ openshift.common.client_binary }} adm --config={{ mktemp.stdout }}/admin.kubeconfig new-project {{openshift_logging_namespace}}
when: not ansible_check_mode and "not found" in logging_project_result.stderr
- name: Create logging cert directory
diff --git a/files/origin-components/apiserver-template.yaml b/files/origin-components/apiserver-template.yaml
index 1b42597af..035e4734b 100644
--- a/files/origin-components/apiserver-template.yaml
+++ b/files/origin-components/apiserver-template.yaml
@@ -15,6 +15,8 @@ parameters:
apiVersion: config.templateservicebroker.openshift.io/v1
templateNamespaces:
- openshift
+- name: NODE_SELECTOR
+ value: "{}"
objects:
# to create the tsb server
@@ -59,6 +61,7 @@ objects:
path: /healthz
port: 8443
scheme: HTTPS
+ nodeSelector: "${{NODE_SELECTOR}}"
volumes:
- name: serving-cert
secret:
diff --git a/filter_plugins/oo_filters.py b/filter_plugins/oo_filters.py
deleted file mode 100644
index f9564499d..000000000
--- a/filter_plugins/oo_filters.py
+++ /dev/null
@@ -1,1239 +0,0 @@
-#!/usr/bin/python
-# -*- coding: utf-8 -*-
-# pylint: disable=too-many-lines
-"""
-Custom filters for use in openshift-ansible
-"""
-import json
-import os
-import pdb
-import random
-import re
-
-from base64 import b64encode
-from collections import Mapping
-# pylint no-name-in-module and import-error disabled here because pylint
-# fails to properly detect the packages when installed in a virtualenv
-from distutils.util import strtobool # pylint:disable=no-name-in-module,import-error
-from distutils.version import LooseVersion # pylint:disable=no-name-in-module,import-error
-from operator import itemgetter
-
-import pkg_resources
-import yaml
-
-from ansible import errors
-from ansible.parsing.yaml.dumper import AnsibleDumper
-
-# ansible.compat.six goes away with Ansible 2.4
-try:
- from ansible.compat.six import string_types, u
- from ansible.compat.six.moves.urllib.parse import urlparse
-except ImportError:
- from ansible.module_utils.six import string_types, u
- from ansible.module_utils.six.moves.urllib.parse import urlparse
-
-HAS_OPENSSL = False
-try:
- import OpenSSL.crypto
- HAS_OPENSSL = True
-except ImportError:
- pass
-
-
-def oo_pdb(arg):
- """ This pops you into a pdb instance where arg is the data passed in
- from the filter.
- Ex: "{{ hostvars | oo_pdb }}"
- """
- pdb.set_trace()
- return arg
-
-
-def get_attr(data, attribute=None):
- """ This looks up dictionary attributes of the form a.b.c and returns
- the value.
-
- If the key isn't present, None is returned.
- Ex: data = {'a': {'b': {'c': 5}}}
- attribute = "a.b.c"
- returns 5
- """
- if not attribute:
- raise errors.AnsibleFilterError("|failed expects attribute to be set")
-
- ptr = data
- for attr in attribute.split('.'):
- if attr in ptr:
- ptr = ptr[attr]
- else:
- ptr = None
- break
-
- return ptr
-
-
-def oo_flatten(data):
- """ This filter plugin will flatten a list of lists
- """
- if not isinstance(data, list):
- raise errors.AnsibleFilterError("|failed expects to flatten a List")
-
- return [item for sublist in data for item in sublist]
-
-
-def oo_merge_dicts(first_dict, second_dict):
- """ Merge two dictionaries where second_dict values take precedence.
- Ex: first_dict={'a': 1, 'b': 2}
- second_dict={'b': 3, 'c': 4}
- returns {'a': 1, 'b': 3, 'c': 4}
- """
- if not isinstance(first_dict, dict) or not isinstance(second_dict, dict):
- raise errors.AnsibleFilterError("|failed expects to merge two dicts")
- merged = first_dict.copy()
- merged.update(second_dict)
- return merged
-
-
-def oo_merge_hostvars(hostvars, variables, inventory_hostname):
- """ Merge host and play variables.
-
- When ansible version is greater than or equal to 2.0.0,
- merge hostvars[inventory_hostname] with variables (ansible vars)
- otherwise merge hostvars with hostvars['inventory_hostname'].
-
- Ex: hostvars={'master1.example.com': {'openshift_variable': '3'},
- 'openshift_other_variable': '7'}
- variables={'openshift_other_variable': '6'}
- inventory_hostname='master1.example.com'
- returns {'openshift_variable': '3', 'openshift_other_variable': '7'}
-
- hostvars=<ansible.vars.hostvars.HostVars object> (Mapping)
- variables={'openshift_other_variable': '6'}
- inventory_hostname='master1.example.com'
- returns {'openshift_variable': '3', 'openshift_other_variable': '6'}
- """
- if not isinstance(hostvars, Mapping):
- raise errors.AnsibleFilterError("|failed expects hostvars is dictionary or object")
- if not isinstance(variables, dict):
- raise errors.AnsibleFilterError("|failed expects variables is a dictionary")
- if not isinstance(inventory_hostname, string_types):
- raise errors.AnsibleFilterError("|failed expects inventory_hostname is a string")
- ansible_version = pkg_resources.get_distribution("ansible").version # pylint: disable=maybe-no-member
- merged_hostvars = {}
- if LooseVersion(ansible_version) >= LooseVersion('2.0.0'):
- merged_hostvars = oo_merge_dicts(
- hostvars[inventory_hostname], variables)
- else:
- merged_hostvars = oo_merge_dicts(
- hostvars[inventory_hostname], hostvars)
- return merged_hostvars
-
-
-def oo_collect(data_list, attribute=None, filters=None):
- """ This takes a list of dict and collects all attributes specified into a
- list. If filter is specified then we will include all items that
- match _ALL_ of filters. If a dict entry is missing the key in a
- filter it will be excluded from the match.
- Ex: data_list = [ {'a':1, 'b':5, 'z': 'z'}, # True, return
- {'a':2, 'z': 'z'}, # True, return
- {'a':3, 'z': 'z'}, # True, return
- {'a':4, 'z': 'b'}, # FAILED, obj['z'] != obj['z']
- ]
- attribute = 'a'
- filters = {'z': 'z'}
- returns [1, 2, 3]
-
- This also deals with lists of lists with dict as elements.
- Ex: data_list = [
- [ {'a':1, 'b':5, 'z': 'z'}, # True, return
- {'a':2, 'b':6, 'z': 'z'} # True, return
- ],
- [ {'a':3, 'z': 'z'}, # True, return
- {'a':4, 'z': 'b'} # FAILED, obj['z'] != obj['z']
- ],
- {'a':5, 'z': 'z'}, # True, return
- ]
- attribute = 'a'
- filters = {'z': 'z'}
- returns [1, 2, 3, 5]
- """
- if not isinstance(data_list, list):
- raise errors.AnsibleFilterError("oo_collect expects to filter on a List")
-
- if not attribute:
- raise errors.AnsibleFilterError("oo_collect expects attribute to be set")
-
- data = []
- retval = []
-
- for item in data_list:
- if isinstance(item, list):
- retval.extend(oo_collect(item, attribute, filters))
- else:
- data.append(item)
-
- if filters is not None:
- if not isinstance(filters, dict):
- raise errors.AnsibleFilterError(
- "oo_collect expects filter to be a dict")
- retval.extend([get_attr(d, attribute) for d in data if (
- all([d.get(key, None) == filters[key] for key in filters]))])
- else:
- retval.extend([get_attr(d, attribute) for d in data])
-
- retval = [val for val in retval if val is not None]
-
- return retval
-
-
-def oo_select_keys_from_list(data, keys):
- """ This returns a list, which contains the value portions for the keys
- Ex: data = { 'a':1, 'b':2, 'c':3 }
- keys = ['a', 'c']
- returns [1, 3]
- """
-
- if not isinstance(data, list):
- raise errors.AnsibleFilterError("|oo_select_keys_from_list failed expects to filter on a list")
-
- if not isinstance(keys, list):
- raise errors.AnsibleFilterError("|oo_select_keys_from_list failed expects first param is a list")
-
- # Gather up the values for the list of keys passed in
- retval = [oo_select_keys(item, keys) for item in data]
-
- return oo_flatten(retval)
-
-
-def oo_select_keys(data, keys):
- """ This returns a list, which contains the value portions for the keys
- Ex: data = { 'a':1, 'b':2, 'c':3 }
- keys = ['a', 'c']
- returns [1, 3]
- """
-
- if not isinstance(data, Mapping):
- raise errors.AnsibleFilterError("|oo_select_keys failed expects to filter on a dict or object")
-
- if not isinstance(keys, list):
- raise errors.AnsibleFilterError("|oo_select_keys failed expects first param is a list")
-
- # Gather up the values for the list of keys passed in
- retval = [data[key] for key in keys if key in data]
-
- return retval
-
-
-def oo_prepend_strings_in_list(data, prepend):
- """ This takes a list of strings and prepends a string to each item in the
- list
- Ex: data = ['cart', 'tree']
- prepend = 'apple-'
- returns ['apple-cart', 'apple-tree']
- """
- if not isinstance(data, list):
- raise errors.AnsibleFilterError("|failed expects first param is a list")
- if not all(isinstance(x, string_types) for x in data):
- raise errors.AnsibleFilterError("|failed expects first param is a list"
- " of strings")
- retval = [prepend + s for s in data]
- return retval
-
-
-def oo_combine_key_value(data, joiner='='):
- """Take a list of dict in the form of { 'key': 'value'} and
- arrange them as a list of strings ['key=value']
- """
- if not isinstance(data, list):
- raise errors.AnsibleFilterError("|failed expects first param is a list")
-
- rval = []
- for item in data:
- rval.append("%s%s%s" % (item['key'], joiner, item['value']))
-
- return rval
-
-
-def oo_combine_dict(data, in_joiner='=', out_joiner=' '):
- """Take a dict in the form of { 'key': 'value', 'key': 'value' } and
- arrange them as a string 'key=value key=value'
- """
- if not isinstance(data, dict):
- # pylint: disable=line-too-long
- raise errors.AnsibleFilterError("|failed expects first param is a dict [oo_combine_dict]. Got %s. Type: %s" % (str(data), str(type(data))))
-
- return out_joiner.join([in_joiner.join([k, str(v)]) for k, v in data.items()])
-
-
-def oo_dict_to_list_of_dict(data, key_title='key', value_title='value'):
- """Take a dict and arrange them as a list of dicts
-
- Input data:
- {'region': 'infra', 'test_k': 'test_v'}
-
- Return data:
- [{'key': 'region', 'value': 'infra'}, {'key': 'test_k', 'value': 'test_v'}]
-
- Written for use of the oc_label module
- """
- if not isinstance(data, dict):
- # pylint: disable=line-too-long
- raise errors.AnsibleFilterError("|failed expects first param is a dict. Got %s. Type: %s" % (str(data), str(type(data))))
-
- rval = []
- for label in data.items():
- rval.append({key_title: label[0], value_title: label[1]})
-
- return rval
-
-
-def oo_ami_selector(data, image_name):
- """ This takes a list of amis and an image name and attempts to return
- the latest ami.
- """
- if not isinstance(data, list):
- raise errors.AnsibleFilterError("|failed expects first param is a list")
-
- if not data:
- return None
- else:
- if image_name is None or not image_name.endswith('_*'):
- ami = sorted(data, key=itemgetter('name'), reverse=True)[0]
- return ami['ami_id']
- else:
- ami_info = [(ami, ami['name'].split('_')[-1]) for ami in data]
- ami = sorted(ami_info, key=itemgetter(1), reverse=True)[0][0]
- return ami['ami_id']
-
-
-def oo_ec2_volume_definition(data, host_type, docker_ephemeral=False):
- """ This takes a dictionary of volume definitions and returns a valid ec2
- volume definition based on the host_type and the values in the
- dictionary.
- The dictionary should look similar to this:
- { 'master':
- { 'root':
- { 'volume_size': 10, 'device_type': 'gp2',
- 'iops': 500
- },
- 'docker':
- { 'volume_size': 40, 'device_type': 'gp2',
- 'iops': 500, 'ephemeral': 'true'
- }
- },
- 'node':
- { 'root':
- { 'volume_size': 10, 'device_type': 'io1',
- 'iops': 1000
- },
- 'docker':
- { 'volume_size': 40, 'device_type': 'gp2',
- 'iops': 500, 'ephemeral': 'true'
- }
- }
- }
- """
- if not isinstance(data, dict):
- # pylint: disable=line-too-long
- raise errors.AnsibleFilterError("|failed expects first param is a dict [oo_ec2_volume_def]. Got %s. Type: %s" % (str(data), str(type(data))))
- if host_type not in ['master', 'node', 'etcd']:
- raise errors.AnsibleFilterError("|failed expects etcd, master or node"
- " as the host type")
-
- root_vol = data[host_type]['root']
- root_vol['device_name'] = '/dev/sda1'
- root_vol['delete_on_termination'] = True
- if root_vol['device_type'] != 'io1':
- root_vol.pop('iops', None)
- if host_type in ['master', 'node'] and 'docker' in data[host_type]:
- docker_vol = data[host_type]['docker']
- docker_vol['device_name'] = '/dev/xvdb'
- docker_vol['delete_on_termination'] = True
- if docker_vol['device_type'] != 'io1':
- docker_vol.pop('iops', None)
- if docker_ephemeral:
- docker_vol.pop('device_type', None)
- docker_vol.pop('delete_on_termination', None)
- docker_vol['ephemeral'] = 'ephemeral0'
- return [root_vol, docker_vol]
- elif host_type == 'etcd' and 'etcd' in data[host_type]:
- etcd_vol = data[host_type]['etcd']
- etcd_vol['device_name'] = '/dev/xvdb'
- etcd_vol['delete_on_termination'] = True
- if etcd_vol['device_type'] != 'io1':
- etcd_vol.pop('iops', None)
- return [root_vol, etcd_vol]
- return [root_vol]
-
-
-def oo_split(string, separator=','):
- """ This splits the input string into a list. If the input string is
- already a list we will return it as is.
- """
- if isinstance(string, list):
- return string
- return string.split(separator)
-
-
-def oo_haproxy_backend_masters(hosts, port):
- """ This takes an array of dicts and returns an array of dicts
- to be used as a backend for the haproxy role
- """
- servers = []
- for idx, host_info in enumerate(hosts):
- server = dict(name="master%s" % idx)
- server_ip = host_info['openshift']['common']['ip']
- server['address'] = "%s:%s" % (server_ip, port)
- server['opts'] = 'check'
- servers.append(server)
- return servers
-
-
-def oo_filter_list(data, filter_attr=None):
- """ This returns a list, which contains all items where filter_attr
- evaluates to true
- Ex: data = [ { a: 1, b: True },
- { a: 3, b: False },
- { a: 5, b: True } ]
- filter_attr = 'b'
- returns [ { a: 1, b: True },
- { a: 5, b: True } ]
- """
- if not isinstance(data, list):
- raise errors.AnsibleFilterError("|failed expects to filter on a list")
-
- if not isinstance(filter_attr, string_types):
- raise errors.AnsibleFilterError("|failed expects filter_attr is a str or unicode")
-
- # Gather up the values for the list of keys passed in
- return [x for x in data if filter_attr in x and x[filter_attr]]
-
-
-def oo_nodes_with_label(nodes, label, value=None):
- """ Filters a list of nodes by label and value (if provided)
-
- It handles labels that are in the following variables by priority:
- openshift_node_labels, cli_openshift_node_labels, openshift['node']['labels']
-
- Examples:
- data = ['a': {'openshift_node_labels': {'color': 'blue', 'size': 'M'}},
- 'b': {'openshift_node_labels': {'color': 'green', 'size': 'L'}},
- 'c': {'openshift_node_labels': {'size': 'S'}}]
- label = 'color'
- returns = ['a': {'openshift_node_labels': {'color': 'blue', 'size': 'M'}},
- 'b': {'openshift_node_labels': {'color': 'green', 'size': 'L'}}]
-
- data = ['a': {'openshift_node_labels': {'color': 'blue', 'size': 'M'}},
- 'b': {'openshift_node_labels': {'color': 'green', 'size': 'L'}},
- 'c': {'openshift_node_labels': {'size': 'S'}}]
- label = 'color'
- value = 'green'
- returns = ['b': {'labels': {'color': 'green', 'size': 'L'}}]
-
- Args:
- nodes (list[dict]): list of node to node variables
- label (str): label to filter `nodes` by
- value (Optional[str]): value of `label` to filter by Defaults
- to None.
-
- Returns:
- list[dict]: nodes filtered by label and value (if provided)
- """
- if not isinstance(nodes, list):
- raise errors.AnsibleFilterError("failed expects to filter on a list")
- if not isinstance(label, string_types):
- raise errors.AnsibleFilterError("failed expects label to be a string")
- if value is not None and not isinstance(value, string_types):
- raise errors.AnsibleFilterError("failed expects value to be a string")
-
- def label_filter(node):
- """ filter function for testing if node should be returned """
- if not isinstance(node, dict):
- raise errors.AnsibleFilterError("failed expects to filter on a list of dicts")
- if 'openshift_node_labels' in node:
- labels = node['openshift_node_labels']
- elif 'cli_openshift_node_labels' in node:
- labels = node['cli_openshift_node_labels']
- elif 'openshift' in node and 'node' in node['openshift'] and 'labels' in node['openshift']['node']:
- labels = node['openshift']['node']['labels']
- else:
- return False
-
- if isinstance(labels, string_types):
- labels = yaml.safe_load(labels)
- if not isinstance(labels, dict):
- raise errors.AnsibleFilterError(
- "failed expected node labels to be a dict or serializable to a dict"
- )
- return label in labels and (value is None or labels[label] == value)
-
- return [n for n in nodes if label_filter(n)]
-
-
-def oo_parse_heat_stack_outputs(data):
- """ Formats the HEAT stack output into a usable form
-
- The goal is to transform something like this:
-
- +---------------+-------------------------------------------------+
- | Property | Value |
- +---------------+-------------------------------------------------+
- | capabilities | [] | |
- | creation_time | 2015-06-26T12:26:26Z | |
- | description | OpenShift cluster | |
- | … | … |
- | outputs | [ |
- | | { |
- | | "output_value": "value_A" |
- | | "description": "This is the value of Key_A" |
- | | "output_key": "Key_A" |
- | | }, |
- | | { |
- | | "output_value": [ |
- | | "value_B1", |
- | | "value_B2" |
- | | ], |
- | | "description": "This is the value of Key_B" |
- | | "output_key": "Key_B" |
- | | }, |
- | | ] |
- | parameters | { |
- | … | … |
- +---------------+-------------------------------------------------+
-
- into something like this:
-
- {
- "Key_A": "value_A",
- "Key_B": [
- "value_B1",
- "value_B2"
- ]
- }
- """
-
- # Extract the “outputs” JSON snippet from the pretty-printed array
- in_outputs = False
- outputs = ''
-
- line_regex = re.compile(r'\|\s*(.*?)\s*\|\s*(.*?)\s*\|')
- for line in data['stdout_lines']:
- match = line_regex.match(line)
- if match:
- if match.group(1) == 'outputs':
- in_outputs = True
- elif match.group(1) != '':
- in_outputs = False
- if in_outputs:
- outputs += match.group(2)
-
- outputs = json.loads(outputs)
-
- # Revamp the “outputs” to put it in the form of a “Key: value” map
- revamped_outputs = {}
- for output in outputs:
- revamped_outputs[output['output_key']] = output['output_value']
-
- return revamped_outputs
-
-
-# pylint: disable=too-many-branches
-def oo_parse_named_certificates(certificates, named_certs_dir, internal_hostnames):
- """ Parses names from list of certificate hashes.
-
- Ex: certificates = [{ "certfile": "/root/custom1.crt",
- "keyfile": "/root/custom1.key",
- "cafile": "/root/custom-ca1.crt" },
- { "certfile": "custom2.crt",
- "keyfile": "custom2.key",
- "cafile": "custom-ca2.crt" }]
-
- returns [{ "certfile": "/etc/origin/master/named_certificates/custom1.crt",
- "keyfile": "/etc/origin/master/named_certificates/custom1.key",
- "cafile": "/etc/origin/master/named_certificates/custom-ca1.crt",
- "names": [ "public-master-host.com",
- "other-master-host.com" ] },
- { "certfile": "/etc/origin/master/named_certificates/custom2.crt",
- "keyfile": "/etc/origin/master/named_certificates/custom2.key",
- "cafile": "/etc/origin/master/named_certificates/custom-ca-2.crt",
- "names": [ "some-hostname.com" ] }]
- """
- if not isinstance(named_certs_dir, string_types):
- raise errors.AnsibleFilterError("|failed expects named_certs_dir is str or unicode")
-
- if not isinstance(internal_hostnames, list):
- raise errors.AnsibleFilterError("|failed expects internal_hostnames is list")
-
- if not HAS_OPENSSL:
- raise errors.AnsibleFilterError("|missing OpenSSL python bindings")
-
- for certificate in certificates:
- if 'names' in certificate.keys():
- continue
- else:
- certificate['names'] = []
-
- if not os.path.isfile(certificate['certfile']) or not os.path.isfile(certificate['keyfile']):
- raise errors.AnsibleFilterError("|certificate and/or key does not exist '%s', '%s'" %
- (certificate['certfile'], certificate['keyfile']))
-
- try:
- st_cert = open(certificate['certfile'], 'rt').read()
- cert = OpenSSL.crypto.load_certificate(OpenSSL.crypto.FILETYPE_PEM, st_cert)
- certificate['names'].append(str(cert.get_subject().commonName.decode()))
- for i in range(cert.get_extension_count()):
- if cert.get_extension(i).get_short_name() == 'subjectAltName':
- for name in str(cert.get_extension(i)).replace('DNS:', '').split(', '):
- certificate['names'].append(name)
- except Exception:
- raise errors.AnsibleFilterError(("|failed to parse certificate '%s', " % certificate['certfile'] +
- "please specify certificate names in host inventory"))
-
- certificate['names'] = list(set(certificate['names']))
- if 'cafile' not in certificate:
- certificate['names'] = [name for name in certificate['names'] if name not in internal_hostnames]
- if not certificate['names']:
- raise errors.AnsibleFilterError(("|failed to parse certificate '%s' or " % certificate['certfile'] +
- "detected a collision with internal hostname, please specify " +
- "certificate names in host inventory"))
-
- for certificate in certificates:
- # Update paths for configuration
- certificate['certfile'] = os.path.join(named_certs_dir, os.path.basename(certificate['certfile']))
- certificate['keyfile'] = os.path.join(named_certs_dir, os.path.basename(certificate['keyfile']))
- if 'cafile' in certificate:
- certificate['cafile'] = os.path.join(named_certs_dir, os.path.basename(certificate['cafile']))
- return certificates
-
-
-def oo_pretty_print_cluster(data, prefix='tag_'):
- """ Read a subset of hostvars and build a summary of the cluster
- in the following layout:
-
-"c_id": {
-"master": {
-"default": [
- { "name": "c_id-master-12345", "public IP": "172.16.0.1", "private IP": "192.168.0.1" }
-]
-"node": {
-"infra": [
- { "name": "c_id-node-infra-23456", "public IP": "172.16.0.2", "private IP": "192.168.0.2" }
-],
-"compute": [
- { "name": "c_id-node-compute-23456", "public IP": "172.16.0.3", "private IP": "192.168.0.3" },
-...
-]
-}
- """
-
- def _get_tag_value(tags, key):
- """ Extract values of a map implemented as a set.
- Ex: tags = { 'tag_foo_value1', 'tag_bar_value2', 'tag_baz_value3' }
- key = 'bar'
- returns 'value2'
- """
- for tag in tags:
- if tag[:len(prefix) + len(key)] == prefix + key:
- return tag[len(prefix) + len(key) + 1:]
- raise KeyError(key)
-
- def _add_host(clusters,
- clusterid,
- host_type,
- sub_host_type,
- host):
- """ Add a new host in the clusters data structure """
- if clusterid not in clusters:
- clusters[clusterid] = {}
- if host_type not in clusters[clusterid]:
- clusters[clusterid][host_type] = {}
- if sub_host_type not in clusters[clusterid][host_type]:
- clusters[clusterid][host_type][sub_host_type] = []
- clusters[clusterid][host_type][sub_host_type].append(host)
-
- clusters = {}
- for host in data:
- try:
- _add_host(clusters=clusters,
- clusterid=_get_tag_value(host['group_names'], 'clusterid'),
- host_type=_get_tag_value(host['group_names'], 'host-type'),
- sub_host_type=_get_tag_value(host['group_names'], 'sub-host-type'),
- host={'name': host['inventory_hostname'],
- 'public IP': host['oo_public_ipv4'],
- 'private IP': host['oo_private_ipv4']})
- except KeyError:
- pass
- return clusters
-
-
-def oo_generate_secret(num_bytes):
- """ generate a session secret """
-
- if not isinstance(num_bytes, int):
- raise errors.AnsibleFilterError("|failed expects num_bytes is int")
-
- return b64encode(os.urandom(num_bytes)).decode('utf-8')
-
-
-def to_padded_yaml(data, level=0, indent=2, **kw):
- """ returns a yaml snippet padded to match the indent level you specify """
- if data in [None, ""]:
- return ""
-
- try:
- transformed = u(yaml.dump(data, indent=indent, allow_unicode=True,
- default_flow_style=False,
- Dumper=AnsibleDumper, **kw))
- padded = "\n".join([" " * level * indent + line for line in transformed.splitlines()])
- return "\n{0}".format(padded)
- except Exception as my_e:
- raise errors.AnsibleFilterError('Failed to convert: %s' % my_e)
-
-
-def oo_openshift_env(hostvars):
- ''' Return facts which begin with "openshift_" and translate
- legacy facts to their openshift_env counterparts.
-
- Ex: hostvars = {'openshift_fact': 42,
- 'theyre_taking_the_hobbits_to': 'isengard'}
- returns = {'openshift_fact': 42}
- '''
- if not issubclass(type(hostvars), dict):
- raise errors.AnsibleFilterError("|failed expects hostvars is a dict")
-
- facts = {}
- regex = re.compile('^openshift_.*')
- for key in hostvars:
- if regex.match(key):
- facts[key] = hostvars[key]
-
- return facts
-
-
-# pylint: disable=too-many-branches, too-many-nested-blocks, too-many-statements, too-many-locals
-def oo_component_persistent_volumes(hostvars, groups, component, subcomponent=None):
- """ Generate list of persistent volumes based on oo_openshift_env
- storage options set in host variables for a specific component.
- """
- if not issubclass(type(hostvars), dict):
- raise errors.AnsibleFilterError("|failed expects hostvars is a dict")
- if not issubclass(type(groups), dict):
- raise errors.AnsibleFilterError("|failed expects groups is a dict")
-
- persistent_volume = None
-
- if component in hostvars['openshift']:
- if subcomponent is not None:
- storage_component = hostvars['openshift'][component][subcomponent]
- else:
- storage_component = hostvars['openshift'][component]
-
- if 'storage' in storage_component:
- params = storage_component['storage']
- kind = params['kind']
- if 'create_pv' in params:
- create_pv = params['create_pv']
- if kind is not None and create_pv:
- if kind == 'nfs':
- host = params['host']
- if host is None:
- if 'oo_nfs_to_config' in groups and len(groups['oo_nfs_to_config']) > 0:
- host = groups['oo_nfs_to_config'][0]
- else:
- raise errors.AnsibleFilterError("|failed no storage host detected")
- directory = params['nfs']['directory']
- volume = params['volume']['name']
- path = directory + '/' + volume
- size = params['volume']['size']
- if 'labels' in params:
- labels = params['labels']
- else:
- labels = dict()
- access_modes = params['access']['modes']
- persistent_volume = dict(
- name="{0}-volume".format(volume),
- capacity=size,
- labels=labels,
- access_modes=access_modes,
- storage=dict(
- nfs=dict(
- server=host,
- path=path)))
-
- elif kind == 'openstack':
- volume = params['volume']['name']
- size = params['volume']['size']
- if 'labels' in params:
- labels = params['labels']
- else:
- labels = dict()
- access_modes = params['access']['modes']
- filesystem = params['openstack']['filesystem']
- volume_id = params['openstack']['volumeID']
- persistent_volume = dict(
- name="{0}-volume".format(volume),
- capacity=size,
- labels=labels,
- access_modes=access_modes,
- storage=dict(
- cinder=dict(
- fsType=filesystem,
- volumeID=volume_id)))
-
- elif kind == 'glusterfs':
- volume = params['volume']['name']
- size = params['volume']['size']
- if 'labels' in params:
- labels = params['labels']
- else:
- labels = dict()
- access_modes = params['access']['modes']
- endpoints = params['glusterfs']['endpoints']
- path = params['glusterfs']['path']
- read_only = params['glusterfs']['readOnly']
- persistent_volume = dict(
- name="{0}-volume".format(volume),
- capacity=size,
- labels=labels,
- access_modes=access_modes,
- storage=dict(
- glusterfs=dict(
- endpoints=endpoints,
- path=path,
- readOnly=read_only)))
-
- elif not (kind == 'object' or kind == 'dynamic'):
- msg = "|failed invalid storage kind '{0}' for component '{1}'".format(
- kind,
- component)
- raise errors.AnsibleFilterError(msg)
- return persistent_volume
-
-
-# pylint: disable=too-many-branches, too-many-nested-blocks, too-many-statements
-def oo_persistent_volumes(hostvars, groups, persistent_volumes=None):
- """ Generate list of persistent volumes based on oo_openshift_env
- storage options set in host variables.
- """
- if not issubclass(type(hostvars), dict):
- raise errors.AnsibleFilterError("|failed expects hostvars is a dict")
- if not issubclass(type(groups), dict):
- raise errors.AnsibleFilterError("|failed expects groups is a dict")
- if persistent_volumes is not None and not issubclass(type(persistent_volumes), list):
- raise errors.AnsibleFilterError("|failed expects persistent_volumes is a list")
-
- if persistent_volumes is None:
- persistent_volumes = []
- if 'hosted' in hostvars['openshift']:
- for component in hostvars['openshift']['hosted']:
- persistent_volume = oo_component_persistent_volumes(hostvars, groups, 'hosted', component)
- if persistent_volume is not None:
- persistent_volumes.append(persistent_volume)
-
- if 'logging' in hostvars['openshift']:
- persistent_volume = oo_component_persistent_volumes(hostvars, groups, 'logging')
- if persistent_volume is not None:
- persistent_volumes.append(persistent_volume)
- if 'loggingops' in hostvars['openshift']:
- persistent_volume = oo_component_persistent_volumes(hostvars, groups, 'loggingops')
- if persistent_volume is not None:
- persistent_volumes.append(persistent_volume)
- if 'metrics' in hostvars['openshift']:
- persistent_volume = oo_component_persistent_volumes(hostvars, groups, 'metrics')
- if persistent_volume is not None:
- persistent_volumes.append(persistent_volume)
- if 'prometheus' in hostvars['openshift']:
- persistent_volume = oo_component_persistent_volumes(hostvars, groups, 'prometheus')
- if persistent_volume is not None:
- persistent_volumes.append(persistent_volume)
- if 'alertmanager' in hostvars['openshift']['prometheus']:
- persistent_volume = oo_component_persistent_volumes(hostvars, groups, 'prometheus', 'alertmanager')
- if persistent_volume is not None:
- persistent_volumes.append(persistent_volume)
- if 'alertbuffer' in hostvars['openshift']['prometheus']:
- persistent_volume = oo_component_persistent_volumes(hostvars, groups, 'prometheus', 'alertbuffer')
- if persistent_volume is not None:
- persistent_volumes.append(persistent_volume)
- return persistent_volumes
-
-
-def oo_component_pv_claims(hostvars, component, subcomponent=None):
- """ Generate list of persistent volume claims based on oo_openshift_env
- storage options set in host variables for a speicific component.
- """
- if not issubclass(type(hostvars), dict):
- raise errors.AnsibleFilterError("|failed expects hostvars is a dict")
-
- if component in hostvars['openshift']:
- if subcomponent is not None:
- storage_component = hostvars['openshift'][component][subcomponent]
- else:
- storage_component = hostvars['openshift'][component]
-
- if 'storage' in storage_component:
- params = storage_component['storage']
- kind = params['kind']
- if 'create_pv' in params:
- if 'create_pvc' in params:
- create_pv = params['create_pv']
- create_pvc = params['create_pvc']
- if kind not in [None, 'object'] and create_pv and create_pvc:
- volume = params['volume']['name']
- size = params['volume']['size']
- access_modes = params['access']['modes']
- persistent_volume_claim = dict(
- name="{0}-claim".format(volume),
- capacity=size,
- access_modes=access_modes)
- return persistent_volume_claim
- return None
-
-
-def oo_persistent_volume_claims(hostvars, persistent_volume_claims=None):
- """ Generate list of persistent volume claims based on oo_openshift_env
- storage options set in host variables.
- """
- if not issubclass(type(hostvars), dict):
- raise errors.AnsibleFilterError("|failed expects hostvars is a dict")
- if persistent_volume_claims is not None and not issubclass(type(persistent_volume_claims), list):
- raise errors.AnsibleFilterError("|failed expects persistent_volume_claims is a list")
-
- if persistent_volume_claims is None:
- persistent_volume_claims = []
- if 'hosted' in hostvars['openshift']:
- for component in hostvars['openshift']['hosted']:
- persistent_volume_claim = oo_component_pv_claims(hostvars, 'hosted', component)
- if persistent_volume_claim is not None:
- persistent_volume_claims.append(persistent_volume_claim)
-
- if 'logging' in hostvars['openshift']:
- persistent_volume_claim = oo_component_pv_claims(hostvars, 'logging')
- if persistent_volume_claim is not None:
- persistent_volume_claims.append(persistent_volume_claim)
- if 'loggingops' in hostvars['openshift']:
- persistent_volume_claim = oo_component_pv_claims(hostvars, 'loggingops')
- if persistent_volume_claim is not None:
- persistent_volume_claims.append(persistent_volume_claim)
- if 'metrics' in hostvars['openshift']:
- persistent_volume_claim = oo_component_pv_claims(hostvars, 'metrics')
- if persistent_volume_claim is not None:
- persistent_volume_claims.append(persistent_volume_claim)
- if 'prometheus' in hostvars['openshift']:
- persistent_volume_claim = oo_component_pv_claims(hostvars, 'prometheus')
- if persistent_volume_claim is not None:
- persistent_volume_claims.append(persistent_volume_claim)
- if 'alertmanager' in hostvars['openshift']['prometheus']:
- persistent_volume_claim = oo_component_pv_claims(hostvars, 'prometheus', 'alertmanager')
- if persistent_volume_claim is not None:
- persistent_volume_claims.append(persistent_volume_claim)
- if 'alertbuffer' in hostvars['openshift']['prometheus']:
- persistent_volume_claim = oo_component_pv_claims(hostvars, 'prometheus', 'alertbuffer')
- if persistent_volume_claim is not None:
- persistent_volume_claims.append(persistent_volume_claim)
- return persistent_volume_claims
-
-
-def oo_31_rpm_rename_conversion(rpms, openshift_version=None):
- """ Filters a list of 3.0 rpms and return the corresponding 3.1 rpms
- names with proper version (if provided)
-
- If 3.1 rpms are passed in they will only be augmented with the
- correct version. This is important for hosts that are running both
- Masters and Nodes.
- """
- if not isinstance(rpms, list):
- raise errors.AnsibleFilterError("failed expects to filter on a list")
- if openshift_version is not None and not isinstance(openshift_version, string_types):
- raise errors.AnsibleFilterError("failed expects openshift_version to be a string")
-
- rpms_31 = []
- for rpm in rpms:
- if 'atomic' not in rpm:
- rpm = rpm.replace("openshift", "atomic-openshift")
- if openshift_version:
- rpm = rpm + openshift_version
- rpms_31.append(rpm)
-
- return rpms_31
-
-
-def oo_pods_match_component(pods, deployment_type, component):
- """ Filters a list of Pods and returns the ones matching the deployment_type and component
- """
- if not isinstance(pods, list):
- raise errors.AnsibleFilterError("failed expects to filter on a list")
- if not isinstance(deployment_type, string_types):
- raise errors.AnsibleFilterError("failed expects deployment_type to be a string")
- if not isinstance(component, string_types):
- raise errors.AnsibleFilterError("failed expects component to be a string")
-
- image_prefix = 'openshift/origin-'
- if deployment_type == 'openshift-enterprise':
- image_prefix = 'openshift3/ose-'
-
- matching_pods = []
- image_regex = image_prefix + component + r'.*'
- for pod in pods:
- for container in pod['spec']['containers']:
- if re.search(image_regex, container['image']):
- matching_pods.append(pod)
- break # stop here, don't add a pod more than once
-
- return matching_pods
-
-
-def oo_get_hosts_from_hostvars(hostvars, hosts):
- """ Return a list of hosts from hostvars """
- retval = []
- for host in hosts:
- try:
- retval.append(hostvars[host])
- except errors.AnsibleError:
- # host does not exist
- pass
-
- return retval
-
-
-def oo_image_tag_to_rpm_version(version, include_dash=False):
- """ Convert an image tag string to an RPM version if necessary
- Empty strings and strings that are already in rpm version format
- are ignored. Also remove non semantic version components.
-
- Ex. v3.2.0.10 -> -3.2.0.10
- v1.2.0-rc1 -> -1.2.0
- """
- if not isinstance(version, string_types):
- raise errors.AnsibleFilterError("|failed expects a string or unicode")
- if version.startswith("v"):
- version = version[1:]
- # Strip release from requested version, we no longer support this.
- version = version.split('-')[0]
-
- if include_dash and version and not version.startswith("-"):
- version = "-" + version
-
- return version
-
-
-def oo_hostname_from_url(url):
- """ Returns the hostname contained in a URL
-
- Ex: https://ose3-master.example.com/v1/api -> ose3-master.example.com
- """
- if not isinstance(url, string_types):
- raise errors.AnsibleFilterError("|failed expects a string or unicode")
- parse_result = urlparse(url)
- if parse_result.netloc != '':
- return parse_result.netloc
- else:
- # netloc wasn't parsed, assume url was missing scheme and path
- return parse_result.path
-
-
-# pylint: disable=invalid-name, unused-argument
-def oo_openshift_loadbalancer_frontends(
- api_port, servers_hostvars, use_nuage=False, nuage_rest_port=None):
- """TODO: Document me."""
- loadbalancer_frontends = [{'name': 'atomic-openshift-api',
- 'mode': 'tcp',
- 'options': ['tcplog'],
- 'binds': ["*:{0}".format(api_port)],
- 'default_backend': 'atomic-openshift-api'}]
- if bool(strtobool(str(use_nuage))) and nuage_rest_port is not None:
- loadbalancer_frontends.append({'name': 'nuage-monitor',
- 'mode': 'tcp',
- 'options': ['tcplog'],
- 'binds': ["*:{0}".format(nuage_rest_port)],
- 'default_backend': 'nuage-monitor'})
- return loadbalancer_frontends
-
-
-# pylint: disable=invalid-name
-def oo_openshift_loadbalancer_backends(
- api_port, servers_hostvars, use_nuage=False, nuage_rest_port=None):
- """TODO: Document me."""
- loadbalancer_backends = [{'name': 'atomic-openshift-api',
- 'mode': 'tcp',
- 'option': 'tcplog',
- 'balance': 'source',
- 'servers': oo_haproxy_backend_masters(servers_hostvars, api_port)}]
- if bool(strtobool(str(use_nuage))) and nuage_rest_port is not None:
- # pylint: disable=line-too-long
- loadbalancer_backends.append({'name': 'nuage-monitor',
- 'mode': 'tcp',
- 'option': 'tcplog',
- 'balance': 'source',
- 'servers': oo_haproxy_backend_masters(servers_hostvars, nuage_rest_port)})
- return loadbalancer_backends
-
-
-def oo_chomp_commit_offset(version):
- """Chomp any "+git.foo" commit offset string from the given `version`
- and return the modified version string.
-
-Ex:
-- chomp_commit_offset(None) => None
-- chomp_commit_offset(1337) => "1337"
-- chomp_commit_offset("v3.4.0.15+git.derp") => "v3.4.0.15"
-- chomp_commit_offset("v3.4.0.15") => "v3.4.0.15"
-- chomp_commit_offset("v1.3.0+52492b4") => "v1.3.0"
- """
- if version is None:
- return version
- else:
- # Stringify, just in case it's a Number type. Split by '+' and
- # return the first split. No concerns about strings without a
- # '+', .split() returns an array of the original string.
- return str(version).split('+')[0]
-
-
-def oo_random_word(length, source='abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789'):
- """Generates a random string of given length from a set of alphanumeric characters.
- The default source uses [a-z][A-Z][0-9]
- Ex:
- - oo_random_word(3) => aB9
- - oo_random_word(4, source='012') => 0123
- """
- return ''.join(random.choice(source) for i in range(length))
-
-
-def oo_contains_rule(source, apiGroups, resources, verbs):
- '''Return true if the specified rule is contained within the provided source'''
-
- rules = source['rules']
-
- if rules:
- for rule in rules:
- if set(rule['apiGroups']) == set(apiGroups):
- if set(rule['resources']) == set(resources):
- if set(rule['verbs']) == set(verbs):
- return True
-
- return False
-
-
-def oo_selector_to_string_list(user_dict):
- """Convert a dict of selectors to a key=value list of strings
-
-Given input of {'region': 'infra', 'zone': 'primary'} returns a list
-of items as ['region=infra', 'zone=primary']
- """
- selectors = []
- for key in user_dict:
- selectors.append("{}={}".format(key, user_dict[key]))
- return selectors
-
-
-def oo_filter_sa_secrets(sa_secrets, secret_hint='-token-'):
- """Parse the Service Account Secrets list, `sa_secrets`, (as from
-oc_serviceaccount_secret:state=list) and return the name of the secret
-containing the `secret_hint` string. For example, by default this will
-return the name of the secret holding the SA bearer token.
-
-Only provide the 'results' object to this filter. This filter expects
-to receive a list like this:
-
- [
- {
- "name": "management-admin-dockercfg-p31s2"
- },
- {
- "name": "management-admin-token-bnqsh"
- }
- ]
-
-
-Returns:
-
-* `secret_name` [string] - The name of the secret matching the
- `secret_hint` parameter. By default this is the secret holding the
- SA's bearer token.
-
-Example playbook usage:
-
-Register a return value from oc_serviceaccount_secret with and pass
-that result to this filter plugin.
-
- - name: Get all SA Secrets
- oc_serviceaccount_secret:
- state: list
- service_account: management-admin
- namespace: management-infra
- register: sa
-
- - name: Save the SA bearer token secret name
- set_fact:
- management_token: "{{ sa.results | oo_filter_sa_secrets }}"
-
- - name: Get the SA bearer token value
- oc_secret:
- state: list
- name: "{{ management_token }}"
- namespace: management-infra
- decode: true
- register: sa_secret
-
- - name: Print the bearer token value
- debug:
- var: sa_secret.results.decoded.token
-
- """
- secret_name = None
-
- for secret in sa_secrets:
- # each secret is a hash
- if secret['name'].find(secret_hint) == -1:
- continue
- else:
- secret_name = secret['name']
- break
-
- return secret_name
-
-
-class FilterModule(object):
- """ Custom ansible filter mapping """
-
- # pylint: disable=no-self-use, too-few-public-methods
- def filters(self):
- """ returns a mapping of filters to methods """
- return {
- "oo_select_keys": oo_select_keys,
- "oo_select_keys_from_list": oo_select_keys_from_list,
- "oo_chomp_commit_offset": oo_chomp_commit_offset,
- "oo_collect": oo_collect,
- "oo_flatten": oo_flatten,
- "oo_pdb": oo_pdb,
- "oo_prepend_strings_in_list": oo_prepend_strings_in_list,
- "oo_ami_selector": oo_ami_selector,
- "oo_ec2_volume_definition": oo_ec2_volume_definition,
- "oo_combine_key_value": oo_combine_key_value,
- "oo_combine_dict": oo_combine_dict,
- "oo_dict_to_list_of_dict": oo_dict_to_list_of_dict,
- "oo_split": oo_split,
- "oo_filter_list": oo_filter_list,
- "oo_parse_heat_stack_outputs": oo_parse_heat_stack_outputs,
- "oo_parse_named_certificates": oo_parse_named_certificates,
- "oo_haproxy_backend_masters": oo_haproxy_backend_masters,
- "oo_pretty_print_cluster": oo_pretty_print_cluster,
- "oo_generate_secret": oo_generate_secret,
- "oo_nodes_with_label": oo_nodes_with_label,
- "oo_openshift_env": oo_openshift_env,
- "oo_persistent_volumes": oo_persistent_volumes,
- "oo_persistent_volume_claims": oo_persistent_volume_claims,
- "oo_31_rpm_rename_conversion": oo_31_rpm_rename_conversion,
- "oo_pods_match_component": oo_pods_match_component,
- "oo_get_hosts_from_hostvars": oo_get_hosts_from_hostvars,
- "oo_image_tag_to_rpm_version": oo_image_tag_to_rpm_version,
- "oo_merge_dicts": oo_merge_dicts,
- "oo_hostname_from_url": oo_hostname_from_url,
- "oo_merge_hostvars": oo_merge_hostvars,
- "oo_openshift_loadbalancer_frontends": oo_openshift_loadbalancer_frontends,
- "oo_openshift_loadbalancer_backends": oo_openshift_loadbalancer_backends,
- "to_padded_yaml": to_padded_yaml,
- "oo_random_word": oo_random_word,
- "oo_contains_rule": oo_contains_rule,
- "oo_selector_to_string_list": oo_selector_to_string_list,
- "oo_filter_sa_secrets": oo_filter_sa_secrets,
- }
diff --git a/filter_plugins/openshift_version.py b/filter_plugins/openshift_version.py
deleted file mode 100644
index c515f1a71..000000000
--- a/filter_plugins/openshift_version.py
+++ /dev/null
@@ -1,127 +0,0 @@
-#!/usr/bin/python
-# -*- coding: utf-8 -*-
-"""
-Custom version comparison filters for use in openshift-ansible
-"""
-
-# pylint can't locate distutils.version within virtualenv
-# https://github.com/PyCQA/pylint/issues/73
-# pylint: disable=no-name-in-module, import-error
-from distutils.version import LooseVersion
-
-
-def legacy_gte_function_builder(name, versions):
- """
- Build and return a version comparison function.
-
- Ex: name = 'oo_version_gte_3_1_or_1_1'
- versions = {'enterprise': '3.1', 'origin': '1.1'}
-
- returns oo_version_gte_3_1_or_1_1, a function which based on the
- version and deployment type will return true if the provided
- version is greater than or equal to the function's version
- """
- enterprise_version = versions['enterprise']
- origin_version = versions['origin']
-
- def _gte_function(version, deployment_type):
- """
- Dynamic function created by gte_function_builder.
-
- Ex: version = '3.1'
- deployment_type = 'openshift-enterprise'
- returns True/False
- """
- version_gte = False
- if deployment_type == 'openshift-enterprise':
- if str(version) >= LooseVersion(enterprise_version):
- version_gte = True
- else:
- if str(version) >= LooseVersion(origin_version):
- version_gte = True
- return version_gte
- _gte_function.__name__ = name
- return _gte_function
-
-
-def gte_function_builder(name, gte_version):
- """
- Build and return a version comparison function.
-
- Ex: name = 'oo_version_gte_3_6'
- version = '3.6'
-
- returns oo_version_gte_3_6, a function which based on the
- version will return true if the provided version is greater
- than or equal to the function's version
- """
- def _gte_function(version):
- """
- Dynamic function created by gte_function_builder.
-
- Ex: version = '3.1'
- returns True/False
- """
- version_gte = False
- if str(version) >= LooseVersion(gte_version):
- version_gte = True
- return version_gte
- _gte_function.__name__ = name
- return _gte_function
-
-
-# pylint: disable=too-few-public-methods
-class FilterModule(object):
- """
- Filters for version checking.
- """
- # Each element of versions is composed of (major, minor_start, minor_end)
- # Origin began versioning 3.x with 3.6, so begin 3.x with 3.6.
- versions = [(3, 6, 10)]
-
- def __init__(self):
- """
- Creates a new FilterModule for ose version checking.
- """
- self._filters = {}
-
- # For each set of (major, minor, minor_iterations)
- for major, minor_start, minor_end in self.versions:
- # For each minor version in the range
- for minor in range(minor_start, minor_end):
- # Create the function name
- func_name = 'oo_version_gte_{}_{}'.format(major, minor)
- # Create the function with the builder
- func = gte_function_builder(func_name, "{}.{}.0".format(major, minor))
- # Add the function to the mapping
- self._filters[func_name] = func
-
- # Create filters with special versioning requirements.
- # Treat all Origin 1.x as special case.
- legacy_filters = [{'name': 'oo_version_gte_3_1_or_1_1',
- 'versions': {'enterprise': '3.0.2.905',
- 'origin': '1.1.0'}},
- {'name': 'oo_version_gte_3_1_1_or_1_1_1',
- 'versions': {'enterprise': '3.1.1',
- 'origin': '1.1.1'}},
- {'name': 'oo_version_gte_3_2_or_1_2',
- 'versions': {'enterprise': '3.1.1.901',
- 'origin': '1.2.0'}},
- {'name': 'oo_version_gte_3_3_or_1_3',
- 'versions': {'enterprise': '3.3.0',
- 'origin': '1.3.0'}},
- {'name': 'oo_version_gte_3_4_or_1_4',
- 'versions': {'enterprise': '3.4.0',
- 'origin': '1.4.0'}},
- {'name': 'oo_version_gte_3_5_or_1_5',
- 'versions': {'enterprise': '3.5.0',
- 'origin': '1.5.0'}}]
- for legacy_filter in legacy_filters:
- self._filters[legacy_filter['name']] = legacy_gte_function_builder(legacy_filter['name'],
- legacy_filter['versions'])
-
- def filters(self):
- """
- Return the filters mapping.
- """
- return self._filters
diff --git a/images/installer/README_INVENTORY_GENERATOR.md b/images/installer/README_INVENTORY_GENERATOR.md
index 9c10e4b71..293bdb689 100644
--- a/images/installer/README_INVENTORY_GENERATOR.md
+++ b/images/installer/README_INVENTORY_GENERATOR.md
@@ -46,7 +46,7 @@ docker run -u `id -u` \
-v /tmp/origin/master/admin.kubeconfig:/opt/app-root/src/.kube/config:Z \
-v /tmp/origin/master/master-config.yaml:/opt/app-root/src/master-config.yaml:Z \
-e OPTS="-v --become-user root" \
- -e PLAYBOOK_FILE=playbooks/byo/openshift-checks/health.yml \
+ -e PLAYBOOK_FILE=playbooks/openshift-checks/health.yml \
-e GENERATE_INVENTORY=true \
-e USER=`whoami` \
openshift/origin-ansible
diff --git a/images/installer/root/exports/manifest.json b/images/installer/root/exports/manifest.json
index 8b984d7a3..53696b03e 100644
--- a/images/installer/root/exports/manifest.json
+++ b/images/installer/root/exports/manifest.json
@@ -4,7 +4,7 @@
"OPTS": "",
"VAR_LIB_OPENSHIFT_INSTALLER" : "/var/lib/openshift-installer",
"VAR_LOG_OPENSHIFT_LOG": "/var/log/ansible.log",
- "PLAYBOOK_FILE": "/usr/share/ansible/openshift-ansible/playbooks/byo/config.yml",
+ "PLAYBOOK_FILE": "/usr/share/ansible/openshift-ansible/playbooks/deploy_cluster.yml",
"HOME_ROOT": "/root",
"ANSIBLE_CONFIG": "/usr/share/atomic-openshift-utils/ansible.cfg",
"INVENTORY_FILE": "/dev/null"
diff --git a/images/installer/root/usr/local/bin/run b/images/installer/root/usr/local/bin/run
index cd38a6ff0..67cf7dfde 100755
--- a/images/installer/root/usr/local/bin/run
+++ b/images/installer/root/usr/local/bin/run
@@ -18,7 +18,7 @@ INVENTORY="$(mktemp)"
if [[ -v INVENTORY_FILE ]]; then
# Make a copy so that ALLOW_ANSIBLE_CONNECTION_LOCAL below
# does not attempt to modify the original
- cp -a ${INVENTORY_FILE} ${INVENTORY}
+ cp ${INVENTORY_FILE} ${INVENTORY}
elif [[ -v INVENTORY_DIR ]]; then
INVENTORY="$(mktemp -d)"
cp -R ${INVENTORY_DIR}/* ${INVENTORY}
diff --git a/inventory/byo/.gitignore b/inventory/.gitignore
index 6ff331c7e..6ff331c7e 100644
--- a/inventory/byo/.gitignore
+++ b/inventory/.gitignore
diff --git a/inventory/README.md b/inventory/README.md
index 5e26e3c32..2e348194f 100644
--- a/inventory/README.md
+++ b/inventory/README.md
@@ -1,5 +1 @@
-# OpenShift Ansible inventory config files
-
-You can install OpenShift on:
-
-* [BYO](byo/) (Bring your own), use this inventory config file to install OpenShift on your pre-existing hosts
+# OpenShift Ansible example inventory config files
diff --git a/inventory/byo/hosts.byo.glusterfs.external.example b/inventory/byo/hosts.byo.glusterfs.external.example
deleted file mode 100644
index 5a284ce97..000000000
--- a/inventory/byo/hosts.byo.glusterfs.external.example
+++ /dev/null
@@ -1,56 +0,0 @@
-# This is an example of a bring your own (byo) host inventory for a cluster
-# with natively hosted, containerized GlusterFS storage.
-#
-# This inventory may be used with the byo/config.yml playbook to deploy a new
-# cluster with GlusterFS storage, which will use that storage to create a
-# volume that will provide backend storage for a hosted Docker registry.
-#
-# This inventory may also be used with byo/openshift-glusterfs/config.yml to
-# deploy GlusterFS storage on an existing cluster. With this playbook, the
-# registry backend volume will be created but the administrator must then
-# either deploy a hosted registry or change an existing hosted registry to use
-# that volume.
-#
-# There are additional configuration parameters that can be specified to
-# control the deployment and state of a GlusterFS cluster. Please see the
-# documentation in playbooks/byo/openshift-glusterfs/README.md and
-# roles/openshift_storage_glusterfs/README.md for additional details.
-
-[OSEv3:children]
-masters
-nodes
-# Specify there will be GlusterFS nodes
-glusterfs
-
-[OSEv3:vars]
-ansible_ssh_user=root
-openshift_deployment_type=origin
-# Specify that we want to use an external GlusterFS cluster
-openshift_storage_glusterfs_is_native=False
-# Specify the IP address or hostname of the external heketi service
-openshift_storage_glusterfs_heketi_url=172.0.0.1
-
-[masters]
-master
-
-[nodes]
-master openshift_schedulable=False
-node0 openshift_schedulable=True
-node1 openshift_schedulable=True
-node2 openshift_schedulable=True
-
-# Specify the glusterfs group, which contains the nodes of the external
-# GlusterFS cluster. At a minimum, each node must have "glusterfs_hostname"
-# and "glusterfs_devices" variables defined.
-#
-# The first variable indicates the hostname of the external GLusterFS node,
-# and must be reachable by the external heketi service.
-#
-# The second variable is a list of block devices the node will have access to
-# that are intended solely for use as GlusterFS storage. These block devices
-# must be bare (e.g. have no data, not be marked as LVM PVs), and will be
-# formatted.
-[glusterfs]
-node0.local glusterfs_ip='172.0.0.10' glusterfs_devices='[ "/dev/vdb" ]'
-node1.local glusterfs_ip='172.0.0.11' glusterfs_devices='[ "/dev/vdb", "/dev/vdc" ]'
-node2.local glusterfs_ip='172.0.0.11' glusterfs_devices='[ "/dev/vdd" ]'
diff --git a/inventory/byo/hosts.byo.glusterfs.mixed.example b/inventory/byo/hosts.byo.glusterfs.mixed.example
deleted file mode 100644
index d16df6470..000000000
--- a/inventory/byo/hosts.byo.glusterfs.mixed.example
+++ /dev/null
@@ -1,59 +0,0 @@
-# This is an example of a bring your own (byo) host inventory for a cluster
-# with natively hosted, containerized GlusterFS storage.
-#
-# This inventory may be used with the byo/config.yml playbook to deploy a new
-# cluster with GlusterFS storage, which will use that storage to create a
-# volume that will provide backend storage for a hosted Docker registry.
-#
-# This inventory may also be used with byo/openshift-glusterfs/config.yml to
-# deploy GlusterFS storage on an existing cluster. With this playbook, the
-# registry backend volume will be created but the administrator must then
-# either deploy a hosted registry or change an existing hosted registry to use
-# that volume.
-#
-# There are additional configuration parameters that can be specified to
-# control the deployment and state of a GlusterFS cluster. Please see the
-# documentation in playbooks/byo/openshift-glusterfs/README.md and
-# roles/openshift_storage_glusterfs/README.md for additional details.
-
-[OSEv3:children]
-masters
-nodes
-# Specify there will be GlusterFS nodes
-glusterfs
-
-[OSEv3:vars]
-ansible_ssh_user=root
-openshift_deployment_type=origin
-# Specify that we want to use an external GlusterFS cluster and a native
-# heketi service
-openshift_storage_glusterfs_is_native=False
-openshift_storage_glusterfs_heketi_is_native=True
-# Specify that heketi will use SSH to communicate to the GlusterFS nodes and
-# the private key file it will use for authentication
-openshift_storage_glusterfs_heketi_executor=ssh
-openshift_storage_glusterfs_heketi_ssh_keyfile=/root/id_rsa
-[masters]
-master
-
-[nodes]
-master openshift_schedulable=False
-node0 openshift_schedulable=True
-node1 openshift_schedulable=True
-node2 openshift_schedulable=True
-
-# Specify the glusterfs group, which contains the nodes of the external
-# GlusterFS cluster. At a minimum, each node must have "glusterfs_hostname"
-# and "glusterfs_devices" variables defined.
-#
-# The first variable indicates the hostname of the external GLusterFS node,
-# and must be reachable by the external heketi service.
-#
-# The second variable is a list of block devices the node will have access to
-# that are intended solely for use as GlusterFS storage. These block devices
-# must be bare (e.g. have no data, not be marked as LVM PVs), and will be
-# formatted.
-[glusterfs]
-node0.local glusterfs_ip='172.0.0.10' glusterfs_devices='[ "/dev/vdb" ]'
-node1.local glusterfs_ip='172.0.0.11' glusterfs_devices='[ "/dev/vdb", "/dev/vdc" ]'
-node2.local glusterfs_ip='172.0.0.11' glusterfs_devices='[ "/dev/vdd" ]'
diff --git a/inventory/byo/hosts.byo.glusterfs.native.example b/inventory/byo/hosts.byo.glusterfs.native.example
deleted file mode 100644
index c1a1f6f84..000000000
--- a/inventory/byo/hosts.byo.glusterfs.native.example
+++ /dev/null
@@ -1,46 +0,0 @@
-# This is an example of a bring your own (byo) host inventory for a cluster
-# with natively hosted, containerized GlusterFS storage for applications. It
-# will also autmatically create a StorageClass for this purpose.
-#
-# This inventory may be used with the byo/config.yml playbook to deploy a new
-# cluster with GlusterFS storage.
-#
-# This inventory may also be used with byo/openshift-glusterfs/config.yml to
-# deploy GlusterFS storage on an existing cluster.
-#
-# There are additional configuration parameters that can be specified to
-# control the deployment and state of a GlusterFS cluster. Please see the
-# documentation in playbooks/byo/openshift-glusterfs/README.md and
-# roles/openshift_storage_glusterfs/README.md for additional details.
-
-[OSEv3:children]
-masters
-nodes
-# Specify there will be GlusterFS nodes
-glusterfs
-
-[OSEv3:vars]
-ansible_ssh_user=root
-openshift_deployment_type=origin
-
-[masters]
-master
-
-[nodes]
-master openshift_schedulable=False
-# A hosted registry, by default, will only be deployed on nodes labeled
-# "region=infra".
-node0 openshift_schedulable=True
-node1 openshift_schedulable=True
-node2 openshift_schedulable=True
-
-# Specify the glusterfs group, which contains the nodes that will host
-# GlusterFS storage pods. At a minimum, each node must have a
-# "glusterfs_devices" variable defined. This variable is a list of block
-# devices the node will have access to that is intended solely for use as
-# GlusterFS storage. These block devices must be bare (e.g. have no data, not
-# be marked as LVM PVs), and will be formatted.
-[glusterfs]
-node0 glusterfs_devices='[ "/dev/vdb", "/dev/vdc", "/dev/vdd" ]'
-node1 glusterfs_devices='[ "/dev/vdb", "/dev/vdc", "/dev/vdd" ]'
-node2 glusterfs_devices='[ "/dev/vdb", "/dev/vdc", "/dev/vdd" ]'
diff --git a/inventory/byo/hosts.byo.glusterfs.registry-only.example b/inventory/byo/hosts.byo.glusterfs.registry-only.example
deleted file mode 100644
index 31a85ee42..000000000
--- a/inventory/byo/hosts.byo.glusterfs.registry-only.example
+++ /dev/null
@@ -1,52 +0,0 @@
-# This is an example of a bring your own (byo) host inventory for a cluster
-# with natively hosted, containerized GlusterFS storage for exclusive use
-# as storage for a natively hosted Docker registry.
-#
-# This inventory may be used with the byo/config.yml playbook to deploy a new
-# cluster with GlusterFS storage, which will use that storage to create a
-# volume that will provide backend storage for a hosted Docker registry.
-#
-# This inventory may also be used with byo/openshift-glusterfs/registry.yml to
-# deploy GlusterFS storage on an existing cluster. With this playbook, the
-# registry backend volume will be created but the administrator must then
-# either deploy a hosted registry or change an existing hosted registry to use
-# that volume.
-#
-# There are additional configuration parameters that can be specified to
-# control the deployment and state of a GlusterFS cluster. Please see the
-# documentation in playbooks/byo/openshift-glusterfs/README.md and
-# roles/openshift_storage_glusterfs/README.md for additional details.
-
-[OSEv3:children]
-masters
-nodes
-# Specify there will be GlusterFS nodes
-glusterfs_registry
-
-[OSEv3:vars]
-ansible_ssh_user=root
-openshift_deployment_type=origin
-# Specify that we want to use GlusterFS storage for a hosted registry
-openshift_hosted_registry_storage_kind=glusterfs
-
-[masters]
-master
-
-[nodes]
-master openshift_schedulable=False
-# A hosted registry, by default, will only be deployed on nodes labeled
-# "region=infra".
-node0 openshift_node_labels="{'region': 'infra'}" openshift_schedulable=True
-node1 openshift_node_labels="{'region': 'infra'}" openshift_schedulable=True
-node2 openshift_node_labels="{'region': 'infra'}" openshift_schedulable=True
-
-# Specify the glusterfs group, which contains the nodes that will host
-# GlusterFS storage pods. At a minimum, each node must have a
-# "glusterfs_devices" variable defined. This variable is a list of block
-# devices the node will have access to that is intended solely for use as
-# GlusterFS storage. These block devices must be bare (e.g. have no data, not
-# be marked as LVM PVs), and will be formatted.
-[glusterfs_registry]
-node0 glusterfs_devices='[ "/dev/vdb", "/dev/vdc", "/dev/vdd" ]'
-node1 glusterfs_devices='[ "/dev/vdb", "/dev/vdc", "/dev/vdd" ]'
-node2 glusterfs_devices='[ "/dev/vdb", "/dev/vdc", "/dev/vdd" ]'
diff --git a/inventory/byo/hosts.byo.glusterfs.storage-and-registry.example b/inventory/byo/hosts.byo.glusterfs.storage-and-registry.example
deleted file mode 100644
index 54bd89ddc..000000000
--- a/inventory/byo/hosts.byo.glusterfs.storage-and-registry.example
+++ /dev/null
@@ -1,63 +0,0 @@
-# This is an example of a bring your own (byo) host inventory for a cluster
-# with natively hosted, containerized GlusterFS storage for both general
-# application use and a natively hosted Docker registry. It will also create a
-# StorageClass for the general storage.
-#
-# This inventory may be used with the byo/config.yml playbook to deploy a new
-# cluster with GlusterFS storage.
-#
-# This inventory may also be used with byo/openshift-glusterfs/config.yml to
-# deploy GlusterFS storage on an existing cluster. With this playbook, the
-# registry backend volume will be created but the administrator must then
-# either deploy a hosted registry or change an existing hosted registry to use
-# that volume.
-#
-# There are additional configuration parameters that can be specified to
-# control the deployment and state of a GlusterFS cluster. Please see the
-# documentation in playbooks/byo/openshift-glusterfs/README.md and
-# roles/openshift_storage_glusterfs/README.md for additional details.
-
-[OSEv3:children]
-masters
-nodes
-# Specify there will be GlusterFS nodes
-glusterfs
-glusterfs_registry
-
-[OSEv3:vars]
-ansible_ssh_user=root
-openshift_deployment_type=origin
-# Specify that we want to use GlusterFS storage for a hosted registry
-openshift_hosted_registry_storage_kind=glusterfs
-
-[masters]
-master
-
-[nodes]
-master openshift_schedulable=False
-# It is recommended to not use a single cluster for both general and registry
-# storage, so two three-node clusters will be required.
-node0 openshift_schedulable=True
-node1 openshift_schedulable=True
-node2 openshift_schedulable=True
-# A hosted registry, by default, will only be deployed on nodes labeled
-# "region=infra".
-node3 openshift_node_labels="{'region': 'infra'}" openshift_schedulable=True
-node4 openshift_node_labels="{'region': 'infra'}" openshift_schedulable=True
-node5 openshift_node_labels="{'region': 'infra'}" openshift_schedulable=True
-
-# Specify the glusterfs group, which contains the nodes that will host
-# GlusterFS storage pods. At a minimum, each node must have a
-# "glusterfs_devices" variable defined. This variable is a list of block
-# devices the node will have access to that is intended solely for use as
-# GlusterFS storage. These block devices must be bare (e.g. have no data, not
-# be marked as LVM PVs), and will be formatted.
-[glusterfs]
-node0 glusterfs_devices='[ "/dev/vdb", "/dev/vdc", "/dev/vdd" ]'
-node1 glusterfs_devices='[ "/dev/vdb", "/dev/vdc", "/dev/vdd" ]'
-node2 glusterfs_devices='[ "/dev/vdb", "/dev/vdc", "/dev/vdd" ]'
-
-[glusterfs_registry]
-node3 glusterfs_devices='[ "/dev/vdb", "/dev/vdc", "/dev/vdd" ]'
-node4 glusterfs_devices='[ "/dev/vdb", "/dev/vdc", "/dev/vdd" ]'
-node5 glusterfs_devices='[ "/dev/vdb", "/dev/vdc", "/dev/vdd" ]'
diff --git a/inventory/byo/hosts.example b/inventory/byo/hosts.example
deleted file mode 100644
index 5de43270e..000000000
--- a/inventory/byo/hosts.example
+++ /dev/null
@@ -1,1076 +0,0 @@
-# This is an example of a bring your own (byo) host inventory
-
-# Create an OSEv3 group that contains the masters and nodes groups
-[OSEv3:children]
-masters
-nodes
-etcd
-lb
-nfs
-
-# Set variables common for all OSEv3 hosts
-[OSEv3:vars]
-# Enable unsupported configurations, things that will yield a partially
-# functioning cluster but would not be supported for production use
-#openshift_enable_unsupported_configurations=false
-
-# SSH user, this user should allow ssh based auth without requiring a
-# password. If using ssh key based auth, then the key should be managed by an
-# ssh agent.
-ansible_ssh_user=root
-
-# If ansible_ssh_user is not root, ansible_become must be set to true and the
-# user must be configured for passwordless sudo
-#ansible_become=yes
-
-# Debug level for all OpenShift components (Defaults to 2)
-debug_level=2
-
-# Specify the deployment type. Valid values are origin and openshift-enterprise.
-openshift_deployment_type=origin
-#openshift_deployment_type=openshift-enterprise
-
-# Specify the generic release of OpenShift to install. This is used mainly just during installation, after which we
-# rely on the version running on the first master. Works best for containerized installs where we can usually
-# use this to lookup the latest exact version of the container images, which is the tag actually used to configure
-# the cluster. For RPM installations we just verify the version detected in your configured repos matches this
-# release.
-openshift_release=v3.7
-
-# Specify an exact container image tag to install or configure.
-# WARNING: This value will be used for all hosts in containerized environments, even those that have another version installed.
-# This could potentially trigger an upgrade and downtime, so be careful with modifying this value after the cluster is set up.
-#openshift_image_tag=v3.7.0
-
-# Specify an exact rpm version to install or configure.
-# WARNING: This value will be used for all hosts in RPM based environments, even those that have another version installed.
-# This could potentially trigger an upgrade and downtime, so be careful with modifying this value after the cluster is set up.
-#openshift_pkg_version=-3.7.0
-
-# This enables all the system containers except for docker:
-#openshift_use_system_containers=False
-#
-# But you can choose separately each component that must be a
-# system container:
-#
-#openshift_use_openvswitch_system_container=False
-#openshift_use_node_system_container=False
-#openshift_use_master_system_container=False
-#openshift_use_etcd_system_container=False
-#
-# In either case, system_images_registry must be specified to be able to find the system images
-#system_images_registry="docker.io"
-# when openshift_deployment_type=='openshift-enterprise'
-#system_images_registry="registry.access.redhat.com"
-
-# Manage openshift example imagestreams and templates during install and upgrade
-#openshift_install_examples=true
-
-# Configure logoutURL in the master config for console customization
-# See: https://docs.openshift.org/latest/install_config/web_console_customization.html#changing-the-logout-url
-#openshift_master_logout_url=http://example.com
-
-# Configure extensionScripts in the master config for console customization
-# See: https://docs.openshift.org/latest/install_config/web_console_customization.html#loading-custom-scripts-and-stylesheets
-#openshift_master_extension_scripts=['/path/to/script1.js','/path/to/script2.js']
-
-# Configure extensionStylesheets in the master config for console customization
-# See: https://docs.openshift.org/latest/install_config/web_console_customization.html#loading-custom-scripts-and-stylesheets
-#openshift_master_extension_stylesheets=['/path/to/stylesheet1.css','/path/to/stylesheet2.css']
-
-# Configure extensions in the master config for console customization
-# See: https://docs.openshift.org/latest/install_config/web_console_customization.html#serving-static-files
-#openshift_master_extensions=[{'name': 'images', 'sourceDirectory': '/path/to/my_images'}]
-
-# Configure extensions in the master config for console customization
-# See: https://docs.openshift.org/latest/install_config/web_console_customization.html#serving-static-files
-#openshift_master_oauth_template=/path/to/login-template.html
-
-# Configure imagePolicyConfig in the master config
-# See: https://godoc.org/github.com/openshift/origin/pkg/cmd/server/api#ImagePolicyConfig
-#openshift_master_image_policy_config={"maxImagesBulkImportedPerRepository": 3, "disableScheduledImport": true}
-
-# Configure master API rate limits for external clients
-#openshift_master_external_ratelimit_qps=200
-#openshift_master_external_ratelimit_burst=400
-# Configure master API rate limits for loopback clients
-#openshift_master_loopback_ratelimit_qps=300
-#openshift_master_loopback_ratelimit_burst=600
-
-# Docker Configuration
-# Add additional, insecure, and blocked registries to global docker configuration
-# For enterprise deployment types we ensure that registry.access.redhat.com is
-# included if you do not include it
-#openshift_docker_additional_registries=registry.example.com
-#openshift_docker_insecure_registries=registry.example.com
-#openshift_docker_blocked_registries=registry.hacker.com
-# Disable pushing to dockerhub
-#openshift_docker_disable_push_dockerhub=True
-# Use Docker inside a System Container. Note that this is a tech preview and should
-# not be used to upgrade!
-# The following options for docker are ignored:
-# - docker_version
-# - docker_upgrade
-# The following options must not be used
-# - openshift_docker_options
-#openshift_docker_use_system_container=False
-# Install and run cri-o along side docker
-# NOTE: This uses openshift_docker_systemcontainer_image_registry_override as it's override
-# just as container-engine does.
-#openshift_use_crio=False
-# Force the registry to use for the container-engine/crio system container. By default the registry
-# will be built off of the deployment type and ansible_distribution. Only
-# use this option if you are sure you know what you are doing!
-#openshift_docker_systemcontainer_image_override="registry.example.com/container-engine:latest"
-#openshift_crio_systemcontainer_image_override="registry.example.com/cri-o:latest"
-# NOTE: The following crio docker-gc items are tech preview and likely shouldn't be used
-# unless you know what you are doing!!
-# The following two variables are used when opneshift_use_crio is True
-# and cleans up after builds that pass through docker.
-# Enable docker garbage collection when using cri-o
-#openshift_crio_enable_docker_gc=false
-# Node Selectors to run the garbage collection
-#openshift_crio_docker_gc_node_selector: {'runtime': 'cri-o'}
-
-# Items added, as is, to end of /etc/sysconfig/docker OPTIONS
-# Default value: "--log-driver=journald"
-#openshift_docker_options="-l warn --ipv6=false"
-
-# Specify exact version of Docker to configure or upgrade to.
-# Downgrades are not supported and will error out. Be careful when upgrading docker from < 1.10 to > 1.10.
-# docker_version="1.12.1"
-
-# Specify whether to run Docker daemon with SELinux enabled in containers. Default is True.
-# Uncomment below to disable; for example if your kernel does not support the
-# Docker overlay/overlay2 storage drivers with SELinux enabled.
-#openshift_docker_selinux_enabled=False
-
-# Skip upgrading Docker during an OpenShift upgrade, leaves the current Docker version alone.
-# docker_upgrade=False
-
-# Specify exact version of etcd to configure or upgrade to.
-# etcd_version="3.1.0"
-# Enable etcd debug logging, defaults to false
-# etcd_debug=true
-# Set etcd log levels by package
-# etcd_log_package_levels="etcdserver=WARNING,security=DEBUG"
-
-# Upgrade Hooks
-#
-# Hooks are available to run custom tasks at various points during a cluster
-# upgrade. Each hook should point to a file with Ansible tasks defined. Suggest using
-# absolute paths, if not the path will be treated as relative to the file where the
-# hook is actually used.
-#
-# Tasks to run before each master is upgraded.
-# openshift_master_upgrade_pre_hook=/usr/share/custom/pre_master.yml
-#
-# Tasks to run to upgrade the master. These tasks run after the main openshift-ansible
-# upgrade steps, but before we restart system/services.
-# openshift_master_upgrade_hook=/usr/share/custom/master.yml
-#
-# Tasks to run after each master is upgraded and system/services have been restarted.
-# openshift_master_upgrade_post_hook=/usr/share/custom/post_master.yml
-
-# Alternate image format string, useful if you've got your own registry mirror
-# Configure this setting just on node or master
-#oreg_url_master=example.com/openshift3/ose-${component}:${version}
-#oreg_url_node=example.com/openshift3/ose-${component}:${version}
-# For setting the configuration globally
-#oreg_url=example.com/openshift3/ose-${component}:${version}
-# If oreg_url points to a registry other than registry.access.redhat.com we can
-# modify image streams to point at that registry by setting the following to true
-#openshift_examples_modify_imagestreams=true
-
-# If oreg_url points to a registry requiring authentication, provide the following:
-#oreg_auth_user=some_user
-#oreg_auth_password='my-pass'
-# NOTE: oreg_url must be defined by the user for oreg_auth_* to have any affect.
-# oreg_auth_pass should be generated from running docker login.
-# To update registry auth credentials, uncomment the following:
-#oreg_auth_credentials_replace: True
-
-# OpenShift repository configuration
-#openshift_additional_repos=[{'id': 'openshift-origin-copr', 'name': 'OpenShift Origin COPR', 'baseurl': 'https://copr-be.cloud.fedoraproject.org/results/maxamillion/origin-next/epel-7-$basearch/', 'enabled': 1, 'gpgcheck': 1, 'gpgkey': 'https://copr-be.cloud.fedoraproject.org/results/maxamillion/origin-next/pubkey.gpg'}]
-#openshift_repos_enable_testing=false
-
-# htpasswd auth
-openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', 'challenge': 'true', 'kind': 'HTPasswdPasswordIdentityProvider', 'filename': '/etc/origin/master/htpasswd'}]
-# Defining htpasswd users
-#openshift_master_htpasswd_users={'user1': '<pre-hashed password>', 'user2': '<pre-hashed password>'}
-# or
-#openshift_master_htpasswd_file=<path to local pre-generated htpasswd file>
-
-# Allow all auth
-#openshift_master_identity_providers=[{'name': 'allow_all', 'login': 'true', 'challenge': 'true', 'kind': 'AllowAllPasswordIdentityProvider'}]
-
-# LDAP auth
-#openshift_master_identity_providers=[{'name': 'my_ldap_provider', 'challenge': 'true', 'login': 'true', 'kind': 'LDAPPasswordIdentityProvider', 'attributes': {'id': ['dn'], 'email': ['mail'], 'name': ['cn'], 'preferredUsername': ['uid']}, 'bindDN': '', 'bindPassword': '', 'ca': 'my-ldap-ca.crt', 'insecure': 'false', 'url': 'ldap://ldap.example.com:389/ou=users,dc=example,dc=com?uid'}]
-#
-# Configure LDAP CA certificate
-# Specify either the ASCII contents of the certificate or the path to
-# the local file that will be copied to the remote host. CA
-# certificate contents will be copied to master systems and saved
-# within /etc/origin/master/ with a filename matching the "ca" key set
-# within the LDAPPasswordIdentityProvider.
-#
-#openshift_master_ldap_ca=<ca text>
-# or
-#openshift_master_ldap_ca_file=<path to local ca file to use>
-
-# OpenID auth
-#openshift_master_identity_providers=[{"name": "openid_auth", "login": "true", "challenge": "false", "kind": "OpenIDIdentityProvider", "client_id": "my_client_id", "client_secret": "my_client_secret", "claims": {"id": ["sub"], "preferredUsername": ["preferred_username"], "name": ["name"], "email": ["email"]}, "urls": {"authorize": "https://myidp.example.com/oauth2/authorize", "token": "https://myidp.example.com/oauth2/token"}, "ca": "my-openid-ca-bundle.crt"}]
-#
-# Configure OpenID CA certificate
-# Specify either the ASCII contents of the certificate or the path to
-# the local file that will be copied to the remote host. CA
-# certificate contents will be copied to master systems and saved
-# within /etc/origin/master/ with a filename matching the "ca" key set
-# within the OpenIDIdentityProvider.
-#
-#openshift_master_openid_ca=<ca text>
-# or
-#openshift_master_openid_ca_file=<path to local ca file to use>
-
-# Request header auth
-#openshift_master_identity_providers=[{"name": "my_request_header_provider", "challenge": "true", "login": "true", "kind": "RequestHeaderIdentityProvider", "challengeURL": "https://www.example.com/challenging-proxy/oauth/authorize?${query}", "loginURL": "https://www.example.com/login-proxy/oauth/authorize?${query}", "clientCA": "my-request-header-ca.crt", "clientCommonNames": ["my-auth-proxy"], "headers": ["X-Remote-User", "SSO-User"], "emailHeaders": ["X-Remote-User-Email"], "nameHeaders": ["X-Remote-User-Display-Name"], "preferredUsernameHeaders": ["X-Remote-User-Login"]}]
-#
-# Configure request header CA certificate
-# Specify either the ASCII contents of the certificate or the path to
-# the local file that will be copied to the remote host. CA
-# certificate contents will be copied to master systems and saved
-# within /etc/origin/master/ with a filename matching the "clientCA"
-# key set within the RequestHeaderIdentityProvider.
-#
-#openshift_master_request_header_ca=<ca text>
-# or
-#openshift_master_request_header_ca_file=<path to local ca file to use>
-
-# CloudForms Management Engine (ManageIQ) App Install
-#
-# Enables installation of MIQ server. Recommended for dedicated
-# clusters only. See roles/openshift_management/README.md for instructions
-# and requirements.
-#openshift_management_install_management=False
-
-# Cloud Provider Configuration
-#
-# Note: You may make use of environment variables rather than store
-# sensitive configuration within the ansible inventory.
-# For example:
-#openshift_cloudprovider_aws_access_key="{{ lookup('env','AWS_ACCESS_KEY_ID') }}"
-#openshift_cloudprovider_aws_secret_key="{{ lookup('env','AWS_SECRET_ACCESS_KEY') }}"
-#
-# AWS
-#openshift_cloudprovider_kind=aws
-# Note: IAM profiles may be used instead of storing API credentials on disk.
-#openshift_cloudprovider_aws_access_key=aws_access_key_id
-#openshift_cloudprovider_aws_secret_key=aws_secret_access_key
-#
-# Openstack
-#openshift_cloudprovider_kind=openstack
-#openshift_cloudprovider_openstack_auth_url=http://openstack.example.com:35357/v2.0/
-#openshift_cloudprovider_openstack_username=username
-#openshift_cloudprovider_openstack_password=password
-#openshift_cloudprovider_openstack_domain_id=domain_id
-#openshift_cloudprovider_openstack_domain_name=domain_name
-#openshift_cloudprovider_openstack_tenant_id=tenant_id
-#openshift_cloudprovider_openstack_tenant_name=tenant_name
-#openshift_cloudprovider_openstack_region=region
-#openshift_cloudprovider_openstack_lb_subnet_id=subnet_id
-#
-# GCE
-#openshift_cloudprovider_kind=gce
-
-# Project Configuration
-#osm_project_request_message=''
-#osm_project_request_template=''
-#osm_mcs_allocator_range='s0:/2'
-#osm_mcs_labels_per_project=5
-#osm_uid_allocator_range='1000000000-1999999999/10000'
-
-# Configure additional projects
-#openshift_additional_projects={'my-project': {'default_node_selector': 'label=value'}}
-
-# Enable cockpit
-#osm_use_cockpit=true
-#
-# Set cockpit plugins
-#osm_cockpit_plugins=['cockpit-kubernetes']
-
-# Native high availability cluster method with optional load balancer.
-# If no lb group is defined, the installer assumes that a load balancer has
-# been preconfigured. For installation the value of
-# openshift_master_cluster_hostname must resolve to the load balancer
-# or to one or all of the masters defined in the inventory if no load
-# balancer is present.
-#openshift_master_cluster_method=native
-#openshift_master_cluster_hostname=openshift-ansible.test.example.com
-#openshift_master_cluster_public_hostname=openshift-ansible.test.example.com
-
-# Pacemaker high availability cluster method.
-# Pacemaker HA environment must be able to self provision the
-# configured VIP. For installation openshift_master_cluster_hostname
-# must resolve to the configured VIP.
-#openshift_master_cluster_method=pacemaker
-#openshift_master_cluster_password=openshift_cluster
-#openshift_master_cluster_vip=192.168.133.25
-#openshift_master_cluster_public_vip=192.168.133.25
-#openshift_master_cluster_hostname=openshift-ansible.test.example.com
-#openshift_master_cluster_public_hostname=openshift-ansible.test.example.com
-
-# Configure controller arguments
-#osm_controller_args={'resource-quota-sync-period': ['10s']}
-
-# Configure api server arguments
-#osm_api_server_args={'max-requests-inflight': ['400']}
-
-# default subdomain to use for exposed routes
-#openshift_master_default_subdomain=apps.test.example.com
-
-# additional cors origins
-#osm_custom_cors_origins=['foo.example.com', 'bar.example.com']
-
-# default project node selector
-#osm_default_node_selector='region=primary'
-
-# Override the default pod eviction timeout
-#openshift_master_pod_eviction_timeout=5m
-
-# Override the default oauth tokenConfig settings:
-# openshift_master_access_token_max_seconds=86400
-# openshift_master_auth_token_max_seconds=500
-
-# Override master servingInfo.maxRequestsInFlight
-#openshift_master_max_requests_inflight=500
-
-# Override master and node servingInfo.minTLSVersion and .cipherSuites
-# valid TLS versions are VersionTLS10, VersionTLS11, VersionTLS12
-# example cipher suites override, valid cipher suites are https://golang.org/pkg/crypto/tls/#pkg-constants
-#openshift_master_min_tls_version=VersionTLS12
-#openshift_master_cipher_suites=['TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256', '...']
-#
-#openshift_node_min_tls_version=VersionTLS12
-#openshift_node_cipher_suites=['TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256', '...']
-
-# default storage plugin dependencies to install, by default the ceph and
-# glusterfs plugin dependencies will be installed, if available.
-#osn_storage_plugin_deps=['ceph','glusterfs','iscsi']
-
-# OpenShift Router Options
-#
-# An OpenShift router will be created during install if there are
-# nodes present with labels matching the default router selector,
-# "region=infra". Set openshift_node_labels per node as needed in
-# order to label nodes.
-#
-# Example:
-# [nodes]
-# node.example.com openshift_node_labels="{'region': 'infra'}"
-#
-# Router selector (optional)
-# Router will only be created if nodes matching this label are present.
-# Default value: 'region=infra'
-#openshift_hosted_router_selector='region=infra'
-#
-# Router replicas (optional)
-# Unless specified, openshift-ansible will calculate the replica count
-# based on the number of nodes matching the openshift router selector.
-#openshift_hosted_router_replicas=2
-#
-# Router force subdomain (optional)
-# A router path format to force on all routes used by this router
-# (will ignore the route host value)
-#openshift_hosted_router_force_subdomain='${name}-${namespace}.apps.example.com'
-#
-# Router certificate (optional)
-# Provide local certificate paths which will be configured as the
-# router's default certificate.
-#openshift_hosted_router_certificate={"certfile": "/path/to/router.crt", "keyfile": "/path/to/router.key", "cafile": "/path/to/router-ca.crt"}
-#
-# Manage the OpenShift Router (optional)
-#openshift_hosted_manage_router=true
-#
-# Router sharding support has been added and can be achieved by supplying the correct
-# data to the inventory. The variable to house the data is openshift_hosted_routers
-# and is in the form of a list. If no data is passed then a default router will be
-# created. There are multiple combinations of router sharding. The one described
-# below supports routers on separate nodes.
-#
-#openshift_hosted_routers=[{'name': 'router1', 'certificate': {'certfile': '/path/to/certificate/abc.crt', 'keyfile': '/path/to/certificate/abc.key', 'cafile': '/path/to/certificate/ca.crt'}, 'replicas': 1, 'serviceaccount': 'router', 'namespace': 'default', 'stats_port': 1936, 'edits': [], 'images': 'openshift3/ose-${component}:${version}', 'selector': 'type=router1', 'ports': ['80:80', '443:443']}, {'name': 'router2', 'certificate': {'certfile': '/path/to/certificate/xyz.crt', 'keyfile': '/path/to/certificate/xyz.key', 'cafile': '/path/to/certificate/ca.crt'}, 'replicas': 1, 'serviceaccount': 'router', 'namespace': 'default', 'stats_port': 1936, 'edits': [{'action': 'append', 'key': 'spec.template.spec.containers[0].env', 'value': {'name': 'ROUTE_LABELS', 'value': 'route=external'}}], 'images': 'openshift3/ose-${component}:${version}', 'selector': 'type=router2', 'ports': ['80:80', '443:443']}]
-
-# OpenShift Registry Console Options
-# Override the console image prefix for enterprise deployments, not used in origin
-# default is "registry.access.redhat.com/openshift3/" and the image appended is "registry-console"
-#openshift_cockpit_deployer_prefix=registry.example.com/myrepo/
-# Override image version, defaults to latest for origin, matches the product version for enterprise
-#openshift_cockpit_deployer_version=1.4.1
-
-# Openshift Registry Options
-#
-# An OpenShift registry will be created during install if there are
-# nodes present with labels matching the default registry selector,
-# "region=infra". Set openshift_node_labels per node as needed in
-# order to label nodes.
-#
-# Example:
-# [nodes]
-# node.example.com openshift_node_labels="{'region': 'infra'}"
-#
-# Registry selector (optional)
-# Registry will only be created if nodes matching this label are present.
-# Default value: 'region=infra'
-#openshift_hosted_registry_selector='region=infra'
-#
-# Registry replicas (optional)
-# Unless specified, openshift-ansible will calculate the replica count
-# based on the number of nodes matching the openshift registry selector.
-#openshift_hosted_registry_replicas=2
-#
-# Validity of the auto-generated certificate in days (optional)
-#openshift_hosted_registry_cert_expire_days=730
-#
-# Manage the OpenShift Registry (optional)
-#openshift_hosted_manage_registry=true
-
-# Registry Storage Options
-#
-# NFS Host Group
-# An NFS volume will be created with path "nfs_directory/volume_name"
-# on the host within the [nfs] host group. For example, the volume
-# path using these options would be "/exports/registry"
-#openshift_hosted_registry_storage_kind=nfs
-#openshift_hosted_registry_storage_access_modes=['ReadWriteMany']
-# nfs_directory must conform to DNS-1123 subdomain must consist of lower case
-# alphanumeric characters, '-' or '.', and must start and end with an alphanumeric character
-#openshift_hosted_registry_storage_nfs_directory=/exports
-#openshift_hosted_registry_storage_nfs_options='*(rw,root_squash)'
-#openshift_hosted_registry_storage_volume_name=registry
-#openshift_hosted_registry_storage_volume_size=10Gi
-#
-# External NFS Host
-# NFS volume must already exist with path "nfs_directory/_volume_name" on
-# the storage_host. For example, the remote volume path using these
-# options would be "nfs.example.com:/exports/registry"
-#openshift_hosted_registry_storage_kind=nfs
-#openshift_hosted_registry_storage_access_modes=['ReadWriteMany']
-#openshift_hosted_registry_storage_host=nfs.example.com
-# nfs_directory must conform to DNS-1123 subdomain must consist of lower case
-# alphanumeric characters, '-' or '.', and must start and end with an alphanumeric character
-#openshift_hosted_registry_storage_nfs_directory=/exports
-#openshift_hosted_registry_storage_volume_name=registry
-#openshift_hosted_registry_storage_volume_size=10Gi
-#
-# Openstack
-# Volume must already exist.
-#openshift_hosted_registry_storage_kind=openstack
-#openshift_hosted_registry_storage_access_modes=['ReadWriteOnce']
-#openshift_hosted_registry_storage_openstack_filesystem=ext4
-#openshift_hosted_registry_storage_openstack_volumeID=3a650b4f-c8c5-4e0a-8ca5-eaee11f16c57
-#openshift_hosted_registry_storage_volume_size=10Gi
-#
-# AWS S3
-# S3 bucket must already exist.
-#openshift_hosted_registry_storage_kind=object
-#openshift_hosted_registry_storage_provider=s3
-#openshift_hosted_registry_storage_s3_encrypt=false
-#openshift_hosted_registry_storage_s3_kmskeyid=aws_kms_key_id
-#openshift_hosted_registry_storage_s3_accesskey=aws_access_key_id
-#openshift_hosted_registry_storage_s3_secretkey=aws_secret_access_key
-#openshift_hosted_registry_storage_s3_bucket=bucket_name
-#openshift_hosted_registry_storage_s3_region=bucket_region
-#openshift_hosted_registry_storage_s3_chunksize=26214400
-#openshift_hosted_registry_storage_s3_rootdirectory=/registry
-#openshift_hosted_registry_pullthrough=true
-#openshift_hosted_registry_acceptschema2=true
-#openshift_hosted_registry_enforcequota=true
-#
-# Any S3 service (Minio, ExoScale, ...): Basically the same as above
-# but with regionendpoint configured
-# S3 bucket must already exist.
-#openshift_hosted_registry_storage_kind=object
-#openshift_hosted_registry_storage_provider=s3
-#openshift_hosted_registry_storage_s3_accesskey=access_key_id
-#openshift_hosted_registry_storage_s3_secretkey=secret_access_key
-#openshift_hosted_registry_storage_s3_regionendpoint=https://myendpoint.example.com/
-#openshift_hosted_registry_storage_s3_bucket=bucket_name
-#openshift_hosted_registry_storage_s3_region=bucket_region
-#openshift_hosted_registry_storage_s3_chunksize=26214400
-#openshift_hosted_registry_storage_s3_rootdirectory=/registry
-#openshift_hosted_registry_pullthrough=true
-#openshift_hosted_registry_acceptschema2=true
-#openshift_hosted_registry_enforcequota=true
-#
-# Additional CloudFront Options. When using CloudFront all three
-# of the followingg variables must be defined.
-#openshift_hosted_registry_storage_s3_cloudfront_baseurl=https://myendpoint.cloudfront.net/
-#openshift_hosted_registry_storage_s3_cloudfront_privatekeyfile=/full/path/to/secret.pem
-#openshift_hosted_registry_storage_s3_cloudfront_keypairid=yourpairid
-
-# Metrics deployment
-# See: https://docs.openshift.com/enterprise/latest/install_config/cluster_metrics.html
-#
-# By default metrics are not automatically deployed, set this to enable them
-#openshift_metrics_install_metrics=true
-#
-# Storage Options
-# If openshift_metrics_storage_kind is unset then metrics will be stored
-# in an EmptyDir volume and will be deleted when the cassandra pod terminates.
-# Storage options A & B currently support only one cassandra pod which is
-# generally enough for up to 1000 pods. Additional volumes can be created
-# manually after the fact and metrics scaled per the docs.
-#
-# Option A - NFS Host Group
-# An NFS volume will be created with path "nfs_directory/volume_name"
-# on the host within the [nfs] host group. For example, the volume
-# path using these options would be "/exports/metrics"
-#openshift_metrics_storage_kind=nfs
-#openshift_metrics_storage_access_modes=['ReadWriteOnce']
-#openshift_metrics_storage_nfs_directory=/exports
-#openshift_metrics_storage_nfs_options='*(rw,root_squash)'
-#openshift_metrics_storage_volume_name=metrics
-#openshift_metrics_storage_volume_size=10Gi
-#openshift_metrics_storage_labels={'storage': 'metrics'}
-#
-# Option B - External NFS Host
-# NFS volume must already exist with path "nfs_directory/_volume_name" on
-# the storage_host. For example, the remote volume path using these
-# options would be "nfs.example.com:/exports/metrics"
-#openshift_metrics_storage_kind=nfs
-#openshift_metrics_storage_access_modes=['ReadWriteOnce']
-#openshift_metrics_storage_host=nfs.example.com
-#openshift_metrics_storage_nfs_directory=/exports
-#openshift_metrics_storage_volume_name=metrics
-#openshift_metrics_storage_volume_size=10Gi
-#openshift_metrics_storage_labels={'storage': 'metrics'}
-#
-# Option C - Dynamic -- If openshift supports dynamic volume provisioning for
-# your cloud platform use this.
-#openshift_metrics_storage_kind=dynamic
-#
-# Other Metrics Options -- Common items you may wish to reconfigure, for the complete
-# list of options please see roles/openshift_metrics/README.md
-#
-# Override metricsPublicURL in the master config for cluster metrics
-# Defaults to https://hawkular-metrics.{{openshift_master_default_subdomain}}/hawkular/metrics
-# Currently, you may only alter the hostname portion of the url, alterting the
-# `/hawkular/metrics` path will break installation of metrics.
-#openshift_metrics_hawkular_hostname=hawkular-metrics.example.com
-# Configure the prefix and version for the component images
-#openshift_metrics_image_prefix=docker.io/openshift/origin-
-#openshift_metrics_image_version=v3.7
-# when openshift_deployment_type=='openshift-enterprise'
-#openshift_metrics_image_prefix=registry.access.redhat.com/openshift3/
-#openshift_metrics_image_version=v3.7
-#
-# StorageClass
-# openshift_storageclass_name=gp2
-# openshift_storageclass_parameters={'type': 'gp2', 'encrypted': 'false'}
-#
-
-# Logging deployment
-#
-# Currently logging deployment is disabled by default, enable it by setting this
-#openshift_logging_install_logging=true
-#
-# Logging storage config
-# Option A - NFS Host Group
-# An NFS volume will be created with path "nfs_directory/volume_name"
-# on the host within the [nfs] host group. For example, the volume
-# path using these options would be "/exports/logging"
-#openshift_logging_storage_kind=nfs
-#openshift_logging_storage_access_modes=['ReadWriteOnce']
-#openshift_logging_storage_nfs_directory=/exports
-#openshift_logging_storage_nfs_options='*(rw,root_squash)'
-#openshift_logging_storage_volume_name=logging
-#openshift_logging_storage_volume_size=10Gi
-#openshift_logging_storage_labels={'storage': 'logging'}
-#
-# Option B - External NFS Host
-# NFS volume must already exist with path "nfs_directory/_volume_name" on
-# the storage_host. For example, the remote volume path using these
-# options would be "nfs.example.com:/exports/logging"
-#openshift_logging_storage_kind=nfs
-#openshift_logging_storage_access_modes=['ReadWriteOnce']
-#openshift_logging_storage_host=nfs.example.com
-#openshift_logging_storage_nfs_directory=/exports
-#openshift_logging_storage_volume_name=logging
-#openshift_logging_storage_volume_size=10Gi
-#openshift_logging_storage_labels={'storage': 'logging'}
-#
-# Option C - Dynamic -- If openshift supports dynamic volume provisioning for
-# your cloud platform use this.
-#openshift_logging_storage_kind=dynamic
-#
-# Option D - none -- Logging will use emptydir volumes which are destroyed when
-# pods are deleted
-#
-# Other Logging Options -- Common items you may wish to reconfigure, for the complete
-# list of options please see roles/openshift_logging/README.md
-#
-# Configure loggingPublicURL in the master config for aggregate logging, defaults
-# to kibana.{{ openshift_master_default_subdomain }}
-#openshift_logging_kibana_hostname=logging.apps.example.com
-# Configure the number of elastic search nodes, unless you're using dynamic provisioning
-# this value must be 1
-#openshift_logging_es_cluster_size=1
-# Configure the prefix and version for the component images
-#openshift_logging_image_prefix=docker.io/openshift/origin-
-#openshift_logging_image_version=v3.7.0
-# when openshift_deployment_type=='openshift-enterprise'
-#openshift_logging_image_prefix=registry.access.redhat.com/openshift3/
-#openshift_logging_image_version=3.7.0
-
-# Prometheus deployment
-#
-# Currently prometheus deployment is disabled by default, enable it by setting this
-#openshift_hosted_prometheus_deploy=true
-#
-# Prometheus storage config
-# Option A - NFS Host Group
-# An NFS volume will be created with path "nfs_directory/volume_name"
-# on the host within the [nfs] host group. For example, the volume
-# path using these options would be "/exports/prometheus"
-#openshift_prometheus_storage_kind=nfs
-#openshift_prometheus_storage_access_modes=['ReadWriteOnce']
-#openshift_prometheus_storage_nfs_directory=/exports
-#openshift_prometheus_storage_nfs_options='*(rw,root_squash)'
-#openshift_prometheus_storage_volume_name=prometheus
-#openshift_prometheus_storage_volume_size=10Gi
-#openshift_prometheus_storage_labels={'storage': 'prometheus'}
-#openshift_prometheus_storage_type='pvc'
-# For prometheus-alertmanager
-#openshift_prometheus_alertmanager_storage_kind=nfs
-#openshift_prometheus_alertmanager_storage_access_modes=['ReadWriteOnce']
-#openshift_prometheus_alertmanager_storage_nfs_directory=/exports
-#openshift_prometheus_alertmanager_storage_nfs_options='*(rw,root_squash)'
-#openshift_prometheus_alertmanager_storage_volume_name=prometheus-alertmanager
-#openshift_prometheus_alertmanager_storage_volume_size=10Gi
-#openshift_prometheus_alertmanager_storage_labels={'storage': 'prometheus-alertmanager'}
-#openshift_prometheus_alertmanager_storage_type='pvc'
-# For prometheus-alertbuffer
-#openshift_prometheus_alertbuffer_storage_kind=nfs
-#openshift_prometheus_alertbuffer_storage_access_modes=['ReadWriteOnce']
-#openshift_prometheus_alertbuffer_storage_nfs_directory=/exports
-#openshift_prometheus_alertbuffer_storage_nfs_options='*(rw,root_squash)'
-#openshift_prometheus_alertbuffer_storage_volume_name=prometheus-alertbuffer
-#openshift_prometheus_alertbuffer_storage_volume_size=10Gi
-#openshift_prometheus_alertbuffer_storage_labels={'storage': 'prometheus-alertbuffer'}
-#openshift_prometheus_alertbuffer_storage_type='pvc'
-#
-# Option B - External NFS Host
-# NFS volume must already exist with path "nfs_directory/_volume_name" on
-# the storage_host. For example, the remote volume path using these
-# options would be "nfs.example.com:/exports/prometheus"
-#openshift_prometheus_storage_kind=nfs
-#openshift_prometheus_storage_access_modes=['ReadWriteOnce']
-#openshift_prometheus_storage_host=nfs.example.com
-#openshift_prometheus_storage_nfs_directory=/exports
-#openshift_prometheus_storage_volume_name=prometheus
-#openshift_prometheus_storage_volume_size=10Gi
-#openshift_prometheus_storage_labels={'storage': 'prometheus'}
-#openshift_prometheus_storage_type='pvc'
-# For prometheus-alertmanager
-#openshift_prometheus_alertmanager_storage_kind=nfs
-#openshift_prometheus_alertmanager_storage_access_modes=['ReadWriteOnce']
-#openshift_prometheus_alertmanager_storage_host=nfs.example.com
-#openshift_prometheus_alertmanager_storage_nfs_directory=/exports
-#openshift_prometheus_alertmanager_storage_volume_name=prometheus-alertmanager
-#openshift_prometheus_alertmanager_storage_volume_size=10Gi
-#openshift_prometheus_alertmanager_storage_labels={'storage': 'prometheus-alertmanager'}
-#openshift_prometheus_alertmanager_storage_type='pvc'
-# For prometheus-alertbuffer
-#openshift_prometheus_alertbuffer_storage_kind=nfs
-#openshift_prometheus_alertbuffer_storage_access_modes=['ReadWriteOnce']
-#openshift_prometheus_alertbuffer_storage_host=nfs.example.com
-#openshift_prometheus_alertbuffer_storage_nfs_directory=/exports
-#openshift_prometheus_alertbuffer_storage_volume_name=prometheus-alertbuffer
-#openshift_prometheus_alertbuffer_storage_volume_size=10Gi
-#openshift_prometheus_alertbuffer_storage_labels={'storage': 'prometheus-alertbuffer'}
-#openshift_prometheus_alertbuffer_storage_type='pvc'
-#
-# Option C - none -- Prometheus, alertmanager and alertbuffer will use emptydir volumes
-# which are destroyed when pods are deleted
-
-# Configure the multi-tenant SDN plugin (default is 'redhat/openshift-ovs-subnet')
-# os_sdn_network_plugin_name='redhat/openshift-ovs-multitenant'
-
-# Disable the OpenShift SDN plugin
-# openshift_use_openshift_sdn=False
-
-# Configure SDN cluster network and kubernetes service CIDR blocks. These
-# network blocks should be private and should not conflict with network blocks
-# in your infrastructure that pods may require access to. Can not be changed
-# after deployment.
-#
-# WARNING : Do not pick subnets that overlap with the default Docker bridge subnet of
-# 172.17.0.0/16. Your installation will fail and/or your configuration change will
-# cause the Pod SDN or Cluster SDN to fail.
-#
-# WORKAROUND : If you must use an overlapping subnet, you can configure a non conflicting
-# docker0 CIDR range by adding '--bip=192.168.2.1/24' to DOCKER_NETWORK_OPTIONS
-# environment variable located in /etc/sysconfig/docker-network.
-# When upgrading or scaling up the following must match whats in your master config!
-# Inventory: master yaml field
-# osm_cluster_network_cidr: clusterNetworkCIDR
-# openshift_portal_net: serviceNetworkCIDR
-# When installing osm_cluster_network_cidr and openshift_portal_net must be set.
-# Sane examples are provided below.
-#osm_cluster_network_cidr=10.128.0.0/14
-#openshift_portal_net=172.30.0.0/16
-
-# ExternalIPNetworkCIDRs controls what values are acceptable for the
-# service external IP field. If empty, no externalIP may be set. It
-# may contain a list of CIDRs which are checked for access. If a CIDR
-# is prefixed with !, IPs in that CIDR will be rejected. Rejections
-# will be applied first, then the IP checked against one of the
-# allowed CIDRs. You should ensure this range does not overlap with
-# your nodes, pods, or service CIDRs for security reasons.
-#openshift_master_external_ip_network_cidrs=['0.0.0.0/0']
-
-# IngressIPNetworkCIDR controls the range to assign ingress IPs from for
-# services of type LoadBalancer on bare metal. If empty, ingress IPs will not
-# be assigned. It may contain a single CIDR that will be allocated from. For
-# security reasons, you should ensure that this range does not overlap with
-# the CIDRs reserved for external IPs, nodes, pods, or services.
-#openshift_master_ingress_ip_network_cidr=172.46.0.0/16
-
-# Configure number of bits to allocate to each host's subnet e.g. 9
-# would mean a /23 network on the host.
-# When upgrading or scaling up the following must match whats in your master config!
-# Inventory: master yaml field
-# osm_host_subnet_length: hostSubnetLength
-# When installing osm_host_subnet_length must be set. A sane example is provided below.
-#osm_host_subnet_length=9
-
-# Configure master API and console ports.
-#openshift_master_api_port=8443
-#openshift_master_console_port=8443
-
-# set exact RPM version (include - prefix)
-#openshift_pkg_version=-3.6.0
-# you may also specify version and release, ie:
-#openshift_pkg_version=-3.7.0-0.126.0.git.0.9351aae.el7
-
-# Configure custom ca certificate
-#openshift_master_ca_certificate={'certfile': '/path/to/ca.crt', 'keyfile': '/path/to/ca.key'}
-#
-# NOTE: CA certificate will not be replaced with existing clusters.
-# This option may only be specified when creating a new cluster or
-# when redeploying cluster certificates with the redeploy-certificates
-# playbook.
-
-# Configure custom named certificates (SNI certificates)
-#
-# https://docs.openshift.org/latest/install_config/certificate_customization.html
-# https://docs.openshift.com/enterprise/latest/install_config/certificate_customization.html
-#
-# NOTE: openshift_master_named_certificates is cached on masters and is an
-# additive fact, meaning that each run with a different set of certificates
-# will add the newly provided certificates to the cached set of certificates.
-#
-# An optional CA may be specified for each named certificate. CAs will
-# be added to the OpenShift CA bundle which allows for the named
-# certificate to be served for internal cluster communication.
-#
-# If you would like openshift_master_named_certificates to be overwritten with
-# the provided value, specify openshift_master_overwrite_named_certificates.
-#openshift_master_overwrite_named_certificates=true
-#
-# Provide local certificate paths which will be deployed to masters
-#openshift_master_named_certificates=[{"certfile": "/path/to/custom1.crt", "keyfile": "/path/to/custom1.key", "cafile": "/path/to/custom-ca1.crt"}]
-#
-# Detected names may be overridden by specifying the "names" key
-#openshift_master_named_certificates=[{"certfile": "/path/to/custom1.crt", "keyfile": "/path/to/custom1.key", "names": ["public-master-host.com"], "cafile": "/path/to/custom-ca1.crt"}]
-
-# Session options
-#openshift_master_session_name=ssn
-#openshift_master_session_max_seconds=3600
-
-# An authentication and encryption secret will be generated if secrets
-# are not provided. If provided, openshift_master_session_auth_secrets
-# and openshift_master_encryption_secrets must be equal length.
-#
-# Signing secrets, used to authenticate sessions using
-# HMAC. Recommended to use secrets with 32 or 64 bytes.
-#openshift_master_session_auth_secrets=['DONT+USE+THIS+SECRET+b4NV+pmZNSO']
-#
-# Encrypting secrets, used to encrypt sessions. Must be 16, 24, or 32
-# characters long, to select AES-128, AES-192, or AES-256.
-#openshift_master_session_encryption_secrets=['DONT+USE+THIS+SECRET+b4NV+pmZNSO']
-
-# configure how often node iptables rules are refreshed
-#openshift_node_iptables_sync_period=5s
-
-# Configure nodeIP in the node config
-# This is needed in cases where node traffic is desired to go over an
-# interface other than the default network interface.
-#openshift_set_node_ip=True
-
-# Configure dnsIP in the node config
-#openshift_dns_ip=172.30.0.1
-
-# Configure node kubelet arguments. pods-per-core is valid in OpenShift Origin 1.3 or OpenShift Container Platform 3.3 and later.
-#openshift_node_kubelet_args={'pods-per-core': ['10'], 'max-pods': ['250'], 'image-gc-high-threshold': ['85'], 'image-gc-low-threshold': ['80']}
-
-# Configure logrotate scripts
-# See: https://github.com/nickhammond/ansible-logrotate
-#logrotate_scripts=[{"name": "syslog", "path": "/var/log/cron\n/var/log/maillog\n/var/log/messages\n/var/log/secure\n/var/log/spooler\n", "options": ["daily", "rotate 7", "compress", "sharedscripts", "missingok"], "scripts": {"postrotate": "/bin/kill -HUP `cat /var/run/syslogd.pid 2> /dev/null` 2> /dev/null || true"}}]
-
-# openshift-ansible will wait indefinitely for your input when it detects that the
-# value of openshift_hostname resolves to an IP address not bound to any local
-# interfaces. This mis-configuration is problematic for any pod leveraging host
-# networking and liveness or readiness probes.
-# Setting this variable to true will override that check.
-#openshift_override_hostname_check=true
-
-# openshift_use_dnsmasq is deprecated. This must be true, or installs will fail
-# in versions >= 3.6
-#openshift_use_dnsmasq=False
-
-# Define an additional dnsmasq.conf file to deploy to /etc/dnsmasq.d/openshift-ansible.conf
-# This is useful for POC environments where DNS may not actually be available yet or to set
-# options like 'strict-order' to alter dnsmasq configuration.
-#openshift_node_dnsmasq_additional_config_file=/home/bob/ose-dnsmasq.conf
-
-# Global Proxy Configuration
-# These options configure HTTP_PROXY, HTTPS_PROXY, and NOPROXY environment
-# variables for docker and master services.
-#
-# Hosts in the openshift_no_proxy list will NOT use any globally
-# configured HTTP(S)_PROXYs. openshift_no_proxy accepts domains
-# (.example.com), hosts (example.com), and IP addresses.
-#openshift_http_proxy=http://USER:PASSWORD@IPADDR:PORT
-#openshift_https_proxy=https://USER:PASSWORD@IPADDR:PORT
-#openshift_no_proxy='.hosts.example.com,some-host.com'
-#
-# Most environments don't require a proxy between openshift masters, nodes, and
-# etcd hosts. So automatically add those hostnames to the openshift_no_proxy list.
-# If all of your hosts share a common domain you may wish to disable this and
-# specify that domain above instead.
-#
-# For example, having hosts with FQDNs: m1.ex.com, n1.ex.com, and
-# n2.ex.com, one would simply add '.ex.com' to the openshift_no_proxy
-# variable (above) and set this value to False
-#openshift_generate_no_proxy_hosts=True
-#
-# These options configure the BuildDefaults admission controller which injects
-# configuration into Builds. Proxy related values will default to the global proxy
-# config values. You only need to set these if they differ from the global proxy settings.
-# See BuildDefaults documentation at
-# https://docs.openshift.org/latest/admin_guide/build_defaults_overrides.html
-#openshift_builddefaults_http_proxy=http://USER:PASSWORD@HOST:PORT
-#openshift_builddefaults_https_proxy=https://USER:PASSWORD@HOST:PORT
-#openshift_builddefaults_no_proxy=mycorp.com
-#openshift_builddefaults_git_http_proxy=http://USER:PASSWORD@HOST:PORT
-#openshift_builddefaults_git_https_proxy=https://USER:PASSWORD@HOST:PORT
-#openshift_builddefaults_git_no_proxy=mycorp.com
-#openshift_builddefaults_image_labels=[{'name':'imagelabelname1','value':'imagelabelvalue1'}]
-#openshift_builddefaults_nodeselectors={'nodelabel1':'nodelabelvalue1'}
-#openshift_builddefaults_annotations={'annotationkey1':'annotationvalue1'}
-#openshift_builddefaults_resources_requests_cpu=100m
-#openshift_builddefaults_resources_requests_memory=256Mi
-#openshift_builddefaults_resources_limits_cpu=1000m
-#openshift_builddefaults_resources_limits_memory=512Mi
-
-# Or you may optionally define your own build defaults configuration serialized as json
-#openshift_builddefaults_json='{"BuildDefaults":{"configuration":{"apiVersion":"v1","env":[{"name":"HTTP_PROXY","value":"http://proxy.example.com.redhat.com:3128"},{"name":"NO_PROXY","value":"ose3-master.example.com"}],"gitHTTPProxy":"http://proxy.example.com:3128","gitNoProxy":"ose3-master.example.com","kind":"BuildDefaultsConfig"}}}'
-
-# These options configure the BuildOverrides admission controller which injects
-# configuration into Builds.
-# See BuildOverrides documentation at
-# https://docs.openshift.org/latest/admin_guide/build_defaults_overrides.html
-#openshift_buildoverrides_force_pull=true
-#openshift_buildoverrides_image_labels=[{'name':'imagelabelname1','value':'imagelabelvalue1'}]
-#openshift_buildoverrides_nodeselectors={'nodelabel1':'nodelabelvalue1'}
-#openshift_buildoverrides_annotations={'annotationkey1':'annotationvalue1'}
-
-# Or you may optionally define your own build overrides configuration serialized as json
-#openshift_buildoverrides_json='{"BuildOverrides":{"configuration":{"apiVersion":"v1","kind":"BuildDefaultsConfig","forcePull":"true"}}}'
-
-# Enable service catalog
-#openshift_enable_service_catalog=true
-
-# Enable template service broker (requires service catalog to be enabled, above)
-#template_service_broker_install=true
-
-# Configure one of more namespaces whose templates will be served by the TSB
-#openshift_template_service_broker_namespaces=['openshift']
-
-# masterConfig.volumeConfig.dynamicProvisioningEnabled, configurable as of 1.2/3.2, enabled by default
-#openshift_master_dynamic_provisioning_enabled=False
-
-# Admission plugin config
-#openshift_master_admission_plugin_config={"ProjectRequestLimit":{"configuration":{"apiVersion":"v1","kind":"ProjectRequestLimitConfig","limits":[{"selector":{"admin":"true"}},{"maxProjects":"1"}]}},"PodNodeConstraints":{"configuration":{"apiVersion":"v1","kind":"PodNodeConstraintsConfig"}}}
-
-# Configure usage of openshift_clock role.
-#openshift_clock_enabled=true
-
-# OpenShift Per-Service Environment Variables
-# Environment variables are added to /etc/sysconfig files for
-# each OpenShift service: node, master (api and controllers).
-# API and controllers environment variables are merged in single
-# master environments.
-#openshift_master_api_env_vars={"ENABLE_HTTP2": "true"}
-#openshift_master_controllers_env_vars={"ENABLE_HTTP2": "true"}
-#openshift_node_env_vars={"ENABLE_HTTP2": "true"}
-
-# Enable API service auditing
-#openshift_master_audit_config={"enabled": true}
-#
-# In case you want more advanced setup for the auditlog you can
-# use this line.
-# The directory in "auditFilePath" will be created if it's not
-# exist
-#openshift_master_audit_config={"enabled": true, "auditFilePath": "/var/log/openpaas-oscp-audit/openpaas-oscp-audit.log", "maximumFileRetentionDays": 14, "maximumFileSizeMegabytes": 500, "maximumRetainedFiles": 5}
-
-# Enable origin repos that point at Centos PAAS SIG, defaults to true, only used
-# by deployment_type=origin
-#openshift_enable_origin_repo=false
-
-# Validity of the auto-generated OpenShift certificates in days.
-# See also openshift_hosted_registry_cert_expire_days above.
-#
-#openshift_ca_cert_expire_days=1825
-#openshift_node_cert_expire_days=730
-#openshift_master_cert_expire_days=730
-
-# Validity of the auto-generated external etcd certificates in days.
-# Controls validity for etcd CA, peer, server and client certificates.
-#
-#etcd_ca_default_days=1825
-#
-# ServiceAccountConfig:LimitSecretRefences rejects pods that reference secrets their service accounts do not reference
-# openshift_master_saconfig_limitsecretreferences=false
-
-# Upgrade Control
-#
-# By default nodes are upgraded in a serial manner one at a time and all failures
-# are fatal, one set of variables for normal nodes, one set of variables for
-# nodes that are part of control plane as the number of hosts may be different
-# in those two groups.
-#openshift_upgrade_nodes_serial=1
-#openshift_upgrade_nodes_max_fail_percentage=0
-#openshift_upgrade_control_plane_nodes_serial=1
-#openshift_upgrade_control_plane_nodes_max_fail_percentage=0
-#
-# You can specify the number of nodes to upgrade at once. We do not currently
-# attempt to verify that you have capacity to drain this many nodes at once
-# so please be careful when specifying these values. You should also verify that
-# the expected number of nodes are all schedulable and ready before starting an
-# upgrade. If it's not possible to drain the requested nodes the upgrade will
-# stall indefinitely until the drain is successful.
-#
-# If you're upgrading more than one node at a time you can specify the maximum
-# percentage of failure within the batch before the upgrade is aborted. Any
-# nodes that do fail are ignored for the rest of the playbook run and you should
-# take care to investigate the failure and return the node to service so that
-# your cluster.
-#
-# The percentage must exceed the value, this would fail on two failures
-# openshift_upgrade_nodes_serial=4 openshift_upgrade_nodes_max_fail_percentage=49
-# where as this would not
-# openshift_upgrade_nodes_serial=4 openshift_upgrade_nodes_max_fail_percentage=50
-#
-# Multiple data migrations take place and if they fail they will fail the upgrade
-# You may wish to disable these or make them non fatal
-#
-# openshift_upgrade_pre_storage_migration_enabled=true
-# openshift_upgrade_pre_storage_migration_fatal=true
-# openshift_upgrade_post_storage_migration_enabled=true
-# openshift_upgrade_post_storage_migration_fatal=false
-
-######################################################################
-# CloudForms/ManageIQ (CFME/MIQ) Configuration
-
-# See the readme for full descriptions and getting started
-# instructions: ../../roles/openshift_management/README.md or go directly to
-# their definitions: ../../roles/openshift_management/defaults/main.yml
-# ../../roles/openshift_management/vars/main.yml
-#
-# Namespace for the CFME project
-#openshift_management_project: openshift-management
-
-# Namespace/project description
-#openshift_management_project_description: CloudForms Management Engine
-
-# Choose 'miq-template' for a podified database install
-# Choose 'miq-template-ext-db' for an external database install
-#
-# If you are using the miq-template-ext-db template then you must add
-# the required database parameters to the
-# openshift_management_template_parameters variable.
-#openshift_management_app_template: miq-template
-
-# Allowed options: nfs, nfs_external, preconfigured, cloudprovider.
-#openshift_management_storage_class: nfs
-
-# [OPTIONAL] - If you are using an EXTERNAL NFS server, such as a
-# netapp appliance, then you must set the hostname here. Leave the
-# value as 'false' if you are not using external NFS.
-#openshift_management_storage_nfs_external_hostname: false
-
-# [OPTIONAL] - If you are using external NFS then you must set the base
-# path to the exports location here.
-#
-# Additionally: EXTERNAL NFS REQUIRES that YOU CREATE the nfs exports
-# that will back the application PV and optionally the database
-# pv. Export path definitions, relative to
-# {{ openshift_management_storage_nfs_base_dir }}
-#
-# LOCAL NFS NOTE:
-#
-# You may may also change this value if you want to change the default
-# path used for local NFS exports.
-#openshift_management_storage_nfs_base_dir: /exports
-
-# LOCAL NFS NOTE:
-#
-# You may override the automatically selected LOCAL NFS server by
-# setting this variable. Useful for testing specific task files.
-#openshift_management_storage_nfs_local_hostname: false
-
-# These are the default values for the username and password of the
-# management app. Changing these values in your inventory will not
-# change your username or password. You should only need to change
-# these values in your inventory if you already changed the actual
-# name and password AND are trying to use integration scripts.
-#
-# For example, adding this cluster as a container provider,
-# playbooks/byo/openshift-management/add_container_provider.yml
-#openshift_management_username: admin
-#openshift_management_password: smartvm
-
-# A hash of parameters you want to override or set in the
-# miq-template.yaml or miq-template-ext-db.yaml templates. Set this in
-# your inventory file as a simple hash. Acceptable values are defined
-# under the .parameters list in files/miq-template{-ext-db}.yaml
-# Example:
-#
-# openshift_management_template_parameters={'APPLICATION_MEM_REQ': '512Mi'}
-#openshift_management_template_parameters: {}
-
-# Firewall configuration
-# You can open additional firewall ports by defining them as a list. of service
-# names and ports/port ranges for either masters or nodes.
-#openshift_master_open_ports=[{"service":"svc1","port":"11/tcp"}]
-#openshift_node_open_ports=[{"service":"svc2","port":"12-13/tcp"},{"service":"svc3","port":"14/udp"}]
-
-# host group for masters
-[masters]
-ose3-master[1:3]-ansible.test.example.com
-
-[etcd]
-ose3-etcd[1:3]-ansible.test.example.com
-
-# NOTE: Containerized load balancer hosts are not yet supported, if using a global
-# containerized=true host variable we must set to false.
-[lb]
-ose3-lb-ansible.test.example.com containerized=false
-
-# NOTE: Currently we require that masters be part of the SDN which requires that they also be nodes
-# However, in order to ensure that your masters are not burdened with running pods you should
-# make them unschedulable by adding openshift_schedulable=False any node that's also a master.
-[nodes]
-ose3-master[1:3]-ansible.test.example.com
-ose3-node[1:2]-ansible.test.example.com openshift_node_labels="{'region': 'primary', 'zone': 'default'}"
diff --git a/inventory/byo/hosts.openstack b/inventory/byo/hosts.openstack
deleted file mode 100644
index c648078c4..000000000
--- a/inventory/byo/hosts.openstack
+++ /dev/null
@@ -1,37 +0,0 @@
-# This is an example of a bring your own (byo) host inventory
-
-# Create an OSEv3 group that contains the masters and nodes groups
-[OSEv3:children]
-masters
-nodes
-etcd
-lb
-
-# Set variables common for all OSEv3 hosts
-[OSEv3:vars]
-ansible_ssh_user=cloud-user
-ansible_become=yes
-
-# Debug level for all OpenShift components (Defaults to 2)
-debug_level=2
-
-openshift_deployment_type=openshift-enterprise
-
-openshift_additional_repos=[{'id': 'ose-3.1', 'name': 'ose-3.1', 'baseurl': 'http://pulp.dist.prod.ext.phx2.redhat.com/content/dist/rhel/server/7/7Server/x86_64/ose/3.1/os', 'enabled': 1, 'gpgcheck': 0}]
-
-openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', 'challenge': 'true', 'kind': 'HTPasswdPasswordIdentityProvider', 'filename': '{{ openshift.common.config_base }}/htpasswd'}]
-
-#openshift_pkg_version=-3.0.0.0
-
-[masters]
-jdetiber-master.usersys.redhat.com openshift_public_hostname="{{ inventory_hostname }}" openshift_hostname="{{ ansible_default_ipv4.address }}"
-
-[etcd]
-jdetiber-etcd.usersys.redhat.com
-
-[lb]
-#ose3-lb-ansible.test.example.com
-
-[nodes]
-jdetiber-master.usersys.redhat.com openshift_public_hostname="{{ inventory_hostname }}" openshift_hostname="{{ ansible_default_ipv4.address }}"
-jdetiber-node[1:2].usersys.redhat.com openshift_public_hostname="{{ inventory_hostname }}" openshift_hostname="{{ ansible_default_ipv4.address }}" openshift_node_labels="{'region': 'primary', 'zone': 'default'}"
diff --git a/inventory/hosts.example b/inventory/hosts.example
new file mode 100644
index 000000000..d857cd1a7
--- /dev/null
+++ b/inventory/hosts.example
@@ -0,0 +1,1095 @@
+# This is an example of an OpenShift-Ansible host inventory
+
+# Create an OSEv3 group that contains the masters and nodes groups
+[OSEv3:children]
+masters
+nodes
+etcd
+lb
+nfs
+
+# Set variables common for all OSEv3 hosts
+[OSEv3:vars]
+# Enable unsupported configurations, things that will yield a partially
+# functioning cluster but would not be supported for production use
+#openshift_enable_unsupported_configurations=false
+
+# SSH user, this user should allow ssh based auth without requiring a
+# password. If using ssh key based auth, then the key should be managed by an
+# ssh agent.
+ansible_user=root
+
+# If ansible_user is not root, ansible_become must be set to true and the
+# user must be configured for passwordless sudo
+#ansible_become=yes
+
+# Debug level for all OpenShift components (Defaults to 2)
+debug_level=2
+
+# Specify the deployment type. Valid values are origin and openshift-enterprise.
+openshift_deployment_type=origin
+#openshift_deployment_type=openshift-enterprise
+
+# Specify the generic release of OpenShift to install. This is used mainly just during installation, after which we
+# rely on the version running on the first master. Works best for containerized installs where we can usually
+# use this to lookup the latest exact version of the container images, which is the tag actually used to configure
+# the cluster. For RPM installations we just verify the version detected in your configured repos matches this
+# release.
+openshift_release=v3.7
+
+# Specify an exact container image tag to install or configure.
+# WARNING: This value will be used for all hosts in containerized environments, even those that have another version installed.
+# This could potentially trigger an upgrade and downtime, so be careful with modifying this value after the cluster is set up.
+#openshift_image_tag=v3.7.0
+
+# Specify an exact rpm version to install or configure.
+# WARNING: This value will be used for all hosts in RPM based environments, even those that have another version installed.
+# This could potentially trigger an upgrade and downtime, so be careful with modifying this value after the cluster is set up.
+#openshift_pkg_version=-3.7.0
+
+# This enables all the system containers except for docker:
+#openshift_use_system_containers=False
+#
+# But you can choose separately each component that must be a
+# system container:
+#
+#openshift_use_openvswitch_system_container=False
+#openshift_use_node_system_container=False
+#openshift_use_master_system_container=False
+#openshift_use_etcd_system_container=False
+#
+# In either case, system_images_registry must be specified to be able to find the system images
+#system_images_registry="docker.io"
+# when openshift_deployment_type=='openshift-enterprise'
+#system_images_registry="registry.access.redhat.com"
+
+# Manage openshift example imagestreams and templates during install and upgrade
+#openshift_install_examples=true
+
+# Configure logoutURL in the master config for console customization
+# See: https://docs.openshift.org/latest/install_config/web_console_customization.html#changing-the-logout-url
+#openshift_master_logout_url=http://example.com
+
+# Configure extensionScripts in the master config for console customization
+# See: https://docs.openshift.org/latest/install_config/web_console_customization.html#loading-custom-scripts-and-stylesheets
+#openshift_master_extension_scripts=['/path/to/script1.js','/path/to/script2.js']
+
+# Configure extensionStylesheets in the master config for console customization
+# See: https://docs.openshift.org/latest/install_config/web_console_customization.html#loading-custom-scripts-and-stylesheets
+#openshift_master_extension_stylesheets=['/path/to/stylesheet1.css','/path/to/stylesheet2.css']
+
+# Configure extensions in the master config for console customization
+# See: https://docs.openshift.org/latest/install_config/web_console_customization.html#serving-static-files
+#openshift_master_extensions=[{'name': 'images', 'sourceDirectory': '/path/to/my_images'}]
+
+# Configure extensions in the master config for console customization
+# See: https://docs.openshift.org/latest/install_config/web_console_customization.html#serving-static-files
+#openshift_master_oauth_template=/path/to/login-template.html
+
+# Configure imagePolicyConfig in the master config
+# See: https://godoc.org/github.com/openshift/origin/pkg/cmd/server/api#ImagePolicyConfig
+#openshift_master_image_policy_config={"maxImagesBulkImportedPerRepository": 3, "disableScheduledImport": true}
+
+# Configure master API rate limits for external clients
+#openshift_master_external_ratelimit_qps=200
+#openshift_master_external_ratelimit_burst=400
+# Configure master API rate limits for loopback clients
+#openshift_master_loopback_ratelimit_qps=300
+#openshift_master_loopback_ratelimit_burst=600
+
+# Docker Configuration
+# Add additional, insecure, and blocked registries to global docker configuration
+# For enterprise deployment types we ensure that registry.access.redhat.com is
+# included if you do not include it
+#openshift_docker_additional_registries=registry.example.com
+#openshift_docker_insecure_registries=registry.example.com
+#openshift_docker_blocked_registries=registry.hacker.com
+# Disable pushing to dockerhub
+#openshift_docker_disable_push_dockerhub=True
+# Use Docker inside a System Container. Note that this is a tech preview and should
+# not be used to upgrade!
+# The following options for docker are ignored:
+# - docker_version
+# - docker_upgrade
+# The following options must not be used
+# - openshift_docker_options
+#openshift_docker_use_system_container=False
+# Install and run cri-o along side docker
+# NOTE: This uses openshift_docker_systemcontainer_image_registry_override as it's override
+# just as container-engine does.
+#openshift_use_crio=False
+# Force the registry to use for the container-engine/crio system container. By default the registry
+# will be built off of the deployment type and ansible_distribution. Only
+# use this option if you are sure you know what you are doing!
+#openshift_docker_systemcontainer_image_override="registry.example.com/container-engine:latest"
+#openshift_crio_systemcontainer_image_override="registry.example.com/cri-o:latest"
+# NOTE: The following crio docker-gc items are tech preview and likely shouldn't be used
+# unless you know what you are doing!!
+# The following two variables are used when opneshift_use_crio is True
+# and cleans up after builds that pass through docker.
+# Enable docker garbage collection when using cri-o
+#openshift_crio_enable_docker_gc=false
+# Node Selectors to run the garbage collection
+#openshift_crio_docker_gc_node_selector: {'runtime': 'cri-o'}
+
+# Items added, as is, to end of /etc/sysconfig/docker OPTIONS
+# Default value: "--log-driver=journald"
+#openshift_docker_options="-l warn --ipv6=false"
+
+# Specify exact version of Docker to configure or upgrade to.
+# Downgrades are not supported and will error out. Be careful when upgrading docker from < 1.10 to > 1.10.
+# docker_version="1.12.1"
+
+# Specify whether to run Docker daemon with SELinux enabled in containers. Default is True.
+# Uncomment below to disable; for example if your kernel does not support the
+# Docker overlay/overlay2 storage drivers with SELinux enabled.
+#openshift_docker_selinux_enabled=False
+
+# Skip upgrading Docker during an OpenShift upgrade, leaves the current Docker version alone.
+# docker_upgrade=False
+
+# Specify exact version of etcd to configure or upgrade to.
+# etcd_version="3.1.0"
+# Enable etcd debug logging, defaults to false
+# etcd_debug=true
+# Set etcd log levels by package
+# etcd_log_package_levels="etcdserver=WARNING,security=DEBUG"
+
+# Upgrade Hooks
+#
+# Hooks are available to run custom tasks at various points during a cluster
+# upgrade. Each hook should point to a file with Ansible tasks defined. Suggest using
+# absolute paths, if not the path will be treated as relative to the file where the
+# hook is actually used.
+#
+# Tasks to run before each master is upgraded.
+# openshift_master_upgrade_pre_hook=/usr/share/custom/pre_master.yml
+#
+# Tasks to run to upgrade the master. These tasks run after the main openshift-ansible
+# upgrade steps, but before we restart system/services.
+# openshift_master_upgrade_hook=/usr/share/custom/master.yml
+#
+# Tasks to run after each master is upgraded and system/services have been restarted.
+# openshift_master_upgrade_post_hook=/usr/share/custom/post_master.yml
+
+# Alternate image format string, useful if you've got your own registry mirror
+# Configure this setting just on node or master
+#oreg_url_master=example.com/openshift3/ose-${component}:${version}
+#oreg_url_node=example.com/openshift3/ose-${component}:${version}
+# For setting the configuration globally
+#oreg_url=example.com/openshift3/ose-${component}:${version}
+# If oreg_url points to a registry other than registry.access.redhat.com we can
+# modify image streams to point at that registry by setting the following to true
+#openshift_examples_modify_imagestreams=true
+
+# If oreg_url points to a registry requiring authentication, provide the following:
+#oreg_auth_user=some_user
+#oreg_auth_password='my-pass'
+# NOTE: oreg_url must be defined by the user for oreg_auth_* to have any affect.
+# oreg_auth_pass should be generated from running docker login.
+# To update registry auth credentials, uncomment the following:
+#oreg_auth_credentials_replace: True
+
+# OpenShift repository configuration
+#openshift_additional_repos=[{'id': 'openshift-origin-copr', 'name': 'OpenShift Origin COPR', 'baseurl': 'https://copr-be.cloud.fedoraproject.org/results/maxamillion/origin-next/epel-7-$basearch/', 'enabled': 1, 'gpgcheck': 1, 'gpgkey': 'https://copr-be.cloud.fedoraproject.org/results/maxamillion/origin-next/pubkey.gpg'}]
+#openshift_repos_enable_testing=false
+
+# htpasswd auth
+openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', 'challenge': 'true', 'kind': 'HTPasswdPasswordIdentityProvider', 'filename': '/etc/origin/master/htpasswd'}]
+# Defining htpasswd users
+#openshift_master_htpasswd_users={'user1': '<pre-hashed password>', 'user2': '<pre-hashed password>'}
+# or
+#openshift_master_htpasswd_file=<path to local pre-generated htpasswd file>
+
+# Allow all auth
+#openshift_master_identity_providers=[{'name': 'allow_all', 'login': 'true', 'challenge': 'true', 'kind': 'AllowAllPasswordIdentityProvider'}]
+
+# LDAP auth
+#openshift_master_identity_providers=[{'name': 'my_ldap_provider', 'challenge': 'true', 'login': 'true', 'kind': 'LDAPPasswordIdentityProvider', 'attributes': {'id': ['dn'], 'email': ['mail'], 'name': ['cn'], 'preferredUsername': ['uid']}, 'bindDN': '', 'bindPassword': '', 'ca': 'my-ldap-ca.crt', 'insecure': 'false', 'url': 'ldap://ldap.example.com:389/ou=users,dc=example,dc=com?uid'}]
+#
+# Configure LDAP CA certificate
+# Specify either the ASCII contents of the certificate or the path to
+# the local file that will be copied to the remote host. CA
+# certificate contents will be copied to master systems and saved
+# within /etc/origin/master/ with a filename matching the "ca" key set
+# within the LDAPPasswordIdentityProvider.
+#
+#openshift_master_ldap_ca=<ca text>
+# or
+#openshift_master_ldap_ca_file=<path to local ca file to use>
+
+# OpenID auth
+#openshift_master_identity_providers=[{"name": "openid_auth", "login": "true", "challenge": "false", "kind": "OpenIDIdentityProvider", "client_id": "my_client_id", "client_secret": "my_client_secret", "claims": {"id": ["sub"], "preferredUsername": ["preferred_username"], "name": ["name"], "email": ["email"]}, "urls": {"authorize": "https://myidp.example.com/oauth2/authorize", "token": "https://myidp.example.com/oauth2/token"}, "ca": "my-openid-ca-bundle.crt"}]
+#
+# Configure OpenID CA certificate
+# Specify either the ASCII contents of the certificate or the path to
+# the local file that will be copied to the remote host. CA
+# certificate contents will be copied to master systems and saved
+# within /etc/origin/master/ with a filename matching the "ca" key set
+# within the OpenIDIdentityProvider.
+#
+#openshift_master_openid_ca=<ca text>
+# or
+#openshift_master_openid_ca_file=<path to local ca file to use>
+
+# Request header auth
+#openshift_master_identity_providers=[{"name": "my_request_header_provider", "challenge": "true", "login": "true", "kind": "RequestHeaderIdentityProvider", "challengeURL": "https://www.example.com/challenging-proxy/oauth/authorize?${query}", "loginURL": "https://www.example.com/login-proxy/oauth/authorize?${query}", "clientCA": "my-request-header-ca.crt", "clientCommonNames": ["my-auth-proxy"], "headers": ["X-Remote-User", "SSO-User"], "emailHeaders": ["X-Remote-User-Email"], "nameHeaders": ["X-Remote-User-Display-Name"], "preferredUsernameHeaders": ["X-Remote-User-Login"]}]
+#
+# Configure request header CA certificate
+# Specify either the ASCII contents of the certificate or the path to
+# the local file that will be copied to the remote host. CA
+# certificate contents will be copied to master systems and saved
+# within /etc/origin/master/ with a filename matching the "clientCA"
+# key set within the RequestHeaderIdentityProvider.
+#
+#openshift_master_request_header_ca=<ca text>
+# or
+#openshift_master_request_header_ca_file=<path to local ca file to use>
+
+# CloudForms Management Engine (ManageIQ) App Install
+#
+# Enables installation of MIQ server. Recommended for dedicated
+# clusters only. See roles/openshift_management/README.md for instructions
+# and requirements.
+#openshift_management_install_management=False
+
+# Cloud Provider Configuration
+#
+# Note: You may make use of environment variables rather than store
+# sensitive configuration within the ansible inventory.
+# For example:
+#openshift_cloudprovider_aws_access_key="{{ lookup('env','AWS_ACCESS_KEY_ID') }}"
+#openshift_cloudprovider_aws_secret_key="{{ lookup('env','AWS_SECRET_ACCESS_KEY') }}"
+#
+# AWS
+#openshift_cloudprovider_kind=aws
+# Note: IAM profiles may be used instead of storing API credentials on disk.
+#openshift_cloudprovider_aws_access_key=aws_access_key_id
+#openshift_cloudprovider_aws_secret_key=aws_secret_access_key
+#
+# Openstack
+#openshift_cloudprovider_kind=openstack
+#openshift_cloudprovider_openstack_auth_url=http://openstack.example.com:35357/v2.0/
+#openshift_cloudprovider_openstack_username=username
+#openshift_cloudprovider_openstack_password=password
+#openshift_cloudprovider_openstack_domain_id=domain_id
+#openshift_cloudprovider_openstack_domain_name=domain_name
+#openshift_cloudprovider_openstack_tenant_id=tenant_id
+#openshift_cloudprovider_openstack_tenant_name=tenant_name
+#openshift_cloudprovider_openstack_region=region
+#openshift_cloudprovider_openstack_lb_subnet_id=subnet_id
+#
+# GCE
+#openshift_cloudprovider_kind=gce
+
+# Project Configuration
+#osm_project_request_message=''
+#osm_project_request_template=''
+#osm_mcs_allocator_range='s0:/2'
+#osm_mcs_labels_per_project=5
+#osm_uid_allocator_range='1000000000-1999999999/10000'
+
+# Configure additional projects
+#openshift_additional_projects={'my-project': {'default_node_selector': 'label=value'}}
+
+# Enable cockpit
+#osm_use_cockpit=true
+#
+# Set cockpit plugins
+#osm_cockpit_plugins=['cockpit-kubernetes']
+
+# Native high availability (default cluster method)
+# If no lb group is defined, the installer assumes that a load balancer has
+# been preconfigured. For installation the value of
+# openshift_master_cluster_hostname must resolve to the load balancer
+# or to one or all of the masters defined in the inventory if no load
+# balancer is present.
+#openshift_master_cluster_hostname=openshift-ansible.test.example.com
+#openshift_master_cluster_public_hostname=openshift-ansible.test.example.com
+
+# Configure controller arguments
+#osm_controller_args={'resource-quota-sync-period': ['10s']}
+
+# Configure api server arguments
+#osm_api_server_args={'max-requests-inflight': ['400']}
+
+# default subdomain to use for exposed routes
+#openshift_master_default_subdomain=apps.test.example.com
+
+# additional cors origins
+#osm_custom_cors_origins=['foo.example.com', 'bar.example.com']
+
+# default project node selector
+#osm_default_node_selector='region=primary'
+
+# Override the default pod eviction timeout
+#openshift_master_pod_eviction_timeout=5m
+
+# Override the default oauth tokenConfig settings:
+# openshift_master_access_token_max_seconds=86400
+# openshift_master_auth_token_max_seconds=500
+
+# Override master servingInfo.maxRequestsInFlight
+#openshift_master_max_requests_inflight=500
+
+# Override master and node servingInfo.minTLSVersion and .cipherSuites
+# valid TLS versions are VersionTLS10, VersionTLS11, VersionTLS12
+# example cipher suites override, valid cipher suites are https://golang.org/pkg/crypto/tls/#pkg-constants
+#openshift_master_min_tls_version=VersionTLS12
+#openshift_master_cipher_suites=['TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256', '...']
+#
+#openshift_node_min_tls_version=VersionTLS12
+#openshift_node_cipher_suites=['TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256', '...']
+
+# default storage plugin dependencies to install, by default the ceph and
+# glusterfs plugin dependencies will be installed, if available.
+#osn_storage_plugin_deps=['ceph','glusterfs','iscsi']
+
+# OpenShift Router Options
+#
+# An OpenShift router will be created during install if there are
+# nodes present with labels matching the default router selector,
+# "region=infra". Set openshift_node_labels per node as needed in
+# order to label nodes.
+#
+# Example:
+# [nodes]
+# node.example.com openshift_node_labels="{'region': 'infra'}"
+#
+# Router selector (optional)
+# Router will only be created if nodes matching this label are present.
+# Default value: 'region=infra'
+#openshift_hosted_router_selector='region=infra'
+#
+# Router replicas (optional)
+# Unless specified, openshift-ansible will calculate the replica count
+# based on the number of nodes matching the openshift router selector.
+#openshift_hosted_router_replicas=2
+#
+# Router force subdomain (optional)
+# A router path format to force on all routes used by this router
+# (will ignore the route host value)
+#openshift_hosted_router_force_subdomain='${name}-${namespace}.apps.example.com'
+#
+# Router certificate (optional)
+# Provide local certificate paths which will be configured as the
+# router's default certificate.
+#openshift_hosted_router_certificate={"certfile": "/path/to/router.crt", "keyfile": "/path/to/router.key", "cafile": "/path/to/router-ca.crt"}
+#
+# Manage the OpenShift Router (optional)
+#openshift_hosted_manage_router=true
+#
+# Router sharding support has been added and can be achieved by supplying the correct
+# data to the inventory. The variable to house the data is openshift_hosted_routers
+# and is in the form of a list. If no data is passed then a default router will be
+# created. There are multiple combinations of router sharding. The one described
+# below supports routers on separate nodes.
+#
+#openshift_hosted_routers=[{'name': 'router1', 'certificate': {'certfile': '/path/to/certificate/abc.crt', 'keyfile': '/path/to/certificate/abc.key', 'cafile': '/path/to/certificate/ca.crt'}, 'replicas': 1, 'serviceaccount': 'router', 'namespace': 'default', 'stats_port': 1936, 'edits': [], 'images': 'openshift3/ose-${component}:${version}', 'selector': 'type=router1', 'ports': ['80:80', '443:443']}, {'name': 'router2', 'certificate': {'certfile': '/path/to/certificate/xyz.crt', 'keyfile': '/path/to/certificate/xyz.key', 'cafile': '/path/to/certificate/ca.crt'}, 'replicas': 1, 'serviceaccount': 'router', 'namespace': 'default', 'stats_port': 1936, 'edits': [{'action': 'append', 'key': 'spec.template.spec.containers[0].env', 'value': {'name': 'ROUTE_LABELS', 'value': 'route=external'}}], 'images': 'openshift3/ose-${component}:${version}', 'selector': 'type=router2', 'ports': ['80:80', '443:443']}]
+
+# OpenShift Registry Console Options
+# Override the console image prefix:
+# origin default is "cockpit/", enterprise default is "openshift3/"
+#openshift_cockpit_deployer_prefix=registry.example.com/myrepo/
+# origin default is "kubernetes", enterprise default is "registry-console"
+#openshift_cockpit_deployer_basename=my-console
+# Override image version, defaults to latest for origin, vX.Y product version for enterprise
+#openshift_cockpit_deployer_version=1.4.1
+
+# Openshift Registry Options
+#
+# An OpenShift registry will be created during install if there are
+# nodes present with labels matching the default registry selector,
+# "region=infra". Set openshift_node_labels per node as needed in
+# order to label nodes.
+#
+# Example:
+# [nodes]
+# node.example.com openshift_node_labels="{'region': 'infra'}"
+#
+# Registry selector (optional)
+# Registry will only be created if nodes matching this label are present.
+# Default value: 'region=infra'
+#openshift_hosted_registry_selector='region=infra'
+#
+# Registry replicas (optional)
+# Unless specified, openshift-ansible will calculate the replica count
+# based on the number of nodes matching the openshift registry selector.
+#openshift_hosted_registry_replicas=2
+#
+# Validity of the auto-generated certificate in days (optional)
+#openshift_hosted_registry_cert_expire_days=730
+#
+# Manage the OpenShift Registry (optional)
+#openshift_hosted_manage_registry=true
+
+# Registry Storage Options
+#
+# NFS Host Group
+# An NFS volume will be created with path "nfs_directory/volume_name"
+# on the host within the [nfs] host group. For example, the volume
+# path using these options would be "/exports/registry". "exports" is
+# is the name of the export served by the nfs server. "registry" is
+# the name of a directory inside of "/exports".
+#openshift_hosted_registry_storage_kind=nfs
+#openshift_hosted_registry_storage_access_modes=['ReadWriteMany']
+# nfs_directory must conform to DNS-1123 subdomain must consist of lower case
+# alphanumeric characters, '-' or '.', and must start and end with an alphanumeric character
+#openshift_hosted_registry_storage_nfs_directory=/exports
+#openshift_hosted_registry_storage_nfs_options='*(rw,root_squash)'
+#openshift_hosted_registry_storage_volume_name=registry
+#openshift_hosted_registry_storage_volume_size=10Gi
+#
+# External NFS Host
+# NFS volume must already exist with path "nfs_directory/_volume_name" on
+# the storage_host. For example, the remote volume path using these
+# options would be "nfs.example.com:/exports/registry". "exports" is
+# is the name of the export served by the nfs server. "registry" is
+# the name of a directory inside of "/exports".
+#openshift_hosted_registry_storage_kind=nfs
+#openshift_hosted_registry_storage_access_modes=['ReadWriteMany']
+#openshift_hosted_registry_storage_host=nfs.example.com
+# nfs_directory must conform to DNS-1123 subdomain must consist of lower case
+# alphanumeric characters, '-' or '.', and must start and end with an alphanumeric character
+#openshift_hosted_registry_storage_nfs_directory=/exports
+#openshift_hosted_registry_storage_volume_name=registry
+#openshift_hosted_registry_storage_volume_size=10Gi
+#
+# Openstack
+# Volume must already exist.
+#openshift_hosted_registry_storage_kind=openstack
+#openshift_hosted_registry_storage_access_modes=['ReadWriteOnce']
+#openshift_hosted_registry_storage_openstack_filesystem=ext4
+#openshift_hosted_registry_storage_openstack_volumeID=3a650b4f-c8c5-4e0a-8ca5-eaee11f16c57
+#openshift_hosted_registry_storage_volume_size=10Gi
+#
+# AWS S3
+# S3 bucket must already exist.
+#openshift_hosted_registry_storage_kind=object
+#openshift_hosted_registry_storage_provider=s3
+#openshift_hosted_registry_storage_s3_encrypt=false
+#openshift_hosted_registry_storage_s3_kmskeyid=aws_kms_key_id
+#openshift_hosted_registry_storage_s3_accesskey=aws_access_key_id
+#openshift_hosted_registry_storage_s3_secretkey=aws_secret_access_key
+#openshift_hosted_registry_storage_s3_bucket=bucket_name
+#openshift_hosted_registry_storage_s3_region=bucket_region
+#openshift_hosted_registry_storage_s3_chunksize=26214400
+#openshift_hosted_registry_storage_s3_rootdirectory=/registry
+#openshift_hosted_registry_pullthrough=true
+#openshift_hosted_registry_acceptschema2=true
+#openshift_hosted_registry_enforcequota=true
+#
+# Any S3 service (Minio, ExoScale, ...): Basically the same as above
+# but with regionendpoint configured
+# S3 bucket must already exist.
+#openshift_hosted_registry_storage_kind=object
+#openshift_hosted_registry_storage_provider=s3
+#openshift_hosted_registry_storage_s3_accesskey=access_key_id
+#openshift_hosted_registry_storage_s3_secretkey=secret_access_key
+#openshift_hosted_registry_storage_s3_regionendpoint=https://myendpoint.example.com/
+#openshift_hosted_registry_storage_s3_bucket=bucket_name
+#openshift_hosted_registry_storage_s3_region=bucket_region
+#openshift_hosted_registry_storage_s3_chunksize=26214400
+#openshift_hosted_registry_storage_s3_rootdirectory=/registry
+#openshift_hosted_registry_pullthrough=true
+#openshift_hosted_registry_acceptschema2=true
+#openshift_hosted_registry_enforcequota=true
+#
+# Additional CloudFront Options. When using CloudFront all three
+# of the followingg variables must be defined.
+#openshift_hosted_registry_storage_s3_cloudfront_baseurl=https://myendpoint.cloudfront.net/
+#openshift_hosted_registry_storage_s3_cloudfront_privatekeyfile=/full/path/to/secret.pem
+#openshift_hosted_registry_storage_s3_cloudfront_keypairid=yourpairid
+
+# Metrics deployment
+# See: https://docs.openshift.com/enterprise/latest/install_config/cluster_metrics.html
+#
+# By default metrics are not automatically deployed, set this to enable them
+#openshift_metrics_install_metrics=true
+#
+# Storage Options
+# If openshift_metrics_storage_kind is unset then metrics will be stored
+# in an EmptyDir volume and will be deleted when the cassandra pod terminates.
+# Storage options A & B currently support only one cassandra pod which is
+# generally enough for up to 1000 pods. Additional volumes can be created
+# manually after the fact and metrics scaled per the docs.
+#
+# Option A - NFS Host Group
+# An NFS volume will be created with path "nfs_directory/volume_name"
+# on the host within the [nfs] host group. For example, the volume
+# path using these options would be "/exports/metrics". "exports" is
+# is the name of the export served by the nfs server. "metrics" is
+# the name of a directory inside of "/exports".
+#openshift_metrics_storage_kind=nfs
+#openshift_metrics_storage_access_modes=['ReadWriteOnce']
+#openshift_metrics_storage_nfs_directory=/exports
+#openshift_metrics_storage_nfs_options='*(rw,root_squash)'
+#openshift_metrics_storage_volume_name=metrics
+#openshift_metrics_storage_volume_size=10Gi
+#openshift_metrics_storage_labels={'storage': 'metrics'}
+#
+# Option B - External NFS Host
+# NFS volume must already exist with path "nfs_directory/_volume_name" on
+# the storage_host. For example, the remote volume path using these
+# options would be "nfs.example.com:/exports/metrics". "exports" is
+# is the name of the export served by the nfs server. "metrics" is
+# the name of a directory inside of "/exports".
+#openshift_metrics_storage_kind=nfs
+#openshift_metrics_storage_access_modes=['ReadWriteOnce']
+#openshift_metrics_storage_host=nfs.example.com
+#openshift_metrics_storage_nfs_directory=/exports
+#openshift_metrics_storage_volume_name=metrics
+#openshift_metrics_storage_volume_size=10Gi
+#openshift_metrics_storage_labels={'storage': 'metrics'}
+#
+# Option C - Dynamic -- If openshift supports dynamic volume provisioning for
+# your cloud platform use this.
+#openshift_metrics_storage_kind=dynamic
+#
+# Other Metrics Options -- Common items you may wish to reconfigure, for the complete
+# list of options please see roles/openshift_metrics/README.md
+#
+# Override metricsPublicURL in the master config for cluster metrics
+# Defaults to https://hawkular-metrics.{{openshift_master_default_subdomain}}/hawkular/metrics
+# Currently, you may only alter the hostname portion of the url, alterting the
+# `/hawkular/metrics` path will break installation of metrics.
+#openshift_metrics_hawkular_hostname=hawkular-metrics.example.com
+# Configure the prefix and version for the component images
+#openshift_metrics_image_prefix=docker.io/openshift/origin-
+#openshift_metrics_image_version=v3.7
+# when openshift_deployment_type=='openshift-enterprise'
+#openshift_metrics_image_prefix=registry.access.redhat.com/openshift3/
+#openshift_metrics_image_version=v3.7
+#
+# StorageClass
+# openshift_storageclass_name=gp2
+# openshift_storageclass_parameters={'type': 'gp2', 'encrypted': 'false'}
+#
+
+# Logging deployment
+#
+# Currently logging deployment is disabled by default, enable it by setting this
+#openshift_logging_install_logging=true
+#
+# Logging storage config
+# Option A - NFS Host Group
+# An NFS volume will be created with path "nfs_directory/volume_name"
+# on the host within the [nfs] host group. For example, the volume
+# path using these options would be "/exports/logging". "exports" is
+# is the name of the export served by the nfs server. "logging" is
+# the name of a directory inside of "/exports".
+#openshift_logging_storage_kind=nfs
+#openshift_logging_storage_access_modes=['ReadWriteOnce']
+#openshift_logging_storage_nfs_directory=/exports
+#openshift_logging_storage_nfs_options='*(rw,root_squash)'
+#openshift_logging_storage_volume_name=logging
+#openshift_logging_storage_volume_size=10Gi
+#openshift_logging_storage_labels={'storage': 'logging'}
+#
+# Option B - External NFS Host
+# NFS volume must already exist with path "nfs_directory/_volume_name" on
+# the storage_host. For example, the remote volume path using these
+# options would be "nfs.example.com:/exports/logging". "exports" is
+# is the name of the export served by the nfs server. "logging" is
+# the name of a directory inside of "/exports".
+#openshift_logging_storage_kind=nfs
+#openshift_logging_storage_access_modes=['ReadWriteOnce']
+#openshift_logging_storage_host=nfs.example.com
+#openshift_logging_storage_nfs_directory=/exports
+#openshift_logging_storage_volume_name=logging
+#openshift_logging_storage_volume_size=10Gi
+#openshift_logging_storage_labels={'storage': 'logging'}
+#
+# Option C - Dynamic -- If openshift supports dynamic volume provisioning for
+# your cloud platform use this.
+#openshift_logging_storage_kind=dynamic
+#
+# Option D - none -- Logging will use emptydir volumes which are destroyed when
+# pods are deleted
+#
+# Other Logging Options -- Common items you may wish to reconfigure, for the complete
+# list of options please see roles/openshift_logging/README.md
+#
+# Configure loggingPublicURL in the master config for aggregate logging, defaults
+# to kibana.{{ openshift_master_default_subdomain }}
+#openshift_logging_kibana_hostname=logging.apps.example.com
+# Configure the number of elastic search nodes, unless you're using dynamic provisioning
+# this value must be 1
+#openshift_logging_es_cluster_size=1
+# Configure the prefix and version for the component images
+#openshift_logging_image_prefix=docker.io/openshift/origin-
+#openshift_logging_image_version=v3.7.0
+# when openshift_deployment_type=='openshift-enterprise'
+#openshift_logging_image_prefix=registry.access.redhat.com/openshift3/
+#openshift_logging_image_version=3.7.0
+
+# Prometheus deployment
+#
+# Currently prometheus deployment is disabled by default, enable it by setting this
+#openshift_hosted_prometheus_deploy=true
+#
+# Prometheus storage config
+# Option A - NFS Host Group
+# An NFS volume will be created with path "nfs_directory/volume_name"
+# on the host within the [nfs] host group. For example, the volume
+# path using these options would be "/exports/prometheus"
+#openshift_prometheus_storage_kind=nfs
+#openshift_prometheus_storage_access_modes=['ReadWriteOnce']
+#openshift_prometheus_storage_nfs_directory=/exports
+#openshift_prometheus_storage_nfs_options='*(rw,root_squash)'
+#openshift_prometheus_storage_volume_name=prometheus
+#openshift_prometheus_storage_volume_size=10Gi
+#openshift_prometheus_storage_labels={'storage': 'prometheus'}
+#openshift_prometheus_storage_type='pvc'
+#openshift_prometheus_storage_class=glusterfs-storage
+# For prometheus-alertmanager
+#openshift_prometheus_alertmanager_storage_kind=nfs
+#openshift_prometheus_alertmanager_storage_access_modes=['ReadWriteOnce']
+#openshift_prometheus_alertmanager_storage_nfs_directory=/exports
+#openshift_prometheus_alertmanager_storage_nfs_options='*(rw,root_squash)'
+#openshift_prometheus_alertmanager_storage_volume_name=prometheus-alertmanager
+#openshift_prometheus_alertmanager_storage_volume_size=10Gi
+#openshift_prometheus_alertmanager_storage_labels={'storage': 'prometheus-alertmanager'}
+#openshift_prometheus_alertmanager_storage_type='pvc'
+#openshift_prometheus_alertmanager_storage_class=glusterfs-storage
+# For prometheus-alertbuffer
+#openshift_prometheus_alertbuffer_storage_kind=nfs
+#openshift_prometheus_alertbuffer_storage_access_modes=['ReadWriteOnce']
+#openshift_prometheus_alertbuffer_storage_nfs_directory=/exports
+#openshift_prometheus_alertbuffer_storage_nfs_options='*(rw,root_squash)'
+#openshift_prometheus_alertbuffer_storage_volume_name=prometheus-alertbuffer
+#openshift_prometheus_alertbuffer_storage_volume_size=10Gi
+#openshift_prometheus_alertbuffer_storage_labels={'storage': 'prometheus-alertbuffer'}
+#openshift_prometheus_alertbuffer_storage_type='pvc'
+#openshift_prometheus_alertbuffer_storage_class=glusterfs-storage
+#
+# Option B - External NFS Host
+# NFS volume must already exist with path "nfs_directory/_volume_name" on
+# the storage_host. For example, the remote volume path using these
+# options would be "nfs.example.com:/exports/prometheus"
+#openshift_prometheus_storage_kind=nfs
+#openshift_prometheus_storage_access_modes=['ReadWriteOnce']
+#openshift_prometheus_storage_host=nfs.example.com
+#openshift_prometheus_storage_nfs_directory=/exports
+#openshift_prometheus_storage_volume_name=prometheus
+#openshift_prometheus_storage_volume_size=10Gi
+#openshift_prometheus_storage_labels={'storage': 'prometheus'}
+#openshift_prometheus_storage_type='pvc'
+#openshift_prometheus_storage_class=glusterfs-storage
+# For prometheus-alertmanager
+#openshift_prometheus_alertmanager_storage_kind=nfs
+#openshift_prometheus_alertmanager_storage_access_modes=['ReadWriteOnce']
+#openshift_prometheus_alertmanager_storage_host=nfs.example.com
+#openshift_prometheus_alertmanager_storage_nfs_directory=/exports
+#openshift_prometheus_alertmanager_storage_volume_name=prometheus-alertmanager
+#openshift_prometheus_alertmanager_storage_volume_size=10Gi
+#openshift_prometheus_alertmanager_storage_labels={'storage': 'prometheus-alertmanager'}
+#openshift_prometheus_alertmanager_storage_type='pvc'
+#openshift_prometheus_alertmanager_storage_class=glusterfs-storage
+# For prometheus-alertbuffer
+#openshift_prometheus_alertbuffer_storage_kind=nfs
+#openshift_prometheus_alertbuffer_storage_access_modes=['ReadWriteOnce']
+#openshift_prometheus_alertbuffer_storage_host=nfs.example.com
+#openshift_prometheus_alertbuffer_storage_nfs_directory=/exports
+#openshift_prometheus_alertbuffer_storage_volume_name=prometheus-alertbuffer
+#openshift_prometheus_alertbuffer_storage_volume_size=10Gi
+#openshift_prometheus_alertbuffer_storage_labels={'storage': 'prometheus-alertbuffer'}
+#openshift_prometheus_alertbuffer_storage_type='pvc'
+#openshift_prometheus_alertbuffer_storage_class=glusterfs-storage
+#
+# Option C - none -- Prometheus, alertmanager and alertbuffer will use emptydir volumes
+# which are destroyed when pods are deleted
+
+# Configure the multi-tenant SDN plugin (default is 'redhat/openshift-ovs-subnet')
+# os_sdn_network_plugin_name='redhat/openshift-ovs-multitenant'
+
+# Disable the OpenShift SDN plugin
+# openshift_use_openshift_sdn=False
+
+# Configure SDN cluster network and kubernetes service CIDR blocks. These
+# network blocks should be private and should not conflict with network blocks
+# in your infrastructure that pods may require access to. Can not be changed
+# after deployment.
+#
+# WARNING : Do not pick subnets that overlap with the default Docker bridge subnet of
+# 172.17.0.0/16. Your installation will fail and/or your configuration change will
+# cause the Pod SDN or Cluster SDN to fail.
+#
+# WORKAROUND : If you must use an overlapping subnet, you can configure a non conflicting
+# docker0 CIDR range by adding '--bip=192.168.2.1/24' to DOCKER_NETWORK_OPTIONS
+# environment variable located in /etc/sysconfig/docker-network.
+# When upgrading or scaling up the following must match whats in your master config!
+# Inventory: master yaml field
+# osm_cluster_network_cidr: clusterNetworkCIDR
+# openshift_portal_net: serviceNetworkCIDR
+# When installing osm_cluster_network_cidr and openshift_portal_net must be set.
+# Sane examples are provided below.
+#osm_cluster_network_cidr=10.128.0.0/14
+#openshift_portal_net=172.30.0.0/16
+
+# ExternalIPNetworkCIDRs controls what values are acceptable for the
+# service external IP field. If empty, no externalIP may be set. It
+# may contain a list of CIDRs which are checked for access. If a CIDR
+# is prefixed with !, IPs in that CIDR will be rejected. Rejections
+# will be applied first, then the IP checked against one of the
+# allowed CIDRs. You should ensure this range does not overlap with
+# your nodes, pods, or service CIDRs for security reasons.
+#openshift_master_external_ip_network_cidrs=['0.0.0.0/0']
+
+# IngressIPNetworkCIDR controls the range to assign ingress IPs from for
+# services of type LoadBalancer on bare metal. If empty, ingress IPs will not
+# be assigned. It may contain a single CIDR that will be allocated from. For
+# security reasons, you should ensure that this range does not overlap with
+# the CIDRs reserved for external IPs, nodes, pods, or services.
+#openshift_master_ingress_ip_network_cidr=172.46.0.0/16
+
+# Configure number of bits to allocate to each host's subnet e.g. 9
+# would mean a /23 network on the host.
+# When upgrading or scaling up the following must match whats in your master config!
+# Inventory: master yaml field
+# osm_host_subnet_length: hostSubnetLength
+# When installing osm_host_subnet_length must be set. A sane example is provided below.
+#osm_host_subnet_length=9
+
+# Configure master API and console ports.
+#openshift_master_api_port=8443
+#openshift_master_console_port=8443
+
+# set exact RPM version (include - prefix)
+#openshift_pkg_version=-3.6.0
+# you may also specify version and release, ie:
+#openshift_pkg_version=-3.7.0-0.126.0.git.0.9351aae.el7
+
+# Configure custom ca certificate
+#openshift_master_ca_certificate={'certfile': '/path/to/ca.crt', 'keyfile': '/path/to/ca.key'}
+#
+# NOTE: CA certificate will not be replaced with existing clusters.
+# This option may only be specified when creating a new cluster or
+# when redeploying cluster certificates with the redeploy-certificates
+# playbook.
+
+# Configure custom named certificates (SNI certificates)
+#
+# https://docs.openshift.org/latest/install_config/certificate_customization.html
+# https://docs.openshift.com/enterprise/latest/install_config/certificate_customization.html
+#
+# NOTE: openshift_master_named_certificates is cached on masters and is an
+# additive fact, meaning that each run with a different set of certificates
+# will add the newly provided certificates to the cached set of certificates.
+#
+# An optional CA may be specified for each named certificate. CAs will
+# be added to the OpenShift CA bundle which allows for the named
+# certificate to be served for internal cluster communication.
+#
+# If you would like openshift_master_named_certificates to be overwritten with
+# the provided value, specify openshift_master_overwrite_named_certificates.
+#openshift_master_overwrite_named_certificates=true
+#
+# Provide local certificate paths which will be deployed to masters
+#openshift_master_named_certificates=[{"certfile": "/path/to/custom1.crt", "keyfile": "/path/to/custom1.key", "cafile": "/path/to/custom-ca1.crt"}]
+#
+# Detected names may be overridden by specifying the "names" key
+#openshift_master_named_certificates=[{"certfile": "/path/to/custom1.crt", "keyfile": "/path/to/custom1.key", "names": ["public-master-host.com"], "cafile": "/path/to/custom-ca1.crt"}]
+
+# Session options
+#openshift_master_session_name=ssn
+#openshift_master_session_max_seconds=3600
+
+# An authentication and encryption secret will be generated if secrets
+# are not provided. If provided, openshift_master_session_auth_secrets
+# and openshift_master_encryption_secrets must be equal length.
+#
+# Signing secrets, used to authenticate sessions using
+# HMAC. Recommended to use secrets with 32 or 64 bytes.
+#openshift_master_session_auth_secrets=['DONT+USE+THIS+SECRET+b4NV+pmZNSO']
+#
+# Encrypting secrets, used to encrypt sessions. Must be 16, 24, or 32
+# characters long, to select AES-128, AES-192, or AES-256.
+#openshift_master_session_encryption_secrets=['DONT+USE+THIS+SECRET+b4NV+pmZNSO']
+
+# configure how often node iptables rules are refreshed
+#openshift_node_iptables_sync_period=5s
+
+# Configure nodeIP in the node config
+# This is needed in cases where node traffic is desired to go over an
+# interface other than the default network interface.
+#openshift_set_node_ip=True
+
+# Configure dnsIP in the node config
+#openshift_dns_ip=172.30.0.1
+
+# Configure node kubelet arguments. pods-per-core is valid in OpenShift Origin 1.3 or OpenShift Container Platform 3.3 and later.
+#openshift_node_kubelet_args={'pods-per-core': ['10'], 'max-pods': ['250'], 'image-gc-high-threshold': ['85'], 'image-gc-low-threshold': ['80']}
+
+# Configure logrotate scripts
+# See: https://github.com/nickhammond/ansible-logrotate
+#logrotate_scripts=[{"name": "syslog", "path": "/var/log/cron\n/var/log/maillog\n/var/log/messages\n/var/log/secure\n/var/log/spooler\n", "options": ["daily", "rotate 7", "compress", "sharedscripts", "missingok"], "scripts": {"postrotate": "/bin/kill -HUP `cat /var/run/syslogd.pid 2> /dev/null` 2> /dev/null || true"}}]
+
+# openshift-ansible will wait indefinitely for your input when it detects that the
+# value of openshift_hostname resolves to an IP address not bound to any local
+# interfaces. This mis-configuration is problematic for any pod leveraging host
+# networking and liveness or readiness probes.
+# Setting this variable to true will override that check.
+#openshift_override_hostname_check=true
+
+# openshift_use_dnsmasq is deprecated. This must be true, or installs will fail
+# in versions >= 3.6
+#openshift_use_dnsmasq=False
+
+# Define an additional dnsmasq.conf file to deploy to /etc/dnsmasq.d/openshift-ansible.conf
+# This is useful for POC environments where DNS may not actually be available yet or to set
+# options like 'strict-order' to alter dnsmasq configuration.
+#openshift_node_dnsmasq_additional_config_file=/home/bob/ose-dnsmasq.conf
+
+# Global Proxy Configuration
+# These options configure HTTP_PROXY, HTTPS_PROXY, and NOPROXY environment
+# variables for docker and master services.
+#
+# Hosts in the openshift_no_proxy list will NOT use any globally
+# configured HTTP(S)_PROXYs. openshift_no_proxy accepts domains
+# (.example.com), hosts (example.com), and IP addresses.
+#openshift_http_proxy=http://USER:PASSWORD@IPADDR:PORT
+#openshift_https_proxy=https://USER:PASSWORD@IPADDR:PORT
+#openshift_no_proxy='.hosts.example.com,some-host.com'
+#
+# Most environments don't require a proxy between openshift masters, nodes, and
+# etcd hosts. So automatically add those hostnames to the openshift_no_proxy list.
+# If all of your hosts share a common domain you may wish to disable this and
+# specify that domain above instead.
+#
+# For example, having hosts with FQDNs: m1.ex.com, n1.ex.com, and
+# n2.ex.com, one would simply add '.ex.com' to the openshift_no_proxy
+# variable (above) and set this value to False
+#openshift_generate_no_proxy_hosts=True
+#
+# These options configure the BuildDefaults admission controller which injects
+# configuration into Builds. Proxy related values will default to the global proxy
+# config values. You only need to set these if they differ from the global proxy settings.
+# See BuildDefaults documentation at
+# https://docs.openshift.org/latest/admin_guide/build_defaults_overrides.html
+#openshift_builddefaults_http_proxy=http://USER:PASSWORD@HOST:PORT
+#openshift_builddefaults_https_proxy=https://USER:PASSWORD@HOST:PORT
+#openshift_builddefaults_no_proxy=mycorp.com
+#openshift_builddefaults_git_http_proxy=http://USER:PASSWORD@HOST:PORT
+#openshift_builddefaults_git_https_proxy=https://USER:PASSWORD@HOST:PORT
+#openshift_builddefaults_git_no_proxy=mycorp.com
+#openshift_builddefaults_image_labels=[{'name':'imagelabelname1','value':'imagelabelvalue1'}]
+#openshift_builddefaults_nodeselectors={'nodelabel1':'nodelabelvalue1'}
+#openshift_builddefaults_annotations={'annotationkey1':'annotationvalue1'}
+#openshift_builddefaults_resources_requests_cpu=100m
+#openshift_builddefaults_resources_requests_memory=256Mi
+#openshift_builddefaults_resources_limits_cpu=1000m
+#openshift_builddefaults_resources_limits_memory=512Mi
+
+# Or you may optionally define your own build defaults configuration serialized as json
+#openshift_builddefaults_json='{"BuildDefaults":{"configuration":{"apiVersion":"v1","env":[{"name":"HTTP_PROXY","value":"http://proxy.example.com.redhat.com:3128"},{"name":"NO_PROXY","value":"ose3-master.example.com"}],"gitHTTPProxy":"http://proxy.example.com:3128","gitNoProxy":"ose3-master.example.com","kind":"BuildDefaultsConfig"}}}'
+
+# These options configure the BuildOverrides admission controller which injects
+# configuration into Builds.
+# See BuildOverrides documentation at
+# https://docs.openshift.org/latest/admin_guide/build_defaults_overrides.html
+#openshift_buildoverrides_force_pull=true
+#openshift_buildoverrides_image_labels=[{'name':'imagelabelname1','value':'imagelabelvalue1'}]
+#openshift_buildoverrides_nodeselectors={'nodelabel1':'nodelabelvalue1'}
+#openshift_buildoverrides_annotations={'annotationkey1':'annotationvalue1'}
+
+# Or you may optionally define your own build overrides configuration serialized as json
+#openshift_buildoverrides_json='{"BuildOverrides":{"configuration":{"apiVersion":"v1","kind":"BuildDefaultsConfig","forcePull":"true"}}}'
+
+# Enable service catalog
+#openshift_enable_service_catalog=true
+
+# Enable template service broker (requires service catalog to be enabled, above)
+#template_service_broker_install=true
+
+# Force a specific prefix (IE: registry) to use when pulling the service catalog image
+# NOTE: The registry all the way up to the start of the image name must be provided. Two examples
+# below are provided.
+#openshift_service_catalog_image_prefix=docker.io/openshift/origin-
+#openshift_service_catalog_image_prefix=registry.access.redhat.com/openshift3/ose-
+# Force a specific image version to use when pulling the service catalog image
+#openshift_service_catalog_image_version=v3.7
+
+# Configure one of more namespaces whose templates will be served by the TSB
+#openshift_template_service_broker_namespaces=['openshift']
+
+# masterConfig.volumeConfig.dynamicProvisioningEnabled, configurable as of 1.2/3.2, enabled by default
+#openshift_master_dynamic_provisioning_enabled=False
+
+# Admission plugin config
+#openshift_master_admission_plugin_config={"ProjectRequestLimit":{"configuration":{"apiVersion":"v1","kind":"ProjectRequestLimitConfig","limits":[{"selector":{"admin":"true"}},{"maxProjects":"1"}]}},"PodNodeConstraints":{"configuration":{"apiVersion":"v1","kind":"PodNodeConstraintsConfig"}}}
+
+# Configure usage of openshift_clock role.
+#openshift_clock_enabled=true
+
+# OpenShift Per-Service Environment Variables
+# Environment variables are added to /etc/sysconfig files for
+# each OpenShift service: node, master (api and controllers).
+# API and controllers environment variables are merged in single
+# master environments.
+#openshift_master_api_env_vars={"ENABLE_HTTP2": "true"}
+#openshift_master_controllers_env_vars={"ENABLE_HTTP2": "true"}
+#openshift_node_env_vars={"ENABLE_HTTP2": "true"}
+
+# Enable API service auditing
+#openshift_master_audit_config={"enabled": true}
+#
+# In case you want more advanced setup for the auditlog you can
+# use this line.
+# The directory in "auditFilePath" will be created if it's not
+# exist
+#openshift_master_audit_config={"enabled": true, "auditFilePath": "/var/log/openpaas-oscp-audit/openpaas-oscp-audit.log", "maximumFileRetentionDays": 14, "maximumFileSizeMegabytes": 500, "maximumRetainedFiles": 5}
+
+# Enable origin repos that point at Centos PAAS SIG, defaults to true, only used
+# by deployment_type=origin
+#openshift_enable_origin_repo=false
+
+# Validity of the auto-generated OpenShift certificates in days.
+# See also openshift_hosted_registry_cert_expire_days above.
+#
+#openshift_ca_cert_expire_days=1825
+#openshift_node_cert_expire_days=730
+#openshift_master_cert_expire_days=730
+
+# Validity of the auto-generated external etcd certificates in days.
+# Controls validity for etcd CA, peer, server and client certificates.
+#
+#etcd_ca_default_days=1825
+#
+# ServiceAccountConfig:LimitSecretRefences rejects pods that reference secrets their service accounts do not reference
+# openshift_master_saconfig_limitsecretreferences=false
+
+# Upgrade Control
+#
+# By default nodes are upgraded in a serial manner one at a time and all failures
+# are fatal, one set of variables for normal nodes, one set of variables for
+# nodes that are part of control plane as the number of hosts may be different
+# in those two groups.
+#openshift_upgrade_nodes_serial=1
+#openshift_upgrade_nodes_max_fail_percentage=0
+#openshift_upgrade_control_plane_nodes_serial=1
+#openshift_upgrade_control_plane_nodes_max_fail_percentage=0
+#
+# You can specify the number of nodes to upgrade at once. We do not currently
+# attempt to verify that you have capacity to drain this many nodes at once
+# so please be careful when specifying these values. You should also verify that
+# the expected number of nodes are all schedulable and ready before starting an
+# upgrade. If it's not possible to drain the requested nodes the upgrade will
+# stall indefinitely until the drain is successful.
+#
+# If you're upgrading more than one node at a time you can specify the maximum
+# percentage of failure within the batch before the upgrade is aborted. Any
+# nodes that do fail are ignored for the rest of the playbook run and you should
+# take care to investigate the failure and return the node to service so that
+# your cluster.
+#
+# The percentage must exceed the value, this would fail on two failures
+# openshift_upgrade_nodes_serial=4 openshift_upgrade_nodes_max_fail_percentage=49
+# where as this would not
+# openshift_upgrade_nodes_serial=4 openshift_upgrade_nodes_max_fail_percentage=50
+#
+# Multiple data migrations take place and if they fail they will fail the upgrade
+# You may wish to disable these or make them non fatal
+#
+# openshift_upgrade_pre_storage_migration_enabled=true
+# openshift_upgrade_pre_storage_migration_fatal=true
+# openshift_upgrade_post_storage_migration_enabled=true
+# openshift_upgrade_post_storage_migration_fatal=false
+
+######################################################################
+# CloudForms/ManageIQ (CFME/MIQ) Configuration
+
+# See the readme for full descriptions and getting started
+# instructions: ../../roles/openshift_management/README.md or go directly to
+# their definitions: ../../roles/openshift_management/defaults/main.yml
+# ../../roles/openshift_management/vars/main.yml
+#
+# Namespace for the CFME project
+#openshift_management_project: openshift-management
+
+# Namespace/project description
+#openshift_management_project_description: CloudForms Management Engine
+
+# Choose 'miq-template' for a podified database install
+# Choose 'miq-template-ext-db' for an external database install
+#
+# If you are using the miq-template-ext-db template then you must add
+# the required database parameters to the
+# openshift_management_template_parameters variable.
+#openshift_management_app_template: miq-template
+
+# Allowed options: nfs, nfs_external, preconfigured, cloudprovider.
+#openshift_management_storage_class: nfs
+
+# [OPTIONAL] - If you are using an EXTERNAL NFS server, such as a
+# netapp appliance, then you must set the hostname here. Leave the
+# value as 'false' if you are not using external NFS.
+#openshift_management_storage_nfs_external_hostname: false
+
+# [OPTIONAL] - If you are using external NFS then you must set the base
+# path to the exports location here.
+#
+# Additionally: EXTERNAL NFS REQUIRES that YOU CREATE the nfs exports
+# that will back the application PV and optionally the database
+# pv. Export path definitions, relative to
+# {{ openshift_management_storage_nfs_base_dir }}
+#
+# LOCAL NFS NOTE:
+#
+# You may may also change this value if you want to change the default
+# path used for local NFS exports.
+#openshift_management_storage_nfs_base_dir: /exports
+
+# LOCAL NFS NOTE:
+#
+# You may override the automatically selected LOCAL NFS server by
+# setting this variable. Useful for testing specific task files.
+#openshift_management_storage_nfs_local_hostname: false
+
+# These are the default values for the username and password of the
+# management app. Changing these values in your inventory will not
+# change your username or password. You should only need to change
+# these values in your inventory if you already changed the actual
+# name and password AND are trying to use integration scripts.
+#
+# For example, adding this cluster as a container provider,
+# playbooks/openshift-management/add_container_provider.yml
+#openshift_management_username: admin
+#openshift_management_password: smartvm
+
+# A hash of parameters you want to override or set in the
+# miq-template.yaml or miq-template-ext-db.yaml templates. Set this in
+# your inventory file as a simple hash. Acceptable values are defined
+# under the .parameters list in files/miq-template{-ext-db}.yaml
+# Example:
+#
+# openshift_management_template_parameters={'APPLICATION_MEM_REQ': '512Mi'}
+#openshift_management_template_parameters: {}
+
+# Firewall configuration
+# You can open additional firewall ports by defining them as a list. of service
+# names and ports/port ranges for either masters or nodes.
+#openshift_master_open_ports=[{"service":"svc1","port":"11/tcp"}]
+#openshift_node_open_ports=[{"service":"svc2","port":"12-13/tcp"},{"service":"svc3","port":"14/udp"}]
+
+# host group for masters
+[masters]
+ose3-master[1:3]-ansible.test.example.com
+
+[etcd]
+ose3-etcd[1:3]-ansible.test.example.com
+
+# NOTE: Containerized load balancer hosts are not yet supported, if using a global
+# containerized=true host variable we must set to false.
+[lb]
+ose3-lb-ansible.test.example.com containerized=false
+
+# NOTE: Currently we require that masters be part of the SDN which requires that they also be nodes
+# However, in order to ensure that your masters are not burdened with running pods you should
+# make them unschedulable by adding openshift_schedulable=False any node that's also a master.
+[nodes]
+ose3-master[1:3]-ansible.test.example.com
+ose3-node[1:2]-ansible.test.example.com openshift_node_labels="{'region': 'primary', 'zone': 'default'}"
+
+[nfs]
+ose3-nfs-ansible.test.example.com
diff --git a/inventory/hosts.glusterfs.external.example b/inventory/hosts.glusterfs.external.example
new file mode 100644
index 000000000..bf2557cf0
--- /dev/null
+++ b/inventory/hosts.glusterfs.external.example
@@ -0,0 +1,60 @@
+# This is an example of an OpenShift-Ansible host inventory for a cluster
+# with natively hosted, containerized GlusterFS storage.
+#
+# This inventory may be used with the deploy_cluster.yml playbook to deploy a new
+# cluster with GlusterFS storage, which will use that storage to create a
+# volume that will provide backend storage for a hosted Docker registry.
+#
+# This inventory may also be used with openshift-glusterfs/config.yml to
+# deploy GlusterFS storage on an existing cluster. With this playbook, the
+# registry backend volume will be created but the administrator must then
+# either deploy a hosted registry or change an existing hosted registry to use
+# that volume.
+#
+# There are additional configuration parameters that can be specified to
+# control the deployment and state of a GlusterFS cluster. Please see the
+# documentation in playbooks/openshift-glusterfs/README.md and
+# roles/openshift_storage_glusterfs/README.md for additional details.
+
+[OSEv3:children]
+masters
+nodes
+etcd
+# Specify there will be GlusterFS nodes
+glusterfs
+
+[OSEv3:vars]
+ansible_ssh_user=root
+openshift_deployment_type=origin
+# Specify that we want to use an external GlusterFS cluster
+openshift_storage_glusterfs_is_native=False
+# Specify the IP address or hostname of the external heketi service
+openshift_storage_glusterfs_heketi_url=172.0.0.1
+
+[masters]
+master
+
+[nodes]
+master openshift_schedulable=False
+node0 openshift_schedulable=True
+node1 openshift_schedulable=True
+node2 openshift_schedulable=True
+
+[etcd]
+master
+
+# Specify the glusterfs group, which contains the nodes of the external
+# GlusterFS cluster. At a minimum, each node must have "glusterfs_hostname"
+# and "glusterfs_devices" variables defined.
+#
+# The first variable indicates the hostname of the external GLusterFS node,
+# and must be reachable by the external heketi service.
+#
+# The second variable is a list of block devices the node will have access to
+# that are intended solely for use as GlusterFS storage. These block devices
+# must be bare (e.g. have no data, not be marked as LVM PVs), and will be
+# formatted.
+[glusterfs]
+node0.local glusterfs_ip='172.0.0.10' glusterfs_devices='[ "/dev/vdb" ]'
+node1.local glusterfs_ip='172.0.0.11' glusterfs_devices='[ "/dev/vdb", "/dev/vdc" ]'
+node2.local glusterfs_ip='172.0.0.11' glusterfs_devices='[ "/dev/vdd" ]'
diff --git a/inventory/hosts.glusterfs.mixed.example b/inventory/hosts.glusterfs.mixed.example
new file mode 100644
index 000000000..8a20a037e
--- /dev/null
+++ b/inventory/hosts.glusterfs.mixed.example
@@ -0,0 +1,63 @@
+# This is an example of an OpenShift-Ansible host inventory for a cluster
+# with natively hosted, containerized GlusterFS storage.
+#
+# This inventory may be used with the deploy_cluster.yml playbook to deploy a new
+# cluster with GlusterFS storage, which will use that storage to create a
+# volume that will provide backend storage for a hosted Docker registry.
+#
+# This inventory may also be used with openshift-glusterfs/config.yml to
+# deploy GlusterFS storage on an existing cluster. With this playbook, the
+# registry backend volume will be created but the administrator must then
+# either deploy a hosted registry or change an existing hosted registry to use
+# that volume.
+#
+# There are additional configuration parameters that can be specified to
+# control the deployment and state of a GlusterFS cluster. Please see the
+# documentation in playbooks/openshift-glusterfs/README.md and
+# roles/openshift_storage_glusterfs/README.md for additional details.
+
+[OSEv3:children]
+masters
+nodes
+etcd
+# Specify there will be GlusterFS nodes
+glusterfs
+
+[OSEv3:vars]
+ansible_ssh_user=root
+openshift_deployment_type=origin
+# Specify that we want to use an external GlusterFS cluster and a native
+# heketi service
+openshift_storage_glusterfs_is_native=False
+openshift_storage_glusterfs_heketi_is_native=True
+# Specify that heketi will use SSH to communicate to the GlusterFS nodes and
+# the private key file it will use for authentication
+openshift_storage_glusterfs_heketi_executor=ssh
+openshift_storage_glusterfs_heketi_ssh_keyfile=/root/id_rsa
+[masters]
+master
+
+[nodes]
+master openshift_schedulable=False
+node0 openshift_schedulable=True
+node1 openshift_schedulable=True
+node2 openshift_schedulable=True
+
+[etcd]
+master
+
+# Specify the glusterfs group, which contains the nodes of the external
+# GlusterFS cluster. At a minimum, each node must have "glusterfs_hostname"
+# and "glusterfs_devices" variables defined.
+#
+# The first variable indicates the hostname of the external GLusterFS node,
+# and must be reachable by the external heketi service.
+#
+# The second variable is a list of block devices the node will have access to
+# that are intended solely for use as GlusterFS storage. These block devices
+# must be bare (e.g. have no data, not be marked as LVM PVs), and will be
+# formatted.
+[glusterfs]
+node0.local glusterfs_ip='172.0.0.10' glusterfs_devices='[ "/dev/vdb" ]'
+node1.local glusterfs_ip='172.0.0.11' glusterfs_devices='[ "/dev/vdb", "/dev/vdc" ]'
+node2.local glusterfs_ip='172.0.0.11' glusterfs_devices='[ "/dev/vdd" ]'
diff --git a/inventory/hosts.glusterfs.native.example b/inventory/hosts.glusterfs.native.example
new file mode 100644
index 000000000..59acf1194
--- /dev/null
+++ b/inventory/hosts.glusterfs.native.example
@@ -0,0 +1,50 @@
+# This is an example of an OpenShift-Ansible host inventory for a cluster
+# with natively hosted, containerized GlusterFS storage for applications. It
+# will also automatically create a StorageClass for this purpose.
+#
+# This inventory may be used with the deploy_cluster.yml playbook to deploy a new
+# cluster with GlusterFS storage.
+#
+# This inventory may also be used with openshift-glusterfs/config.yml to
+# deploy GlusterFS storage on an existing cluster.
+#
+# There are additional configuration parameters that can be specified to
+# control the deployment and state of a GlusterFS cluster. Please see the
+# documentation in playbooks/openshift-glusterfs/README.md and
+# roles/openshift_storage_glusterfs/README.md for additional details.
+
+[OSEv3:children]
+masters
+nodes
+etcd
+# Specify there will be GlusterFS nodes
+glusterfs
+
+[OSEv3:vars]
+ansible_ssh_user=root
+openshift_deployment_type=origin
+
+[masters]
+master
+
+[nodes]
+master openshift_schedulable=False
+# A hosted registry, by default, will only be deployed on nodes labeled
+# "region=infra".
+node0 openshift_schedulable=True
+node1 openshift_schedulable=True
+node2 openshift_schedulable=True
+
+[etcd]
+master
+
+# Specify the glusterfs group, which contains the nodes that will host
+# GlusterFS storage pods. At a minimum, each node must have a
+# "glusterfs_devices" variable defined. This variable is a list of block
+# devices the node will have access to that is intended solely for use as
+# GlusterFS storage. These block devices must be bare (e.g. have no data, not
+# be marked as LVM PVs), and will be formatted.
+[glusterfs]
+node0 glusterfs_devices='[ "/dev/vdb", "/dev/vdc", "/dev/vdd" ]'
+node1 glusterfs_devices='[ "/dev/vdb", "/dev/vdc", "/dev/vdd" ]'
+node2 glusterfs_devices='[ "/dev/vdb", "/dev/vdc", "/dev/vdd" ]'
diff --git a/inventory/hosts.glusterfs.registry-only.example b/inventory/hosts.glusterfs.registry-only.example
new file mode 100644
index 000000000..6f33e9f6d
--- /dev/null
+++ b/inventory/hosts.glusterfs.registry-only.example
@@ -0,0 +1,56 @@
+# This is an example of an OpenShift-Ansible host inventory for a cluster
+# with natively hosted, containerized GlusterFS storage for exclusive use
+# as storage for a natively hosted Docker registry.
+#
+# This inventory may be used with the deploy_cluster.yml playbook to deploy a new
+# cluster with GlusterFS storage, which will use that storage to create a
+# volume that will provide backend storage for a hosted Docker registry.
+#
+# This inventory may also be used with openshift-glusterfs/registry.yml to
+# deploy GlusterFS storage on an existing cluster. With this playbook, the
+# registry backend volume will be created but the administrator must then
+# either deploy a hosted registry or change an existing hosted registry to use
+# that volume.
+#
+# There are additional configuration parameters that can be specified to
+# control the deployment and state of a GlusterFS cluster. Please see the
+# documentation in playbooks/openshift-glusterfs/README.md and
+# roles/openshift_storage_glusterfs/README.md for additional details.
+
+[OSEv3:children]
+masters
+nodes
+etcd
+# Specify there will be GlusterFS nodes
+glusterfs_registry
+
+[OSEv3:vars]
+ansible_ssh_user=root
+openshift_deployment_type=origin
+# Specify that we want to use GlusterFS storage for a hosted registry
+openshift_hosted_registry_storage_kind=glusterfs
+
+[masters]
+master
+
+[nodes]
+master openshift_schedulable=False
+# A hosted registry, by default, will only be deployed on nodes labeled
+# "region=infra".
+node0 openshift_node_labels="{'region': 'infra'}" openshift_schedulable=True
+node1 openshift_node_labels="{'region': 'infra'}" openshift_schedulable=True
+node2 openshift_node_labels="{'region': 'infra'}" openshift_schedulable=True
+
+[etcd]
+master
+
+# Specify the glusterfs group, which contains the nodes that will host
+# GlusterFS storage pods. At a minimum, each node must have a
+# "glusterfs_devices" variable defined. This variable is a list of block
+# devices the node will have access to that is intended solely for use as
+# GlusterFS storage. These block devices must be bare (e.g. have no data, not
+# be marked as LVM PVs), and will be formatted.
+[glusterfs_registry]
+node0 glusterfs_devices='[ "/dev/vdb", "/dev/vdc", "/dev/vdd" ]'
+node1 glusterfs_devices='[ "/dev/vdb", "/dev/vdc", "/dev/vdd" ]'
+node2 glusterfs_devices='[ "/dev/vdb", "/dev/vdc", "/dev/vdd" ]'
diff --git a/inventory/hosts.glusterfs.storage-and-registry.example b/inventory/hosts.glusterfs.storage-and-registry.example
new file mode 100644
index 000000000..1f3a4282a
--- /dev/null
+++ b/inventory/hosts.glusterfs.storage-and-registry.example
@@ -0,0 +1,67 @@
+# This is an example of an OpenShift-Ansible host inventory for a cluster
+# with natively hosted, containerized GlusterFS storage for both general
+# application use and a natively hosted Docker registry. It will also create a
+# StorageClass for the general storage.
+#
+# This inventory may be used with the deploy_cluster.yml playbook to deploy a new
+# cluster with GlusterFS storage.
+#
+# This inventory may also be used with openshift-glusterfs/config.yml to
+# deploy GlusterFS storage on an existing cluster. With this playbook, the
+# registry backend volume will be created but the administrator must then
+# either deploy a hosted registry or change an existing hosted registry to use
+# that volume.
+#
+# There are additional configuration parameters that can be specified to
+# control the deployment and state of a GlusterFS cluster. Please see the
+# documentation in playbooks/openshift-glusterfs/README.md and
+# roles/openshift_storage_glusterfs/README.md for additional details.
+
+[OSEv3:children]
+masters
+nodes
+etcd
+# Specify there will be GlusterFS nodes
+glusterfs
+glusterfs_registry
+
+[OSEv3:vars]
+ansible_ssh_user=root
+openshift_deployment_type=origin
+# Specify that we want to use GlusterFS storage for a hosted registry
+openshift_hosted_registry_storage_kind=glusterfs
+
+[masters]
+master
+
+[nodes]
+master openshift_schedulable=False
+# It is recommended to not use a single cluster for both general and registry
+# storage, so two three-node clusters will be required.
+node0 openshift_schedulable=True
+node1 openshift_schedulable=True
+node2 openshift_schedulable=True
+# A hosted registry, by default, will only be deployed on nodes labeled
+# "region=infra".
+node3 openshift_node_labels="{'region': 'infra'}" openshift_schedulable=True
+node4 openshift_node_labels="{'region': 'infra'}" openshift_schedulable=True
+node5 openshift_node_labels="{'region': 'infra'}" openshift_schedulable=True
+
+[etcd]
+master
+
+# Specify the glusterfs group, which contains the nodes that will host
+# GlusterFS storage pods. At a minimum, each node must have a
+# "glusterfs_devices" variable defined. This variable is a list of block
+# devices the node will have access to that is intended solely for use as
+# GlusterFS storage. These block devices must be bare (e.g. have no data, not
+# be marked as LVM PVs), and will be formatted.
+[glusterfs]
+node0 glusterfs_devices='[ "/dev/vdb", "/dev/vdc", "/dev/vdd" ]'
+node1 glusterfs_devices='[ "/dev/vdb", "/dev/vdc", "/dev/vdd" ]'
+node2 glusterfs_devices='[ "/dev/vdb", "/dev/vdc", "/dev/vdd" ]'
+
+[glusterfs_registry]
+node3 glusterfs_devices='[ "/dev/vdb", "/dev/vdc", "/dev/vdd" ]'
+node4 glusterfs_devices='[ "/dev/vdb", "/dev/vdc", "/dev/vdd" ]'
+node5 glusterfs_devices='[ "/dev/vdb", "/dev/vdc", "/dev/vdd" ]'
diff --git a/inventory/hosts.openstack b/inventory/hosts.openstack
new file mode 100644
index 000000000..d928c2b86
--- /dev/null
+++ b/inventory/hosts.openstack
@@ -0,0 +1,37 @@
+# This is an example of an OpenShift-Ansible host inventory
+
+# Create an OSEv3 group that contains the masters and nodes groups
+[OSEv3:children]
+masters
+nodes
+etcd
+lb
+
+# Set variables common for all OSEv3 hosts
+[OSEv3:vars]
+ansible_ssh_user=cloud-user
+ansible_become=yes
+
+# Debug level for all OpenShift components (Defaults to 2)
+debug_level=2
+
+openshift_deployment_type=openshift-enterprise
+
+openshift_additional_repos=[{'id': 'ose-3.1', 'name': 'ose-3.1', 'baseurl': 'http://pulp.dist.prod.ext.phx2.redhat.com/content/dist/rhel/server/7/7Server/x86_64/ose/3.1/os', 'enabled': 1, 'gpgcheck': 0}]
+
+openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', 'challenge': 'true', 'kind': 'HTPasswdPasswordIdentityProvider', 'filename': '{{ openshift.common.config_base }}/htpasswd'}]
+
+#openshift_pkg_version=-3.0.0.0
+
+[masters]
+jdetiber-master.usersys.redhat.com openshift_public_hostname="{{ inventory_hostname }}" openshift_hostname="{{ ansible_default_ipv4.address }}"
+
+[etcd]
+jdetiber-etcd.usersys.redhat.com
+
+[lb]
+#ose3-lb-ansible.test.example.com
+
+[nodes]
+jdetiber-master.usersys.redhat.com openshift_public_hostname="{{ inventory_hostname }}" openshift_hostname="{{ ansible_default_ipv4.address }}"
+jdetiber-node[1:2].usersys.redhat.com openshift_public_hostname="{{ inventory_hostname }}" openshift_hostname="{{ ansible_default_ipv4.address }}" openshift_node_labels="{'region': 'primary', 'zone': 'default'}"
diff --git a/lookup_plugins/README.md b/lookup_plugins/README.md
deleted file mode 100644
index f05d608e5..000000000
--- a/lookup_plugins/README.md
+++ /dev/null
@@ -1 +0,0 @@
-openshift-ansible lookup plugins.
diff --git a/openshift-ansible.spec b/openshift-ansible.spec
index ba4605efc..2be8ebd5b 100644
--- a/openshift-ansible.spec
+++ b/openshift-ansible.spec
@@ -9,24 +9,21 @@
%global __requires_exclude ^/usr/bin/ansible-playbook$
Name: openshift-ansible
-Version: 3.7.0
-Release: 0.195.0%{?dist}
+Version: 3.9.0
+Release: 0.10.0%{?dist}
Summary: Openshift and Atomic Enterprise Ansible
License: ASL 2.0
URL: https://github.com/openshift/openshift-ansible
Source0: https://github.com/openshift/openshift-ansible/archive/%{commit}/%{name}-%{version}.tar.gz
BuildArch: noarch
-Requires: ansible >= 2.3
+Requires: ansible >= 2.4.1
Requires: python2
Requires: python-six
Requires: tar
Requires: %{name}-docs = %{version}-%{release}
Requires: %{name}-playbooks = %{version}-%{release}
Requires: %{name}-roles = %{version}-%{release}
-Requires: %{name}-filter-plugins = %{version}-%{release}
-Requires: %{name}-lookup-plugins = %{version}-%{release}
-Requires: %{name}-callback-plugins = %{version}-%{release}
Requires: java-1.8.0-openjdk-headless
Requires: httpd-tools
Requires: libselinux-python
@@ -52,8 +49,6 @@ popd
# Base openshift-ansible install
mkdir -p %{buildroot}%{_datadir}/%{name}
mkdir -p %{buildroot}%{_datadir}/ansible/%{name}
-mkdir -p %{buildroot}%{_datadir}/ansible_plugins
-cp -rp library %{buildroot}%{_datadir}/ansible/%{name}/
# openshift-ansible-bin install
mkdir -p %{buildroot}%{_bindir}
@@ -67,7 +62,7 @@ rm -f %{buildroot}%{python_sitelib}/openshift_ansible/gce
# openshift-ansible-docs install
# Install example inventory into docs/examples
mkdir -p docs/example-inventories
-cp inventory/byo/* docs/example-inventories/
+cp inventory/* docs/example-inventories/
# openshift-ansible-files install
cp -rp files %{buildroot}%{_datadir}/ansible/%{name}/
@@ -88,31 +83,6 @@ rm -rf %{buildroot}%{_datadir}/ansible/%{name}/roles/contiv/*
# touch a file in contiv so that it can be added to SCM's
touch %{buildroot}%{_datadir}/ansible/%{name}/roles/contiv/.empty_dir
-# openshift_master_facts symlinks filter_plugins/oo_filters.py from ansible_plugins/filter_plugins
-pushd %{buildroot}%{_datadir}/ansible/%{name}/roles/openshift_master_facts/filter_plugins
-ln -sf ../../../../../ansible_plugins/filter_plugins/oo_filters.py oo_filters.py
-popd
-
-# openshift-ansible-filter-plugins install
-cp -rp filter_plugins %{buildroot}%{_datadir}/ansible_plugins/
-
-# openshift-ansible-lookup-plugins install
-cp -rp lookup_plugins %{buildroot}%{_datadir}/ansible_plugins/
-
-# openshift-ansible-callback-plugins install
-cp -rp callback_plugins %{buildroot}%{_datadir}/ansible_plugins/
-
-# create symlinks from /usr/share/ansible/plugins/lookup ->
-# /usr/share/ansible_plugins/lookup_plugins
-pushd %{buildroot}%{_datadir}
-mkdir -p ansible/plugins
-pushd ansible/plugins
-ln -s ../../ansible_plugins/lookup_plugins lookup
-ln -s ../../ansible_plugins/filter_plugins filter
-ln -s ../../ansible_plugins/callback_plugins callback
-popd
-popd
-
# atomic-openshift-utils install
pushd utils
%{__python} setup.py install --skip-build --root %{buildroot}
@@ -131,7 +101,6 @@ popd
%license LICENSE
%dir %{_datadir}/ansible/%{name}
%{_datadir}/ansible/%{name}/files
-%{_datadir}/ansible/%{name}/library
%ghost %{_datadir}/ansible/%{name}/playbooks/common/openshift-master/library.rpmmoved
# ----------------------------------------------------------------------------------
@@ -155,9 +124,6 @@ BuildArch: noarch
Summary: Openshift and Atomic Enterprise Ansible Playbooks
Requires: %{name} = %{version}-%{release}
Requires: %{name}-roles = %{version}-%{release}
-Requires: %{name}-lookup-plugins = %{version}-%{release}
-Requires: %{name}-filter-plugins = %{version}-%{release}
-Requires: %{name}-callback-plugins = %{version}-%{release}
BuildArch: noarch
%description playbooks
@@ -198,9 +164,9 @@ end
# ----------------------------------------------------------------------------------
Summary: Openshift and Atomic Enterprise Ansible roles
Requires: %{name} = %{version}-%{release}
-Requires: %{name}-lookup-plugins = %{version}-%{release}
-Requires: %{name}-filter-plugins = %{version}-%{release}
-Requires: %{name}-callback-plugins = %{version}-%{release}
+Obsoletes: %{name}-lookup-plugins
+Obsoletes: %{name}-filter-plugins
+Obsoletes: %{name}-callback-plugins
BuildArch: noarch
%description roles
@@ -209,55 +175,6 @@ BuildArch: noarch
%files roles
%{_datadir}/ansible/%{name}/roles
-
-# ----------------------------------------------------------------------------------
-# openshift-ansible-filter-plugins subpackage
-# ----------------------------------------------------------------------------------
-%package filter-plugins
-Summary: Openshift and Atomic Enterprise Ansible filter plugins
-Requires: %{name} = %{version}-%{release}
-BuildArch: noarch
-Requires: pyOpenSSL
-
-%description filter-plugins
-%{summary}.
-
-%files filter-plugins
-%{_datadir}/ansible_plugins/filter_plugins
-%{_datadir}/ansible/plugins/filter
-
-
-# ----------------------------------------------------------------------------------
-# openshift-ansible-lookup-plugins subpackage
-# ----------------------------------------------------------------------------------
-%package lookup-plugins
-Summary: Openshift and Atomic Enterprise Ansible lookup plugins
-Requires: %{name} = %{version}-%{release}
-BuildArch: noarch
-
-%description lookup-plugins
-%{summary}.
-
-%files lookup-plugins
-%{_datadir}/ansible_plugins/lookup_plugins
-%{_datadir}/ansible/plugins/lookup
-
-
-# ----------------------------------------------------------------------------------
-# openshift-ansible-callback-plugins subpackage
-# ----------------------------------------------------------------------------------
-%package callback-plugins
-Summary: Openshift and Atomic Enterprise Ansible callback plugins
-Requires: %{name} = %{version}-%{release}
-BuildArch: noarch
-
-%description callback-plugins
-%{summary}.
-
-%files callback-plugins
-%{_datadir}/ansible_plugins/callback_plugins
-%{_datadir}/ansible/plugins/callback
-
# ----------------------------------------------------------------------------------
# atomic-openshift-utils subpackage
# ----------------------------------------------------------------------------------
@@ -285,6 +202,611 @@ Atomic OpenShift Utilities includes
%changelog
+* Thu Dec 14 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.9.0-0.10.0
+- Bump requirements.txt to Ansible 2.4.1 (rteague@redhat.com)
+- Commit to stabalize RHSM operations. This code is derived from contrib
+ (mazzystr@gmail.com)
+- Contiv systemd fixes (flamingo@2thebatcave.com)
+- Combine openshift_master/vars with defaults (mgugino@redhat.com)
+- crio: change socket path to /var/run/crio/crio.sock (gscrivan@redhat.com)
+- Remove version requirement from openvswitch package, since listed version got
+ removed from repo (riffraff@hobbes.alephone.org)
+
+* Thu Dec 14 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.9.0-0.9.0
+- etcd: use Fedora /latest/ instead of hardcoding the version
+ (gscrivan@redhat.com)
+- docker: use Fedora /latest/ instead of hardcoding the version
+ (gscrivan@redhat.com)
+- upgrade node mark 2 (mgugino@redhat.com)
+- Refactor node upgrade to include less serial tasks (mgugino@redhat.com)
+- fix 1519808. Only annotate ops projects when openshift_logging_use_ops=true
+ (jcantril@redhat.com)
+- Ensure that clients are version bound (sdodson@redhat.com)
+- Support for making glusterfs storage class a default one.
+ (jmencak@redhat.com)
+- Add support for storage classes to openshift_prometheus role.
+ (jmencak@redhat.com)
+- Do not escalate privileges in logging stack deployment task
+ (iacopo.rozzo@amadeus.com)
+- Multimaster openshift+contiv fixes (landillo@cisco.com)
+- Sync latest image-streams and templates (alexandre.lossent@cern.ch)
+
+* Tue Dec 12 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.9.0-0.8.0
+- Remove empty openshift_hosted_facts role (mgugino@redhat.com)
+- Refactor upgrade codepaths step 1 (mgugino@redhat.com)
+
+* Tue Dec 12 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.9.0-0.7.0
+- Remove bad openshift_examples symlink (rteague@redhat.com)
+- Changing the node group format to a list. (kwoodson@redhat.com)
+- Bump RPM version requirement (sdodson@redhat.com)
+- Clarify version selection in README (mgugino@redhat.com)
+
+* Tue Dec 12 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.9.0-0.6.0
+- add openshift_master_api_port var to example inventory (jdiaz@redhat.com)
+- Allow 2 sets of hostnames for openstack provider (bdobreli@redhat.com)
+
+* Mon Dec 11 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.9.0-0.5.0
+- Remove unneeded embedded etcd logic (mgugino@redhat.com)
+
+* Mon Dec 11 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.9.0-0.4.0
+- Copying upstream fix for ansible 2.4 ec2_group module. (kwoodson@redhat.com)
+- Add missing dependencies on openshift_facts role (sdodson@redhat.com)
+
+* Mon Dec 11 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.9.0-0.3.0
+- remove integration tests from tox (lmeyer@redhat.com)
+- correct ansible-playbook command syntax (jdiaz@redhat.com)
+- Add openshift_facts to upgrade plays for service_type (mgugino@redhat.com)
+- Check for openshift attribute before using it during CNS install.
+ (jmencak@redhat.com)
+
+* Mon Dec 11 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.9.0-0.2.0
+- GlusterFS: Add playbook doc note (jarrpa@redhat.com)
+- Fix openshift hosted registry rollout (rteague@redhat.com)
+- Remove container_runtime from the openshift_version (sdodson@redhat.com)
+
+* Fri Dec 08 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.9.0-0.1.0
+- Cleanup byo references (rteague@redhat.com)
+- openshift_node: reintroduce restart of CRI-O. (gscrivan@redhat.com)
+- container-engine: skip openshift_docker_log_driver when it is False
+ (gscrivan@redhat.com)
+- container-engine: log-opts is a dictionary in the daemon.json file
+ (gscrivan@redhat.com)
+- openshift_version: add dependency to openshift_facts (gscrivan@redhat.com)
+- openshift_version: define openshift_use_crio_only (gscrivan@redhat.com)
+- openshift_version: add dependency to container_runtime (gscrivan@redhat.com)
+- crio: define and use l_is_node_system_container (gscrivan@redhat.com)
+- Update deprecation checks - include: (rteague@redhat.com)
+- Add os_firewall to prerequisites.yml (mgugino@redhat.com)
+- add 3.8 templates for gluster ep and svc (lmeyer@redhat.com)
+- Remove openshift.common.service_type (mgugino@redhat.com)
+- Remove unused openshift_env_structures and openshift_env (mgugino@redhat.com)
+- Fix incorrect register name master registry auth (mgugino@redhat.com)
+- Include Deprecation: Convert to import_playbook (rteague@redhat.com)
+- add 3.8 templates for gluster ep and svc (m.judeikis@gmail.com)
+- Remove all uses of openshift.common.admin_binary (sdodson@redhat.com)
+- Implement container_runtime playbooks and changes (mgugino@redhat.com)
+- Playbook Consolidation - byo/config.yml (rteague@redhat.com)
+- openshift_logging_kibana: fix mixing paren (lmeyer@redhat.com)
+- Fix ami building. (kwoodson@redhat.com)
+- Include Deprecation: Convert to include_tasks (rteague@redhat.com)
+- Add missing symlinks in openshift-logging (rteague@redhat.com)
+- Fix generate_pv_pvcs_list plugin undef (mgugino@redhat.com)
+- Playbook Consolidation - etcd Upgrade (rteague@redhat.com)
+- bug 1519622. Disable rollback of ES DCs (jcantril@redhat.com)
+- Remove all references to pacemaker (pcs, pcsd) and
+ openshift.master.cluster_method. (abutcher@redhat.com)
+- Remove entry point files no longer needed by CI (rteague@redhat.com)
+- Don't check for the deployment_type (tomas@sedovic.cz)
+- Get the correct value out of openshift_release (tomas@sedovic.cz)
+- Fix oreg_auth_credentials_create register var (mgugino@redhat.com)
+- Fix and cleanup not required dns bits (bdobreli@redhat.com)
+- Fix hosted vars (mgugino@redhat.com)
+- Remove duplicate init import in network_manager.yml (rteague@redhat.com)
+- Document testing repos for dev purposes (bdobreli@redhat.com)
+- Remove unused protected_facts_to_overwrite (mgugino@redhat.com)
+- Use openshift testing repos for openstack (bdobreli@redhat.com)
+- Use openshift_release instead of ose_version (tomas@sedovic.cz)
+- Remove the ose_version check (tomas@sedovic.cz)
+- Allow number of retries in openshift_management to be configurable
+ (ealfassa@redhat.com)
+- Bumping to 3.9 (smunilla@redhat.com)
+- Cleanup unused openstack provider code (bdobreli@redhat.com)
+- Adding 3.9 tito releaser (smunilla@redhat.com)
+- Implement container runtime role (mgugino@redhat.com)
+- Fix glusterfs checkpoint info (rteague@redhat.com)
+- storage_glusterfs: fix typo (lmeyer@redhat.com)
+- Playbook Consolidation - Redeploy Certificates (rteague@redhat.com)
+- Fix tox (tomas@sedovic.cz)
+- Remove shell environment lookup (tomas@sedovic.cz)
+- Revert "Fix syntax error caused by an extra paren" (tomas@sedovic.cz)
+- Revert "Fix the env lookup fallback in rhel_subscribe" (tomas@sedovic.cz)
+- Remove reading shell environment in rhel_subscribe (tomas@sedovic.cz)
+- retry package operations (lmeyer@redhat.com)
+- Add v3.9 support (sdodson@redhat.com)
+- Playbook Consolidation - openshift-logging (rteague@redhat.com)
+- Do not escalate privileges in jks generation tasks (iacopo.rozzo@amadeus.com)
+- Fix inventory symlinks in origin-ansible container. (dgoodwin@redhat.com)
+- Initial upgrade for scale groups. (kwoodson@redhat.com)
+- Update the doc text (tomas@sedovic.cz)
+- Optionally subscribe OpenStack RHEL nodes (tomas@sedovic.cz)
+- Fix the env lookup fallback in rhel_subscribe (tomas@sedovic.cz)
+- Fix syntax error caused by an extra paren (tomas@sedovic.cz)
+- Fix no_log warnings for custom module (mgugino@redhat.com)
+- Add external_svc_subnet for k8s loadbalancer type service
+ (jihoon.o@samsung.com)
+- Remove openshift_facts project_cfg_facts (mgugino@redhat.com)
+- Remove dns_port fact (mgugino@redhat.com)
+- Bug 1512793- Fix idempotence issues in ASB deploy (fabian@fabianism.us)
+- Remove unused task file from etcd role (rteague@redhat.com)
+- fix type in authroize (jchaloup@redhat.com)
+- Use IP addresses for OpenStack nodes (tomas@sedovic.cz)
+- Update prometheus to 2.0.0 GA (zgalor@redhat.com)
+- remove schedulable from openshift_facts (mgugino@redhat.com)
+- inventory: Add example for service catalog vars (smilner@redhat.com)
+- Correct usage of include_role (rteague@redhat.com)
+- Remove openshift.common.cli_image (mgugino@redhat.com)
+- Fix openshift_env fact creation within openshift_facts. (abutcher@redhat.com)
+- Combine openshift_node and openshift_node_dnsmasq (mgugino@redhat.com)
+- GlusterFS: Remove extraneous line from glusterblock template
+ (jarrpa@redhat.com)
+- Remove openshift_clock from meta depends (mgugino@redhat.com)
+- Simplify is_master_system_container logic (mgugino@redhat.com)
+- dist.iteritems() no longer exists in Python 3. (jpazdziora@redhat.com)
+- Remove spurrious file committed by error (diego.abelenda@camptocamp.com)
+- Fix name of the service pointed to by hostname
+ (diego.abelenda@camptocamp.com)
+- Missed the default value after the variable name change...
+ (diego.abelenda@camptocamp.com)
+- Change the name of the variable and explicitely document the names
+ (diego.abelenda@camptocamp.com)
+- Allow to set the hostname for routes to prometheus and alertmanager
+ (diego.abelenda@camptocamp.com)
+- Allow openshift_install_examples to be false (michael.fraenkel@gmail.com)
+- Include Deprecation - openshift-service-catalog (rteague@redhat.com)
+- Remove is_openvswitch_system_container from facts (mgugino@redhat.com)
+- Workaround the fact that package state=present with dnf fails for already
+ installed but excluded packages. (jpazdziora@redhat.com)
+- With dnf repoquery and excluded packages, --disableexcludes=all is needed to
+ list the package with --installed. (jpazdziora@redhat.com)
+- Add support for external glusterfs as registry backend (m.judeikis@gmail.com)
+- cri-o: honor additional and insecure registries again (gscrivan@redhat.com)
+- docker: copy Docker metadata to the alternative storage path
+ (gscrivan@redhat.com)
+- Add check for gluterFS DS to stop restarts (m.judeikis@gmail.com)
+- Bug 1514417 - Adding correct advertise-client-urls (shawn.hurley21@gmail.com)
+- Uninstall tuned-profiles-atomic-openshift-node as defined in origin.spec
+ (jmencak@redhat.com)
+- Mod startup script to publish all frontend binds (cwilkers@redhat.com)
+
+* Thu Nov 23 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.8.0-0.13.0
+-
+
+* Thu Nov 23 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.8.0-0.12.0
+-
+
+* Thu Nov 23 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.8.0-0.11.0
+-
+
+* Thu Nov 23 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.8.0-0.10.0
+- tox.ini: simplify unit test reqs (lmeyer@redhat.com)
+- Remove unused task files (rteague@redhat.com)
+- Playbook Consolidation - openshift-provisioners (rteague@redhat.com)
+- Include Deprecation - openshift-prometheus (rteague@redhat.com)
+- Include Deprecation - openshift-node (rteague@redhat.com)
+- Include Deprecation - openshift-management (rteague@redhat.com)
+- Include Deprecation - openshift-glusterfs (rteague@redhat.com)
+- Include Deprecation - openshift-master (rteague@redhat.com)
+- Include Deprecation - openshift-hosted (rteague@redhat.com)
+- Playbook Consolidation - openshift-service-catalog (rteague@redhat.com)
+- Include Deprecation - openshift-nfs (rteague@redhat.com)
+- Include Deprecation - openshift-metrics (rteague@redhat.com)
+- Include Deprecation - openshift-etcd (rteague@redhat.com)
+- Fix system_images_registry variable (mgugino@redhat.com)
+- Include Deprecation - openshift-loadbalancer (rteague@redhat.com)
+- Include Deprecation - openshift-checks (rteague@redhat.com)
+- Playbook Consolidation - openshift-management (rteague@redhat.com)
+- Playbook Consolidation - openshift-master (rteague@redhat.com)
+- Playbook Consolidation - openshift-hosted (rteague@redhat.com)
+- Place-holder for prerequisites.yml (mgugino@redhat.com)
+- Cleanup etcd runtime variable. (mgugino@redhat.com)
+- Fix uninstall option for prometheus (zgalor@redhat.com)
+- Playbook Consolidation - openshift-glusterfs (rteague@redhat.com)
+- Playbook Consolidation - openshift-metrics (rteague@redhat.com)
+- Playbook Consolidation - openshift-loadbalancer (rteague@redhat.com)
+- hosted_registry: clean up tmp mount point and fstab (dusty@dustymabe.com)
+
+* Wed Nov 22 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.8.0-0.9.0
+- Fix node system container var (mgugino@redhat.com)
+- Add temporary playbook for CI test functionality (rteague@redhat.com)
+- Playbook Consolidation - openshift-node (rteague@redhat.com)
+- Fix logic for any sys containers (mgugino@redhat.com)
+- containerPort must be an int; correctly quote/brace replicas value
+ (rmeggins@redhat.com)
+- papr: use new PAPR_PULL_TARGET_BRANCH (jlebon@redhat.com)
+- Refactor etcd image (mgugino@redhat.com)
+- GlusterFS: Files and templates for 3.8 (jarrpa@redhat.com)
+- Only remove empty keys from env if env exists (sdodson@redhat.com)
+- Upgrade to etcd 3.2 (sdodson@redhat.com)
+- Allow modifying and adding prometheus application arguments
+ (zgalor@redhat.com)
+- Playbook Consolidation - openshift-nfs (rteague@redhat.com)
+- Playbook Consolidation - openshift-etcd (rteague@redhat.com)
+- Include Deprecation - Init Playbook Paths (rteague@redhat.com)
+
+* Mon Nov 20 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.8.0-0.8.0
+-
+
+* Mon Nov 20 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.8.0-0.7.0
+-
+
+* Mon Nov 20 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.8.0-0.6.0
+-
+
+* Sun Nov 19 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.8.0-0.5.0
+-
+
+* Sun Nov 19 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.8.0-0.4.0
+- bug 1498398. Enclose content between store tag (rromerom@redhat.com)
+
+* Fri Nov 17 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.8.0-0.3.0
+- papr: auto-detect image tag to use and bump to f27 (jlebon@redhat.com)
+- Updating mtu value to int (kwoodson@redhat.com)
+- fix the logging-es-prometheus selector (jcantril@redhat.com)
+- GlusterFS: Add configuration for auto creating block-hosting volumes
+ (jarrpa@redhat.com)
+- Playbook Consolidation - openshift-checks (rteague@redhat.com)
+- Combine openshift_node and openshift_node_upgrade (mgugino@redhat.com)
+- registry-console: align image and check (lmeyer@redhat.com)
+- registry-console template 3.8 consistency (lmeyer@redhat.com)
+- registry-console template 3.7 consistency (lmeyer@redhat.com)
+- registry-console template 3.6 consistency (lmeyer@redhat.com)
+
+* Thu Nov 16 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.8.0-0.2.0
+- Fix openstack init (rteague@redhat.com)
+- Ensure node service is started. (kwoodson@redhat.com)
+- Added aos-3.8 releaser for tito (smunilla@redhat.com)
+- Playbook Consolidation - Initialization (rteague@redhat.com)
+- Minor tweaks to ansible.cfg and example inventory (rteague@redhat.com)
+- Removed old version code (mgugino@redhat.com)
+- Fixing islnk. (kwoodson@redhat.com)
+- Removing setting prefix and version facts in openshift_logging to let the
+ component roles set their defaults (ewolinet@redhat.com)
+- Create prometheus configmaps before statefulset (zgalor@redhat.com)
+- Bug 1510496 - logging: honor ES PVC size (jwozniak@redhat.com)
+- Combine master upgrade play with role (mgugino@redhat.com)
+- Fix stale data in openshift_facts for logging (mgugino@redhat.com)
+- Start requiring Ansible 2.4 (rteague@redhat.com)
+- Fixing origin default for es proxy (ewolinet@redhat.com)
+- Addressing tox errors (ewolinet@redhat.com)
+- Addressing comments (ewolinet@redhat.com)
+- Initial Kuryr Ports Pool Support (ltomasbo@redhat.com)
+- Remove an unused retry file (tomas@sedovic.cz)
+- Namespace the docker volumes (tomas@sedovic.cz)
+- Fix tox (tomas@sedovic.cz)
+- Namespace the OpenStack vars (tomas@sedovic.cz)
+- Use `null` instead of `False` where it makes sense (tomas@sedovic.cz)
+- Simplify the template paths for the storage setup (tomas@sedovic.cz)
+- Use the default `item` loop variable for checks (tomas@sedovic.cz)
+- Move the selinux check up (tomas@sedovic.cz)
+- Add the DNS updates and rename the openstack vars (tomas@sedovic.cz)
+- Remove the subnet_update_dns_servers task list (tomas@sedovic.cz)
+- Move the vars/main.yml to defaults (tomas@sedovic.cz)
+- FIXUP ANSIBLE CFG (tomas@sedovic.cz)
+- Remove the static_inventory and bastion samples (tomas@sedovic.cz)
+- Use the existing ansible.cfg file (tomas@sedovic.cz)
+- Remove the subscription-manager role (tomas@sedovic.cz)
+- Add a stub of the dns record update code in (tomas@sedovic.cz)
+- Use correct host group in provision.yml (tomas@sedovic.cz)
+- Remove the post-install and scale-up playbooks (tomas@sedovic.cz)
+- Remove the openstack custom-actions for now (tomas@sedovic.cz)
+- Remove the extra roles (tomas@sedovic.cz)
+- Add openshift_openstack role and move tasks there (tomas@sedovic.cz)
+- Use the docker-storage-setup role (tomas@sedovic.cz)
+- Update readme (tomas@sedovic.cz)
+- Update lookup plugins path (tomas@sedovic.cz)
+- .gitignore casl-infra (tomas@sedovic.cz)
+- Move the OpenStack playbooks (tomas@sedovic.cz)
+- Updating logging components image defaulting pattern to match
+ openshift_logging pattern (ewolinet@redhat.com)
+- logging with static pvc: allow specifying the storage class name
+ (bart.vanbos@kbc.be)
+- Add role to configure project request template (hansmi@vshn.ch)
+- Remove bash highlight (tomas@sedovic.cz)
+- Revert the console hostname change (tomas@sedovic.cz)
+- Add Extra CAs (custom post-provision action) (#801) (tlacencin@gmail.com)
+- Add Flannel support (#814) (bdobreli@redhat.com)
+- Docker storage fix (#812) (cwilkers@redhat.com)
+- [WIP] Merge server with nofloating server heat templates (#761)
+ (bdobreli@redhat.com)
+- Support separate data network for Flannel SDN (#757) (bdobreli@redhat.com)
+- Add Extra Docker Registry URLs (custom post-provision action) (#794)
+ (tlacencin@gmail.com)
+- Make the private key examples consistent (tomas@sedovic.cz)
+- Allow the specification of server group policies when provisioning openstack
+ (#747) (tzumainn@redhat.com)
+- Attach additional RHN Pools (post-provision custom action) (#753)
+ (tlacencin@gmail.com)
+- Streamline the OpenStack provider README (tomas@sedovic.cz)
+- Adding support for cluster-autoscaler role (kwoodson@redhat.com)
+- Fix for this issue https://bugzilla.redhat.com/show_bug.cgi?id=1495372 (#793)
+ (edu@redhat.com)
+- Add CentOS support to the docker-storage-setup role (tomas@sedovic.cz)
+- Replace the CASL references (#778) (tomas@sedovic.cz)
+- Set public_v4 to private_v4 if it doesn't exist (tomas@sedovic.cz)
+- Fix flake8 errors (tomas@sedovic.cz)
+- Add dynamic inventory (tomas@sedovic.cz)
+- Fixing various contrib changes causing CASL breakage (#771)
+ (oybed@users.noreply.github.com)
+- Required variables to create dedicated lv (#766) (edu@redhat.com)
+- Adding the option to use 'stack_state' to allow for easy de-provisioning
+ (#754) (oybed@users.noreply.github.com)
+- Fix public master cluster DNS record when using bastion (#752)
+ (bdobreli@redhat.com)
+- Upscaling OpenShift application nodes (#571) (tlacencin@gmail.com)
+- load balancer formatting fix (#745) (tzumainn@redhat.com)
+- Docker ansible host (#742) (tomas@sedovic.cz)
+- Empty ssh (#729) (tomas@sedovic.cz)
+- Remove the `rhsm_register` value from inventory (tomas@sedovic.cz)
+- Make the `rhsm_register` value optional (tomas@sedovic.cz)
+- Clear the previous inventory during provisioning (tomas@sedovic.cz)
+- Fix the cinder_registry_volume conditional (tomas@sedovic.cz)
+- Pre-create a Cinder registry volume (tomas@sedovic.cz)
+- Add ability to support custom api and console ports (#712)
+ (etsauer@gmail.com)
+- Support Cinder-backed Openshift registry (#707) (tomas@sedovic.cz)
+- openstack: make server ports be trunk ports (#713) (celebdor@gmail.com)
+- Point openshift_master_cluster_public_hostname at master or lb if defined
+ (#706) (tzumainn@redhat.com)
+- Allow using a provider network (#701) (tomas@sedovic.cz)
+- Document global DNS security options (#694) (bdobreli@redhat.com)
+- Add custom post-provision playbook for adding yum repos (#697)
+ (tzumainn@redhat.com)
+- Support external/pre-provisioned authoritative cluster DNS (#690)
+ (bdobreli@redhat.com)
+- Added checks for configured images and flavors (#688) (tlacencin@gmail.com)
+- Cast num_* as int for jinja templates (#685) (bdobreli@redhat.com)
+- Do not repeat pre_tasks for post-provision playbook (#689)
+ (bdobreli@redhat.com)
+- Fix node label customisation (#679) (tlacencin@gmail.com)
+- Add documentation regarding running custom post-provision tasks (#678)
+ (tzumainn@redhat.com)
+- Add docs and defaults for multi-master setup (bdobreli@redhat.com)
+- Ignore *.cfg and *.crt in the openstack inventory (#672) (tomas@sedovic.cz)
+- Update openshift_release in the sample inventory (#647) (tomas@sedovic.cz)
+- Configure different Docker volume sizes for different roles (#644)
+ (tlacencin@gmail.com)
+- Avoid server recreation in case of user_data modification. (#651)
+ (robipolli@gmail.com)
+- Set custom hostnames for servers (#643) (tlacencin@gmail.com)
+- Access UI via a bastion node (#596) (bdobreli@redhat.com)
+- group_vars/all.yml, stack_params.yaml, README: specifying flavors enabled and
+ documented (#638) (tlacencin@gmail.com)
+- Specify different image names for roles (#637) (tlacencin@gmail.com)
+- Support multiple private networks for static inventory (#604)
+ (bdobreli@redhat.com)
+- Allow using ephemeral volumes for docker storage (#615) (tomas@sedovic.cz)
+- Remove clouds.yaml from sample-inventory (tomas@sedovic.cz)
+- Moving common DNS roles out of the playbook area (#605)
+ (oybed@users.noreply.github.com)
+- Note about jmespath requirement for control node (#599) (bdobreli@redhat.com)
+- removed openstack (djurgens@redhat.com)
+- Add wildcard pointer to Private DNS (djurgens@redhat.com)
+- Options for bastion, SSH config, static inventory autogeneration
+ (bdobreli@redhat.com)
+- Add bastion and ssh config for the static inventory role
+ (bdobreli@redhat.com)
+- Set openshift_hostname explicitly for openstack (#579) (tomas@sedovic.cz)
+- README: Added note about infra-ansible installation (#574)
+ (tlacencin@gmail.com)
+- Static inventory autogeneration (#550) (bdobreli@redhat.com)
+- Generate static inventory with shade inventory (#538) (bdobreli@redhat.com)
+- Include masters into etcd group, when it is empty (#559)
+ (bdobreli@redhat.com)
+- During provisioning, make unnecessary packages optional under a switch (#561)
+ (tlacencin@gmail.com)
+- Set ansible_become for the OSEv3 group (tomas@sedovic.cz)
+- README: fix (kpilatov@redhat.com)
+- README: typo (kpilatov@redhat.com)
+- dependencies: python-heatclient and python-openstackclient added to optional
+ dependencies (kpilatov@redhat.com)
+- README: added prerequisity for a repository needed for python-openstackclient
+ installation (kpilatov@redhat.com)
+- Add a role to generate a static inventory (#540) (bdobreli@redhat.com)
+- Retry tasks in the subscription manager role (#552) (tlacencin@gmail.com)
+- Set up NetworkManager automatically (#542) (tomas@sedovic.cz)
+- Replace greaterthan and equalto in openstack-stack (tomas@sedovic.cz)
+- Switch the sample inventory to CentOS (#541) (tomas@sedovic.cz)
+- Add defaults values for some openstack vars (#539) (tomas@sedovic.cz)
+- Install DNS roles from casl-infra with galaxy (#529) (bdobreli@redhat.com)
+- Playbook prerequisites.yml checks that prerequisites are met before
+ provisioning (#518) (tlacencin@gmail.com)
+- Persist DNS configuration for nodes for openstack provider
+ (bdobreli@redhat.com)
+- Manage packages to install/update for openstack provider
+ (bdobreli@redhat.com)
+- Fix yaml indentation (tomas@sedovic.cz)
+- Use wait_for_connection for the Heat nodes (tomas@sedovic.cz)
+- Put back node/flat secgrp for infra nodes on openstack (bdobreli@redhat.com)
+- README.md: fixing typo (kpilatov@redhat.com)
+- README.md: list jinja2 as a dependency (kpilatov@redhat.com)
+- Modify sec groups for provisioned openstack servers (bdobreli@redhat.com)
+- rename node_removal_policies, add some comments and defaults
+ (tzumainn@redhat.com)
+- all.yml: removed whitespaces in front of variables (kpilatov@redhat.com)
+- removed whitespace in front of commented variable (kpilatov@redhat.com)
+- OSEv3.yml: trailing space... (kpilatov@redhat.com)
+- OSEv3.yml: added option to ignore set hardware limits for RAM and DISK
+ (kpilatov@redhat.com)
+- Fix flat sec group and infra/dns sec rules (bdobreli@redhat.com)
+- Add node_removal_policies variable to allow for scaling down
+ (tzumainn@redhat.com)
+- Use cached facts, do not become for localhost (#484) (bdobreli@redhat.com)
+- Add profiling and skippy stdout (#470) (bdobreli@redhat.com)
+- Fix flake8 errors with the openstack inventory (tomas@sedovic.cz)
+- Fix yamllint errors (tomas@sedovic.cz)
+- Update sample inventory with the latest changes (tomas@sedovic.cz)
+- Gather facts for provision playbook (bdobreli@redhat.com)
+- Drop atomic-openshift-utils, update docs for origin (bdobreli@redhat.com)
+- Add ansible.cfg for openstack provider (bdobreli@redhat.com)
+- Add a flat sec group for openstack provider (bdobreli@redhat.com)
+- Always let the openshift nodes access the DNS (tomas@sedovic.cz)
+- Fix privileges in the pre-install playbook (tomas@sedovic.cz)
+- Add default values to provision-openstack.yml (tomas@sedovic.cz)
+- Move pre_tasks from to the openstack provisioner (tomas@sedovic.cz)
+- Add readme (tomas@sedovic.cz)
+- Add license for openstack.py in inventory (tomas@sedovic.cz)
+- Add a sample inventory for openstack provisioning (tomas@sedovic.cz)
+- Symlink roles to provisioning/openstack/roles (tomas@sedovic.cz)
+- Add a single provisioning playbook (tomas@sedovic.cz)
+- Move the openstack provisioning playbooks (tomas@sedovic.cz)
+- Update CASL to use nsupdate for DNS records (#48)
+ (oybed@users.noreply.github.com)
+- Conditionally set the openshift_master_default_subdomain to avoid overriding
+ it unecessary (#47) (oybed@users.noreply.github.com)
+- More ansible migration and deploy OCP from local workstation (#376)
+ (pschiffe@redhat.com)
+- Removed hardcoded values from ansible roles (edu@redhat.com)
+- First attempt at a simple multi-master support (#39) (etsauer@gmail.com)
+- Stack refactor (#38) (etsauer@gmail.com)
+- Ensure DNS configuration has wildcards set for infra nodes (#24)
+ (oybed@users.noreply.github.com)
+- Fixing two significant bugs in the HEAT deployment (#13) (etsauer@gmail.com)
+- update for yamllint errors (jdetiber@redhat.com)
+- Making providers common (#126) (rcook@redhat.com)
+- Openstack heat (#2) (etsauer@gmail.com)
+- Fixing ansible impl to work with OSP9 and ansible 2.2 (bedin@redhat.com)
+- Updated env_id to be a sub-domain + make the logic a bit more flexible
+ (bedin@redhat.com)
+- Fixes Issue #163 if rhsm_password is not defined (vvaldez@redhat.com)
+- Cleande up hostname role to make it more generic (bedin@redhat.com)
+- Updated to run as root rather than cloud-user, for now... (bedin@redhat.com)
+- Channging hard coded host groups to match openshift-ansible expected host
+ groups. Importing byo playbook now instead of nested ansible run. Need to
+ refactor how we generate hostnames to make it fit this. (esauer@redhat.com)
+- Subscription manager role should accomodate orgs with spaces
+ (esauer@redhat.com)
+- Reverting previous commit and making template adjustments (esauer@redhat.com)
+- Changes to allow runs from inside a container. Also allows for running
+ upstream openshift-ansible installer (esauer@redhat.com)
+- Changes by JayKayy for a full provision of OpenShift on OpenStack
+ (esauer@redhat.com)
+- Fix typo in task name (vvaldez@redhat.com)
+- Add org parameter to Satellite with user/pass (vvaldez@redhat.com)
+- Remove vars_prompt, add info to README to re-enable and for ansible-vault
+ (vvaldez@redhat.com)
+- Cosmetic changes to task names and move yum clean all to prereqs
+ (vvaldez@redhat.com)
+- Refactor use of rhsm_password to prevent display to CLI (vvaldez@redhat.com)
+- Fix bad syntax with extra 'and' in when using rhsm_pool (vvaldez@redhat.com)
+- Refactor role to dynamically determine rhsm_method (vvaldez@redhat.com)
+- Add subscription-manager support for Hosted or Satellite (vvaldez@redhat.com)
+- New OSE3 docker host builder and OpenStack ansible provisioning support
+ (andy.block@gmail.com)
+
+* Wed Nov 15 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.8.0-0.1.0
+- Allow disabling authorization migration check (sdodson@redhat.com)
+- Alternative method to create docker registry auth creds (mgugino@redhat.com)
+- Nuke /var/lib/dockershim/sandbox/* while nodes are drained
+ (sdodson@redhat.com)
+- crio: sync crio.conf (gscrivan@redhat.com)
+- Updating provisioning order. (kwoodson@redhat.com)
+- Regex anchors changed to match protocol start and ports.
+ (kwoodson@redhat.com)
+- First pass at v3.8 support (sdodson@redhat.com)
+- Run registry auth after docker restart (mgugino@redhat.com)
+- Fix extension script for catalog (mgugino@redhat.com)
+- Adding instance profile support for node groups. (kwoodson@redhat.com)
+- Bumping openshift-ansible to 3.8 (smunilla@redhat.com)
+- ansible.cfg: error when inventory does not parse (lmeyer@redhat.com)
+- removing kind restrictions from oc_edit (kwoodson@redhat.com)
+- Update Docs. Make Clearer where the actual docs are. (tbielawa@redhat.com)
+- Remove upgrade playbooks for 3.3 through 3.5 (rteague@redhat.com)
+- GlusterFS: Add gluster-s3 functionality (jarrpa@redhat.com)
+- GlusterFS: Add glusterblock functionality (jarrpa@redhat.com)
+- GlusterFS: Update heketi templates for latest version (jarrpa@redhat.com)
+- GlusterFS: Specify resource requests (jarrpa@redhat.com)
+- Remove remaining haproxy files with uninstallation
+ (nakayamakenjiro@gmail.com)
+- Proposal: container_runtime role (mgugino@redhat.com)
+- Fix contenerized documentation? (mickael.canevet@camptocamp.com)
+- Cleans up additional artifacts in uninstall. Closes 3082
+ (gregswift@gmail.com)
+- Add execution times to checkpoint status (rteague@redhat.com)
+- Make clearer *_nfs_directory and *_volume_name (lpsantil@gmail.com)
+- Allow cluster IP for docker-registry service to be set (hansmi@vshn.ch)
+
+* Thu Nov 09 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.7.5-1
+-
+
+* Wed Nov 08 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.7.4-1
+-
+
+* Wed Nov 08 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.7.3-1
+- Adding configuration for keeping transient namespace on error.
+ (shawn.hurley21@gmail.com)
+- Use openshift.common.client_binary (sdodson@redhat.com)
+- Fix examples image streams (mgugino@redhat.com)
+- Remove duplicate defaulting for ASB and TSB (sdodson@redhat.com)
+- Fix preupgrade authorization objects are in sync minor versions
+ (mgugino@redhat.com)
+- General template updates for v3.7 (sdodson@redhat.com)
+- Update to xPaaS v1.4.6 (sdodson@redhat.com)
+- Bug 1511044- Slurp the etcd certs instead of using the lookup
+ (fabian@fabianism.us)
+- Change prometheus default namespace to 'openshift-metrics'
+ (zgalor@redhat.com)
+- Bootstrap enhancements. (kwoodson@redhat.com)
+- reconcile registry-console and docker_image_availability (lmeyer@redhat.com)
+
+* Wed Nov 08 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.7.2-1
+- Remove debug code that was mistakenly committed (zgalor@redhat.com)
+- Correct service restart command (sdodson@redhat.com)
+- Give service-catalog controller-manager permissions to update status of
+ ClusterServiceClasses and ClusterServicePlans (staebler@redhat.com)
+
+* Wed Nov 08 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.7.1-1
+- Bug 1510636- add name to local registry config (fabian@fabianism.us)
+
+* Wed Nov 08 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.7.0-0.198.0
+- container_binary_sync: Remove atomic prefix from image (smilner@redhat.com)
+- Bug 1510546- Fix previous fix, task was indented one level too deep
+ (fabian@fabianism.us)
+- Use oc rather than kubectl (sdodson@redhat.com)
+- Re-add challenge auth verification to github and google (mgugino@redhat.com)
+- Move fact definition that breaks when check to end of block
+ (fabian@fabianism.us)
+- [Bug 1509354] Check if routers have certificates and use them
+ (kwoodson@redhat.com)
+- Fix v3.6 xpaas image streams (sdodson@redhat.com)
+- Fix v3.7 xpaas image streams (sdodson@redhat.com)
+- Fix prometheus default vars (mgugino@redhat.com)
+- openshift_checks: Add OVS versions for OCP 3.7 (miciah.masters@gmail.com)
+- Proper quotes (dymurray@redhat.com)
+- Update service broker configmap and serviceaccount privileges
+ (dymurray@redhat.com)
+- Add etcd as part of inventory file. Otherwise, it fails as "Running etcd as
+ an embedded service is no longer supported." (sarumuga@redhat.com)
+- Add centos based dotnet 2.0 image streams (sdodson@redhat.com)
+
+* Tue Nov 07 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.7.0-0.197.0
+- Temporarily set master servingInfo.clientCA as client-ca-bundle.crt during
+ rolling CA redeployment. (abutcher@redhat.com)
+- container-engine: ensure /var/lib/containers/ is properly labelled
+ (gscrivan@redhat.com)
+- Moving docker location to share path with system containers.
+ (kwoodson@redhat.com)
+- Retry restarting master controllers (mgugino@redhat.com)
+- Bug 1509680- Fix ansible-service-broker registry validations
+ (fabian@fabianism.us)
+- Fix preupgrade authorization objects are in sync (mgugino@redhat.com)
+- Bug 1507617- Move etcd into its own service/dc with SSL (fabian@fabianism.us)
+
+* Mon Nov 06 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.7.0-0.196.0
+- Bug 1509052 - Remove logfile from broker config (david.j.zager@gmail.com)
+- Fix github auth validation (mgugino@redhat.com)
+- Re-generate lib_openshift (mail@jkroepke.de)
+- Remove provisioner restrictions on oc_storageclass (mail@jkroepke.de)
+
* Mon Nov 06 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.7.0-0.195.0
- Bug 1507787- add full path to default asb etcd image (fabian@fabianism.us)
@@ -387,10 +909,10 @@ Atomic OpenShift Utilities includes
- GlusterFS: Remove image option from heketi command (jarrpa@redhat.com)
* Mon Oct 30 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.7.0-0.187.0
--
+-
* Sun Oct 29 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.7.0-0.186.0
--
+-
* Sat Oct 28 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.7.0-0.185.0
- bug 1506073. Lower cpu request for logging when it exceeds limit
@@ -420,7 +942,7 @@ Atomic OpenShift Utilities includes
- Refactor health check playbooks (rteague@redhat.com)
* Fri Oct 27 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.7.0-0.183.0
--
+-
* Thu Oct 26 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.7.0-0.182.0
- Fixing documentation for the cert_key_path variable name.
@@ -494,16 +1016,16 @@ Atomic OpenShift Utilities includes
(hansmi@vshn.ch)
* Mon Oct 23 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.7.0-0.175.0
--
+-
* Sun Oct 22 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.7.0-0.174.0
--
+-
* Sun Oct 22 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.7.0-0.173.0
--
+-
* Sun Oct 22 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.7.0-0.172.0
--
+-
* Sat Oct 21 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.7.0-0.171.0
- Use "requests" for CPU resources instead of limits
@@ -527,16 +1049,16 @@ Atomic OpenShift Utilities includes
(dymurray@redhat.com)
* Fri Oct 20 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.7.0-0.168.0
--
+-
* Thu Oct 19 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.7.0-0.167.0
--
+-
* Thu Oct 19 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.7.0-0.166.0
--
+-
* Thu Oct 19 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.7.0-0.165.0
--
+-
* Thu Oct 19 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.7.0-0.164.0
- Change to service-signer.crt for template_service_broker CA_BUNDLE
@@ -559,7 +1081,7 @@ Atomic OpenShift Utilities includes
- Remove unneeded master config updates during upgrades (mgugino@redhat.com)
* Wed Oct 18 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.7.0-0.161.0
--
+-
* Wed Oct 18 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.7.0-0.160.0
- Fix pvc selector default to be empty dict instead of string
@@ -601,16 +1123,16 @@ Atomic OpenShift Utilities includes
(jchaloup@redhat.com)
* Sun Oct 15 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.7.0-0.155.0
--
+-
* Sat Oct 14 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.7.0-0.154.0
--
+-
* Fri Oct 13 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.7.0-0.153.0
- default groups.oo_new_etcd_to_config to an empty list (jchaloup@redhat.com)
* Fri Oct 13 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.7.0-0.152.0
--
+-
* Fri Oct 13 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.7.0-0.151.0
- updated dynamic provision section for openshift metrics to support storage
@@ -1019,7 +1541,7 @@ Atomic OpenShift Utilities includes
- oc_atomic_container: support Skopeo output (gscrivan@redhat.com)
* Tue Sep 05 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.7.0-0.125.0
--
+-
* Tue Sep 05 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.7.0-0.124.0
- Fix ansible_syntax check (rteague@redhat.com)
@@ -1046,7 +1568,7 @@ Atomic OpenShift Utilities includes
(miciah.masters@gmail.com)
* Wed Aug 30 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.7.0-0.123.0
--
+-
* Wed Aug 30 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.7.0-0.122.0
- Update openshift_hosted_routers example to be in ini format.
@@ -1108,10 +1630,10 @@ Atomic OpenShift Utilities includes
- Add missing hostnames to registry cert (sdodson@redhat.com)
* Fri Aug 25 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.7.0-0.115.0
--
+-
* Fri Aug 25 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.7.0-0.114.0
--
+-
* Fri Aug 25 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.7.0-0.113.0
- openshift_version: enterprise accepts new style pre-release
@@ -1129,13 +1651,13 @@ Atomic OpenShift Utilities includes
- Setup tuned profiles in /etc/tuned (jmencak@redhat.com)
* Thu Aug 24 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.7.0-0.109.0
--
+-
* Thu Aug 24 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.7.0-0.108.0
--
+-
* Thu Aug 24 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.7.0-0.107.0
--
+-
* Thu Aug 24 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.7.0-0.106.0
- Add dotnet 2.0 to v3.6 (sdodson@redhat.com)
@@ -1172,13 +1694,13 @@ Atomic OpenShift Utilities includes
(sdodson@redhat.com)
* Sat Aug 19 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.7.0-0.103.0
--
+-
* Fri Aug 18 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.7.0-0.102.0
--
+-
* Fri Aug 18 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.7.0-0.101.0
--
+-
* Fri Aug 18 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.7.0-0.100.0
- Change memory requests and limits units (mak@redhat.com)
@@ -1477,13 +1999,13 @@ Atomic OpenShift Utilities includes
(kwoodson@redhat.com)
* Mon Jul 17 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.6.152-1
--
+-
* Sun Jul 16 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.6.151-1
--
+-
* Sun Jul 16 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.6.150-1
--
+-
* Sat Jul 15 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.6.149-1
- Config was missed before replace. (jkaur@redhat.com)
@@ -1506,7 +2028,7 @@ Atomic OpenShift Utilities includes
- GlusterFS: Fix SSH-based heketi configuration (jarrpa@redhat.com)
* Wed Jul 12 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.6.143-1
--
+-
* Wed Jul 12 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.6.142-1
- add scheduled pods check (jvallejo@redhat.com)
@@ -1531,7 +2053,7 @@ Atomic OpenShift Utilities includes
- updating fetch tasks to be flat paths (ewolinet@redhat.com)
* Mon Jul 10 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.6.140-1
--
+-
* Sat Jul 08 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.6.139-1
- increase implicit 300s default timeout to explicit 600s (jchaloup@redhat.com)
@@ -1579,7 +2101,7 @@ Atomic OpenShift Utilities includes
- Fully qualify ocp ansible_service_broker_image_prefix (sdodson@redhat.com)
* Wed Jul 05 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.6.134-1
--
+-
* Tue Jul 04 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.6.133-1
- etcd, syscontainer: fix copy of existing datastore (gscrivan@redhat.com)
@@ -1591,7 +2113,7 @@ Atomic OpenShift Utilities includes
- Fixes to storage migration (sdodson@redhat.com)
* Mon Jul 03 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.6.132-1
--
+-
* Sun Jul 02 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.6.131-1
- Fix upgrade (sdodson@redhat.com)
@@ -1732,7 +2254,7 @@ Atomic OpenShift Utilities includes
- bug 1457642. Use same SG index to avoid seeding timeout (jcantril@redhat.com)
* Wed Jun 21 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.6.122-1
--
+-
* Tue Jun 20 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.6.121-1
- Updating default from null to "" (ewolinet@redhat.com)
@@ -1776,7 +2298,7 @@ Atomic OpenShift Utilities includes
- CloudForms 4.5 templates (simaishi@redhat.com)
* Fri Jun 16 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.6.114-1
--
+-
* Fri Jun 16 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.6.113-1
- Make rollout status check best-effort, add poll (skuznets@redhat.com)
@@ -1838,7 +2360,7 @@ Atomic OpenShift Utilities includes
- singletonize some role tasks that repeat a lot (lmeyer@redhat.com)
* Wed Jun 14 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.6.109-1
--
+-
* Wed Jun 14 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.6.108-1
- Upgraded Calico to 2.2.1 Release (vincent.schwarzer@yahoo.de)
@@ -1894,7 +2416,7 @@ Atomic OpenShift Utilities includes
- Install default storageclass in AWS & GCE envs (hekumar@redhat.com)
* Fri Jun 09 2017 Jenkins CD Merge Bot <tdawson@redhat.com> 3.6.98-1
--
+-
* Fri Jun 09 2017 Scott Dodson <sdodson@redhat.com> 3.6.97-1
- Updated to using oo_random_word for secret gen (ewolinet@redhat.com)
@@ -1926,7 +2448,7 @@ Atomic OpenShift Utilities includes
loopback kubeconfigs. (abutcher@redhat.com)
* Tue Jun 06 2017 Jenkins CD Merge Bot <tdawson@redhat.com> 3.6.89.2-1
--
+-
* Tue Jun 06 2017 Jenkins CD Merge Bot <tdawson@redhat.com> 3.6.89.1-1
- Updating image for registry_console (ewolinet@redhat.com)
@@ -2173,13 +2695,13 @@ Atomic OpenShift Utilities includes
- Fix additional master cert & client config creation. (abutcher@redhat.com)
* Tue May 09 2017 Jenkins CD Merge Bot <tdawson@redhat.com> 3.6.62-1
--
+-
* Tue May 09 2017 Jenkins CD Merge Bot <tdawson@redhat.com> 3.6.61-1
--
+-
* Mon May 08 2017 Jenkins CD Merge Bot <tdawson@redhat.com> 3.6.60-1
--
+-
* Mon May 08 2017 Jenkins CD Merge Bot <tdawson@redhat.com> 3.6.59-1
- Updating logging and metrics to restart api, ha and controllers when updating
@@ -2192,10 +2714,10 @@ Atomic OpenShift Utilities includes
- Moving Dockerfile content to images dir (jupierce@redhat.com)
* Mon May 08 2017 Jenkins CD Merge Bot <tdawson@redhat.com> 3.6.57-1
--
+-
* Sun May 07 2017 Jenkins CD Merge Bot <tdawson@redhat.com> 3.6.56-1
--
+-
* Sat May 06 2017 Jenkins CD Merge Bot <tdawson@redhat.com> 3.6.55-1
- Fix 1448368, and some other minors issues (ghuang@redhat.com)
diff --git a/playbooks/adhoc/openshift_hosted_logging_efk.yaml b/playbooks/adhoc/openshift_hosted_logging_efk.yaml
index 44a2ef534..69b2541bb 100644
--- a/playbooks/adhoc/openshift_hosted_logging_efk.yaml
+++ b/playbooks/adhoc/openshift_hosted_logging_efk.yaml
@@ -8,7 +8,7 @@
hosts: masters:!masters[0]
pre_tasks:
- set_fact:
- openshift_logging_kibana_hostname: "{{ openshift_hosted_logging_hostname | default('kibana.' ~ (openshift_master_default_subdomain | default('router.default.svc.cluster.local', true))) }}"
+ openshift_logging_kibana_hostname: "{{ openshift_hosted_logging_hostname | default('kibana.' ~ openshift_master_default_subdomain }}"
tasks:
- include_role:
name: openshift_logging
diff --git a/playbooks/adhoc/uninstall.yml b/playbooks/adhoc/uninstall.yml
index 07f10d48c..584117e6b 100644
--- a/playbooks/adhoc/uninstall.yml
+++ b/playbooks/adhoc/uninstall.yml
@@ -62,7 +62,6 @@
- origin-master
- origin-master-api
- origin-master-controllers
- - pcsd
failed_when: false
- hosts: etcd
@@ -124,12 +123,16 @@
- origin-clients
- origin-node
- origin-sdn-ovs
- - tuned-profiles-openshift-node
+ - tuned-profiles-atomic-openshift-node
- tuned-profiles-origin-node
+ register: result
+ until: result is succeeded
- name: Remove flannel package
package: name=flannel state=absent
when: openshift_use_flannel | default(false) | bool
+ register: result
+ until: result is succeeded
when: not is_atomic | bool
- shell: systemctl reset-failed
@@ -151,6 +154,14 @@
- lbr0
- vlinuxbr
- vovsbr
+
+ - name: Remove virtual devices
+ command: nmcli delete device "{{ item }}"
+ failed_when: False
+ with_items:
+ - tun0
+ - docker0
+
when: openshift_remove_all | default(true) | bool
- shell: atomic uninstall "{{ item }}"-master-api
@@ -264,12 +275,30 @@
- "{{ directories.results | default([]) }}"
- files
+ - shell: systemctl daemon-reload
+ changed_when: False
+
+ - name: restart container-engine
+ service: name=container-engine state=stopped enabled=no
+ failed_when: false
+ register: container_engine
+
+ - name: restart docker
+ service: name=docker state=stopped enabled=no
+ failed_when: false
+ when: not (container_engine is changed)
+ register: l_docker_restart_docker_in_pb_result
+ until: not (l_docker_restart_docker_in_pb_result is failed)
+ retries: 3
+ delay: 30
+
- name: Remove remaining files
file: path={{ item }} state=absent
with_items:
- /etc/ansible/facts.d/openshift.fact
- /etc/openshift
- /etc/openshift-sdn
+ - /etc/pki/ca-trust/source/anchors/openshift-ca.crt
- /etc/sysconfig/atomic-openshift-node
- /etc/sysconfig/atomic-openshift-node-dep
- /etc/sysconfig/openshift-node-dep
@@ -284,23 +313,38 @@
- /etc/systemd/system/origin-node-dep.service
- /etc/systemd/system/origin-node.service
- /etc/systemd/system/origin-node.service.wants
+ - /var/lib/docker
+
+ - name: Rebuild ca-trust
+ command: update-ca-trust
+
+ - name: Reset Docker proxy configuration
+ lineinfile:
+ state=absent
+ dest=/etc/sysconfig/docker
+ regexp='(NO_PROXY|HTTP_PROXY|HTTPS_PROXY)=.*'
+
+ - name: Reset Docker registry configuration
+ lineinfile:
+ state=absent
+ dest=/etc/sysconfig/docker
+ regexp='(ADD_REGISTRY|BLOCK_REGISTRY|INSECURE_REGISTRY)=.*'
+
+ - name: Detect Docker storage configuration
+ shell: vgs -o name | grep docker
+ register: docker_vg_name
+ failed_when: false
+ changed_when: false
- - shell: systemctl daemon-reload
- changed_when: False
+ - name: Wipe out Docker storage contents
+ command: vgremove -f {{ item }}
+ with_items: "{{ docker_vg_name.stdout_lines }}"
+ when: docker_vg_name.rc == 0
- - name: restart container-engine
- service: name=container-engine state=restarted
- failed_when: false
- register: container_engine
+ - name: Wipe out Docker storage configuration
+ file: path=/etc/sysconfig/docker-storage state=absent
+ when: docker_vg_name.rc == 0
- - name: restart docker
- service: name=docker state=restarted
- failed_when: false
- when: not (container_engine | changed)
- register: l_docker_restart_docker_in_pb_result
- until: not l_docker_restart_docker_in_pb_result | failed
- retries: 3
- delay: 30
- hosts: masters
become: yes
@@ -339,8 +383,8 @@
- origin-excluder
- origin-docker-excluder
- origin-master
- - pacemaker
- - pcs
+ register: result
+ until: result is succeeded
- shell: systemctl reset-failed
changed_when: False
@@ -409,8 +453,6 @@
- /etc/sysconfig/origin-master-api
- /etc/sysconfig/origin-master-controllers
- /usr/share/openshift/examples
- - /var/lib/pacemaker
- - /var/lib/pcsd
- /usr/lib/systemd/system/atomic-openshift-master-api.service
- /usr/lib/systemd/system/atomic-openshift-master-controllers.service
- /usr/lib/systemd/system/origin-master-api.service
@@ -456,6 +498,8 @@
with_items:
- etcd
- etcd3
+ register: result
+ until: result is succeeded
- shell: systemctl reset-failed
changed_when: False
@@ -513,6 +557,8 @@
when: not is_atomic | bool and openshift_remove_all | default(True) | bool
with_items:
- haproxy
+ register: result
+ until: result is succeeded
- shell: systemctl reset-failed
changed_when: False
@@ -525,3 +571,7 @@
with_items:
- /etc/ansible/facts.d/openshift.fact
- /var/lib/haproxy/stats
+ # Here we remove only limits.conf rather than directory, as users may put their files.
+ # - /etc/systemd/system/haproxy.service.d
+ - /etc/systemd/system/haproxy.service.d/limits.conf
+ - /etc/systemd/system/haproxy.service
diff --git a/playbooks/aws/README.md b/playbooks/aws/README.md
index 417fb539a..d203b9cda 100644
--- a/playbooks/aws/README.md
+++ b/playbooks/aws/README.md
@@ -75,7 +75,7 @@ If customization is required for the instances, scale groups, or any other confi
In order to create the bootstrap-able AMI we need to create a basic openshift-ansible inventory. This enables us to create the AMI using the openshift-ansible node roles. This inventory should not include any hosts, but certain variables should be defined in the appropriate groups, just as deploying a cluster
using the normal openshift-ansible method. See provisioning-inventory.example.ini for an example.
-There are more examples of cluster inventory settings [`here`](../../inventory/byo/).
+There are more examples of cluster inventory settings [`here`](../../inventory/).
#### Step 0 (optional)
@@ -134,11 +134,11 @@ At this point we have successfully created the infrastructure including the mast
Now it is time to install Openshift using the openshift-ansible installer. This can be achieved by running the following playbook:
```
-$ ansible-playbook -i inventory.yml install.yml @provisioning_vars.yml
+$ ansible-playbook -i inventory.yml install.yml -e @provisioning_vars.yml
```
This playbook accomplishes the following:
1. Builds a dynamic inventory file by querying AWS.
-2. Runs the [`byo`](../../common/openshift-cluster/config.yml)
+2. Runs the [`deploy_cluster.yml`](../deploy_cluster.yml)
Once this playbook completes, the cluster masters should be installed and configured.
diff --git a/playbooks/aws/openshift-cluster/accept.yml b/playbooks/aws/openshift-cluster/accept.yml
index c2c8bea50..e7bed4f6e 100755
--- a/playbooks/aws/openshift-cluster/accept.yml
+++ b/playbooks/aws/openshift-cluster/accept.yml
@@ -14,11 +14,11 @@
msg: "openshift_aws_region={{ openshift_aws_region | default('us-east-1') }}"
- name: bring lib_openshift into scope
- include_role:
+ import_role:
name: lib_openshift
- name: fetch masters
- ec2_remote_facts:
+ ec2_instance_facts:
region: "{{ openshift_aws_region | default('us-east-1') }}"
filters:
"tag:clusterid": "{{ openshift_aws_clusterid | default('default') }}"
@@ -30,7 +30,7 @@
until: "'instances' in mastersout and mastersout.instances|length > 0"
- name: fetch new node instances
- ec2_remote_facts:
+ ec2_instance_facts:
region: "{{ openshift_aws_region | default('us-east-1') }}"
filters:
"tag:clusterid": "{{ openshift_aws_clusterid | default('default') }}"
diff --git a/playbooks/aws/openshift-cluster/build_ami.yml b/playbooks/aws/openshift-cluster/build_ami.yml
index fae30eb0a..5bf4f652a 100644
--- a/playbooks/aws/openshift-cluster/build_ami.yml
+++ b/playbooks/aws/openshift-cluster/build_ami.yml
@@ -17,7 +17,7 @@
- name: openshift_aws_region
msg: "openshift_aws_region={{ openshift_aws_region | default('us-east-1') }}"
-- include: provision_instance.yml
+- import_playbook: provision_instance.yml
vars:
openshift_aws_node_group_type: compute
@@ -33,8 +33,8 @@
# This is the part that installs all of the software and configs for the instance
# to become a node.
-- include: ../../common/openshift-node/image_prep.yml
+- import_playbook: ../../openshift-node/private/image_prep.yml
-- include: seal_ami.yml
+- import_playbook: seal_ami.yml
vars:
openshift_aws_ami_name: "openshift-gi-{{ lookup('pipe', 'date +%Y%m%d%H%M')}}"
diff --git a/playbooks/aws/openshift-cluster/filter_plugins b/playbooks/aws/openshift-cluster/filter_plugins
deleted file mode 120000
index 99a95e4ca..000000000
--- a/playbooks/aws/openshift-cluster/filter_plugins
+++ /dev/null
@@ -1 +0,0 @@
-../../../filter_plugins \ No newline at end of file
diff --git a/playbooks/aws/openshift-cluster/hosted.yml b/playbooks/aws/openshift-cluster/hosted.yml
new file mode 100644
index 000000000..9d9ed29de
--- /dev/null
+++ b/playbooks/aws/openshift-cluster/hosted.yml
@@ -0,0 +1,25 @@
+---
+- import_playbook: ../../openshift-hosted/private/config.yml
+
+- import_playbook: ../../openshift-metrics/private/config.yml
+ when: openshift_metrics_install_metrics | default(false) | bool
+
+- import_playbook: ../../openshift-logging/private/config.yml
+ when: openshift_logging_install_logging | default(false) | bool
+
+- import_playbook: ../../openshift-prometheus/private/config.yml
+ when: openshift_hosted_prometheus_deploy | default(false) | bool
+
+- import_playbook: ../../openshift-service-catalog/private/config.yml
+ when: openshift_enable_service_catalog | default(false) | bool
+
+- import_playbook: ../../openshift-management/private/config.yml
+ when: openshift_management_install_management | default(false) | bool
+
+- name: Print deprecated variable warning message if necessary
+ hosts: oo_first_master
+ gather_facts: no
+ tasks:
+ - debug: msg="{{__deprecation_message}}"
+ when:
+ - __deprecation_message | default ('') | length > 0
diff --git a/playbooks/aws/openshift-cluster/install.yml b/playbooks/aws/openshift-cluster/install.yml
index 4d0bf9531..b03fb0b7f 100644
--- a/playbooks/aws/openshift-cluster/install.yml
+++ b/playbooks/aws/openshift-cluster/install.yml
@@ -15,11 +15,32 @@
name: openshift_aws
tasks_from: master_facts.yml
-- name: normalize groups
- include: ../../byo/openshift-cluster/initialize_groups.yml
+- name: run the init
+ import_playbook: ../../init/main.yml
-- name: run the std_include
- include: ../../common/openshift-cluster/std_include.yml
+- name: perform the installer openshift-checks
+ import_playbook: ../../openshift-checks/private/install.yml
-- name: run the config
- include: ../../common/openshift-cluster/config.yml
+- name: etcd install
+ import_playbook: ../../openshift-etcd/private/config.yml
+
+- name: include nfs
+ import_playbook: ../../openshift-nfs/private/config.yml
+ when: groups.oo_nfs_to_config | default([]) | count > 0
+
+- name: include loadbalancer
+ import_playbook: ../../openshift-loadbalancer/private/config.yml
+ when: groups.oo_lb_to_config | default([]) | count > 0
+
+- name: include openshift-master config
+ import_playbook: ../../openshift-master/private/config.yml
+
+- name: include master additional config
+ import_playbook: ../../openshift-master/private/additional_config.yml
+
+- name: include master additional config
+ import_playbook: ../../openshift-node/private/config.yml
+
+- name: include openshift-glusterfs
+ import_playbook: ../../openshift-glusterfs/private/config.yml
+ when: groups.oo_glusterfs_to_config | default([]) | count > 0
diff --git a/playbooks/aws/openshift-cluster/lookup_plugins b/playbooks/aws/openshift-cluster/lookup_plugins
deleted file mode 120000
index ac79701db..000000000
--- a/playbooks/aws/openshift-cluster/lookup_plugins
+++ /dev/null
@@ -1 +0,0 @@
-../../../lookup_plugins \ No newline at end of file
diff --git a/playbooks/aws/openshift-cluster/prerequisites.yml b/playbooks/aws/openshift-cluster/prerequisites.yml
index df77fe3bc..0afcce331 100644
--- a/playbooks/aws/openshift-cluster/prerequisites.yml
+++ b/playbooks/aws/openshift-cluster/prerequisites.yml
@@ -1,8 +1,6 @@
---
-- include: provision_vpc.yml
+- import_playbook: provision_vpc.yml
-- include: provision_ssh_keypair.yml
+- import_playbook: provision_ssh_keypair.yml
-- include: provision_sec_group.yml
- vars:
- openshift_aws_node_group_type: compute
+- import_playbook: provision_sec_group.yml
diff --git a/playbooks/aws/openshift-cluster/provision_install.yml b/playbooks/aws/openshift-cluster/provision_install.yml
index e787deced..f98f5be9a 100644
--- a/playbooks/aws/openshift-cluster/provision_install.yml
+++ b/playbooks/aws/openshift-cluster/provision_install.yml
@@ -4,13 +4,16 @@
# this playbook is run with the following parameters:
# ansible-playbook -i openshift-ansible-inventory provision_install.yml
- name: Include the provision.yml playbook to create cluster
- include: provision.yml
+ import_playbook: provision.yml
-- name: Include the install.yml playbook to install cluster
- include: install.yml
+- name: Include the install.yml playbook to install cluster on masters
+ import_playbook: install.yml
-- name: Include the install.yml playbook to install cluster
- include: provision_nodes.yml
+- name: provision the infra/compute playbook to install node resources
+ import_playbook: provision_nodes.yml
- name: Include the accept.yml playbook to accept nodes into the cluster
- include: accept.yml
+ import_playbook: accept.yml
+
+- name: Include the hosted.yml playbook to finish the hosted configuration
+ import_playbook: hosted.yml
diff --git a/playbooks/aws/openshift-cluster/provision_sec_group.yml b/playbooks/aws/openshift-cluster/provision_sec_group.yml
index 039357adb..7d74a691a 100644
--- a/playbooks/aws/openshift-cluster/provision_sec_group.yml
+++ b/playbooks/aws/openshift-cluster/provision_sec_group.yml
@@ -6,7 +6,7 @@
connection: local
gather_facts: no
tasks:
- - name: create an instance and prepare for ami
+ - name: create security groups
include_role:
name: openshift_aws
tasks_from: security_group.yml
diff --git a/playbooks/aws/provisioning-inventory.example.ini b/playbooks/aws/provisioning-inventory.example.ini
index 238a7eb2f..cf76c9d10 100644
--- a/playbooks/aws/provisioning-inventory.example.ini
+++ b/playbooks/aws/provisioning-inventory.example.ini
@@ -11,6 +11,7 @@ etcd
openshift_deployment_type=origin
openshift_master_bootstrap_enabled=True
+openshift_master_api_port=443
openshift_hosted_router_wait=False
openshift_hosted_registry_wait=False
diff --git a/playbooks/byo/config.yml b/playbooks/byo/config.yml
deleted file mode 100644
index 7d03914a2..000000000
--- a/playbooks/byo/config.yml
+++ /dev/null
@@ -1,2 +0,0 @@
----
-- include: openshift-cluster/config.yml
diff --git a/playbooks/byo/filter_plugins b/playbooks/byo/filter_plugins
deleted file mode 120000
index a4f518f07..000000000
--- a/playbooks/byo/filter_plugins
+++ /dev/null
@@ -1 +0,0 @@
-../../filter_plugins \ No newline at end of file
diff --git a/playbooks/byo/lookup_plugins b/playbooks/byo/lookup_plugins
deleted file mode 120000
index c528bcd1d..000000000
--- a/playbooks/byo/lookup_plugins
+++ /dev/null
@@ -1 +0,0 @@
-../../lookup_plugins \ No newline at end of file
diff --git a/playbooks/byo/openshift-checks/README.md b/playbooks/byo/openshift-checks/README.md
deleted file mode 100644
index b26e7d7ed..000000000
--- a/playbooks/byo/openshift-checks/README.md
+++ /dev/null
@@ -1,104 +0,0 @@
-# OpenShift health checks
-
-This directory contains Ansible playbooks for detecting potential problems prior
-to an install, as well as health checks to run on existing OpenShift clusters.
-
-Ansible's default operation mode is to fail fast, on the first error. However,
-when performing checks, it is useful to gather as much information about
-problems as possible in a single run.
-
-Thus, the playbooks run a battery of checks against the inventory hosts and
-gather intermediate errors, giving a more complete diagnostic of the state of
-each host. If any check failed, the playbook run will be marked as failed.
-
-To facilitate understanding the problems that were encountered, a custom
-callback plugin summarizes execution errors at the end of a playbook run.
-
-## Available playbooks
-
-1. Pre-install playbook ([pre-install.yml](pre-install.yml)) - verifies system
- requirements and look for common problems that can prevent a successful
- installation of a production cluster.
-
-2. Diagnostic playbook ([health.yml](health.yml)) - check an existing cluster
- for known signs of problems.
-
-3. Certificate expiry playbooks ([certificate_expiry](certificate_expiry)) -
- check that certificates in use are valid and not expiring soon.
-
-4. Adhoc playbook ([adhoc.yml](adhoc.yml)) - use it to run adhoc checks or to
- list existing checks.
- See the [next section](#the-adhoc-playbook) for a usage example.
-
-## Running
-
-With a [recent installation of Ansible](../../../README.md#setup), run the playbook
-against your inventory file. Here is the step-by-step:
-
-1. If you haven't done it yet, clone this repository:
-
- ```console
- $ git clone https://github.com/openshift/openshift-ansible
- $ cd openshift-ansible
- ```
-
-2. Install the [dependencies](../../../README.md#setup)
-
-3. Run the appropriate playbook:
-
- ```console
- $ ansible-playbook -i <inventory file> playbooks/byo/openshift-checks/pre-install.yml
- ```
-
- or
-
- ```console
- $ ansible-playbook -i <inventory file> playbooks/byo/openshift-checks/health.yml
- ```
-
- or
-
- ```console
- $ ansible-playbook -i <inventory file> playbooks/byo/openshift-checks/certificate_expiry/default.yaml -v
- ```
-
-### The adhoc playbook
-
-The adhoc playbook gives flexibility to run any check or a custom group of
-checks. What will be run is determined by the `openshift_checks` variable,
-which, among other ways supported by Ansible, can be set on the command line
-using the `-e` flag.
-
-For example, to run the `docker_storage` check:
-
-```console
-$ ansible-playbook -i <inventory file> playbooks/byo/openshift-checks/adhoc.yml -e openshift_checks=docker_storage
-```
-
-To run more checks, use a comma-separated list of check names:
-
-```console
-$ ansible-playbook -i <inventory file> playbooks/byo/openshift-checks/adhoc.yml -e openshift_checks=docker_storage,disk_availability
-```
-
-To run an entire class of checks, use the name of a check group tag, prefixed by `@`. This will run all checks tagged `preflight`:
-
-```console
-$ ansible-playbook -i <inventory file> playbooks/byo/openshift-checks/adhoc.yml -e openshift_checks=@preflight
-```
-
-It is valid to specify multiple check tags and individual check names together
-in a comma-separated list.
-
-To list all of the available checks and tags, run the adhoc playbook without
-setting the `openshift_checks` variable:
-
-```console
-$ ansible-playbook -i <inventory file> playbooks/byo/openshift-checks/adhoc.yml
-```
-
-## Running in a container
-
-This repository is built into a Docker image including Ansible so that it can
-be run anywhere Docker is available, without the need to manually install dependencies.
-Instructions for doing so may be found [in the README](../../../README_CONTAINER_IMAGE.md).
diff --git a/playbooks/byo/openshift-checks/adhoc.yml b/playbooks/byo/openshift-checks/adhoc.yml
deleted file mode 100644
index 226bed732..000000000
--- a/playbooks/byo/openshift-checks/adhoc.yml
+++ /dev/null
@@ -1,27 +0,0 @@
----
-# NOTE: ideally this would be just part of a single play in
-# common/openshift-checks/adhoc.yml that lists the existing checks when
-# openshift_checks is not set or run the requested checks. However, to actually
-# run the checks we need to have the included dependencies to run first and that
-# takes time. To speed up listing checks, we use this separate play that runs
-# before the include of dependencies to save time and improve the UX.
-- name: OpenShift health checks
- # NOTE: though the openshift_checks variable could be potentially defined on
- # individual hosts while not defined for localhost, we do not support that
- # usage. Running this play only in localhost speeds up execution.
- hosts: localhost
- connection: local
- roles:
- - openshift_health_checker
- vars:
- - r_openshift_health_checker_playbook_context: adhoc
- pre_tasks:
- - name: List known health checks
- action: openshift_health_check
- when: openshift_checks is undefined or not openshift_checks
-
-- include: ../openshift-cluster/initialize_groups.yml
-
-- include: ../../common/openshift-cluster/std_include.yml
-
-- include: ../../common/openshift-checks/adhoc.yml
diff --git a/playbooks/byo/openshift-checks/certificate_expiry/roles b/playbooks/byo/openshift-checks/certificate_expiry/roles
deleted file mode 120000
index 4bdbcbad3..000000000
--- a/playbooks/byo/openshift-checks/certificate_expiry/roles
+++ /dev/null
@@ -1 +0,0 @@
-../../../../roles \ No newline at end of file
diff --git a/playbooks/byo/openshift-checks/health.yml b/playbooks/byo/openshift-checks/health.yml
deleted file mode 100644
index 96a71e4dc..000000000
--- a/playbooks/byo/openshift-checks/health.yml
+++ /dev/null
@@ -1,6 +0,0 @@
----
-- include: ../openshift-cluster/initialize_groups.yml
-
-- include: ../../common/openshift-cluster/std_include.yml
-
-- include: ../../common/openshift-checks/health.yml
diff --git a/playbooks/byo/openshift-checks/pre-install.yml b/playbooks/byo/openshift-checks/pre-install.yml
deleted file mode 100644
index dd93df0bb..000000000
--- a/playbooks/byo/openshift-checks/pre-install.yml
+++ /dev/null
@@ -1,6 +0,0 @@
----
-- include: ../openshift-cluster/initialize_groups.yml
-
-- include: ../../common/openshift-cluster/std_include.yml
-
-- include: ../../common/openshift-checks/pre-install.yml
diff --git a/playbooks/byo/openshift-cluster/config.yml b/playbooks/byo/openshift-cluster/config.yml
deleted file mode 100644
index f2e52782b..000000000
--- a/playbooks/byo/openshift-cluster/config.yml
+++ /dev/null
@@ -1,10 +0,0 @@
----
-- include: initialize_groups.yml
- tags:
- - always
-
-- include: ../../common/openshift-cluster/std_include.yml
- tags:
- - always
-
-- include: ../../common/openshift-cluster/config.yml
diff --git a/playbooks/byo/openshift-cluster/enable_dnsmasq.yml b/playbooks/byo/openshift-cluster/enable_dnsmasq.yml
deleted file mode 100644
index 9ce8f0d3c..000000000
--- a/playbooks/byo/openshift-cluster/enable_dnsmasq.yml
+++ /dev/null
@@ -1,4 +0,0 @@
----
-- include: initialize_groups.yml
-
-- include: ../../common/openshift-cluster/enable_dnsmasq.yml
diff --git a/playbooks/byo/openshift-cluster/filter_plugins b/playbooks/byo/openshift-cluster/filter_plugins
deleted file mode 120000
index 99a95e4ca..000000000
--- a/playbooks/byo/openshift-cluster/filter_plugins
+++ /dev/null
@@ -1 +0,0 @@
-../../../filter_plugins \ No newline at end of file
diff --git a/playbooks/byo/openshift-cluster/initialize_groups.yml b/playbooks/byo/openshift-cluster/initialize_groups.yml
deleted file mode 100644
index 2a725510a..000000000
--- a/playbooks/byo/openshift-cluster/initialize_groups.yml
+++ /dev/null
@@ -1,10 +0,0 @@
----
-- name: Create initial host groups for localhost
- hosts: localhost
- connection: local
- become: no
- gather_facts: no
- tags:
- - always
- tasks:
- - include_vars: cluster_hosts.yml
diff --git a/playbooks/byo/openshift-cluster/lookup_plugins b/playbooks/byo/openshift-cluster/lookup_plugins
deleted file mode 120000
index ac79701db..000000000
--- a/playbooks/byo/openshift-cluster/lookup_plugins
+++ /dev/null
@@ -1 +0,0 @@
-../../../lookup_plugins \ No newline at end of file
diff --git a/playbooks/byo/openshift-cluster/openshift-hosted.yml b/playbooks/byo/openshift-cluster/openshift-hosted.yml
deleted file mode 100644
index edd4c8d7b..000000000
--- a/playbooks/byo/openshift-cluster/openshift-hosted.yml
+++ /dev/null
@@ -1,6 +0,0 @@
----
-- include: initialize_groups.yml
-
-- include: ../../common/openshift-cluster/std_include.yml
-
-- include: ../../common/openshift-cluster/openshift_hosted.yml
diff --git a/playbooks/byo/openshift-cluster/openshift-logging.yml b/playbooks/byo/openshift-cluster/openshift-logging.yml
deleted file mode 100644
index a523bb47f..000000000
--- a/playbooks/byo/openshift-cluster/openshift-logging.yml
+++ /dev/null
@@ -1,15 +0,0 @@
----
-#
-# This playbook is a preview of upcoming changes for installing
-# Hosted logging on. See inventory/byo/hosts.*.example for the
-# currently supported method.
-#
-- include: initialize_groups.yml
- tags:
- - always
-
-- include: ../../common/openshift-cluster/std_include.yml
- tags:
- - always
-
-- include: ../../common/openshift-cluster/openshift_logging.yml
diff --git a/playbooks/byo/openshift-cluster/openshift-metrics.yml b/playbooks/byo/openshift-cluster/openshift-metrics.yml
deleted file mode 100644
index 1135c8c11..000000000
--- a/playbooks/byo/openshift-cluster/openshift-metrics.yml
+++ /dev/null
@@ -1,10 +0,0 @@
----
-- include: initialize_groups.yml
- tags:
- - always
-
-- include: ../../common/openshift-cluster/std_include.yml
- tags:
- - always
-
-- include: ../../common/openshift-cluster/openshift_metrics.yml
diff --git a/playbooks/byo/openshift-cluster/openshift-prometheus.yml b/playbooks/byo/openshift-cluster/openshift-prometheus.yml
deleted file mode 100644
index 4d3f7f42c..000000000
--- a/playbooks/byo/openshift-cluster/openshift-prometheus.yml
+++ /dev/null
@@ -1,6 +0,0 @@
----
-- include: initialize_groups.yml
-
-- include: ../../common/openshift-cluster/std_include.yml
-
-- include: ../../common/openshift-cluster/openshift_prometheus.yml
diff --git a/playbooks/byo/openshift-cluster/openshift-provisioners.yml b/playbooks/byo/openshift-cluster/openshift-provisioners.yml
deleted file mode 100644
index 8e80f158b..000000000
--- a/playbooks/byo/openshift-cluster/openshift-provisioners.yml
+++ /dev/null
@@ -1,6 +0,0 @@
----
-- include: initialize_groups.yml
-
-- include: ../../common/openshift-cluster/std_include.yml
-
-- include: ../../common/openshift-cluster/openshift_provisioners.yml
diff --git a/playbooks/byo/openshift-cluster/redeploy-certificates.yml b/playbooks/byo/openshift-cluster/redeploy-certificates.yml
deleted file mode 100644
index 255b0dbf7..000000000
--- a/playbooks/byo/openshift-cluster/redeploy-certificates.yml
+++ /dev/null
@@ -1,44 +0,0 @@
----
-- include: initialize_groups.yml
- tags:
- - always
-
-- include: ../../common/openshift-cluster/std_include.yml
- tags:
- - always
-
-- include: ../../common/openshift-cluster/redeploy-certificates/check-expiry.yml
- vars:
- g_check_expiry_hosts: 'oo_etcd_to_config'
-
-- include: ../../common/openshift-cluster/redeploy-certificates/etcd-backup.yml
-
-- include: ../../common/openshift-etcd/certificates.yml
- vars:
- etcd_certificates_redeploy: true
-
-- include: ../../common/openshift-cluster/redeploy-certificates/masters-backup.yml
-
-- include: ../../common/openshift-master/certificates.yml
- vars:
- openshift_certificates_redeploy: true
-
-- include: ../../common/openshift-cluster/redeploy-certificates/nodes-backup.yml
-
-- include: ../../common/openshift-node/certificates.yml
- vars:
- openshift_certificates_redeploy: true
-
-- include: ../../common/openshift-etcd/restart.yml
- vars:
- g_etcd_certificates_expired: "{{ ('expired' in (hostvars | oo_select_keys(groups['etcd']) | oo_collect('check_results.check_results.etcd') | oo_collect('health'))) | bool }}"
-
-- include: ../../common/openshift-master/restart.yml
-
-- include: ../../common/openshift-node/restart.yml
-
-- include: ../../common/openshift-cluster/redeploy-certificates/router.yml
- when: openshift_hosted_manage_router | default(true) | bool
-
-- include: ../../common/openshift-cluster/redeploy-certificates/registry.yml
- when: openshift_hosted_manage_registry | default(true) | bool
diff --git a/playbooks/byo/openshift-cluster/redeploy-etcd-ca.yml b/playbooks/byo/openshift-cluster/redeploy-etcd-ca.yml
deleted file mode 100644
index 29f821eda..000000000
--- a/playbooks/byo/openshift-cluster/redeploy-etcd-ca.yml
+++ /dev/null
@@ -1,10 +0,0 @@
----
-- include: initialize_groups.yml
- tags:
- - always
-
-- include: ../../common/openshift-cluster/std_include.yml
- tags:
- - always
-
-- include: ../../common/openshift-cluster/redeploy-certificates/etcd-ca.yml
diff --git a/playbooks/byo/openshift-cluster/redeploy-etcd-certificates.yml b/playbooks/byo/openshift-cluster/redeploy-etcd-certificates.yml
deleted file mode 100644
index f4f2ce00d..000000000
--- a/playbooks/byo/openshift-cluster/redeploy-etcd-certificates.yml
+++ /dev/null
@@ -1,24 +0,0 @@
----
-- include: initialize_groups.yml
- tags:
- - always
-
-- include: ../../common/openshift-cluster/std_include.yml
- tags:
- - always
-
-- include: ../../common/openshift-cluster/redeploy-certificates/check-expiry.yml
- vars:
- g_check_expiry_hosts: 'oo_etcd_to_config'
-
-- include: ../../common/openshift-cluster/redeploy-certificates/etcd-backup.yml
-
-- include: ../../common/openshift-etcd/certificates.yml
- vars:
- etcd_certificates_redeploy: true
-
-- include: ../../common/openshift-etcd/restart.yml
- vars:
- g_etcd_certificates_expired: "{{ ('expired' in (hostvars | oo_select_keys(groups['etcd']) | oo_collect('check_results.check_results.etcd') | oo_collect('health'))) | bool }}"
-
-- include: ../../common/openshift-master/restart.yml
diff --git a/playbooks/byo/openshift-cluster/redeploy-master-certificates.yml b/playbooks/byo/openshift-cluster/redeploy-master-certificates.yml
deleted file mode 100644
index 049bad8e7..000000000
--- a/playbooks/byo/openshift-cluster/redeploy-master-certificates.yml
+++ /dev/null
@@ -1,16 +0,0 @@
----
-- include: initialize_groups.yml
- tags:
- - always
-
-- include: ../../common/openshift-cluster/std_include.yml
- tags:
- - always
-
-- include: ../../common/openshift-cluster/redeploy-certificates/masters-backup.yml
-
-- include: ../../common/openshift-master/certificates.yml
- vars:
- openshift_certificates_redeploy: true
-
-- include: ../../common/openshift-master/restart.yml
diff --git a/playbooks/byo/openshift-cluster/redeploy-node-certificates.yml b/playbooks/byo/openshift-cluster/redeploy-node-certificates.yml
deleted file mode 100644
index 345b0c689..000000000
--- a/playbooks/byo/openshift-cluster/redeploy-node-certificates.yml
+++ /dev/null
@@ -1,16 +0,0 @@
----
-- include: initialize_groups.yml
- tags:
- - always
-
-- include: ../../common/openshift-cluster/std_include.yml
- tags:
- - always
-
-- include: ../../common/openshift-cluster/redeploy-certificates/nodes-backup.yml
-
-- include: ../../common/openshift-node/certificates.yml
- vars:
- openshift_certificates_redeploy: true
-
-- include: ../../common/openshift-node/restart.yml
diff --git a/playbooks/byo/openshift-cluster/redeploy-openshift-ca.yml b/playbooks/byo/openshift-cluster/redeploy-openshift-ca.yml
deleted file mode 100644
index 6e11a111b..000000000
--- a/playbooks/byo/openshift-cluster/redeploy-openshift-ca.yml
+++ /dev/null
@@ -1,10 +0,0 @@
----
-- include: initialize_groups.yml
- tags:
- - always
-
-- include: ../../common/openshift-cluster/std_include.yml
- tags:
- - always
-
-- include: ../../common/openshift-cluster/redeploy-certificates/openshift-ca.yml
diff --git a/playbooks/byo/openshift-cluster/redeploy-registry-certificates.yml b/playbooks/byo/openshift-cluster/redeploy-registry-certificates.yml
deleted file mode 100644
index 30feabab3..000000000
--- a/playbooks/byo/openshift-cluster/redeploy-registry-certificates.yml
+++ /dev/null
@@ -1,10 +0,0 @@
----
-- include: initialize_groups.yml
- tags:
- - always
-
-- include: ../../common/openshift-cluster/std_include.yml
- tags:
- - always
-
-- include: ../../common/openshift-cluster/redeploy-certificates/registry.yml
diff --git a/playbooks/byo/openshift-cluster/redeploy-router-certificates.yml b/playbooks/byo/openshift-cluster/redeploy-router-certificates.yml
deleted file mode 100644
index 2630fb234..000000000
--- a/playbooks/byo/openshift-cluster/redeploy-router-certificates.yml
+++ /dev/null
@@ -1,10 +0,0 @@
----
-- include: initialize_groups.yml
- tags:
- - always
-
-- include: ../../common/openshift-cluster/std_include.yml
- tags:
- - always
-
-- include: ../../common/openshift-cluster/redeploy-certificates/router.yml
diff --git a/playbooks/byo/openshift-cluster/service-catalog.yml b/playbooks/byo/openshift-cluster/service-catalog.yml
deleted file mode 100644
index 40a7606e7..000000000
--- a/playbooks/byo/openshift-cluster/service-catalog.yml
+++ /dev/null
@@ -1,15 +0,0 @@
----
-#
-# This playbook is a preview of upcoming changes for installing
-# Hosted logging on. See inventory/byo/hosts.*.example for the
-# currently supported method.
-#
-- include: initialize_groups.yml
- tags:
- - always
-
-- include: ../../common/openshift-cluster/std_include.yml
- tags:
- - always
-
-- include: ../../common/openshift-cluster/service_catalog.yml
diff --git a/playbooks/byo/openshift-cluster/upgrades/README.md b/playbooks/byo/openshift-cluster/upgrades/README.md
index 0f64f40f3..d9b1fc2ca 100644
--- a/playbooks/byo/openshift-cluster/upgrades/README.md
+++ b/playbooks/byo/openshift-cluster/upgrades/README.md
@@ -4,6 +4,5 @@ cluster. Additional notes for the associated upgrade playbooks are
provided in their respective directories.
# Upgrades available
+- [OpenShift Container Platform 3.6 to 3.7](v3_7/README.md) (works also to upgrade OpenShift Origin from 3.6.x to 3.7.x)
- [OpenShift Container Platform 3.5 to 3.6](v3_6/README.md) (works also to upgrade OpenShift Origin from 1.5.x to 3.6.x)
-- [OpenShift Container Platform 3.4 to 3.5](v3_5/README.md) (works also to upgrade OpenShift Origin from 1.4.x to 1.5.x)
-- [OpenShift Container Platform 3.3 to 3.4](v3_4/README.md) (works also to upgrade OpenShift Origin from 1.3.x to 1.4.x)
diff --git a/playbooks/byo/openshift-cluster/upgrades/docker/upgrade.yml b/playbooks/byo/openshift-cluster/upgrades/docker/upgrade.yml
index 7f31e26e1..76308465c 100644
--- a/playbooks/byo/openshift-cluster/upgrades/docker/upgrade.yml
+++ b/playbooks/byo/openshift-cluster/upgrades/docker/upgrade.yml
@@ -1,5 +1,5 @@
---
# Playbook to upgrade Docker to the max allowable version for an OpenShift cluster.
-- include: ../../initialize_groups.yml
+- import_playbook: ../../../../init/evaluate_groups.yml
-- include: ../../../../common/openshift-cluster/upgrades/docker/docker_upgrade.yml
+- import_playbook: ../../../../common/openshift-cluster/upgrades/docker/docker_upgrade.yml
diff --git a/playbooks/byo/openshift-cluster/upgrades/upgrade_etcd.yml b/playbooks/byo/openshift-cluster/upgrades/upgrade_etcd.yml
deleted file mode 100644
index 5bd5d64ab..000000000
--- a/playbooks/byo/openshift-cluster/upgrades/upgrade_etcd.yml
+++ /dev/null
@@ -1,6 +0,0 @@
----
-- include: ../initialize_groups.yml
-
-- include: ../../../common/openshift-cluster/evaluate_groups.yml
-
-- include: ../../../common/openshift-cluster/upgrades/etcd/main.yml
diff --git a/playbooks/byo/openshift-cluster/upgrades/v3_3/README.md b/playbooks/byo/openshift-cluster/upgrades/v3_3/README.md
deleted file mode 100644
index 6892f6324..000000000
--- a/playbooks/byo/openshift-cluster/upgrades/v3_3/README.md
+++ /dev/null
@@ -1,18 +0,0 @@
-# v3.3 Major and Minor Upgrade Playbook
-
-## Overview
-This playbook currently performs the
-following steps.
-
- * Upgrade and restart master services
- * Unschedule node.
- * Upgrade and restart docker
- * Upgrade and restart node services
- * Modifies the subset of the configuration necessary
- * Applies the latest cluster policies
- * Updates the default router if one exists
- * Updates the default registry if one exists
- * Updates image streams and quickstarts
-
-## Usage
-ansible-playbook -i ~/ansible-inventory openshift-ansible/playbooks/byo/openshift-cluster/upgrades/v3_3/upgrade.yml
diff --git a/playbooks/byo/openshift-cluster/upgrades/v3_3/upgrade.yml b/playbooks/byo/openshift-cluster/upgrades/v3_3/upgrade.yml
deleted file mode 100644
index 697a18c4d..000000000
--- a/playbooks/byo/openshift-cluster/upgrades/v3_3/upgrade.yml
+++ /dev/null
@@ -1,7 +0,0 @@
----
-#
-# Full Control Plane + Nodes Upgrade
-#
-- include: ../../initialize_groups.yml
-
-- include: ../../../../common/openshift-cluster/upgrades/v3_3/upgrade.yml
diff --git a/playbooks/byo/openshift-cluster/upgrades/v3_3/upgrade_control_plane.yml b/playbooks/byo/openshift-cluster/upgrades/v3_3/upgrade_control_plane.yml
deleted file mode 100644
index 4d284c279..000000000
--- a/playbooks/byo/openshift-cluster/upgrades/v3_3/upgrade_control_plane.yml
+++ /dev/null
@@ -1,16 +0,0 @@
----
-#
-# Control Plane Upgrade Playbook
-#
-# Upgrades masters and Docker (only on standalone etcd hosts)
-#
-# This upgrade does not include:
-# - node service running on masters
-# - docker running on masters
-# - node service running on dedicated nodes
-#
-# You can run the upgrade_nodes.yml playbook after this to upgrade these components separately.
-#
-- include: ../../initialize_groups.yml
-
-- include: ../../../../common/openshift-cluster/upgrades/v3_3/upgrade_control_plane.yml
diff --git a/playbooks/byo/openshift-cluster/upgrades/v3_3/upgrade_nodes.yml b/playbooks/byo/openshift-cluster/upgrades/v3_3/upgrade_nodes.yml
deleted file mode 100644
index 180a2821f..000000000
--- a/playbooks/byo/openshift-cluster/upgrades/v3_3/upgrade_nodes.yml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-#
-# Node Upgrade Playbook
-#
-# Upgrades nodes only, but requires the control plane to have already been upgraded.
-#
-- include: ../../initialize_groups.yml
-
-- include: ../../../../common/openshift-cluster/upgrades/v3_3/upgrade_nodes.yml
diff --git a/playbooks/byo/openshift-cluster/upgrades/v3_4/README.md b/playbooks/byo/openshift-cluster/upgrades/v3_4/README.md
deleted file mode 100644
index 85b807dc6..000000000
--- a/playbooks/byo/openshift-cluster/upgrades/v3_4/README.md
+++ /dev/null
@@ -1,18 +0,0 @@
-# v3.4 Major and Minor Upgrade Playbook
-
-## Overview
-This playbook currently performs the
-following steps.
-
- * Upgrade and restart master services
- * Unschedule node.
- * Upgrade and restart docker
- * Upgrade and restart node services
- * Modifies the subset of the configuration necessary
- * Applies the latest cluster policies
- * Updates the default router if one exists
- * Updates the default registry if one exists
- * Updates image streams and quickstarts
-
-## Usage
-ansible-playbook -i ~/ansible-inventory openshift-ansible/playbooks/byo/openshift-cluster/upgrades/v3_4/upgrade.yml
diff --git a/playbooks/byo/openshift-cluster/upgrades/v3_4/upgrade.yml b/playbooks/byo/openshift-cluster/upgrades/v3_4/upgrade.yml
deleted file mode 100644
index 8cce91b3f..000000000
--- a/playbooks/byo/openshift-cluster/upgrades/v3_4/upgrade.yml
+++ /dev/null
@@ -1,7 +0,0 @@
----
-#
-# Full Control Plane + Nodes Upgrade
-#
-- include: ../../initialize_groups.yml
-
-- include: ../../../../common/openshift-cluster/upgrades/v3_4/upgrade.yml
diff --git a/playbooks/byo/openshift-cluster/upgrades/v3_4/upgrade_control_plane.yml b/playbooks/byo/openshift-cluster/upgrades/v3_4/upgrade_control_plane.yml
deleted file mode 100644
index 8e5d0f5f9..000000000
--- a/playbooks/byo/openshift-cluster/upgrades/v3_4/upgrade_control_plane.yml
+++ /dev/null
@@ -1,16 +0,0 @@
----
-#
-# Control Plane Upgrade Playbook
-#
-# Upgrades masters and Docker (only on standalone etcd hosts)
-#
-# This upgrade does not include:
-# - node service running on masters
-# - docker running on masters
-# - node service running on dedicated nodes
-#
-# You can run the upgrade_nodes.yml playbook after this to upgrade these components separately.
-#
-- include: ../../initialize_groups.yml
-
-- include: ../../../../common/openshift-cluster/upgrades/v3_4/upgrade_control_plane.yml
diff --git a/playbooks/byo/openshift-cluster/upgrades/v3_4/upgrade_nodes.yml b/playbooks/byo/openshift-cluster/upgrades/v3_4/upgrade_nodes.yml
deleted file mode 100644
index d5329b858..000000000
--- a/playbooks/byo/openshift-cluster/upgrades/v3_4/upgrade_nodes.yml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-#
-# Node Upgrade Playbook
-#
-# Upgrades nodes only, but requires the control plane to have already been upgraded.
-#
-- include: ../../initialize_groups.yml
-
-- include: ../../../../common/openshift-cluster/upgrades/v3_4/upgrade_nodes.yml
diff --git a/playbooks/byo/openshift-cluster/upgrades/v3_5/README.md b/playbooks/byo/openshift-cluster/upgrades/v3_5/README.md
deleted file mode 100644
index 53eebe65e..000000000
--- a/playbooks/byo/openshift-cluster/upgrades/v3_5/README.md
+++ /dev/null
@@ -1,18 +0,0 @@
-# v3.5 Major and Minor Upgrade Playbook
-
-## Overview
-This playbook currently performs the
-following steps.
-
- * Upgrade and restart master services
- * Unschedule node.
- * Upgrade and restart docker
- * Upgrade and restart node services
- * Modifies the subset of the configuration necessary
- * Applies the latest cluster policies
- * Updates the default router if one exists
- * Updates the default registry if one exists
- * Updates image streams and quickstarts
-
-## Usage
-ansible-playbook -i ~/ansible-inventory openshift-ansible/playbooks/byo/openshift-cluster/upgrades/v3_5/upgrade.yml
diff --git a/playbooks/byo/openshift-cluster/upgrades/v3_5/upgrade.yml b/playbooks/byo/openshift-cluster/upgrades/v3_5/upgrade.yml
deleted file mode 100644
index f44d55ad2..000000000
--- a/playbooks/byo/openshift-cluster/upgrades/v3_5/upgrade.yml
+++ /dev/null
@@ -1,7 +0,0 @@
----
-#
-# Full Control Plane + Nodes Upgrade
-#
-- include: ../../initialize_groups.yml
-
-- include: ../../../../common/openshift-cluster/upgrades/v3_5/upgrade.yml
diff --git a/playbooks/byo/openshift-cluster/upgrades/v3_5/upgrade_control_plane.yml b/playbooks/byo/openshift-cluster/upgrades/v3_5/upgrade_control_plane.yml
deleted file mode 100644
index 2377713fa..000000000
--- a/playbooks/byo/openshift-cluster/upgrades/v3_5/upgrade_control_plane.yml
+++ /dev/null
@@ -1,16 +0,0 @@
----
-#
-# Control Plane Upgrade Playbook
-#
-# Upgrades masters and Docker (only on standalone etcd hosts)
-#
-# This upgrade does not include:
-# - node service running on masters
-# - docker running on masters
-# - node service running on dedicated nodes
-#
-# You can run the upgrade_nodes.yml playbook after this to upgrade these components separately.
-#
-- include: ../../initialize_groups.yml
-
-- include: ../../../../common/openshift-cluster/upgrades/v3_5/upgrade_control_plane.yml
diff --git a/playbooks/byo/openshift-cluster/upgrades/v3_5/upgrade_nodes.yml b/playbooks/byo/openshift-cluster/upgrades/v3_5/upgrade_nodes.yml
deleted file mode 100644
index 5b3f6ab06..000000000
--- a/playbooks/byo/openshift-cluster/upgrades/v3_5/upgrade_nodes.yml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-#
-# Node Upgrade Playbook
-#
-# Upgrades nodes only, but requires the control plane to have already been upgraded.
-#
-- include: ../../initialize_groups.yml
-
-- include: ../../../../common/openshift-cluster/upgrades/v3_5/upgrade_nodes.yml
diff --git a/playbooks/byo/openshift-cluster/upgrades/v3_6/upgrade.yml b/playbooks/byo/openshift-cluster/upgrades/v3_6/upgrade.yml
index 40120b3e8..0effc68bf 100644
--- a/playbooks/byo/openshift-cluster/upgrades/v3_6/upgrade.yml
+++ b/playbooks/byo/openshift-cluster/upgrades/v3_6/upgrade.yml
@@ -2,6 +2,4 @@
#
# Full Control Plane + Nodes Upgrade
#
-- include: ../../initialize_groups.yml
-
-- include: ../../../../common/openshift-cluster/upgrades/v3_6/upgrade.yml
+- import_playbook: ../../../../common/openshift-cluster/upgrades/v3_6/upgrade.yml
diff --git a/playbooks/byo/openshift-cluster/upgrades/v3_6/upgrade_control_plane.yml b/playbooks/byo/openshift-cluster/upgrades/v3_6/upgrade_control_plane.yml
index 408a4c631..ebced5413 100644
--- a/playbooks/byo/openshift-cluster/upgrades/v3_6/upgrade_control_plane.yml
+++ b/playbooks/byo/openshift-cluster/upgrades/v3_6/upgrade_control_plane.yml
@@ -11,6 +11,4 @@
#
# You can run the upgrade_nodes.yml playbook after this to upgrade these components separately.
#
-- include: ../../initialize_groups.yml
-
-- include: ../../../../common/openshift-cluster/upgrades/v3_6/upgrade_control_plane.yml
+- import_playbook: ../../../../common/openshift-cluster/upgrades/v3_6/upgrade_control_plane.yml
diff --git a/playbooks/byo/openshift-cluster/upgrades/v3_6/upgrade_nodes.yml b/playbooks/byo/openshift-cluster/upgrades/v3_6/upgrade_nodes.yml
index b5f42b804..f2e97fc01 100644
--- a/playbooks/byo/openshift-cluster/upgrades/v3_6/upgrade_nodes.yml
+++ b/playbooks/byo/openshift-cluster/upgrades/v3_6/upgrade_nodes.yml
@@ -4,6 +4,4 @@
#
# Upgrades nodes only, but requires the control plane to have already been upgraded.
#
-- include: ../../initialize_groups.yml
-
-- include: ../../../../common/openshift-cluster/upgrades/v3_6/upgrade_nodes.yml
+- import_playbook: ../../../../common/openshift-cluster/upgrades/v3_6/upgrade_nodes.yml
diff --git a/playbooks/byo/openshift-cluster/upgrades/v3_7/README.md b/playbooks/byo/openshift-cluster/upgrades/v3_7/README.md
index 4bf53be81..914e0f5b2 100644
--- a/playbooks/byo/openshift-cluster/upgrades/v3_7/README.md
+++ b/playbooks/byo/openshift-cluster/upgrades/v3_7/README.md
@@ -1,4 +1,4 @@
-# v3.6 Major and Minor Upgrade Playbook
+# v3.7 Major and Minor Upgrade Playbook
## Overview
This playbook currently performs the following steps.
diff --git a/playbooks/byo/openshift-cluster/upgrades/v3_7/upgrade.yml b/playbooks/byo/openshift-cluster/upgrades/v3_7/upgrade.yml
index e41c29682..f6fedfdff 100644
--- a/playbooks/byo/openshift-cluster/upgrades/v3_7/upgrade.yml
+++ b/playbooks/byo/openshift-cluster/upgrades/v3_7/upgrade.yml
@@ -2,6 +2,4 @@
#
# Full Control Plane + Nodes Upgrade
#
-- include: ../../initialize_groups.yml
-
-- include: ../../../../common/openshift-cluster/upgrades/v3_7/upgrade.yml
+- import_playbook: ../../../../common/openshift-cluster/upgrades/v3_7/upgrade.yml
diff --git a/playbooks/byo/openshift-cluster/upgrades/v3_7/upgrade_control_plane.yml b/playbooks/byo/openshift-cluster/upgrades/v3_7/upgrade_control_plane.yml
index 21e0fd815..b8b5f5762 100644
--- a/playbooks/byo/openshift-cluster/upgrades/v3_7/upgrade_control_plane.yml
+++ b/playbooks/byo/openshift-cluster/upgrades/v3_7/upgrade_control_plane.yml
@@ -11,6 +11,4 @@
#
# You can run the upgrade_nodes.yml playbook after this to upgrade these components separately.
#
-- include: ../../initialize_groups.yml
-
-- include: ../../../../common/openshift-cluster/upgrades/v3_7/upgrade_control_plane.yml
+- import_playbook: ../../../../common/openshift-cluster/upgrades/v3_7/upgrade_control_plane.yml
diff --git a/playbooks/byo/openshift-cluster/upgrades/v3_7/upgrade_nodes.yml b/playbooks/byo/openshift-cluster/upgrades/v3_7/upgrade_nodes.yml
index 0e09d996e..c63f11b30 100644
--- a/playbooks/byo/openshift-cluster/upgrades/v3_7/upgrade_nodes.yml
+++ b/playbooks/byo/openshift-cluster/upgrades/v3_7/upgrade_nodes.yml
@@ -4,6 +4,4 @@
#
# Upgrades nodes only, but requires the control plane to have already been upgraded.
#
-- include: ../../initialize_groups.yml
-
-- include: ../../../../common/openshift-cluster/upgrades/v3_7/upgrade_nodes.yml
+- import_playbook: ../../../../common/openshift-cluster/upgrades/v3_7/upgrade_nodes.yml
diff --git a/playbooks/byo/openshift-cluster/upgrades/v3_7/upgrade_scale_groups.yml b/playbooks/byo/openshift-cluster/upgrades/v3_7/upgrade_scale_groups.yml
new file mode 100644
index 000000000..23a3fcbb5
--- /dev/null
+++ b/playbooks/byo/openshift-cluster/upgrades/v3_7/upgrade_scale_groups.yml
@@ -0,0 +1,7 @@
+---
+#
+# Node Scale Group Upgrade Playbook
+#
+# Upgrades scale group nodes only.
+#
+- import_playbook: ../../../../common/openshift-cluster/upgrades/upgrade_scale_group.yml
diff --git a/playbooks/byo/openshift-cluster/upgrades/v3_8/README.md b/playbooks/byo/openshift-cluster/upgrades/v3_8/README.md
new file mode 100644
index 000000000..815e49c28
--- /dev/null
+++ b/playbooks/byo/openshift-cluster/upgrades/v3_8/README.md
@@ -0,0 +1,20 @@
+# v3.8 Major and Minor Upgrade Playbook
+
+## Overview
+This playbook currently performs the following steps.
+
+ * Upgrade and restart master services
+ * Unschedule node
+ * Upgrade and restart docker
+ * Upgrade and restart node services
+ * Modifies the subset of the configuration necessary
+ * Applies the latest cluster policies
+ * Updates the default router if one exists
+ * Updates the default registry if one exists
+ * Updates image streams and quickstarts
+
+## Usage
+
+```
+ansible-playbook -i ~/ansible-inventory openshift-ansible/playbooks/byo/openshift-cluster/upgrades/v3_8/upgrade.yml
+```
diff --git a/playbooks/byo/openshift-cluster/upgrades/v3_8/upgrade.yml b/playbooks/byo/openshift-cluster/upgrades/v3_8/upgrade.yml
new file mode 100644
index 000000000..c4094aa7e
--- /dev/null
+++ b/playbooks/byo/openshift-cluster/upgrades/v3_8/upgrade.yml
@@ -0,0 +1,5 @@
+---
+#
+# Full Control Plane + Nodes Upgrade
+#
+- import_playbook: ../../../../common/openshift-cluster/upgrades/v3_8/upgrade.yml
diff --git a/playbooks/byo/openshift-cluster/upgrades/v3_8/upgrade_control_plane.yml b/playbooks/byo/openshift-cluster/upgrades/v3_8/upgrade_control_plane.yml
new file mode 100644
index 000000000..5a3aa6288
--- /dev/null
+++ b/playbooks/byo/openshift-cluster/upgrades/v3_8/upgrade_control_plane.yml
@@ -0,0 +1,14 @@
+---
+#
+# Control Plane Upgrade Playbook
+#
+# Upgrades masters and Docker (only on standalone etcd hosts)
+#
+# This upgrade does not include:
+# - node service running on masters
+# - docker running on masters
+# - node service running on dedicated nodes
+#
+# You can run the upgrade_nodes.yml playbook after this to upgrade these components separately.
+#
+- import_playbook: ../../../../common/openshift-cluster/upgrades/v3_8/upgrade_control_plane.yml
diff --git a/playbooks/byo/openshift-cluster/upgrades/v3_8/upgrade_nodes.yml b/playbooks/byo/openshift-cluster/upgrades/v3_8/upgrade_nodes.yml
new file mode 100644
index 000000000..74981cc31
--- /dev/null
+++ b/playbooks/byo/openshift-cluster/upgrades/v3_8/upgrade_nodes.yml
@@ -0,0 +1,7 @@
+---
+#
+# Node Upgrade Playbook
+#
+# Upgrades nodes only, but requires the control plane to have already been upgraded.
+#
+- import_playbook: ../../../../common/openshift-cluster/upgrades/v3_8/upgrade_nodes.yml
diff --git a/playbooks/byo/openshift-cluster/upgrades/v3_9/README.md b/playbooks/byo/openshift-cluster/upgrades/v3_9/README.md
new file mode 100644
index 000000000..0ab3d3a52
--- /dev/null
+++ b/playbooks/byo/openshift-cluster/upgrades/v3_9/README.md
@@ -0,0 +1,20 @@
+# v3.9 Major and Minor Upgrade Playbook
+
+## Overview
+This playbook currently performs the following steps.
+
+ * Upgrade and restart master services
+ * Unschedule node
+ * Upgrade and restart docker
+ * Upgrade and restart node services
+ * Modifies the subset of the configuration necessary
+ * Applies the latest cluster policies
+ * Updates the default router if one exists
+ * Updates the default registry if one exists
+ * Updates image streams and quickstarts
+
+## Usage
+
+```
+ansible-playbook -i ~/ansible-inventory openshift-ansible/playbooks/byo/openshift-cluster/upgrades/v3_9/upgrade.yml
+```
diff --git a/playbooks/byo/openshift-cluster/upgrades/v3_9/upgrade.yml b/playbooks/byo/openshift-cluster/upgrades/v3_9/upgrade.yml
new file mode 100644
index 000000000..a2a9d59f2
--- /dev/null
+++ b/playbooks/byo/openshift-cluster/upgrades/v3_9/upgrade.yml
@@ -0,0 +1,5 @@
+---
+#
+# Full Control Plane + Nodes Upgrade
+#
+- import_playbook: ../../../../common/openshift-cluster/upgrades/v3_9/upgrade.yml
diff --git a/playbooks/byo/openshift-cluster/upgrades/v3_9/upgrade_control_plane.yml b/playbooks/byo/openshift-cluster/upgrades/v3_9/upgrade_control_plane.yml
new file mode 100644
index 000000000..869e185af
--- /dev/null
+++ b/playbooks/byo/openshift-cluster/upgrades/v3_9/upgrade_control_plane.yml
@@ -0,0 +1,14 @@
+---
+#
+# Control Plane Upgrade Playbook
+#
+# Upgrades masters and Docker (only on standalone etcd hosts)
+#
+# This upgrade does not include:
+# - node service running on masters
+# - docker running on masters
+# - node service running on dedicated nodes
+#
+# You can run the upgrade_nodes.yml playbook after this to upgrade these components separately.
+#
+- import_playbook: ../../../../common/openshift-cluster/upgrades/v3_9/upgrade_control_plane.yml
diff --git a/playbooks/byo/openshift-cluster/upgrades/v3_9/upgrade_nodes.yml b/playbooks/byo/openshift-cluster/upgrades/v3_9/upgrade_nodes.yml
new file mode 100644
index 000000000..a5867434b
--- /dev/null
+++ b/playbooks/byo/openshift-cluster/upgrades/v3_9/upgrade_nodes.yml
@@ -0,0 +1,7 @@
+---
+#
+# Node Upgrade Playbook
+#
+# Upgrades nodes only, but requires the control plane to have already been upgraded.
+#
+- import_playbook: ../../../../common/openshift-cluster/upgrades/v3_9/upgrade_nodes.yml
diff --git a/playbooks/byo/openshift-etcd/certificates.yml b/playbooks/byo/openshift-etcd/certificates.yml
deleted file mode 100644
index e35cf243f..000000000
--- a/playbooks/byo/openshift-etcd/certificates.yml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-- include: ../openshift-cluster/initialize_groups.yml
-
-- include: ../../common/openshift-cluster/std_include.yml
-
-- include: ../../common/openshift-etcd/ca.yml
-
-- include: ../../common/openshift-etcd/certificates.yml
diff --git a/playbooks/byo/openshift-etcd/config.yml b/playbooks/byo/openshift-etcd/config.yml
deleted file mode 100644
index 1342bd60c..000000000
--- a/playbooks/byo/openshift-etcd/config.yml
+++ /dev/null
@@ -1,6 +0,0 @@
----
-- include: ../openshift-cluster/initialize_groups.yml
-
-- include: ../../common/openshift-cluster/std_include.yml
-
-- include: ../../common/openshift-etcd/config.yml
diff --git a/playbooks/byo/openshift-etcd/embedded2external.yml b/playbooks/byo/openshift-etcd/embedded2external.yml
deleted file mode 100644
index 6690a7624..000000000
--- a/playbooks/byo/openshift-etcd/embedded2external.yml
+++ /dev/null
@@ -1,6 +0,0 @@
----
-- include: ../openshift-cluster/initialize_groups.yml
-
-- include: ../../common/openshift-cluster/std_include.yml
-
-- include: ../../common/openshift-etcd/embedded2external.yml
diff --git a/playbooks/byo/openshift-etcd/filter_plugins b/playbooks/byo/openshift-etcd/filter_plugins
deleted file mode 120000
index 99a95e4ca..000000000
--- a/playbooks/byo/openshift-etcd/filter_plugins
+++ /dev/null
@@ -1 +0,0 @@
-../../../filter_plugins \ No newline at end of file
diff --git a/playbooks/byo/openshift-etcd/lookup_plugins b/playbooks/byo/openshift-etcd/lookup_plugins
deleted file mode 120000
index ac79701db..000000000
--- a/playbooks/byo/openshift-etcd/lookup_plugins
+++ /dev/null
@@ -1 +0,0 @@
-../../../lookup_plugins \ No newline at end of file
diff --git a/playbooks/byo/openshift-etcd/migrate.yml b/playbooks/byo/openshift-etcd/migrate.yml
deleted file mode 100644
index 2dec2bef6..000000000
--- a/playbooks/byo/openshift-etcd/migrate.yml
+++ /dev/null
@@ -1,6 +0,0 @@
----
-- include: ../openshift-cluster/initialize_groups.yml
-
-- include: ../../common/openshift-cluster/std_include.yml
-
-- include: ../../common/openshift-etcd/migrate.yml
diff --git a/playbooks/byo/openshift-etcd/restart.yml b/playbooks/byo/openshift-etcd/restart.yml
deleted file mode 100644
index 034bba4b4..000000000
--- a/playbooks/byo/openshift-etcd/restart.yml
+++ /dev/null
@@ -1,6 +0,0 @@
----
-- include: ../openshift-cluster/initialize_groups.yml
-
-- include: ../../common/openshift-cluster/std_include.yml
-
-- include: ../../common/openshift-etcd/restart.yml
diff --git a/playbooks/byo/openshift-etcd/scaleup.yml b/playbooks/byo/openshift-etcd/scaleup.yml
deleted file mode 100644
index a2a5856a9..000000000
--- a/playbooks/byo/openshift-etcd/scaleup.yml
+++ /dev/null
@@ -1,6 +0,0 @@
----
-- include: ../openshift-cluster/initialize_groups.yml
-
-- include: ../../common/openshift-cluster/std_include.yml
-
-- include: ../../common/openshift-etcd/scaleup.yml
diff --git a/playbooks/byo/openshift-glusterfs/README.md b/playbooks/byo/openshift-glusterfs/README.md
deleted file mode 100644
index f62aea229..000000000
--- a/playbooks/byo/openshift-glusterfs/README.md
+++ /dev/null
@@ -1,98 +0,0 @@
-# OpenShift GlusterFS Playbooks
-
-These playbooks are intended to enable the use of GlusterFS volumes by pods in
-OpenShift. While they try to provide a sane set of defaults they do cover a
-variety of scenarios and configurations, so read carefully. :)
-
-## Playbook: config.yml
-
-This is the main playbook that integrates GlusterFS into a new or existing
-OpenShift cluster. It will also, if specified, configure a hosted Docker
-registry with GlusterFS backend storage.
-
-This playbook requires the `glusterfs` group to exist in the Ansible inventory
-file. The hosts in this group are the nodes of the GlusterFS cluster.
-
- * If this is a newly configured cluster each host must have a
- `glusterfs_devices` variable defined, each of which must be a list of block
- storage devices intended for use only by the GlusterFS cluster. If this is
- also an external GlusterFS cluster, you must specify
- `openshift_storage_glusterfs_is_native=False`. If the cluster is to be
- managed by an external heketi service you must also specify
- `openshift_storage_glusterfs_heketi_is_native=False` and
- `openshift_storage_glusterfs_heketi_url=<URL>` with the URL to the heketi
- service. All these variables are specified in `[OSEv3:vars]`,
- * If this is an existing cluster you do not need to specify a list of block
- devices but you must specify the following variables in `[OSEv3:vars]`:
- * `openshift_storage_glusterfs_is_missing=False`
- * `openshift_storage_glusterfs_heketi_is_missing=False`
-
-By default, pods for a native GlusterFS cluster will be created in the
-`default` namespace. To change this, specify
-`openshift_storage_glusterfs_namespace=<other namespace>` in `[OSEv3:vars]`.
-
-To configure the deployment of a Docker registry with GlusterFS backend
-storage, specify `openshift_hosted_registry_storage_kind=glusterfs` in
-`[OSEv3:vars]`. To create a separate GlusterFS cluster for use only by the
-registry, specify a `glusterfs_registry` group that is populated as the
-`glusterfs` is with the nodes for the separate cluster. If no
-`glusterfs_registry` group is specified, the cluster defined by the `glusterfs`
-group will be used.
-
-To swap an existing hosted registry's backend storage for a GlusterFS volume,
-specify `openshift_hosted_registry_storage_glusterfs_swap=True`. To
-additoinally copy any existing contents from an existing hosted registry,
-specify `openshift_hosted_registry_storage_glusterfs_swapcopy=True`.
-
-**NOTE:** For each namespace that is to have access to GlusterFS volumes an
-Enpoints resource pointing to the GlusterFS cluster nodes and a corresponding
-Service resource must be created. If dynamic provisioning using StorageClasses
-is configure, these resources are created automatically in the namespaces that
-require them. This playbook also takes care of creating these resources in the
-namespaces used for deployment.
-
-An example of a minimal inventory file:
-```
-[OSEv3:children]
-masters
-nodes
-glusterfs
-
-[OSEv3:vars]
-ansible_ssh_user=root
-deployment_type=origin
-
-[masters]
-master
-
-[nodes]
-node0
-node1
-node2
-
-[glusterfs]
-node0 glusterfs_devices='[ "/dev/sdb" ]'
-node1 glusterfs_devices='[ "/dev/sdb", "/dev/sdc" ]'
-node2 glusterfs_devices='[ "/dev/sdd" ]'
-```
-
-## Playbook: registry.yml
-
-This playbook is intended for admins who want to deploy a hosted Docker
-registry with GlusterFS backend storage on an existing OpenShift cluster. It
-has all the same requirements and behaviors as `config.yml`.
-
-## Role: openshift_storage_glusterfs
-
-The bulk of the work is done by the `openshift_storage_glusterfs` role. This
-role can handle the deployment of GlusterFS (if it is to be hosted on the
-OpenShift cluster), the registration of GlusterFS nodes (hosted or standalone),
-and (if specified) integration as backend storage for a hosted Docker registry.
-
-See the documentation in the role's directory for further details.
-
-## Role: openshift_hosted
-
-The `openshift_hosted` role recognizes `glusterfs` as a possible storage
-backend for a hosted docker registry. It will also, if configured, handle the
-swap of an existing registry's backend storage to a GlusterFS volume.
diff --git a/playbooks/byo/openshift-glusterfs/config.yml b/playbooks/byo/openshift-glusterfs/config.yml
deleted file mode 100644
index 3f11f3991..000000000
--- a/playbooks/byo/openshift-glusterfs/config.yml
+++ /dev/null
@@ -1,10 +0,0 @@
----
-- include: ../openshift-cluster/initialize_groups.yml
- tags:
- - always
-
-- include: ../../common/openshift-cluster/std_include.yml
- tags:
- - always
-
-- include: ../../common/openshift-glusterfs/config.yml
diff --git a/playbooks/byo/openshift-glusterfs/filter_plugins b/playbooks/byo/openshift-glusterfs/filter_plugins
deleted file mode 120000
index 99a95e4ca..000000000
--- a/playbooks/byo/openshift-glusterfs/filter_plugins
+++ /dev/null
@@ -1 +0,0 @@
-../../../filter_plugins \ No newline at end of file
diff --git a/playbooks/byo/openshift-glusterfs/lookup_plugins b/playbooks/byo/openshift-glusterfs/lookup_plugins
deleted file mode 120000
index ac79701db..000000000
--- a/playbooks/byo/openshift-glusterfs/lookup_plugins
+++ /dev/null
@@ -1 +0,0 @@
-../../../lookup_plugins \ No newline at end of file
diff --git a/playbooks/byo/openshift-glusterfs/registry.yml b/playbooks/byo/openshift-glusterfs/registry.yml
deleted file mode 100644
index 6ee6febdb..000000000
--- a/playbooks/byo/openshift-glusterfs/registry.yml
+++ /dev/null
@@ -1,10 +0,0 @@
----
-- include: ../openshift-cluster/initialize_groups.yml
- tags:
- - always
-
-- include: ../../common/openshift-cluster/std_include.yml
- tags:
- - always
-
-- include: ../../common/openshift-glusterfs/registry.yml
diff --git a/playbooks/byo/openshift-loadbalancer/config.yml b/playbooks/byo/openshift-loadbalancer/config.yml
deleted file mode 100644
index 32c828f97..000000000
--- a/playbooks/byo/openshift-loadbalancer/config.yml
+++ /dev/null
@@ -1,6 +0,0 @@
----
-- include: ../openshift-cluster/initialize_groups.yml
-
-- include: ../../common/openshift-cluster/std_include.yml
-
-- include: ../../common/openshift-loadbalancer/config.yml
diff --git a/playbooks/byo/openshift-management/add_container_provider.yml b/playbooks/byo/openshift-management/add_container_provider.yml
deleted file mode 100644
index 3378b5abd..000000000
--- a/playbooks/byo/openshift-management/add_container_provider.yml
+++ /dev/null
@@ -1,6 +0,0 @@
----
-- include: ../openshift-cluster/initialize_groups.yml
-
-- include: ../../common/openshift-cluster/evaluate_groups.yml
-
-- include: ../../common/openshift-management/add_container_provider.yml
diff --git a/playbooks/byo/openshift-management/config.yml b/playbooks/byo/openshift-management/config.yml
deleted file mode 100644
index 209c66502..000000000
--- a/playbooks/byo/openshift-management/config.yml
+++ /dev/null
@@ -1,6 +0,0 @@
----
-- include: ../openshift-cluster/initialize_groups.yml
-
-- include: ../../common/openshift-cluster/std_include.yml
-
-- include: ../../common/openshift-management/config.yml
diff --git a/playbooks/byo/openshift-management/uninstall.yml b/playbooks/byo/openshift-management/uninstall.yml
deleted file mode 100644
index e95c1c88a..000000000
--- a/playbooks/byo/openshift-management/uninstall.yml
+++ /dev/null
@@ -1,2 +0,0 @@
----
-- include: ../../common/openshift-management/uninstall.yml
diff --git a/playbooks/byo/openshift-master/additional_config.yml b/playbooks/byo/openshift-master/additional_config.yml
deleted file mode 100644
index b3d7b5731..000000000
--- a/playbooks/byo/openshift-master/additional_config.yml
+++ /dev/null
@@ -1,6 +0,0 @@
----
-- include: ../openshift-cluster/initialize_groups.yml
-
-- include: ../../common/openshift-cluster/std_include.yml
-
-- include: ../../common/openshift-master/additional_config.yml
diff --git a/playbooks/byo/openshift-master/certificates.yml b/playbooks/byo/openshift-master/certificates.yml
deleted file mode 100644
index e147dcba1..000000000
--- a/playbooks/byo/openshift-master/certificates.yml
+++ /dev/null
@@ -1,6 +0,0 @@
----
-- include: ../openshift-cluster/initialize_groups.yml
-
-- include: ../../common/openshift-cluster/std_include.yml
-
-- include: ../../common/openshift-master/certificates.yml
diff --git a/playbooks/byo/openshift-master/config.yml b/playbooks/byo/openshift-master/config.yml
deleted file mode 100644
index 98be0c448..000000000
--- a/playbooks/byo/openshift-master/config.yml
+++ /dev/null
@@ -1,6 +0,0 @@
----
-- include: ../openshift-cluster/initialize_groups.yml
-
-- include: ../../common/openshift-cluster/std_include.yml
-
-- include: ../../common/openshift-master/config.yml
diff --git a/playbooks/byo/openshift-master/filter_plugins b/playbooks/byo/openshift-master/filter_plugins
deleted file mode 120000
index 99a95e4ca..000000000
--- a/playbooks/byo/openshift-master/filter_plugins
+++ /dev/null
@@ -1 +0,0 @@
-../../../filter_plugins \ No newline at end of file
diff --git a/playbooks/byo/openshift-master/lookup_plugins b/playbooks/byo/openshift-master/lookup_plugins
deleted file mode 120000
index ac79701db..000000000
--- a/playbooks/byo/openshift-master/lookup_plugins
+++ /dev/null
@@ -1 +0,0 @@
-../../../lookup_plugins \ No newline at end of file
diff --git a/playbooks/byo/openshift-master/restart.yml b/playbooks/byo/openshift-master/restart.yml
deleted file mode 100644
index 8950efd00..000000000
--- a/playbooks/byo/openshift-master/restart.yml
+++ /dev/null
@@ -1,6 +0,0 @@
----
-- include: ../openshift-cluster/initialize_groups.yml
-
-- include: ../../common/openshift-cluster/std_include.yml
-
-- include: ../../common/openshift-master/restart.yml
diff --git a/playbooks/byo/openshift-master/scaleup.yml b/playbooks/byo/openshift-master/scaleup.yml
deleted file mode 100644
index a09edd55a..000000000
--- a/playbooks/byo/openshift-master/scaleup.yml
+++ /dev/null
@@ -1,20 +0,0 @@
----
-- include: ../openshift-cluster/initialize_groups.yml
-
-- name: Ensure there are new_masters or new_nodes
- hosts: localhost
- connection: local
- become: no
- gather_facts: no
- tasks:
- - fail:
- msg: >
- Detected no new_masters or no new_nodes in inventory. Please
- add hosts to the new_masters and new_nodes host groups to add
- masters.
- when:
- - (g_new_master_hosts | default([]) | length == 0) and (g_new_node_hosts | default([]) | length == 0)
-
-- include: ../../common/openshift-cluster/std_include.yml
-
-- include: ../../common/openshift-master/scaleup.yml
diff --git a/playbooks/byo/openshift-nfs/config.yml b/playbooks/byo/openshift-nfs/config.yml
deleted file mode 100644
index 93b24411e..000000000
--- a/playbooks/byo/openshift-nfs/config.yml
+++ /dev/null
@@ -1,6 +0,0 @@
----
-- include: ../openshift-cluster/initialize_groups.yml
-
-- include: ../../common/openshift-cluster/std_include.yml
-
-- include: ../../common/openshift-nfs/config.yml
diff --git a/playbooks/byo/openshift-node/certificates.yml b/playbooks/byo/openshift-node/certificates.yml
deleted file mode 100644
index 3d2de74a9..000000000
--- a/playbooks/byo/openshift-node/certificates.yml
+++ /dev/null
@@ -1,6 +0,0 @@
----
-- include: ../openshift-cluster/initialize_groups.yml
-
-- include: ../../common/openshift-cluster/std_include.yml
-
-- include: ../../common/openshift-node/certificates.yml
diff --git a/playbooks/byo/openshift-node/config.yml b/playbooks/byo/openshift-node/config.yml
deleted file mode 100644
index 839dc36ff..000000000
--- a/playbooks/byo/openshift-node/config.yml
+++ /dev/null
@@ -1,6 +0,0 @@
----
-- include: ../openshift-cluster/initialize_groups.yml
-
-- include: ../../common/openshift-cluster/std_include.yml
-
-- include: ../../common/openshift-node/config.yml
diff --git a/playbooks/byo/openshift-node/filter_plugins b/playbooks/byo/openshift-node/filter_plugins
deleted file mode 120000
index 99a95e4ca..000000000
--- a/playbooks/byo/openshift-node/filter_plugins
+++ /dev/null
@@ -1 +0,0 @@
-../../../filter_plugins \ No newline at end of file
diff --git a/playbooks/byo/openshift-node/lookup_plugins b/playbooks/byo/openshift-node/lookup_plugins
deleted file mode 120000
index ac79701db..000000000
--- a/playbooks/byo/openshift-node/lookup_plugins
+++ /dev/null
@@ -1 +0,0 @@
-../../../lookup_plugins \ No newline at end of file
diff --git a/playbooks/byo/openshift-node/network_manager.yml b/playbooks/byo/openshift-node/network_manager.yml
deleted file mode 100644
index b23692237..000000000
--- a/playbooks/byo/openshift-node/network_manager.yml
+++ /dev/null
@@ -1,4 +0,0 @@
----
-- include: ../openshift-cluster/initialize_groups.yml
-
-- include: ../../common/openshift-node/network_manager.yml
diff --git a/playbooks/byo/openshift-node/restart.yml b/playbooks/byo/openshift-node/restart.yml
deleted file mode 100644
index ccf9e82da..000000000
--- a/playbooks/byo/openshift-node/restart.yml
+++ /dev/null
@@ -1,6 +0,0 @@
----
-- include: ../openshift-cluster/initialize_groups.yml
-
-- include: ../../common/openshift-cluster/std_include.yml
-
-- include: ../../common/openshift-node/restart.yml
diff --git a/playbooks/byo/openshift-node/scaleup.yml b/playbooks/byo/openshift-node/scaleup.yml
deleted file mode 100644
index e0c36fb69..000000000
--- a/playbooks/byo/openshift-node/scaleup.yml
+++ /dev/null
@@ -1,19 +0,0 @@
----
-- include: ../openshift-cluster/initialize_groups.yml
-
-- name: Ensure there are new_nodes
- hosts: localhost
- connection: local
- become: no
- gather_facts: no
- tasks:
- - fail:
- msg: >
- Detected no new_nodes in inventory. Please add hosts to the
- new_nodes host group to add nodes.
- when:
- - g_new_node_hosts | default([]) | length == 0
-
-- include: ../../common/openshift-cluster/std_include.yml
-
-- include: ../../common/openshift-node/config.yml
diff --git a/playbooks/byo/openshift-preflight/check.yml b/playbooks/byo/openshift-preflight/check.yml
deleted file mode 100644
index 2e53452a6..000000000
--- a/playbooks/byo/openshift-preflight/check.yml
+++ /dev/null
@@ -1,3 +0,0 @@
----
-# location is moved; this file remains so existing instructions keep working
-- include: ../openshift-checks/pre-install.yml
diff --git a/playbooks/byo/openshift_facts.yml b/playbooks/byo/openshift_facts.yml
index a8c1c3a88..85a65b7e1 100644
--- a/playbooks/byo/openshift_facts.yml
+++ b/playbooks/byo/openshift_facts.yml
@@ -1,19 +1,12 @@
---
-- include: openshift-cluster/initialize_groups.yml
- tags:
- - always
-
-- include: ../common/openshift-cluster/std_include.yml
- tags:
- - always
+- import_playbook: ../init/main.yml
- name: Gather Cluster facts
- # Temporarily reverting to OSEv3 until group standardization is complete
- hosts: OSEv3
+ hosts: oo_all_hosts
roles:
- openshift_facts
tasks:
- - openshift_facts:
- openshift_env: "{{ hostvars[inventory_hostname] | oo_openshift_env }}"
+ - openshift_facts: {}
register: result
- - debug: var=result
+ - debug:
+ var: result
diff --git a/playbooks/byo/rhel_subscribe.yml b/playbooks/byo/rhel_subscribe.yml
index bc3109a31..dc9d0a139 100644
--- a/playbooks/byo/rhel_subscribe.yml
+++ b/playbooks/byo/rhel_subscribe.yml
@@ -1,16 +1,14 @@
---
-- include: openshift-cluster/initialize_groups.yml
- tags:
- - always
+- import_playbook: ../init/evaluate_groups.yml
- name: Subscribe hosts, update repos and update OS packages
- # Temporarily reverting to OSEv3 until group standardization is complete
- hosts: OSEv3
+ hosts: oo_all_hosts
roles:
- role: rhel_subscribe
when:
- deployment_type == 'openshift-enterprise'
- ansible_distribution == "RedHat"
- - lookup('env', 'rhel_skip_subscription') | default(rhsub_skip, True) | default('no', True) | lower in ['no', 'false']
+ - rhsub_user is defined
+ - rhsub_pass is defined
- role: openshift_repos
- role: os_update_latest
diff --git a/playbooks/certificate_expiry b/playbooks/certificate_expiry
deleted file mode 120000
index 9cf5334a1..000000000
--- a/playbooks/certificate_expiry
+++ /dev/null
@@ -1 +0,0 @@
-byo/openshift-checks/certificate_expiry/ \ No newline at end of file
diff --git a/playbooks/common/openshift-checks/install.yml b/playbooks/common/openshift-checks/install.yml
deleted file mode 100644
index 6701a2e15..000000000
--- a/playbooks/common/openshift-checks/install.yml
+++ /dev/null
@@ -1,47 +0,0 @@
----
-- name: Health Check Checkpoint Start
- hosts: oo_all_hosts
- gather_facts: false
- tasks:
- - name: Set Health Check 'In Progress'
- set_stats:
- data:
- installer_phase_health: "In Progress"
- aggregate: false
-
-- name: OpenShift Health Checks
- hosts: oo_all_hosts
- any_errors_fatal: true
- roles:
- - openshift_health_checker
- vars:
- - r_openshift_health_checker_playbook_context: install
- post_tasks:
- - name: Run health checks (install) - EL
- when: ansible_distribution != "Fedora"
- action: openshift_health_check
- args:
- checks:
- - disk_availability
- - memory_availability
- - package_availability
- - package_version
- - docker_image_availability
- - docker_storage
-
- - name: Run health checks (install) - Fedora
- when: ansible_distribution == "Fedora"
- action: openshift_health_check
- args:
- checks:
- - docker_image_availability
-
-- name: Health Check Checkpoint End
- hosts: oo_all_hosts
- gather_facts: false
- tasks:
- - name: Set Health Check 'Complete'
- set_stats:
- data:
- installer_phase_health: "Complete"
- aggregate: false
diff --git a/playbooks/common/openshift-cluster/cockpit-ui.yml b/playbooks/common/openshift-cluster/cockpit-ui.yml
deleted file mode 100644
index 5ddafdb07..000000000
--- a/playbooks/common/openshift-cluster/cockpit-ui.yml
+++ /dev/null
@@ -1,6 +0,0 @@
----
-- name: Create Hosted Resources - cockpit-ui
- hosts: oo_first_master
- roles:
- - role: cockpit-ui
- when: ( openshift.common.version_gte_3_3_or_1_3 | bool ) and ( openshift_hosted_manage_registry | default(true) | bool ) and not (openshift.docker.hosted_registry_insecure | default(false) | bool)
diff --git a/playbooks/common/openshift-cluster/config.yml b/playbooks/common/openshift-cluster/config.yml
deleted file mode 100644
index 3b4d6f9a6..000000000
--- a/playbooks/common/openshift-cluster/config.yml
+++ /dev/null
@@ -1,41 +0,0 @@
----
-- include: ../openshift-checks/install.yml
-
-- include: ../openshift-etcd/config.yml
-
-- include: ../openshift-nfs/config.yml
- when: groups.oo_nfs_to_config | default([]) | count > 0
-
-- include: ../openshift-loadbalancer/config.yml
- when: groups.oo_lb_to_config | default([]) | count > 0
-
-- include: ../openshift-master/config.yml
-
-- include: ../openshift-master/additional_config.yml
-
-- include: ../openshift-node/config.yml
-
-- include: ../openshift-glusterfs/config.yml
- when: groups.oo_glusterfs_to_config | default([]) | count > 0
-
-- include: openshift_hosted.yml
-
-- include: openshift_metrics.yml
- when: openshift_metrics_install_metrics | default(false) | bool
-
-- include: openshift_logging.yml
- when: openshift_logging_install_logging | default(false) | bool
-
-- include: service_catalog.yml
- when: openshift_enable_service_catalog | default(true) | bool
-
-- include: ../openshift-management/config.yml
- when: openshift_management_install_management | default(false) | bool
-
-- name: Print deprecated variable warning message if necessary
- hosts: oo_first_master
- gather_facts: no
- tasks:
- - debug: msg="{{__deprecation_message}}"
- when:
- - __deprecation_message | default ('') | length > 0
diff --git a/playbooks/common/openshift-cluster/create_persistent_volumes.yml b/playbooks/common/openshift-cluster/create_persistent_volumes.yml
deleted file mode 100644
index ec6f2c52c..000000000
--- a/playbooks/common/openshift-cluster/create_persistent_volumes.yml
+++ /dev/null
@@ -1,18 +0,0 @@
----
-- name: Create persistent volumes
- hosts: oo_first_master
- vars:
- persistent_volumes: "{{ hostvars[groups.oo_first_master.0] | oo_persistent_volumes(groups) }}"
- persistent_volume_claims: "{{ hostvars[groups.oo_first_master.0] | oo_persistent_volume_claims }}"
- tasks:
- - debug: var=persistent_volumes
- - debug: var=persistent_volume_claims
-
-- name: Create Hosted Resources - persistent volumes
- hosts: oo_first_master
- vars:
- persistent_volumes: "{{ hostvars[groups.oo_first_master.0] | oo_persistent_volumes(groups) }}"
- persistent_volume_claims: "{{ hostvars[groups.oo_first_master.0] | oo_persistent_volume_claims }}"
- roles:
- - role: openshift_persistent_volumes
- when: persistent_volumes | length > 0 or persistent_volume_claims | length > 0
diff --git a/playbooks/common/openshift-cluster/enable_dnsmasq.yml b/playbooks/common/openshift-cluster/enable_dnsmasq.yml
deleted file mode 100644
index be14b06f0..000000000
--- a/playbooks/common/openshift-cluster/enable_dnsmasq.yml
+++ /dev/null
@@ -1,60 +0,0 @@
----
-- include: evaluate_groups.yml
-
-- name: Load openshift_facts
- hosts: oo_masters_to_config:oo_nodes_to_config
- roles:
- - openshift_facts
- post_tasks:
- - fail: msg="This playbook requires a master version of at least Origin 1.1 or OSE 3.1"
- when: not openshift.common.version_gte_3_1_1_or_1_1_1 | bool
-
-- name: Reconfigure masters to listen on our new dns_port
- hosts: oo_masters_to_config
- handlers:
- - include: ../../../roles/openshift_master/handlers/main.yml
- static: yes
- vars:
- os_firewall_allow:
- - service: skydns tcp
- port: "{{ openshift.master.dns_port }}/tcp"
- - service: skydns udp
- port: "{{ openshift.master.dns_port }}/udp"
- roles:
- - os_firewall
- tasks:
- - openshift_facts:
- role: "{{ item.role }}"
- local_facts: "{{ item.local_facts }}"
- with_items:
- - role: master
- local_facts:
- dns_port: '8053'
- - modify_yaml:
- dest: "{{ openshift.common.config_base }}/master/master-config.yaml"
- yaml_key: dnsConfig.bindAddress
- yaml_value: "{{ openshift.master.bind_addr }}:{{ openshift.master.dns_port }}"
- notify: restart master api
- - meta: flush_handlers
-
-- name: Configure nodes for dnsmasq
- hosts: oo_nodes_to_config
- handlers:
- - include: ../../../roles/openshift_node/handlers/main.yml
- static: yes
- pre_tasks:
- - openshift_facts:
- role: "{{ item.role }}"
- local_facts: "{{ item.local_facts }}"
- with_items:
- - role: node
- local_facts:
- dns_ip: "{{ hostvars[inventory_hostname]['ansible_default_ipv4']['address'] }}"
- roles:
- - openshift_node_dnsmasq
- post_tasks:
- - modify_yaml:
- dest: "{{ openshift.common.config_base }}/node/node-config.yaml"
- yaml_key: dnsIP
- yaml_value: "{{ openshift.node.dns_ip }}"
- notify: restart node
diff --git a/playbooks/common/openshift-cluster/evaluate_groups.yml b/playbooks/common/openshift-cluster/evaluate_groups.yml
deleted file mode 100644
index 78b552279..000000000
--- a/playbooks/common/openshift-cluster/evaluate_groups.yml
+++ /dev/null
@@ -1,190 +0,0 @@
----
-- name: Populate config host groups
- hosts: localhost
- connection: local
- become: no
- gather_facts: no
- tasks:
- - name: Evaluate groups - g_etcd_hosts or g_new_etcd_hosts required
- fail:
- msg: This playbook requires g_etcd_hosts or g_new_etcd_hosts to be set
- when: g_etcd_hosts is not defined and g_new_etcd_hosts is not defined
-
- - name: Evaluate groups - g_master_hosts or g_new_master_hosts required
- fail:
- msg: This playbook requires g_master_hosts or g_new_master_hosts to be set
- when: g_master_hosts is not defined and g_new_master_hosts is not defined
-
- - name: Evaluate groups - g_node_hosts or g_new_node_hosts required
- fail:
- msg: This playbook requires g_node_hosts or g_new_node_hosts to be set
- when: g_node_hosts is not defined and g_new_node_hosts is not defined
-
- - name: Evaluate groups - g_lb_hosts required
- fail:
- msg: This playbook requires g_lb_hosts to be set
- when: g_lb_hosts is not defined
-
- - name: Evaluate groups - g_nfs_hosts required
- fail:
- msg: This playbook requires g_nfs_hosts to be set
- when: g_nfs_hosts is not defined
-
- - name: Evaluate groups - g_nfs_hosts is single host
- fail:
- msg: The nfs group must be limited to one host
- when: g_nfs_hosts | default([]) | length > 1
-
- - name: Evaluate groups - g_glusterfs_hosts required
- fail:
- msg: This playbook requires g_glusterfs_hosts to be set
- when: g_glusterfs_hosts is not defined
-
- - name: Evaluate groups - Fail if no etcd hosts group is defined
- fail:
- msg: >
- Running etcd as an embedded service is no longer supported. If this is a
- new install please define an 'etcd' group with either one or three
- hosts. These hosts may be the same hosts as your masters. If this is an
- upgrade you may set openshift_master_unsupported_embedded_etcd=true
- until a migration playbook becomes available.
- when:
- - g_etcd_hosts | default([]) | length not in [3,1]
- - not openshift_master_unsupported_embedded_etcd | default(False)
- - not (openshift_node_bootstrap | default(False))
-
- - name: Evaluate oo_all_hosts
- add_host:
- name: "{{ item }}"
- groups: oo_all_hosts
- ansible_ssh_user: "{{ g_ssh_user | default(omit) }}"
- ansible_become: "{{ g_sudo | default(omit) }}"
- with_items: "{{ g_all_hosts | default([]) }}"
- changed_when: no
-
- - name: Evaluate oo_masters
- add_host:
- name: "{{ item }}"
- groups: oo_masters
- ansible_ssh_user: "{{ g_ssh_user | default(omit) }}"
- ansible_become: "{{ g_sudo | default(omit) }}"
- with_items: "{{ g_master_hosts | union(g_new_master_hosts) | default([]) }}"
- changed_when: no
-
- - name: Evaluate oo_first_master
- add_host:
- name: "{{ g_master_hosts[0] }}"
- groups: oo_first_master
- ansible_ssh_user: "{{ g_ssh_user | default(omit) }}"
- ansible_become: "{{ g_sudo | default(omit) }}"
- when: g_master_hosts|length > 0
- changed_when: no
-
- - name: Evaluate oo_new_etcd_to_config
- add_host:
- name: "{{ item }}"
- groups: oo_new_etcd_to_config
- ansible_ssh_user: "{{ g_ssh_user | default(omit) }}"
- ansible_become: "{{ g_sudo | default(omit) }}"
- with_items: "{{ g_new_etcd_hosts | default([]) }}"
- changed_when: no
-
- - name: Evaluate oo_masters_to_config
- add_host:
- name: "{{ item }}"
- groups: oo_masters_to_config
- ansible_ssh_user: "{{ g_ssh_user | default(omit) }}"
- ansible_become: "{{ g_sudo | default(omit) }}"
- with_items: "{{ g_new_master_hosts | default(g_master_hosts | default([], true), true) }}"
- changed_when: no
-
- - name: Evaluate oo_etcd_to_config
- add_host:
- name: "{{ item }}"
- groups: oo_etcd_to_config
- ansible_ssh_user: "{{ g_ssh_user | default(omit) }}"
- ansible_become: "{{ g_sudo | default(omit) }}"
- with_items: "{{ g_etcd_hosts | default([]) }}"
- changed_when: no
-
- - name: Evaluate oo_first_etcd
- add_host:
- name: "{{ g_etcd_hosts[0] }}"
- groups: oo_first_etcd
- ansible_ssh_user: "{{ g_ssh_user | default(omit) }}"
- ansible_become: "{{ g_sudo | default(omit) }}"
- when: g_etcd_hosts|length > 0
- changed_when: no
-
- # We use two groups one for hosts we're upgrading which doesn't include embedded etcd
- # The other for backing up which includes the embedded etcd host, there's no need to
- # upgrade embedded etcd that just happens when the master is updated.
- - name: Evaluate oo_etcd_hosts_to_upgrade
- add_host:
- name: "{{ item }}"
- groups: oo_etcd_hosts_to_upgrade
- with_items: "{{ groups.oo_etcd_to_config if groups.oo_etcd_to_config is defined and groups.oo_etcd_to_config | length > 0 else [] }}"
- changed_when: False
-
- - name: Evaluate oo_etcd_hosts_to_backup
- add_host:
- name: "{{ item }}"
- groups: oo_etcd_hosts_to_backup
- with_items: "{{ groups.oo_etcd_to_config if groups.oo_etcd_to_config is defined and groups.oo_etcd_to_config | length > 0 else (groups.oo_first_master | default([])) }}"
- changed_when: False
-
- - name: Evaluate oo_nodes_to_config
- add_host:
- name: "{{ item }}"
- groups: oo_nodes_to_config
- ansible_ssh_user: "{{ g_ssh_user | default(omit) }}"
- ansible_become: "{{ g_sudo | default(omit) }}"
- with_items: "{{ g_new_node_hosts | default(g_node_hosts | default([], true), true) }}"
- changed_when: no
-
- # Skip adding the master to oo_nodes_to_config when g_new_node_hosts is
- - name: Add master to oo_nodes_to_config
- add_host:
- name: "{{ item }}"
- groups: oo_nodes_to_config
- ansible_ssh_user: "{{ g_ssh_user | default(omit) }}"
- ansible_become: "{{ g_sudo | default(omit) }}"
- with_items: "{{ g_master_hosts | default([]) }}"
- when: g_nodeonmaster | default(false) | bool and not g_new_node_hosts | default(false) | bool
- changed_when: no
-
- - name: Evaluate oo_lb_to_config
- add_host:
- name: "{{ item }}"
- groups: oo_lb_to_config
- ansible_ssh_user: "{{ g_ssh_user | default(omit) }}"
- ansible_become: "{{ g_sudo | default(omit) }}"
- with_items: "{{ g_lb_hosts | default([]) }}"
- changed_when: no
-
- - name: Evaluate oo_nfs_to_config
- add_host:
- name: "{{ item }}"
- groups: oo_nfs_to_config
- ansible_ssh_user: "{{ g_ssh_user | default(omit) }}"
- ansible_become: "{{ g_sudo | default(omit) }}"
- with_items: "{{ g_nfs_hosts | default([]) }}"
- changed_when: no
-
- - name: Evaluate oo_glusterfs_to_config
- add_host:
- name: "{{ item }}"
- groups: oo_glusterfs_to_config
- ansible_ssh_user: "{{ g_ssh_user | default(omit) }}"
- ansible_become: "{{ g_sudo | default(omit) }}"
- with_items: "{{ g_glusterfs_hosts | union(g_glusterfs_registry_hosts | default([])) }}"
- changed_when: no
-
- - name: Evaluate oo_etcd_to_migrate
- add_host:
- name: "{{ item }}"
- groups: oo_etcd_to_migrate
- ansible_ssh_user: "{{ g_ssh_user | default(omit) }}"
- ansible_become: "{{ g_sudo | default(omit) }}"
- with_items: "{{ groups.oo_etcd_to_config if groups.oo_etcd_to_config | default([]) | length != 0 else (groups.oo_first_master |default([]))}}"
- changed_when: no
diff --git a/playbooks/common/openshift-cluster/filter_plugins b/playbooks/common/openshift-cluster/filter_plugins
deleted file mode 120000
index 99a95e4ca..000000000
--- a/playbooks/common/openshift-cluster/filter_plugins
+++ /dev/null
@@ -1 +0,0 @@
-../../../filter_plugins \ No newline at end of file
diff --git a/playbooks/common/openshift-cluster/initialize_facts.yml b/playbooks/common/openshift-cluster/initialize_facts.yml
deleted file mode 100644
index 91223d368..000000000
--- a/playbooks/common/openshift-cluster/initialize_facts.yml
+++ /dev/null
@@ -1,169 +0,0 @@
----
-- name: Ensure that all non-node hosts are accessible
- hosts: oo_masters_to_config:oo_etcd_to_config:oo_lb_to_config:oo_nfs_to_config
- any_errors_fatal: true
- tasks:
-
-- name: Initialize host facts
- hosts: oo_all_hosts
- tasks:
- - name: load openshift_facts module
- include_role:
- name: openshift_facts
- static: yes
-
- # TODO: Should this role be refactored into health_checks??
- - name: Run openshift_sanitize_inventory to set variables
- include_role:
- name: openshift_sanitize_inventory
-
- - name: Detecting Operating System from ostree_booted
- stat:
- path: /run/ostree-booted
- register: ostree_booted
-
- # Locally setup containerized facts for now
- - name: initialize_facts set fact l_is_atomic
- set_fact:
- l_is_atomic: "{{ ostree_booted.stat.exists }}"
-
- - name: initialize_facts set fact for containerized and l_is_*_system_container
- set_fact:
- l_is_containerized: "{{ (l_is_atomic | bool) or (containerized | default(false) | bool) }}"
- l_is_openvswitch_system_container: "{{ (openshift_use_openvswitch_system_container | default(openshift_use_system_containers | default(false)) | bool) }}"
- l_is_node_system_container: "{{ (openshift_use_node_system_container | default(openshift_use_system_containers | default(false)) | bool) }}"
- l_is_master_system_container: "{{ (openshift_use_master_system_container | default(openshift_use_system_containers | default(false)) | bool) }}"
- l_is_etcd_system_container: "{{ (openshift_use_etcd_system_container | default(openshift_use_system_containers | default(false)) | bool) }}"
-
- - name: initialize_facts set facts for l_any_system_container
- set_fact:
- l_any_system_container: "{{ l_is_etcd_system_container or l_is_openvswitch_system_container or l_is_node_system_container or l_is_master_system_container }}"
-
- - name: initialize_facts set fact for l_etcd_runtime
- set_fact:
- l_etcd_runtime: "{{ 'runc' if l_is_etcd_system_container else 'docker' if l_is_containerized else 'host' }}"
-
- # TODO: Should this be moved into health checks??
- # Seems as though any check that happens with a corresponding fail should move into health_checks
- - name: Validate python version - ans_dist is fedora and python is v3
- fail:
- msg: |
- openshift-ansible requires Python 3 for {{ ansible_distribution }};
- For information on enabling Python 3 with Ansible, see https://docs.ansible.com/ansible/python_3_support.html
- when:
- - ansible_distribution == 'Fedora'
- - ansible_python['version']['major'] != 3
-
- # TODO: Should this be moved into health checks??
- # Seems as though any check that happens with a corresponding fail should move into health_checks
- - name: Validate python version - ans_dist not Fedora and python must be v2
- fail:
- msg: "openshift-ansible requires Python 2 for {{ ansible_distribution }}"
- when:
- - ansible_distribution != 'Fedora'
- - ansible_python['version']['major'] != 2
-
- # TODO: Should this be moved into health checks??
- # Seems as though any check that happens with a corresponding fail should move into health_checks
- # Fail as early as possible if Atomic and old version of Docker
- - when:
- - l_is_atomic | bool
- block:
-
- # See https://access.redhat.com/articles/2317361
- # and https://github.com/ansible/ansible/issues/15892
- # NOTE: the "'s can not be removed at this level else the docker command will fail
- # NOTE: When ansible >2.2.1.x is used this can be updated per
- # https://github.com/openshift/openshift-ansible/pull/3475#discussion_r103525121
- - name: Determine Atomic Host Docker Version
- shell: 'CURLY="{"; docker version --format "$CURLY{json .Server.Version}}"'
- register: l_atomic_docker_version
-
- - name: assert atomic host docker version is 1.12 or later
- assert:
- that:
- - l_atomic_docker_version.stdout | replace('"', '') | version_compare('1.12','>=')
- msg: Installation on Atomic Host requires Docker 1.12 or later. Please upgrade and restart the Atomic Host.
-
- - when:
- - not l_is_atomic | bool
- block:
- - name: Ensure openshift-ansible installer package deps are installed
- package:
- name: "{{ item }}"
- state: present
- with_items:
- - iproute
- - "{{ 'python3-dbus' if ansible_distribution == 'Fedora' else 'dbus-python' }}"
- - "{{ 'python3-PyYAML' if ansible_distribution == 'Fedora' else 'PyYAML' }}"
- - yum-utils
-
- - name: Ensure various deps for running system containers are installed
- package:
- name: "{{ item }}"
- state: present
- with_items:
- - atomic
- - ostree
- - runc
- when:
- - l_any_system_container | bool
-
- - name: Default system_images_registry to a enterprise registry
- set_fact:
- system_images_registry: "registry.access.redhat.com"
- when:
- - system_images_registry is not defined
- - openshift_deployment_type == "openshift-enterprise"
-
- - name: Default system_images_registry to community registry
- set_fact:
- system_images_registry: "docker.io"
- when:
- - system_images_registry is not defined
- - openshift_deployment_type == "origin"
-
- - name: Gather Cluster facts and set is_containerized if needed
- openshift_facts:
- role: common
- local_facts:
- deployment_type: "{{ openshift_deployment_type }}"
- deployment_subtype: "{{ openshift_deployment_subtype | default(None) }}"
- cli_image: "{{ osm_image | default(None) }}"
- hostname: "{{ openshift_hostname | default(None) }}"
- ip: "{{ openshift_ip | default(None) }}"
- is_containerized: "{{ l_is_containerized | default(None) }}"
- is_openvswitch_system_container: "{{ l_is_openvswitch_system_container | default(false) }}"
- is_node_system_container: "{{ l_is_node_system_container | default(false) }}"
- is_master_system_container: "{{ l_is_master_system_container | default(false) }}"
- is_etcd_system_container: "{{ l_is_etcd_system_container | default(false) }}"
- etcd_runtime: "{{ l_etcd_runtime }}"
- system_images_registry: "{{ system_images_registry }}"
- public_hostname: "{{ openshift_public_hostname | default(None) }}"
- public_ip: "{{ openshift_public_ip | default(None) }}"
- portal_net: "{{ openshift_portal_net | default(openshift_master_portal_net) | default(None) }}"
- http_proxy: "{{ openshift_http_proxy | default(None) }}"
- https_proxy: "{{ openshift_https_proxy | default(None) }}"
- no_proxy: "{{ openshift_no_proxy | default(None) }}"
- generate_no_proxy_hosts: "{{ openshift_generate_no_proxy_hosts | default(True) }}"
-
- - name: Set fact of no_proxy_internal_hostnames
- openshift_facts:
- role: common
- local_facts:
- no_proxy_internal_hostnames: "{{ hostvars | oo_select_keys(groups['oo_nodes_to_config']
- | union(groups['oo_masters_to_config'])
- | union(groups['oo_etcd_to_config'] | default([])))
- | oo_collect('openshift.common.hostname') | default([]) | join (',')
- }}"
- when:
- - openshift_http_proxy is defined or openshift_https_proxy is defined
- - openshift_generate_no_proxy_hosts | default(True) | bool
-
- - name: initialize_facts set_fact repoquery command
- set_fact:
- repoquery_cmd: "{{ 'dnf repoquery --latest-limit 1 -d 0' if ansible_pkg_mgr == 'dnf' else 'repoquery --plugins' }}"
-
- - name: initialize_facts set_fact on openshift_docker_hosted_registry_network
- set_fact:
- openshift_docker_hosted_registry_network: "{{ '' if 'oo_first_master' not in groups else hostvars[groups.oo_first_master.0].openshift.common.portal_net }}"
diff --git a/playbooks/common/openshift-cluster/initialize_openshift_repos.yml b/playbooks/common/openshift-cluster/initialize_openshift_repos.yml
deleted file mode 100644
index a7114fc80..000000000
--- a/playbooks/common/openshift-cluster/initialize_openshift_repos.yml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-- name: Setup yum repositories for all hosts
- hosts: oo_all_hosts
- gather_facts: no
- tasks:
- - name: initialize openshift repos
- include_role:
- name: openshift_repos
diff --git a/playbooks/common/openshift-cluster/library b/playbooks/common/openshift-cluster/library
deleted file mode 120000
index d0b7393d3..000000000
--- a/playbooks/common/openshift-cluster/library
+++ /dev/null
@@ -1 +0,0 @@
-../../../library/ \ No newline at end of file
diff --git a/playbooks/common/openshift-cluster/lookup_plugins b/playbooks/common/openshift-cluster/lookup_plugins
deleted file mode 120000
index ac79701db..000000000
--- a/playbooks/common/openshift-cluster/lookup_plugins
+++ /dev/null
@@ -1 +0,0 @@
-../../../lookup_plugins \ No newline at end of file
diff --git a/playbooks/common/openshift-cluster/openshift_hosted.yml b/playbooks/common/openshift-cluster/openshift_hosted.yml
deleted file mode 100644
index 281ccce2e..000000000
--- a/playbooks/common/openshift-cluster/openshift_hosted.yml
+++ /dev/null
@@ -1,40 +0,0 @@
----
-- name: Hosted Install Checkpoint Start
- hosts: oo_all_hosts
- gather_facts: false
- tasks:
- - name: Set Hosted install 'In Progress'
- set_stats:
- data:
- installer_phase_hosted: "In Progress"
- aggregate: false
-
-- include: create_persistent_volumes.yml
-
-- include: openshift_default_storage_class.yml
-
-- include: openshift_hosted_create_projects.yml
-
-- include: openshift_hosted_router.yml
-
-- include: openshift_hosted_registry.yml
-
-- include: cockpit-ui.yml
-
-- include: openshift_prometheus.yml
- when: openshift_hosted_prometheus_deploy | default(False) | bool
-
-- include: install_docker_gc.yml
- when:
- - openshift_use_crio | default(False) | bool
- - openshift_crio_enable_docker_gc | default(False) | bool
-
-- name: Hosted Install Checkpoint End
- hosts: oo_all_hosts
- gather_facts: false
- tasks:
- - name: Set Hosted install 'Complete'
- set_stats:
- data:
- installer_phase_hosted: "Complete"
- aggregate: false
diff --git a/playbooks/common/openshift-cluster/openshift_logging.yml b/playbooks/common/openshift-cluster/openshift_logging.yml
deleted file mode 100644
index 529a4c939..000000000
--- a/playbooks/common/openshift-cluster/openshift_logging.yml
+++ /dev/null
@@ -1,33 +0,0 @@
----
-- name: Logging Install Checkpoint Start
- hosts: oo_all_hosts
- gather_facts: false
- tasks:
- - name: Set Logging install 'In Progress'
- set_stats:
- data:
- installer_phase_logging: "In Progress"
- aggregate: false
-
-- name: OpenShift Aggregated Logging
- hosts: oo_first_master
- roles:
- - openshift_logging
-
-- name: Update Master configs
- hosts: oo_masters:!oo_first_master
- tasks:
- - block:
- - include_role:
- name: openshift_logging
- tasks_from: update_master_config
-
-- name: Logging Install Checkpoint End
- hosts: oo_all_hosts
- gather_facts: false
- tasks:
- - name: Set Logging install 'Complete'
- set_stats:
- data:
- installer_phase_logging: "Complete"
- aggregate: false
diff --git a/playbooks/common/openshift-cluster/openshift_metrics.yml b/playbooks/common/openshift-cluster/openshift_metrics.yml
deleted file mode 100644
index 9c0bd489b..000000000
--- a/playbooks/common/openshift-cluster/openshift_metrics.yml
+++ /dev/null
@@ -1,34 +0,0 @@
----
-- name: Metrics Install Checkpoint Start
- hosts: oo_all_hosts
- gather_facts: false
- tasks:
- - name: Set Metrics install 'In Progress'
- set_stats:
- data:
- installer_phase_metrics: "In Progress"
- aggregate: false
-
-- name: OpenShift Metrics
- hosts: oo_first_master
- roles:
- - role: openshift_metrics
-
-- name: OpenShift Metrics
- hosts: oo_masters:!oo_first_master
- serial: 1
- tasks:
- - name: Setup the non-first masters configs
- include_role:
- name: openshift_metrics
- tasks_from: update_master_config.yaml
-
-- name: Metrics Install Checkpoint End
- hosts: oo_all_hosts
- gather_facts: false
- tasks:
- - name: Set Metrics install 'Complete'
- set_stats:
- data:
- installer_phase_metrics: "Complete"
- aggregate: false
diff --git a/playbooks/common/openshift-cluster/openshift_prometheus.yml b/playbooks/common/openshift-cluster/openshift_prometheus.yml
deleted file mode 100644
index a73b294a5..000000000
--- a/playbooks/common/openshift-cluster/openshift_prometheus.yml
+++ /dev/null
@@ -1,25 +0,0 @@
----
-- name: Prometheus Install Checkpoint Start
- hosts: oo_all_hosts
- gather_facts: false
- tasks:
- - name: Set Prometheus install 'In Progress'
- set_stats:
- data:
- installer_phase_prometheus: "In Progress"
- aggregate: false
-
-- name: Create Hosted Resources - openshift_prometheus
- hosts: oo_first_master
- roles:
- - role: openshift_prometheus
-
-- name: Prometheus Install Checkpoint End
- hosts: oo_all_hosts
- gather_facts: false
- tasks:
- - name: Set Prometheus install 'Complete'
- set_stats:
- data:
- installer_phase_prometheus: "Complete"
- aggregate: false
diff --git a/playbooks/common/openshift-cluster/redeploy-certificates/check-expiry.yml b/playbooks/common/openshift-cluster/redeploy-certificates/check-expiry.yml
deleted file mode 100644
index 4a9fbf7eb..000000000
--- a/playbooks/common/openshift-cluster/redeploy-certificates/check-expiry.yml
+++ /dev/null
@@ -1,12 +0,0 @@
----
-- name: Check cert expirys
- hosts: "{{ g_check_expiry_hosts }}"
- vars:
- openshift_certificate_expiry_show_all: yes
- roles:
- # Sets 'check_results' per host which contains health status for
- # etcd, master and node certificates. We will use 'check_results'
- # to determine if any certificates were expired prior to running
- # this playbook. Service restarts will be skipped if any
- # certificates were previously expired.
- - role: openshift_certificate_expiry
diff --git a/playbooks/common/openshift-cluster/redeploy-certificates/etcd-backup.yml b/playbooks/common/openshift-cluster/redeploy-certificates/etcd-backup.yml
deleted file mode 100644
index d738c8207..000000000
--- a/playbooks/common/openshift-cluster/redeploy-certificates/etcd-backup.yml
+++ /dev/null
@@ -1,19 +0,0 @@
----
-- name: Backup and remove generated etcd certificates
- hosts: oo_first_etcd
- any_errors_fatal: true
- tasks:
- - include_role:
- name: etcd
- tasks_from: backup_generated_certificates
- - include_role:
- name: etcd
- tasks_from: remove_generated_certificates
-
-- name: Backup deployed etcd certificates
- hosts: oo_etcd_to_config
- any_errors_fatal: true
- tasks:
- - include_role:
- name: etcd
- tasks_from: backup_server_certificates
diff --git a/playbooks/common/openshift-cluster/redeploy-certificates/etcd-ca.yml b/playbooks/common/openshift-cluster/redeploy-certificates/etcd-ca.yml
deleted file mode 100644
index 044875d1c..000000000
--- a/playbooks/common/openshift-cluster/redeploy-certificates/etcd-ca.yml
+++ /dev/null
@@ -1,103 +0,0 @@
----
-- name: Check cert expirys
- hosts: oo_etcd_to_config:oo_masters_to_config
- vars:
- openshift_certificate_expiry_show_all: yes
- roles:
- # Sets 'check_results' per host which contains health status for
- # etcd, master and node certificates. We will use 'check_results'
- # to determine if any certificates were expired prior to running
- # this playbook. Service restarts will be skipped if any
- # certificates were previously expired.
- - role: openshift_certificate_expiry
-
-- name: Backup existing etcd CA certificate directories
- hosts: oo_etcd_to_config
- tasks:
- - include_role:
- name: etcd
- tasks_from: backup_ca_certificates
- - include_role:
- name: etcd
- tasks_from: remove_ca_certificates
-
-- include: ../../openshift-etcd/ca.yml
-
-- name: Create temp directory for syncing certs
- hosts: localhost
- connection: local
- become: no
- gather_facts: no
- tasks:
- - name: Create local temp directory for syncing certs
- local_action: command mktemp -d /tmp/openshift-ansible-XXXXXXX
- register: g_etcd_mktemp
- changed_when: false
-
-- name: Distribute etcd CA to etcd hosts
- hosts: oo_etcd_to_config
- tasks:
- - include_role:
- name: etcd
- tasks_from: distribute_ca
- vars:
- r_etcd_common_etcd_runtime: "{{ openshift.common.etcd_runtime }}"
- etcd_sync_cert_dir: "{{ hostvars['localhost'].g_etcd_mktemp.stdout }}"
- etcd_ca_host: "{{ groups.oo_etcd_to_config.0 }}"
-
-- include: ../../openshift-etcd/restart.yml
- # Do not restart etcd when etcd certificates were previously expired.
- when: ('expired' not in (hostvars
- | oo_select_keys(groups['etcd'])
- | oo_collect('check_results.check_results.etcd')
- | oo_collect('health')))
-
-- name: Retrieve etcd CA certificate
- hosts: oo_first_etcd
- tasks:
- - include_role:
- name: etcd
- tasks_from: retrieve_ca_certificates
- vars:
- etcd_sync_cert_dir: "{{ hostvars['localhost'].g_etcd_mktemp.stdout }}"
- r_etcd_common_etcd_runtime: "{{ openshift.common.etcd_runtime }}"
-
-- name: Distribute etcd CA to masters
- hosts: oo_masters_to_config
- vars:
- openshift_ca_host: "{{ groups.oo_first_master.0 }}"
- tasks:
- - name: Deploy etcd CA
- copy:
- src: "{{ hostvars['localhost'].g_etcd_mktemp.stdout }}/ca.crt"
- dest: "{{ openshift.common.config_base }}/master/master.etcd-ca.crt"
- when: groups.oo_etcd_to_config | default([]) | length > 0
-
-- name: Delete temporary directory on localhost
- hosts: localhost
- connection: local
- become: no
- gather_facts: no
- tasks:
- - file:
- name: "{{ g_etcd_mktemp.stdout }}"
- state: absent
- changed_when: false
-
-- include: ../../openshift-master/restart.yml
- # Do not restart masters when master or etcd certificates were previously expired.
- when:
- # masters
- - ('expired' not in hostvars
- | oo_select_keys(groups['oo_masters_to_config'])
- | oo_collect('check_results.check_results.ocp_certs')
- | oo_collect('health', {'path':hostvars[groups.oo_first_master.0].openshift.common.config_base ~ "/master/master.server.crt"}))
- - ('expired' not in hostvars
- | oo_select_keys(groups['oo_masters_to_config'])
- | oo_collect('check_results.check_results.ocp_certs')
- | oo_collect('health', {'path':hostvars[groups.oo_first_master.0].openshift.common.config_base ~ "/master/ca-bundle.crt"}))
- # etcd
- - ('expired' not in (hostvars
- | oo_select_keys(groups['etcd'])
- | oo_collect('check_results.check_results.etcd')
- | oo_collect('health')))
diff --git a/playbooks/common/openshift-cluster/redeploy-certificates/filter_plugins b/playbooks/common/openshift-cluster/redeploy-certificates/filter_plugins
deleted file mode 120000
index b1213dedb..000000000
--- a/playbooks/common/openshift-cluster/redeploy-certificates/filter_plugins
+++ /dev/null
@@ -1 +0,0 @@
-../../../../filter_plugins \ No newline at end of file
diff --git a/playbooks/common/openshift-cluster/redeploy-certificates/library b/playbooks/common/openshift-cluster/redeploy-certificates/library
deleted file mode 120000
index 9a53f009d..000000000
--- a/playbooks/common/openshift-cluster/redeploy-certificates/library
+++ /dev/null
@@ -1 +0,0 @@
-../../../../library \ No newline at end of file
diff --git a/playbooks/common/openshift-cluster/redeploy-certificates/lookup_plugins b/playbooks/common/openshift-cluster/redeploy-certificates/lookup_plugins
deleted file mode 120000
index aff753026..000000000
--- a/playbooks/common/openshift-cluster/redeploy-certificates/lookup_plugins
+++ /dev/null
@@ -1 +0,0 @@
-../../../../lookup_plugins \ No newline at end of file
diff --git a/playbooks/common/openshift-cluster/redeploy-certificates/openshift-ca.yml b/playbooks/common/openshift-cluster/redeploy-certificates/openshift-ca.yml
deleted file mode 100644
index 2068ed199..000000000
--- a/playbooks/common/openshift-cluster/redeploy-certificates/openshift-ca.yml
+++ /dev/null
@@ -1,303 +0,0 @@
----
-- name: Verify OpenShift version is greater than or equal to 1.2 or 3.2
- hosts: oo_first_master
- tasks:
- - fail:
- msg: "The current OpenShift version is less than 1.2/3.2 and does not support CA bundles."
- when: not openshift.common.version_gte_3_2_or_1_2 | bool
-
-- name: Check cert expirys
- hosts: oo_nodes_to_config:oo_masters_to_config:oo_etcd_to_config
- vars:
- openshift_certificate_expiry_show_all: yes
- roles:
- # Sets 'check_results' per host which contains health status for
- # etcd, master and node certificates. We will use 'check_results'
- # to determine if any certificates were expired prior to running
- # this playbook. Service restarts will be skipped if any
- # certificates were previously expired.
- - role: openshift_certificate_expiry
-
-# Update master config when ca-bundle not referenced. Services will be
-# restarted below after new CA certificate has been distributed.
-- name: Ensure ca-bundle.crt is referenced in master configuration
- hosts: oo_masters_to_config
- tasks:
- - slurp:
- src: "{{ openshift.common.config_base }}/master/master-config.yaml"
- register: g_master_config_output
- - modify_yaml:
- dest: "{{ openshift.common.config_base }}/master/master-config.yaml"
- yaml_key: kubeletClientInfo.ca
- yaml_value: ca-bundle.crt
- when: (g_master_config_output.content|b64decode|from_yaml).kubeletClientInfo.ca != 'ca-bundle.crt'
- - modify_yaml:
- dest: "{{ openshift.common.config_base }}/master/master-config.yaml"
- yaml_key: serviceAccountConfig.masterCA
- yaml_value: ca-bundle.crt
- when: (g_master_config_output.content|b64decode|from_yaml).serviceAccountConfig.masterCA != 'ca-bundle.crt'
- - modify_yaml:
- dest: "{{ openshift.common.config_base }}/master/master-config.yaml"
- yaml_key: oauthConfig.masterCA
- yaml_value: ca-bundle.crt
- when: (g_master_config_output.content|b64decode|from_yaml).oauthConfig.masterCA != 'ca-bundle.crt'
- - modify_yaml:
- dest: "{{ openshift.common.config_base }}/master/master-config.yaml"
- yaml_key: servingInfo.clientCA
- yaml_value: ca.crt
- when: (g_master_config_output.content|b64decode|from_yaml).servingInfo.clientCA != 'ca.crt'
- - modify_yaml:
- dest: "{{ openshift.common.config_base }}/master/master-config.yaml"
- yaml_key: etcdClientInfo.ca
- yaml_value: ca-bundle.crt
- when:
- - groups.oo_etcd_to_config | default([]) | length == 0
- - (g_master_config_output.content|b64decode|from_yaml).etcdClientInfo.ca != 'ca-bundle.crt'
- - modify_yaml:
- dest: "{{ openshift.common.config_base }}/master/master-config.yaml"
- yaml_key: etcdConfig.peerServingInfo.clientCA
- yaml_value: ca-bundle.crt
- when:
- - groups.oo_etcd_to_config | default([]) | length == 0
- - (g_master_config_output.content|b64decode|from_yaml).etcdConfig.peerServingInfo.clientCA != 'ca-bundle.crt'
- - modify_yaml:
- dest: "{{ openshift.common.config_base }}/master/master-config.yaml"
- yaml_key: etcdConfig.servingInfo.clientCA
- yaml_value: ca-bundle.crt
- when:
- - groups.oo_etcd_to_config | default([]) | length == 0
- - (g_master_config_output.content|b64decode|from_yaml).etcdConfig.servingInfo.clientCA != 'ca-bundle.crt'
-
-- name: Copy current OpenShift CA to legacy directory
- hosts: oo_masters_to_config
- pre_tasks:
- - name: Create legacy-ca directory
- file:
- path: "{{ openshift.common.config_base }}/master/legacy-ca"
- state: directory
- mode: 0700
- owner: root
- group: root
- - command: mktemp -u XXXXXX
- register: g_legacy_ca_mktemp
- changed_when: false
- # Copy CA certificate, key, serial and bundle to legacy-ca with a
- # prefix generated by mktemp, ie. XXXXXX-ca.crt.
- #
- # The following roles will pick up all CA certificates matching
- # /.*-ca.crt/ in the legacy-ca directory and ensure they are present
- # in the OpenShift CA bundle.
- # - openshift_ca
- # - openshift_master_certificates
- # - openshift_node_certificates
- - name: Copy current OpenShift CA to legacy directory
- copy:
- src: "{{ openshift.common.config_base }}/master/{{ item }}"
- dest: "{{ openshift.common.config_base }}/master/legacy-ca/{{ g_legacy_ca_mktemp.stdout }}-{{ item }}"
- remote_src: true
- # It is possible that redeploying failed and files may be missing.
- # Ignore errors in this case. Files should have been copied to
- # legacy-ca directory in previous run.
- ignore_errors: true
- with_items:
- - "ca.crt"
- - "ca.key"
- - "ca.serial.txt"
- - "ca-bundle.crt"
-
-- name: Create temporary directory for creating new CA certificate
- hosts: oo_first_master
- tasks:
- - name: Create temporary directory for creating new CA certificate
- command: >
- mktemp -d /tmp/openshift-ansible-XXXXXXX
- register: g_new_openshift_ca_mktemp
- changed_when: false
-
-- name: Create OpenShift CA
- hosts: oo_first_master
- vars:
- # Set openshift_ca_config_dir to a temporary directory where CA
- # will be created. We'll replace the existing CA with the CA
- # created in the temporary directory.
- openshift_ca_config_dir: "{{ hostvars[groups.oo_first_master.0].g_new_openshift_ca_mktemp.stdout }}"
- roles:
- - role: openshift_master_facts
- - role: openshift_named_certificates
- - role: openshift_ca
- openshift_ca_host: "{{ groups.oo_first_master.0 }}"
-
-- name: Create temp directory for syncing certs
- hosts: localhost
- connection: local
- become: no
- gather_facts: no
- tasks:
- - name: Create local temp directory for syncing certs
- local_action: command mktemp -d /tmp/openshift-ansible-XXXXXXX
- register: g_master_mktemp
- changed_when: false
-
-- name: Retrieve OpenShift CA
- hosts: oo_first_master
- vars:
- openshift_ca_host: "{{ groups.oo_first_master.0 }}"
- tasks:
- - name: Retrieve CA certificate, key, bundle and serial
- fetch:
- src: "{{ hostvars[openshift_ca_host].g_new_openshift_ca_mktemp.stdout }}/{{ item }}"
- dest: "{{ hostvars['localhost'].g_master_mktemp.stdout }}/"
- flat: yes
- fail_on_missing: yes
- validate_checksum: yes
- with_items:
- - ca.crt
- - ca.key
- - ca-bundle.crt
- - ca.serial.txt
- delegate_to: "{{ openshift_ca_host }}"
- run_once: true
- changed_when: false
-
-- name: Distribute OpenShift CA to masters
- hosts: oo_masters_to_config
- vars:
- openshift_ca_host: "{{ groups.oo_first_master.0 }}"
- tasks:
- - name: Deploy CA certificate, key, bundle and serial
- copy:
- src: "{{ hostvars['localhost'].g_master_mktemp.stdout }}/{{ item }}"
- dest: "{{ openshift.common.config_base }}/master/"
- with_items:
- - ca.crt
- - ca.key
- - ca-bundle.crt
- - ca.serial.txt
- - name: Update master client kubeconfig CA data
- kubeclient_ca:
- client_path: "{{ openshift.common.config_base }}/master/openshift-master.kubeconfig"
- ca_path: "{{ openshift.common.config_base }}/master/ca-bundle.crt"
- - name: Update admin client kubeconfig CA data
- kubeclient_ca:
- client_path: "{{ openshift.common.config_base }}/master/admin.kubeconfig"
- ca_path: "{{ openshift.common.config_base }}/master/ca-bundle.crt"
- - name: Lookup default group for ansible_ssh_user
- command: "/usr/bin/id -g {{ ansible_ssh_user | quote }}"
- changed_when: false
- register: _ansible_ssh_user_gid
- - set_fact:
- client_users: "{{ [ansible_ssh_user, 'root'] | unique }}"
- - name: Create the client config dir(s)
- file:
- path: "~{{ item }}/.kube"
- state: directory
- mode: 0700
- owner: "{{ item }}"
- group: "{{ 'root' if item == 'root' else _ansible_ssh_user_gid.stdout }}"
- with_items: "{{ client_users }}"
- - name: Copy the admin client config(s)
- copy:
- src: "{{ openshift.common.config_base }}/master/admin.kubeconfig"
- dest: "~{{ item }}/.kube/config"
- remote_src: yes
- with_items: "{{ client_users }}"
- - name: Update the permissions on the admin client config(s)
- file:
- path: "~{{ item }}/.kube/config"
- state: file
- mode: 0700
- owner: "{{ item }}"
- group: "{{ 'root' if item == 'root' else _ansible_ssh_user_gid.stdout }}"
- with_items: "{{ client_users }}"
-
-- include: ../../openshift-master/restart.yml
- # Do not restart masters when master or etcd certificates were previously expired.
- when:
- # masters
- - ('expired' not in hostvars
- | oo_select_keys(groups['oo_masters_to_config'])
- | oo_collect('check_results.check_results.ocp_certs')
- | oo_collect('health', {'path':hostvars[groups.oo_first_master.0].openshift.common.config_base ~ "/master/master.server.crt"}))
- - ('expired' not in hostvars
- | oo_select_keys(groups['oo_masters_to_config'])
- | oo_collect('check_results.check_results.ocp_certs')
- | oo_collect('health', {'path':hostvars[groups.oo_first_master.0].openshift.common.config_base ~ "/master/ca-bundle.crt"}))
- # etcd
- - ('expired' not in (hostvars
- | oo_select_keys(groups['etcd'])
- | oo_collect('check_results.check_results.etcd')
- | oo_collect('health')))
-
-- name: Distribute OpenShift CA certificate to nodes
- hosts: oo_nodes_to_config
- vars:
- openshift_ca_host: "{{ groups.oo_first_master.0 }}"
- tasks:
- - copy:
- src: "{{ hostvars['localhost'].g_master_mktemp.stdout }}/ca-bundle.crt"
- dest: "{{ openshift.common.config_base }}/node/ca.crt"
- - name: Copy OpenShift CA to system CA trust
- copy:
- src: "{{ item.cert }}"
- dest: "/etc/pki/ca-trust/source/anchors/{{ item.id }}-{{ item.cert | basename }}"
- remote_src: yes
- with_items:
- - id: openshift
- cert: "{{ openshift.common.config_base }}/node/ca.crt"
- notify:
- - update ca trust
- - name: Update node client kubeconfig CA data
- kubeclient_ca:
- client_path: "{{ openshift.common.config_base }}/node/system:node:{{ openshift.common.hostname }}.kubeconfig"
- ca_path: "{{ openshift.common.config_base }}/node/ca.crt"
- handlers:
- # Normally this handler would restart docker after updating ca
- # trust. We'll do that when we restart nodes to avoid restarting
- # docker on all nodes in parallel.
- - name: update ca trust
- command: update-ca-trust
-
-- name: Delete temporary directory on CA host
- hosts: oo_first_master
- tasks:
- - file:
- path: "{{ g_new_openshift_ca_mktemp.stdout }}"
- state: absent
-
-- name: Delete temporary directory on localhost
- hosts: localhost
- connection: local
- become: no
- gather_facts: no
- tasks:
- - file:
- name: "{{ g_master_mktemp.stdout }}"
- state: absent
- changed_when: false
-
-- include: ../../openshift-node/restart.yml
- # Do not restart nodes when node, master or etcd certificates were previously expired.
- when:
- # nodes
- - ('expired' not in hostvars
- | oo_select_keys(groups['oo_nodes_to_config'])
- | oo_collect('check_results.check_results.ocp_certs')
- | oo_collect('health', {'path':hostvars[groups.oo_nodes_to_config.0].openshift.common.config_base ~ "/node/server.crt"}))
- - ('expired' not in hostvars
- | oo_select_keys(groups['oo_nodes_to_config'])
- | oo_collect('check_results.check_results.ocp_certs')
- | oo_collect('health', {'path':hostvars[groups.oo_nodes_to_config.0].openshift.common.config_base ~ "/node/ca.crt"}))
- # masters
- - ('expired' not in hostvars
- | oo_select_keys(groups['oo_masters_to_config'])
- | oo_collect('check_results.check_results.ocp_certs')
- | oo_collect('health', {'path':hostvars[groups.oo_first_master.0].openshift.common.config_base ~ "/master/master.server.crt"}))
- - ('expired' not in hostvars
- | oo_select_keys(groups['oo_masters_to_config'])
- | oo_collect('check_results.check_results.ocp_certs')
- | oo_collect('health', {'path':hostvars[groups.oo_first_master.0].openshift.common.config_base ~ "/master/ca-bundle.crt"}))
- # etcd
- - ('expired' not in (hostvars
- | oo_select_keys(groups['etcd'])
- | oo_collect('check_results.check_results.etcd')
- | oo_collect('health')))
diff --git a/playbooks/common/openshift-cluster/redeploy-certificates/registry.yml b/playbooks/common/openshift-cluster/redeploy-certificates/registry.yml
deleted file mode 100644
index afd5463b2..000000000
--- a/playbooks/common/openshift-cluster/redeploy-certificates/registry.yml
+++ /dev/null
@@ -1,102 +0,0 @@
----
-- name: Update registry certificates
- hosts: oo_first_master
- vars:
- roles:
- - lib_openshift
- tasks:
- - name: Create temp directory for kubeconfig
- command: mktemp -d /tmp/openshift-ansible-XXXXXX
- register: mktemp
- changed_when: false
-
- - name: Copy admin client config(s)
- command: >
- cp {{ openshift.common.config_base }}/master//admin.kubeconfig {{ mktemp.stdout }}/admin.kubeconfig
- changed_when: false
-
- - name: Determine if docker-registry exists
- command: >
- {{ openshift.common.client_binary }} get dc/docker-registry -o json
- --config={{ mktemp.stdout }}/admin.kubeconfig
- -n default
- register: l_docker_registry_dc
- failed_when: false
- changed_when: false
-
- - set_fact:
- docker_registry_env_vars: "{{ ((l_docker_registry_dc.stdout | from_json)['spec']['template']['spec']['containers'][0]['env']
- | oo_collect('name'))
- | default([]) }}"
- docker_registry_secrets: "{{ ((l_docker_registry_dc.stdout | from_json)['spec']['template']['spec']['volumes']
- | oo_collect('secret')
- | oo_collect('secretName'))
- | default([]) }}"
- changed_when: false
- when: l_docker_registry_dc.rc == 0
-
- # Replace dc/docker-registry environment variable certificate data if set.
- - name: Update docker-registry environment variables
- shell: >
- {{ openshift.common.client_binary }} env dc/docker-registry
- OPENSHIFT_CA_DATA="$(cat /etc/origin/master/ca.crt)"
- OPENSHIFT_CERT_DATA="$(cat /etc/origin/master/openshift-registry.crt)"
- OPENSHIFT_KEY_DATA="$(cat /etc/origin/master/openshift-registry.key)"
- --config={{ mktemp.stdout }}/admin.kubeconfig
- -n default
- when: l_docker_registry_dc.rc == 0 and 'OPENSHIFT_CA_DATA' in docker_registry_env_vars and 'OPENSHIFT_CERT_DATA' in docker_registry_env_vars and 'OPENSHIFT_KEY_DATA' in docker_registry_env_vars
-
- # Replace dc/docker-registry certificate secret contents if set.
- - block:
- - name: Retrieve registry service IP
- oc_service:
- namespace: default
- name: docker-registry
- state: list
- register: docker_registry_service_ip
- changed_when: false
-
- - set_fact:
- docker_registry_route_hostname: "{{ 'docker-registry-default.' ~ (openshift.master.default_subdomain | default('router.default.svc.cluster.local', true)) }}"
- changed_when: false
-
- - name: Generate registry certificate
- command: >
- {{ openshift.common.client_binary }} adm ca create-server-cert
- --signer-cert={{ openshift.common.config_base }}/master/ca.crt
- --signer-key={{ openshift.common.config_base }}/master/ca.key
- --signer-serial={{ openshift.common.config_base }}/master/ca.serial.txt
- --config={{ mktemp.stdout }}/admin.kubeconfig
- --hostnames="{{ docker_registry_service_ip.results.clusterip }},docker-registry.default.svc,docker-registry.default.svc.cluster.local,{{ docker_registry_route_hostname }}"
- --cert={{ openshift.common.config_base }}/master/registry.crt
- --key={{ openshift.common.config_base }}/master/registry.key
- {% if openshift_version | oo_version_gte_3_5_or_1_5(openshift.common.deployment_type) | bool %}
- --expire-days={{ openshift_hosted_registry_cert_expire_days | default(730) }}
- {% endif %}
-
- - name: Update registry certificates secret
- oc_secret:
- kubeconfig: "{{ mktemp.stdout }}/admin.kubeconfig"
- name: registry-certificates
- namespace: default
- state: present
- files:
- - name: registry.crt
- path: "{{ openshift.common.config_base }}/master/registry.crt"
- - name: registry.key
- path: "{{ openshift.common.config_base }}/master/registry.key"
- run_once: true
- when: l_docker_registry_dc.rc == 0 and 'registry-certificates' in docker_registry_secrets and 'REGISTRY_HTTP_TLS_CERTIFICATE' in docker_registry_env_vars and 'REGISTRY_HTTP_TLS_KEY' in docker_registry_env_vars
-
- - name: Redeploy docker registry
- command: >
- {{ openshift.common.client_binary }} deploy dc/docker-registry
- --latest
- --config={{ mktemp.stdout }}/admin.kubeconfig
- -n default
-
- - name: Delete temp directory
- file:
- name: "{{ mktemp.stdout }}"
- state: absent
- changed_when: False
diff --git a/playbooks/common/openshift-cluster/redeploy-certificates/roles b/playbooks/common/openshift-cluster/redeploy-certificates/roles
deleted file mode 120000
index 4bdbcbad3..000000000
--- a/playbooks/common/openshift-cluster/redeploy-certificates/roles
+++ /dev/null
@@ -1 +0,0 @@
-../../../../roles \ No newline at end of file
diff --git a/playbooks/common/openshift-cluster/redeploy-certificates/router.yml b/playbooks/common/openshift-cluster/redeploy-certificates/router.yml
deleted file mode 100644
index 2116c745c..000000000
--- a/playbooks/common/openshift-cluster/redeploy-certificates/router.yml
+++ /dev/null
@@ -1,141 +0,0 @@
----
-- name: Update router certificates
- hosts: oo_first_master
- vars:
- roles:
- - lib_openshift
- tasks:
- - name: Create temp directory for kubeconfig
- command: mktemp -d /tmp/openshift-ansible-XXXXXX
- register: router_cert_redeploy_tempdir
- changed_when: false
-
- - name: Copy admin client config(s)
- command: >
- cp {{ openshift.common.config_base }}/master//admin.kubeconfig {{ router_cert_redeploy_tempdir.stdout }}/admin.kubeconfig
- changed_when: false
-
- - name: Determine if router exists
- command: >
- {{ openshift.common.client_binary }} get dc/router -o json
- --config={{ router_cert_redeploy_tempdir.stdout }}/admin.kubeconfig
- -n default
- register: l_router_dc
- failed_when: false
- changed_when: false
-
- - name: Determine if router service exists
- command: >
- {{ openshift.common.client_binary }} get svc/router -o json
- --config={{ router_cert_redeploy_tempdir.stdout }}/admin.kubeconfig
- -n default
- register: l_router_svc
- failed_when: false
- changed_when: false
-
- - name: Collect router environment variables and secrets
- set_fact:
- router_env_vars: "{{ ((l_router_dc.stdout | from_json)['spec']['template']['spec']['containers'][0]['env']
- | oo_collect('name'))
- | default([]) }}"
- router_secrets: "{{ ((l_router_dc.stdout | from_json)['spec']['template']['spec']['volumes']
- | oo_collect('secret')
- | oo_collect('secretName'))
- | default([]) }}"
- changed_when: false
- when: l_router_dc.rc == 0
-
- - name: Collect router service annotations
- set_fact:
- router_service_annotations: "{{ (l_router_svc.stdout | from_json)['metadata']['annotations'] if 'annotations' in (l_router_svc.stdout | from_json)['metadata'] else [] }}"
- when: l_router_svc.rc == 0
-
- - name: Update router environment variables
- shell: >
- {{ openshift.common.client_binary }} env dc/router
- OPENSHIFT_CA_DATA="$(cat /etc/origin/master/ca.crt)"
- OPENSHIFT_CERT_DATA="$(cat /etc/origin/master/openshift-router.crt)"
- OPENSHIFT_KEY_DATA="$(cat /etc/origin/master/openshift-router.key)"
- --config={{ router_cert_redeploy_tempdir.stdout }}/admin.kubeconfig
- -n default
- when:
- - l_router_dc.rc == 0
- - ('OPENSHIFT_CA_DATA' in router_env_vars)
- - ('OPENSHIFT_CERT_DATA' in router_env_vars)
- - ('OPENSHIFT_KEY_DATA' in router_env_vars)
-
- # When the router service contains service signer annotations we
- # will delete the existing certificate secret and allow OpenShift to
- # replace the secret.
- - block:
- - name: Delete existing router certificate secret
- oc_secret:
- kubeconfig: "{{ router_cert_redeploy_tempdir.stdout }}/admin.kubeconfig"
- name: router-certs
- namespace: default
- state: absent
- run_once: true
-
- - name: Remove router service annotations
- command: >
- {{ openshift.common.client_binary }} annotate service/router
- service.alpha.openshift.io/serving-cert-secret-name-
- service.alpha.openshift.io/serving-cert-signed-by-
- --config={{ router_cert_redeploy_tempdir.stdout }}/admin.kubeconfig
- -n default
-
- - name: Add serving-cert-secret annotation to router service
- command: >
- {{ openshift.common.client_binary }} annotate service/router
- service.alpha.openshift.io/serving-cert-secret-name=router-certs
- --config={{ router_cert_redeploy_tempdir.stdout }}/admin.kubeconfig
- -n default
- when:
- - l_router_dc.rc == 0
- - l_router_svc.rc == 0
- - ('router-certs' in router_secrets)
- - openshift_hosted_router_certificate is undefined
- - ('service.alpha.openshift.io/serving-cert-secret-name') in router_service_annotations
- - ('service.alpha.openshift.io/serving-cert-signed-by') in router_service_annotations
-
- # When there are no annotations on the router service we will allow
- # the openshift_hosted role to either create a new wildcard
- # certificate (since we deleted the original) or reapply a custom
- # openshift_hosted_router_certificate.
- - file:
- path: "{{ item }}"
- state: absent
- with_items:
- - /etc/origin/master/openshift-router.crt
- - /etc/origin/master/openshift-router.key
- when:
- - l_router_dc.rc == 0
- - l_router_svc.rc == 0
- - ('router-certs' in router_secrets)
- - ('service.alpha.openshift.io/serving-cert-secret-name') not in router_service_annotations
- - ('service.alpha.openshift.io/serving-cert-signed-by') not in router_service_annotations
-
- - include_role:
- name: openshift_hosted
- tasks_from: main
- vars:
- openshift_hosted_manage_registry: false
- when:
- - l_router_dc.rc == 0
- - l_router_svc.rc == 0
- - ('router-certs' in router_secrets)
- - ('service.alpha.openshift.io/serving-cert-secret-name') not in router_service_annotations
- - ('service.alpha.openshift.io/serving-cert-signed-by') not in router_service_annotations
-
- - name: Redeploy router
- command: >
- {{ openshift.common.client_binary }} deploy dc/router
- --latest
- --config={{ router_cert_redeploy_tempdir.stdout }}/admin.kubeconfig
- -n default
-
- - name: Delete temp directory
- file:
- name: "{{ router_cert_redeploy_tempdir.stdout }}"
- state: absent
- changed_when: False
diff --git a/playbooks/common/openshift-cluster/service_catalog.yml b/playbooks/common/openshift-cluster/service_catalog.yml
deleted file mode 100644
index bd964b2ce..000000000
--- a/playbooks/common/openshift-cluster/service_catalog.yml
+++ /dev/null
@@ -1,29 +0,0 @@
----
-- name: Service Catalog Install Checkpoint Start
- hosts: oo_all_hosts
- gather_facts: false
- tasks:
- - name: Set Service Catalog install 'In Progress'
- set_stats:
- data:
- installer_phase_servicecatalog: "In Progress"
- aggregate: false
-
-- name: Service Catalog
- hosts: oo_first_master
- roles:
- - openshift_service_catalog
- - ansible_service_broker
- - template_service_broker
- vars:
- first_master: "{{ groups.oo_first_master[0] }}"
-
-- name: Service Catalog Install Checkpoint End
- hosts: oo_all_hosts
- gather_facts: false
- tasks:
- - name: Set Service Catalog install 'Complete'
- set_stats:
- data:
- installer_phase_servicecatalog: "Complete"
- aggregate: false
diff --git a/playbooks/common/openshift-cluster/std_include.yml b/playbooks/common/openshift-cluster/std_include.yml
deleted file mode 100644
index 45b34c8bd..000000000
--- a/playbooks/common/openshift-cluster/std_include.yml
+++ /dev/null
@@ -1,46 +0,0 @@
----
-- name: Initialization Checkpoint Start
- hosts: oo_all_hosts
- gather_facts: false
- roles:
- - installer_checkpoint
- tasks:
- - name: Set install initialization 'In Progress'
- set_stats:
- data:
- installer_phase_initialize: "In Progress"
- aggregate: false
-
-- include: evaluate_groups.yml
- tags:
- - always
-
-- include: initialize_facts.yml
- tags:
- - always
-
-- include: sanity_checks.yml
- tags:
- - always
-
-- include: validate_hostnames.yml
- tags:
- - node
-
-- include: initialize_openshift_repos.yml
- tags:
- - always
-
-- include: initialize_openshift_version.yml
- tags:
- - always
-
-- name: Initialization Checkpoint End
- hosts: oo_all_hosts
- gather_facts: false
- tasks:
- - name: Set install initialization 'Complete'
- set_stats:
- data:
- installer_phase_initialize: "Complete"
- aggregate: false
diff --git a/playbooks/common/openshift-cluster/tasks/set_etcd_launch_facts.yml b/playbooks/common/openshift-cluster/tasks/set_etcd_launch_facts.yml
deleted file mode 100644
index eb118365a..000000000
--- a/playbooks/common/openshift-cluster/tasks/set_etcd_launch_facts.yml
+++ /dev/null
@@ -1,13 +0,0 @@
----
-- set_fact: k8s_type="etcd"
-
-- name: Generate etcd instance names(s)
- set_fact:
- scratch_name: "{{ openshift_cluster_id | default('default') }}-{{ k8s_type }}-{{ '%05x' | format(1048576 | random) }}"
- register: etcd_names_output
- with_sequence: count={{ num_etcd }}
-
-- set_fact:
- etcd_names: "{{ etcd_names_output.results | default([])
- | oo_collect('ansible_facts')
- | oo_collect('scratch_name') }}"
diff --git a/playbooks/common/openshift-cluster/tasks/set_master_launch_facts.yml b/playbooks/common/openshift-cluster/tasks/set_master_launch_facts.yml
deleted file mode 100644
index 783f70f50..000000000
--- a/playbooks/common/openshift-cluster/tasks/set_master_launch_facts.yml
+++ /dev/null
@@ -1,13 +0,0 @@
----
-- set_fact: k8s_type="master"
-
-- name: Generate master instance names(s)
- set_fact:
- scratch_name: "{{ openshift_cluster_id | default('default') }}-{{ k8s_type }}-{{ '%05x' | format(1048576 | random) }}"
- register: master_names_output
- with_sequence: count={{ num_masters }}
-
-- set_fact:
- master_names: "{{ master_names_output.results | default([])
- | oo_collect('ansible_facts')
- | oo_collect('scratch_name') }}"
diff --git a/playbooks/common/openshift-cluster/tasks/set_node_launch_facts.yml b/playbooks/common/openshift-cluster/tasks/set_node_launch_facts.yml
deleted file mode 100644
index c103e40a9..000000000
--- a/playbooks/common/openshift-cluster/tasks/set_node_launch_facts.yml
+++ /dev/null
@@ -1,15 +0,0 @@
----
-- set_fact: k8s_type=node
-- set_fact: sub_host_type="{{ type }}"
-- set_fact: number_nodes="{{ count }}"
-
-- name: Generate node instance names(s)
- set_fact:
- scratch_name: "{{ openshift_cluster_id | default('default') }}-{{ k8s_type }}-{{ sub_host_type }}-{{ '%05x' | format(1048576 | random) }}"
- register: node_names_output
- with_sequence: count={{ number_nodes }}
-
-- set_fact:
- node_names: "{{ node_names_output.results | default([])
- | oo_collect('ansible_facts')
- | oo_collect('scratch_name') }}"
diff --git a/playbooks/common/openshift-cluster/upgrades/cleanup_unused_images.yml b/playbooks/common/openshift-cluster/upgrades/cleanup_unused_images.yml
index 6e953be69..ed97d539c 100644
--- a/playbooks/common/openshift-cluster/upgrades/cleanup_unused_images.yml
+++ b/playbooks/common/openshift-cluster/upgrades/cleanup_unused_images.yml
@@ -1,22 +1 @@
---
-- name: Check Docker image count
- shell: "docker images -aq | wc -l"
- register: docker_image_count
- when: docker_upgrade_nuke_images is defined and docker_upgrade_nuke_images | bool
-
-- debug: var=docker_image_count.stdout
- when: docker_upgrade_nuke_images is defined and docker_upgrade_nuke_images | bool
-
-- name: Remove unused Docker images for Docker 1.10+ migration
- shell: "docker rmi `docker images -aq`"
- # Will fail on images still in use:
- failed_when: false
- when: docker_upgrade_nuke_images is defined and docker_upgrade_nuke_images | bool
-
-- name: Check Docker image count
- shell: "docker images -aq | wc -l"
- register: docker_image_count
- when: docker_upgrade_nuke_images is defined and docker_upgrade_nuke_images | bool
-
-- debug: var=docker_image_count.stdout
- when: docker_upgrade_nuke_images is defined and docker_upgrade_nuke_images | bool
diff --git a/playbooks/common/openshift-cluster/upgrades/disable_excluders.yml b/playbooks/common/openshift-cluster/upgrades/disable_excluders.yml
new file mode 100644
index 000000000..858912379
--- /dev/null
+++ b/playbooks/common/openshift-cluster/upgrades/disable_excluders.yml
@@ -0,0 +1,11 @@
+---
+- name: Disable excluders
+ hosts: "{{ l_upgrade_excluder_hosts }}"
+ gather_facts: no
+ roles:
+ - role: openshift_excluder
+ r_openshift_excluder_action: disable
+ r_openshift_excluder_verify_upgrade: true
+ r_openshift_excluder_upgrade_target: "{{ openshift_upgrade_target }}"
+ r_openshift_excluder_package_state: latest
+ r_openshift_excluder_docker_package_state: latest
diff --git a/playbooks/common/openshift-cluster/upgrades/disable_master_excluders.yml b/playbooks/common/openshift-cluster/upgrades/disable_master_excluders.yml
deleted file mode 100644
index 800621857..000000000
--- a/playbooks/common/openshift-cluster/upgrades/disable_master_excluders.yml
+++ /dev/null
@@ -1,12 +0,0 @@
----
-- name: Disable excluders
- hosts: oo_masters_to_config
- gather_facts: no
- roles:
- - role: openshift_excluder
- r_openshift_excluder_action: disable
- r_openshift_excluder_service_type: "{{ openshift.common.service_type }}"
- r_openshift_excluder_verify_upgrade: true
- r_openshift_excluder_upgrade_target: "{{ openshift_upgrade_target }}"
- r_openshift_excluder_package_state: latest
- r_openshift_excluder_docker_package_state: latest
diff --git a/playbooks/common/openshift-cluster/upgrades/disable_node_excluders.yml b/playbooks/common/openshift-cluster/upgrades/disable_node_excluders.yml
deleted file mode 100644
index a66301c0d..000000000
--- a/playbooks/common/openshift-cluster/upgrades/disable_node_excluders.yml
+++ /dev/null
@@ -1,12 +0,0 @@
----
-- name: Disable excluders
- hosts: oo_nodes_to_upgrade:!oo_masters_to_config
- gather_facts: no
- roles:
- - role: openshift_excluder
- r_openshift_excluder_action: disable
- r_openshift_excluder_service_type: "{{ openshift.common.service_type }}"
- r_openshift_excluder_verify_upgrade: true
- r_openshift_excluder_upgrade_target: "{{ openshift_upgrade_target }}"
- r_openshift_excluder_package_state: latest
- r_openshift_excluder_docker_package_state: latest
diff --git a/playbooks/common/openshift-cluster/upgrades/docker/docker_upgrade.yml b/playbooks/common/openshift-cluster/upgrades/docker/docker_upgrade.yml
index 98953f72e..42cd51bd9 100644
--- a/playbooks/common/openshift-cluster/upgrades/docker/docker_upgrade.yml
+++ b/playbooks/common/openshift-cluster/upgrades/docker/docker_upgrade.yml
@@ -1,11 +1,11 @@
---
-- include: ../../evaluate_groups.yml
+- import_playbook: ../../../../init/evaluate_groups.yml
vars:
# Do not allow adding hosts during upgrade.
g_new_master_hosts: []
g_new_node_hosts: []
-- include: ../initialize_nodes_to_upgrade.yml
+- import_playbook: ../initialize_nodes_to_upgrade.yml
- name: Check for appropriate Docker versions
hosts: oo_masters_to_config:oo_nodes_to_upgrade:oo_etcd_to_config
@@ -19,7 +19,9 @@
msg: Cannot upgrade Docker on Atomic operating systems.
when: openshift.common.is_atomic | bool
- - include: upgrade_check.yml
+ - include_role:
+ name: container_runtime
+ tasks_from: docker_upgrade_check.yml
when: docker_upgrade is not defined or docker_upgrade | bool
@@ -32,6 +34,7 @@
any_errors_fatal: true
roles:
+ - openshift_facts
- lib_openshift
tasks:
@@ -43,7 +46,7 @@
retries: 10
delay: 5
register: node_unschedulable
- until: node_unschedulable|succeeded
+ until: node_unschedulable is succeeded
when:
- l_docker_upgrade is defined
- l_docker_upgrade | bool
@@ -51,15 +54,15 @@
- name: Drain Node for Kubelet upgrade
command: >
- {{ openshift.common.admin_binary }} drain {{ openshift.node.nodename }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig --force --delete-local-data --ignore-daemonsets
+ {{ openshift.common.client_binary }} adm drain {{ openshift.node.nodename }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig --force --delete-local-data --ignore-daemonsets
delegate_to: "{{ groups.oo_first_master.0 }}"
when: l_docker_upgrade is defined and l_docker_upgrade | bool and inventory_hostname in groups.oo_nodes_to_upgrade
register: l_docker_upgrade_drain_result
- until: not l_docker_upgrade_drain_result | failed
+ until: not (l_docker_upgrade_drain_result is failed)
retries: 60
delay: 60
- - include: tasks/upgrade.yml
+ - include_tasks: tasks/upgrade.yml
when: l_docker_upgrade is defined and l_docker_upgrade | bool
- name: Set node schedulability
@@ -70,5 +73,5 @@
retries: 10
delay: 5
register: node_schedulable
- until: node_schedulable|succeeded
- when: node_unschedulable|changed
+ until: node_schedulable is succeeded
+ when: node_unschedulable is changed
diff --git a/playbooks/common/openshift-cluster/upgrades/docker/nuke_images.sh b/playbooks/common/openshift-cluster/upgrades/docker/nuke_images.sh
deleted file mode 100644
index 8635eab0d..000000000
--- a/playbooks/common/openshift-cluster/upgrades/docker/nuke_images.sh
+++ /dev/null
@@ -1,25 +0,0 @@
-#!/bin/bash
-
-# Stop any running containers
-running_container_ids=`docker ps -q`
-if test -n "$running_container_ids"
-then
- docker stop $running_container_ids
-fi
-
-# Delete all containers
-container_ids=`docker ps -a -q`
-if test -n "$container_ids"
-then
- docker rm -f -v $container_ids
-fi
-
-# Delete all images (forcefully)
-image_ids=`docker images -aq`
-if test -n "$image_ids"
-then
- # Some layers are deleted recursively and are no longer present
- # when docker goes to remove them:
- docker rmi -f `docker images -aq` || true
-fi
-
diff --git a/playbooks/common/openshift-cluster/upgrades/docker/tasks/restart.yml b/playbooks/common/openshift-cluster/upgrades/docker/tasks/restart.yml
index 83f16ac0d..385a141ea 100644
--- a/playbooks/common/openshift-cluster/upgrades/docker/tasks/restart.yml
+++ b/playbooks/common/openshift-cluster/upgrades/docker/tasks/restart.yml
@@ -2,22 +2,18 @@
- name: Restart docker
service: name=docker state=restarted
register: l_docker_restart_docker_in_upgrade_result
- until: not l_docker_restart_docker_in_upgrade_result | failed
+ until: not (l_docker_restart_docker_in_upgrade_result is failed)
retries: 3
delay: 30
-- name: Update docker facts
- openshift_facts:
- role: docker
-
- name: Restart containerized services
service: name={{ item }} state=started
with_items:
- etcd_container
- openvswitch
- - "{{ openshift.common.service_type }}-master-api"
- - "{{ openshift.common.service_type }}-master-controllers"
- - "{{ openshift.common.service_type }}-node"
+ - "{{ openshift_service_type }}-master-api"
+ - "{{ openshift_service_type }}-master-controllers"
+ - "{{ openshift_service_type }}-node"
failed_when: false
when: openshift.common.is_containerized | bool
diff --git a/playbooks/common/openshift-cluster/upgrades/docker/tasks/upgrade.yml b/playbooks/common/openshift-cluster/upgrades/docker/tasks/upgrade.yml
index 808cc562c..b5000d3a1 100644
--- a/playbooks/common/openshift-cluster/upgrades/docker/tasks/upgrade.yml
+++ b/playbooks/common/openshift-cluster/upgrades/docker/tasks/upgrade.yml
@@ -4,9 +4,9 @@
- name: Stop containerized services
service: name={{ item }} state=stopped
with_items:
- - "{{ openshift.common.service_type }}-master-api"
- - "{{ openshift.common.service_type }}-master-controllers"
- - "{{ openshift.common.service_type }}-node"
+ - "{{ openshift_service_type }}-master-api"
+ - "{{ openshift_service_type }}-master-controllers"
+ - "{{ openshift_service_type }}-node"
- etcd_container
- openvswitch
failed_when: false
@@ -35,12 +35,14 @@
name: docker
state: stopped
register: l_pb_docker_upgrade_stop_result
- until: not l_pb_docker_upgrade_stop_result | failed
+ until: not (l_pb_docker_upgrade_stop_result is failed)
retries: 3
delay: 30
- name: Upgrade Docker
package: name=docker{{ '-' + docker_version }} state=present
+ register: result
+ until: result is succeeded
-- include: restart.yml
+- include_tasks: restart.yml
when: not skip_docker_restart | default(False) | bool
diff --git a/playbooks/common/openshift-cluster/upgrades/docker/upgrade_check.yml b/playbooks/common/openshift-cluster/upgrades/docker/upgrade_check.yml
index 52345a9ba..ed97d539c 100644
--- a/playbooks/common/openshift-cluster/upgrades/docker/upgrade_check.yml
+++ b/playbooks/common/openshift-cluster/upgrades/docker/upgrade_check.yml
@@ -1,58 +1 @@
---
-
-# This snippet determines if a Docker upgrade is required by checking the inventory
-# variables, the available packages, and sets l_docker_upgrade to True if so.
-
-- set_fact:
- docker_upgrade: True
- when: docker_upgrade is not defined
-
-- name: Check if Docker is installed
- command: rpm -q docker
- args:
- warn: no
- register: pkg_check
- failed_when: pkg_check.rc > 1
- changed_when: no
-
-- name: Get current version of Docker
- command: "{{ repoquery_cmd }} --installed --qf '%{version}' docker"
- register: curr_docker_version
- retries: 4
- until: curr_docker_version | succeeded
- changed_when: false
-
-- name: Get latest available version of Docker
- command: >
- {{ repoquery_cmd }} --qf '%{version}' "docker"
- register: avail_docker_version
- retries: 4
- until: avail_docker_version | succeeded
- # Don't expect docker rpm to be available on hosts that don't already have it installed:
- when: pkg_check.rc == 0
- failed_when: false
- changed_when: false
-
-- fail:
- msg: This playbook requires access to Docker 1.12 or later
- # Disable the 1.12 requirement if the user set a specific Docker version
- when: docker_version is not defined and (docker_upgrade is not defined or docker_upgrade | bool == True) and (pkg_check.rc == 0 and (avail_docker_version.stdout == "" or avail_docker_version.stdout | version_compare('1.12','<')))
-
-# Default l_docker_upgrade to False, we'll set to True if an upgrade is required:
-- set_fact:
- l_docker_upgrade: False
-
-# Make sure a docker_version is set if none was requested:
-- set_fact:
- docker_version: "{{ avail_docker_version.stdout }}"
- when: pkg_check.rc == 0 and docker_version is not defined
-
-- name: Flag for Docker upgrade if necessary
- set_fact:
- l_docker_upgrade: True
- when: pkg_check.rc == 0 and curr_docker_version.stdout | version_compare(docker_version,'<')
-
-- name: Flag to delete all images prior to upgrade if crossing Docker 1.10 boundary
- set_fact:
- docker_upgrade_nuke_images: True
- when: l_docker_upgrade | bool and docker_upgrade_nuke_images is not defined and curr_docker_version.stdout | version_compare('1.10','<') and docker_version | version_compare('1.10','>=')
diff --git a/playbooks/common/openshift-cluster/upgrades/etcd/backup.yml b/playbooks/common/openshift-cluster/upgrades/etcd/backup.yml
deleted file mode 100644
index d086cad00..000000000
--- a/playbooks/common/openshift-cluster/upgrades/etcd/backup.yml
+++ /dev/null
@@ -1,29 +0,0 @@
----
-- name: Backup etcd
- hosts: oo_etcd_hosts_to_backup
- roles:
- - role: openshift_etcd_facts
- post_tasks:
- - include_role:
- name: etcd
- tasks_from: backup
- vars:
- r_etcd_common_backup_tag: "{{ etcd_backup_tag }}"
- r_etcd_common_etcd_runtime: "{{ openshift.common.etcd_runtime }}"
- r_etcd_common_embedded_etcd: "{{ groups.oo_etcd_to_config | default([]) | length == 0 }}"
- r_etcd_common_backup_sufix_name: "{{ lookup('pipe', 'date +%Y%m%d%H%M%S') }}"
-
-- name: Gate on etcd backup
- hosts: localhost
- connection: local
- become: no
- tasks:
- - set_fact:
- etcd_backup_completed: "{{ hostvars
- | oo_select_keys(groups.oo_etcd_hosts_to_backup)
- | oo_collect('inventory_hostname', {'r_etcd_common_backup_complete': true}) }}"
- - set_fact:
- etcd_backup_failed: "{{ groups.oo_etcd_hosts_to_backup | difference(etcd_backup_completed) | list }}"
- - fail:
- msg: "Upgrade cannot continue. The following hosts did not complete etcd backup: {{ etcd_backup_failed | join(',') }}"
- when: etcd_backup_failed | length > 0
diff --git a/playbooks/common/openshift-cluster/upgrades/etcd/filter_plugins b/playbooks/common/openshift-cluster/upgrades/etcd/filter_plugins
deleted file mode 120000
index 27ddaa18b..000000000
--- a/playbooks/common/openshift-cluster/upgrades/etcd/filter_plugins
+++ /dev/null
@@ -1 +0,0 @@
-../../../../../filter_plugins \ No newline at end of file
diff --git a/playbooks/common/openshift-cluster/upgrades/etcd/lookup_plugins b/playbooks/common/openshift-cluster/upgrades/etcd/lookup_plugins
deleted file mode 120000
index cf407f69b..000000000
--- a/playbooks/common/openshift-cluster/upgrades/etcd/lookup_plugins
+++ /dev/null
@@ -1 +0,0 @@
-../../../../../lookup_plugins \ No newline at end of file
diff --git a/playbooks/common/openshift-cluster/upgrades/etcd/main.yml b/playbooks/common/openshift-cluster/upgrades/etcd/main.yml
deleted file mode 100644
index 5b8ba3bb2..000000000
--- a/playbooks/common/openshift-cluster/upgrades/etcd/main.yml
+++ /dev/null
@@ -1,29 +0,0 @@
----
-# For 1.4/3.4 we want to upgrade everyone to etcd-3.0. etcd docs say to
-# upgrade from 2.0.x to 2.1.x to 2.2.x to 2.3.x to 3.0.x. While this is a tedius
-# task for RHEL and CENTOS it's simply not possible in Fedora unless you've
-# mirrored packages on your own because only the GA and latest versions are
-# available in the repos. So for Fedora we'll simply skip this, sorry.
-
-- name: Backup etcd before upgrading anything
- include: backup.yml
- vars:
- etcd_backup_tag: "pre-upgrade-"
- when: openshift_etcd_backup | default(true) | bool
-
-- name: Drop etcdctl profiles
- hosts: oo_etcd_hosts_to_upgrade
- tasks:
- - include_role:
- name: etcd
- tasks_from: drop_etcdctl
-
-- name: Perform etcd upgrade
- include: ./upgrade.yml
- when: openshift_etcd_upgrade | default(true) | bool
-
-- name: Backup etcd
- include: backup.yml
- vars:
- etcd_backup_tag: "post-3.0-"
- when: openshift_etcd_backup | default(true) | bool
diff --git a/playbooks/common/openshift-cluster/upgrades/etcd/roles b/playbooks/common/openshift-cluster/upgrades/etcd/roles
deleted file mode 120000
index 6bc1a7aef..000000000
--- a/playbooks/common/openshift-cluster/upgrades/etcd/roles
+++ /dev/null
@@ -1 +0,0 @@
-../../../../../roles \ No newline at end of file
diff --git a/playbooks/common/openshift-cluster/upgrades/etcd/upgrade.yml b/playbooks/common/openshift-cluster/upgrades/etcd/upgrade.yml
deleted file mode 100644
index d71c96cd7..000000000
--- a/playbooks/common/openshift-cluster/upgrades/etcd/upgrade.yml
+++ /dev/null
@@ -1,108 +0,0 @@
----
-- name: Determine etcd version
- hosts: oo_etcd_hosts_to_upgrade
- tasks:
- - block:
- - name: Record RPM based etcd version
- command: rpm -qa --qf '%{version}' etcd\*
- args:
- warn: no
- register: etcd_rpm_version
- failed_when: false
- # AUDIT:changed_when: `false` because we are only inspecting
- # state, not manipulating anything
- changed_when: false
- - debug:
- msg: "Etcd rpm version {{ etcd_rpm_version.stdout }} detected"
- when:
- - not openshift.common.is_containerized | bool
-
- - block:
- - name: Record containerized etcd version (docker)
- command: docker exec etcd_container rpm -qa --qf '%{version}' etcd\*
- register: etcd_container_version_docker
- failed_when: false
- # AUDIT:changed_when: `false` because we are only inspecting
- # state, not manipulating anything
- changed_when: false
- when:
- - not openshift.common.is_etcd_system_container | bool
-
- # Given a register variables is set even if the whwen condition
- # is false, we need to set etcd_container_version separately
- - set_fact:
- etcd_container_version: "{{ etcd_container_version_docker.stdout }}"
- when:
- - not openshift.common.is_etcd_system_container | bool
-
- - name: Record containerized etcd version (runc)
- command: runc exec etcd rpm -qa --qf '%{version}' etcd\*
- register: etcd_container_version_runc
- failed_when: false
- # AUDIT:changed_when: `false` because we are only inspecting
- # state, not manipulating anything
- changed_when: false
- when:
- - openshift.common.is_etcd_system_container | bool
-
- # Given a register variables is set even if the whwen condition
- # is false, we need to set etcd_container_version separately
- - set_fact:
- etcd_container_version: "{{ etcd_container_version_runc.stdout }}"
- when:
- - openshift.common.is_etcd_system_container | bool
-
- - debug:
- msg: "Etcd containerized version {{ etcd_container_version }} detected"
- when:
- - openshift.common.is_containerized | bool
-
-- include: upgrade_rpm_members.yml
- vars:
- etcd_upgrade_version: '2.1'
-
-- include: upgrade_rpm_members.yml
- vars:
- etcd_upgrade_version: '2.2'
-
-- include: upgrade_image_members.yml
- vars:
- etcd_upgrade_version: '2.2.5'
-
-- include: upgrade_rpm_members.yml
- vars:
- etcd_upgrade_version: '2.3'
-
-- include: upgrade_image_members.yml
- vars:
- etcd_upgrade_version: '2.3.7'
-
-- include: upgrade_rpm_members.yml
- vars:
- etcd_upgrade_version: '3.0'
-
-- include: upgrade_image_members.yml
- vars:
- etcd_upgrade_version: '3.0.15'
-
-- include: upgrade_rpm_members.yml
- vars:
- etcd_upgrade_version: '3.1'
-
-- include: upgrade_image_members.yml
- vars:
- etcd_upgrade_version: '3.1.3'
-
-- name: Upgrade fedora to latest
- hosts: oo_etcd_hosts_to_upgrade
- serial: 1
- tasks:
- - include_role:
- name: etcd
- tasks_from: upgrade_image
- vars:
- r_etcd_common_etcd_runtime: "host"
- etcd_peer: "{{ openshift.common.hostname }}"
- when:
- - ansible_distribution == 'Fedora'
- - not openshift.common.is_containerized | bool
diff --git a/playbooks/common/openshift-cluster/upgrades/etcd/upgrade_image_members.yml b/playbooks/common/openshift-cluster/upgrades/etcd/upgrade_image_members.yml
deleted file mode 100644
index e5e895775..000000000
--- a/playbooks/common/openshift-cluster/upgrades/etcd/upgrade_image_members.yml
+++ /dev/null
@@ -1,18 +0,0 @@
----
-# INPUT etcd_upgrade_version
-# INPUT etcd_container_version
-# INPUT openshift.common.is_containerized
-- name: Upgrade containerized hosts to {{ etcd_upgrade_version }}
- hosts: oo_etcd_hosts_to_upgrade
- serial: 1
- tasks:
- - include_role:
- name: etcd
- tasks_from: upgrade_image
- vars:
- r_etcd_upgrade_version: "{{ etcd_upgrade_version }}"
- r_etcd_common_etcd_runtime: "{{ openshift.common.etcd_runtime }}"
- etcd_peer: "{{ openshift.common.hostname }}"
- when:
- - etcd_container_version | default('99') | version_compare(etcd_upgrade_version,'<')
- - openshift.common.is_containerized | bool
diff --git a/playbooks/common/openshift-cluster/upgrades/etcd/upgrade_rpm_members.yml b/playbooks/common/openshift-cluster/upgrades/etcd/upgrade_rpm_members.yml
deleted file mode 100644
index a2a26bad4..000000000
--- a/playbooks/common/openshift-cluster/upgrades/etcd/upgrade_rpm_members.yml
+++ /dev/null
@@ -1,19 +0,0 @@
----
-# INPUT etcd_upgrade_version
-# INPUT etcd_rpm_version
-# INPUT openshift.common.is_containerized
-- name: Upgrade to {{ etcd_upgrade_version }}
- hosts: oo_etcd_hosts_to_upgrade
- serial: 1
- tasks:
- - include_role:
- name: etcd
- tasks_from: upgrade_rpm
- vars:
- r_etcd_upgrade_version: "{{ etcd_upgrade_version }}"
- r_etcd_common_etcd_runtime: "host"
- etcd_peer: "{{ openshift.common.hostname }}"
- when:
- - etcd_rpm_version.stdout | default('99') | version_compare(etcd_upgrade_version, '<')
- - ansible_distribution == 'RedHat'
- - not openshift.common.is_containerized | bool
diff --git a/playbooks/common/openshift-cluster/upgrades/filter_plugins b/playbooks/common/openshift-cluster/upgrades/filter_plugins
deleted file mode 120000
index b1213dedb..000000000
--- a/playbooks/common/openshift-cluster/upgrades/filter_plugins
+++ /dev/null
@@ -1 +0,0 @@
-../../../../filter_plugins \ No newline at end of file
diff --git a/playbooks/common/openshift-cluster/upgrades/init.yml b/playbooks/common/openshift-cluster/upgrades/init.yml
index 2826951e6..8ee83819e 100644
--- a/playbooks/common/openshift-cluster/upgrades/init.yml
+++ b/playbooks/common/openshift-cluster/upgrades/init.yml
@@ -1,15 +1,20 @@
---
-- include: ../evaluate_groups.yml
+- import_playbook: ../../../init/evaluate_groups.yml
vars:
# Do not allow adding hosts during upgrade.
g_new_master_hosts: []
g_new_node_hosts: []
-- include: ../initialize_facts.yml
+- import_playbook: ../../../init/facts.yml
- name: Ensure firewall is not switched during upgrade
- hosts: oo_all_hosts
+ hosts: "{{ l_upgrade_no_switch_firewall_hosts | default('oo_all_hosts') }}"
+ vars:
+ openshift_master_installed_version: "{{ hostvars[groups.oo_first_master.0].openshift.common.version }}"
tasks:
+ - name: set currently installed version
+ set_fact:
+ openshift_currently_installed_version: "{{ openshift_master_installed_version }}"
- name: Check if iptables is running
command: systemctl status iptables
changed_when: false
diff --git a/playbooks/common/openshift-cluster/upgrades/lookup_plugins b/playbooks/common/openshift-cluster/upgrades/lookup_plugins
deleted file mode 120000
index aff753026..000000000
--- a/playbooks/common/openshift-cluster/upgrades/lookup_plugins
+++ /dev/null
@@ -1 +0,0 @@
-../../../../lookup_plugins \ No newline at end of file
diff --git a/playbooks/common/openshift-cluster/upgrades/post_control_plane.yml b/playbooks/common/openshift-cluster/upgrades/post_control_plane.yml
index 122066955..1b57521df 100644
--- a/playbooks/common/openshift-cluster/upgrades/post_control_plane.yml
+++ b/playbooks/common/openshift-cluster/upgrades/post_control_plane.yml
@@ -14,8 +14,9 @@
pre_tasks:
- name: Load lib_openshift modules
- include_role:
+ import_role:
name: lib_openshift
+
- name: Collect all routers
oc_obj:
state: list
@@ -26,8 +27,8 @@
- set_fact:
haproxy_routers: "{{ all_routers.results.results[0]['items'] |
- oo_pods_match_component(openshift_deployment_type, 'haproxy-router') |
- oo_select_keys_from_list(['metadata']) }}"
+ lib_utils_oo_pods_match_component(openshift_deployment_type, 'haproxy-router') |
+ lib_utils_oo_select_keys_from_list(['metadata']) }}"
when:
- all_routers.results.returncode == 0
@@ -85,17 +86,19 @@
roles:
- openshift_manageiq
+ - role: openshift_project_request_template
+ when: openshift_project_request_template_manage
# Create the new templates shipped in 3.2, existing templates are left
# unmodified. This prevents the subsequent role definition for
# openshift_examples from failing when trying to replace templates that do
# not already exist. We could have potentially done a replace --force to
# create and update in one step.
- role: openshift_examples
- when: openshift_install_examples | default(true,true) | bool
+ when: openshift_install_examples | default(true) | bool
- openshift_hosted_templates
# Update the existing templates
- role: openshift_examples
- when: openshift_install_examples | default(true,true) | bool
+ when: openshift_install_examples | default(true) | bool
registry_url: "{{ openshift.master.registry_url }}"
openshift_examples_import_command: replace
- role: openshift_hosted_templates
@@ -111,13 +114,11 @@
roles:
- role: openshift_excluder
r_openshift_excluder_action: enable
- r_openshift_excluder_service_type: "{{ openshift.common.service_type }}"
post_tasks:
# Check if any masters are using pluginOrderOverride and warn if so, only for 1.3/3.3 and beyond:
- name: grep pluginOrderOverride
command: grep pluginOrderOverride {{ openshift.common.config_base }}/master/master-config.yaml
register: grep_plugin_order_override
- when: openshift.common.version_gte_3_3_or_1_3 | bool
changed_when: false
failed_when: false
@@ -125,7 +126,7 @@
debug:
msg: "WARNING pluginOrderOverride is being deprecated in master-config.yaml, please see https://docs.openshift.com/enterprise/latest/architecture/additional_concepts/admission_controllers.html for more information."
when:
- - not grep_plugin_order_override | skipped
+ - not (grep_plugin_order_override is skipped)
- grep_plugin_order_override.rc == 0
- name: Warn if shared-resource-viewer could not be updated
diff --git a/playbooks/common/openshift-cluster/upgrades/pre/config.yml b/playbooks/common/openshift-cluster/upgrades/pre/config.yml
new file mode 100644
index 000000000..de74c8ab8
--- /dev/null
+++ b/playbooks/common/openshift-cluster/upgrades/pre/config.yml
@@ -0,0 +1,77 @@
+---
+
+# Pre-upgrade
+- import_playbook: ../initialize_nodes_to_upgrade.yml
+
+- import_playbook: verify_cluster.yml
+
+- name: Update repos on upgrade hosts
+ hosts: "{{ l_upgrade_repo_hosts }}"
+ roles:
+ - openshift_repos
+
+- name: Set openshift_no_proxy_internal_hostnames
+ hosts: "{{ l_upgrade_no_proxy_hosts }}"
+ tasks:
+ - set_fact:
+ openshift_no_proxy_internal_hostnames: "{{ hostvars | lib_utils_oo_select_keys(groups['oo_nodes_to_config']
+ | union(groups['oo_masters_to_config'])
+ | union(groups['oo_etcd_to_config'] | default([])))
+ | lib_utils_oo_collect('openshift.common.hostname') | default([]) | join (',')
+ }}"
+ when:
+ - openshift_http_proxy is defined or openshift_https_proxy is defined
+ - openshift_generate_no_proxy_hosts | default(True) | bool
+
+- name: OpenShift Health Checks
+ hosts: "{{ l_upgrade_health_check_hosts }}"
+ any_errors_fatal: true
+ roles:
+ - openshift_health_checker
+ vars:
+ - r_openshift_health_checker_playbook_context: upgrade
+ post_tasks:
+ - name: Run health checks (upgrade)
+ action: openshift_health_check
+ args:
+ checks:
+ - disk_availability
+ - memory_availability
+ - docker_image_availability
+
+- import_playbook: ../disable_excluders.yml
+
+- import_playbook: ../../../../init/version.yml
+ vars:
+ # Request specific openshift_release and let the openshift_version role handle converting this
+ # to a more specific version, respecting openshift_image_tag and openshift_pkg_version if
+ # defined, and overriding the normal behavior of protecting the installed version
+ openshift_release: "{{ openshift_upgrade_target }}"
+ openshift_protect_installed_version: False
+
+# If we're only upgrading nodes, we need to ensure masters are already upgraded
+- name: Verify masters are already upgraded
+ hosts: oo_masters_to_config
+ tasks:
+ - fail: msg="Master running {{ openshift.common.version }} must be upgraded to {{ openshift_version }} before node upgrade can be run."
+ when:
+ - l_upgrade_nodes_only | default(False) | bool
+ - openshift.common.version != openshift_version
+
+# If we're only upgrading nodes, skip this.
+- import_playbook: ../../../../openshift-master/private/validate_restart.yml
+ when: not (l_upgrade_nodes_only | default(False)) | bool
+
+- name: Verify upgrade targets
+ hosts: "{{ l_upgrade_verify_targets_hosts }}"
+ roles:
+ - role: openshift_facts
+ tasks:
+ - include_tasks: verify_upgrade_targets.yml
+
+- name: Verify docker upgrade targets
+ hosts: "{{ l_upgrade_docker_target_hosts }}"
+ tasks:
+ - include_role:
+ name: container_runtime
+ tasks_from: docker_upgrade_check.yml
diff --git a/playbooks/common/openshift-cluster/upgrades/pre/gate_checks.yml b/playbooks/common/openshift-cluster/upgrades/pre/gate_checks.yml
deleted file mode 100644
index 8ecae4539..000000000
--- a/playbooks/common/openshift-cluster/upgrades/pre/gate_checks.yml
+++ /dev/null
@@ -1,6 +0,0 @@
----
-- name: Flag pre-upgrade checks complete for hosts without errors
- hosts: oo_masters_to_config:oo_nodes_to_upgrade:oo_etcd_to_config
- tasks:
- - set_fact:
- pre_upgrade_complete: True
diff --git a/playbooks/common/openshift-cluster/upgrades/pre/tasks/verify_docker_upgrade_targets.yml b/playbooks/common/openshift-cluster/upgrades/pre/tasks/verify_docker_upgrade_targets.yml
deleted file mode 100644
index 6d8503879..000000000
--- a/playbooks/common/openshift-cluster/upgrades/pre/tasks/verify_docker_upgrade_targets.yml
+++ /dev/null
@@ -1,22 +0,0 @@
----
-# Only check if docker upgrade is required if docker_upgrade is not
-# already set to False.
-- include: ../../docker/upgrade_check.yml
- when:
- - docker_upgrade is not defined or (docker_upgrade | bool)
- - not (openshift.common.is_atomic | bool)
-
-# Additional checks for Atomic hosts:
-
-- name: Determine available Docker
- shell: "rpm -q --queryformat '---\ncurr_version: %{VERSION}\navail_version: \n' docker"
- register: g_atomic_docker_version_result
- when: openshift.common.is_atomic | bool
-
-- set_fact:
- l_docker_version: "{{ g_atomic_docker_version_result.stdout | from_yaml }}"
- when: openshift.common.is_atomic | bool
-
-- fail:
- msg: This playbook requires access to Docker 1.12 or later
- when: openshift.common.is_atomic | bool and l_docker_version.avail_version | default(l_docker_version.curr_version, true) | version_compare('1.12','<')
diff --git a/playbooks/common/openshift-cluster/upgrades/pre/verify_cluster.yml b/playbooks/common/openshift-cluster/upgrades/pre/verify_cluster.yml
new file mode 100644
index 000000000..3fc18c9b7
--- /dev/null
+++ b/playbooks/common/openshift-cluster/upgrades/pre/verify_cluster.yml
@@ -0,0 +1,99 @@
+---
+# Verify a few items before we proceed with upgrade process.
+
+- name: Verify upgrade can proceed on first master
+ hosts: oo_first_master
+ gather_facts: no
+ tasks:
+ - fail:
+ msg: >
+ This upgrade is only supported for origin and openshift-enterprise
+ deployment types
+ when: deployment_type not in ['origin','openshift-enterprise']
+
+ # Error out in situations where the user has older versions specified in their
+ # inventory in any of the openshift_release, openshift_image_tag, and
+ # openshift_pkg_version variables. These must be removed or updated to proceed
+ # with upgrade.
+ # TODO: Should we block if you're *over* the next major release version as well?
+ - fail:
+ msg: >
+ openshift_pkg_version is {{ openshift_pkg_version }} which is not a
+ valid version for a {{ openshift_upgrade_target }} upgrade
+ when:
+ - openshift_pkg_version is defined
+ - openshift_pkg_version.split('-',1).1 is version_compare(openshift_upgrade_target ,'<')
+
+ - fail:
+ msg: >
+ openshift_image_tag is {{ openshift_image_tag }} which is not a
+ valid version for a {{ openshift_upgrade_target }} upgrade
+ when:
+ - openshift_image_tag is defined
+ - openshift_image_tag.split('v',1).1 is version_compare(openshift_upgrade_target ,'<')
+
+ - set_fact:
+ openshift_release: "{{ openshift_release[1:] }}"
+ when: openshift_release is defined and openshift_release[0] == 'v'
+
+ - fail:
+ msg: >
+ openshift_release is {{ openshift_release }} which is not a
+ valid release for a {{ openshift_upgrade_target }} upgrade
+ when:
+ - openshift_release is defined
+ - not (openshift_release is version_compare(openshift_upgrade_target ,'='))
+
+- name: Verify master processes
+ hosts: oo_masters_to_config
+ roles:
+ - lib_utils
+ - openshift_facts
+ tasks:
+ - name: Read master storage backend setting
+ yedit:
+ state: list
+ src: /etc/origin/master/master-config.yaml
+ key: kubernetesMasterConfig.apiServerArguments.storage-backend
+ register: _storage_backend
+
+ - fail:
+ msg: "Storage backend in /etc/origin/master/master-config.yaml must be set to 'etcd3' before the upgrade can continue"
+ when:
+ # assuming the master-config.yml is properly configured, i.e. the value is a list
+ - _storage_backend.result | default([], true) | length == 0 or _storage_backend.result[0] != "etcd3"
+
+ - debug:
+ msg: "Storage backend is set to etcd3"
+
+ - openshift_facts:
+ role: master
+ local_facts:
+ ha: "{{ groups.oo_masters_to_config | length > 1 }}"
+
+ - when: openshift.common.is_containerized | bool
+ block:
+ - set_fact:
+ master_services:
+ - "{{ openshift_service_type }}-master"
+
+ # In case of the non-ha to ha upgrade.
+ - name: Check if the {{ openshift_service_type }}-master-api.service exists
+ command: >
+ systemctl list-units {{ openshift_service_type }}-master-api.service --no-legend
+ register: master_api_service_status
+
+ - set_fact:
+ master_services:
+ - "{{ openshift_service_type }}-master-api"
+ - "{{ openshift_service_type }}-master-controllers"
+ when:
+ - master_api_service_status.stdout_lines | length > 0
+ - (openshift_service_type + '-master-api.service') in master_api_service_status.stdout_lines[0]
+
+ - name: Ensure Master is running
+ service:
+ name: "{{ item }}"
+ state: started
+ enabled: yes
+ with_items: "{{ master_services }}"
diff --git a/playbooks/common/openshift-cluster/upgrades/pre/verify_control_plane_running.yml b/playbooks/common/openshift-cluster/upgrades/pre/verify_control_plane_running.yml
deleted file mode 100644
index 6a5bc24f7..000000000
--- a/playbooks/common/openshift-cluster/upgrades/pre/verify_control_plane_running.yml
+++ /dev/null
@@ -1,37 +0,0 @@
----
-- name: Verify master processes
- hosts: oo_masters_to_config
- roles:
- - openshift_facts
- tasks:
- - openshift_facts:
- role: master
- local_facts:
- ha: "{{ groups.oo_masters_to_config | length > 1 }}"
-
- - when: openshift.common.is_containerized | bool
- block:
- - set_fact:
- master_services:
- - "{{ openshift.common.service_type }}-master"
-
- # In case of the non-ha to ha upgrade.
- - name: Check if the {{ openshift.common.service_type }}-master-api.service exists
- command: >
- systemctl list-units {{ openshift.common.service_type }}-master-api.service --no-legend
- register: master_api_service_status
-
- - set_fact:
- master_services:
- - "{{ openshift.common.service_type }}-master-api"
- - "{{ openshift.common.service_type }}-master-controllers"
- when:
- - master_api_service_status.stdout_lines | length > 0
- - (openshift.common.service_type + '-master-api.service') in master_api_service_status.stdout_lines[0]
-
- - name: Ensure Master is running
- service:
- name: "{{ item }}"
- state: started
- enabled: yes
- with_items: "{{ master_services }}"
diff --git a/playbooks/common/openshift-cluster/upgrades/pre/verify_etcd3_backend.yml b/playbooks/common/openshift-cluster/upgrades/pre/verify_etcd3_backend.yml
deleted file mode 100644
index f75ae3b15..000000000
--- a/playbooks/common/openshift-cluster/upgrades/pre/verify_etcd3_backend.yml
+++ /dev/null
@@ -1,22 +0,0 @@
----
-- name: Verify all masters has etcd3 storage backend set
- hosts: oo_masters_to_config
- gather_facts: no
- roles:
- - lib_utils
- tasks:
- - name: Read master storage backend setting
- yedit:
- state: list
- src: /etc/origin/master/master-config.yaml
- key: kubernetesMasterConfig.apiServerArguments.storage-backend
- register: _storage_backend
-
- - fail:
- msg: "Storage backend in /etc/origin/master/master-config.yaml must be set to 'etcd3' before the upgrade can continue"
- when:
- # assuming the master-config.yml is properly configured, i.e. the value is a list
- - _storage_backend.result | default([], true) | length == 0 or _storage_backend.result[0] != "etcd3"
-
- - debug:
- msg: "Storage backend is set to etcd3"
diff --git a/playbooks/common/openshift-cluster/upgrades/pre/verify_health_checks.yml b/playbooks/common/openshift-cluster/upgrades/pre/verify_health_checks.yml
deleted file mode 100644
index 2a8de50a2..000000000
--- a/playbooks/common/openshift-cluster/upgrades/pre/verify_health_checks.yml
+++ /dev/null
@@ -1,16 +0,0 @@
----
-- name: OpenShift Health Checks
- hosts: oo_all_hosts
- any_errors_fatal: true
- roles:
- - openshift_health_checker
- vars:
- - r_openshift_health_checker_playbook_context: upgrade
- post_tasks:
- - name: Run health checks (upgrade)
- action: openshift_health_check
- args:
- checks:
- - disk_availability
- - memory_availability
- - docker_image_availability
diff --git a/playbooks/common/openshift-cluster/upgrades/pre/verify_inventory_vars.yml b/playbooks/common/openshift-cluster/upgrades/pre/verify_inventory_vars.yml
deleted file mode 100644
index 3c0017891..000000000
--- a/playbooks/common/openshift-cluster/upgrades/pre/verify_inventory_vars.yml
+++ /dev/null
@@ -1,37 +0,0 @@
----
-- name: Verify upgrade can proceed on first master
- hosts: oo_first_master
- gather_facts: no
- tasks:
- - fail:
- msg: >
- This upgrade is only supported for origin and openshift-enterprise
- deployment types
- when: deployment_type not in ['origin','openshift-enterprise']
-
- # Error out in situations where the user has older versions specified in their
- # inventory in any of the openshift_release, openshift_image_tag, and
- # openshift_pkg_version variables. These must be removed or updated to proceed
- # with upgrade.
- # TODO: Should we block if you're *over* the next major release version as well?
- - fail:
- msg: >
- openshift_pkg_version is {{ openshift_pkg_version }} which is not a
- valid version for a {{ openshift_upgrade_target }} upgrade
- when: openshift_pkg_version is defined and openshift_pkg_version.split('-',1).1 | version_compare(openshift_upgrade_target ,'<')
-
- - fail:
- msg: >
- openshift_image_tag is {{ openshift_image_tag }} which is not a
- valid version for a {{ openshift_upgrade_target }} upgrade
- when: openshift_image_tag is defined and openshift_image_tag.split('v',1).1 | version_compare(openshift_upgrade_target ,'<')
-
- - set_fact:
- openshift_release: "{{ openshift_release[1:] }}"
- when: openshift_release is defined and openshift_release[0] == 'v'
-
- - fail:
- msg: >
- openshift_release is {{ openshift_release }} which is not a
- valid release for a {{ openshift_upgrade_target }} upgrade
- when: openshift_release is defined and not openshift_release | version_compare(openshift_upgrade_target ,'=')
diff --git a/playbooks/common/openshift-cluster/upgrades/pre/verify_upgrade_targets.yml b/playbooks/common/openshift-cluster/upgrades/pre/verify_upgrade_targets.yml
index 13fa37b09..065a9a8ab 100644
--- a/playbooks/common/openshift-cluster/upgrades/pre/verify_upgrade_targets.yml
+++ b/playbooks/common/openshift-cluster/upgrades/pre/verify_upgrade_targets.yml
@@ -6,13 +6,13 @@
- name: Update oreg_auth docker login credentials if necessary
include_role:
- name: docker
+ name: container_runtime
tasks_from: registry_auth.yml
when: oreg_auth_user is defined
- name: Verify containers are available for upgrade
command: >
- docker pull {{ openshift.common.cli_image }}:{{ openshift_image_tag }}
+ docker pull {{ openshift_cli_image }}:{{ openshift_image_tag }}
register: pull_result
changed_when: "'Downloaded newer image' in pull_result.stdout"
when: openshift.common.is_containerized | bool
@@ -21,7 +21,7 @@
block:
- name: Check latest available OpenShift RPM version
repoquery:
- name: "{{ openshift.common.service_type }}"
+ name: "{{ openshift_service_type }}"
ignore_excluders: true
register: repoquery_out
@@ -43,11 +43,11 @@
fail:
msg: "OpenShift {{ avail_openshift_version }} is available, but {{ openshift_upgrade_target }} or greater is required"
when:
- - (openshift_pkg_version | default('-0.0', True)).split('-')[1] | version_compare(openshift_release, '<')
+ - (openshift_pkg_version | default('-0.0', True)).split('-')[1] is version_compare(openshift_release, '<')
- name: Fail when openshift version does not meet minium requirement for Origin upgrade
fail:
msg: "This upgrade playbook must be run against OpenShift {{ openshift_upgrade_min }} or later"
when:
- deployment_type == 'origin'
- - openshift.common.version | version_compare(openshift_upgrade_min,'<')
+ - openshift.common.version is version_compare(openshift_upgrade_min,'<')
diff --git a/playbooks/common/openshift-cluster/upgrades/rpm_upgrade.yml b/playbooks/common/openshift-cluster/upgrades/rpm_upgrade.yml
deleted file mode 100644
index 8cc46ab68..000000000
--- a/playbooks/common/openshift-cluster/upgrades/rpm_upgrade.yml
+++ /dev/null
@@ -1,38 +0,0 @@
----
-# When we update package "a-${version}" and a requires b >= ${version} if we
-# don't specify the version of b yum will choose the latest version of b
-# available and the whole set of dependencies end up at the latest version.
-# Since the package module, unlike the yum module, doesn't flatten a list
-# of packages into one transaction we need to do that explicitly. The ansible
-# core team tells us not to rely on yum module transaction flattening anyway.
-
-# TODO: If the sdn package isn't already installed this will install it, we
-# should fix that
-- name: Upgrade master packages
- package: name={{ master_pkgs | join(',') }} state=present
- vars:
- master_pkgs:
- - "{{ openshift.common.service_type }}{{ openshift_pkg_version }}"
- - "{{ openshift.common.service_type }}-master{{ openshift_pkg_version }}"
- - "{{ openshift.common.service_type }}-node{{ openshift_pkg_version }}"
- - "{{ openshift.common.service_type }}-sdn-ovs{{ openshift_pkg_version }}"
- - "{{ openshift.common.service_type }}-clients{{ openshift_pkg_version }}"
- - "tuned-profiles-{{ openshift.common.service_type }}-node{{ openshift_pkg_version }}"
- - PyYAML
- when:
- - component == "master"
- - not openshift.common.is_atomic | bool
-
-- name: Upgrade node packages
- package: name={{ node_pkgs | join(',') }} state=present
- vars:
- node_pkgs:
- - "{{ openshift.common.service_type }}{{ openshift_pkg_version }}"
- - "{{ openshift.common.service_type }}-node{{ openshift_pkg_version }}"
- - "{{ openshift.common.service_type }}-sdn-ovs{{ openshift_pkg_version }}"
- - "{{ openshift.common.service_type }}-clients{{ openshift_pkg_version }}"
- - "tuned-profiles-{{ openshift.common.service_type }}-node{{ openshift_pkg_version }}"
- - PyYAML
- when:
- - component == "node"
- - not openshift.common.is_atomic | bool
diff --git a/playbooks/common/openshift-cluster/upgrades/upgrade_control_plane.yml b/playbooks/common/openshift-cluster/upgrades/upgrade_control_plane.yml
index a5e2f7940..0ddccfa98 100644
--- a/playbooks/common/openshift-cluster/upgrades/upgrade_control_plane.yml
+++ b/playbooks/common/openshift-cluster/upgrades/upgrade_control_plane.yml
@@ -2,6 +2,21 @@
###############################################################################
# Upgrade Masters
###############################################################################
+- name: Backup and upgrade etcd
+ import_playbook: ../../../openshift-etcd/private/upgrade_main.yml
+
+# Create service signer cert when missing. Service signer certificate
+# is added to master config in the master_config_upgrade hook.
+- name: Determine if service signer cert must be created
+ hosts: oo_first_master
+ tasks:
+ - name: Determine if service signer certificate must be created
+ stat:
+ path: "{{ openshift.common.config_base }}/master/service-signer.crt"
+ register: service_signer_cert_stat
+ changed_when: false
+
+- import_playbook: create_service_signer_cert.yml
# oc adm migrate storage should be run prior to etcd v3 upgrade
# See: https://github.com/openshift/origin/pull/14625#issuecomment-308467060
@@ -19,35 +34,6 @@
- l_pb_upgrade_control_plane_pre_upgrade_storage.rc != 0
- openshift_upgrade_pre_storage_migration_fatal | default(true) | bool
-# If facts cache were for some reason deleted, this fact may not be set, and if not set
-# it will always default to true. This causes problems for the etcd data dir fact detection
-# so we must first make sure this is set correctly before attempting the backup.
-- name: Set master embedded_etcd fact
- hosts: oo_masters_to_config
- roles:
- - openshift_facts
- tasks:
- - openshift_facts:
- role: master
- local_facts:
- embedded_etcd: "{{ groups.oo_etcd_to_config | default([]) | length == 0 }}"
-
-- name: Upgrade and backup etcd
- include: ./etcd/main.yml
-
-# Create service signer cert when missing. Service signer certificate
-# is added to master config in the master_config_upgrade hook.
-- name: Determine if service signer cert must be created
- hosts: oo_first_master
- tasks:
- - name: Determine if service signer certificate must be created
- stat:
- path: "{{ openshift.common.config_base }}/master/service-signer.crt"
- register: service_signer_cert_stat
- changed_when: false
-
-- include: create_service_signer_cert.yml
-
# Set openshift_master_facts separately. In order to reconcile
# admission_config's, we currently must run openshift_master_facts and
# then run openshift_facts.
@@ -63,89 +49,39 @@
vars:
openshift_master_ha: "{{ groups.oo_masters_to_config | length > 1 }}"
serial: 1
- handlers:
- - include: ../../../../roles/openshift_master/handlers/main.yml
- static: yes
- roles:
- - openshift_facts
- - lib_utils
- post_tasks:
+ tasks:
+ - include_role:
+ name: openshift_facts
# Run the pre-upgrade hook if defined:
- debug: msg="Running master pre-upgrade hook {{ openshift_master_upgrade_pre_hook }}"
when: openshift_master_upgrade_pre_hook is defined
- - include: "{{ openshift_master_upgrade_pre_hook }}"
+ - include_tasks: "{{ openshift_master_upgrade_pre_hook }}"
when: openshift_master_upgrade_pre_hook is defined
- - include: rpm_upgrade.yml component=master
- when: not openshift.common.is_containerized | bool
-
- - include_vars: ../../../../roles/openshift_master_facts/vars/main.yml
-
- - include: upgrade_scheduler.yml
-
- - include: "{{ master_config_hook }}"
- when: master_config_hook is defined
-
- - include_vars: ../../../../roles/openshift_master/vars/main.yml
-
- - name: Update journald config
- include: ../../../../roles/openshift_master/tasks/journald.yml
-
- - name: Remove any legacy systemd units and update systemd units
- include: ../../../../roles/openshift_master/tasks/systemd_units.yml
-
- - name: Check for ca-bundle.crt
- stat:
- path: "{{ openshift.common.config_base }}/master/ca-bundle.crt"
- register: ca_bundle_stat
- failed_when: false
-
- - name: Check for ca.crt
- stat:
- path: "{{ openshift.common.config_base }}/master/ca.crt"
- register: ca_crt_stat
- failed_when: false
-
- - name: Migrate ca.crt to ca-bundle.crt
- command: mv ca.crt ca-bundle.crt
- args:
- chdir: "{{ openshift.common.config_base }}/master"
- when: ca_crt_stat.stat.isreg and not ca_bundle_stat.stat.exists
-
- - name: Link ca.crt to ca-bundle.crt
- file:
- src: "{{ openshift.common.config_base }}/master/ca-bundle.crt"
- path: "{{ openshift.common.config_base }}/master/ca.crt"
- state: link
- when: ca_crt_stat.stat.isreg and not ca_bundle_stat.stat.exists
-
- - name: Update oreg value
- yedit:
- src: "{{ openshift.common.config_base }}/master/master-config.yaml"
- key: 'imageConfig.format'
- value: "{{ oreg_url | default(oreg_url_master) }}"
- when: oreg_url is defined or oreg_url_master is defined
+ - include_role:
+ name: openshift_master
+ tasks_from: upgrade.yml
# Run the upgrade hook prior to restarting services/system if defined:
- debug: msg="Running master upgrade hook {{ openshift_master_upgrade_hook }}"
when: openshift_master_upgrade_hook is defined
- - include: "{{ openshift_master_upgrade_hook }}"
+ - include_tasks: "{{ openshift_master_upgrade_hook }}"
when: openshift_master_upgrade_hook is defined
- - include: ../../openshift-master/restart_hosts.yml
+ - include_tasks: ../../../openshift-master/private/tasks/restart_hosts.yml
when: openshift.common.rolling_restart_mode == 'system'
- - include: ../../openshift-master/restart_services.yml
+ - include_tasks: ../../../openshift-master/private/tasks/restart_services.yml
when: openshift.common.rolling_restart_mode == 'services'
# Run the post-upgrade hook if defined:
- debug: msg="Running master post-upgrade hook {{ openshift_master_upgrade_post_hook }}"
when: openshift_master_upgrade_post_hook is defined
- - include: "{{ openshift_master_upgrade_post_hook }}"
+ - include_tasks: "{{ openshift_master_upgrade_post_hook }}"
when: openshift_master_upgrade_post_hook is defined
- name: Post master upgrade - Upgrade clusterpolicies storage
@@ -153,7 +89,9 @@
{{ openshift.common.client_binary }} adm --config={{ openshift.common.config_base }}/master/admin.kubeconfig
migrate storage --include=clusterpolicies --confirm
register: l_pb_upgrade_control_plane_post_upgrade_storage
- when: openshift_upgrade_post_storage_migration_enabled | default(true) | bool
+ when:
+ - openshift_upgrade_post_storage_migration_enabled | default(true) | bool
+ - openshift_version is version_compare('3.7','<')
failed_when:
- openshift_upgrade_post_storage_migration_enabled | default(true) | bool
- l_pb_upgrade_control_plane_post_upgrade_storage.rc != 0
@@ -174,8 +112,8 @@
tasks:
- set_fact:
master_update_completed: "{{ hostvars
- | oo_select_keys(groups.oo_masters_to_config)
- | oo_collect('inventory_hostname', {'master_update_complete': true}) }}"
+ | lib_utils_oo_select_keys(groups.oo_masters_to_config)
+ | lib_utils_oo_collect('inventory_hostname', {'master_update_complete': true}) }}"
- set_fact:
master_update_failed: "{{ groups.oo_masters_to_config | difference(master_update_completed) | list }}"
- fail:
@@ -191,10 +129,6 @@
roles:
- { role: openshift_cli }
vars:
- openshift_docker_hosted_registry_network: "{{ hostvars[groups.oo_first_master.0].openshift.common.portal_net }}"
- # Another spot where we assume docker is running and do not want to accidentally trigger an unsafe
- # restart.
- skip_docker_role: True
__master_shared_resource_viewer_file: "shared_resource_viewer_role.yaml"
tasks:
- name: Reconcile Cluster Roles
@@ -202,7 +136,7 @@
{{ openshift.common.client_binary }} adm --config={{ openshift.common.config_base }}/master/admin.kubeconfig
policy reconcile-cluster-roles --additive-only=true --confirm -o name
register: reconcile_cluster_role_result
- when: openshift_version | version_compare('3.7','<')
+ when: openshift_version is version_compare('3.7','<')
changed_when:
- reconcile_cluster_role_result.stdout != ''
- reconcile_cluster_role_result.rc == 0
@@ -217,7 +151,7 @@
--exclude-groups=system:unauthenticated
--exclude-users=system:anonymous
--additive-only=true --confirm -o name
- when: openshift_version | version_compare('3.7','<')
+ when: openshift_version is version_compare('3.7','<')
register: reconcile_bindings_result
changed_when:
- reconcile_bindings_result.stdout != ''
@@ -233,10 +167,9 @@
- reconcile_jenkins_role_binding_result.stdout != ''
- reconcile_jenkins_role_binding_result.rc == 0
when:
- - openshift_version | version_compare('3.7','<')
- - openshift_version | version_compare('3.4','>=')
+ - openshift_version is version_compare('3.7','<')
- - when: openshift_upgrade_target | version_compare('3.7','<')
+ - when: openshift_upgrade_target is version_compare('3.7','<')
block:
- name: Retrieve shared-resource-viewer
oc_obj:
@@ -313,8 +246,8 @@
tasks:
- set_fact:
reconcile_completed: "{{ hostvars
- | oo_select_keys(groups.oo_masters_to_config)
- | oo_collect('inventory_hostname', {'reconcile_complete': true}) }}"
+ | lib_utils_oo_select_keys(groups.oo_masters_to_config)
+ | lib_utils_oo_collect('inventory_hostname', {'reconcile_complete': true}) }}"
- set_fact:
reconcile_failed: "{{ groups.oo_masters_to_config | difference(reconcile_completed) | list }}"
- fail:
@@ -328,7 +261,7 @@
roles:
- openshift_facts
tasks:
- - include: docker/tasks/upgrade.yml
+ - include_tasks: docker/tasks/upgrade.yml
when: l_docker_upgrade is defined and l_docker_upgrade | bool and not openshift.common.is_atomic | bool
- name: Drain and upgrade master nodes
@@ -340,7 +273,7 @@
pre_tasks:
- name: Load lib_openshift modules
- include_role:
+ import_role:
name: lib_openshift
# TODO: To better handle re-trying failed upgrades, it would be nice to check if the node
@@ -354,25 +287,25 @@
retries: 10
delay: 5
register: node_unschedulable
- until: node_unschedulable|succeeded
+ until: node_unschedulable is succeeded
- name: Drain Node for Kubelet upgrade
command: >
- {{ hostvars[groups.oo_first_master.0].openshift.common.admin_binary }} drain {{ openshift.node.nodename | lower }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig --force --delete-local-data --ignore-daemonsets
+ {{ hostvars[groups.oo_first_master.0].openshift.common.client_binary }} adm drain {{ openshift.node.nodename | lower }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig --force --delete-local-data --ignore-daemonsets
delegate_to: "{{ groups.oo_first_master.0 }}"
register: l_upgrade_control_plane_drain_result
- until: not l_upgrade_control_plane_drain_result | failed
+ until: not (l_upgrade_control_plane_drain_result is failed)
retries: 60
delay: 60
roles:
- - lib_openshift
- openshift_facts
- - docker
- - openshift_node_dnsmasq
- - openshift_node_upgrade
-
post_tasks:
+ - include_role:
+ name: openshift_node
+ tasks_from: upgrade.yml
+ vars:
+ openshift_node_upgrade_in_progress: True
- name: Set node schedulability
oc_adm_manage_node:
node: "{{ openshift.node.nodename | lower }}"
@@ -381,5 +314,5 @@
retries: 10
delay: 5
register: node_schedulable
- until: node_schedulable|succeeded
- when: node_unschedulable|changed
+ until: node_schedulable is succeeded
+ when: node_unschedulable is changed
diff --git a/playbooks/common/openshift-cluster/upgrades/upgrade_nodes.yml b/playbooks/common/openshift-cluster/upgrades/upgrade_nodes.yml
index c93a5d89c..956ad0d53 100644
--- a/playbooks/common/openshift-cluster/upgrades/upgrade_nodes.yml
+++ b/playbooks/common/openshift-cluster/upgrades/upgrade_nodes.yml
@@ -1,16 +1,25 @@
---
+- name: Prepull images and rpms before doing rolling restart
+ hosts: oo_nodes_to_upgrade:!oo_masters_to_config
+ roles:
+ - role: openshift_facts
+ tasks:
+ - include_role:
+ name: openshift_node
+ tasks_from: upgrade_pre.yml
+ vars:
+ openshift_node_upgrade_in_progress: True
+
- name: Drain and upgrade nodes
hosts: oo_nodes_to_upgrade:!oo_masters_to_config
# This var must be set with -e on invocation, as it is not a per-host inventory var
# and is evaluated early. Values such as "20%" can also be used.
serial: "{{ openshift_upgrade_nodes_serial | default(1) }}"
max_fail_percentage: "{{ openshift_upgrade_nodes_max_fail_percentage | default(0) }}"
-
+ roles:
+ - lib_openshift
+ - openshift_facts
pre_tasks:
- - name: Load lib_openshift modules
- include_role:
- name: lib_openshift
-
# TODO: To better handle re-trying failed upgrades, it would be nice to check if the node
# or docker actually needs an upgrade before proceeding. Perhaps best to save this until
# we merge upgrade functionality into the base roles and a normal config.yml playbook run.
@@ -22,28 +31,23 @@
retries: 10
delay: 5
register: node_unschedulable
- until: node_unschedulable|succeeded
+ until: node_unschedulable is succeeded
- name: Drain Node for Kubelet upgrade
command: >
- {{ hostvars[groups.oo_first_master.0].openshift.common.admin_binary }} drain {{ openshift.node.nodename | lower }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig --force --delete-local-data --ignore-daemonsets
+ {{ hostvars[groups.oo_first_master.0].openshift.common.client_binary }} adm drain {{ openshift.node.nodename | lower }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig --force --delete-local-data --ignore-daemonsets
delegate_to: "{{ groups.oo_first_master.0 }}"
register: l_upgrade_nodes_drain_result
- until: not l_upgrade_nodes_drain_result | failed
+ until: not (l_upgrade_nodes_drain_result is failed)
retries: 60
delay: 60
- roles:
- - lib_openshift
- - openshift_facts
- - docker
- - openshift_node_dnsmasq
- - openshift_node_upgrade
- - role: openshift_excluder
- r_openshift_excluder_action: enable
- r_openshift_excluder_service_type: "{{ openshift.common.service_type }}"
-
post_tasks:
+ - include_role:
+ name: openshift_node
+ tasks_from: upgrade.yml
+ vars:
+ openshift_node_upgrade_in_progress: True
- name: Set node schedulability
oc_adm_manage_node:
node: "{{ openshift.node.nodename | lower }}"
@@ -52,5 +56,13 @@
retries: 10
delay: 5
register: node_schedulable
- until: node_schedulable|succeeded
- when: node_unschedulable|changed
+ until: node_schedulable is succeeded
+ when: node_unschedulable is changed
+
+- name: Re-enable excluders
+ hosts: oo_nodes_to_upgrade:!oo_masters_to_config
+ tasks:
+ - include_role:
+ name: openshift_excluder
+ vars:
+ r_openshift_excluder_action: enable
diff --git a/playbooks/common/openshift-cluster/upgrades/upgrade_scale_group.yml b/playbooks/common/openshift-cluster/upgrades/upgrade_scale_group.yml
new file mode 100644
index 000000000..e8c0f361a
--- /dev/null
+++ b/playbooks/common/openshift-cluster/upgrades/upgrade_scale_group.yml
@@ -0,0 +1,66 @@
+---
+- name: create new scale group
+ hosts: localhost
+ tasks:
+ - name: build upgrade scale groups
+ include_role:
+ name: openshift_aws
+ tasks_from: upgrade_node_group.yml
+
+ - fail:
+ msg: "Ensure that new scale groups were provisioned before proceeding to update."
+ when:
+ - "'oo_sg_new_nodes' not in groups or groups.oo_sg_new_nodes|length == 0"
+ - "'oo_sg_current_nodes' not in groups or groups.oo_sg_current_nodes|length == 0"
+ - groups.oo_sg_current_nodes == groups.oo_sg_new_nodes
+
+- name: initialize upgrade bits
+ import_playbook: init.yml
+
+- name: unschedule nodes
+ hosts: oo_sg_current_nodes
+ tasks:
+ - name: Load lib_openshift modules
+ import_role:
+ name: ../roles/lib_openshift
+
+ - name: Mark node unschedulable
+ oc_adm_manage_node:
+ node: "{{ openshift.node.nodename | lower }}"
+ schedulable: False
+ delegate_to: "{{ groups.oo_first_master.0 }}"
+ retries: 10
+ delay: 5
+ register: node_unschedulable
+ until: node_unschedulable is succeeded
+
+- name: Drain nodes
+ hosts: oo_sg_current_nodes
+ # This var must be set with -e on invocation, as it is not a per-host inventory var
+ # and is evaluated early. Values such as "20%" can also be used.
+ serial: "{{ openshift_upgrade_nodes_serial | default(1) }}"
+ max_fail_percentage: "{{ openshift_upgrade_nodes_max_fail_percentage | default(0) }}"
+ tasks:
+ - name: Drain Node for Kubelet upgrade
+ command: >
+ {{ hostvars[groups.oo_first_master.0].openshift.common.client_binary }} adm drain {{ openshift.node.nodename | lower }}
+ --config={{ openshift.common.config_base }}/master/admin.kubeconfig
+ --force --delete-local-data --ignore-daemonsets
+ --timeout={{ openshift_upgrade_nodes_drain_timeout | default(0) }}s
+ delegate_to: "{{ groups.oo_first_master.0 }}"
+ register: l_upgrade_nodes_drain_result
+ until: not (l_upgrade_nodes_drain_result is failed)
+ retries: "{{ 1 if openshift_upgrade_nodes_drain_timeout | default(0) == '0' else 0 | int }}"
+ delay: 5
+ failed_when:
+ - l_upgrade_nodes_drain_result is failed
+ - openshift_upgrade_nodes_drain_timeout | default(0) == '0'
+
+# Alright, let's clean up!
+- name: clean up the old scale group
+ hosts: localhost
+ tasks:
+ - name: clean up scale group
+ include_role:
+ name: openshift_aws
+ tasks_from: remove_scale_group.yml
diff --git a/playbooks/common/openshift-cluster/upgrades/v3_3/master_config_upgrade.yml b/playbooks/common/openshift-cluster/upgrades/v3_3/master_config_upgrade.yml
deleted file mode 100644
index 5e7a66171..000000000
--- a/playbooks/common/openshift-cluster/upgrades/v3_3/master_config_upgrade.yml
+++ /dev/null
@@ -1,66 +0,0 @@
----
-- modify_yaml:
- dest: "{{ openshift.common.config_base}}/master/master-config.yaml"
- yaml_key: 'masterClients.externalKubernetesClientConnectionOverrides.acceptContentTypes'
- yaml_value: 'application/vnd.kubernetes.protobuf,application/json'
-
-- modify_yaml:
- dest: "{{ openshift.common.config_base}}/master/master-config.yaml"
- yaml_key: 'masterClients.externalKubernetesClientConnectionOverrides.contentType'
- yaml_value: 'application/vnd.kubernetes.protobuf'
-
-- modify_yaml:
- dest: "{{ openshift.common.config_base}}/master/master-config.yaml"
- yaml_key: 'masterClients.externalKubernetesClientConnectionOverrides.burst'
- yaml_value: 400
-
-- modify_yaml:
- dest: "{{ openshift.common.config_base}}/master/master-config.yaml"
- yaml_key: 'masterClients.externalKubernetesClientConnectionOverrides.qps'
- yaml_value: 200
-
-- modify_yaml:
- dest: "{{ openshift.common.config_base}}/master/master-config.yaml"
- yaml_key: 'masterClients.openshiftLoopbackClientConnectionOverrides.acceptContentTypes'
- yaml_value: 'application/vnd.kubernetes.protobuf,application/json'
-
-- modify_yaml:
- dest: "{{ openshift.common.config_base}}/master/master-config.yaml"
- yaml_key: 'masterClients.openshiftLoopbackClientConnectionOverrides.contentType'
- yaml_value: 'application/vnd.kubernetes.protobuf'
-
-- modify_yaml:
- dest: "{{ openshift.common.config_base}}/master/master-config.yaml"
- yaml_key: 'masterClients.openshiftLoopbackClientConnectionOverrides.burst'
- yaml_value: 600
-
-- modify_yaml:
- dest: "{{ openshift.common.config_base}}/master/master-config.yaml"
- yaml_key: 'masterClients.openshiftLoopbackClientConnectionOverrides.qps'
- yaml_value: 300
-
-- modify_yaml:
- dest: "{{ openshift.common.config_base}}/master/master-config.yaml"
- yaml_key: 'controllerConfig.serviceServingCert.signer.certFile'
- yaml_value: service-signer.crt
-
-- modify_yaml:
- dest: "{{ openshift.common.config_base}}/master/master-config.yaml"
- yaml_key: 'controllerConfig.serviceServingCert.signer.keyFile'
- yaml_value: service-signer.key
-
-- modify_yaml:
- dest: "{{ openshift.common.config_base}}/master/master-config.yaml"
- yaml_key: 'admissionConfig.pluginConfig'
- yaml_value: "{{ openshift.master.admission_plugin_config }}"
- when: "'admission_plugin_config' in openshift.master"
-
-- modify_yaml:
- dest: "{{ openshift.common.config_base}}/master/master-config.yaml"
- yaml_key: 'admissionConfig.pluginOrderOverride'
- yaml_value:
-
-- modify_yaml:
- dest: "{{ openshift.common.config_base}}/master/master-config.yaml"
- yaml_key: 'kubernetesMasterConfig.admissionConfig'
- yaml_value:
diff --git a/playbooks/common/openshift-cluster/upgrades/v3_3/node_config_upgrade.yml b/playbooks/common/openshift-cluster/upgrades/v3_3/node_config_upgrade.yml
deleted file mode 100644
index 89b524f14..000000000
--- a/playbooks/common/openshift-cluster/upgrades/v3_3/node_config_upgrade.yml
+++ /dev/null
@@ -1,20 +0,0 @@
----
-- modify_yaml:
- dest: "{{ openshift.common.config_base}}/node/node-config.yaml"
- yaml_key: 'masterClientConnectionOverrides.acceptContentTypes'
- yaml_value: 'application/vnd.kubernetes.protobuf,application/json'
-
-- modify_yaml:
- dest: "{{ openshift.common.config_base}}/node/node-config.yaml"
- yaml_key: 'masterClientConnectionOverrides.contentType'
- yaml_value: 'application/vnd.kubernetes.protobuf'
-
-- modify_yaml:
- dest: "{{ openshift.common.config_base}}/node/node-config.yaml"
- yaml_key: 'masterClientConnectionOverrides.burst'
- yaml_value: 40
-
-- modify_yaml:
- dest: "{{ openshift.common.config_base}}/node/node-config.yaml"
- yaml_key: 'masterClientConnectionOverrides.qps'
- yaml_value: 20
diff --git a/playbooks/common/openshift-cluster/upgrades/v3_3/roles b/playbooks/common/openshift-cluster/upgrades/v3_3/roles
deleted file mode 120000
index 6bc1a7aef..000000000
--- a/playbooks/common/openshift-cluster/upgrades/v3_3/roles
+++ /dev/null
@@ -1 +0,0 @@
-../../../../../roles \ No newline at end of file
diff --git a/playbooks/common/openshift-cluster/upgrades/v3_3/upgrade.yml b/playbooks/common/openshift-cluster/upgrades/v3_3/upgrade.yml
deleted file mode 100644
index a241ef039..000000000
--- a/playbooks/common/openshift-cluster/upgrades/v3_3/upgrade.yml
+++ /dev/null
@@ -1,118 +0,0 @@
----
-#
-# Full Control Plane + Nodes Upgrade
-#
-- include: ../init.yml
- tags:
- - pre_upgrade
-
-- name: Configure the upgrade target for the common upgrade tasks
- hosts: oo_all_hosts
- tags:
- - pre_upgrade
- tasks:
- - set_fact:
- openshift_upgrade_target: "{{ '1.3' if deployment_type == 'origin' else '3.3' }}"
- openshift_upgrade_min: "{{ '1.2' if deployment_type == 'origin' else '3.2' }}"
-
-# Pre-upgrade
-
-- include: ../initialize_nodes_to_upgrade.yml
- tags:
- - pre_upgrade
-
-- name: Update repos and initialize facts on all hosts
- hosts: oo_masters_to_config:oo_nodes_to_upgrade:oo_etcd_to_config:oo_lb_to_config
- tags:
- - pre_upgrade
- roles:
- - openshift_repos
-
-- name: Set openshift_no_proxy_internal_hostnames
- hosts: oo_masters_to_config:oo_nodes_to_upgrade
- tags:
- - pre_upgrade
- tasks:
- - set_fact:
- openshift_no_proxy_internal_hostnames: "{{ hostvars | oo_select_keys(groups['oo_nodes_to_config']
- | union(groups['oo_masters_to_config'])
- | union(groups['oo_etcd_to_config'] | default([])))
- | oo_collect('openshift.common.hostname') | default([]) | join (',')
- }}"
- when:
- - openshift_http_proxy is defined or openshift_https_proxy is defined
- - openshift_generate_no_proxy_hosts | default(True) | bool
-
-- include: ../pre/verify_inventory_vars.yml
- tags:
- - pre_upgrade
-
-- include: ../disable_master_excluders.yml
- tags:
- - pre_upgrade
-
-- include: ../disable_node_excluders.yml
- tags:
- - pre_upgrade
-
-- include: ../../initialize_openshift_version.yml
- tags:
- - pre_upgrade
- vars:
- # Request specific openshift_release and let the openshift_version role handle converting this
- # to a more specific version, respecting openshift_image_tag and openshift_pkg_version if
- # defined, and overriding the normal behavior of protecting the installed version
- openshift_release: "{{ openshift_upgrade_target }}"
- openshift_protect_installed_version: False
-
- # We skip the docker role at this point in upgrade to prevent
- # unintended package, container, or config upgrades which trigger
- # docker restarts. At this early stage of upgrade we can assume
- # docker is configured and running.
- skip_docker_role: True
-
-- include: ../pre/verify_control_plane_running.yml
- tags:
- - pre_upgrade
-
-- include: ../../../openshift-master/validate_restart.yml
- tags:
- - pre_upgrade
-
-- name: Verify upgrade targets
- hosts: oo_masters_to_config:oo_nodes_to_upgrade
- tasks:
- - include: ../pre/verify_upgrade_targets.yml
- tags:
- - pre_upgrade
-
-- name: Verify docker upgrade targets
- hosts: oo_masters_to_config:oo_nodes_to_upgrade:oo_etcd_to_config
- tasks:
- - include: ../pre/tasks/verify_docker_upgrade_targets.yml
- tags:
- - pre_upgrade
-
-- include: ../pre/gate_checks.yml
- tags:
- - pre_upgrade
-
-# Pre-upgrade completed, nothing after this should be tagged pre_upgrade.
-
-# Separate step so we can execute in parallel and clear out anything unused
-# before we get into the serialized upgrade process which will then remove
-# remaining images if possible.
-- name: Cleanup unused Docker images
- hosts: oo_masters_to_config:oo_nodes_to_upgrade:oo_etcd_to_config
- tasks:
- - include: ../cleanup_unused_images.yml
-
-- include: ../upgrade_control_plane.yml
- vars:
- master_config_hook: "v3_3/master_config_upgrade.yml"
-
-- include: ../upgrade_nodes.yml
- vars:
- node_config_hook: "v3_3/node_config_upgrade.yml"
-
-- include: ../post_control_plane.yml
diff --git a/playbooks/common/openshift-cluster/upgrades/v3_3/upgrade_control_plane.yml b/playbooks/common/openshift-cluster/upgrades/v3_3/upgrade_control_plane.yml
deleted file mode 100644
index 54c85f0fb..000000000
--- a/playbooks/common/openshift-cluster/upgrades/v3_3/upgrade_control_plane.yml
+++ /dev/null
@@ -1,118 +0,0 @@
----
-#
-# Control Plane Upgrade Playbook
-#
-# Upgrades masters and Docker (only on standalone etcd hosts)
-#
-# This upgrade does not include:
-# - node service running on masters
-# - docker running on masters
-# - node service running on dedicated nodes
-#
-# You can run the upgrade_nodes.yml playbook after this to upgrade these components separately.
-#
-- include: ../init.yml
- tags:
- - pre_upgrade
-
-- name: Configure the upgrade target for the common upgrade tasks
- hosts: oo_all_hosts
- tags:
- - pre_upgrade
- tasks:
- - set_fact:
- openshift_upgrade_target: "{{ '1.3' if deployment_type == 'origin' else '3.3' }}"
- openshift_upgrade_min: "{{ '1.2' if deployment_type == 'origin' else '3.2' }}"
-
-# Pre-upgrade
-- include: ../initialize_nodes_to_upgrade.yml
- tags:
- - pre_upgrade
-
-- name: Update repos on control plane hosts
- hosts: oo_masters_to_config:oo_etcd_to_config:oo_lb_to_config
- tags:
- - pre_upgrade
- roles:
- - openshift_repos
-
-- name: Set openshift_no_proxy_internal_hostnames
- hosts: oo_masters_to_config:oo_nodes_to_upgrade
- tags:
- - pre_upgrade
- tasks:
- - set_fact:
- openshift_no_proxy_internal_hostnames: "{{ hostvars | oo_select_keys(groups['oo_nodes_to_config']
- | union(groups['oo_masters_to_config'])
- | union(groups['oo_etcd_to_config'] | default([])))
- | oo_collect('openshift.common.hostname') | default([]) | join (',')
- }}"
- when:
- - openshift_http_proxy is defined or openshift_https_proxy is defined
- - openshift_generate_no_proxy_hosts | default(True) | bool
-
-- include: ../pre/verify_inventory_vars.yml
- tags:
- - pre_upgrade
-
-- include: ../disable_master_excluders.yml
- tags:
- - pre_upgrade
-
-- include: ../../initialize_openshift_version.yml
- tags:
- - pre_upgrade
- vars:
- # Request specific openshift_release and let the openshift_version role handle converting this
- # to a more specific version, respecting openshift_image_tag and openshift_pkg_version if
- # defined, and overriding the normal behavior of protecting the installed version
- openshift_release: "{{ openshift_upgrade_target }}"
- openshift_protect_installed_version: False
-
- # We skip the docker role at this point in upgrade to prevent
- # unintended package, container, or config upgrades which trigger
- # docker restarts. At this early stage of upgrade we can assume
- # docker is configured and running.
- skip_docker_role: True
-
-- include: ../pre/verify_control_plane_running.yml
- tags:
- - pre_upgrade
-
-- include: ../../../openshift-master/validate_restart.yml
- tags:
- - pre_upgrade
-
-- name: Verify upgrade targets
- hosts: oo_masters_to_config
- tasks:
- - include: ../pre/verify_upgrade_targets.yml
- tags:
- - pre_upgrade
-
-- name: Verify docker upgrade targets
- hosts: oo_masters_to_config:oo_etcd_to_config
- tasks:
- - include: ../pre/tasks/verify_docker_upgrade_targets.yml
- tags:
- - pre_upgrade
-
-- include: ../pre/gate_checks.yml
- tags:
- - pre_upgrade
-
-# Pre-upgrade completed, nothing after this should be tagged pre_upgrade.
-
-# Separate step so we can execute in parallel and clear out anything unused
-# before we get into the serialized upgrade process which will then remove
-# remaining images if possible.
-- name: Cleanup unused Docker images
- hosts: oo_masters_to_config:oo_etcd_to_config
- tasks:
- - include: ../cleanup_unused_images.yml
-
-- include: ../upgrade_control_plane.yml
- vars:
- master_config_hook: "v3_3/master_config_upgrade.yml"
-
-- include: ../post_control_plane.yml
diff --git a/playbooks/common/openshift-cluster/upgrades/v3_3/upgrade_nodes.yml b/playbooks/common/openshift-cluster/upgrades/v3_3/upgrade_nodes.yml
deleted file mode 100644
index cee4e9087..000000000
--- a/playbooks/common/openshift-cluster/upgrades/v3_3/upgrade_nodes.yml
+++ /dev/null
@@ -1,113 +0,0 @@
----
-#
-# Node Upgrade Playbook
-#
-# Upgrades nodes only, but requires the control plane to have already been upgraded.
-#
-- include: ../init.yml
- tags:
- - pre_upgrade
-
-- name: Configure the upgrade target for the common upgrade tasks
- hosts: oo_all_hosts
- tags:
- - pre_upgrade
- tasks:
- - set_fact:
- openshift_upgrade_target: "{{ '1.3' if deployment_type == 'origin' else '3.3' }}"
- openshift_upgrade_min: "{{ '1.2' if deployment_type == 'origin' else '3.2' }}"
-
-# Pre-upgrade
-- include: ../initialize_nodes_to_upgrade.yml
- tags:
- - pre_upgrade
-
-- name: Update repos on nodes
- hosts: oo_masters_to_config:oo_nodes_to_upgrade:oo_etcd_to_config:oo_lb_to_config
- roles:
- - openshift_repos
- tags:
- - pre_upgrade
-
-- name: Set openshift_no_proxy_internal_hostnames
- hosts: oo_masters_to_config:oo_nodes_to_upgrade
- tags:
- - pre_upgrade
- tasks:
- - set_fact:
- openshift_no_proxy_internal_hostnames: "{{ hostvars | oo_select_keys(groups['oo_nodes_to_upgrade']
- | union(groups['oo_masters_to_config'])
- | union(groups['oo_etcd_to_config'] | default([])))
- | oo_collect('openshift.common.hostname') | default([]) | join (',')
- }}"
- when:
- - openshift_http_proxy is defined or openshift_https_proxy is defined
- - openshift_generate_no_proxy_hosts | default(True) | bool
-
-- include: ../pre/verify_inventory_vars.yml
- tags:
- - pre_upgrade
-
-- include: ../disable_node_excluders.yml
- tags:
- - pre_upgrade
-
-- include: ../../initialize_openshift_version.yml
- tags:
- - pre_upgrade
- vars:
- # Request specific openshift_release and let the openshift_version role handle converting this
- # to a more specific version, respecting openshift_image_tag and openshift_pkg_version if
- # defined, and overriding the normal behavior of protecting the installed version
- openshift_release: "{{ openshift_upgrade_target }}"
- openshift_protect_installed_version: False
-
- # We skip the docker role at this point in upgrade to prevent
- # unintended package, container, or config upgrades which trigger
- # docker restarts. At this early stage of upgrade we can assume
- # docker is configured and running.
- skip_docker_role: True
-
-- name: Verify masters are already upgraded
- hosts: oo_masters_to_config
- tags:
- - pre_upgrade
- tasks:
- - fail: msg="Master running {{ openshift.common.version }} must be upgraded to {{ openshift_version }} before node upgrade can be run."
- when: openshift.common.version != openshift_version
-
-- include: ../pre/verify_control_plane_running.yml
- tags:
- - pre_upgrade
-
-- name: Verify upgrade targets
- hosts: oo_nodes_to_upgrade
- tasks:
- - include: ../pre/verify_upgrade_targets.yml
- tags:
- - pre_upgrade
-
-- name: Verify docker upgrade targets
- hosts: oo_nodes_to_upgrade
- tasks:
- - include: ../pre/tasks/verify_docker_upgrade_targets.yml
- tags:
- - pre_upgrade
-
-- include: ../pre/gate_checks.yml
- tags:
- - pre_upgrade
-
-# Pre-upgrade completed, nothing after this should be tagged pre_upgrade.
-
-# Separate step so we can execute in parallel and clear out anything unused
-# before we get into the serialized upgrade process which will then remove
-# remaining images if possible.
-- name: Cleanup unused Docker images
- hosts: oo_nodes_to_upgrade
- tasks:
- - include: ../cleanup_unused_images.yml
-
-- include: ../upgrade_nodes.yml
- vars:
- node_config_hook: "v3_3/node_config_upgrade.yml"
diff --git a/playbooks/common/openshift-cluster/upgrades/v3_4/master_config_upgrade.yml b/playbooks/common/openshift-cluster/upgrades/v3_4/master_config_upgrade.yml
deleted file mode 100644
index 52458e03c..000000000
--- a/playbooks/common/openshift-cluster/upgrades/v3_4/master_config_upgrade.yml
+++ /dev/null
@@ -1,10 +0,0 @@
----
-- modify_yaml:
- dest: "{{ openshift.common.config_base}}/master/master-config.yaml"
- yaml_key: 'controllerConfig.serviceServingCert.signer.certFile'
- yaml_value: service-signer.crt
-
-- modify_yaml:
- dest: "{{ openshift.common.config_base}}/master/master-config.yaml"
- yaml_key: 'controllerConfig.serviceServingCert.signer.keyFile'
- yaml_value: service-signer.key
diff --git a/playbooks/common/openshift-cluster/upgrades/v3_4/roles b/playbooks/common/openshift-cluster/upgrades/v3_4/roles
deleted file mode 120000
index 6bc1a7aef..000000000
--- a/playbooks/common/openshift-cluster/upgrades/v3_4/roles
+++ /dev/null
@@ -1 +0,0 @@
-../../../../../roles \ No newline at end of file
diff --git a/playbooks/common/openshift-cluster/upgrades/v3_4/upgrade.yml b/playbooks/common/openshift-cluster/upgrades/v3_4/upgrade.yml
deleted file mode 100644
index ae217ba2e..000000000
--- a/playbooks/common/openshift-cluster/upgrades/v3_4/upgrade.yml
+++ /dev/null
@@ -1,116 +0,0 @@
----
-#
-# Full Control Plane + Nodes Upgrade
-#
-- include: ../init.yml
- tags:
- - pre_upgrade
-
-- name: Configure the upgrade target for the common upgrade tasks
- hosts: oo_all_hosts
- tags:
- - pre_upgrade
- tasks:
- - set_fact:
- openshift_upgrade_target: "{{ '1.4' if deployment_type == 'origin' else '3.4' }}"
- openshift_upgrade_min: "{{ '1.3' if deployment_type == 'origin' else '3.3' }}"
-
-# Pre-upgrade
-
-- include: ../initialize_nodes_to_upgrade.yml
- tags:
- - pre_upgrade
-
-- name: Update repos and initialize facts on all hosts
- hosts: oo_masters_to_config:oo_nodes_to_upgrade:oo_etcd_to_config:oo_lb_to_config
- tags:
- - pre_upgrade
- roles:
- - openshift_repos
-
-- name: Set openshift_no_proxy_internal_hostnames
- hosts: oo_masters_to_config:oo_nodes_to_upgrade
- tags:
- - pre_upgrade
- tasks:
- - set_fact:
- openshift_no_proxy_internal_hostnames: "{{ hostvars | oo_select_keys(groups['oo_nodes_to_config']
- | union(groups['oo_masters_to_config'])
- | union(groups['oo_etcd_to_config'] | default([])))
- | oo_collect('openshift.common.hostname') | default([]) | join (',')
- }}"
- when:
- - openshift_http_proxy is defined or openshift_https_proxy is defined
- - openshift_generate_no_proxy_hosts | default(True) | bool
-
-- include: ../pre/verify_inventory_vars.yml
- tags:
- - pre_upgrade
-
-- include: ../disable_master_excluders.yml
- tags:
- - pre_upgrade
-
-- include: ../disable_node_excluders.yml
- tags:
- - pre_upgrade
-
-- include: ../../initialize_openshift_version.yml
- tags:
- - pre_upgrade
- vars:
- # Request specific openshift_release and let the openshift_version role handle converting this
- # to a more specific version, respecting openshift_image_tag and openshift_pkg_version if
- # defined, and overriding the normal behavior of protecting the installed version
- openshift_release: "{{ openshift_upgrade_target }}"
- openshift_protect_installed_version: False
-
- # We skip the docker role at this point in upgrade to prevent
- # unintended package, container, or config upgrades which trigger
- # docker restarts. At this early stage of upgrade we can assume
- # docker is configured and running.
- skip_docker_role: True
-
-- include: ../pre/verify_control_plane_running.yml
- tags:
- - pre_upgrade
-
-- include: ../../../openshift-master/validate_restart.yml
- tags:
- - pre_upgrade
-
-- name: Verify upgrade targets
- hosts: oo_masters_to_config:oo_nodes_to_upgrade
- tasks:
- - include: ../pre/verify_upgrade_targets.yml
- tags:
- - pre_upgrade
-
-- name: Verify docker upgrade targets
- hosts: oo_masters_to_config:oo_nodes_to_upgrade:oo_etcd_to_config
- tasks:
- - include: ../pre/tasks/verify_docker_upgrade_targets.yml
- tags:
- - pre_upgrade
-
-- include: ../pre/gate_checks.yml
- tags:
- - pre_upgrade
-
-# Pre-upgrade completed, nothing after this should be tagged pre_upgrade.
-
-# Separate step so we can execute in parallel and clear out anything unused
-# before we get into the serialized upgrade process which will then remove
-# remaining images if possible.
-- name: Cleanup unused Docker images
- hosts: oo_masters_to_config:oo_nodes_to_upgrade:oo_etcd_to_config
- tasks:
- - include: ../cleanup_unused_images.yml
-
-- include: ../upgrade_control_plane.yml
- vars:
- master_config_hook: "v3_4/master_config_upgrade.yml"
-
-- include: ../upgrade_nodes.yml
-
-- include: ../post_control_plane.yml
diff --git a/playbooks/common/openshift-cluster/upgrades/v3_4/upgrade_control_plane.yml b/playbooks/common/openshift-cluster/upgrades/v3_4/upgrade_control_plane.yml
deleted file mode 100644
index d7cb38d03..000000000
--- a/playbooks/common/openshift-cluster/upgrades/v3_4/upgrade_control_plane.yml
+++ /dev/null
@@ -1,118 +0,0 @@
----
-#
-# Control Plane Upgrade Playbook
-#
-# Upgrades masters and Docker (only on standalone etcd hosts)
-#
-# This upgrade does not include:
-# - node service running on masters
-# - docker running on masters
-# - node service running on dedicated nodes
-#
-# You can run the upgrade_nodes.yml playbook after this to upgrade these components separately.
-#
-- include: ../init.yml
- tags:
- - pre_upgrade
-
-- name: Configure the upgrade target for the common upgrade tasks
- hosts: oo_all_hosts
- tags:
- - pre_upgrade
- tasks:
- - set_fact:
- openshift_upgrade_target: "{{ '1.4' if deployment_type == 'origin' else '3.4' }}"
- openshift_upgrade_min: "{{ '1.3' if deployment_type == 'origin' else '3.3' }}"
-
-# Pre-upgrade
-- include: ../initialize_nodes_to_upgrade.yml
- tags:
- - pre_upgrade
-
-- name: Update repos on control plane hosts
- hosts: oo_masters_to_config:oo_etcd_to_config:oo_lb_to_config
- tags:
- - pre_upgrade
- roles:
- - openshift_repos
-
-- name: Set openshift_no_proxy_internal_hostnames
- hosts: oo_masters_to_config:oo_nodes_to_upgrade
- tags:
- - pre_upgrade
- tasks:
- - set_fact:
- openshift_no_proxy_internal_hostnames: "{{ hostvars | oo_select_keys(groups['oo_nodes_to_config']
- | union(groups['oo_masters_to_config'])
- | union(groups['oo_etcd_to_config'] | default([])))
- | oo_collect('openshift.common.hostname') | default([]) | join (',')
- }}"
- when:
- - openshift_http_proxy is defined or openshift_https_proxy is defined
- - openshift_generate_no_proxy_hosts | default(True) | bool
-
-- include: ../pre/verify_inventory_vars.yml
- tags:
- - pre_upgrade
-
-- include: ../disable_master_excluders.yml
- tags:
- - pre_upgrade
-
-- include: ../../initialize_openshift_version.yml
- tags:
- - pre_upgrade
- vars:
- # Request specific openshift_release and let the openshift_version role handle converting this
- # to a more specific version, respecting openshift_image_tag and openshift_pkg_version if
- # defined, and overriding the normal behavior of protecting the installed version
- openshift_release: "{{ openshift_upgrade_target }}"
- openshift_protect_installed_version: False
-
- # We skip the docker role at this point in upgrade to prevent
- # unintended package, container, or config upgrades which trigger
- # docker restarts. At this early stage of upgrade we can assume
- # docker is configured and running.
- skip_docker_role: True
-
-- include: ../pre/verify_control_plane_running.yml
- tags:
- - pre_upgrade
-
-- include: ../../../openshift-master/validate_restart.yml
- tags:
- - pre_upgrade
-
-- name: Verify upgrade targets
- hosts: oo_masters_to_config
- tasks:
- - include: ../pre/verify_upgrade_targets.yml
- tags:
- - pre_upgrade
-
-- name: Verify docker upgrade targets
- hosts: oo_masters_to_config:oo_etcd_to_config
- tasks:
- - include: ../pre/tasks/verify_docker_upgrade_targets.yml
- tags:
- - pre_upgrade
-
-- include: ../pre/gate_checks.yml
- tags:
- - pre_upgrade
-
-# Pre-upgrade completed, nothing after this should be tagged pre_upgrade.
-
-# Separate step so we can execute in parallel and clear out anything unused
-# before we get into the serialized upgrade process which will then remove
-# remaining images if possible.
-- name: Cleanup unused Docker images
- hosts: oo_masters_to_config:oo_etcd_to_config
- tasks:
- - include: ../cleanup_unused_images.yml
-
-- include: ../upgrade_control_plane.yml
- vars:
- master_config_hook: "v3_4/master_config_upgrade.yml"
-
-- include: ../post_control_plane.yml
diff --git a/playbooks/common/openshift-cluster/upgrades/v3_4/upgrade_nodes.yml b/playbooks/common/openshift-cluster/upgrades/v3_4/upgrade_nodes.yml
deleted file mode 100644
index 8531e6045..000000000
--- a/playbooks/common/openshift-cluster/upgrades/v3_4/upgrade_nodes.yml
+++ /dev/null
@@ -1,111 +0,0 @@
----
-#
-# Node Upgrade Playbook
-#
-# Upgrades nodes only, but requires the control plane to have already been upgraded.
-#
-- include: ../init.yml
- tags:
- - pre_upgrade
-
-- name: Configure the upgrade target for the common upgrade tasks
- hosts: oo_all_hosts
- tags:
- - pre_upgrade
- tasks:
- - set_fact:
- openshift_upgrade_target: "{{ '1.4' if deployment_type == 'origin' else '3.4' }}"
- openshift_upgrade_min: "{{ '1.3' if deployment_type == 'origin' else '3.3' }}"
-
-# Pre-upgrade
-- include: ../initialize_nodes_to_upgrade.yml
- tags:
- - pre_upgrade
-
-- name: Update repos on nodes
- hosts: oo_masters_to_config:oo_nodes_to_upgrade:oo_etcd_to_config:oo_lb_to_config
- roles:
- - openshift_repos
- tags:
- - pre_upgrade
-
-- name: Set openshift_no_proxy_internal_hostnames
- hosts: oo_masters_to_config:oo_nodes_to_upgrade
- tags:
- - pre_upgrade
- tasks:
- - set_fact:
- openshift_no_proxy_internal_hostnames: "{{ hostvars | oo_select_keys(groups['oo_nodes_to_upgrade']
- | union(groups['oo_masters_to_config'])
- | union(groups['oo_etcd_to_config'] | default([])))
- | oo_collect('openshift.common.hostname') | default([]) | join (',')
- }}"
- when:
- - openshift_http_proxy is defined or openshift_https_proxy is defined
- - openshift_generate_no_proxy_hosts | default(True) | bool
-
-- include: ../pre/verify_inventory_vars.yml
- tags:
- - pre_upgrade
-
-- include: ../disable_node_excluders.yml
- tags:
- - pre_upgrade
-
-- include: ../../initialize_openshift_version.yml
- tags:
- - pre_upgrade
- vars:
- # Request specific openshift_release and let the openshift_version role handle converting this
- # to a more specific version, respecting openshift_image_tag and openshift_pkg_version if
- # defined, and overriding the normal behavior of protecting the installed version
- openshift_release: "{{ openshift_upgrade_target }}"
- openshift_protect_installed_version: False
-
- # We skip the docker role at this point in upgrade to prevent
- # unintended package, container, or config upgrades which trigger
- # docker restarts. At this early stage of upgrade we can assume
- # docker is configured and running.
- skip_docker_role: True
-
-- name: Verify masters are already upgraded
- hosts: oo_masters_to_config
- tags:
- - pre_upgrade
- tasks:
- - fail: msg="Master running {{ openshift.common.version }} must be upgraded to {{ openshift_version }} before node upgrade can be run."
- when: openshift.common.version != openshift_version
-
-- include: ../pre/verify_control_plane_running.yml
- tags:
- - pre_upgrade
-
-- name: Verify upgrade targets
- hosts: oo_nodes_to_upgrade
- tasks:
- - include: ../pre/verify_upgrade_targets.yml
- tags:
- - pre_upgrade
-
-- name: Verify docker upgrade targets
- hosts: oo_nodes_to_upgrade
- tasks:
- - include: ../pre/tasks/verify_docker_upgrade_targets.yml
- tags:
- - pre_upgrade
-
-- include: ../pre/gate_checks.yml
- tags:
- - pre_upgrade
-
-# Pre-upgrade completed, nothing after this should be tagged pre_upgrade.
-
-# Separate step so we can execute in parallel and clear out anything unused
-# before we get into the serialized upgrade process which will then remove
-# remaining images if possible.
-- name: Cleanup unused Docker images
- hosts: oo_nodes_to_upgrade
- tasks:
- - include: ../cleanup_unused_images.yml
-
-- include: ../upgrade_nodes.yml
diff --git a/playbooks/common/openshift-cluster/upgrades/v3_5/filter_plugins b/playbooks/common/openshift-cluster/upgrades/v3_5/filter_plugins
deleted file mode 120000
index 7de3c1dd7..000000000
--- a/playbooks/common/openshift-cluster/upgrades/v3_5/filter_plugins
+++ /dev/null
@@ -1 +0,0 @@
-../../../../../filter_plugins/ \ No newline at end of file
diff --git a/playbooks/common/openshift-cluster/upgrades/v3_5/master_config_upgrade.yml b/playbooks/common/openshift-cluster/upgrades/v3_5/master_config_upgrade.yml
deleted file mode 100644
index 52458e03c..000000000
--- a/playbooks/common/openshift-cluster/upgrades/v3_5/master_config_upgrade.yml
+++ /dev/null
@@ -1,10 +0,0 @@
----
-- modify_yaml:
- dest: "{{ openshift.common.config_base}}/master/master-config.yaml"
- yaml_key: 'controllerConfig.serviceServingCert.signer.certFile'
- yaml_value: service-signer.crt
-
-- modify_yaml:
- dest: "{{ openshift.common.config_base}}/master/master-config.yaml"
- yaml_key: 'controllerConfig.serviceServingCert.signer.keyFile'
- yaml_value: service-signer.key
diff --git a/playbooks/common/openshift-cluster/upgrades/v3_5/upgrade.yml b/playbooks/common/openshift-cluster/upgrades/v3_5/upgrade.yml
deleted file mode 100644
index bda245fe1..000000000
--- a/playbooks/common/openshift-cluster/upgrades/v3_5/upgrade.yml
+++ /dev/null
@@ -1,120 +0,0 @@
----
-#
-# Full Control Plane + Nodes Upgrade
-#
-- include: ../init.yml
- tags:
- - pre_upgrade
-
-- name: Configure the upgrade target for the common upgrade tasks
- hosts: oo_all_hosts
- tags:
- - pre_upgrade
- tasks:
- - set_fact:
- openshift_upgrade_target: "{{ '1.5' if deployment_type == 'origin' else '3.5' }}"
- openshift_upgrade_min: "{{ '1.4' if deployment_type == 'origin' else '3.4' }}"
-
-# Pre-upgrade
-
-- include: ../initialize_nodes_to_upgrade.yml
- tags:
- - pre_upgrade
-
-- name: Update repos and initialize facts on all hosts
- hosts: oo_masters_to_config:oo_nodes_to_upgrade:oo_etcd_to_config:oo_lb_to_config
- tags:
- - pre_upgrade
- roles:
- - openshift_repos
-
-- name: Set openshift_no_proxy_internal_hostnames
- hosts: oo_masters_to_config:oo_nodes_to_upgrade
- tags:
- - pre_upgrade
- tasks:
- - set_fact:
- openshift_no_proxy_internal_hostnames: "{{ hostvars | oo_select_keys(groups['oo_nodes_to_config']
- | union(groups['oo_masters_to_config'])
- | union(groups['oo_etcd_to_config'] | default([])))
- | oo_collect('openshift.common.hostname') | default([]) | join (',')
- }}"
- when:
- - openshift_http_proxy is defined or openshift_https_proxy is defined
- - openshift_generate_no_proxy_hosts | default(True) | bool
-
-- include: ../pre/verify_inventory_vars.yml
- tags:
- - pre_upgrade
-
-- include: ../pre/verify_control_plane_running.yml
- tags:
- - pre_upgrade
-
-- include: ../disable_master_excluders.yml
- tags:
- - pre_upgrade
-
-- include: ../disable_node_excluders.yml
- tags:
- - pre_upgrade
-
-- include: ../../initialize_openshift_version.yml
- tags:
- - pre_upgrade
- vars:
- # Request specific openshift_release and let the openshift_version role handle converting this
- # to a more specific version, respecting openshift_image_tag and openshift_pkg_version if
- # defined, and overriding the normal behavior of protecting the installed version
- openshift_release: "{{ openshift_upgrade_target }}"
- openshift_protect_installed_version: False
-
- # We skip the docker role at this point in upgrade to prevent
- # unintended package, container, or config upgrades which trigger
- # docker restarts. At this early stage of upgrade we can assume
- # docker is configured and running.
- skip_docker_role: True
-
-- include: ../../../openshift-master/validate_restart.yml
- tags:
- - pre_upgrade
-
-- name: Verify upgrade targets
- hosts: oo_masters_to_config:oo_nodes_to_upgrade
- tasks:
- - include: ../pre/verify_upgrade_targets.yml
- tags:
- - pre_upgrade
-
-- name: Verify docker upgrade targets
- hosts: oo_masters_to_config:oo_nodes_to_upgrade:oo_etcd_to_config
- tasks:
- - include: ../pre/tasks/verify_docker_upgrade_targets.yml
- tags:
- - pre_upgrade
-
-- include: validator.yml
- tags:
- - pre_upgrade
-
-- include: ../pre/gate_checks.yml
- tags:
- - pre_upgrade
-
-# Pre-upgrade completed, nothing after this should be tagged pre_upgrade.
-
-# Separate step so we can execute in parallel and clear out anything unused
-# before we get into the serialized upgrade process which will then remove
-# remaining images if possible.
-- name: Cleanup unused Docker images
- hosts: oo_masters_to_config:oo_nodes_to_upgrade:oo_etcd_to_config
- tasks:
- - include: ../cleanup_unused_images.yml
-
-- include: ../upgrade_control_plane.yml
- vars:
- master_config_hook: "v3_5/master_config_upgrade.yml"
-
-- include: ../upgrade_nodes.yml
-
-- include: ../post_control_plane.yml
diff --git a/playbooks/common/openshift-cluster/upgrades/v3_5/upgrade_control_plane.yml b/playbooks/common/openshift-cluster/upgrades/v3_5/upgrade_control_plane.yml
deleted file mode 100644
index 6cdea7b84..000000000
--- a/playbooks/common/openshift-cluster/upgrades/v3_5/upgrade_control_plane.yml
+++ /dev/null
@@ -1,122 +0,0 @@
----
-#
-# Control Plane Upgrade Playbook
-#
-# Upgrades masters and Docker (only on standalone etcd hosts)
-#
-# This upgrade does not include:
-# - node service running on masters
-# - docker running on masters
-# - node service running on dedicated nodes
-#
-# You can run the upgrade_nodes.yml playbook after this to upgrade these components separately.
-#
-- include: ../init.yml
- tags:
- - pre_upgrade
-
-- name: Configure the upgrade target for the common upgrade tasks
- hosts: oo_all_hosts
- tags:
- - pre_upgrade
- tasks:
- - set_fact:
- openshift_upgrade_target: "{{ '1.5' if deployment_type == 'origin' else '3.5' }}"
- openshift_upgrade_min: "{{ '1.4' if deployment_type == 'origin' else '3.4' }}"
-
-# Pre-upgrade
-- include: ../initialize_nodes_to_upgrade.yml
- tags:
- - pre_upgrade
-
-- name: Update repos on control plane hosts
- hosts: oo_masters_to_config:oo_etcd_to_config:oo_lb_to_config
- tags:
- - pre_upgrade
- roles:
- - openshift_repos
-
-- name: Set openshift_no_proxy_internal_hostnames
- hosts: oo_masters_to_config:oo_nodes_to_upgrade
- tags:
- - pre_upgrade
- tasks:
- - set_fact:
- openshift_no_proxy_internal_hostnames: "{{ hostvars | oo_select_keys(groups['oo_nodes_to_config']
- | union(groups['oo_masters_to_config'])
- | union(groups['oo_etcd_to_config'] | default([])))
- | oo_collect('openshift.common.hostname') | default([]) | join (',')
- }}"
- when:
- - openshift_http_proxy is defined or openshift_https_proxy is defined
- - openshift_generate_no_proxy_hosts | default(True) | bool
-
-- include: ../pre/verify_inventory_vars.yml
- tags:
- - pre_upgrade
-
-- include: ../pre/verify_control_plane_running.yml
- tags:
- - pre_upgrade
-
-- include: ../disable_master_excluders.yml
- tags:
- - pre_upgrade
-
-- include: ../../initialize_openshift_version.yml
- tags:
- - pre_upgrade
- vars:
- # Request specific openshift_release and let the openshift_version role handle converting this
- # to a more specific version, respecting openshift_image_tag and openshift_pkg_version if
- # defined, and overriding the normal behavior of protecting the installed version
- openshift_release: "{{ openshift_upgrade_target }}"
- openshift_protect_installed_version: False
-
- # We skip the docker role at this point in upgrade to prevent
- # unintended package, container, or config upgrades which trigger
- # docker restarts. At this early stage of upgrade we can assume
- # docker is configured and running.
- skip_docker_role: True
-
-- include: ../../../openshift-master/validate_restart.yml
- tags:
- - pre_upgrade
-
-- name: Verify upgrade targets
- hosts: oo_masters_to_config
- tasks:
- - include: ../pre/verify_upgrade_targets.yml
- tags:
- - pre_upgrade
-
-- name: Verify docker upgrade targets
- hosts: oo_masters_to_config:oo_etcd_to_config
- tasks:
- - include: ../pre/tasks/verify_docker_upgrade_targets.yml
- tags:
- - pre_upgrade
-
-- include: validator.yml
- tags:
- - pre_upgrade
-
-- include: ../pre/gate_checks.yml
- tags:
- - pre_upgrade
-
-# Pre-upgrade completed, nothing after this should be tagged pre_upgrade.
-
-# Separate step so we can execute in parallel and clear out anything unused
-# before we get into the serialized upgrade process which will then remove
-# remaining images if possible.
-- name: Cleanup unused Docker images
- hosts: oo_masters_to_config:oo_etcd_to_config
- tasks:
- - include: ../cleanup_unused_images.yml
-
-- include: ../upgrade_control_plane.yml
- vars:
- master_config_hook: "v3_5/master_config_upgrade.yml"
-
-- include: ../post_control_plane.yml
diff --git a/playbooks/common/openshift-cluster/upgrades/v3_5/upgrade_nodes.yml b/playbooks/common/openshift-cluster/upgrades/v3_5/upgrade_nodes.yml
deleted file mode 100644
index e29d0f8e6..000000000
--- a/playbooks/common/openshift-cluster/upgrades/v3_5/upgrade_nodes.yml
+++ /dev/null
@@ -1,111 +0,0 @@
----
-#
-# Node Upgrade Playbook
-#
-# Upgrades nodes only, but requires the control plane to have already been upgraded.
-#
-- include: ../init.yml
- tags:
- - pre_upgrade
-
-- name: Configure the upgrade target for the common upgrade tasks
- hosts: oo_all_hosts
- tags:
- - pre_upgrade
- tasks:
- - set_fact:
- openshift_upgrade_target: "{{ '1.5' if deployment_type == 'origin' else '3.5' }}"
- openshift_upgrade_min: "{{ '1.4' if deployment_type == 'origin' else '3.4' }}"
-
-# Pre-upgrade
-- include: ../initialize_nodes_to_upgrade.yml
- tags:
- - pre_upgrade
-
-- name: Update repos on nodes
- hosts: oo_masters_to_config:oo_nodes_to_upgrade:oo_etcd_to_config:oo_lb_to_config
- roles:
- - openshift_repos
- tags:
- - pre_upgrade
-
-- name: Set openshift_no_proxy_internal_hostnames
- hosts: oo_masters_to_config:oo_nodes_to_upgrade
- tags:
- - pre_upgrade
- tasks:
- - set_fact:
- openshift_no_proxy_internal_hostnames: "{{ hostvars | oo_select_keys(groups['oo_nodes_to_upgrade']
- | union(groups['oo_masters_to_config'])
- | union(groups['oo_etcd_to_config'] | default([])))
- | oo_collect('openshift.common.hostname') | default([]) | join (',')
- }}"
- when:
- - openshift_http_proxy is defined or openshift_https_proxy is defined
- - openshift_generate_no_proxy_hosts | default(True) | bool
-
-- include: ../pre/verify_inventory_vars.yml
- tags:
- - pre_upgrade
-
-- include: ../disable_node_excluders.yml
- tags:
- - pre_upgrade
-
-- include: ../../initialize_openshift_version.yml
- tags:
- - pre_upgrade
- vars:
- # Request specific openshift_release and let the openshift_version role handle converting this
- # to a more specific version, respecting openshift_image_tag and openshift_pkg_version if
- # defined, and overriding the normal behavior of protecting the installed version
- openshift_release: "{{ openshift_upgrade_target }}"
- openshift_protect_installed_version: False
-
- # We skip the docker role at this point in upgrade to prevent
- # unintended package, container, or config upgrades which trigger
- # docker restarts. At this early stage of upgrade we can assume
- # docker is configured and running.
- skip_docker_role: True
-
-- name: Verify masters are already upgraded
- hosts: oo_masters_to_config
- tags:
- - pre_upgrade
- tasks:
- - fail: msg="Master running {{ openshift.common.version }} must be upgraded to {{ openshift_version }} before node upgrade can be run."
- when: openshift.common.version != openshift_version
-
-- include: ../pre/verify_control_plane_running.yml
- tags:
- - pre_upgrade
-
-- name: Verify upgrade targets
- hosts: oo_nodes_to_upgrade
- tasks:
- - include: ../pre/verify_upgrade_targets.yml
- tags:
- - pre_upgrade
-
-- name: Verify docker upgrade targets
- hosts: oo_nodes_to_upgrade
- tasks:
- - include: ../pre/tasks/verify_docker_upgrade_targets.yml
- tags:
- - pre_upgrade
-
-- include: ../pre/gate_checks.yml
- tags:
- - pre_upgrade
-
-# Pre-upgrade completed, nothing after this should be tagged pre_upgrade.
-
-# Separate step so we can execute in parallel and clear out anything unused
-# before we get into the serialized upgrade process which will then remove
-# remaining images if possible.
-- name: Cleanup unused Docker images
- hosts: oo_nodes_to_upgrade
- tasks:
- - include: ../cleanup_unused_images.yml
-
-- include: ../upgrade_nodes.yml
diff --git a/playbooks/common/openshift-cluster/upgrades/v3_5/validator.yml b/playbooks/common/openshift-cluster/upgrades/v3_5/validator.yml
deleted file mode 100644
index ae63c9ca9..000000000
--- a/playbooks/common/openshift-cluster/upgrades/v3_5/validator.yml
+++ /dev/null
@@ -1,67 +0,0 @@
----
-###############################################################################
-# Pre upgrade checks for known data problems, if this playbook fails you should
-# contact support. If you're not supported contact users@lists.openshift.com
-#
-# oc_objectvalidator provides these two checks
-# 1 - SDN Data issues, never seen in the wild but known possible due to code audits
-# https://github.com/openshift/origin/issues/12697
-# 2 - Namespace protections, https://bugzilla.redhat.com/show_bug.cgi?id=1428934
-#
-###############################################################################
-- name: Verify 3.5 specific upgrade checks
- hosts: oo_first_master
- roles:
- - { role: lib_openshift }
- tasks:
- - name: Check for invalid namespaces and SDN errors
- oc_objectvalidator:
-
- # What's all this PetSet business about?
- #
- # 'PetSets' were ALPHA resources in Kube <= 3.4. In >= 3.5 they are
- # no longer supported. The BETA resource 'StatefulSets' replaces
- # them. We can't migrate clients PetSets to
- # StatefulSets. Additionally, Red Hat has never officially supported
- # these resource types. Sorry users, but if you were using
- # unsupported resources from the Kube documentation then we can't
- # help you at this time.
- #
- # Reference: https://bugzilla.redhat.com/show_bug.cgi?id=1428229
- - name: Check if legacy PetSets exist
- oc_obj:
- state: list
- all_namespaces: true
- kind: petsets
- register: l_do_petsets_exist
-
- - name: Fail on unsupported resource migration 'PetSets'
- fail:
- msg: >
- PetSet objects were detected in your cluster. These are an
- Alpha feature in upstream Kubernetes 1.4 and are not supported
- by Red Hat. In Kubernetes 1.5, they are replaced by the Beta
- feature StatefulSets. Red Hat currently does not offer support
- for either PetSets or StatefulSets.
-
- Automatically migrating PetSets to StatefulSets in OpenShift
- Container Platform (OCP) 3.5 is not supported. See the
- Kubernetes "Upgrading from PetSets to StatefulSets"
- documentation for additional information:
-
- https://kubernetes.io/docs/tasks/manage-stateful-set/upgrade-pet-set-to-stateful-set/
-
- PetSets MUST be removed before upgrading to OCP 3.5. Red Hat
- strongly recommends reading the above referenced documentation
- in its entirety before taking any destructive actions.
-
- If you want to simply remove all PetSets without manually
- migrating to StatefulSets, run this command as a user with
- cluster-admin privileges:
-
- $ oc get petsets --all-namespaces -o yaml | oc delete -f - --cascade=false
- when:
- # Search did not fail, valid resource type found
- - l_do_petsets_exist.results.returncode == 0
- # Items do exist in the search results
- - l_do_petsets_exist.results.results.0['items'] | length > 0
diff --git a/playbooks/common/openshift-cluster/upgrades/v3_6/filter_plugins b/playbooks/common/openshift-cluster/upgrades/v3_6/filter_plugins
deleted file mode 120000
index 7de3c1dd7..000000000
--- a/playbooks/common/openshift-cluster/upgrades/v3_6/filter_plugins
+++ /dev/null
@@ -1 +0,0 @@
-../../../../../filter_plugins/ \ No newline at end of file
diff --git a/playbooks/common/openshift-cluster/upgrades/v3_6/upgrade.yml b/playbooks/common/openshift-cluster/upgrades/v3_6/upgrade.yml
index dd109cfa9..a5ad3801d 100644
--- a/playbooks/common/openshift-cluster/upgrades/v3_6/upgrade.yml
+++ b/playbooks/common/openshift-cluster/upgrades/v3_6/upgrade.yml
@@ -2,7 +2,7 @@
#
# Full Control Plane + Nodes Upgrade
#
-- include: ../init.yml
+- import_playbook: ../init.yml
tags:
- pre_upgrade
@@ -15,110 +15,29 @@
openshift_upgrade_target: '3.6'
openshift_upgrade_min: "{{ '1.5' if deployment_type == 'origin' else '3.5' }}"
-# Pre-upgrade
-
-- include: ../initialize_nodes_to_upgrade.yml
- tags:
- - pre_upgrade
-
-- name: Update repos and initialize facts on all hosts
- hosts: oo_masters_to_config:oo_nodes_to_upgrade:oo_etcd_to_config:oo_lb_to_config
- tags:
- - pre_upgrade
- roles:
- - openshift_repos
-
-- name: Set openshift_no_proxy_internal_hostnames
- hosts: oo_masters_to_config:oo_nodes_to_upgrade
- tags:
- - pre_upgrade
- tasks:
- - set_fact:
- openshift_no_proxy_internal_hostnames: "{{ hostvars | oo_select_keys(groups['oo_nodes_to_config']
- | union(groups['oo_masters_to_config'])
- | union(groups['oo_etcd_to_config'] | default([])))
- | oo_collect('openshift.common.hostname') | default([]) | join (',')
- }}"
- when:
- - openshift_http_proxy is defined or openshift_https_proxy is defined
- - openshift_generate_no_proxy_hosts | default(True) | bool
-
-- include: ../pre/verify_inventory_vars.yml
- tags:
- - pre_upgrade
-
-- include: ../pre/verify_health_checks.yml
- tags:
- - pre_upgrade
-
-- include: ../pre/verify_control_plane_running.yml
- tags:
- - pre_upgrade
-
-- include: ../disable_master_excluders.yml
- tags:
- - pre_upgrade
-
-- include: ../disable_node_excluders.yml
- tags:
- - pre_upgrade
-
-- include: ../../initialize_openshift_version.yml
- tags:
- - pre_upgrade
+- import_playbook: ../pre/config.yml
vars:
- # Request specific openshift_release and let the openshift_version role handle converting this
- # to a more specific version, respecting openshift_image_tag and openshift_pkg_version if
- # defined, and overriding the normal behavior of protecting the installed version
- openshift_release: "{{ openshift_upgrade_target }}"
- openshift_protect_installed_version: False
-
- # We skip the docker role at this point in upgrade to prevent
- # unintended package, container, or config upgrades which trigger
- # docker restarts. At this early stage of upgrade we can assume
- # docker is configured and running.
- skip_docker_role: True
+ l_upgrade_repo_hosts: "oo_masters_to_config:oo_nodes_to_upgrade:oo_etcd_to_config:oo_lb_to_config"
+ l_upgrade_no_proxy_hosts: "oo_masters_to_config:oo_nodes_to_upgrade"
+ l_upgrade_health_check_hosts: "oo_masters_to_config:oo_etcd_to_config:oo_lb_to_config"
+ l_upgrade_verify_targets_hosts: "oo_masters_to_config:oo_nodes_to_upgrade"
+ l_upgrade_docker_target_hosts: "oo_masters_to_config:oo_nodes_to_upgrade:oo_etcd_to_config"
+ l_upgrade_excluder_hosts: "oo_nodes_to_config:oo_masters_to_config"
-- include: ../../../openshift-master/validate_restart.yml
- tags:
- - pre_upgrade
-
-- name: Verify upgrade targets
- hosts: oo_masters_to_config:oo_nodes_to_upgrade
- tasks:
- - include: ../pre/verify_upgrade_targets.yml
- tags:
- - pre_upgrade
+- import_playbook: validator.yml
-- name: Verify docker upgrade targets
+- name: Flag pre-upgrade checks complete for hosts without errors
hosts: oo_masters_to_config:oo_nodes_to_upgrade:oo_etcd_to_config
tasks:
- - include: ../pre/tasks/verify_docker_upgrade_targets.yml
- tags:
- - pre_upgrade
-
-- include: validator.yml
- tags:
- - pre_upgrade
-
-- include: ../pre/gate_checks.yml
- tags:
- - pre_upgrade
-
-# Pre-upgrade completed, nothing after this should be tagged pre_upgrade.
+ - set_fact:
+ pre_upgrade_complete: True
-# Separate step so we can execute in parallel and clear out anything unused
-# before we get into the serialized upgrade process which will then remove
-# remaining images if possible.
-- name: Cleanup unused Docker images
- hosts: oo_masters_to_config:oo_nodes_to_upgrade:oo_etcd_to_config
- tasks:
- - include: ../cleanup_unused_images.yml
+# Pre-upgrade completed
-- include: ../upgrade_control_plane.yml
+- import_playbook: ../upgrade_control_plane.yml
vars:
master_config_hook: "v3_6/master_config_upgrade.yml"
-- include: ../upgrade_nodes.yml
+- import_playbook: ../upgrade_nodes.yml
-- include: ../post_control_plane.yml
+- import_playbook: ../post_control_plane.yml
diff --git a/playbooks/common/openshift-cluster/upgrades/v3_6/upgrade_control_plane.yml b/playbooks/common/openshift-cluster/upgrades/v3_6/upgrade_control_plane.yml
index 8ab68002d..1498db4c5 100644
--- a/playbooks/common/openshift-cluster/upgrades/v3_6/upgrade_control_plane.yml
+++ b/playbooks/common/openshift-cluster/upgrades/v3_6/upgrade_control_plane.yml
@@ -11,116 +11,38 @@
#
# You can run the upgrade_nodes.yml playbook after this to upgrade these components separately.
#
-- include: ../init.yml
- tags:
- - pre_upgrade
+- import_playbook: ../init.yml
+ vars:
+ l_upgrade_no_switch_firewall_hosts: "oo_masters_to_config:oo_etcd_to_config:oo_lb_to_config"
- name: Configure the upgrade target for the common upgrade tasks
- hosts: oo_all_hosts
- tags:
- - pre_upgrade
+ hosts: oo_masters_to_config:oo_etcd_to_config:oo_lb_to_config
tasks:
- set_fact:
openshift_upgrade_target: '3.6'
openshift_upgrade_min: "{{ '1.5' if deployment_type == 'origin' else '3.5' }}"
-# Pre-upgrade
-- include: ../initialize_nodes_to_upgrade.yml
- tags:
- - pre_upgrade
-
-- name: Update repos on control plane hosts
- hosts: oo_masters_to_config:oo_etcd_to_config:oo_lb_to_config
- tags:
- - pre_upgrade
- roles:
- - openshift_repos
-
-- name: Set openshift_no_proxy_internal_hostnames
- hosts: oo_masters_to_config:oo_nodes_to_upgrade
- tags:
- - pre_upgrade
- tasks:
- - set_fact:
- openshift_no_proxy_internal_hostnames: "{{ hostvars | oo_select_keys(groups['oo_nodes_to_config']
- | union(groups['oo_masters_to_config'])
- | union(groups['oo_etcd_to_config'] | default([])))
- | oo_collect('openshift.common.hostname') | default([]) | join (',')
- }}"
- when:
- - openshift_http_proxy is defined or openshift_https_proxy is defined
- - openshift_generate_no_proxy_hosts | default(True) | bool
-
-- include: ../pre/verify_inventory_vars.yml
- tags:
- - pre_upgrade
-
-- include: ../pre/verify_health_checks.yml
- tags:
- - pre_upgrade
-
-- include: ../pre/verify_control_plane_running.yml
- tags:
- - pre_upgrade
-
-- include: ../disable_master_excluders.yml
- tags:
- - pre_upgrade
-
-- include: ../../initialize_openshift_version.yml
- tags:
- - pre_upgrade
+- import_playbook: ../pre/config.yml
vars:
- # Request specific openshift_release and let the openshift_version role handle converting this
- # to a more specific version, respecting openshift_image_tag and openshift_pkg_version if
- # defined, and overriding the normal behavior of protecting the installed version
- openshift_release: "{{ openshift_upgrade_target }}"
- openshift_protect_installed_version: False
-
- # We skip the docker role at this point in upgrade to prevent
- # unintended package, container, or config upgrades which trigger
- # docker restarts. At this early stage of upgrade we can assume
- # docker is configured and running.
- skip_docker_role: True
+ l_upgrade_repo_hosts: "oo_masters_to_config:oo_etcd_to_config:oo_lb_to_config"
+ l_upgrade_no_proxy_hosts: "oo_masters_to_config"
+ l_upgrade_health_check_hosts: "oo_masters_to_config:oo_etcd_to_config:oo_lb_to_config"
+ l_upgrade_verify_targets_hosts: "oo_masters_to_config"
+ l_upgrade_docker_target_hosts: "oo_masters_to_config:oo_etcd_to_config"
+ l_upgrade_excluder_hosts: "oo_masters_to_config"
-- include: ../../../openshift-master/validate_restart.yml
- tags:
- - pre_upgrade
+- import_playbook: validator.yml
-- name: Verify upgrade targets
- hosts: oo_masters_to_config
- tasks:
- - include: ../pre/verify_upgrade_targets.yml
- tags:
- - pre_upgrade
-
-- name: Verify docker upgrade targets
+- name: Flag pre-upgrade checks complete for hosts without errors
hosts: oo_masters_to_config:oo_etcd_to_config
tasks:
- - include: ../pre/tasks/verify_docker_upgrade_targets.yml
- tags:
- - pre_upgrade
-
-- include: validator.yml
- tags:
- - pre_upgrade
-
-- include: ../pre/gate_checks.yml
- tags:
- - pre_upgrade
-
-# Pre-upgrade completed, nothing after this should be tagged pre_upgrade.
+ - set_fact:
+ pre_upgrade_complete: True
-# Separate step so we can execute in parallel and clear out anything unused
-# before we get into the serialized upgrade process which will then remove
-# remaining images if possible.
-- name: Cleanup unused Docker images
- hosts: oo_masters_to_config:oo_etcd_to_config
- tasks:
- - include: ../cleanup_unused_images.yml
+# Pre-upgrade completed
-- include: ../upgrade_control_plane.yml
+- import_playbook: ../upgrade_control_plane.yml
vars:
master_config_hook: "v3_6/master_config_upgrade.yml"
-- include: ../post_control_plane.yml
+- import_playbook: ../post_control_plane.yml
diff --git a/playbooks/common/openshift-cluster/upgrades/v3_6/upgrade_nodes.yml b/playbooks/common/openshift-cluster/upgrades/v3_6/upgrade_nodes.yml
index ba6fcc3f8..6958652d8 100644
--- a/playbooks/common/openshift-cluster/upgrades/v3_6/upgrade_nodes.yml
+++ b/playbooks/common/openshift-cluster/upgrades/v3_6/upgrade_nodes.yml
@@ -4,7 +4,7 @@
#
# Upgrades nodes only, but requires the control plane to have already been upgraded.
#
-- include: ../init.yml
+- import_playbook: ../init.yml
tags:
- pre_upgrade
@@ -17,99 +17,22 @@
openshift_upgrade_target: '3.6'
openshift_upgrade_min: "{{ '1.5' if deployment_type == 'origin' else '3.5' }}"
-# Pre-upgrade
-- include: ../initialize_nodes_to_upgrade.yml
- tags:
- - pre_upgrade
-
-- name: Update repos on nodes
- hosts: oo_masters_to_config:oo_nodes_to_upgrade:oo_etcd_to_config:oo_lb_to_config
- roles:
- - openshift_repos
- tags:
- - pre_upgrade
-
-- name: Set openshift_no_proxy_internal_hostnames
- hosts: oo_masters_to_config:oo_nodes_to_upgrade
- tags:
- - pre_upgrade
- tasks:
- - set_fact:
- openshift_no_proxy_internal_hostnames: "{{ hostvars | oo_select_keys(groups['oo_nodes_to_upgrade']
- | union(groups['oo_masters_to_config'])
- | union(groups['oo_etcd_to_config'] | default([])))
- | oo_collect('openshift.common.hostname') | default([]) | join (',')
- }}"
- when:
- - openshift_http_proxy is defined or openshift_https_proxy is defined
- - openshift_generate_no_proxy_hosts | default(True) | bool
-
-- include: ../pre/verify_inventory_vars.yml
- tags:
- - pre_upgrade
-
-- include: ../pre/verify_health_checks.yml
- tags:
- - pre_upgrade
-
-- include: ../disable_node_excluders.yml
- tags:
- - pre_upgrade
-
-- include: ../../initialize_openshift_version.yml
- tags:
- - pre_upgrade
+- import_playbook: ../pre/config.yml
vars:
- # Request specific openshift_release and let the openshift_version role handle converting this
- # to a more specific version, respecting openshift_image_tag and openshift_pkg_version if
- # defined, and overriding the normal behavior of protecting the installed version
- openshift_release: "{{ openshift_upgrade_target }}"
- openshift_protect_installed_version: False
-
- # We skip the docker role at this point in upgrade to prevent
- # unintended package, container, or config upgrades which trigger
- # docker restarts. At this early stage of upgrade we can assume
- # docker is configured and running.
- skip_docker_role: True
-
-- name: Verify masters are already upgraded
- hosts: oo_masters_to_config
- tags:
- - pre_upgrade
+ l_upgrade_repo_hosts: "oo_nodes_to_config"
+ l_upgrade_no_proxy_hosts: "oo_all_hosts"
+ l_upgrade_health_check_hosts: "oo_nodes_to_config"
+ l_upgrade_verify_targets_hosts: "oo_nodes_to_config"
+ l_upgrade_docker_target_hosts: "oo_nodes_to_config"
+ l_upgrade_excluder_hosts: "oo_nodes_to_config:!oo_masters_to_config"
+ l_upgrade_nodes_only: True
+
+- name: Flag pre-upgrade checks complete for hosts without errors
+ hosts: oo_masters_to_config:oo_nodes_to_upgrade:oo_etcd_to_config
tasks:
- - fail: msg="Master running {{ openshift.common.version }} must be upgraded to {{ openshift_version }} before node upgrade can be run."
- when: openshift.common.version != openshift_version
-
-- include: ../pre/verify_control_plane_running.yml
- tags:
- - pre_upgrade
-
-- name: Verify upgrade targets
- hosts: oo_nodes_to_upgrade
- tasks:
- - include: ../pre/verify_upgrade_targets.yml
- tags:
- - pre_upgrade
-
-- name: Verify docker upgrade targets
- hosts: oo_nodes_to_upgrade
- tasks:
- - include: ../pre/tasks/verify_docker_upgrade_targets.yml
- tags:
- - pre_upgrade
-
-- include: ../pre/gate_checks.yml
- tags:
- - pre_upgrade
-
-# Pre-upgrade completed, nothing after this should be tagged pre_upgrade.
+ - set_fact:
+ pre_upgrade_complete: True
-# Separate step so we can execute in parallel and clear out anything unused
-# before we get into the serialized upgrade process which will then remove
-# remaining images if possible.
-- name: Cleanup unused Docker images
- hosts: oo_nodes_to_upgrade
- tasks:
- - include: ../cleanup_unused_images.yml
+# Pre-upgrade completed
-- include: ../upgrade_nodes.yml
+- import_playbook: ../upgrade_nodes.yml
diff --git a/playbooks/common/openshift-cluster/upgrades/v3_7/filter_plugins b/playbooks/common/openshift-cluster/upgrades/v3_7/filter_plugins
deleted file mode 120000
index 7de3c1dd7..000000000
--- a/playbooks/common/openshift-cluster/upgrades/v3_7/filter_plugins
+++ /dev/null
@@ -1 +0,0 @@
-../../../../../filter_plugins/ \ No newline at end of file
diff --git a/playbooks/common/openshift-cluster/upgrades/v3_7/upgrade.yml b/playbooks/common/openshift-cluster/upgrades/v3_7/upgrade.yml
index f4862e321..4daa9e490 100644
--- a/playbooks/common/openshift-cluster/upgrades/v3_7/upgrade.yml
+++ b/playbooks/common/openshift-cluster/upgrades/v3_7/upgrade.yml
@@ -2,7 +2,7 @@
#
# Full Control Plane + Nodes Upgrade
#
-- include: ../init.yml
+- import_playbook: ../init.yml
tags:
- pre_upgrade
@@ -15,111 +15,26 @@
openshift_upgrade_target: '3.7'
openshift_upgrade_min: '3.6'
-# Pre-upgrade
-
-- include: ../initialize_nodes_to_upgrade.yml
- tags:
- - pre_upgrade
-
-- include: ../pre/verify_etcd3_backend.yml
- tags:
- - pre_upgrade
-
-- name: Update repos and initialize facts on all hosts
- hosts: oo_masters_to_config:oo_nodes_to_upgrade:oo_etcd_to_config:oo_lb_to_config
- tags:
- - pre_upgrade
- roles:
- - openshift_repos
-
-- name: Set openshift_no_proxy_internal_hostnames
- hosts: oo_masters_to_config:oo_nodes_to_upgrade
- tags:
- - pre_upgrade
- tasks:
- - set_fact:
- openshift_no_proxy_internal_hostnames: "{{ hostvars | oo_select_keys(groups['oo_nodes_to_config']
- | union(groups['oo_masters_to_config'])
- | union(groups['oo_etcd_to_config'] | default([])))
- | oo_collect('openshift.common.hostname') | default([]) | join (',')
- }}"
- when:
- - openshift_http_proxy is defined or openshift_https_proxy is defined
- - openshift_generate_no_proxy_hosts | default(True) | bool
-
-- include: ../pre/verify_inventory_vars.yml
- tags:
- - pre_upgrade
-
-- include: ../pre/verify_health_checks.yml
- tags:
- - pre_upgrade
-
-- include: ../pre/verify_control_plane_running.yml
- tags:
- - pre_upgrade
-
-- include: ../disable_master_excluders.yml
- tags:
- - pre_upgrade
-
-- include: ../disable_node_excluders.yml
- tags:
- - pre_upgrade
-
-- include: ../../initialize_openshift_version.yml
- tags:
- - pre_upgrade
+- import_playbook: ../pre/config.yml
vars:
- # Request specific openshift_release and let the openshift_version role handle converting this
- # to a more specific version, respecting openshift_image_tag and openshift_pkg_version if
- # defined, and overriding the normal behavior of protecting the installed version
- openshift_release: "{{ openshift_upgrade_target }}"
- openshift_protect_installed_version: False
-
- # We skip the docker role at this point in upgrade to prevent
- # unintended package, container, or config upgrades which trigger
- # docker restarts. At this early stage of upgrade we can assume
- # docker is configured and running.
- skip_docker_role: True
+ l_upgrade_repo_hosts: "oo_masters_to_config:oo_nodes_to_upgrade:oo_etcd_to_config:oo_lb_to_config"
+ l_upgrade_no_proxy_hosts: "oo_masters_to_config:oo_nodes_to_upgrade"
+ l_upgrade_health_check_hosts: "oo_masters_to_config:oo_etcd_to_config:oo_lb_to_config"
+ l_upgrade_verify_targets_hosts: "oo_masters_to_config:oo_nodes_to_upgrade"
+ l_upgrade_docker_target_hosts: "oo_masters_to_config:oo_nodes_to_upgrade:oo_etcd_to_config"
+ l_upgrade_excluder_hosts: "oo_nodes_to_config:oo_masters_to_config"
-- include: ../../../openshift-master/validate_restart.yml
- tags:
- - pre_upgrade
-
-- name: Verify upgrade targets
- hosts: oo_masters_to_config:oo_nodes_to_upgrade
- tasks:
- - include: ../pre/verify_upgrade_targets.yml
- tags:
- - pre_upgrade
+- import_playbook: validator.yml
-- name: Verify docker upgrade targets
+- name: Flag pre-upgrade checks complete for hosts without errors
hosts: oo_masters_to_config:oo_nodes_to_upgrade:oo_etcd_to_config
tasks:
- - include: ../pre/tasks/verify_docker_upgrade_targets.yml
- tags:
- - pre_upgrade
-
-- include: validator.yml
- tags:
- - pre_upgrade
-
-- include: ../pre/gate_checks.yml
- tags:
- - pre_upgrade
-
-# Pre-upgrade completed, nothing after this should be tagged pre_upgrade.
+ - set_fact:
+ pre_upgrade_complete: True
-# Separate step so we can execute in parallel and clear out anything unused
-# before we get into the serialized upgrade process which will then remove
-# remaining images if possible.
-- name: Cleanup unused Docker images
- hosts: oo_masters_to_config:oo_nodes_to_upgrade:oo_etcd_to_config
- tasks:
- - include: ../cleanup_unused_images.yml
+# Pre-upgrade completed
-- include: ../upgrade_control_plane.yml
+- import_playbook: ../upgrade_control_plane.yml
vars:
master_config_hook: "v3_7/master_config_upgrade.yml"
@@ -127,16 +42,18 @@
- name: Cycle all controller services to force new leader election mode
hosts: oo_masters_to_config
gather_facts: no
+ roles:
+ - role: openshift_facts
tasks:
- - name: Stop {{ openshift.common.service_type }}-master-controllers
+ - name: Stop {{ openshift_service_type }}-master-controllers
systemd:
- name: "{{ openshift.common.service_type }}-master-controllers"
+ name: "{{ openshift_service_type }}-master-controllers"
state: stopped
- - name: Start {{ openshift.common.service_type }}-master-controllers
+ - name: Start {{ openshift_service_type }}-master-controllers
systemd:
- name: "{{ openshift.common.service_type }}-master-controllers"
+ name: "{{ openshift_service_type }}-master-controllers"
state: started
-- include: ../upgrade_nodes.yml
+- import_playbook: ../upgrade_nodes.yml
-- include: ../post_control_plane.yml
+- import_playbook: ../post_control_plane.yml
diff --git a/playbooks/common/openshift-cluster/upgrades/v3_7/upgrade_control_plane.yml b/playbooks/common/openshift-cluster/upgrades/v3_7/upgrade_control_plane.yml
index b905d6d86..1750148d4 100644
--- a/playbooks/common/openshift-cluster/upgrades/v3_7/upgrade_control_plane.yml
+++ b/playbooks/common/openshift-cluster/upgrades/v3_7/upgrade_control_plane.yml
@@ -11,119 +11,37 @@
#
# You can run the upgrade_nodes.yml playbook after this to upgrade these components separately.
#
-- include: ../init.yml
- tags:
- - pre_upgrade
+- import_playbook: ../init.yml
+ vars:
+ l_upgrade_no_switch_firewall_hosts: "oo_masters_to_config:oo_etcd_to_config:oo_lb_to_config"
- name: Configure the upgrade target for the common upgrade tasks
- hosts: oo_all_hosts
- tags:
- - pre_upgrade
+ hosts: oo_masters_to_config:oo_etcd_to_config:oo_lb_to_config
tasks:
- set_fact:
openshift_upgrade_target: '3.7'
openshift_upgrade_min: '3.6'
-# Pre-upgrade
-- include: ../initialize_nodes_to_upgrade.yml
- tags:
- - pre_upgrade
-
-- include: ../pre/verify_etcd3_backend.yml
- tags:
- - pre_upgrade
-
-- name: Update repos on control plane hosts
- hosts: oo_masters_to_config:oo_etcd_to_config:oo_lb_to_config
- tags:
- - pre_upgrade
- roles:
- - openshift_repos
-
-- name: Set openshift_no_proxy_internal_hostnames
- hosts: oo_masters_to_config:oo_nodes_to_upgrade
- tags:
- - pre_upgrade
- tasks:
- - set_fact:
- openshift_no_proxy_internal_hostnames: "{{ hostvars | oo_select_keys(groups['oo_nodes_to_config']
- | union(groups['oo_masters_to_config'])
- | union(groups['oo_etcd_to_config'] | default([])))
- | oo_collect('openshift.common.hostname') | default([]) | join (',')
- }}"
- when:
- - openshift_http_proxy is defined or openshift_https_proxy is defined
- - openshift_generate_no_proxy_hosts | default(True) | bool
-
-- include: ../pre/verify_inventory_vars.yml
- tags:
- - pre_upgrade
-
-- include: ../pre/verify_health_checks.yml
- tags:
- - pre_upgrade
-
-- include: ../pre/verify_control_plane_running.yml
- tags:
- - pre_upgrade
-
-- include: ../disable_master_excluders.yml
- tags:
- - pre_upgrade
-
-- include: ../../initialize_openshift_version.yml
- tags:
- - pre_upgrade
+- import_playbook: ../pre/config.yml
vars:
- # Request specific openshift_release and let the openshift_version role handle converting this
- # to a more specific version, respecting openshift_image_tag and openshift_pkg_version if
- # defined, and overriding the normal behavior of protecting the installed version
- openshift_release: "{{ openshift_upgrade_target }}"
- openshift_protect_installed_version: False
-
- # We skip the docker role at this point in upgrade to prevent
- # unintended package, container, or config upgrades which trigger
- # docker restarts. At this early stage of upgrade we can assume
- # docker is configured and running.
- skip_docker_role: True
-
-- include: ../../../openshift-master/validate_restart.yml
- tags:
- - pre_upgrade
+ l_upgrade_repo_hosts: "oo_masters_to_config:oo_etcd_to_config:oo_lb_to_config"
+ l_upgrade_no_proxy_hosts: "oo_masters_to_config"
+ l_upgrade_health_check_hosts: "oo_masters_to_config:oo_etcd_to_config:oo_lb_to_config"
+ l_upgrade_verify_targets_hosts: "oo_masters_to_config"
+ l_upgrade_docker_target_hosts: "oo_masters_to_config:oo_etcd_to_config"
+ l_upgrade_excluder_hosts: "oo_masters_to_config"
-- name: Verify upgrade targets
- hosts: oo_masters_to_config
- tasks:
- - include: ../pre/verify_upgrade_targets.yml
- tags:
- - pre_upgrade
+- import_playbook: validator.yml
-- name: Verify docker upgrade targets
+- name: Flag pre-upgrade checks complete for hosts without errors
hosts: oo_masters_to_config:oo_etcd_to_config
tasks:
- - include: ../pre/tasks/verify_docker_upgrade_targets.yml
- tags:
- - pre_upgrade
-
-- include: validator.yml
- tags:
- - pre_upgrade
-
-- include: ../pre/gate_checks.yml
- tags:
- - pre_upgrade
-
-# Pre-upgrade completed, nothing after this should be tagged pre_upgrade.
+ - set_fact:
+ pre_upgrade_complete: True
-# Separate step so we can execute in parallel and clear out anything unused
-# before we get into the serialized upgrade process which will then remove
-# remaining images if possible.
-- name: Cleanup unused Docker images
- hosts: oo_masters_to_config:oo_etcd_to_config
- tasks:
- - include: ../cleanup_unused_images.yml
+# Pre-upgrade completed
-- include: ../upgrade_control_plane.yml
+- import_playbook: ../upgrade_control_plane.yml
vars:
master_config_hook: "v3_7/master_config_upgrade.yml"
@@ -131,14 +49,16 @@
- name: Cycle all controller services to force new leader election mode
hosts: oo_masters_to_config
gather_facts: no
+ roles:
+ - role: openshift_facts
tasks:
- - name: Stop {{ openshift.common.service_type }}-master-controllers
+ - name: Stop {{ openshift_service_type }}-master-controllers
systemd:
- name: "{{ openshift.common.service_type }}-master-controllers"
+ name: "{{ openshift_service_type }}-master-controllers"
state: stopped
- - name: Start {{ openshift.common.service_type }}-master-controllers
+ - name: Start {{ openshift_service_type }}-master-controllers
systemd:
- name: "{{ openshift.common.service_type }}-master-controllers"
+ name: "{{ openshift_service_type }}-master-controllers"
state: started
-- include: ../post_control_plane.yml
+- import_playbook: ../post_control_plane.yml
diff --git a/playbooks/common/openshift-cluster/upgrades/v3_7/upgrade_nodes.yml b/playbooks/common/openshift-cluster/upgrades/v3_7/upgrade_nodes.yml
index bc080f9a3..16d95514c 100644
--- a/playbooks/common/openshift-cluster/upgrades/v3_7/upgrade_nodes.yml
+++ b/playbooks/common/openshift-cluster/upgrades/v3_7/upgrade_nodes.yml
@@ -4,7 +4,7 @@
#
# Upgrades nodes only, but requires the control plane to have already been upgraded.
#
-- include: ../init.yml
+- import_playbook: ../init.yml
tags:
- pre_upgrade
@@ -17,99 +17,22 @@
openshift_upgrade_target: '3.7'
openshift_upgrade_min: '3.6'
-# Pre-upgrade
-- include: ../initialize_nodes_to_upgrade.yml
- tags:
- - pre_upgrade
-
-- name: Update repos on nodes
- hosts: oo_masters_to_config:oo_nodes_to_upgrade:oo_etcd_to_config:oo_lb_to_config
- roles:
- - openshift_repos
- tags:
- - pre_upgrade
-
-- name: Set openshift_no_proxy_internal_hostnames
- hosts: oo_masters_to_config:oo_nodes_to_upgrade
- tags:
- - pre_upgrade
- tasks:
- - set_fact:
- openshift_no_proxy_internal_hostnames: "{{ hostvars | oo_select_keys(groups['oo_nodes_to_upgrade']
- | union(groups['oo_masters_to_config'])
- | union(groups['oo_etcd_to_config'] | default([])))
- | oo_collect('openshift.common.hostname') | default([]) | join (',')
- }}"
- when:
- - openshift_http_proxy is defined or openshift_https_proxy is defined
- - openshift_generate_no_proxy_hosts | default(True) | bool
-
-- include: ../pre/verify_inventory_vars.yml
- tags:
- - pre_upgrade
-
-- include: ../pre/verify_health_checks.yml
- tags:
- - pre_upgrade
-
-- include: ../disable_node_excluders.yml
- tags:
- - pre_upgrade
-
-- include: ../../initialize_openshift_version.yml
- tags:
- - pre_upgrade
+- import_playbook: ../pre/config.yml
vars:
- # Request specific openshift_release and let the openshift_version role handle converting this
- # to a more specific version, respecting openshift_image_tag and openshift_pkg_version if
- # defined, and overriding the normal behavior of protecting the installed version
- openshift_release: "{{ openshift_upgrade_target }}"
- openshift_protect_installed_version: False
-
- # We skip the docker role at this point in upgrade to prevent
- # unintended package, container, or config upgrades which trigger
- # docker restarts. At this early stage of upgrade we can assume
- # docker is configured and running.
- skip_docker_role: True
-
-- name: Verify masters are already upgraded
- hosts: oo_masters_to_config
- tags:
- - pre_upgrade
+ l_upgrade_repo_hosts: "oo_nodes_to_config"
+ l_upgrade_no_proxy_hosts: "oo_all_hosts"
+ l_upgrade_health_check_hosts: "oo_nodes_to_config"
+ l_upgrade_verify_targets_hosts: "oo_nodes_to_config"
+ l_upgrade_docker_target_hosts: "oo_nodes_to_config"
+ l_upgrade_excluder_hosts: "oo_nodes_to_config:!oo_masters_to_config"
+ l_upgrade_nodes_only: True
+
+- name: Flag pre-upgrade checks complete for hosts without errors
+ hosts: oo_masters_to_config:oo_nodes_to_upgrade:oo_etcd_to_config
tasks:
- - fail: msg="Master running {{ openshift.common.version }} must be upgraded to {{ openshift_version }} before node upgrade can be run."
- when: openshift.common.version != openshift_version
-
-- include: ../pre/verify_control_plane_running.yml
- tags:
- - pre_upgrade
-
-- name: Verify upgrade targets
- hosts: oo_nodes_to_upgrade
- tasks:
- - include: ../pre/verify_upgrade_targets.yml
- tags:
- - pre_upgrade
-
-- name: Verify docker upgrade targets
- hosts: oo_nodes_to_upgrade
- tasks:
- - include: ../pre/tasks/verify_docker_upgrade_targets.yml
- tags:
- - pre_upgrade
-
-- include: ../pre/gate_checks.yml
- tags:
- - pre_upgrade
-
-# Pre-upgrade completed, nothing after this should be tagged pre_upgrade.
+ - set_fact:
+ pre_upgrade_complete: True
-# Separate step so we can execute in parallel and clear out anything unused
-# before we get into the serialized upgrade process which will then remove
-# remaining images if possible.
-- name: Cleanup unused Docker images
- hosts: oo_nodes_to_upgrade
- tasks:
- - include: ../cleanup_unused_images.yml
+# Pre-upgrade completed
-- include: ../upgrade_nodes.yml
+- import_playbook: ../upgrade_nodes.yml
diff --git a/playbooks/common/openshift-cluster/upgrades/v3_7/validator.yml b/playbooks/common/openshift-cluster/upgrades/v3_7/validator.yml
index 8e4f99c91..c8c87a9c3 100644
--- a/playbooks/common/openshift-cluster/upgrades/v3_7/validator.yml
+++ b/playbooks/common/openshift-cluster/upgrades/v3_7/validator.yml
@@ -11,13 +11,15 @@
tasks:
- name: Check for invalid namespaces and SDN errors
oc_objectvalidator:
-
+ # DO NOT DISABLE THIS, YOUR UPGRADE WILL FAIL IF YOU DO SO
- name: Confirm OpenShift authorization objects are in sync
command: >
{{ openshift.common.client_binary }} adm migrate authorization
- when: openshift_version | version_compare('3.7','<')
+ when:
+ - openshift_currently_installed_version is version_compare('3.7','<')
+ - openshift_upgrade_pre_authorization_migration_enabled | default(true) | bool
changed_when: false
register: l_oc_result
until: l_oc_result.rc == 0
- retries: 4
+ retries: 2
delay: 15
diff --git a/playbooks/common/openshift-cluster/upgrades/v3_7/master_config_upgrade.yml b/playbooks/common/openshift-cluster/upgrades/v3_8/master_config_upgrade.yml
index 1d4d1919c..1d4d1919c 100644
--- a/playbooks/common/openshift-cluster/upgrades/v3_7/master_config_upgrade.yml
+++ b/playbooks/common/openshift-cluster/upgrades/v3_8/master_config_upgrade.yml
diff --git a/playbooks/common/openshift-cluster/upgrades/v3_5/roles b/playbooks/common/openshift-cluster/upgrades/v3_8/roles
index 415645be6..415645be6 120000
--- a/playbooks/common/openshift-cluster/upgrades/v3_5/roles
+++ b/playbooks/common/openshift-cluster/upgrades/v3_8/roles
diff --git a/playbooks/common/openshift-cluster/upgrades/v3_8/upgrade.yml b/playbooks/common/openshift-cluster/upgrades/v3_8/upgrade.yml
new file mode 100644
index 000000000..0f74e0137
--- /dev/null
+++ b/playbooks/common/openshift-cluster/upgrades/v3_8/upgrade.yml
@@ -0,0 +1,59 @@
+---
+#
+# Full Control Plane + Nodes Upgrade
+#
+- import_playbook: ../init.yml
+ tags:
+ - pre_upgrade
+
+- name: Configure the upgrade target for the common upgrade tasks
+ hosts: oo_all_hosts
+ tags:
+ - pre_upgrade
+ tasks:
+ - set_fact:
+ openshift_upgrade_target: '3.8'
+ openshift_upgrade_min: '3.7'
+
+- import_playbook: ../pre/config.yml
+ vars:
+ l_upgrade_repo_hosts: "oo_masters_to_config:oo_nodes_to_upgrade:oo_etcd_to_config:oo_lb_to_config"
+ l_upgrade_no_proxy_hosts: "oo_masters_to_config:oo_nodes_to_upgrade"
+ l_upgrade_health_check_hosts: "oo_masters_to_config:oo_etcd_to_config:oo_lb_to_config"
+ l_upgrade_verify_targets_hosts: "oo_masters_to_config:oo_nodes_to_upgrade"
+ l_upgrade_docker_target_hosts: "oo_masters_to_config:oo_nodes_to_upgrade:oo_etcd_to_config"
+ l_upgrade_excluder_hosts: "oo_nodes_to_config:oo_masters_to_config"
+
+- import_playbook: validator.yml
+
+- name: Flag pre-upgrade checks complete for hosts without errors
+ hosts: oo_masters_to_config:oo_nodes_to_upgrade:oo_etcd_to_config
+ tasks:
+ - set_fact:
+ pre_upgrade_complete: True
+
+# Pre-upgrade completed
+
+- import_playbook: ../upgrade_control_plane.yml
+ vars:
+ master_config_hook: "v3_7/master_config_upgrade.yml"
+
+# All controllers must be stopped at the same time then restarted
+- name: Cycle all controller services to force new leader election mode
+ hosts: oo_masters_to_config
+ gather_facts: no
+ roles:
+ - role: openshift_facts
+ tasks:
+ - name: Stop {{ openshift_service_type }}-master-controllers
+ systemd:
+ name: "{{ openshift_service_type }}-master-controllers"
+ state: stopped
+ - name: Start {{ openshift_service_type }}-master-controllers
+ systemd:
+ name: "{{ openshift_service_type }}-master-controllers"
+ state: started
+
+- import_playbook: ../upgrade_nodes.yml
+
+- import_playbook: ../post_control_plane.yml
diff --git a/playbooks/common/openshift-cluster/upgrades/v3_8/upgrade_control_plane.yml b/playbooks/common/openshift-cluster/upgrades/v3_8/upgrade_control_plane.yml
new file mode 100644
index 000000000..08bfd239f
--- /dev/null
+++ b/playbooks/common/openshift-cluster/upgrades/v3_8/upgrade_control_plane.yml
@@ -0,0 +1,64 @@
+---
+#
+# Control Plane Upgrade Playbook
+#
+# Upgrades masters and Docker (only on standalone etcd hosts)
+#
+# This upgrade does not include:
+# - node service running on masters
+# - docker running on masters
+# - node service running on dedicated nodes
+#
+# You can run the upgrade_nodes.yml playbook after this to upgrade these components separately.
+#
+- import_playbook: ../init.yml
+ vars:
+ l_upgrade_no_switch_firewall_hosts: "oo_masters_to_config:oo_etcd_to_config:oo_lb_to_config"
+
+- name: Configure the upgrade target for the common upgrade tasks
+ hosts: oo_masters_to_config:oo_etcd_to_config:oo_lb_to_config
+ tasks:
+ - set_fact:
+ openshift_upgrade_target: '3.8'
+ openshift_upgrade_min: '3.7'
+
+- import_playbook: ../pre/config.yml
+ vars:
+ l_upgrade_repo_hosts: "oo_masters_to_config:oo_etcd_to_config:oo_lb_to_config"
+ l_upgrade_no_proxy_hosts: "oo_masters_to_config"
+ l_upgrade_health_check_hosts: "oo_masters_to_config:oo_etcd_to_config:oo_lb_to_config"
+ l_upgrade_verify_targets_hosts: "oo_masters_to_config"
+ l_upgrade_docker_target_hosts: "oo_masters_to_config:oo_etcd_to_config"
+ l_upgrade_excluder_hosts: "oo_masters_to_config"
+
+- import_playbook: validator.yml
+
+- name: Flag pre-upgrade checks complete for hosts without errors
+ hosts: oo_masters_to_config:oo_etcd_to_config
+ tasks:
+ - set_fact:
+ pre_upgrade_complete: True
+
+# Pre-upgrade completed
+
+- import_playbook: ../upgrade_control_plane.yml
+ vars:
+ master_config_hook: "v3_7/master_config_upgrade.yml"
+
+# All controllers must be stopped at the same time then restarted
+- name: Cycle all controller services to force new leader election mode
+ hosts: oo_masters_to_config
+ gather_facts: no
+ roles:
+ - role: openshift_facts
+ tasks:
+ - name: Stop {{ openshift_service_type }}-master-controllers
+ systemd:
+ name: "{{ openshift_service_type }}-master-controllers"
+ state: stopped
+ - name: Start {{ openshift_service_type }}-master-controllers
+ systemd:
+ name: "{{ openshift_service_type }}-master-controllers"
+ state: started
+
+- import_playbook: ../post_control_plane.yml
diff --git a/playbooks/common/openshift-cluster/upgrades/v3_8/upgrade_nodes.yml b/playbooks/common/openshift-cluster/upgrades/v3_8/upgrade_nodes.yml
new file mode 100644
index 000000000..b5f1038fd
--- /dev/null
+++ b/playbooks/common/openshift-cluster/upgrades/v3_8/upgrade_nodes.yml
@@ -0,0 +1,38 @@
+---
+#
+# Node Upgrade Playbook
+#
+# Upgrades nodes only, but requires the control plane to have already been upgraded.
+#
+- import_playbook: ../init.yml
+ tags:
+ - pre_upgrade
+
+- name: Configure the upgrade target for the common upgrade tasks
+ hosts: oo_all_hosts
+ tags:
+ - pre_upgrade
+ tasks:
+ - set_fact:
+ openshift_upgrade_target: '3.8'
+ openshift_upgrade_min: '3.7'
+
+- import_playbook: ../pre/config.yml
+ vars:
+ l_upgrade_repo_hosts: "oo_nodes_to_config"
+ l_upgrade_no_proxy_hosts: "oo_all_hosts"
+ l_upgrade_health_check_hosts: "oo_nodes_to_config"
+ l_upgrade_verify_targets_hosts: "oo_nodes_to_config"
+ l_upgrade_docker_target_hosts: "oo_nodes_to_config"
+ l_upgrade_excluder_hosts: "oo_nodes_to_config:!oo_masters_to_config"
+ l_upgrade_nodes_only: True
+
+- name: Flag pre-upgrade checks complete for hosts without errors
+ hosts: oo_masters_to_config:oo_nodes_to_upgrade:oo_etcd_to_config
+ tasks:
+ - set_fact:
+ pre_upgrade_complete: True
+
+# Pre-upgrade completed
+
+- import_playbook: ../upgrade_nodes.yml
diff --git a/playbooks/common/openshift-cluster/upgrades/v3_8/validator.yml b/playbooks/common/openshift-cluster/upgrades/v3_8/validator.yml
new file mode 100644
index 000000000..d8540abfb
--- /dev/null
+++ b/playbooks/common/openshift-cluster/upgrades/v3_8/validator.yml
@@ -0,0 +1,7 @@
+---
+- name: Verify 3.8 specific upgrade checks
+ hosts: oo_first_master
+ roles:
+ - { role: lib_openshift }
+ tasks:
+ - debug: msg="noop"
diff --git a/playbooks/common/openshift-cluster/upgrades/v3_9/master_config_upgrade.yml b/playbooks/common/openshift-cluster/upgrades/v3_9/master_config_upgrade.yml
new file mode 100644
index 000000000..1d4d1919c
--- /dev/null
+++ b/playbooks/common/openshift-cluster/upgrades/v3_9/master_config_upgrade.yml
@@ -0,0 +1,20 @@
+---
+- modify_yaml:
+ dest: "{{ openshift.common.config_base}}/master/master-config.yaml"
+ yaml_key: 'controllerConfig.election.lockName'
+ yaml_value: 'openshift-master-controllers'
+
+- modify_yaml:
+ dest: "{{ openshift.common.config_base}}/master/master-config.yaml"
+ yaml_key: 'controllerConfig.serviceServingCert.signer.certFile'
+ yaml_value: service-signer.crt
+
+- modify_yaml:
+ dest: "{{ openshift.common.config_base}}/master/master-config.yaml"
+ yaml_key: 'controllerConfig.serviceServingCert.signer.keyFile'
+ yaml_value: service-signer.key
+
+- modify_yaml:
+ dest: "{{ openshift.common.config_base }}/master/master-config.yaml"
+ yaml_key: servingInfo.clientCA
+ yaml_value: ca.crt
diff --git a/playbooks/common/openshift-cluster/upgrades/v3_9/roles b/playbooks/common/openshift-cluster/upgrades/v3_9/roles
new file mode 120000
index 000000000..415645be6
--- /dev/null
+++ b/playbooks/common/openshift-cluster/upgrades/v3_9/roles
@@ -0,0 +1 @@
+../../../../../roles/ \ No newline at end of file
diff --git a/playbooks/common/openshift-cluster/upgrades/v3_9/upgrade.yml b/playbooks/common/openshift-cluster/upgrades/v3_9/upgrade.yml
new file mode 100644
index 000000000..0aea5069d
--- /dev/null
+++ b/playbooks/common/openshift-cluster/upgrades/v3_9/upgrade.yml
@@ -0,0 +1,55 @@
+---
+#
+# Full Control Plane + Nodes Upgrade
+#
+- import_playbook: ../init.yml
+
+- name: Configure the upgrade target for the common upgrade tasks
+ hosts: oo_all_hosts
+ tasks:
+ - set_fact:
+ openshift_upgrade_target: '3.9'
+ openshift_upgrade_min: '3.7'
+
+- import_playbook: ../pre/config.yml
+ vars:
+ l_upgrade_repo_hosts: "oo_masters_to_config:oo_nodes_to_upgrade:oo_etcd_to_config:oo_lb_to_config"
+ l_upgrade_no_proxy_hosts: "oo_masters_to_config:oo_nodes_to_upgrade"
+ l_upgrade_health_check_hosts: "oo_masters_to_config:oo_etcd_to_config:oo_lb_to_config"
+ l_upgrade_verify_targets_hosts: "oo_masters_to_config:oo_nodes_to_upgrade"
+ l_upgrade_docker_target_hosts: "oo_masters_to_config:oo_nodes_to_upgrade:oo_etcd_to_config"
+ l_upgrade_excluder_hosts: "oo_nodes_to_config:oo_masters_to_config"
+
+- import_playbook: validator.yml
+
+- name: Flag pre-upgrade checks complete for hosts without errors
+ hosts: oo_masters_to_config:oo_nodes_to_upgrade:oo_etcd_to_config
+ tasks:
+ - set_fact:
+ pre_upgrade_complete: True
+
+# Pre-upgrade completed
+
+- import_playbook: ../upgrade_control_plane.yml
+ vars:
+ master_config_hook: "v3_7/master_config_upgrade.yml"
+
+# All controllers must be stopped at the same time then restarted
+- name: Cycle all controller services to force new leader election mode
+ hosts: oo_masters_to_config
+ gather_facts: no
+ roles:
+ - role: openshift_facts
+ tasks:
+ - name: Stop {{ openshift.common.service_type }}-master-controllers
+ systemd:
+ name: "{{ openshift.common.service_type }}-master-controllers"
+ state: stopped
+ - name: Start {{ openshift.common.service_type }}-master-controllers
+ systemd:
+ name: "{{ openshift.common.service_type }}-master-controllers"
+ state: started
+
+- import_playbook: ../upgrade_nodes.yml
+
+- import_playbook: ../post_control_plane.yml
diff --git a/playbooks/common/openshift-cluster/upgrades/v3_9/upgrade_control_plane.yml b/playbooks/common/openshift-cluster/upgrades/v3_9/upgrade_control_plane.yml
new file mode 100644
index 000000000..05aa737c6
--- /dev/null
+++ b/playbooks/common/openshift-cluster/upgrades/v3_9/upgrade_control_plane.yml
@@ -0,0 +1,65 @@
+---
+#
+# Control Plane Upgrade Playbook
+#
+# Upgrades masters and Docker (only on standalone etcd hosts)
+#
+# This upgrade does not include:
+# - node service running on masters
+# - docker running on masters
+# - node service running on dedicated nodes
+#
+# You can run the upgrade_nodes.yml playbook after this to upgrade these components separately.
+#
+- import_playbook: ../init.yml
+ vars:
+ l_upgrade_no_switch_firewall_hosts: "oo_masters_to_config:oo_etcd_to_config:oo_lb_to_config"
+
+- name: Configure the upgrade target for the common upgrade tasks
+ hosts: oo_masters_to_config:oo_etcd_to_config:oo_lb_to_config
+ tasks:
+ - set_fact:
+ openshift_upgrade_target: '3.9'
+ openshift_upgrade_min: '3.7'
+
+- import_playbook: ../pre/config.yml
+ vars:
+ l_upgrade_repo_hosts: "oo_masters_to_config:oo_etcd_to_config:oo_lb_to_config"
+ l_upgrade_no_proxy_hosts: "oo_masters_to_config"
+ l_upgrade_health_check_hosts: "oo_masters_to_config:oo_etcd_to_config:oo_lb_to_config"
+ l_upgrade_verify_targets_hosts: "oo_masters_to_config"
+ l_upgrade_docker_target_hosts: "oo_masters_to_config:oo_etcd_to_config"
+ l_upgrade_excluder_hosts: "oo_masters_to_config"
+
+- import_playbook: validator.yml
+
+- name: Flag pre-upgrade checks complete for hosts without errors
+ hosts: oo_masters_to_config:oo_etcd_to_config
+ tasks:
+ - set_fact:
+ pre_upgrade_complete: True
+
+# Pre-upgrade completed
+
+
+- import_playbook: ../upgrade_control_plane.yml
+ vars:
+ master_config_hook: "v3_7/master_config_upgrade.yml"
+
+# All controllers must be stopped at the same time then restarted
+- name: Cycle all controller services to force new leader election mode
+ hosts: oo_masters_to_config
+ gather_facts: no
+ roles:
+ - role: openshift_facts
+ tasks:
+ - name: Stop {{ openshift.common.service_type }}-master-controllers
+ systemd:
+ name: "{{ openshift.common.service_type }}-master-controllers"
+ state: stopped
+ - name: Start {{ openshift.common.service_type }}-master-controllers
+ systemd:
+ name: "{{ openshift.common.service_type }}-master-controllers"
+ state: started
+
+- import_playbook: ../post_control_plane.yml
diff --git a/playbooks/common/openshift-cluster/upgrades/v3_9/upgrade_nodes.yml b/playbooks/common/openshift-cluster/upgrades/v3_9/upgrade_nodes.yml
new file mode 100644
index 000000000..1d1b255c1
--- /dev/null
+++ b/playbooks/common/openshift-cluster/upgrades/v3_9/upgrade_nodes.yml
@@ -0,0 +1,34 @@
+---
+#
+# Node Upgrade Playbook
+#
+# Upgrades nodes only, but requires the control plane to have already been upgraded.
+#
+- import_playbook: ../init.yml
+
+- name: Configure the upgrade target for the common upgrade tasks
+ hosts: oo_all_hosts
+ tasks:
+ - set_fact:
+ openshift_upgrade_target: '3.9'
+ openshift_upgrade_min: '3.7'
+
+- import_playbook: ../pre/config.yml
+ vars:
+ l_upgrade_repo_hosts: "oo_nodes_to_config"
+ l_upgrade_no_proxy_hosts: "oo_all_hosts"
+ l_upgrade_health_check_hosts: "oo_nodes_to_config"
+ l_upgrade_verify_targets_hosts: "oo_nodes_to_config"
+ l_upgrade_docker_target_hosts: "oo_nodes_to_config"
+ l_upgrade_excluder_hosts: "oo_nodes_to_config:!oo_masters_to_config"
+ l_upgrade_nodes_only: True
+
+- name: Flag pre-upgrade checks complete for hosts without errors
+ hosts: oo_masters_to_config:oo_nodes_to_upgrade:oo_etcd_to_config
+ tasks:
+ - set_fact:
+ pre_upgrade_complete: True
+
+# Pre-upgrade completed
+
+- import_playbook: ../upgrade_nodes.yml
diff --git a/playbooks/common/openshift-cluster/upgrades/v3_9/validator.yml b/playbooks/common/openshift-cluster/upgrades/v3_9/validator.yml
new file mode 100644
index 000000000..4bd2d87b1
--- /dev/null
+++ b/playbooks/common/openshift-cluster/upgrades/v3_9/validator.yml
@@ -0,0 +1,7 @@
+---
+- name: Verify 3.9 specific upgrade checks
+ hosts: oo_first_master
+ roles:
+ - { role: lib_openshift }
+ tasks:
+ - debug: msg="noop"
diff --git a/playbooks/common/openshift-cluster/validate_hostnames.yml b/playbooks/common/openshift-cluster/validate_hostnames.yml
deleted file mode 100644
index be2e6a15a..000000000
--- a/playbooks/common/openshift-cluster/validate_hostnames.yml
+++ /dev/null
@@ -1,23 +0,0 @@
----
-- name: Validate node hostnames
- hosts: oo_nodes_to_config
- tasks:
- - name: Query DNS for IP address of {{ openshift.common.hostname }}
- shell:
- getent ahostsv4 {{ openshift.common.hostname }} | head -n 1 | awk '{ print $1 }'
- register: lookupip
- changed_when: false
- failed_when: false
- - name: Warn user about bad openshift_hostname values
- pause:
- prompt:
- The hostname {{ openshift.common.hostname }} for {{ ansible_nodename }}
- doesn't resolve to an IP address owned by this host. Please set
- openshift_hostname variable to a hostname that when resolved on the host
- in question resolves to an IP address matching an interface on this
- host. This host will fail liveness checks for pods utilizing hostPorts,
- press ENTER to continue or CTRL-C to abort.
- seconds: "{{ 10 if openshift_override_hostname_check | default(false) | bool else omit }}"
- when:
- - lookupip.stdout != '127.0.0.1'
- - lookupip.stdout not in ansible_all_ipv4_addresses
diff --git a/playbooks/common/openshift-etcd/ca.yml b/playbooks/common/openshift-etcd/ca.yml
deleted file mode 100644
index ac5543be9..000000000
--- a/playbooks/common/openshift-etcd/ca.yml
+++ /dev/null
@@ -1,15 +0,0 @@
----
-- name: Generate new etcd CA
- hosts: oo_first_etcd
- roles:
- - role: openshift_etcd_facts
- tasks:
- - include_role:
- name: etcd
- tasks_from: ca
- vars:
- etcd_peers: "{{ groups.oo_etcd_to_config | default([], true) }}"
- etcd_ca_host: "{{ groups.oo_etcd_to_config.0 }}"
- etcd_certificates_etcd_hosts: "{{ groups.oo_etcd_to_config | default([], true) }}"
- when:
- - etcd_ca_setup | default(True) | bool
diff --git a/playbooks/common/openshift-etcd/certificates.yml b/playbooks/common/openshift-etcd/certificates.yml
deleted file mode 100644
index eb6b94f33..000000000
--- a/playbooks/common/openshift-etcd/certificates.yml
+++ /dev/null
@@ -1,4 +0,0 @@
----
-- include: server_certificates.yml
-
-- include: master_etcd_certificates.yml
diff --git a/playbooks/common/openshift-etcd/config.yml b/playbooks/common/openshift-etcd/config.yml
deleted file mode 100644
index 48d46bbb0..000000000
--- a/playbooks/common/openshift-etcd/config.yml
+++ /dev/null
@@ -1,36 +0,0 @@
----
-- name: etcd Install Checkpoint Start
- hosts: oo_all_hosts
- gather_facts: false
- tasks:
- - name: Set etcd install 'In Progress'
- set_stats:
- data:
- installer_phase_etcd: "In Progress"
- aggregate: false
-
-- include: ca.yml
-
-- include: certificates.yml
-
-- name: Configure etcd
- hosts: oo_etcd_to_config
- any_errors_fatal: true
- roles:
- - role: os_firewall
- - role: openshift_etcd
- etcd_peers: "{{ groups.oo_etcd_to_config | default([], true) }}"
- etcd_ca_host: "{{ groups.oo_etcd_to_config.0 }}"
- etcd_certificates_etcd_hosts: "{{ groups.oo_etcd_to_config | default([], true) }}"
- r_etcd_common_etcd_runtime: "{{ openshift.common.etcd_runtime }}"
- - role: nickhammond.logrotate
-
-- name: etcd Install Checkpoint End
- hosts: oo_all_hosts
- gather_facts: false
- tasks:
- - name: Set etcd install 'Complete'
- set_stats:
- data:
- installer_phase_etcd: "Complete"
- aggregate: false
diff --git a/playbooks/common/openshift-etcd/embedded2external.yml b/playbooks/common/openshift-etcd/embedded2external.yml
deleted file mode 100644
index b16b78c4f..000000000
--- a/playbooks/common/openshift-etcd/embedded2external.yml
+++ /dev/null
@@ -1,172 +0,0 @@
----
-- name: Pre-migrate checks
- hosts: localhost
- tasks:
- # Check there is only one etcd host
- - assert:
- that: groups.oo_etcd_to_config | default([]) | length == 1
- msg: "[etcd] group must contain only one host"
- # Check there is only one master
- - assert:
- that: groups.oo_masters_to_config | default([]) | length == 1
- msg: "[master] group must contain only one host"
-
-# 1. stop a master
-- name: Prepare masters for etcd data migration
- hosts: oo_first_master
- roles:
- - role: openshift_facts
- tasks:
- - name: Check the master API is ready
- include_role:
- name: openshift_master
- tasks_from: check_master_api_is_ready
- - set_fact:
- master_service: "{{ openshift.common.service_type + '-master' }}"
- embedded_etcd_backup_suffix: "{{ lookup('pipe', 'date +%Y%m%d%H%M%S') }}"
- - debug:
- msg: "master service name: {{ master_service }}"
- - name: Stop master
- service:
- name: "{{ master_service }}"
- state: stopped
- # 2. backup embedded etcd
- # Can't use with_items with include_role: https://github.com/ansible/ansible/issues/21285
- - include_role:
- name: etcd
- tasks_from: backup
- vars:
- r_etcd_common_etcd_runtime: "{{ openshift.common.etcd_runtime }}"
- r_etcd_common_backup_tag: pre-migrate
- r_etcd_common_embedded_etcd: "{{ true }}"
- r_etcd_common_backup_sufix_name: "{{ embedded_etcd_backup_suffix }}"
-
- - include_role:
- name: etcd
- tasks_from: backup.archive
- vars:
- r_etcd_common_etcd_runtime: "{{ openshift.common.etcd_runtime }}"
- r_etcd_common_backup_tag: pre-migrate
- r_etcd_common_embedded_etcd: "{{ true }}"
- r_etcd_common_backup_sufix_name: "{{ embedded_etcd_backup_suffix }}"
-
-# 3. deploy certificates (for etcd and master)
-- include: ca.yml
-
-- include: server_certificates.yml
-
-- name: Backup etcd client certificates for master host
- hosts: oo_first_master
- tasks:
- - include_role:
- name: etcd
- tasks_from: backup_master_etcd_certificates
-
-- name: Redeploy master etcd certificates
- include: master_etcd_certificates.yml
- vars:
- etcd_certificates_redeploy: "{{ true }}"
-
-# 4. deploy external etcd
-- include: ../openshift-etcd/config.yml
-
-# 5. stop external etcd
-- name: Cleanse etcd
- hosts: oo_etcd_to_config[0]
- gather_facts: no
- pre_tasks:
- - include_role:
- name: etcd
- tasks_from: disable_etcd
- vars:
- r_etcd_common_etcd_runtime: "{{ openshift.common.etcd_runtime }}"
- - include_role:
- name: etcd
- tasks_from: clean_data
- vars:
- r_etcd_common_etcd_runtime: "{{ openshift.common.etcd_runtime }}"
-
-# 6. copy the embedded etcd backup to the external host
-# TODO(jchaloup): if the etcd and first master are on the same host, just copy the directory
-- name: Copy embedded etcd backup to the external host
- hosts: localhost
- tasks:
- - name: Create local temp directory for syncing etcd backup
- local_action: command mktemp -d /tmp/etcd_backup-XXXXXXX
- register: g_etcd_client_mktemp
- changed_when: False
- become: no
-
- - include_role:
- name: etcd
- tasks_from: backup.fetch
- vars:
- r_etcd_common_etcd_runtime: "{{ hostvars[groups.oo_first_master.0].openshift.common.etcd_runtime }}"
- etcd_backup_sync_directory: "{{ g_etcd_client_mktemp.stdout }}"
- r_etcd_common_backup_tag: pre-migrate
- r_etcd_common_embedded_etcd: "{{ true }}"
- r_etcd_common_backup_sufix_name: "{{ hostvars[groups.oo_first_master.0].embedded_etcd_backup_suffix }}"
- delegate_to: "{{ groups.oo_first_master[0] }}"
-
- - include_role:
- name: etcd
- tasks_from: backup.copy
- vars:
- r_etcd_common_etcd_runtime: "{{ hostvars[groups.oo_etcd_to_config.0].openshift.common.etcd_runtime }}"
- etcd_backup_sync_directory: "{{ g_etcd_client_mktemp.stdout }}"
- r_etcd_common_backup_tag: pre-migrate
- r_etcd_common_backup_sufix_name: "{{ hostvars[groups.oo_first_master.0].embedded_etcd_backup_suffix }}"
- delegate_to: "{{ groups.oo_etcd_to_config[0] }}"
-
- - debug:
- msg: "etcd_backup_dest_directory: {{ g_etcd_client_mktemp.stdout }}"
-
- - name: Delete temporary directory
- local_action: file path="{{ g_etcd_client_mktemp.stdout }}" state=absent
- changed_when: False
- become: no
-
-# 7. force new cluster from the backup
-- name: Force new etcd cluster
- hosts: oo_etcd_to_config[0]
- tasks:
- - include_role:
- name: etcd
- tasks_from: backup.unarchive
- vars:
- r_etcd_common_etcd_runtime: "{{ openshift.common.etcd_runtime }}"
- r_etcd_common_backup_tag: pre-migrate
- r_etcd_common_backup_sufix_name: "{{ hostvars[groups.oo_first_master.0].embedded_etcd_backup_suffix }}"
-
- - include_role:
- name: etcd
- tasks_from: backup.force_new_cluster
- vars:
- r_etcd_common_etcd_runtime: "{{ openshift.common.etcd_runtime }}"
- r_etcd_common_backup_tag: pre-migrate
- r_etcd_common_backup_sufix_name: "{{ hostvars[groups.oo_first_master.0].embedded_etcd_backup_suffix }}"
- etcd_peer: "{{ openshift.common.ip }}"
- etcd_url_scheme: "https"
- etcd_peer_url_scheme: "https"
-
-# 8. re-configure master to use the external etcd
-- name: Configure master to use external etcd
- hosts: oo_first_master
- tasks:
- - include_role:
- name: openshift_master
- tasks_from: configure_external_etcd
- vars:
- etcd_peer_url_scheme: "https"
- etcd_ip: "{{ hostvars[groups.oo_etcd_to_config.0].openshift.common.ip }}"
- etcd_peer_port: 2379
-
- # 9. start the master
- - name: Start master
- service:
- name: "{{ master_service }}"
- state: started
- register: service_status
- until: service_status.state is defined and service_status.state == "started"
- retries: 5
- delay: 10
diff --git a/playbooks/common/openshift-etcd/filter_plugins b/playbooks/common/openshift-etcd/filter_plugins
deleted file mode 120000
index 99a95e4ca..000000000
--- a/playbooks/common/openshift-etcd/filter_plugins
+++ /dev/null
@@ -1 +0,0 @@
-../../../filter_plugins \ No newline at end of file
diff --git a/playbooks/common/openshift-etcd/lookup_plugins b/playbooks/common/openshift-etcd/lookup_plugins
deleted file mode 120000
index ac79701db..000000000
--- a/playbooks/common/openshift-etcd/lookup_plugins
+++ /dev/null
@@ -1 +0,0 @@
-../../../lookup_plugins \ No newline at end of file
diff --git a/playbooks/common/openshift-etcd/master_etcd_certificates.yml b/playbooks/common/openshift-etcd/master_etcd_certificates.yml
deleted file mode 100644
index 0a25aac57..000000000
--- a/playbooks/common/openshift-etcd/master_etcd_certificates.yml
+++ /dev/null
@@ -1,14 +0,0 @@
----
-- name: Create etcd client certificates for master hosts
- hosts: oo_masters_to_config
- any_errors_fatal: true
- roles:
- - role: openshift_etcd_facts
- - role: openshift_etcd_client_certificates
- etcd_ca_host: "{{ groups.oo_etcd_to_config.0 }}"
- etcd_cert_subdir: "openshift-master-{{ openshift.common.hostname }}"
- etcd_cert_config_dir: "{{ openshift.common.config_base }}/master"
- etcd_cert_prefix: "master.etcd-"
- openshift_ca_host: "{{ groups.oo_first_master.0 }}"
- r_etcd_common_etcd_runtime: "{{ openshift.common.etcd_runtime }}"
- when: groups.oo_etcd_to_config is defined and groups.oo_etcd_to_config
diff --git a/playbooks/common/openshift-etcd/migrate.yml b/playbooks/common/openshift-etcd/migrate.yml
deleted file mode 100644
index 31362f2f6..000000000
--- a/playbooks/common/openshift-etcd/migrate.yml
+++ /dev/null
@@ -1,169 +0,0 @@
----
-- name: Check if the master has embedded etcd
- hosts: localhost
- connection: local
- become: no
- gather_facts: no
- tags:
- - always
- tasks:
- - fail:
- msg: "Migration of an embedded etcd is not supported. Please, migrate the embedded etcd into an external etcd first."
- when:
- - groups.oo_etcd_to_config | default([]) | length == 0
-
-- name: Run pre-checks
- hosts: oo_etcd_to_migrate
- tasks:
- - include_role:
- name: etcd
- tasks_from: migrate.pre_check
- vars:
- r_etcd_common_embedded_etcd: "{{ groups.oo_etcd_to_config | default([]) | length == 0 }}"
- etcd_peer: "{{ ansible_default_ipv4.address }}"
-
-# TODO: This will be different for release-3.6 branch
-- name: Prepare masters for etcd data migration
- hosts: oo_masters_to_config
- tasks:
- - set_fact:
- master_services:
- - "{{ openshift.common.service_type + '-master-controllers' }}"
- - "{{ openshift.common.service_type + '-master-api' }}"
- - debug:
- msg: "master service name: {{ master_services }}"
- - name: Stop masters
- service:
- name: "{{ item }}"
- state: stopped
- with_items: "{{ master_services }}"
-
-- name: Backup v2 data
- hosts: oo_etcd_to_migrate
- gather_facts: no
- roles:
- - role: openshift_facts
- post_tasks:
- - include_role:
- name: etcd
- tasks_from: backup
- vars:
- r_etcd_common_etcd_runtime: "{{ openshift.common.etcd_runtime }}"
- r_etcd_common_backup_tag: pre-migration
- r_etcd_common_embedded_etcd: "{{ groups.oo_etcd_to_config | default([]) | length == 0 }}"
- r_etcd_common_backup_sufix_name: "{{ lookup('pipe', 'date +%Y%m%d%H%M%S') }}"
-
-- name: Gate on etcd backup
- hosts: localhost
- connection: local
- become: no
- tasks:
- - set_fact:
- etcd_backup_completed: "{{ hostvars
- | oo_select_keys(groups.oo_etcd_to_migrate)
- | oo_collect('inventory_hostname', {'r_etcd_common_backup_complete': true}) }}"
- - set_fact:
- etcd_backup_failed: "{{ groups.oo_etcd_to_migrate | difference(etcd_backup_completed) | list }}"
- - fail:
- msg: "Migration cannot continue. The following hosts did not complete etcd backup: {{ etcd_backup_failed | join(',') }}"
- when:
- - etcd_backup_failed | length > 0
-
-- name: Stop etcd
- hosts: oo_etcd_to_migrate
- gather_facts: no
- pre_tasks:
- - include_role:
- name: etcd
- tasks_from: disable_etcd
- vars:
- r_etcd_common_etcd_runtime: "{{ openshift.common.etcd_runtime }}"
-
-- name: Migrate data on first etcd
- hosts: oo_etcd_to_migrate[0]
- gather_facts: no
- tasks:
- - include_role:
- name: etcd
- tasks_from: migrate
- vars:
- r_etcd_common_embedded_etcd: "{{ groups.oo_etcd_to_config | default([]) | length == 0 }}"
- etcd_peer: "{{ openshift.common.ip }}"
- etcd_url_scheme: "https"
- etcd_peer_url_scheme: "https"
-
-- name: Clean data stores on remaining etcd hosts
- hosts: oo_etcd_to_migrate[1:]
- gather_facts: no
- tasks:
- - include_role:
- name: etcd
- tasks_from: clean_data
- vars:
- r_etcd_common_embedded_etcd: "{{ groups.oo_etcd_to_config | default([]) | length == 0 }}"
- etcd_peer: "{{ openshift.common.ip }}"
- etcd_url_scheme: "https"
- etcd_peer_url_scheme: "https"
- - name: Add etcd hosts
- delegate_to: localhost
- add_host:
- name: "{{ item }}"
- groups: oo_new_etcd_to_config
- ansible_ssh_user: "{{ g_ssh_user | default(omit) }}"
- ansible_become: "{{ g_sudo | default(omit) }}"
- with_items: "{{ groups.oo_etcd_to_migrate[1:] | default([]) }}"
- changed_when: no
- - name: Set success
- set_fact:
- r_etcd_migrate_success: true
-
-- include: ./scaleup.yml
-
-- name: Gate on etcd migration
- hosts: oo_masters_to_config
- gather_facts: no
- tasks:
- - set_fact:
- etcd_migration_completed: "{{ hostvars
- | oo_select_keys(groups.oo_etcd_to_migrate)
- | oo_collect('inventory_hostname', {'r_etcd_migrate_success': true}) }}"
- - set_fact:
- etcd_migration_failed: "{{ groups.oo_etcd_to_migrate | difference(etcd_migration_completed) | list }}"
-
-- name: Add TTLs on the first master
- hosts: oo_first_master[0]
- tasks:
- - include_role:
- name: etcd
- tasks_from: migrate.add_ttls
- vars:
- etcd_peer: "{{ hostvars[groups.oo_etcd_to_migrate.0].openshift.common.ip }}"
- etcd_url_scheme: "https"
- etcd_peer_url_scheme: "https"
- when: etcd_migration_failed | length == 0
-
-- name: Configure masters if etcd data migration is succesfull
- hosts: oo_masters_to_config
- tasks:
- - include_role:
- name: etcd
- tasks_from: migrate.configure_master
- when: etcd_migration_failed | length == 0
- - debug:
- msg: "Skipping master re-configuration since migration failed."
- when:
- - etcd_migration_failed | length > 0
- - name: Start master services
- service:
- name: "{{ item }}"
- state: started
- register: service_status
- # Sometimes the master-api, resp. master-controllers fails to start for the first time
- until: service_status.state is defined and service_status.state == "started"
- retries: 5
- delay: 10
- with_items: "{{ master_services[::-1] }}"
- - fail:
- msg: "Migration failed. The following hosts were not properly migrated: {{ etcd_migration_failed | join(',') }}"
- when:
- - etcd_migration_failed | length > 0
diff --git a/playbooks/common/openshift-etcd/restart.yml b/playbooks/common/openshift-etcd/restart.yml
deleted file mode 100644
index 5eaea5ae8..000000000
--- a/playbooks/common/openshift-etcd/restart.yml
+++ /dev/null
@@ -1,27 +0,0 @@
----
-- name: Restart etcd
- hosts: oo_etcd_to_config
- serial: 1
- tasks:
- - name: restart etcd
- service:
- name: "{{ 'etcd_container' if openshift.common.etcd_runtime == 'docker' else 'etcd' }}"
- state: restarted
- when:
- - not g_etcd_certificates_expired | default(false) | bool
-
-- name: Restart etcd
- hosts: oo_etcd_to_config
- tasks:
- - name: stop etcd
- service:
- name: "{{ 'etcd_container' if openshift.common.etcd_runtime == 'docker' else 'etcd' }}"
- state: stopped
- when:
- - g_etcd_certificates_expired | default(false) | bool
- - name: start etcd
- service:
- name: "{{ 'etcd_container' if openshift.common.etcd_runtime == 'docker' else 'etcd' }}"
- state: started
- when:
- - g_etcd_certificates_expired | default(false) | bool
diff --git a/playbooks/common/openshift-etcd/scaleup.yml b/playbooks/common/openshift-etcd/scaleup.yml
deleted file mode 100644
index 20061366c..000000000
--- a/playbooks/common/openshift-etcd/scaleup.yml
+++ /dev/null
@@ -1,83 +0,0 @@
----
-- name: Gather facts
- hosts: oo_etcd_to_config:oo_new_etcd_to_config
- roles:
- - openshift_etcd_facts
- post_tasks:
- - set_fact:
- etcd_hostname: "{{ etcd_hostname }}"
- etcd_ip: "{{ etcd_ip }}"
-
-- name: Configure etcd
- hosts: oo_new_etcd_to_config
- serial: 1
- any_errors_fatal: true
- vars:
- etcd_ca_host: "{{ groups.oo_etcd_to_config.0 }}"
- pre_tasks:
- - name: Add new etcd members to cluster
- command: >
- /usr/bin/etcdctl --cert-file {{ etcd_peer_cert_file }}
- --key-file {{ etcd_peer_key_file }}
- --ca-file {{ etcd_peer_ca_file }}
- -C {{ etcd_peer_url_scheme }}://{{ hostvars[etcd_ca_host].etcd_ip }}:{{ etcd_client_port }}
- member add {{ etcd_hostname }} {{ etcd_peer_url_scheme }}://{{ etcd_ip }}:{{ etcd_peer_port }}
- delegate_to: "{{ etcd_ca_host }}"
- failed_when:
- - etcd_add_check.rc == 1
- - ("peerURL exists" not in etcd_add_check.stderr)
- register: etcd_add_check
- retries: 3
- delay: 10
- until: etcd_add_check.rc == 0
- - include_role:
- name: etcd
- tasks_from: server_certificates
- vars:
- etcd_peers: "{{ groups.oo_new_etcd_to_config | default([], true) }}"
- etcd_certificates_etcd_hosts: "{{ groups.oo_new_etcd_to_config | default([], true) }}"
- r_etcd_common_etcd_runtime: "{{ openshift.common.etcd_runtime }}"
- roles:
- - role: os_firewall
- when: etcd_add_check.rc == 0
- - role: openshift_etcd
- when: etcd_add_check.rc == 0
- etcd_peers: "{{ groups.oo_etcd_to_config | union(groups.oo_new_etcd_to_config)| default([], true) }}"
- etcd_ca_host: "{{ groups.oo_etcd_to_config.0 }}"
- etcd_certificates_etcd_hosts: "{{ groups.oo_etcd_to_config | default([], true) }}"
- etcd_initial_cluster_state: "existing"
- etcd_initial_cluster: "{{ etcd_add_check.stdout_lines[3] | regex_replace('ETCD_INITIAL_CLUSTER=','') | regex_replace('\"','') }}"
- etcd_ca_setup: False
- r_etcd_common_etcd_runtime: "{{ openshift.common.etcd_runtime }}"
- - role: nickhammond.logrotate
- when: etcd_add_check.rc == 0
- post_tasks:
- - name: Verify cluster is stable
- command: >
- /usr/bin/etcdctl --cert-file {{ etcd_peer_cert_file }}
- --key-file {{ etcd_peer_key_file }}
- --ca-file {{ etcd_peer_ca_file }}
- -C {{ etcd_peer_url_scheme }}://{{ hostvars[etcd_ca_host].etcd_hostname }}:{{ etcd_client_port }}
- cluster-health
- register: scaleup_health
- retries: 3
- delay: 30
- until: scaleup_health.rc == 0
-
-- name: Update master etcd client urls
- hosts: oo_masters_to_config
- serial: 1
- vars:
- etcd_ca_host: "{{ groups.oo_etcd_to_config.0 }}"
- openshift_ca_host: "{{ groups.oo_first_master.0 }}"
- openshift_master_etcd_hosts: "{{ hostvars
- | oo_select_keys(groups['oo_etcd_to_config'] | union(groups['oo_new_etcd_to_config'] | default([]) ))
- | oo_collect('openshift.common.hostname')
- | default(none, true) }}"
- openshift_master_etcd_port: "{{ (etcd_client_port | default('2379')) if (groups.oo_etcd_to_config is defined and groups.oo_etcd_to_config) else none }}"
- roles:
- - role: openshift_master_facts
- post_tasks:
- - include_role:
- name: openshift_master
- tasks_from: update_etcd_client_urls
diff --git a/playbooks/common/openshift-etcd/server_certificates.yml b/playbooks/common/openshift-etcd/server_certificates.yml
deleted file mode 100644
index 10e06747b..000000000
--- a/playbooks/common/openshift-etcd/server_certificates.yml
+++ /dev/null
@@ -1,15 +0,0 @@
----
-- name: Create etcd server certificates for etcd hosts
- hosts: oo_etcd_to_config
- any_errors_fatal: true
- roles:
- - role: openshift_etcd_facts
- post_tasks:
- - include_role:
- name: etcd
- tasks_from: server_certificates
- vars:
- etcd_ca_host: "{{ groups.oo_etcd_to_config.0 }}"
- etcd_peers: "{{ groups.oo_etcd_to_config | default([], true) }}"
- etcd_certificates_etcd_hosts: "{{ groups.oo_etcd_to_config | default([], true) }}"
- r_etcd_common_etcd_runtime: "{{ openshift.common.etcd_runtime }}"
diff --git a/playbooks/common/openshift-glusterfs/config.yml b/playbooks/common/openshift-glusterfs/config.yml
deleted file mode 100644
index c2ae5f313..000000000
--- a/playbooks/common/openshift-glusterfs/config.yml
+++ /dev/null
@@ -1,56 +0,0 @@
----
-- name: GlusterFS Install Checkpoint Start
- hosts: oo_all_hosts
- gather_facts: false
- tasks:
- - name: Set GlusterFS install 'In Progress'
- set_stats:
- data:
- installer_phase_glusterfs: "In Progress"
- aggregate: false
-
-- name: Open firewall ports for GlusterFS nodes
- hosts: glusterfs
- tasks:
- - include_role:
- name: openshift_storage_glusterfs
- tasks_from: firewall.yml
- when:
- - openshift_storage_glusterfs_is_native | default(True) | bool
- - include_role:
- name: openshift_storage_glusterfs
- tasks_from: kernel_modules.yml
- when:
- - openshift_storage_glusterfs_is_native | default(True) | bool
-
-- name: Open firewall ports for GlusterFS registry nodes
- hosts: glusterfs_registry
- tasks:
- - include_role:
- name: openshift_storage_glusterfs
- tasks_from: firewall.yml
- when:
- - openshift_storage_glusterfs_registry_is_native | default(True) | bool
- - include_role:
- name: openshift_storage_glusterfs
- tasks_from: kernel_modules.yml
- when:
- - openshift_storage_glusterfs_registry_is_native | default(True) | bool
-
-- name: Configure GlusterFS
- hosts: oo_first_master
- tasks:
- - name: setup glusterfs
- include_role:
- name: openshift_storage_glusterfs
- when: groups.oo_glusterfs_to_config | default([]) | count > 0
-
-- name: GlusterFS Install Checkpoint End
- hosts: oo_all_hosts
- gather_facts: false
- tasks:
- - name: Set GlusterFS install 'Complete'
- set_stats:
- data:
- installer_phase_glusterfs: "Complete"
- aggregate: false
diff --git a/playbooks/common/openshift-glusterfs/filter_plugins b/playbooks/common/openshift-glusterfs/filter_plugins
deleted file mode 120000
index 99a95e4ca..000000000
--- a/playbooks/common/openshift-glusterfs/filter_plugins
+++ /dev/null
@@ -1 +0,0 @@
-../../../filter_plugins \ No newline at end of file
diff --git a/playbooks/common/openshift-glusterfs/lookup_plugins b/playbooks/common/openshift-glusterfs/lookup_plugins
deleted file mode 120000
index ac79701db..000000000
--- a/playbooks/common/openshift-glusterfs/lookup_plugins
+++ /dev/null
@@ -1 +0,0 @@
-../../../lookup_plugins \ No newline at end of file
diff --git a/playbooks/common/openshift-glusterfs/registry.yml b/playbooks/common/openshift-glusterfs/registry.yml
deleted file mode 100644
index 80cf7529e..000000000
--- a/playbooks/common/openshift-glusterfs/registry.yml
+++ /dev/null
@@ -1,49 +0,0 @@
----
-- include: config.yml
-
-- name: Initialize GlusterFS registry PV and PVC vars
- hosts: oo_first_master
- tags: hosted
- tasks:
- - set_fact:
- glusterfs_pv: []
- glusterfs_pvc: []
-
- - set_fact:
- glusterfs_pv:
- - name: "{{ openshift.hosted.registry.storage.volume.name }}-glusterfs-volume"
- capacity: "{{ openshift.hosted.registry.storage.volume.size }}"
- access_modes: "{{ openshift.hosted.registry.storage.access.modes }}"
- storage:
- glusterfs:
- endpoints: "{{ openshift.hosted.registry.storage.glusterfs.endpoints }}"
- path: "{{ openshift.hosted.registry.storage.glusterfs.path }}"
- readOnly: "{{ openshift.hosted.registry.storage.glusterfs.readOnly }}"
- glusterfs_pvc:
- - name: "{{ openshift.hosted.registry.storage.volume.name }}-glusterfs-claim"
- capacity: "{{ openshift.hosted.registry.storage.volume.size }}"
- access_modes: "{{ openshift.hosted.registry.storage.access.modes }}"
- when: openshift.hosted.registry.storage.glusterfs.swap
-
-- name: Create persistent volumes
- hosts: oo_first_master
- tags:
- - hosted
- vars:
- persistent_volumes: "{{ hostvars[groups.oo_first_master.0] | oo_persistent_volumes(groups, glusterfs_pv) }}"
- persistent_volume_claims: "{{ hostvars[groups.oo_first_master.0] | oo_persistent_volume_claims(glusterfs_pvc) }}"
- roles:
- - role: openshift_persistent_volumes
- when: persistent_volumes | union(glusterfs_pv) | length > 0 or persistent_volume_claims | union(glusterfs_pvc) | length > 0
-
-- name: Create Hosted Resources
- hosts: oo_first_master
- tags:
- - hosted
- pre_tasks:
- - set_fact:
- openshift_hosted_router_registryurl: "{{ hostvars[groups.oo_first_master.0].openshift.master.registry_url }}"
- openshift_hosted_registry_registryurl: "{{ hostvars[groups.oo_first_master.0].openshift.master.registry_url }}"
- when: "'master' in hostvars[groups.oo_first_master.0].openshift and 'registry_url' in hostvars[groups.oo_first_master.0].openshift.master"
- roles:
- - role: openshift_hosted
diff --git a/playbooks/common/openshift-loadbalancer/config.yml b/playbooks/common/openshift-loadbalancer/config.yml
deleted file mode 100644
index 2a703cb61..000000000
--- a/playbooks/common/openshift-loadbalancer/config.yml
+++ /dev/null
@@ -1,47 +0,0 @@
----
-- name: Load Balancer Install Checkpoint Start
- hosts: oo_all_hosts
- gather_facts: false
- tasks:
- - name: Set load balancer install 'In Progress'
- set_stats:
- data:
- installer_phase_loadbalancer: "In Progress"
- aggregate: false
-
-- name: Configure firewall and docker for load balancers
- hosts: oo_lb_to_config:!oo_masters_to_config:!oo_nodes_to_config
- vars:
- openshift_image_tag: "{{ hostvars[groups.oo_first_master.0].openshift_image_tag }}"
- roles:
- - role: os_firewall
- - role: openshift_docker
- when: openshift.common.is_containerized | default(False) | bool and not skip_docker_role | default(False) | bool
-
-- name: Configure load balancers
- hosts: oo_lb_to_config
- vars:
- openshift_loadbalancer_frontends: "{{ (openshift_master_api_port | default(8443)
- | oo_openshift_loadbalancer_frontends(hostvars | oo_select_keys(groups['oo_masters']),
- openshift_use_nuage | default(false),
- nuage_mon_rest_server_port | default(none)))
- + openshift_loadbalancer_additional_frontends | default([]) }}"
- openshift_loadbalancer_backends: "{{ (openshift_master_api_port | default(8443)
- | oo_openshift_loadbalancer_backends(hostvars | oo_select_keys(groups['oo_masters']),
- openshift_use_nuage | default(false),
- nuage_mon_rest_server_port | default(none)))
- + openshift_loadbalancer_additional_backends | default([]) }}"
- openshift_image_tag: "{{ hostvars[groups.oo_first_master.0].openshift_image_tag }}"
- roles:
- - role: openshift_loadbalancer
- - role: tuned
-
-- name: Load Balancer Install Checkpoint End
- hosts: oo_all_hosts
- gather_facts: false
- tasks:
- - name: Set load balancer install 'Complete'
- set_stats:
- data:
- installer_phase_loadbalancer: "Complete"
- aggregate: false
diff --git a/playbooks/common/openshift-loadbalancer/filter_plugins b/playbooks/common/openshift-loadbalancer/filter_plugins
deleted file mode 120000
index 99a95e4ca..000000000
--- a/playbooks/common/openshift-loadbalancer/filter_plugins
+++ /dev/null
@@ -1 +0,0 @@
-../../../filter_plugins \ No newline at end of file
diff --git a/playbooks/common/openshift-loadbalancer/lookup_plugins b/playbooks/common/openshift-loadbalancer/lookup_plugins
deleted file mode 120000
index ac79701db..000000000
--- a/playbooks/common/openshift-loadbalancer/lookup_plugins
+++ /dev/null
@@ -1 +0,0 @@
-../../../lookup_plugins \ No newline at end of file
diff --git a/playbooks/common/openshift-management/config.yml b/playbooks/common/openshift-management/config.yml
deleted file mode 100644
index 908679e81..000000000
--- a/playbooks/common/openshift-management/config.yml
+++ /dev/null
@@ -1,35 +0,0 @@
----
-- name: Management Install Checkpoint Start
- hosts: oo_all_hosts
- gather_facts: false
- tasks:
- - name: Set Management install 'In Progress'
- set_stats:
- data:
- installer_phase_management: "In Progress"
- aggregate: false
-
-- name: Setup CFME
- hosts: oo_first_master
- pre_tasks:
- - name: Create a temporary place to evaluate the PV templates
- command: mktemp -d /tmp/openshift-ansible-XXXXXXX
- register: r_openshift_management_mktemp
- changed_when: false
-
- tasks:
- - name: Run the CFME Setup Role
- include_role:
- name: openshift_management
- vars:
- template_dir: "{{ hostvars[groups.masters.0].r_openshift_management_mktemp.stdout }}"
-
-- name: Management Install Checkpoint End
- hosts: oo_all_hosts
- gather_facts: false
- tasks:
- - name: Set Management install 'Complete'
- set_stats:
- data:
- installer_phase_management: "Complete"
- aggregate: false
diff --git a/playbooks/common/openshift-management/filter_plugins b/playbooks/common/openshift-management/filter_plugins
deleted file mode 120000
index 99a95e4ca..000000000
--- a/playbooks/common/openshift-management/filter_plugins
+++ /dev/null
@@ -1 +0,0 @@
-../../../filter_plugins \ No newline at end of file
diff --git a/playbooks/common/openshift-management/library b/playbooks/common/openshift-management/library
deleted file mode 120000
index ba40d2f56..000000000
--- a/playbooks/common/openshift-management/library
+++ /dev/null
@@ -1 +0,0 @@
-../../../library \ No newline at end of file
diff --git a/playbooks/common/openshift-master/additional_config.yml b/playbooks/common/openshift-master/additional_config.yml
deleted file mode 100644
index 350557f19..000000000
--- a/playbooks/common/openshift-master/additional_config.yml
+++ /dev/null
@@ -1,46 +0,0 @@
----
-- name: Master Additional Install Checkpoint Start
- hosts: oo_all_hosts
- gather_facts: false
- tasks:
- - name: Set Master Additional install 'In Progress'
- set_stats:
- data:
- installer_phase_master_additional: "In Progress"
- aggregate: false
-
-- name: Additional master configuration
- hosts: oo_first_master
- vars:
- cockpit_plugins: "{{ osm_cockpit_plugins | default(['cockpit-kubernetes']) }}"
- etcd_urls: "{{ openshift.master.etcd_urls }}"
- openshift_master_ha: "{{ groups.oo_masters | length > 1 }}"
- omc_cluster_hosts: "{{ groups.oo_masters | join(' ')}}"
- roles:
- - role: openshift_master_cluster
- when: openshift_master_ha | bool and openshift.master.cluster_method == "pacemaker"
- - role: openshift_examples
- when: openshift_install_examples | default(true, true) | bool
- registry_url: "{{ openshift.master.registry_url }}"
- - role: openshift_hosted_templates
- registry_url: "{{ openshift.master.registry_url }}"
- - role: openshift_manageiq
- when: openshift_use_manageiq | default(true) | bool
- - role: cockpit
- when:
- - not openshift.common.is_atomic | bool
- - deployment_type == 'openshift-enterprise'
- - osm_use_cockpit is undefined or osm_use_cockpit | bool
- - openshift.common.deployment_subtype != 'registry'
- - role: flannel_register
- when: openshift_use_flannel | default(false) | bool
-
-- name: Master Additional Install Checkpoint End
- hosts: oo_all_hosts
- gather_facts: false
- tasks:
- - name: Set Master Additional install 'Complete'
- set_stats:
- data:
- installer_phase_master_additional: "Complete"
- aggregate: false
diff --git a/playbooks/common/openshift-master/certificates.yml b/playbooks/common/openshift-master/certificates.yml
deleted file mode 100644
index f6afbc36f..000000000
--- a/playbooks/common/openshift-master/certificates.yml
+++ /dev/null
@@ -1,14 +0,0 @@
----
-- name: Create OpenShift certificates for master hosts
- hosts: oo_masters_to_config
- vars:
- openshift_ca_host: "{{ groups.oo_first_master.0 }}"
- roles:
- - role: openshift_master_facts
- - role: openshift_named_certificates
- - role: openshift_ca
- - role: openshift_master_certificates
- openshift_master_etcd_hosts: "{{ hostvars
- | oo_select_keys(groups['oo_etcd_to_config'] | default([]))
- | oo_collect('openshift.common.hostname')
- | default(none, true) }}"
diff --git a/playbooks/common/openshift-master/config.yml b/playbooks/common/openshift-master/config.yml
deleted file mode 100644
index b359919ba..000000000
--- a/playbooks/common/openshift-master/config.yml
+++ /dev/null
@@ -1,242 +0,0 @@
----
-- name: Master Install Checkpoint Start
- hosts: oo_all_hosts
- gather_facts: false
- tasks:
- - name: Set Master install 'In Progress'
- set_stats:
- data:
- installer_phase_master: "In Progress"
- aggregate: false
-
-- include: certificates.yml
-
-- name: Disable excluders
- hosts: oo_masters_to_config
- gather_facts: no
- roles:
- - role: openshift_excluder
- r_openshift_excluder_action: disable
- r_openshift_excluder_service_type: "{{ openshift.common.service_type }}"
-
-- name: Gather and set facts for master hosts
- hosts: oo_masters_to_config
- pre_tasks:
- # Per https://bugzilla.redhat.com/show_bug.cgi?id=1469336
- #
- # When scaling up a cluster upgraded from OCP <= 3.5, ensure that
- # OPENSHIFT_DEFAULT_REGISTRY is present as defined on the existing
- # masters, or absent if such is the case.
- - name: Detect if this host is a new master in a scale up
- set_fact:
- g_openshift_master_is_scaleup: "{{ openshift.common.hostname in ( groups['new_masters'] | default([]) ) }}"
-
- - name: Scaleup Detection
- debug:
- var: g_openshift_master_is_scaleup
-
- - name: Check for RPM generated config marker file .config_managed
- stat:
- path: /etc/origin/.config_managed
- register: rpmgenerated_config
-
- - name: Remove RPM generated config files if present
- file:
- path: "/etc/origin/{{ item }}"
- state: absent
- when:
- - rpmgenerated_config.stat.exists == true
- - deployment_type == 'openshift-enterprise'
- with_items:
- - master
- - node
- - .config_managed
-
- - set_fact:
- openshift_master_etcd_port: "{{ (etcd_client_port | default('2379')) if (groups.oo_etcd_to_config is defined and groups.oo_etcd_to_config) else none }}"
- openshift_master_etcd_hosts: "{{ hostvars
- | oo_select_keys(groups['oo_etcd_to_config']
- | default([]))
- | oo_collect('openshift.common.hostname')
- | default(none, true) }}"
- roles:
- - openshift_facts
- post_tasks:
- - openshift_facts:
- role: master
- local_facts:
- api_port: "{{ openshift_master_api_port | default(None) }}"
- api_url: "{{ openshift_master_api_url | default(None) }}"
- api_use_ssl: "{{ openshift_master_api_use_ssl | default(None) }}"
- controllers_port: "{{ openshift_master_controllers_port | default(None) }}"
- public_api_url: "{{ openshift_master_public_api_url | default(None) }}"
- cluster_hostname: "{{ openshift_master_cluster_hostname | default(None) }}"
- cluster_public_hostname: "{{ openshift_master_cluster_public_hostname | default(None) }}"
- console_path: "{{ openshift_master_console_path | default(None) }}"
- console_port: "{{ openshift_master_console_port | default(None) }}"
- console_url: "{{ openshift_master_console_url | default(None) }}"
- console_use_ssl: "{{ openshift_master_console_use_ssl | default(None) }}"
- public_console_url: "{{ openshift_master_public_console_url | default(None) }}"
- ha: "{{ openshift_master_ha | default(groups.oo_masters | length > 1) }}"
- master_count: "{{ openshift_master_count | default(groups.oo_masters | length) }}"
-
-- name: Inspect state of first master config settings
- hosts: oo_first_master
- roles:
- - role: openshift_facts
- post_tasks:
- - openshift_facts:
- role: master
- local_facts:
- session_auth_secrets: "{{ openshift_master_session_auth_secrets | default(openshift.master.session_auth_secrets | default(None)) }}"
- session_encryption_secrets: "{{ openshift_master_session_encryption_secrets | default(openshift.master.session_encryption_secrets | default(None)) }}"
- - name: Check for existing configuration
- stat:
- path: /etc/origin/master/master-config.yaml
- register: master_config_stat
-
- - name: Set clean install fact
- set_fact:
- l_clean_install: "{{ not master_config_stat.stat.exists | bool }}"
-
- - name: Determine if etcd3 storage is in use
- command: grep -Pzo "storage-backend:\n.*etcd3" /etc/origin/master/master-config.yaml -q
- register: etcd3_grep
- failed_when: false
- changed_when: false
-
- - name: Set etcd3 fact
- set_fact:
- l_etcd3_enabled: "{{ etcd3_grep.rc == 0 | bool }}"
-
- - name: Check if atomic-openshift-master sysconfig exists yet
- stat:
- path: /etc/sysconfig/atomic-openshift-master
- register: l_aom_exists
-
- - name: Preserve OPENSHIFT_DEFAULT_REGISTRY master parameter if present
- command: awk '/^OPENSHIFT_DEFAULT_REGISTRY/' /etc/sysconfig/atomic-openshift-master
- register: l_default_registry_defined
- when: l_aom_exists.stat.exists | bool
-
- - name: Check if atomic-openshift-master-api sysconfig exists yet
- stat:
- path: /etc/sysconfig/atomic-openshift-master-api
- register: l_aom_api_exists
-
- - name: Preserve OPENSHIFT_DEFAULT_REGISTRY master-api parameter if present
- command: awk '/^OPENSHIFT_DEFAULT_REGISTRY/' /etc/sysconfig/atomic-openshift-master-api
- register: l_default_registry_defined_api
- when: l_aom_api_exists.stat.exists | bool
-
- - name: Check if atomic-openshift-master-controllers sysconfig exists yet
- stat:
- path: /etc/sysconfig/atomic-openshift-master-controllers
- register: l_aom_controllers_exists
-
- - name: Preserve OPENSHIFT_DEFAULT_REGISTRY master-controllers parameter if present
- command: awk '/^OPENSHIFT_DEFAULT_REGISTRY/' /etc/sysconfig/atomic-openshift-master-controllers
- register: l_default_registry_defined_controllers
- when: l_aom_controllers_exists.stat.exists | bool
-
- - name: Update facts with OPENSHIFT_DEFAULT_REGISTRY value
- set_fact:
- l_default_registry_value: "{{ l_default_registry_defined.stdout | default('') }}"
- l_default_registry_value_api: "{{ l_default_registry_defined_api.stdout | default('') }}"
- l_default_registry_value_controllers: "{{ l_default_registry_defined_controllers.stdout | default('') }}"
-
-- name: Generate master session secrets
- hosts: oo_first_master
- vars:
- g_session_secrets_present: "{{ (openshift.master.session_auth_secrets | default([])) | length > 0 and (openshift.master.session_encryption_secrets | default([])) | length > 0 }}"
- g_session_auth_secrets: "{{ [ 24 | oo_generate_secret ] }}"
- g_session_encryption_secrets: "{{ [ 24 | oo_generate_secret ] }}"
- roles:
- - role: openshift_facts
- tasks:
- - openshift_facts:
- role: master
- local_facts:
- session_auth_secrets: "{{ g_session_auth_secrets }}"
- session_encryption_secrets: "{{ g_session_encryption_secrets }}"
- when: not g_session_secrets_present | bool
-
-- name: Configure masters
- hosts: oo_masters_to_config
- any_errors_fatal: true
- vars:
- openshift_master_ha: "{{ openshift.master.ha }}"
- openshift_master_count: "{{ openshift.master.master_count }}"
- openshift_master_session_auth_secrets: "{{ hostvars[groups.oo_first_master.0].openshift.master.session_auth_secrets }}"
- openshift_master_session_encryption_secrets: "{{ hostvars[groups.oo_first_master.0].openshift.master.session_encryption_secrets }}"
- openshift_ca_host: "{{ groups.oo_first_master.0 }}"
- openshift_master_etcd_hosts: "{{ hostvars
- | oo_select_keys(groups['oo_etcd_to_config'] | default([]))
- | oo_collect('openshift.common.hostname')
- | default(none, true) }}"
- openshift_no_proxy_etcd_host_ips: "{{ hostvars | oo_select_keys(groups['oo_etcd_to_config'] | default([]))
- | oo_collect('openshift.common.ip') | default([]) | join(',')
- }}"
- roles:
- - role: os_firewall
- - role: openshift_master_facts
- - role: openshift_hosted_facts
- - role: openshift_clock
- - role: openshift_cloud_provider
- - role: openshift_builddefaults
- - role: openshift_buildoverrides
- - role: nickhammond.logrotate
- - role: contiv
- contiv_role: netmaster
- when: openshift_use_contiv | default(False) | bool
- - role: openshift_master
- openshift_master_hosts: "{{ groups.oo_masters_to_config }}"
- r_openshift_master_clean_install: "{{ hostvars[groups.oo_first_master.0].l_clean_install }}"
- r_openshift_master_etcd3_storage: "{{ hostvars[groups.oo_first_master.0].l_etcd3_enabled }}"
- openshift_master_is_scaleup_host: "{{ g_openshift_master_is_scaleup | default(false) }}"
- openshift_master_default_registry_value: "{{ hostvars[groups.oo_first_master.0].l_default_registry_value }}"
- openshift_master_default_registry_value_api: "{{ hostvars[groups.oo_first_master.0].l_default_registry_value_api }}"
- openshift_master_default_registry_value_controllers: "{{ hostvars[groups.oo_first_master.0].l_default_registry_value_controllers }}"
- - role: tuned
- - role: nuage_ca
- when: openshift_use_nuage | default(false) | bool
- - role: nuage_common
- when: openshift_use_nuage | default(false) | bool
- - role: nuage_master
- when: openshift_use_nuage | default(false) | bool
- - role: calico_master
- when: openshift_use_calico | default(false) | bool
- tasks:
- - include_role:
- name: kuryr
- tasks_from: master
- when: openshift_use_kuryr | default(false) | bool
-
- post_tasks:
- - name: Create group for deployment type
- group_by: key=oo_masters_deployment_type_{{ openshift.common.deployment_type }}
- changed_when: False
-
-- name: Configure API Aggregation on masters
- hosts: oo_masters
- serial: 1
- tasks:
- - include: tasks/wire_aggregator.yml
-
-- name: Re-enable excluder if it was previously enabled
- hosts: oo_masters_to_config
- gather_facts: no
- roles:
- - role: openshift_excluder
- r_openshift_excluder_action: enable
- r_openshift_excluder_service_type: "{{ openshift.common.service_type }}"
-
-- name: Master Install Checkpoint End
- hosts: oo_all_hosts
- gather_facts: false
- tasks:
- - name: Set Master install 'Complete'
- set_stats:
- data:
- installer_phase_master: "Complete"
- aggregate: false
diff --git a/playbooks/common/openshift-master/files/openshift-ansible-catalog-console.js b/playbooks/common/openshift-master/files/openshift-ansible-catalog-console.js
deleted file mode 100644
index d0a9f11dc..000000000
--- a/playbooks/common/openshift-master/files/openshift-ansible-catalog-console.js
+++ /dev/null
@@ -1,2 +0,0 @@
-// empty file so that the master-config can still point to a file that exists
-// this file will be replaced by the template service broker role if enabled
diff --git a/playbooks/common/openshift-master/filter_plugins b/playbooks/common/openshift-master/filter_plugins
deleted file mode 120000
index 99a95e4ca..000000000
--- a/playbooks/common/openshift-master/filter_plugins
+++ /dev/null
@@ -1 +0,0 @@
-../../../filter_plugins \ No newline at end of file
diff --git a/playbooks/common/openshift-master/library b/playbooks/common/openshift-master/library
deleted file mode 120000
index d0b7393d3..000000000
--- a/playbooks/common/openshift-master/library
+++ /dev/null
@@ -1 +0,0 @@
-../../../library/ \ No newline at end of file
diff --git a/playbooks/common/openshift-master/lookup_plugins b/playbooks/common/openshift-master/lookup_plugins
deleted file mode 120000
index ac79701db..000000000
--- a/playbooks/common/openshift-master/lookup_plugins
+++ /dev/null
@@ -1 +0,0 @@
-../../../lookup_plugins \ No newline at end of file
diff --git a/playbooks/common/openshift-master/restart.yml b/playbooks/common/openshift-master/restart.yml
deleted file mode 100644
index 4d73b8124..000000000
--- a/playbooks/common/openshift-master/restart.yml
+++ /dev/null
@@ -1,19 +0,0 @@
----
-- include: validate_restart.yml
-
-- name: Restart masters
- hosts: oo_masters_to_config
- vars:
- openshift_master_ha: "{{ groups.oo_masters_to_config | length > 1 }}"
- serial: 1
- handlers:
- - include: ../../../roles/openshift_master/handlers/main.yml
- static: yes
- roles:
- - openshift_facts
- post_tasks:
- - include: restart_hosts.yml
- when: openshift_rolling_restart_mode | default('services') == 'system'
-
- - include: restart_services.yml
- when: openshift_rolling_restart_mode | default('services') == 'services'
diff --git a/playbooks/common/openshift-master/restart_services.yml b/playbooks/common/openshift-master/restart_services.yml
deleted file mode 100644
index 4f8b758fd..000000000
--- a/playbooks/common/openshift-master/restart_services.yml
+++ /dev/null
@@ -1,22 +0,0 @@
----
-- name: Restart master API
- service:
- name: "{{ openshift.common.service_type }}-master-api"
- state: restarted
- when: openshift_master_ha | bool
-- name: Wait for master API to come back online
- wait_for:
- host: "{{ openshift.common.hostname }}"
- state: started
- delay: 10
- port: "{{ openshift.master.api_port }}"
- timeout: 600
- when: openshift_master_ha | bool
-- name: Restart master controllers
- service:
- name: "{{ openshift.common.service_type }}-master-controllers"
- state: restarted
- # Ignore errrors since it is possible that type != simple for
- # pre-3.1.1 installations.
- ignore_errors: true
- when: openshift_master_ha | bool
diff --git a/playbooks/common/openshift-master/scaleup.yml b/playbooks/common/openshift-master/scaleup.yml
deleted file mode 100644
index f4dc9df8a..000000000
--- a/playbooks/common/openshift-master/scaleup.yml
+++ /dev/null
@@ -1,56 +0,0 @@
----
-- name: Update master count
- hosts: oo_masters:!oo_masters_to_config
- serial: 1
- roles:
- - openshift_facts
- post_tasks:
- - openshift_facts:
- role: master
- local_facts:
- ha: "{{ openshift_master_ha | default(groups.oo_masters | length > 1) }}"
- master_count: "{{ openshift_master_count | default(groups.oo_masters | length) }}"
- - name: Update master count
- modify_yaml:
- dest: "{{ openshift.common.config_base}}/master/master-config.yaml"
- yaml_key: 'kubernetesMasterConfig.masterCount'
- yaml_value: "{{ openshift.master.master_count }}"
- notify:
- - restart master api
- - restart master controllers
- handlers:
- - name: restart master api
- service: name={{ openshift.common.service_type }}-master-controllers state=restarted
- notify: verify api server
- - name: restart master controllers
- service: name={{ openshift.common.service_type }}-master-controllers state=restarted
- - name: verify api server
- command: >
- curl --silent --tlsv1.2
- {% if openshift.common.version_gte_3_2_or_1_2 | bool %}
- --cacert {{ openshift.common.config_base }}/master/ca-bundle.crt
- {% else %}
- --cacert {{ openshift.common.config_base }}/master/ca.crt
- {% endif %}
- {{ openshift.master.api_url }}/healthz/ready
- args:
- # Disables the following warning:
- # Consider using get_url or uri module rather than running curl
- warn: no
- register: api_available_output
- until: api_available_output.stdout == 'ok'
- retries: 120
- delay: 1
- changed_when: false
-
-- include: ../openshift-master/set_network_facts.yml
-
-- include: ../openshift-etcd/certificates.yml
-
-- include: ../openshift-master/config.yml
-
-- include: ../openshift-loadbalancer/config.yml
-
-- include: ../openshift-node/certificates.yml
-
-- include: ../openshift-node/config.yml
diff --git a/playbooks/common/openshift-master/tasks/wire_aggregator.yml b/playbooks/common/openshift-master/tasks/wire_aggregator.yml
deleted file mode 100644
index 560eea785..000000000
--- a/playbooks/common/openshift-master/tasks/wire_aggregator.yml
+++ /dev/null
@@ -1,215 +0,0 @@
----
-- name: Make temp cert dir
- command: mktemp -d /tmp/openshift-service-catalog-ansible-XXXXXX
- register: certtemp
- changed_when: False
-
-- name: Check for First Master Aggregator Signer cert
- stat:
- path: /etc/origin/master/front-proxy-ca.crt
- register: first_proxy_ca_crt
- changed_when: false
- delegate_to: "{{ groups.oo_first_master.0 }}"
-
-- name: Check for First Master Aggregator Signer key
- stat:
- path: /etc/origin/master/front-proxy-ca.crt
- register: first_proxy_ca_key
- changed_when: false
- delegate_to: "{{ groups.oo_first_master.0 }}"
-
-# TODO: this currently has a bug where hostnames are required
-- name: Creating First Master Aggregator signer certs
- command: >
- {{ hostvars[groups.oo_first_master.0].openshift.common.client_binary }} adm ca create-signer-cert
- --cert=/etc/origin/master/front-proxy-ca.crt
- --key=/etc/origin/master/front-proxy-ca.key
- --serial=/etc/origin/master/ca.serial.txt
- delegate_to: "{{ groups.oo_first_master.0 }}"
- when:
- - not first_proxy_ca_crt.stat.exists
- - not first_proxy_ca_key.stat.exists
-
-- name: Check for Aggregator Signer cert
- stat:
- path: /etc/origin/master/front-proxy-ca.crt
- register: proxy_ca_crt
- changed_when: false
-
-- name: Check for Aggregator Signer key
- stat:
- path: /etc/origin/master/front-proxy-ca.crt
- register: proxy_ca_key
- changed_when: false
-
-- name: Copy Aggregator Signer certs from first master
- fetch:
- src: "/etc/origin/master/{{ item }}"
- dest: "{{ certtemp.stdout }}/{{ item }}"
- flat: yes
- with_items:
- - front-proxy-ca.crt
- - front-proxy-ca.key
- delegate_to: "{{ groups.oo_first_master.0 }}"
- when:
- - not proxy_ca_key.stat.exists
- - not proxy_ca_crt.stat.exists
-
-- name: Copy Aggregator Signer certs to host
- copy:
- src: "{{ certtemp.stdout }}/{{ item }}"
- dest: "/etc/origin/master/{{ item }}"
- with_items:
- - front-proxy-ca.crt
- - front-proxy-ca.key
- when:
- - not proxy_ca_key.stat.exists
- - not proxy_ca_crt.stat.exists
-
-# oc_adm_ca_server_cert:
-# cert: /etc/origin/master/front-proxy-ca.crt
-# key: /etc/origin/master/front-proxy-ca.key
-
-- name: Check for first master api-client config
- stat:
- path: /etc/origin/master/aggregator-front-proxy.kubeconfig
- register: first_front_proxy_kubeconfig
- delegate_to: "{{ groups.oo_first_master.0 }}"
- run_once: true
-
-# create-api-client-config generates a ca.crt file which will
-# overwrite the OpenShift CA certificate. Generate the aggregator
-# kubeconfig in a temporary directory and then copy files into the
-# master config dir to avoid overwriting ca.crt.
-- block:
- - name: Create first master api-client config for Aggregator
- command: >
- {{ hostvars[groups.oo_first_master.0].openshift.common.client_binary }} adm create-api-client-config
- --certificate-authority=/etc/origin/master/front-proxy-ca.crt
- --signer-cert=/etc/origin/master/front-proxy-ca.crt
- --signer-key=/etc/origin/master/front-proxy-ca.key
- --user aggregator-front-proxy
- --client-dir={{ certtemp.stdout }}
- --signer-serial=/etc/origin/master/ca.serial.txt
- delegate_to: "{{ groups.oo_first_master.0 }}"
- run_once: true
- - name: Copy first master api-client config for Aggregator
- copy:
- src: "{{ certtemp.stdout }}/{{ item }}"
- dest: "/etc/origin/master/"
- remote_src: true
- with_items:
- - aggregator-front-proxy.crt
- - aggregator-front-proxy.key
- - aggregator-front-proxy.kubeconfig
- delegate_to: "{{ groups.oo_first_master.0 }}"
- run_once: true
- when:
- - not first_front_proxy_kubeconfig.stat.exists
-
-- name: Check for api-client config
- stat:
- path: /etc/origin/master/aggregator-front-proxy.kubeconfig
- register: front_proxy_kubeconfig
-
-- name: Copy api-client config from first master
- fetch:
- src: "/etc/origin/master/{{ item }}"
- dest: "{{ certtemp.stdout }}/{{ item }}"
- flat: yes
- delegate_to: "{{ groups.oo_first_master.0 }}"
- with_items:
- - aggregator-front-proxy.crt
- - aggregator-front-proxy.key
- - aggregator-front-proxy.kubeconfig
- when:
- - not front_proxy_kubeconfig.stat.exists
-
-- name: Copy api-client config to host
- copy:
- src: "{{ certtemp.stdout }}/{{ item }}"
- dest: "/etc/origin/master/{{ item }}"
- with_items:
- - aggregator-front-proxy.crt
- - aggregator-front-proxy.key
- - aggregator-front-proxy.kubeconfig
- when:
- - not front_proxy_kubeconfig.stat.exists
-
-- name: copy tech preview extension file for service console UI
- copy:
- src: openshift-ansible-catalog-console.js
- dest: /etc/origin/master/openshift-ansible-catalog-console.js
-
-- name: Update master config
- yedit:
- state: present
- src: /etc/origin/master/master-config.yaml
- edits:
- - key: aggregatorConfig.proxyClientInfo.certFile
- value: aggregator-front-proxy.crt
- - key: aggregatorConfig.proxyClientInfo.keyFile
- value: aggregator-front-proxy.key
- - key: authConfig.requestHeader.clientCA
- value: front-proxy-ca.crt
- - key: authConfig.requestHeader.clientCommonNames
- value: [aggregator-front-proxy]
- - key: authConfig.requestHeader.usernameHeaders
- value: [X-Remote-User]
- - key: authConfig.requestHeader.groupHeaders
- value: [X-Remote-Group]
- - key: authConfig.requestHeader.extraHeaderPrefixes
- value: [X-Remote-Extra-]
- - key: assetConfig.extensionScripts
- value: [/etc/origin/master/openshift-ansible-catalog-console.js]
- - key: kubernetesMasterConfig.apiServerArguments.runtime-config
- value: [apis/settings.k8s.io/v1alpha1=true]
- - key: admissionConfig.pluginConfig.PodPreset.configuration.kind
- value: DefaultAdmissionConfig
- - key: admissionConfig.pluginConfig.PodPreset.configuration.apiVersion
- value: v1
- - key: admissionConfig.pluginConfig.PodPreset.configuration.disable
- value: false
- register: yedit_output
-
-#restart master serially here
-- name: restart master api
- systemd: name={{ openshift.common.service_type }}-master-api state=restarted
- when:
- - yedit_output.changed
- - openshift.master.cluster_method == 'native'
-
-- name: restart master controllers
- systemd: name={{ openshift.common.service_type }}-master-controllers state=restarted
- when:
- - yedit_output.changed
- - openshift.master.cluster_method == 'native'
-
-- name: Verify API Server
- # Using curl here since the uri module requires python-httplib2 and
- # wait_for port doesn't provide health information.
- command: >
- curl --silent --tlsv1.2
- {% if openshift.common.version_gte_3_2_or_1_2 | bool %}
- --cacert {{ openshift.common.config_base }}/master/ca-bundle.crt
- {% else %}
- --cacert {{ openshift.common.config_base }}/master/ca.crt
- {% endif %}
- {{ openshift.master.api_url }}/healthz/ready
- args:
- # Disables the following warning:
- # Consider using get_url or uri module rather than running curl
- warn: no
- register: api_available_output
- until: api_available_output.stdout == 'ok'
- retries: 120
- delay: 1
- changed_when: false
- when:
- - yedit_output.changed
-
-- name: Delete temp directory
- file:
- name: "{{ certtemp.stdout }}"
- state: absent
- changed_when: False
diff --git a/playbooks/common/openshift-master/validate_restart.yml b/playbooks/common/openshift-master/validate_restart.yml
deleted file mode 100644
index 5dbb21502..000000000
--- a/playbooks/common/openshift-master/validate_restart.yml
+++ /dev/null
@@ -1,65 +0,0 @@
----
-- name: Validate configuration for rolling restart
- hosts: oo_masters_to_config
- roles:
- - openshift_facts
- tasks:
- - fail:
- msg: "openshift_rolling_restart_mode must be set to either 'services' or 'system'"
- when: openshift_rolling_restart_mode is defined and openshift_rolling_restart_mode not in ["services", "system"]
- - openshift_facts:
- role: "{{ item.role }}"
- local_facts: "{{ item.local_facts }}"
- with_items:
- - role: common
- local_facts:
- rolling_restart_mode: "{{ openshift_rolling_restart_mode | default('services') }}"
- - role: master
- local_facts:
- cluster_method: "{{ openshift_master_cluster_method | default(None) }}"
-
-# Creating a temp file on localhost, we then check each system that will
-# be rebooted to see if that file exists, if so we know we're running
-# ansible on a machine that needs a reboot, and we need to error out.
-- name: Create temp file on localhost
- hosts: localhost
- connection: local
- become: no
- gather_facts: no
- tasks:
- - local_action: command mktemp
- register: mktemp
- changed_when: false
-
-- name: Check if temp file exists on any masters
- hosts: oo_masters_to_config
- tasks:
- - stat: path="{{ hostvars.localhost.mktemp.stdout }}"
- register: exists
- changed_when: false
-
-- name: Cleanup temp file on localhost
- hosts: localhost
- connection: local
- become: no
- gather_facts: no
- tasks:
- - file: path="{{ hostvars.localhost.mktemp.stdout }}" state=absent
- changed_when: false
-
-- name: Warn if restarting the system where ansible is running
- hosts: oo_masters_to_config
- tasks:
- - pause:
- prompt: >
- Warning: Running playbook from a host that will be restarted!
- Press CTRL+C and A to abort playbook execution. You may
- continue by pressing ENTER but the playbook will stop
- executing after this system has been restarted and services
- must be verified manually. To only restart services, set
- openshift_master_rolling_restart_mode=services in host
- inventory and relaunch the playbook.
- when: exists.stat.exists and openshift.common.rolling_restart_mode == 'system'
- - set_fact:
- current_host: "{{ exists.stat.exists }}"
- when: openshift.common.rolling_restart_mode == 'system'
diff --git a/playbooks/common/openshift-nfs/config.yml b/playbooks/common/openshift-nfs/config.yml
deleted file mode 100644
index ce672daf5..000000000
--- a/playbooks/common/openshift-nfs/config.yml
+++ /dev/null
@@ -1,26 +0,0 @@
----
-- name: NFS Install Checkpoint Start
- hosts: oo_all_hosts
- gather_facts: false
- tasks:
- - name: Set NFS install 'In Progress'
- set_stats:
- data:
- installer_phase_nfs: "In Progress"
- aggregate: false
-
-- name: Configure nfs
- hosts: oo_nfs_to_config
- roles:
- - role: os_firewall
- - role: openshift_storage_nfs
-
-- name: NFS Install Checkpoint End
- hosts: oo_all_hosts
- gather_facts: false
- tasks:
- - name: Set NFS install 'Complete'
- set_stats:
- data:
- installer_phase_nfs: "Complete"
- aggregate: false
diff --git a/playbooks/common/openshift-nfs/filter_plugins b/playbooks/common/openshift-nfs/filter_plugins
deleted file mode 120000
index 99a95e4ca..000000000
--- a/playbooks/common/openshift-nfs/filter_plugins
+++ /dev/null
@@ -1 +0,0 @@
-../../../filter_plugins \ No newline at end of file
diff --git a/playbooks/common/openshift-nfs/lookup_plugins b/playbooks/common/openshift-nfs/lookup_plugins
deleted file mode 120000
index ac79701db..000000000
--- a/playbooks/common/openshift-nfs/lookup_plugins
+++ /dev/null
@@ -1 +0,0 @@
-../../../lookup_plugins \ No newline at end of file
diff --git a/playbooks/common/openshift-node/additional_config.yml b/playbooks/common/openshift-node/additional_config.yml
deleted file mode 100644
index ac757397b..000000000
--- a/playbooks/common/openshift-node/additional_config.yml
+++ /dev/null
@@ -1,64 +0,0 @@
----
-- name: create additional node network plugin groups
- hosts: "{{ openshift_node_scale_up_group | default('oo_nodes_to_config') }}"
- tasks:
- # Creating these node groups will prevent a ton of skipped tasks.
- # Create group for flannel nodes
- - group_by:
- key: oo_nodes_use_{{ (openshift_use_flannel | default(False)) | ternary('flannel','nothing') }}
- changed_when: False
- # Create group for calico nodes
- - group_by:
- key: oo_nodes_use_{{ (openshift_use_calico | default(False)) | ternary('calico','nothing') }}
- changed_when: False
- # Create group for nuage nodes
- - group_by:
- key: oo_nodes_use_{{ (openshift_use_nuage | default(False)) | ternary('nuage','nothing') }}
- changed_when: False
- # Create group for contiv nodes
- - group_by:
- key: oo_nodes_use_{{ (openshift_use_contiv | default(False)) | ternary('contiv','nothing') }}
- changed_when: False
- # Create group for kuryr nodes
- - group_by:
- key: oo_nodes_use_{{ (openshift_use_kuryr | default(False)) | ternary('kuryr','nothing') }}
- changed_when: False
-
-- include: etcd_client_config.yml
- vars:
- openshift_node_scale_up_group: "oo_nodes_use_flannel:oo_nodes_use_calico:oo_nodes_use_contiv:oo_nodes_use_kuryr"
-
-- name: Additional node config
- hosts: oo_nodes_use_flannel
- roles:
- - role: flannel
- etcd_urls: "{{ hostvars[groups.oo_first_master.0].openshift.master.etcd_urls }}"
- embedded_etcd: "{{ hostvars[groups.oo_first_master.0].openshift.master.embedded_etcd }}"
- when: openshift_use_flannel | default(false) | bool
-
-- name: Additional node config
- hosts: oo_nodes_use_calico
- roles:
- - role: calico
- when: openshift_use_calico | default(false) | bool
-
-- name: Additional node config
- hosts: oo_nodes_use_nuage
- roles:
- - role: nuage_node
- when: openshift_use_nuage | default(false) | bool
-
-- name: Additional node config
- hosts: oo_nodes_use_contiv
- roles:
- - role: contiv
- contiv_role: netplugin
- when: openshift_use_contiv | default(false) | bool
-
-- name: Configure Kuryr node
- hosts: oo_nodes_use_kuryr
- tasks:
- - include_role:
- name: kuryr
- tasks_from: node
- when: openshift_use_kuryr | default(false) | bool
diff --git a/playbooks/common/openshift-node/config.yml b/playbooks/common/openshift-node/config.yml
deleted file mode 100644
index 4f8f98aef..000000000
--- a/playbooks/common/openshift-node/config.yml
+++ /dev/null
@@ -1,34 +0,0 @@
----
-- name: Node Install Checkpoint Start
- hosts: oo_all_hosts
- gather_facts: false
- tasks:
- - name: Set Node install 'In Progress'
- set_stats:
- data:
- installer_phase_node: "In Progress"
- aggregate: false
-
-- include: certificates.yml
-
-- include: setup.yml
-
-- include: containerized_nodes.yml
-
-- include: configure_nodes.yml
-
-- include: additional_config.yml
-
-- include: manage_node.yml
-
-- include: enable_excluders.yml
-
-- name: Node Install Checkpoint End
- hosts: oo_all_hosts
- gather_facts: false
- tasks:
- - name: Set Node install 'Complete'
- set_stats:
- data:
- installer_phase_node: "Complete"
- aggregate: false
diff --git a/playbooks/common/openshift-node/configure_nodes.yml b/playbooks/common/openshift-node/configure_nodes.yml
deleted file mode 100644
index 17259422d..000000000
--- a/playbooks/common/openshift-node/configure_nodes.yml
+++ /dev/null
@@ -1,17 +0,0 @@
----
-- name: Configure nodes
- hosts: oo_nodes_to_config:!oo_containerized_master_nodes
- vars:
- openshift_node_master_api_url: "{{ hostvars[groups.oo_first_master.0].openshift.master.api_url }}"
- openshift_node_first_master_ip: "{{ hostvars[groups.oo_first_master.0].openshift.common.ip }}"
- openshift_docker_hosted_registry_network: "{{ hostvars[groups.oo_first_master.0].openshift.common.portal_net }}"
- openshift_no_proxy_internal_hostnames: "{{ hostvars | oo_select_keys(groups['oo_nodes_to_config']
- | union(groups['oo_masters_to_config'])
- | union(groups['oo_etcd_to_config'] | default([])))
- | oo_collect('openshift.common.hostname') | default([]) | join (',')
- }}"
- roles:
- - role: os_firewall
- - role: openshift_node
- - role: tuned
- - role: nickhammond.logrotate
diff --git a/playbooks/common/openshift-node/containerized_nodes.yml b/playbooks/common/openshift-node/containerized_nodes.yml
deleted file mode 100644
index 6fac937e3..000000000
--- a/playbooks/common/openshift-node/containerized_nodes.yml
+++ /dev/null
@@ -1,19 +0,0 @@
----
-- name: Configure containerized nodes
- hosts: oo_containerized_master_nodes
- serial: 1
- vars:
- openshift_node_master_api_url: "{{ hostvars[groups.oo_first_master.0].openshift.master.api_url }}"
- openshift_node_first_master_ip: "{{ hostvars[groups.oo_first_master.0].openshift.common.ip }}"
- openshift_docker_hosted_registry_network: "{{ hostvars[groups.oo_first_master.0].openshift.common.portal_net }}"
- openshift_no_proxy_internal_hostnames: "{{ hostvars | oo_select_keys(groups['oo_nodes_to_config']
- | union(groups['oo_masters_to_config'])
- | union(groups['oo_etcd_to_config'] | default([])))
- | oo_collect('openshift.common.hostname') | default([]) | join (',')
- }}"
-
- roles:
- - role: os_firewall
- - role: openshift_node
- openshift_ca_host: "{{ groups.oo_first_master.0 }}"
- - role: nickhammond.logrotate
diff --git a/playbooks/common/openshift-node/enable_excluders.yml b/playbooks/common/openshift-node/enable_excluders.yml
deleted file mode 100644
index 5288b14f9..000000000
--- a/playbooks/common/openshift-node/enable_excluders.yml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-- name: Re-enable excluder if it was previously enabled
- hosts: oo_nodes_to_config
- gather_facts: no
- roles:
- - role: openshift_excluder
- r_openshift_excluder_action: enable
- r_openshift_excluder_service_type: "{{ openshift.common.service_type }}"
diff --git a/playbooks/common/openshift-node/filter_plugins b/playbooks/common/openshift-node/filter_plugins
deleted file mode 120000
index 99a95e4ca..000000000
--- a/playbooks/common/openshift-node/filter_plugins
+++ /dev/null
@@ -1 +0,0 @@
-../../../filter_plugins \ No newline at end of file
diff --git a/playbooks/common/openshift-node/image_prep.yml b/playbooks/common/openshift-node/image_prep.yml
deleted file mode 100644
index 30651a1df..000000000
--- a/playbooks/common/openshift-node/image_prep.yml
+++ /dev/null
@@ -1,24 +0,0 @@
----
-- name: normalize groups
- include: ../../byo/openshift-cluster/initialize_groups.yml
-
-- name: evaluate the groups
- include: ../openshift-cluster/evaluate_groups.yml
-
-- name: initialize the facts
- include: ../openshift-cluster/initialize_facts.yml
-
-- name: initialize the repositories
- include: ../openshift-cluster/initialize_openshift_repos.yml
-
-- name: run node config setup
- include: setup.yml
-
-- name: run node config
- include: configure_nodes.yml
-
-- name: Re-enable excluders
- include: enable_excluders.yml
-
-- name: Remove any undesired artifacts from build
- include: clean_image.yml
diff --git a/playbooks/common/openshift-node/lookup_plugins b/playbooks/common/openshift-node/lookup_plugins
deleted file mode 120000
index ac79701db..000000000
--- a/playbooks/common/openshift-node/lookup_plugins
+++ /dev/null
@@ -1 +0,0 @@
-../../../lookup_plugins \ No newline at end of file
diff --git a/playbooks/common/openshift-node/manage_node.yml b/playbooks/common/openshift-node/manage_node.yml
deleted file mode 100644
index f48a19a9c..000000000
--- a/playbooks/common/openshift-node/manage_node.yml
+++ /dev/null
@@ -1,12 +0,0 @@
----
-- name: Additional node config
- hosts: "{{ openshift_node_scale_up_group | default('oo_nodes_to_config') }}"
- vars:
- openshift_node_master_api_url: "{{ hostvars[groups.oo_first_master.0].openshift.master.api_url }}"
- roles:
- - role: openshift_manage_node
- openshift_master_host: "{{ groups.oo_first_master.0 }}"
- tasks:
- - name: Create group for deployment type
- group_by: key=oo_nodes_deployment_type_{{ openshift.common.deployment_type }}
- changed_when: False
diff --git a/playbooks/common/openshift-node/network_manager.yml b/playbooks/common/openshift-node/network_manager.yml
deleted file mode 100644
index b3a7399dc..000000000
--- a/playbooks/common/openshift-node/network_manager.yml
+++ /dev/null
@@ -1,28 +0,0 @@
----
-- include: ../openshift-cluster/evaluate_groups.yml
-
-- name: Install and configure NetworkManager
- hosts: oo_all_hosts
- become: yes
- tasks:
- - name: install NetworkManager
- package:
- name: 'NetworkManager'
- state: present
-
- - name: configure NetworkManager
- lineinfile:
- dest: "/etc/sysconfig/network-scripts/ifcfg-{{ ansible_default_ipv4['interface'] }}"
- regexp: '^{{ item }}='
- line: '{{ item }}=yes'
- state: present
- create: yes
- with_items:
- - 'USE_PEERDNS'
- - 'NM_CONTROLLED'
-
- - name: enable and start NetworkManager
- service:
- name: 'NetworkManager'
- state: started
- enabled: yes
diff --git a/playbooks/common/openshift-node/restart.yml b/playbooks/common/openshift-node/restart.yml
deleted file mode 100644
index c3beb59b7..000000000
--- a/playbooks/common/openshift-node/restart.yml
+++ /dev/null
@@ -1,61 +0,0 @@
----
-- name: Restart nodes
- hosts: oo_nodes_to_config
- serial: "{{ openshift_restart_nodes_serial | default(1) }}"
-
- roles:
- - lib_openshift
-
- tasks:
- - name: Restart docker
- service:
- name: docker
- state: restarted
- register: l_docker_restart_docker_in_node_result
- until: not l_docker_restart_docker_in_node_result | failed
- retries: 3
- delay: 30
-
- - name: Update docker facts
- openshift_facts:
- role: docker
-
- - name: Restart containerized services
- service:
- name: "{{ item }}"
- state: started
- with_items:
- - etcd_container
- - openvswitch
- - "{{ openshift.common.service_type }}-master-api"
- - "{{ openshift.common.service_type }}-master-controllers"
- - "{{ openshift.common.service_type }}-node"
- failed_when: false
- when: openshift.common.is_containerized | bool
-
- - name: Wait for master API to come back online
- wait_for:
- host: "{{ openshift.common.hostname }}"
- state: started
- delay: 10
- port: "{{ openshift.master.api_port }}"
- timeout: 600
- when: inventory_hostname in groups.oo_masters_to_config
-
- - name: restart node
- service:
- name: "{{ openshift.common.service_type }}-node"
- state: restarted
-
- - name: Wait for node to be ready
- oc_obj:
- state: list
- kind: node
- name: "{{ openshift.common.hostname | lower }}"
- register: node_output
- delegate_to: "{{ groups.oo_first_master.0 }}"
- when: inventory_hostname in groups.oo_nodes_to_config
- until: node_output.results.returncode == 0 and node_output.results.results[0].status.conditions | selectattr('type', 'match', '^Ready$') | map(attribute='status') | join | bool == True
- # Give the node two minutes to come back online.
- retries: 24
- delay: 5
diff --git a/playbooks/common/openshift-node/roles b/playbooks/common/openshift-node/roles
deleted file mode 120000
index e2b799b9d..000000000
--- a/playbooks/common/openshift-node/roles
+++ /dev/null
@@ -1 +0,0 @@
-../../../roles/ \ No newline at end of file
diff --git a/playbooks/common/openshift-node/setup.yml b/playbooks/common/openshift-node/setup.yml
deleted file mode 100644
index 794c03a67..000000000
--- a/playbooks/common/openshift-node/setup.yml
+++ /dev/null
@@ -1,27 +0,0 @@
----
-- name: Disable excluders
- hosts: oo_nodes_to_config
- gather_facts: no
- roles:
- - role: openshift_excluder
- r_openshift_excluder_action: disable
- r_openshift_excluder_service_type: "{{ openshift.common.service_type }}"
-
-- name: Evaluate node groups
- hosts: localhost
- become: no
- connection: local
- tasks:
- - name: Evaluate oo_containerized_master_nodes
- add_host:
- name: "{{ item }}"
- groups: oo_containerized_master_nodes
- ansible_ssh_user: "{{ g_ssh_user | default(omit) }}"
- ansible_become: "{{ g_sudo | default(omit) }}"
- with_items: "{{ groups.oo_nodes_to_config | default([]) }}"
- when:
- - hostvars[item].openshift is defined
- - hostvars[item].openshift.common is defined
- - hostvars[item].openshift.common.is_containerized | bool
- - (item in groups.oo_nodes_to_config and item in groups.oo_masters_to_config)
- changed_when: False
diff --git a/playbooks/container-runtime/config.yml b/playbooks/container-runtime/config.yml
new file mode 100644
index 000000000..f15aa771f
--- /dev/null
+++ b/playbooks/container-runtime/config.yml
@@ -0,0 +1,6 @@
+---
+- import_playbook: ../init/main.yml
+ vars:
+ skip_verison: True
+
+- import_playbook: private/config.yml
diff --git a/playbooks/container-runtime/private/config.yml b/playbooks/container-runtime/private/config.yml
new file mode 100644
index 000000000..67445edeb
--- /dev/null
+++ b/playbooks/container-runtime/private/config.yml
@@ -0,0 +1,28 @@
+---
+- hosts: "{{ l_containerized_host_groups }}"
+ vars:
+ l_chg_temp: "{{ openshift_containerized_host_groups | default([]) }}"
+ l_containerized_host_groups: "{{ (['oo_nodes_to_config'] | union(l_chg_temp)) | join(':') }}"
+ # role: container_runtime is necessary here to bring role default variables
+ # into the play scope.
+ roles:
+ - role: container_runtime
+ tasks:
+ - include_role:
+ name: container_runtime
+ tasks_from: package_docker.yml
+ when:
+ - not openshift_docker_use_system_container | bool
+ - not openshift_use_crio_only | bool
+ - include_role:
+ name: container_runtime
+ tasks_from: systemcontainer_docker.yml
+ when:
+ - openshift_docker_use_system_container | bool
+ - not openshift_use_crio_only | bool
+ - include_role:
+ name: container_runtime
+ tasks_from: systemcontainer_crio.yml
+ when:
+ - openshift_use_crio | bool
+ - openshift_docker_is_node_or_master | bool
diff --git a/playbooks/container-runtime/private/roles b/playbooks/container-runtime/private/roles
new file mode 120000
index 000000000..148b13206
--- /dev/null
+++ b/playbooks/container-runtime/private/roles
@@ -0,0 +1 @@
+../../roles/ \ No newline at end of file
diff --git a/playbooks/deploy_cluster.yml b/playbooks/deploy_cluster.yml
new file mode 100644
index 000000000..0e6bde09a
--- /dev/null
+++ b/playbooks/deploy_cluster.yml
@@ -0,0 +1,46 @@
+---
+- import_playbook: init/main.yml
+
+- import_playbook: openshift-checks/private/install.yml
+
+- import_playbook: openshift-etcd/private/config.yml
+
+- import_playbook: openshift-nfs/private/config.yml
+ when: groups.oo_nfs_to_config | default([]) | count > 0
+
+- import_playbook: openshift-loadbalancer/private/config.yml
+ when: groups.oo_lb_to_config | default([]) | count > 0
+
+- import_playbook: openshift-master/private/config.yml
+
+- import_playbook: openshift-master/private/additional_config.yml
+
+- import_playbook: openshift-node/private/config.yml
+
+- import_playbook: openshift-glusterfs/private/config.yml
+ when: groups.oo_glusterfs_to_config | default([]) | count > 0
+
+- import_playbook: openshift-hosted/private/config.yml
+
+- import_playbook: openshift-metrics/private/config.yml
+ when: openshift_metrics_install_metrics | default(false) | bool
+
+- import_playbook: openshift-logging/private/config.yml
+ when: openshift_logging_install_logging | default(false) | bool
+
+- import_playbook: openshift-prometheus/private/config.yml
+ when: openshift_hosted_prometheus_deploy | default(false) | bool
+
+- import_playbook: openshift-service-catalog/private/config.yml
+ when: openshift_enable_service_catalog | default(true) | bool
+
+- import_playbook: openshift-management/private/config.yml
+ when: openshift_management_install_management | default(false) | bool
+
+- name: Print deprecated variable warning message if necessary
+ hosts: oo_first_master
+ gather_facts: no
+ tasks:
+ - debug: msg="{{__deprecation_message}}"
+ when:
+ - __deprecation_message | default ('') | length > 0
diff --git a/playbooks/gcp/openshift-cluster/provision.yml b/playbooks/gcp/openshift-cluster/provision.yml
deleted file mode 100644
index a3d1d46a6..000000000
--- a/playbooks/gcp/openshift-cluster/provision.yml
+++ /dev/null
@@ -1,19 +0,0 @@
----
-- name: Ensure all cloud resources necessary for the cluster, including instances, have been started
- hosts: localhost
- connection: local
- gather_facts: no
- tasks:
-
- - name: provision a GCP cluster in the specified project
- include_role:
- name: openshift_gcp
-
-- name: normalize groups
- include: ../../byo/openshift-cluster/initialize_groups.yml
-
-- name: run the std_include
- include: ../../common/openshift-cluster/std_include.yml
-
-- name: run the config
- include: ../../common/openshift-cluster/config.yml
diff --git a/playbooks/gcp/provision.yml b/playbooks/gcp/provision.yml
new file mode 100644
index 000000000..6016e6a78
--- /dev/null
+++ b/playbooks/gcp/provision.yml
@@ -0,0 +1,13 @@
+---
+- name: Ensure all cloud resources necessary for the cluster, including instances, have been started
+ hosts: localhost
+ connection: local
+ gather_facts: no
+ tasks:
+
+ - name: provision a GCP cluster in the specified project
+ include_role:
+ name: openshift_gcp
+
+- name: run the cluster deploy
+ import_playbook: ../deploy_cluster.yml
diff --git a/playbooks/init/evaluate_groups.yml b/playbooks/init/evaluate_groups.yml
new file mode 100644
index 000000000..8087f6ffc
--- /dev/null
+++ b/playbooks/init/evaluate_groups.yml
@@ -0,0 +1,188 @@
+---
+- name: Populate config host groups
+ hosts: localhost
+ connection: local
+ become: no
+ gather_facts: no
+ tasks:
+ - name: Load group name mapping variables
+ include_vars: vars/cluster_hosts.yml
+
+ - name: Evaluate groups - g_etcd_hosts or g_new_etcd_hosts required
+ fail:
+ msg: This playbook requires g_etcd_hosts or g_new_etcd_hosts to be set
+ when: g_etcd_hosts is not defined and g_new_etcd_hosts is not defined
+
+ - name: Evaluate groups - g_master_hosts or g_new_master_hosts required
+ fail:
+ msg: This playbook requires g_master_hosts or g_new_master_hosts to be set
+ when: g_master_hosts is not defined and g_new_master_hosts is not defined
+
+ - name: Evaluate groups - g_node_hosts or g_new_node_hosts required
+ fail:
+ msg: This playbook requires g_node_hosts or g_new_node_hosts to be set
+ when: g_node_hosts is not defined and g_new_node_hosts is not defined
+
+ - name: Evaluate groups - g_lb_hosts required
+ fail:
+ msg: This playbook requires g_lb_hosts to be set
+ when: g_lb_hosts is not defined
+
+ - name: Evaluate groups - g_nfs_hosts required
+ fail:
+ msg: This playbook requires g_nfs_hosts to be set
+ when: g_nfs_hosts is not defined
+
+ - name: Evaluate groups - g_nfs_hosts is single host
+ fail:
+ msg: The nfs group must be limited to one host
+ when: g_nfs_hosts | default([]) | length > 1
+
+ - name: Evaluate groups - g_glusterfs_hosts required
+ fail:
+ msg: This playbook requires g_glusterfs_hosts to be set
+ when: g_glusterfs_hosts is not defined
+
+ - name: Evaluate groups - Fail if no etcd hosts group is defined
+ fail:
+ msg: >
+ Running etcd as an embedded service is no longer supported.
+ when:
+ - g_etcd_hosts | default([]) | length not in [3,1]
+ - not (openshift_node_bootstrap | default(False))
+
+ - name: Evaluate oo_all_hosts
+ add_host:
+ name: "{{ item }}"
+ groups: oo_all_hosts
+ ansible_ssh_user: "{{ g_ssh_user | default(omit) }}"
+ ansible_become: "{{ g_sudo | default(omit) }}"
+ with_items: "{{ g_all_hosts | default([]) }}"
+ changed_when: no
+
+ - name: Evaluate oo_masters
+ add_host:
+ name: "{{ item }}"
+ groups: oo_masters
+ ansible_ssh_user: "{{ g_ssh_user | default(omit) }}"
+ ansible_become: "{{ g_sudo | default(omit) }}"
+ with_items: "{{ g_master_hosts | union(g_new_master_hosts) | default([]) }}"
+ changed_when: no
+
+ - name: Evaluate oo_first_master
+ add_host:
+ name: "{{ g_master_hosts[0] }}"
+ groups: oo_first_master
+ ansible_ssh_user: "{{ g_ssh_user | default(omit) }}"
+ ansible_become: "{{ g_sudo | default(omit) }}"
+ when: g_master_hosts|length > 0
+ changed_when: no
+
+ - name: Evaluate oo_new_etcd_to_config
+ add_host:
+ name: "{{ item }}"
+ groups: oo_new_etcd_to_config
+ ansible_ssh_user: "{{ g_ssh_user | default(omit) }}"
+ ansible_become: "{{ g_sudo | default(omit) }}"
+ with_items: "{{ g_new_etcd_hosts | default([]) }}"
+ changed_when: no
+
+ - name: Evaluate oo_masters_to_config
+ add_host:
+ name: "{{ item }}"
+ groups: oo_masters_to_config
+ ansible_ssh_user: "{{ g_ssh_user | default(omit) }}"
+ ansible_become: "{{ g_sudo | default(omit) }}"
+ with_items: "{{ g_new_master_hosts | default(g_master_hosts | default([], true), true) }}"
+ changed_when: no
+
+ - name: Evaluate oo_etcd_to_config
+ add_host:
+ name: "{{ item }}"
+ groups: oo_etcd_to_config
+ ansible_ssh_user: "{{ g_ssh_user | default(omit) }}"
+ ansible_become: "{{ g_sudo | default(omit) }}"
+ with_items: "{{ g_etcd_hosts | default([]) }}"
+ changed_when: no
+
+ - name: Evaluate oo_first_etcd
+ add_host:
+ name: "{{ g_etcd_hosts[0] }}"
+ groups: oo_first_etcd
+ ansible_ssh_user: "{{ g_ssh_user | default(omit) }}"
+ ansible_become: "{{ g_sudo | default(omit) }}"
+ when: g_etcd_hosts|length > 0
+ changed_when: no
+
+ # We use two groups one for hosts we're upgrading which doesn't include embedded etcd
+ # The other for backing up which includes the embedded etcd host, there's no need to
+ # upgrade embedded etcd that just happens when the master is updated.
+ - name: Evaluate oo_etcd_hosts_to_upgrade
+ add_host:
+ name: "{{ item }}"
+ groups: oo_etcd_hosts_to_upgrade
+ with_items: "{{ groups.oo_etcd_to_config if groups.oo_etcd_to_config is defined and groups.oo_etcd_to_config | length > 0 else [] }}"
+ changed_when: False
+
+ - name: Evaluate oo_etcd_hosts_to_backup
+ add_host:
+ name: "{{ item }}"
+ groups: oo_etcd_hosts_to_backup
+ with_items: "{{ groups.oo_etcd_to_config if groups.oo_etcd_to_config is defined and groups.oo_etcd_to_config | length > 0 else (groups.oo_first_master | default([])) }}"
+ changed_when: False
+
+ - name: Evaluate oo_nodes_to_config
+ add_host:
+ name: "{{ item }}"
+ groups: oo_nodes_to_config
+ ansible_ssh_user: "{{ g_ssh_user | default(omit) }}"
+ ansible_become: "{{ g_sudo | default(omit) }}"
+ with_items: "{{ g_new_node_hosts | default(g_node_hosts | default([], true), true) }}"
+ changed_when: no
+
+ # Skip adding the master to oo_nodes_to_config when g_new_node_hosts is
+ - name: Add master to oo_nodes_to_config
+ add_host:
+ name: "{{ item }}"
+ groups: oo_nodes_to_config
+ ansible_ssh_user: "{{ g_ssh_user | default(omit) }}"
+ ansible_become: "{{ g_sudo | default(omit) }}"
+ with_items: "{{ g_master_hosts | default([]) }}"
+ when: g_nodeonmaster | default(false) | bool and not g_new_node_hosts | default(false) | bool
+ changed_when: no
+
+ - name: Evaluate oo_lb_to_config
+ add_host:
+ name: "{{ item }}"
+ groups: oo_lb_to_config
+ ansible_ssh_user: "{{ g_ssh_user | default(omit) }}"
+ ansible_become: "{{ g_sudo | default(omit) }}"
+ with_items: "{{ g_lb_hosts | default([]) }}"
+ changed_when: no
+
+ - name: Evaluate oo_nfs_to_config
+ add_host:
+ name: "{{ item }}"
+ groups: oo_nfs_to_config
+ ansible_ssh_user: "{{ g_ssh_user | default(omit) }}"
+ ansible_become: "{{ g_sudo | default(omit) }}"
+ with_items: "{{ g_nfs_hosts | default([]) }}"
+ changed_when: no
+
+ - name: Evaluate oo_glusterfs_to_config
+ add_host:
+ name: "{{ item }}"
+ groups: oo_glusterfs_to_config
+ ansible_ssh_user: "{{ g_ssh_user | default(omit) }}"
+ ansible_become: "{{ g_sudo | default(omit) }}"
+ with_items: "{{ g_glusterfs_hosts | union(g_glusterfs_registry_hosts | default([])) }}"
+ changed_when: no
+
+ - name: Evaluate oo_etcd_to_migrate
+ add_host:
+ name: "{{ item }}"
+ groups: oo_etcd_to_migrate
+ ansible_ssh_user: "{{ g_ssh_user | default(omit) }}"
+ ansible_become: "{{ g_sudo | default(omit) }}"
+ with_items: "{{ groups.oo_etcd_to_config if groups.oo_etcd_to_config | default([]) | length != 0 else (groups.oo_first_master |default([]))}}"
+ changed_when: no
diff --git a/playbooks/init/facts.yml b/playbooks/init/facts.yml
new file mode 100644
index 000000000..9fec95b17
--- /dev/null
+++ b/playbooks/init/facts.yml
@@ -0,0 +1,147 @@
+---
+- name: Ensure that all non-node hosts are accessible
+ hosts: oo_masters_to_config:oo_etcd_to_config:oo_lb_to_config:oo_nfs_to_config
+ any_errors_fatal: true
+ tasks:
+
+- name: Initialize host facts
+ hosts: oo_all_hosts
+ tasks:
+ - name: load openshift_facts module
+ import_role:
+ name: openshift_facts
+
+ # TODO: Should this role be refactored into health_checks??
+ - name: Run openshift_sanitize_inventory to set variables
+ include_role:
+ name: openshift_sanitize_inventory
+
+ - name: Detecting Operating System from ostree_booted
+ stat:
+ path: /run/ostree-booted
+ register: ostree_booted
+
+ # Locally setup containerized facts for now
+ - name: initialize_facts set fact l_is_atomic
+ set_fact:
+ l_is_atomic: "{{ ostree_booted.stat.exists }}"
+
+ - name: initialize_facts set fact for containerized and l_is_*_system_container
+ set_fact:
+ l_is_containerized: "{{ (l_is_atomic | bool) or (containerized | default(false) | bool) }}"
+
+ # TODO: Should this be moved into health checks??
+ # Seems as though any check that happens with a corresponding fail should move into health_checks
+ - name: Validate python version - ans_dist is fedora and python is v3
+ fail:
+ msg: |
+ openshift-ansible requires Python 3 for {{ ansible_distribution }};
+ For information on enabling Python 3 with Ansible, see https://docs.ansible.com/ansible/python_3_support.html
+ when:
+ - ansible_distribution == 'Fedora'
+ - ansible_python['version']['major'] != 3
+
+ # TODO: Should this be moved into health checks??
+ # Seems as though any check that happens with a corresponding fail should move into health_checks
+ - name: Validate python version - ans_dist not Fedora and python must be v2
+ fail:
+ msg: "openshift-ansible requires Python 2 for {{ ansible_distribution }}"
+ when:
+ - ansible_distribution != 'Fedora'
+ - ansible_python['version']['major'] != 2
+
+ # TODO: Should this be moved into health checks??
+ # Seems as though any check that happens with a corresponding fail should move into health_checks
+ # Fail as early as possible if Atomic and old version of Docker
+ - when:
+ - l_is_atomic | bool
+ block:
+
+ # See https://access.redhat.com/articles/2317361
+ # and https://github.com/ansible/ansible/issues/15892
+ # NOTE: the "'s can not be removed at this level else the docker command will fail
+ # NOTE: When ansible >2.2.1.x is used this can be updated per
+ # https://github.com/openshift/openshift-ansible/pull/3475#discussion_r103525121
+ - name: Determine Atomic Host Docker Version
+ shell: 'CURLY="{"; docker version --format "$CURLY{json .Server.Version}}"'
+ register: l_atomic_docker_version
+
+ - name: assert atomic host docker version is 1.12 or later
+ assert:
+ that:
+ - l_atomic_docker_version.stdout | replace('"', '') is version_compare('1.12','>=')
+ msg: Installation on Atomic Host requires Docker 1.12 or later. Please upgrade and restart the Atomic Host.
+
+ - when:
+ - not l_is_atomic | bool
+ block:
+ - name: Ensure openshift-ansible installer package deps are installed
+ package:
+ name: "{{ item }}"
+ state: present
+ with_items:
+ - iproute
+ - "{{ 'python3-dbus' if ansible_distribution == 'Fedora' else 'dbus-python' }}"
+ - "{{ 'python3-PyYAML' if ansible_distribution == 'Fedora' else 'PyYAML' }}"
+ - yum-utils
+ register: result
+ until: result is succeeded
+
+ - name: Ensure various deps for running system containers are installed
+ package:
+ name: "{{ item }}"
+ state: present
+ with_items:
+ - atomic
+ - ostree
+ - runc
+ when:
+ - >
+ (openshift_use_system_containers | default(False)) | bool
+ or (openshift_use_etcd_system_container | default(False)) | bool
+ or (openshift_use_openvswitch_system_container | default(False)) | bool
+ or (openshift_use_node_system_container | default(False)) | bool
+ or (openshift_use_master_system_container | default(False)) | bool
+ register: result
+ until: result is succeeded
+
+ - name: Gather Cluster facts and set is_containerized if needed
+ openshift_facts:
+ role: common
+ local_facts:
+ deployment_type: "{{ openshift_deployment_type }}"
+ deployment_subtype: "{{ openshift_deployment_subtype | default(None) }}"
+ hostname: "{{ openshift_hostname | default(None) }}"
+ ip: "{{ openshift_ip | default(None) }}"
+ is_containerized: "{{ l_is_containerized | default(None) }}"
+ public_hostname: "{{ openshift_public_hostname | default(None) }}"
+ public_ip: "{{ openshift_public_ip | default(None) }}"
+ portal_net: "{{ openshift_portal_net | default(openshift_master_portal_net) | default(None) }}"
+ http_proxy: "{{ openshift_http_proxy | default(None) }}"
+ https_proxy: "{{ openshift_https_proxy | default(None) }}"
+ no_proxy: "{{ openshift_no_proxy | default(None) }}"
+ generate_no_proxy_hosts: "{{ openshift_generate_no_proxy_hosts | default(True) }}"
+
+ - name: Set fact of no_proxy_internal_hostnames
+ openshift_facts:
+ role: common
+ local_facts:
+ no_proxy_internal_hostnames: "{{ hostvars | lib_utils_oo_select_keys(groups['oo_nodes_to_config']
+ | union(groups['oo_masters_to_config'])
+ | union(groups['oo_etcd_to_config'] | default([])))
+ | lib_utils_oo_collect('openshift.common.hostname') | default([]) | join (',')
+ }}"
+ when:
+ - openshift_http_proxy is defined or openshift_https_proxy is defined
+ - openshift_generate_no_proxy_hosts | default(True) | bool
+
+ - name: Initialize openshift.node.sdn_mtu
+ openshift_facts:
+ role: node
+ local_facts:
+ sdn_mtu: "{{ openshift_node_sdn_mtu | default(None) }}"
+
+ - name: initialize_facts set_fact repoquery command
+ set_fact:
+ repoquery_cmd: "{{ 'dnf repoquery --latest-limit 1 -d 0' if ansible_pkg_mgr == 'dnf' else 'repoquery --plugins' }}"
+ repoquery_installed: "{{ 'dnf repoquery --latest-limit 1 -d 0 --disableexcludes=all --installed' if ansible_pkg_mgr == 'dnf' else 'repoquery --plugins --installed' }}"
diff --git a/playbooks/init/main.yml b/playbooks/init/main.yml
new file mode 100644
index 000000000..06e8ba504
--- /dev/null
+++ b/playbooks/init/main.yml
@@ -0,0 +1,39 @@
+---
+- name: Initialization Checkpoint Start
+ hosts: all
+ gather_facts: false
+ roles:
+ - installer_checkpoint
+ tasks:
+ - name: Set install initialization 'In Progress'
+ run_once: true
+ set_stats:
+ data:
+ installer_phase_initialize:
+ status: "In Progress"
+ start: "{{ lookup('pipe', 'date +%Y%m%d%H%M%SZ') }}"
+
+- import_playbook: evaluate_groups.yml
+
+- import_playbook: facts.yml
+
+- import_playbook: sanity_checks.yml
+ when: not (skip_sanity_checks | default(False))
+
+- import_playbook: validate_hostnames.yml
+ when: not (skip_validate_hostnames | default(False))
+
+- import_playbook: version.yml
+ when: not (skip_verison | default(False))
+
+- name: Initialization Checkpoint End
+ hosts: all
+ gather_facts: false
+ tasks:
+ - name: Set install initialization 'Complete'
+ run_once: true
+ set_stats:
+ data:
+ installer_phase_initialize:
+ status: "Complete"
+ end: "{{ lookup('pipe', 'date +%Y%m%d%H%M%SZ') }}"
diff --git a/playbooks/init/repos.yml b/playbooks/init/repos.yml
new file mode 100644
index 000000000..66786a41a
--- /dev/null
+++ b/playbooks/init/repos.yml
@@ -0,0 +1,16 @@
+---
+- name: Setup yum repositories for all hosts
+ hosts: oo_all_hosts
+ gather_facts: no
+ tasks:
+ - name: subscribe instances to Red Hat Subscription Manager
+ include_role:
+ name: rhel_subscribe
+ when:
+ - ansible_distribution == 'RedHat'
+ - deployment_type == 'openshift-enterprise'
+ - rhsub_user is defined
+ - rhsub_pass is defined
+ - name: initialize openshift repos
+ include_role:
+ name: openshift_repos
diff --git a/playbooks/init/roles b/playbooks/init/roles
new file mode 120000
index 000000000..b741aa3db
--- /dev/null
+++ b/playbooks/init/roles
@@ -0,0 +1 @@
+../../roles \ No newline at end of file
diff --git a/playbooks/common/openshift-cluster/sanity_checks.yml b/playbooks/init/sanity_checks.yml
index 26716a92d..26716a92d 100644
--- a/playbooks/common/openshift-cluster/sanity_checks.yml
+++ b/playbooks/init/sanity_checks.yml
diff --git a/playbooks/init/validate_hostnames.yml b/playbooks/init/validate_hostnames.yml
new file mode 100644
index 000000000..86e0b2416
--- /dev/null
+++ b/playbooks/init/validate_hostnames.yml
@@ -0,0 +1,43 @@
+---
+- name: Validate node hostnames
+ hosts: oo_nodes_to_config
+ any_errors_fatal: true
+ tasks:
+ - name: Query DNS for IP address of {{ openshift.common.hostname }}
+ shell:
+ getent ahostsv4 {{ openshift.common.hostname }} | head -n 1 | awk '{ print $1 }'
+ register: lookupip
+ changed_when: false
+ failed_when: false
+
+ - name: Validate openshift_hostname when defined
+ fail:
+ msg: >
+ The hostname {{ openshift.common.hostname }} for {{ ansible_nodename }}
+ doesn't resolve to an IP address owned by this host. Please set
+ openshift_hostname variable to a hostname that when resolved on the host
+ in question resolves to an IP address matching an interface on this host.
+ This will ensure proper functionality of OpenShift networking features.
+ Inventory setting: openshift_hostname={{ openshift_hostname }}
+ This check can be overridden by setting openshift_hostname_check=false in
+ the inventory.
+ See https://docs.openshift.org/latest/install_config/install/advanced_install.html#configuring-host-variables
+ when:
+ - lookupip.stdout != '127.0.0.1'
+ - lookupip.stdout not in ansible_all_ipv4_addresses
+ - openshift_hostname_check | default(true)
+
+ - name: Validate openshift_ip exists on node when defined
+ fail:
+ msg: >
+ The IP address {{ openshift_ip }} does not exist on {{ ansible_nodename }}.
+ Please set the openshift_ip variable to an IP address of this node.
+ This will ensure proper functionality of OpenShift networking features.
+ Inventory setting: openshift_ip={{ openshift_ip }}
+ This check can be overridden by setting openshift_ip_check=false in
+ the inventory.
+ See https://docs.openshift.org/latest/install_config/install/advanced_install.html#configuring-host-variables
+ when:
+ - openshift_ip is defined
+ - openshift_ip not in ansible_all_ipv4_addresses
+ - openshift_ip_check | default(true)
diff --git a/playbooks/byo/openshift-cluster/cluster_hosts.yml b/playbooks/init/vars/cluster_hosts.yml
index e807ac004..e807ac004 100644
--- a/playbooks/byo/openshift-cluster/cluster_hosts.yml
+++ b/playbooks/init/vars/cluster_hosts.yml
diff --git a/playbooks/common/openshift-cluster/initialize_openshift_version.yml b/playbooks/init/version.yml
index 37a5284d5..37a5284d5 100644
--- a/playbooks/common/openshift-cluster/initialize_openshift_version.yml
+++ b/playbooks/init/version.yml
diff --git a/playbooks/openshift-checks/README.md b/playbooks/openshift-checks/README.md
new file mode 100644
index 000000000..0b7ea91ff
--- /dev/null
+++ b/playbooks/openshift-checks/README.md
@@ -0,0 +1,104 @@
+# OpenShift health checks
+
+This directory contains Ansible playbooks for detecting potential problems prior
+to an install, as well as health checks to run on existing OpenShift clusters.
+
+Ansible's default operation mode is to fail fast, on the first error. However,
+when performing checks, it is useful to gather as much information about
+problems as possible in a single run.
+
+Thus, the playbooks run a battery of checks against the inventory hosts and
+gather intermediate errors, giving a more complete diagnostic of the state of
+each host. If any check failed, the playbook run will be marked as failed.
+
+To facilitate understanding the problems that were encountered, a custom
+callback plugin summarizes execution errors at the end of a playbook run.
+
+## Available playbooks
+
+1. Pre-install playbook ([pre-install.yml](pre-install.yml)) - verifies system
+ requirements and look for common problems that can prevent a successful
+ installation of a production cluster.
+
+2. Diagnostic playbook ([health.yml](health.yml)) - check an existing cluster
+ for known signs of problems.
+
+3. Certificate expiry playbooks ([certificate_expiry](certificate_expiry)) -
+ check that certificates in use are valid and not expiring soon.
+
+4. Adhoc playbook ([adhoc.yml](adhoc.yml)) - use it to run adhoc checks or to
+ list existing checks.
+ See the [next section](#the-adhoc-playbook) for a usage example.
+
+## Running
+
+With a [recent installation of Ansible](../../../README.md#setup), run the playbook
+against your inventory file. Here is the step-by-step:
+
+1. If you haven't done it yet, clone this repository:
+
+ ```console
+ $ git clone https://github.com/openshift/openshift-ansible
+ $ cd openshift-ansible
+ ```
+
+2. Install the [dependencies](../../../README.md#setup)
+
+3. Run the appropriate playbook:
+
+ ```console
+ $ ansible-playbook -i <inventory file> playbooks/openshift-checks/pre-install.yml
+ ```
+
+ or
+
+ ```console
+ $ ansible-playbook -i <inventory file> playbooks/openshift-checks/health.yml
+ ```
+
+ or
+
+ ```console
+ $ ansible-playbook -i <inventory file> playbooks/openshift-checks/certificate_expiry/default.yaml -v
+ ```
+
+### The adhoc playbook
+
+The adhoc playbook gives flexibility to run any check or a custom group of
+checks. What will be run is determined by the `openshift_checks` variable,
+which, among other ways supported by Ansible, can be set on the command line
+using the `-e` flag.
+
+For example, to run the `docker_storage` check:
+
+```console
+$ ansible-playbook -i <inventory file> playbooks/openshift-checks/adhoc.yml -e openshift_checks=docker_storage
+```
+
+To run more checks, use a comma-separated list of check names:
+
+```console
+$ ansible-playbook -i <inventory file> playbooks/openshift-checks/adhoc.yml -e openshift_checks=docker_storage,disk_availability
+```
+
+To run an entire class of checks, use the name of a check group tag, prefixed by `@`. This will run all checks tagged `preflight`:
+
+```console
+$ ansible-playbook -i <inventory file> playbooks/openshift-checks/adhoc.yml -e openshift_checks=@preflight
+```
+
+It is valid to specify multiple check tags and individual check names together
+in a comma-separated list.
+
+To list all of the available checks and tags, run the adhoc playbook without
+setting the `openshift_checks` variable:
+
+```console
+$ ansible-playbook -i <inventory file> playbooks/openshift-checks/adhoc.yml
+```
+
+## Running in a container
+
+This repository is built into a Docker image including Ansible so that it can
+be run anywhere Docker is available, without the need to manually install dependencies.
+Instructions for doing so may be found [in the README](../../../README_CONTAINER_IMAGE.md).
diff --git a/playbooks/openshift-checks/adhoc.yml b/playbooks/openshift-checks/adhoc.yml
new file mode 100644
index 000000000..414090733
--- /dev/null
+++ b/playbooks/openshift-checks/adhoc.yml
@@ -0,0 +1,25 @@
+---
+# NOTE: ideally this would be just part of a single play in
+# private/adhoc.yml that lists the existing checks when
+# openshift_checks is not set or run the requested checks. However, to actually
+# run the checks we need to have the included dependencies to run first and that
+# takes time. To speed up listing checks, we use this separate play that runs
+# before the include of dependencies to save time and improve the UX.
+- name: OpenShift health checks
+ # NOTE: though the openshift_checks variable could be potentially defined on
+ # individual hosts while not defined for localhost, we do not support that
+ # usage. Running this play only in localhost speeds up execution.
+ hosts: localhost
+ connection: local
+ roles:
+ - openshift_health_checker
+ vars:
+ - r_openshift_health_checker_playbook_context: adhoc
+ pre_tasks:
+ - name: List known health checks
+ action: openshift_health_check
+ when: openshift_checks is undefined or not openshift_checks
+
+- import_playbook: ../init/main.yml
+
+- import_playbook: private/adhoc.yml
diff --git a/playbooks/byo/openshift-checks/certificate_expiry/default.yaml b/playbooks/openshift-checks/certificate_expiry/default.yaml
index 630135cae..630135cae 100644
--- a/playbooks/byo/openshift-checks/certificate_expiry/default.yaml
+++ b/playbooks/openshift-checks/certificate_expiry/default.yaml
diff --git a/playbooks/byo/openshift-checks/certificate_expiry/easy-mode-upload.yaml b/playbooks/openshift-checks/certificate_expiry/easy-mode-upload.yaml
index 378d1f154..378d1f154 100644
--- a/playbooks/byo/openshift-checks/certificate_expiry/easy-mode-upload.yaml
+++ b/playbooks/openshift-checks/certificate_expiry/easy-mode-upload.yaml
diff --git a/playbooks/byo/openshift-checks/certificate_expiry/easy-mode.yaml b/playbooks/openshift-checks/certificate_expiry/easy-mode.yaml
index ae41c7c14..ae41c7c14 100644
--- a/playbooks/byo/openshift-checks/certificate_expiry/easy-mode.yaml
+++ b/playbooks/openshift-checks/certificate_expiry/easy-mode.yaml
diff --git a/playbooks/byo/openshift-checks/certificate_expiry/html_and_json_default_paths.yaml b/playbooks/openshift-checks/certificate_expiry/html_and_json_default_paths.yaml
index d80cb6ff4..d80cb6ff4 100644
--- a/playbooks/byo/openshift-checks/certificate_expiry/html_and_json_default_paths.yaml
+++ b/playbooks/openshift-checks/certificate_expiry/html_and_json_default_paths.yaml
diff --git a/playbooks/byo/openshift-checks/certificate_expiry/html_and_json_timestamp.yaml b/playbooks/openshift-checks/certificate_expiry/html_and_json_timestamp.yaml
index 2189455b7..2189455b7 100644
--- a/playbooks/byo/openshift-checks/certificate_expiry/html_and_json_timestamp.yaml
+++ b/playbooks/openshift-checks/certificate_expiry/html_and_json_timestamp.yaml
diff --git a/playbooks/byo/openshift-checks/certificate_expiry/longer-warning-period-json-results.yaml b/playbooks/openshift-checks/certificate_expiry/longer-warning-period-json-results.yaml
index 87a0f3be4..87a0f3be4 100644
--- a/playbooks/byo/openshift-checks/certificate_expiry/longer-warning-period-json-results.yaml
+++ b/playbooks/openshift-checks/certificate_expiry/longer-warning-period-json-results.yaml
diff --git a/playbooks/byo/openshift-checks/certificate_expiry/longer_warning_period.yaml b/playbooks/openshift-checks/certificate_expiry/longer_warning_period.yaml
index 960457c4b..960457c4b 100644
--- a/playbooks/byo/openshift-checks/certificate_expiry/longer_warning_period.yaml
+++ b/playbooks/openshift-checks/certificate_expiry/longer_warning_period.yaml
diff --git a/playbooks/byo/openshift-checks/roles b/playbooks/openshift-checks/certificate_expiry/roles
index 20c4c58cf..20c4c58cf 120000
--- a/playbooks/byo/openshift-checks/roles
+++ b/playbooks/openshift-checks/certificate_expiry/roles
diff --git a/playbooks/openshift-checks/health.yml b/playbooks/openshift-checks/health.yml
new file mode 100644
index 000000000..caac06626
--- /dev/null
+++ b/playbooks/openshift-checks/health.yml
@@ -0,0 +1,4 @@
+---
+- import_playbook: ../init/main.yml
+
+- import_playbook: private/health.yml
diff --git a/playbooks/openshift-checks/pre-install.yml b/playbooks/openshift-checks/pre-install.yml
new file mode 100644
index 000000000..4511f6e3c
--- /dev/null
+++ b/playbooks/openshift-checks/pre-install.yml
@@ -0,0 +1,4 @@
+---
+- import_playbook: ../init/main.yml
+
+- import_playbook: private/pre-install.yml
diff --git a/playbooks/common/openshift-checks/adhoc.yml b/playbooks/openshift-checks/private/adhoc.yml
index d0deaeb65..d0deaeb65 100644
--- a/playbooks/common/openshift-checks/adhoc.yml
+++ b/playbooks/openshift-checks/private/adhoc.yml
diff --git a/playbooks/common/openshift-checks/health.yml b/playbooks/openshift-checks/private/health.yml
index d0921b9d3..d0921b9d3 100644
--- a/playbooks/common/openshift-checks/health.yml
+++ b/playbooks/openshift-checks/private/health.yml
diff --git a/playbooks/openshift-checks/private/install.yml b/playbooks/openshift-checks/private/install.yml
new file mode 100644
index 000000000..93cf6c359
--- /dev/null
+++ b/playbooks/openshift-checks/private/install.yml
@@ -0,0 +1,51 @@
+---
+- name: Health Check Checkpoint Start
+ hosts: all
+ gather_facts: false
+ tasks:
+ - name: Set Health Check 'In Progress'
+ run_once: true
+ set_stats:
+ data:
+ installer_phase_health:
+ status: "In Progress"
+ start: "{{ lookup('pipe', 'date +%Y%m%d%H%M%SZ') }}"
+
+- name: OpenShift Health Checks
+ hosts: oo_all_hosts
+ any_errors_fatal: true
+ roles:
+ - openshift_health_checker
+ vars:
+ - r_openshift_health_checker_playbook_context: install
+ post_tasks:
+ - name: Run health checks (install) - EL
+ when: ansible_distribution != "Fedora"
+ action: openshift_health_check
+ args:
+ checks:
+ - disk_availability
+ - memory_availability
+ - package_availability
+ - package_version
+ - docker_image_availability
+ - docker_storage
+
+ - name: Run health checks (install) - Fedora
+ when: ansible_distribution == "Fedora"
+ action: openshift_health_check
+ args:
+ checks:
+ - docker_image_availability
+
+- name: Health Check Checkpoint End
+ hosts: all
+ gather_facts: false
+ tasks:
+ - name: Set Health Check 'Complete'
+ run_once: true
+ set_stats:
+ data:
+ installer_phase_health:
+ status: "Complete"
+ end: "{{ lookup('pipe', 'date +%Y%m%d%H%M%SZ') }}"
diff --git a/playbooks/common/openshift-checks/pre-install.yml b/playbooks/openshift-checks/private/pre-install.yml
index 32449d4e4..32449d4e4 100644
--- a/playbooks/common/openshift-checks/pre-install.yml
+++ b/playbooks/openshift-checks/private/pre-install.yml
diff --git a/playbooks/byo/openshift-etcd/roles b/playbooks/openshift-checks/private/roles
index 20c4c58cf..20c4c58cf 120000
--- a/playbooks/byo/openshift-etcd/roles
+++ b/playbooks/openshift-checks/private/roles
diff --git a/playbooks/openshift-checks/roles b/playbooks/openshift-checks/roles
new file mode 120000
index 000000000..b741aa3db
--- /dev/null
+++ b/playbooks/openshift-checks/roles
@@ -0,0 +1 @@
+../../roles \ No newline at end of file
diff --git a/playbooks/openshift-etcd/certificates.yml b/playbooks/openshift-etcd/certificates.yml
new file mode 100644
index 000000000..c06e3b575
--- /dev/null
+++ b/playbooks/openshift-etcd/certificates.yml
@@ -0,0 +1,6 @@
+---
+- import_playbook: ../init/main.yml
+
+- import_playbook: private/ca.yml
+
+- import_playbook: private/certificates.yml
diff --git a/playbooks/openshift-etcd/config.yml b/playbooks/openshift-etcd/config.yml
new file mode 100644
index 000000000..c7814207c
--- /dev/null
+++ b/playbooks/openshift-etcd/config.yml
@@ -0,0 +1,4 @@
+---
+- import_playbook: ../init/main.yml
+
+- import_playbook: private/config.yml
diff --git a/playbooks/openshift-etcd/embedded2external.yml b/playbooks/openshift-etcd/embedded2external.yml
new file mode 100644
index 000000000..7d090fa9b
--- /dev/null
+++ b/playbooks/openshift-etcd/embedded2external.yml
@@ -0,0 +1,4 @@
+---
+- import_playbook: ../init/main.yml
+
+- import_playbook: private/embedded2external.yml
diff --git a/playbooks/openshift-etcd/migrate.yml b/playbooks/openshift-etcd/migrate.yml
new file mode 100644
index 000000000..0340b74a5
--- /dev/null
+++ b/playbooks/openshift-etcd/migrate.yml
@@ -0,0 +1,4 @@
+---
+- import_playbook: ../init/main.yml
+
+- import_playbook: private/migrate.yml
diff --git a/playbooks/openshift-etcd/private/ca.yml b/playbooks/openshift-etcd/private/ca.yml
new file mode 100644
index 000000000..f3bb3c2d1
--- /dev/null
+++ b/playbooks/openshift-etcd/private/ca.yml
@@ -0,0 +1,16 @@
+---
+- name: Generate new etcd CA
+ hosts: oo_first_etcd
+ roles:
+ - role: openshift_clock
+ - role: openshift_etcd_facts
+ tasks:
+ - include_role:
+ name: etcd
+ tasks_from: ca.yml
+ vars:
+ etcd_peers: "{{ groups.oo_etcd_to_config | default([], true) }}"
+ etcd_ca_host: "{{ groups.oo_etcd_to_config.0 }}"
+ etcd_certificates_etcd_hosts: "{{ groups.oo_etcd_to_config | default([], true) }}"
+ when:
+ - etcd_ca_setup | default(True) | bool
diff --git a/playbooks/openshift-etcd/private/certificates-backup.yml b/playbooks/openshift-etcd/private/certificates-backup.yml
new file mode 100644
index 000000000..ce21a1f96
--- /dev/null
+++ b/playbooks/openshift-etcd/private/certificates-backup.yml
@@ -0,0 +1,19 @@
+---
+- name: Backup and remove generated etcd certificates
+ hosts: oo_first_etcd
+ any_errors_fatal: true
+ tasks:
+ - include_role:
+ name: etcd
+ tasks_from: backup_generated_certificates.yml
+ - include_role:
+ name: etcd
+ tasks_from: remove_generated_certificates.yml
+
+- name: Backup deployed etcd certificates
+ hosts: oo_etcd_to_config
+ any_errors_fatal: true
+ tasks:
+ - include_role:
+ name: etcd
+ tasks_from: backup_server_certificates.yml
diff --git a/playbooks/openshift-etcd/private/certificates.yml b/playbooks/openshift-etcd/private/certificates.yml
new file mode 100644
index 000000000..7c45938c1
--- /dev/null
+++ b/playbooks/openshift-etcd/private/certificates.yml
@@ -0,0 +1,4 @@
+---
+- import_playbook: server_certificates.yml
+
+- import_playbook: master_etcd_certificates.yml
diff --git a/playbooks/openshift-etcd/private/config.yml b/playbooks/openshift-etcd/private/config.yml
new file mode 100644
index 000000000..35407969e
--- /dev/null
+++ b/playbooks/openshift-etcd/private/config.yml
@@ -0,0 +1,39 @@
+---
+- name: etcd Install Checkpoint Start
+ hosts: all
+ gather_facts: false
+ tasks:
+ - name: Set etcd install 'In Progress'
+ run_once: true
+ set_stats:
+ data:
+ installer_phase_etcd:
+ status: "In Progress"
+ start: "{{ lookup('pipe', 'date +%Y%m%d%H%M%SZ') }}"
+
+- import_playbook: ca.yml
+
+- import_playbook: certificates.yml
+
+- name: Configure etcd
+ hosts: oo_etcd_to_config
+ any_errors_fatal: true
+ roles:
+ - role: openshift_clock
+ - role: openshift_etcd
+ etcd_peers: "{{ groups.oo_etcd_to_config | default([], true) }}"
+ etcd_ca_host: "{{ groups.oo_etcd_to_config.0 }}"
+ etcd_certificates_etcd_hosts: "{{ groups.oo_etcd_to_config | default([], true) }}"
+ - role: nickhammond.logrotate
+
+- name: etcd Install Checkpoint End
+ hosts: all
+ gather_facts: false
+ tasks:
+ - name: Set etcd install 'Complete'
+ run_once: true
+ set_stats:
+ data:
+ installer_phase_etcd:
+ status: "Complete"
+ end: "{{ lookup('pipe', 'date +%Y%m%d%H%M%SZ') }}"
diff --git a/playbooks/openshift-etcd/private/embedded2external.yml b/playbooks/openshift-etcd/private/embedded2external.yml
new file mode 100644
index 000000000..be177b714
--- /dev/null
+++ b/playbooks/openshift-etcd/private/embedded2external.yml
@@ -0,0 +1,162 @@
+---
+- name: Pre-migrate checks
+ hosts: localhost
+ tasks:
+ # Check there is only one etcd host
+ - assert:
+ that: groups.oo_etcd_to_config | default([]) | length == 1
+ msg: "[etcd] group must contain only one host"
+ # Check there is only one master
+ - assert:
+ that: groups.oo_masters_to_config | default([]) | length == 1
+ msg: "[master] group must contain only one host"
+
+# 1. stop a master
+- name: Prepare masters for etcd data migration
+ hosts: oo_first_master
+ roles:
+ - role: openshift_facts
+ tasks:
+ - name: Check the master API is ready
+ include_role:
+ name: openshift_master
+ tasks_from: check_master_api_is_ready.yml
+ - set_fact:
+ master_service: "{{ openshift_service_type + '-master' }}"
+ embedded_etcd_backup_suffix: "{{ lookup('pipe', 'date +%Y%m%d%H%M%S') }}"
+ - debug:
+ msg: "master service name: {{ master_service }}"
+ - name: Stop master
+ service:
+ name: "{{ master_service }}"
+ state: stopped
+ # 2. backup embedded etcd
+ # Can't use with_items with include_role: https://github.com/ansible/ansible/issues/21285
+ - include_role:
+ name: etcd
+ tasks_from: backup.yml
+ vars:
+ r_etcd_common_backup_tag: pre-migrate
+ r_etcd_common_embedded_etcd: "{{ true }}"
+ r_etcd_common_backup_sufix_name: "{{ embedded_etcd_backup_suffix }}"
+
+ - include_role:
+ name: etcd
+ tasks_from: backup.archive.yml
+ vars:
+ r_etcd_common_backup_tag: pre-migrate
+ r_etcd_common_embedded_etcd: "{{ true }}"
+ r_etcd_common_backup_sufix_name: "{{ embedded_etcd_backup_suffix }}"
+
+# 3. deploy certificates (for etcd and master)
+- import_playbook: ca.yml
+
+- import_playbook: server_certificates.yml
+
+- name: Backup etcd client certificates for master host
+ hosts: oo_first_master
+ tasks:
+ - include_role:
+ name: etcd
+ tasks_from: backup_master_etcd_certificates.yml
+
+- name: Redeploy master etcd certificates
+ import_playbook: master_etcd_certificates.yml
+ vars:
+ etcd_certificates_redeploy: "{{ true }}"
+
+# 4. deploy external etcd
+- import_playbook: config.yml
+
+# 5. stop external etcd
+- name: Cleanse etcd
+ hosts: oo_etcd_to_config[0]
+ gather_facts: no
+ pre_tasks:
+ - include_role:
+ name: etcd
+ tasks_from: disable_etcd.yml
+ - include_role:
+ name: etcd
+ tasks_from: clean_data.yml
+
+# 6. copy the embedded etcd backup to the external host
+# TODO(jchaloup): if the etcd and first master are on the same host, just copy the directory
+- name: Copy embedded etcd backup to the external host
+ hosts: localhost
+ tasks:
+ - name: Create local temp directory for syncing etcd backup
+ local_action: command mktemp -d /tmp/etcd_backup-XXXXXXX
+ register: g_etcd_client_mktemp
+ changed_when: False
+ become: no
+
+ - include_role:
+ name: etcd
+ tasks_from: backup.fetch.yml
+ vars:
+ etcd_backup_sync_directory: "{{ g_etcd_client_mktemp.stdout }}"
+ r_etcd_common_backup_tag: pre-migrate
+ r_etcd_common_embedded_etcd: "{{ true }}"
+ r_etcd_common_backup_sufix_name: "{{ hostvars[groups.oo_first_master.0].embedded_etcd_backup_suffix }}"
+ delegate_to: "{{ groups.oo_first_master[0] }}"
+
+ - include_role:
+ name: etcd
+ tasks_from: backup.copy.yml
+ vars:
+ etcd_backup_sync_directory: "{{ g_etcd_client_mktemp.stdout }}"
+ r_etcd_common_backup_tag: pre-migrate
+ r_etcd_common_backup_sufix_name: "{{ hostvars[groups.oo_first_master.0].embedded_etcd_backup_suffix }}"
+ delegate_to: "{{ groups.oo_etcd_to_config[0] }}"
+
+ - debug:
+ msg: "etcd_backup_dest_directory: {{ g_etcd_client_mktemp.stdout }}"
+
+ - name: Delete temporary directory
+ local_action: file path="{{ g_etcd_client_mktemp.stdout }}" state=absent
+ changed_when: False
+ become: no
+
+# 7. force new cluster from the backup
+- name: Force new etcd cluster
+ hosts: oo_etcd_to_config[0]
+ tasks:
+ - include_role:
+ name: etcd
+ tasks_from: backup.unarchive.yml
+ vars:
+ r_etcd_common_backup_tag: pre-migrate
+ r_etcd_common_backup_sufix_name: "{{ hostvars[groups.oo_first_master.0].embedded_etcd_backup_suffix }}"
+
+ - include_role:
+ name: etcd
+ tasks_from: backup.force_new_cluster.yml
+ vars:
+ r_etcd_common_backup_tag: pre-migrate
+ r_etcd_common_backup_sufix_name: "{{ hostvars[groups.oo_first_master.0].embedded_etcd_backup_suffix }}"
+ etcd_peer: "{{ openshift.common.ip }}"
+ etcd_url_scheme: "https"
+ etcd_peer_url_scheme: "https"
+
+# 8. re-configure master to use the external etcd
+- name: Configure master to use external etcd
+ hosts: oo_first_master
+ tasks:
+ - include_role:
+ name: openshift_master
+ tasks_from: configure_external_etcd.yml
+ vars:
+ etcd_peer_url_scheme: "https"
+ etcd_ip: "{{ hostvars[groups.oo_etcd_to_config.0].openshift.common.ip }}"
+ etcd_peer_port: 2379
+
+ # 9. start the master
+ - name: Start master
+ service:
+ name: "{{ master_service }}"
+ state: started
+ register: service_status
+ until: service_status.state is defined and service_status.state == "started"
+ retries: 5
+ delay: 10
diff --git a/playbooks/openshift-etcd/private/master_etcd_certificates.yml b/playbooks/openshift-etcd/private/master_etcd_certificates.yml
new file mode 100644
index 000000000..d98470db2
--- /dev/null
+++ b/playbooks/openshift-etcd/private/master_etcd_certificates.yml
@@ -0,0 +1,13 @@
+---
+- name: Create etcd client certificates for master hosts
+ hosts: oo_masters_to_config
+ any_errors_fatal: true
+ roles:
+ - role: openshift_etcd_facts
+ - role: openshift_etcd_client_certificates
+ etcd_ca_host: "{{ groups.oo_etcd_to_config.0 }}"
+ etcd_cert_subdir: "openshift-master-{{ openshift.common.hostname }}"
+ etcd_cert_config_dir: "{{ openshift.common.config_base }}/master"
+ etcd_cert_prefix: "master.etcd-"
+ openshift_ca_host: "{{ groups.oo_first_master.0 }}"
+ when: groups.oo_etcd_to_config is defined and groups.oo_etcd_to_config
diff --git a/playbooks/openshift-etcd/private/migrate.yml b/playbooks/openshift-etcd/private/migrate.yml
new file mode 100644
index 000000000..cad0ebcaa
--- /dev/null
+++ b/playbooks/openshift-etcd/private/migrate.yml
@@ -0,0 +1,162 @@
+---
+- name: Check if the master has embedded etcd
+ hosts: localhost
+ connection: local
+ become: no
+ gather_facts: no
+ tags:
+ - always
+ tasks:
+ - fail:
+ msg: "Migration of an embedded etcd is not supported. Please, migrate the embedded etcd into an external etcd first."
+ when:
+ - groups.oo_etcd_to_config | default([]) | length == 0
+
+- name: Run pre-checks
+ hosts: oo_etcd_to_migrate
+ tasks:
+ - include_role:
+ name: etcd
+ tasks_from: migrate.pre_check.yml
+ vars:
+ etcd_peer: "{{ ansible_default_ipv4.address }}"
+
+# TODO: This will be different for release-3.6 branch
+- name: Prepare masters for etcd data migration
+ hosts: oo_masters_to_config
+ tasks:
+ - set_fact:
+ master_services:
+ - "{{ openshift_service_type + '-master-controllers' }}"
+ - "{{ openshift_service_type + '-master-api' }}"
+ - debug:
+ msg: "master service name: {{ master_services }}"
+ - name: Stop masters
+ service:
+ name: "{{ item }}"
+ state: stopped
+ with_items: "{{ master_services }}"
+
+- name: Backup v2 data
+ hosts: oo_etcd_to_migrate
+ gather_facts: no
+ roles:
+ - role: openshift_facts
+ post_tasks:
+ - include_role:
+ name: etcd
+ tasks_from: backup.yml
+ vars:
+ r_etcd_common_backup_tag: pre-migration
+ r_etcd_common_backup_sufix_name: "{{ lookup('pipe', 'date +%Y%m%d%H%M%S') }}"
+
+- name: Gate on etcd backup
+ hosts: localhost
+ connection: local
+ become: no
+ tasks:
+ - set_fact:
+ etcd_backup_completed: "{{ hostvars
+ | lib_utils_oo_select_keys(groups.oo_etcd_to_migrate)
+ | lib_utils_oo_collect('inventory_hostname', {'r_etcd_common_backup_complete': true}) }}"
+ - set_fact:
+ etcd_backup_failed: "{{ groups.oo_etcd_to_migrate | difference(etcd_backup_completed) | list }}"
+ - fail:
+ msg: "Migration cannot continue. The following hosts did not complete etcd backup: {{ etcd_backup_failed | join(',') }}"
+ when:
+ - etcd_backup_failed | length > 0
+
+- name: Stop etcd
+ hosts: oo_etcd_to_migrate
+ gather_facts: no
+ pre_tasks:
+ - include_role:
+ name: etcd
+ tasks_from: disable_etcd.yml
+
+- name: Migrate data on first etcd
+ hosts: oo_etcd_to_migrate[0]
+ gather_facts: no
+ tasks:
+ - include_role:
+ name: etcd
+ tasks_from: migrate.yml
+ vars:
+ etcd_peer: "{{ openshift.common.ip }}"
+ etcd_url_scheme: "https"
+ etcd_peer_url_scheme: "https"
+
+- name: Clean data stores on remaining etcd hosts
+ hosts: oo_etcd_to_migrate[1:]
+ gather_facts: no
+ tasks:
+ - include_role:
+ name: etcd
+ tasks_from: clean_data.yml
+ vars:
+ etcd_peer: "{{ openshift.common.ip }}"
+ etcd_url_scheme: "https"
+ etcd_peer_url_scheme: "https"
+ - name: Add etcd hosts
+ delegate_to: localhost
+ add_host:
+ name: "{{ item }}"
+ groups: oo_new_etcd_to_config
+ ansible_ssh_user: "{{ g_ssh_user | default(omit) }}"
+ ansible_become: "{{ g_sudo | default(omit) }}"
+ with_items: "{{ groups.oo_etcd_to_migrate[1:] | default([]) }}"
+ changed_when: no
+ - name: Set success
+ set_fact:
+ r_etcd_migrate_success: true
+
+- import_playbook: scaleup.yml
+
+- name: Gate on etcd migration
+ hosts: oo_masters_to_config
+ gather_facts: no
+ tasks:
+ - set_fact:
+ etcd_migration_completed: "{{ hostvars
+ | lib_utils_oo_select_keys(groups.oo_etcd_to_migrate)
+ | lib_utils_oo_collect('inventory_hostname', {'r_etcd_migrate_success': true}) }}"
+ - set_fact:
+ etcd_migration_failed: "{{ groups.oo_etcd_to_migrate | difference(etcd_migration_completed) | list }}"
+
+- name: Add TTLs on the first master
+ hosts: oo_first_master[0]
+ tasks:
+ - include_role:
+ name: etcd
+ tasks_from: migrate.add_ttls.yml
+ vars:
+ etcd_peer: "{{ hostvars[groups.oo_etcd_to_migrate.0].openshift.common.ip }}"
+ etcd_url_scheme: "https"
+ etcd_peer_url_scheme: "https"
+ when: etcd_migration_failed | length == 0
+
+- name: Configure masters if etcd data migration is succesfull
+ hosts: oo_masters_to_config
+ tasks:
+ - include_role:
+ name: etcd
+ tasks_from: migrate.configure_master.yml
+ when: etcd_migration_failed | length == 0
+ - debug:
+ msg: "Skipping master re-configuration since migration failed."
+ when:
+ - etcd_migration_failed | length > 0
+ - name: Start master services
+ service:
+ name: "{{ item }}"
+ state: started
+ register: service_status
+ # Sometimes the master-api, resp. master-controllers fails to start for the first time
+ until: service_status.state is defined and service_status.state == "started"
+ retries: 5
+ delay: 10
+ with_items: "{{ master_services[::-1] }}"
+ - fail:
+ msg: "Migration failed. The following hosts were not properly migrated: {{ etcd_migration_failed | join(',') }}"
+ when:
+ - etcd_migration_failed | length > 0
diff --git a/playbooks/openshift-etcd/private/redeploy-ca.yml b/playbooks/openshift-etcd/private/redeploy-ca.yml
new file mode 100644
index 000000000..0995945cc
--- /dev/null
+++ b/playbooks/openshift-etcd/private/redeploy-ca.yml
@@ -0,0 +1,101 @@
+---
+- name: Check cert expirys
+ hosts: oo_etcd_to_config:oo_masters_to_config
+ vars:
+ openshift_certificate_expiry_show_all: yes
+ roles:
+ # Sets 'check_results' per host which contains health status for
+ # etcd, master and node certificates. We will use 'check_results'
+ # to determine if any certificates were expired prior to running
+ # this playbook. Service restarts will be skipped if any
+ # certificates were previously expired.
+ - role: openshift_certificate_expiry
+
+- name: Backup existing etcd CA certificate directories
+ hosts: oo_etcd_to_config
+ tasks:
+ - include_role:
+ name: etcd
+ tasks_from: backup_ca_certificates.yml
+ - include_role:
+ name: etcd
+ tasks_from: remove_ca_certificates.yml
+
+- import_playbook: ca.yml
+
+- name: Create temp directory for syncing certs
+ hosts: localhost
+ connection: local
+ become: no
+ gather_facts: no
+ tasks:
+ - name: Create local temp directory for syncing certs
+ local_action: command mktemp -d /tmp/openshift-ansible-XXXXXXX
+ register: g_etcd_mktemp
+ changed_when: false
+
+- name: Distribute etcd CA to etcd hosts
+ hosts: oo_etcd_to_config
+ tasks:
+ - include_role:
+ name: etcd
+ tasks_from: distribute_ca.yml
+ vars:
+ etcd_sync_cert_dir: "{{ hostvars['localhost'].g_etcd_mktemp.stdout }}"
+ etcd_ca_host: "{{ groups.oo_etcd_to_config.0 }}"
+
+- import_playbook: restart.yml
+ # Do not restart etcd when etcd certificates were previously expired.
+ when: ('expired' not in (hostvars
+ | lib_utils_oo_select_keys(groups['etcd'])
+ | lib_utils_oo_collect('check_results.check_results.etcd')
+ | lib_utils_oo_collect('health')))
+
+- name: Retrieve etcd CA certificate
+ hosts: oo_first_etcd
+ tasks:
+ - include_role:
+ name: etcd
+ tasks_from: retrieve_ca_certificates.yml
+ vars:
+ etcd_sync_cert_dir: "{{ hostvars['localhost'].g_etcd_mktemp.stdout }}"
+
+- name: Distribute etcd CA to masters
+ hosts: oo_masters_to_config
+ vars:
+ openshift_ca_host: "{{ groups.oo_first_master.0 }}"
+ tasks:
+ - name: Deploy etcd CA
+ copy:
+ src: "{{ hostvars['localhost'].g_etcd_mktemp.stdout }}/ca.crt"
+ dest: "{{ openshift.common.config_base }}/master/master.etcd-ca.crt"
+ when: groups.oo_etcd_to_config | default([]) | length > 0
+
+- name: Delete temporary directory on localhost
+ hosts: localhost
+ connection: local
+ become: no
+ gather_facts: no
+ tasks:
+ - file:
+ name: "{{ g_etcd_mktemp.stdout }}"
+ state: absent
+ changed_when: false
+
+- import_playbook: ../../openshift-master/private/restart.yml
+ # Do not restart masters when master or etcd certificates were previously expired.
+ when:
+ # masters
+ - ('expired' not in hostvars
+ | lib_utils_oo_select_keys(groups['oo_masters_to_config'])
+ | lib_utils_oo_collect('check_results.check_results.ocp_certs')
+ | lib_utils_oo_collect('health', {'path':hostvars[groups.oo_first_master.0].openshift.common.config_base ~ "/master/master.server.crt"}))
+ - ('expired' not in hostvars
+ | lib_utils_oo_select_keys(groups['oo_masters_to_config'])
+ | lib_utils_oo_collect('check_results.check_results.ocp_certs')
+ | lib_utils_oo_collect('health', {'path':hostvars[groups.oo_first_master.0].openshift.common.config_base ~ "/master/ca-bundle.crt"}))
+ # etcd
+ - ('expired' not in (hostvars
+ | lib_utils_oo_select_keys(groups['etcd'])
+ | lib_utils_oo_collect('check_results.check_results.etcd')
+ | lib_utils_oo_collect('health')))
diff --git a/playbooks/openshift-etcd/private/redeploy-certificates.yml b/playbooks/openshift-etcd/private/redeploy-certificates.yml
new file mode 100644
index 000000000..1c8eb27ac
--- /dev/null
+++ b/playbooks/openshift-etcd/private/redeploy-certificates.yml
@@ -0,0 +1,18 @@
+---
+- name: Check cert expirys
+ hosts: oo_etcd_to_config
+ vars:
+ openshift_certificate_expiry_show_all: yes
+ roles:
+ # Sets 'check_results' per host which contains health status for
+ # etcd, master and node certificates. We will use 'check_results'
+ # to determine if any certificates were expired prior to running
+ # this playbook. Service restarts will be skipped if any
+ # certificates were previously expired.
+ - role: openshift_certificate_expiry
+
+- import_playbook: certificates-backup.yml
+
+- import_playbook: certificates.yml
+ vars:
+ etcd_certificates_redeploy: true
diff --git a/playbooks/openshift-etcd/private/restart.yml b/playbooks/openshift-etcd/private/restart.yml
new file mode 100644
index 000000000..0751480e2
--- /dev/null
+++ b/playbooks/openshift-etcd/private/restart.yml
@@ -0,0 +1,19 @@
+---
+- name: Restart etcd
+ hosts: oo_etcd_to_config
+ serial: 1
+ tasks:
+ - include_role:
+ name: etcd
+ tasks_from: restart.yml
+ when:
+ - not g_etcd_certificates_expired | default(false) | bool
+
+- name: Restart etcd
+ hosts: oo_etcd_to_config
+ tasks:
+ - include_role:
+ name: etcd
+ tasks_from: restart.yml
+ when:
+ - g_etcd_certificates_expired | default(false) | bool
diff --git a/playbooks/byo/openshift-glusterfs/roles b/playbooks/openshift-etcd/private/roles
index 20c4c58cf..20c4c58cf 120000
--- a/playbooks/byo/openshift-glusterfs/roles
+++ b/playbooks/openshift-etcd/private/roles
diff --git a/playbooks/openshift-etcd/private/scaleup.yml b/playbooks/openshift-etcd/private/scaleup.yml
new file mode 100644
index 000000000..dc667958f
--- /dev/null
+++ b/playbooks/openshift-etcd/private/scaleup.yml
@@ -0,0 +1,81 @@
+---
+- name: Gather facts
+ hosts: oo_etcd_to_config:oo_new_etcd_to_config
+ roles:
+ - openshift_etcd_facts
+ post_tasks:
+ - set_fact:
+ etcd_hostname: "{{ etcd_hostname }}"
+ etcd_ip: "{{ etcd_ip }}"
+
+- name: Configure etcd
+ hosts: oo_new_etcd_to_config
+ serial: 1
+ any_errors_fatal: true
+ vars:
+ etcd_ca_host: "{{ groups.oo_etcd_to_config.0 }}"
+ pre_tasks:
+ - name: Add new etcd members to cluster
+ command: >
+ /usr/bin/etcdctl --cert-file {{ etcd_peer_cert_file }}
+ --key-file {{ etcd_peer_key_file }}
+ --ca-file {{ etcd_peer_ca_file }}
+ -C {{ etcd_peer_url_scheme }}://{{ hostvars[etcd_ca_host].etcd_ip }}:{{ etcd_client_port }}
+ member add {{ etcd_hostname }} {{ etcd_peer_url_scheme }}://{{ etcd_ip }}:{{ etcd_peer_port }}
+ delegate_to: "{{ etcd_ca_host }}"
+ failed_when:
+ - etcd_add_check.rc == 1
+ - ("peerURL exists" not in etcd_add_check.stderr)
+ register: etcd_add_check
+ retries: 3
+ delay: 10
+ until: etcd_add_check.rc == 0
+ - include_role:
+ name: etcd
+ tasks_from: server_certificates.yml
+ vars:
+ etcd_peers: "{{ groups.oo_new_etcd_to_config | default([], true) }}"
+ etcd_certificates_etcd_hosts: "{{ groups.oo_new_etcd_to_config | default([], true) }}"
+ roles:
+ - role: os_firewall
+ when: etcd_add_check.rc == 0
+ - role: openshift_etcd
+ when: etcd_add_check.rc == 0
+ etcd_peers: "{{ groups.oo_etcd_to_config | union(groups.oo_new_etcd_to_config)| default([], true) }}"
+ etcd_ca_host: "{{ groups.oo_etcd_to_config.0 }}"
+ etcd_certificates_etcd_hosts: "{{ groups.oo_etcd_to_config | default([], true) }}"
+ etcd_initial_cluster_state: "existing"
+ etcd_initial_cluster: "{{ etcd_add_check.stdout_lines[3] | regex_replace('ETCD_INITIAL_CLUSTER=','') | regex_replace('\"','') }}"
+ etcd_ca_setup: False
+ - role: nickhammond.logrotate
+ when: etcd_add_check.rc == 0
+ post_tasks:
+ - name: Verify cluster is stable
+ command: >
+ /usr/bin/etcdctl --cert-file {{ etcd_peer_cert_file }}
+ --key-file {{ etcd_peer_key_file }}
+ --ca-file {{ etcd_peer_ca_file }}
+ -C {{ etcd_peer_url_scheme }}://{{ hostvars[etcd_ca_host].etcd_hostname }}:{{ etcd_client_port }}
+ cluster-health
+ register: scaleup_health
+ retries: 3
+ delay: 30
+ until: scaleup_health.rc == 0
+
+- name: Update master etcd client urls
+ hosts: oo_masters_to_config
+ serial: 1
+ vars:
+ etcd_ca_host: "{{ groups.oo_etcd_to_config.0 }}"
+ openshift_ca_host: "{{ groups.oo_first_master.0 }}"
+ openshift_master_etcd_hosts: "{{ hostvars
+ | lib_utils_oo_select_keys(groups['oo_etcd_to_config'] | union(groups['oo_new_etcd_to_config'] | default([]) ))
+ | lib_utils_oo_collect('openshift.common.hostname')
+ | default(none, true) }}"
+ openshift_master_etcd_port: "{{ (etcd_client_port | default('2379')) if (groups.oo_etcd_to_config is defined and groups.oo_etcd_to_config) else none }}"
+ roles:
+ - role: openshift_master_facts
+ post_tasks:
+ - include_role:
+ name: openshift_master
+ tasks_from: update_etcd_client_urls.yml
diff --git a/playbooks/openshift-etcd/private/server_certificates.yml b/playbooks/openshift-etcd/private/server_certificates.yml
new file mode 100644
index 000000000..695b53990
--- /dev/null
+++ b/playbooks/openshift-etcd/private/server_certificates.yml
@@ -0,0 +1,14 @@
+---
+- name: Create etcd server certificates for etcd hosts
+ hosts: oo_etcd_to_config
+ any_errors_fatal: true
+ roles:
+ - role: openshift_etcd_facts
+ post_tasks:
+ - include_role:
+ name: etcd
+ tasks_from: server_certificates.yml
+ vars:
+ etcd_ca_host: "{{ groups.oo_etcd_to_config.0 }}"
+ etcd_peers: "{{ groups.oo_etcd_to_config | default([], true) }}"
+ etcd_certificates_etcd_hosts: "{{ groups.oo_etcd_to_config | default([], true) }}"
diff --git a/playbooks/openshift-etcd/private/upgrade_backup.yml b/playbooks/openshift-etcd/private/upgrade_backup.yml
new file mode 100644
index 000000000..0d8943d93
--- /dev/null
+++ b/playbooks/openshift-etcd/private/upgrade_backup.yml
@@ -0,0 +1,27 @@
+---
+- name: Backup etcd
+ hosts: oo_etcd_hosts_to_backup
+ roles:
+ - role: openshift_etcd_facts
+ post_tasks:
+ - include_role:
+ name: etcd
+ tasks_from: backup.yml
+ vars:
+ r_etcd_common_backup_tag: "{{ etcd_backup_tag }}"
+ r_etcd_common_backup_sufix_name: "{{ lookup('pipe', 'date +%Y%m%d%H%M%S') }}"
+
+- name: Gate on etcd backup
+ hosts: localhost
+ connection: local
+ become: no
+ tasks:
+ - set_fact:
+ etcd_backup_completed: "{{ hostvars
+ | lib_utils_oo_select_keys(groups.oo_etcd_hosts_to_backup)
+ | lib_utils_oo_collect('inventory_hostname', {'r_etcd_common_backup_complete': true}) }}"
+ - set_fact:
+ etcd_backup_failed: "{{ groups.oo_etcd_hosts_to_backup | difference(etcd_backup_completed) | list }}"
+ - fail:
+ msg: "Upgrade cannot continue. The following hosts did not complete etcd backup: {{ etcd_backup_failed | join(',') }}"
+ when: etcd_backup_failed | length > 0
diff --git a/playbooks/openshift-etcd/private/upgrade_image_members.yml b/playbooks/openshift-etcd/private/upgrade_image_members.yml
new file mode 100644
index 000000000..339fc6b74
--- /dev/null
+++ b/playbooks/openshift-etcd/private/upgrade_image_members.yml
@@ -0,0 +1,17 @@
+---
+# INPUT etcd_upgrade_version
+# INPUT etcd_container_version
+# INPUT openshift.common.is_containerized
+- name: Upgrade containerized hosts to {{ etcd_upgrade_version }}
+ hosts: oo_etcd_hosts_to_upgrade
+ serial: 1
+ tasks:
+ - include_role:
+ name: etcd
+ tasks_from: upgrade_image.yml
+ vars:
+ r_etcd_upgrade_version: "{{ etcd_upgrade_version }}"
+ etcd_peer: "{{ openshift.common.hostname }}"
+ when:
+ - etcd_container_version | default('99') is version_compare(etcd_upgrade_version,'<')
+ - openshift.common.is_containerized | bool
diff --git a/playbooks/openshift-etcd/private/upgrade_main.yml b/playbooks/openshift-etcd/private/upgrade_main.yml
new file mode 100644
index 000000000..e373a4a4c
--- /dev/null
+++ b/playbooks/openshift-etcd/private/upgrade_main.yml
@@ -0,0 +1,29 @@
+---
+# For 1.4/3.4 we want to upgrade everyone to etcd-3.0. etcd docs say to
+# upgrade from 2.0.x to 2.1.x to 2.2.x to 2.3.x to 3.0.x. While this is a tedius
+# task for RHEL and CENTOS it's simply not possible in Fedora unless you've
+# mirrored packages on your own because only the GA and latest versions are
+# available in the repos. So for Fedora we'll simply skip this, sorry.
+
+- name: Backup etcd before upgrading anything
+ import_playbook: upgrade_backup.yml
+ vars:
+ etcd_backup_tag: "pre-upgrade-"
+ when: openshift_etcd_backup | default(true) | bool
+
+- name: Drop etcdctl profiles
+ hosts: oo_etcd_hosts_to_upgrade
+ tasks:
+ - include_role:
+ name: etcd
+ tasks_from: drop_etcdctl.yml
+
+- name: Perform etcd upgrade
+ import_playbook: upgrade_step.yml
+ when: openshift_etcd_upgrade | default(true) | bool
+
+- name: Backup etcd
+ import_playbook: upgrade_backup.yml
+ vars:
+ etcd_backup_tag: "post-3.0-"
+ when: openshift_etcd_backup | default(true) | bool
diff --git a/playbooks/openshift-etcd/private/upgrade_rpm_members.yml b/playbooks/openshift-etcd/private/upgrade_rpm_members.yml
new file mode 100644
index 000000000..327a35b09
--- /dev/null
+++ b/playbooks/openshift-etcd/private/upgrade_rpm_members.yml
@@ -0,0 +1,18 @@
+---
+# INPUT etcd_upgrade_version
+# INPUT etcd_rpm_version
+# INPUT openshift.common.is_containerized
+- name: Upgrade to {{ etcd_upgrade_version }}
+ hosts: oo_etcd_hosts_to_upgrade
+ serial: 1
+ tasks:
+ - include_role:
+ name: etcd
+ tasks_from: upgrade_rpm.yml
+ vars:
+ r_etcd_upgrade_version: "{{ etcd_upgrade_version }}"
+ etcd_peer: "{{ openshift.common.hostname }}"
+ when:
+ - etcd_rpm_version.stdout | default('99') is version_compare(etcd_upgrade_version, '<')
+ - ansible_distribution == 'RedHat'
+ - not openshift.common.is_containerized | bool
diff --git a/playbooks/openshift-etcd/private/upgrade_step.yml b/playbooks/openshift-etcd/private/upgrade_step.yml
new file mode 100644
index 000000000..60127fc68
--- /dev/null
+++ b/playbooks/openshift-etcd/private/upgrade_step.yml
@@ -0,0 +1,64 @@
+---
+- name: Determine etcd version
+ hosts: oo_etcd_hosts_to_upgrade
+ tasks:
+ - include_role:
+ name: etcd
+ tasks_from: version_detect.yml
+
+- import_playbook: upgrade_rpm_members.yml
+ vars:
+ etcd_upgrade_version: '2.1'
+
+- import_playbook: upgrade_rpm_members.yml
+ vars:
+ etcd_upgrade_version: '2.2'
+
+- import_playbook: upgrade_image_members.yml
+ vars:
+ etcd_upgrade_version: '2.2.5'
+
+- import_playbook: upgrade_rpm_members.yml
+ vars:
+ etcd_upgrade_version: '2.3'
+
+- import_playbook: upgrade_image_members.yml
+ vars:
+ etcd_upgrade_version: '2.3.7'
+
+- import_playbook: upgrade_rpm_members.yml
+ vars:
+ etcd_upgrade_version: '3.0'
+
+- import_playbook: upgrade_image_members.yml
+ vars:
+ etcd_upgrade_version: '3.0.15'
+
+- import_playbook: upgrade_rpm_members.yml
+ vars:
+ etcd_upgrade_version: '3.1'
+
+- import_playbook: upgrade_image_members.yml
+ vars:
+ etcd_upgrade_version: '3.1.3'
+
+- import_playbook: upgrade_rpm_members.yml
+ vars:
+ etcd_upgrade_version: '3.2'
+
+- import_playbook: upgrade_image_members.yml
+ vars:
+ etcd_upgrade_version: '3.2.7'
+
+- name: Upgrade fedora to latest
+ hosts: oo_etcd_hosts_to_upgrade
+ serial: 1
+ tasks:
+ - include_role:
+ name: etcd
+ tasks_from: upgrade_image.yml
+ vars:
+ etcd_peer: "{{ openshift.common.hostname }}"
+ when:
+ - ansible_distribution == 'Fedora'
+ - not openshift.common.is_containerized | bool
diff --git a/playbooks/openshift-etcd/redeploy-ca.yml b/playbooks/openshift-etcd/redeploy-ca.yml
new file mode 100644
index 000000000..769d694ba
--- /dev/null
+++ b/playbooks/openshift-etcd/redeploy-ca.yml
@@ -0,0 +1,4 @@
+---
+- import_playbook: ../init/main.yml
+
+- import_playbook: private/redeploy-ca.yml
diff --git a/playbooks/openshift-etcd/redeploy-certificates.yml b/playbooks/openshift-etcd/redeploy-certificates.yml
new file mode 100644
index 000000000..8ea1994f7
--- /dev/null
+++ b/playbooks/openshift-etcd/redeploy-certificates.yml
@@ -0,0 +1,10 @@
+---
+- import_playbook: ../init/main.yml
+
+- import_playbook: private/redeploy-certificates.yml
+
+- import_playbook: private/restart.yml
+ vars:
+ g_etcd_certificates_expired: "{{ ('expired' in (hostvars | lib_utils_oo_select_keys(groups['etcd']) | lib_utils_oo_collect('check_results.check_results.etcd') | lib_utils_oo_collect('health'))) | bool }}"
+
+- import_playbook: ../openshift-master/private/restart.yml
diff --git a/playbooks/openshift-etcd/restart.yml b/playbooks/openshift-etcd/restart.yml
new file mode 100644
index 000000000..041c1384d
--- /dev/null
+++ b/playbooks/openshift-etcd/restart.yml
@@ -0,0 +1,4 @@
+---
+- import_playbook: ../init/main.yml
+
+- import_playbook: private/restart.yml
diff --git a/playbooks/openshift-etcd/scaleup.yml b/playbooks/openshift-etcd/scaleup.yml
new file mode 100644
index 000000000..7e9ab6834
--- /dev/null
+++ b/playbooks/openshift-etcd/scaleup.yml
@@ -0,0 +1,4 @@
+---
+- import_playbook: ../init/main.yml
+
+- import_playbook: private/scaleup.yml
diff --git a/playbooks/openshift-etcd/upgrade.yml b/playbooks/openshift-etcd/upgrade.yml
new file mode 100644
index 000000000..ccc797527
--- /dev/null
+++ b/playbooks/openshift-etcd/upgrade.yml
@@ -0,0 +1,4 @@
+---
+- import_playbook: ../init/evaluate_groups.yml
+
+- import_playbook: private/upgrade_main.yml
diff --git a/playbooks/openshift-glusterfs/README.md b/playbooks/openshift-glusterfs/README.md
new file mode 100644
index 000000000..107bbfff6
--- /dev/null
+++ b/playbooks/openshift-glusterfs/README.md
@@ -0,0 +1,101 @@
+# OpenShift GlusterFS Playbooks
+
+These playbooks are intended to enable the use of GlusterFS volumes by pods in
+OpenShift. While they try to provide a sane set of defaults they do cover a
+variety of scenarios and configurations, so read carefully. :)
+
+## Playbook: config.yml
+
+This is the main playbook that integrates GlusterFS into a new or existing
+OpenShift cluster. It will also, if specified, configure a hosted Docker
+registry with GlusterFS backend storage.
+
+This playbook requires the `glusterfs` group to exist in the Ansible inventory
+file. The hosts in this group are the nodes of the GlusterFS cluster.
+
+ * If this is a newly configured cluster each host must have a
+ `glusterfs_devices` variable defined, each of which must be a list of block
+ storage devices intended for use only by the GlusterFS cluster. If this is
+ also an external GlusterFS cluster, you must specify
+ `openshift_storage_glusterfs_is_native=False`. If the cluster is to be
+ managed by an external heketi service you must also specify
+ `openshift_storage_glusterfs_heketi_is_native=False` and
+ `openshift_storage_glusterfs_heketi_url=<URL>` with the URL to the heketi
+ service. All these variables are specified in `[OSEv3:vars]`,
+ * If this is an existing cluster you do not need to specify a list of block
+ devices but you must specify the following variables in `[OSEv3:vars]`:
+ * `openshift_storage_glusterfs_is_missing=False`
+ * `openshift_storage_glusterfs_heketi_is_missing=False`
+ * If GlusterFS will be running natively, the target hosts must also be listed
+ in the `nodes` group. They must also already be configured as OpenShift
+ nodes before this playbook runs.
+
+By default, pods for a native GlusterFS cluster will be created in the
+`default` namespace. To change this, specify
+`openshift_storage_glusterfs_namespace=<other namespace>` in `[OSEv3:vars]`.
+
+To configure the deployment of a Docker registry with GlusterFS backend
+storage, specify `openshift_hosted_registry_storage_kind=glusterfs` in
+`[OSEv3:vars]`. To create a separate GlusterFS cluster for use only by the
+registry, specify a `glusterfs_registry` group that is populated as the
+`glusterfs` is with the nodes for the separate cluster. If no
+`glusterfs_registry` group is specified, the cluster defined by the `glusterfs`
+group will be used.
+
+To swap an existing hosted registry's backend storage for a GlusterFS volume,
+specify `openshift_hosted_registry_storage_glusterfs_swap=True`. To
+additoinally copy any existing contents from an existing hosted registry,
+specify `openshift_hosted_registry_storage_glusterfs_swapcopy=True`.
+
+**NOTE:** For each namespace that is to have access to GlusterFS volumes an
+Enpoints resource pointing to the GlusterFS cluster nodes and a corresponding
+Service resource must be created. If dynamic provisioning using StorageClasses
+is configure, these resources are created automatically in the namespaces that
+require them. This playbook also takes care of creating these resources in the
+namespaces used for deployment.
+
+An example of a minimal inventory file:
+```
+[OSEv3:children]
+masters
+nodes
+glusterfs
+
+[OSEv3:vars]
+ansible_ssh_user=root
+deployment_type=origin
+
+[masters]
+master
+
+[nodes]
+node0
+node1
+node2
+
+[glusterfs]
+node0 glusterfs_devices='[ "/dev/sdb" ]'
+node1 glusterfs_devices='[ "/dev/sdb", "/dev/sdc" ]'
+node2 glusterfs_devices='[ "/dev/sdd" ]'
+```
+
+## Playbook: registry.yml
+
+This playbook is intended for admins who want to deploy a hosted Docker
+registry with GlusterFS backend storage on an existing OpenShift cluster. It
+has all the same requirements and behaviors as `config.yml`.
+
+## Role: openshift_storage_glusterfs
+
+The bulk of the work is done by the `openshift_storage_glusterfs` role. This
+role can handle the deployment of GlusterFS (if it is to be hosted on the
+OpenShift cluster), the registration of GlusterFS nodes (hosted or standalone),
+and (if specified) integration as backend storage for a hosted Docker registry.
+
+See the documentation in the role's directory for further details.
+
+## Role: openshift_hosted
+
+The `openshift_hosted` role recognizes `glusterfs` as a possible storage
+backend for a hosted docker registry. It will also, if configured, handle the
+swap of an existing registry's backend storage to a GlusterFS volume.
diff --git a/playbooks/openshift-glusterfs/config.yml b/playbooks/openshift-glusterfs/config.yml
new file mode 100644
index 000000000..c7814207c
--- /dev/null
+++ b/playbooks/openshift-glusterfs/config.yml
@@ -0,0 +1,4 @@
+---
+- import_playbook: ../init/main.yml
+
+- import_playbook: private/config.yml
diff --git a/playbooks/openshift-glusterfs/private/config.yml b/playbooks/openshift-glusterfs/private/config.yml
new file mode 100644
index 000000000..19e14ab3e
--- /dev/null
+++ b/playbooks/openshift-glusterfs/private/config.yml
@@ -0,0 +1,60 @@
+---
+- name: GlusterFS Install Checkpoint Start
+ hosts: all
+ gather_facts: false
+ tasks:
+ - name: Set GlusterFS install 'In Progress'
+ run_once: true
+ set_stats:
+ data:
+ installer_phase_glusterfs:
+ status: "In Progress"
+ start: "{{ lookup('pipe', 'date +%Y%m%d%H%M%SZ') }}"
+
+- name: Open firewall ports for GlusterFS nodes
+ hosts: glusterfs
+ tasks:
+ - include_role:
+ name: openshift_storage_glusterfs
+ tasks_from: firewall.yml
+ when:
+ - openshift_storage_glusterfs_is_native | default(True) | bool
+ - include_role:
+ name: openshift_storage_glusterfs
+ tasks_from: kernel_modules.yml
+ when:
+ - openshift_storage_glusterfs_is_native | default(True) | bool
+
+- name: Open firewall ports for GlusterFS registry nodes
+ hosts: glusterfs_registry
+ tasks:
+ - include_role:
+ name: openshift_storage_glusterfs
+ tasks_from: firewall.yml
+ when:
+ - openshift_storage_glusterfs_registry_is_native | default(True) | bool
+ - include_role:
+ name: openshift_storage_glusterfs
+ tasks_from: kernel_modules.yml
+ when:
+ - openshift_storage_glusterfs_registry_is_native | default(True) | bool
+
+- name: Configure GlusterFS
+ hosts: oo_first_master
+ tasks:
+ - name: setup glusterfs
+ include_role:
+ name: openshift_storage_glusterfs
+ when: groups.oo_glusterfs_to_config | default([]) | count > 0
+
+- name: GlusterFS Install Checkpoint End
+ hosts: all
+ gather_facts: false
+ tasks:
+ - name: Set GlusterFS install 'Complete'
+ run_once: true
+ set_stats:
+ data:
+ installer_phase_glusterfs:
+ status: "Complete"
+ end: "{{ lookup('pipe', 'date +%Y%m%d%H%M%SZ') }}"
diff --git a/playbooks/openshift-glusterfs/private/registry.yml b/playbooks/openshift-glusterfs/private/registry.yml
new file mode 100644
index 000000000..917b729f9
--- /dev/null
+++ b/playbooks/openshift-glusterfs/private/registry.yml
@@ -0,0 +1,20 @@
+---
+- import_playbook: config.yml
+
+- name: Create persistent volumes
+ hosts: oo_first_master
+ roles:
+ - role: openshift_persistent_volumes
+ when: openshift_hosted_registry_storage_glusterfs_swap | default(False)
+
+- name: Create Hosted Resources
+ hosts: oo_first_master
+ tags:
+ - hosted
+ pre_tasks:
+ - set_fact:
+ openshift_hosted_router_registryurl: "{{ hostvars[groups.oo_first_master.0].openshift.master.registry_url }}"
+ openshift_hosted_registry_registryurl: "{{ hostvars[groups.oo_first_master.0].openshift.master.registry_url }}"
+ when: "'master' in hostvars[groups.oo_first_master.0].openshift and 'registry_url' in hostvars[groups.oo_first_master.0].openshift.master"
+ roles:
+ - role: openshift_hosted
diff --git a/playbooks/common/openshift-etcd/roles b/playbooks/openshift-glusterfs/private/roles
index e2b799b9d..e2b799b9d 120000
--- a/playbooks/common/openshift-etcd/roles
+++ b/playbooks/openshift-glusterfs/private/roles
diff --git a/playbooks/openshift-glusterfs/registry.yml b/playbooks/openshift-glusterfs/registry.yml
new file mode 100644
index 000000000..5e3b18536
--- /dev/null
+++ b/playbooks/openshift-glusterfs/registry.yml
@@ -0,0 +1,4 @@
+---
+- import_playbook: ../init/main.yml
+
+- import_playbook: private/registry.yml
diff --git a/playbooks/openshift-hosted/config.yml b/playbooks/openshift-hosted/config.yml
new file mode 100644
index 000000000..c7814207c
--- /dev/null
+++ b/playbooks/openshift-hosted/config.yml
@@ -0,0 +1,4 @@
+---
+- import_playbook: ../init/main.yml
+
+- import_playbook: private/config.yml
diff --git a/playbooks/openshift-hosted/private/cockpit-ui.yml b/playbooks/openshift-hosted/private/cockpit-ui.yml
new file mode 100644
index 000000000..d6529425b
--- /dev/null
+++ b/playbooks/openshift-hosted/private/cockpit-ui.yml
@@ -0,0 +1,8 @@
+---
+- name: Create Hosted Resources - cockpit-ui
+ hosts: oo_first_master
+ roles:
+ - role: cockpit-ui
+ when:
+ - openshift_hosted_manage_registry | default(true) | bool
+ - not (openshift_docker_hosted_registry_insecure | default(false)) | bool
diff --git a/playbooks/openshift-hosted/private/config.yml b/playbooks/openshift-hosted/private/config.yml
new file mode 100644
index 000000000..036fe654d
--- /dev/null
+++ b/playbooks/openshift-hosted/private/config.yml
@@ -0,0 +1,41 @@
+---
+- name: Hosted Install Checkpoint Start
+ hosts: all
+ gather_facts: false
+ tasks:
+ - name: Set Hosted install 'In Progress'
+ run_once: true
+ set_stats:
+ data:
+ installer_phase_hosted:
+ status: "In Progress"
+ start: "{{ lookup('pipe', 'date +%Y%m%d%H%M%SZ') }}"
+
+- import_playbook: create_persistent_volumes.yml
+
+- import_playbook: openshift_default_storage_class.yml
+
+- import_playbook: openshift_hosted_create_projects.yml
+
+- import_playbook: openshift_hosted_router.yml
+
+- import_playbook: openshift_hosted_registry.yml
+
+- import_playbook: cockpit-ui.yml
+
+- import_playbook: install_docker_gc.yml
+ when:
+ - openshift_use_crio | default(False) | bool
+ - openshift_crio_enable_docker_gc | default(False) | bool
+
+- name: Hosted Install Checkpoint End
+ hosts: all
+ gather_facts: false
+ tasks:
+ - name: Set Hosted install 'Complete'
+ run_once: true
+ set_stats:
+ data:
+ installer_phase_hosted:
+ status: "Complete"
+ end: "{{ lookup('pipe', 'date +%Y%m%d%H%M%SZ') }}"
diff --git a/playbooks/openshift-hosted/private/create_persistent_volumes.yml b/playbooks/openshift-hosted/private/create_persistent_volumes.yml
new file mode 100644
index 000000000..41ae2eb69
--- /dev/null
+++ b/playbooks/openshift-hosted/private/create_persistent_volumes.yml
@@ -0,0 +1,5 @@
+---
+- name: Create Hosted Resources - persistent volumes
+ hosts: oo_first_master
+ roles:
+ - role: openshift_persistent_volumes
diff --git a/playbooks/common/openshift-cluster/install_docker_gc.yml b/playbooks/openshift-hosted/private/install_docker_gc.yml
index 1e3dfee07..1e3dfee07 100644
--- a/playbooks/common/openshift-cluster/install_docker_gc.yml
+++ b/playbooks/openshift-hosted/private/install_docker_gc.yml
diff --git a/playbooks/common/openshift-cluster/openshift_default_storage_class.yml b/playbooks/openshift-hosted/private/openshift_default_storage_class.yml
index 62fe0dd60..62fe0dd60 100644
--- a/playbooks/common/openshift-cluster/openshift_default_storage_class.yml
+++ b/playbooks/openshift-hosted/private/openshift_default_storage_class.yml
diff --git a/playbooks/common/openshift-cluster/openshift_hosted_create_projects.yml b/playbooks/openshift-hosted/private/openshift_hosted_create_projects.yml
index d5ca5185c..d5ca5185c 100644
--- a/playbooks/common/openshift-cluster/openshift_hosted_create_projects.yml
+++ b/playbooks/openshift-hosted/private/openshift_hosted_create_projects.yml
diff --git a/playbooks/common/openshift-cluster/openshift_hosted_registry.yml b/playbooks/openshift-hosted/private/openshift_hosted_registry.yml
index 2a91a827c..2a91a827c 100644
--- a/playbooks/common/openshift-cluster/openshift_hosted_registry.yml
+++ b/playbooks/openshift-hosted/private/openshift_hosted_registry.yml
diff --git a/playbooks/common/openshift-cluster/openshift_hosted_router.yml b/playbooks/openshift-hosted/private/openshift_hosted_router.yml
index bcb5a34a4..bcb5a34a4 100644
--- a/playbooks/common/openshift-cluster/openshift_hosted_router.yml
+++ b/playbooks/openshift-hosted/private/openshift_hosted_router.yml
diff --git a/playbooks/openshift-hosted/private/redeploy-registry-certificates.yml b/playbooks/openshift-hosted/private/redeploy-registry-certificates.yml
new file mode 100644
index 000000000..3943720e3
--- /dev/null
+++ b/playbooks/openshift-hosted/private/redeploy-registry-certificates.yml
@@ -0,0 +1,100 @@
+---
+- name: Update registry certificates
+ hosts: oo_first_master
+ vars:
+ roles:
+ - lib_openshift
+ tasks:
+ - name: Create temp directory for kubeconfig
+ command: mktemp -d /tmp/openshift-ansible-XXXXXX
+ register: mktemp
+ changed_when: false
+
+ - name: Copy admin client config(s)
+ command: >
+ cp {{ openshift.common.config_base }}/master//admin.kubeconfig {{ mktemp.stdout }}/admin.kubeconfig
+ changed_when: false
+
+ - name: Determine if docker-registry exists
+ command: >
+ {{ openshift.common.client_binary }} get dc/docker-registry -o json
+ --config={{ mktemp.stdout }}/admin.kubeconfig
+ -n default
+ register: l_docker_registry_dc
+ failed_when: false
+ changed_when: false
+
+ - set_fact:
+ docker_registry_env_vars: "{{ ((l_docker_registry_dc.stdout | from_json)['spec']['template']['spec']['containers'][0]['env']
+ | lib_utils_oo_collect('name'))
+ | default([]) }}"
+ docker_registry_secrets: "{{ ((l_docker_registry_dc.stdout | from_json)['spec']['template']['spec']['volumes']
+ | lib_utils_oo_collect('secret')
+ | lib_utils_oo_collect('secretName'))
+ | default([]) }}"
+ changed_when: false
+ when: l_docker_registry_dc.rc == 0
+
+ # Replace dc/docker-registry environment variable certificate data if set.
+ - name: Update docker-registry environment variables
+ shell: >
+ {{ openshift.common.client_binary }} env dc/docker-registry
+ OPENSHIFT_CA_DATA="$(cat /etc/origin/master/ca.crt)"
+ OPENSHIFT_CERT_DATA="$(cat /etc/origin/master/openshift-registry.crt)"
+ OPENSHIFT_KEY_DATA="$(cat /etc/origin/master/openshift-registry.key)"
+ --config={{ mktemp.stdout }}/admin.kubeconfig
+ -n default
+ when: l_docker_registry_dc.rc == 0 and 'OPENSHIFT_CA_DATA' in docker_registry_env_vars and 'OPENSHIFT_CERT_DATA' in docker_registry_env_vars and 'OPENSHIFT_KEY_DATA' in docker_registry_env_vars
+
+ # Replace dc/docker-registry certificate secret contents if set.
+ - block:
+ - name: Retrieve registry service IP
+ oc_service:
+ namespace: default
+ name: docker-registry
+ state: list
+ register: docker_registry_service_ip
+ changed_when: false
+
+ - set_fact:
+ docker_registry_route_hostname: "{{ 'docker-registry-default.' ~ (openshift.master.default_subdomain | default('router.default.svc.cluster.local', true)) }}"
+ changed_when: false
+
+ - name: Generate registry certificate
+ command: >
+ {{ openshift.common.client_binary }} adm ca create-server-cert
+ --signer-cert={{ openshift.common.config_base }}/master/ca.crt
+ --signer-key={{ openshift.common.config_base }}/master/ca.key
+ --signer-serial={{ openshift.common.config_base }}/master/ca.serial.txt
+ --config={{ mktemp.stdout }}/admin.kubeconfig
+ --hostnames="{{ docker_registry_service_ip.results.clusterip }},docker-registry.default.svc,docker-registry.default.svc.cluster.local,{{ docker_registry_route_hostname }}"
+ --cert={{ openshift.common.config_base }}/master/registry.crt
+ --key={{ openshift.common.config_base }}/master/registry.key
+ --expire-days={{ openshift_hosted_registry_cert_expire_days | default(730) }}
+
+ - name: Update registry certificates secret
+ oc_secret:
+ kubeconfig: "{{ mktemp.stdout }}/admin.kubeconfig"
+ name: registry-certificates
+ namespace: default
+ state: present
+ files:
+ - name: registry.crt
+ path: "{{ openshift.common.config_base }}/master/registry.crt"
+ - name: registry.key
+ path: "{{ openshift.common.config_base }}/master/registry.key"
+ run_once: true
+ when: l_docker_registry_dc.rc == 0 and 'registry-certificates' in docker_registry_secrets and 'REGISTRY_HTTP_TLS_CERTIFICATE' in docker_registry_env_vars and 'REGISTRY_HTTP_TLS_KEY' in docker_registry_env_vars
+
+ - name: Redeploy docker registry
+ command: >
+ {{ openshift.common.client_binary }} deploy dc/docker-registry
+ --latest
+ --config={{ mktemp.stdout }}/admin.kubeconfig
+ -n default
+
+ - name: Delete temp directory
+ file:
+ name: "{{ mktemp.stdout }}"
+ state: absent
+ changed_when: False
diff --git a/playbooks/openshift-hosted/private/redeploy-router-certificates.yml b/playbooks/openshift-hosted/private/redeploy-router-certificates.yml
new file mode 100644
index 000000000..b1f60f1ae
--- /dev/null
+++ b/playbooks/openshift-hosted/private/redeploy-router-certificates.yml
@@ -0,0 +1,141 @@
+---
+- name: Update router certificates
+ hosts: oo_first_master
+ vars:
+ roles:
+ - lib_openshift
+ tasks:
+ - name: Create temp directory for kubeconfig
+ command: mktemp -d /tmp/openshift-ansible-XXXXXX
+ register: router_cert_redeploy_tempdir
+ changed_when: false
+
+ - name: Copy admin client config(s)
+ command: >
+ cp {{ openshift.common.config_base }}/master//admin.kubeconfig {{ router_cert_redeploy_tempdir.stdout }}/admin.kubeconfig
+ changed_when: false
+
+ - name: Determine if router exists
+ command: >
+ {{ openshift.common.client_binary }} get dc/router -o json
+ --config={{ router_cert_redeploy_tempdir.stdout }}/admin.kubeconfig
+ -n default
+ register: l_router_dc
+ failed_when: false
+ changed_when: false
+
+ - name: Determine if router service exists
+ command: >
+ {{ openshift.common.client_binary }} get svc/router -o json
+ --config={{ router_cert_redeploy_tempdir.stdout }}/admin.kubeconfig
+ -n default
+ register: l_router_svc
+ failed_when: false
+ changed_when: false
+
+ - name: Collect router environment variables and secrets
+ set_fact:
+ router_env_vars: "{{ ((l_router_dc.stdout | from_json)['spec']['template']['spec']['containers'][0]['env']
+ | lib_utils_oo_collect('name'))
+ | default([]) }}"
+ router_secrets: "{{ ((l_router_dc.stdout | from_json)['spec']['template']['spec']['volumes']
+ | lib_utils_oo_collect('secret')
+ | lib_utils_oo_collect('secretName'))
+ | default([]) }}"
+ changed_when: false
+ when: l_router_dc.rc == 0
+
+ - name: Collect router service annotations
+ set_fact:
+ router_service_annotations: "{{ (l_router_svc.stdout | from_json)['metadata']['annotations'] if 'annotations' in (l_router_svc.stdout | from_json)['metadata'] else [] }}"
+ when: l_router_svc.rc == 0
+
+ - name: Update router environment variables
+ shell: >
+ {{ openshift.common.client_binary }} env dc/router
+ OPENSHIFT_CA_DATA="$(cat /etc/origin/master/ca.crt)"
+ OPENSHIFT_CERT_DATA="$(cat /etc/origin/master/openshift-router.crt)"
+ OPENSHIFT_KEY_DATA="$(cat /etc/origin/master/openshift-router.key)"
+ --config={{ router_cert_redeploy_tempdir.stdout }}/admin.kubeconfig
+ -n default
+ when:
+ - l_router_dc.rc == 0
+ - ('OPENSHIFT_CA_DATA' in router_env_vars)
+ - ('OPENSHIFT_CERT_DATA' in router_env_vars)
+ - ('OPENSHIFT_KEY_DATA' in router_env_vars)
+
+ # When the router service contains service signer annotations we
+ # will delete the existing certificate secret and allow OpenShift to
+ # replace the secret.
+ - block:
+ - name: Delete existing router certificate secret
+ oc_secret:
+ kubeconfig: "{{ router_cert_redeploy_tempdir.stdout }}/admin.kubeconfig"
+ name: router-certs
+ namespace: default
+ state: absent
+ run_once: true
+
+ - name: Remove router service annotations
+ command: >
+ {{ openshift.common.client_binary }} annotate service/router
+ service.alpha.openshift.io/serving-cert-secret-name-
+ service.alpha.openshift.io/serving-cert-signed-by-
+ --config={{ router_cert_redeploy_tempdir.stdout }}/admin.kubeconfig
+ -n default
+
+ - name: Add serving-cert-secret annotation to router service
+ command: >
+ {{ openshift.common.client_binary }} annotate service/router
+ service.alpha.openshift.io/serving-cert-secret-name=router-certs
+ --config={{ router_cert_redeploy_tempdir.stdout }}/admin.kubeconfig
+ -n default
+ when:
+ - l_router_dc.rc == 0
+ - l_router_svc.rc == 0
+ - ('router-certs' in router_secrets)
+ - openshift_hosted_router_certificate is undefined
+ - ('service.alpha.openshift.io/serving-cert-secret-name') in router_service_annotations
+ - ('service.alpha.openshift.io/serving-cert-signed-by') in router_service_annotations
+
+ # When there are no annotations on the router service we will allow
+ # the openshift_hosted role to either create a new wildcard
+ # certificate (since we deleted the original) or reapply a custom
+ # openshift_hosted_router_certificate.
+ - file:
+ path: "{{ item }}"
+ state: absent
+ with_items:
+ - /etc/origin/master/openshift-router.crt
+ - /etc/origin/master/openshift-router.key
+ when:
+ - l_router_dc.rc == 0
+ - l_router_svc.rc == 0
+ - ('router-certs' in router_secrets)
+ - ('service.alpha.openshift.io/serving-cert-secret-name') not in router_service_annotations
+ - ('service.alpha.openshift.io/serving-cert-signed-by') not in router_service_annotations
+
+ - include_role:
+ name: openshift_hosted
+ tasks_from: main
+ vars:
+ openshift_hosted_manage_registry: false
+ when:
+ - l_router_dc.rc == 0
+ - l_router_svc.rc == 0
+ - ('router-certs' in router_secrets)
+ - ('service.alpha.openshift.io/serving-cert-secret-name') not in router_service_annotations
+ - ('service.alpha.openshift.io/serving-cert-signed-by') not in router_service_annotations
+
+ - name: Redeploy router
+ command: >
+ {{ openshift.common.client_binary }} deploy dc/router
+ --latest
+ --config={{ router_cert_redeploy_tempdir.stdout }}/admin.kubeconfig
+ -n default
+
+ - name: Delete temp directory
+ file:
+ name: "{{ router_cert_redeploy_tempdir.stdout }}"
+ state: absent
+ changed_when: False
diff --git a/playbooks/byo/openshift-management/roles b/playbooks/openshift-hosted/private/roles
index 20c4c58cf..20c4c58cf 120000
--- a/playbooks/byo/openshift-management/roles
+++ b/playbooks/openshift-hosted/private/roles
diff --git a/playbooks/openshift-hosted/redeploy-registry-certificates.yml b/playbooks/openshift-hosted/redeploy-registry-certificates.yml
new file mode 100644
index 000000000..518a1d624
--- /dev/null
+++ b/playbooks/openshift-hosted/redeploy-registry-certificates.yml
@@ -0,0 +1,4 @@
+---
+- import_playbook: ../init/main.yml
+
+- import_playbook: private/redeploy-registry-certificates.yml
diff --git a/playbooks/openshift-hosted/redeploy-router-certificates.yml b/playbooks/openshift-hosted/redeploy-router-certificates.yml
new file mode 100644
index 000000000..a74dd8c79
--- /dev/null
+++ b/playbooks/openshift-hosted/redeploy-router-certificates.yml
@@ -0,0 +1,4 @@
+---
+- import_playbook: ../init/main.yml
+
+- import_playbook: private/redeploy-router-certificates.yml
diff --git a/playbooks/openshift-loadbalancer/config.yml b/playbooks/openshift-loadbalancer/config.yml
new file mode 100644
index 000000000..c7814207c
--- /dev/null
+++ b/playbooks/openshift-loadbalancer/config.yml
@@ -0,0 +1,4 @@
+---
+- import_playbook: ../init/main.yml
+
+- import_playbook: private/config.yml
diff --git a/playbooks/openshift-loadbalancer/private/config.yml b/playbooks/openshift-loadbalancer/private/config.yml
new file mode 100644
index 000000000..54c8483c8
--- /dev/null
+++ b/playbooks/openshift-loadbalancer/private/config.yml
@@ -0,0 +1,42 @@
+---
+- name: Load Balancer Install Checkpoint Start
+ hosts: all
+ gather_facts: false
+ tasks:
+ - name: Set load balancer install 'In Progress'
+ run_once: true
+ set_stats:
+ data:
+ installer_phase_loadbalancer:
+ status: "In Progress"
+ start: "{{ lookup('pipe', 'date +%Y%m%d%H%M%SZ') }}"
+
+- name: Configure load balancers
+ hosts: oo_lb_to_config
+ vars:
+ openshift_loadbalancer_frontends: "{{ (openshift_master_api_port | default(8443)
+ | lib_utils_oo_loadbalancer_frontends(hostvars | lib_utils_oo_select_keys(groups['oo_masters']),
+ openshift_use_nuage | default(false),
+ nuage_mon_rest_server_port | default(none)))
+ + openshift_loadbalancer_additional_frontends | default([]) }}"
+ openshift_loadbalancer_backends: "{{ (openshift_master_api_port | default(8443)
+ | lib_utils_oo_loadbalancer_backends(hostvars | lib_utils_oo_select_keys(groups['oo_masters']),
+ openshift_use_nuage | default(false),
+ nuage_mon_rest_server_port | default(none)))
+ + openshift_loadbalancer_additional_backends | default([]) }}"
+ openshift_image_tag: "{{ hostvars[groups.oo_first_master.0].openshift_image_tag }}"
+ roles:
+ - role: openshift_loadbalancer
+ - role: tuned
+
+- name: Load Balancer Install Checkpoint End
+ hosts: all
+ gather_facts: false
+ tasks:
+ - name: Set load balancer install 'Complete'
+ run_once: true
+ set_stats:
+ data:
+ installer_phase_loadbalancer:
+ status: "Complete"
+ end: "{{ lookup('pipe', 'date +%Y%m%d%H%M%SZ') }}"
diff --git a/playbooks/byo/openshift-master/roles b/playbooks/openshift-loadbalancer/private/roles
index 20c4c58cf..20c4c58cf 120000
--- a/playbooks/byo/openshift-master/roles
+++ b/playbooks/openshift-loadbalancer/private/roles
diff --git a/playbooks/openshift-logging/config.yml b/playbooks/openshift-logging/config.yml
new file mode 100644
index 000000000..83d330284
--- /dev/null
+++ b/playbooks/openshift-logging/config.yml
@@ -0,0 +1,9 @@
+---
+#
+# This playbook is a preview of upcoming changes for installing
+# Hosted logging on. See inventory/hosts.example for the
+# currently supported method.
+#
+- import_playbook: ../init/main.yml
+
+- import_playbook: private/config.yml
diff --git a/playbooks/openshift-logging/private/config.yml b/playbooks/openshift-logging/private/config.yml
new file mode 100644
index 000000000..bc59bd95a
--- /dev/null
+++ b/playbooks/openshift-logging/private/config.yml
@@ -0,0 +1,37 @@
+---
+- name: Logging Install Checkpoint Start
+ hosts: all
+ gather_facts: false
+ tasks:
+ - name: Set Logging install 'In Progress'
+ run_once: true
+ set_stats:
+ data:
+ installer_phase_logging:
+ status: "In Progress"
+ start: "{{ lookup('pipe', 'date +%Y%m%d%H%M%SZ') }}"
+
+- name: OpenShift Aggregated Logging
+ hosts: oo_first_master
+ roles:
+ - openshift_logging
+
+- name: Update Master configs
+ hosts: oo_masters:!oo_first_master
+ tasks:
+ - block:
+ - include_role:
+ name: openshift_logging
+ tasks_from: update_master_config
+
+- name: Logging Install Checkpoint End
+ hosts: all
+ gather_facts: false
+ tasks:
+ - name: Set Logging install 'Complete'
+ run_once: true
+ set_stats:
+ data:
+ installer_phase_logging:
+ status: "Complete"
+ end: "{{ lookup('pipe', 'date +%Y%m%d%H%M%SZ') }}"
diff --git a/playbooks/byo/openshift-node/roles b/playbooks/openshift-logging/private/roles
index 20c4c58cf..20c4c58cf 120000
--- a/playbooks/byo/openshift-node/roles
+++ b/playbooks/openshift-logging/private/roles
diff --git a/playbooks/openshift-management/add_container_provider.yml b/playbooks/openshift-management/add_container_provider.yml
new file mode 100644
index 000000000..e0970f525
--- /dev/null
+++ b/playbooks/openshift-management/add_container_provider.yml
@@ -0,0 +1,4 @@
+---
+- import_playbook: ../init/evaluate_groups.yml
+
+- import_playbook: private/add_container_provider.yml
diff --git a/playbooks/byo/openshift-management/add_many_container_providers.yml b/playbooks/openshift-management/add_many_container_providers.yml
index 62fdb11c5..62fdb11c5 100644
--- a/playbooks/byo/openshift-management/add_many_container_providers.yml
+++ b/playbooks/openshift-management/add_many_container_providers.yml
diff --git a/playbooks/openshift-management/config.yml b/playbooks/openshift-management/config.yml
new file mode 100644
index 000000000..c7814207c
--- /dev/null
+++ b/playbooks/openshift-management/config.yml
@@ -0,0 +1,4 @@
+---
+- import_playbook: ../init/main.yml
+
+- import_playbook: private/config.yml
diff --git a/playbooks/common/openshift-management/add_container_provider.yml b/playbooks/openshift-management/private/add_container_provider.yml
index facb3a5b9..facb3a5b9 100644
--- a/playbooks/common/openshift-management/add_container_provider.yml
+++ b/playbooks/openshift-management/private/add_container_provider.yml
diff --git a/playbooks/openshift-management/private/config.yml b/playbooks/openshift-management/private/config.yml
new file mode 100644
index 000000000..3f1cdf713
--- /dev/null
+++ b/playbooks/openshift-management/private/config.yml
@@ -0,0 +1,39 @@
+---
+- name: Management Install Checkpoint Start
+ hosts: all
+ gather_facts: false
+ tasks:
+ - name: Set Management install 'In Progress'
+ run_once: true
+ set_stats:
+ data:
+ installer_phase_management:
+ status: "In Progress"
+ start: "{{ lookup('pipe', 'date +%Y%m%d%H%M%SZ') }}"
+
+- name: Setup CFME
+ hosts: oo_first_master
+ pre_tasks:
+ - name: Create a temporary place to evaluate the PV templates
+ command: mktemp -d /tmp/openshift-ansible-XXXXXXX
+ register: r_openshift_management_mktemp
+ changed_when: false
+
+ tasks:
+ - name: Run the CFME Setup Role
+ include_role:
+ name: openshift_management
+ vars:
+ template_dir: "{{ hostvars[groups.masters.0].r_openshift_management_mktemp.stdout }}"
+
+- name: Management Install Checkpoint End
+ hosts: all
+ gather_facts: false
+ tasks:
+ - name: Set Management install 'Complete'
+ run_once: true
+ set_stats:
+ data:
+ installer_phase_management:
+ status: "Complete"
+ end: "{{ lookup('pipe', 'date +%Y%m%d%H%M%SZ') }}"
diff --git a/playbooks/common/openshift-checks/roles b/playbooks/openshift-management/private/roles
index 20c4c58cf..20c4c58cf 120000
--- a/playbooks/common/openshift-checks/roles
+++ b/playbooks/openshift-management/private/roles
diff --git a/playbooks/common/openshift-management/uninstall.yml b/playbooks/openshift-management/private/uninstall.yml
index 9f35cc276..9f35cc276 100644
--- a/playbooks/common/openshift-management/uninstall.yml
+++ b/playbooks/openshift-management/private/uninstall.yml
diff --git a/playbooks/openshift-management/roles b/playbooks/openshift-management/roles
new file mode 120000
index 000000000..b741aa3db
--- /dev/null
+++ b/playbooks/openshift-management/roles
@@ -0,0 +1 @@
+../../roles \ No newline at end of file
diff --git a/playbooks/openshift-management/uninstall.yml b/playbooks/openshift-management/uninstall.yml
new file mode 100644
index 000000000..c92ade786
--- /dev/null
+++ b/playbooks/openshift-management/uninstall.yml
@@ -0,0 +1,2 @@
+---
+- import_playbook: private/uninstall.yml
diff --git a/playbooks/openshift-master/additional_config.yml b/playbooks/openshift-master/additional_config.yml
new file mode 100644
index 000000000..8105f7f88
--- /dev/null
+++ b/playbooks/openshift-master/additional_config.yml
@@ -0,0 +1,4 @@
+---
+- import_playbook: ../init/main.yml
+
+- import_playbook: private/additional_config.yml
diff --git a/playbooks/openshift-master/certificates.yml b/playbooks/openshift-master/certificates.yml
new file mode 100644
index 000000000..7ae87c09a
--- /dev/null
+++ b/playbooks/openshift-master/certificates.yml
@@ -0,0 +1,4 @@
+---
+- import_playbook: ../init/main.yml
+
+- import_playbook: private/certificates.yml
diff --git a/playbooks/openshift-master/config.yml b/playbooks/openshift-master/config.yml
new file mode 100644
index 000000000..c7814207c
--- /dev/null
+++ b/playbooks/openshift-master/config.yml
@@ -0,0 +1,4 @@
+---
+- import_playbook: ../init/main.yml
+
+- import_playbook: private/config.yml
diff --git a/playbooks/openshift-master/private/additional_config.yml b/playbooks/openshift-master/private/additional_config.yml
new file mode 100644
index 000000000..a90cd6b22
--- /dev/null
+++ b/playbooks/openshift-master/private/additional_config.yml
@@ -0,0 +1,50 @@
+---
+- name: Master Additional Install Checkpoint Start
+ hosts: all
+ gather_facts: false
+ tasks:
+ - name: Set Master Additional install 'In Progress'
+ run_once: true
+ set_stats:
+ data:
+ installer_phase_master_additional:
+ status: "In Progress"
+ start: "{{ lookup('pipe', 'date +%Y%m%d%H%M%SZ') }}"
+
+- name: Additional master configuration
+ hosts: oo_first_master
+ vars:
+ cockpit_plugins: "{{ osm_cockpit_plugins | default(['cockpit-kubernetes']) }}"
+ etcd_urls: "{{ openshift.master.etcd_urls }}"
+ openshift_master_ha: "{{ groups.oo_masters | length > 1 }}"
+ omc_cluster_hosts: "{{ groups.oo_masters | join(' ')}}"
+ roles:
+ - role: openshift_project_request_template
+ when: openshift_project_request_template_manage
+ - role: openshift_examples
+ when: openshift_install_examples | default(true) | bool
+ registry_url: "{{ openshift.master.registry_url }}"
+ - role: openshift_hosted_templates
+ registry_url: "{{ openshift.master.registry_url }}"
+ - role: openshift_manageiq
+ when: openshift_use_manageiq | default(true) | bool
+ - role: cockpit
+ when:
+ - not openshift.common.is_atomic | bool
+ - deployment_type == 'openshift-enterprise'
+ - osm_use_cockpit is undefined or osm_use_cockpit | bool
+ - openshift.common.deployment_subtype != 'registry'
+ - role: flannel_register
+ when: openshift_use_flannel | default(false) | bool
+
+- name: Master Additional Install Checkpoint End
+ hosts: all
+ gather_facts: false
+ tasks:
+ - name: Set Master Additional install 'Complete'
+ run_once: true
+ set_stats:
+ data:
+ installer_phase_master_additional:
+ status: "Complete"
+ end: "{{ lookup('pipe', 'date +%Y%m%d%H%M%SZ') }}"
diff --git a/playbooks/common/openshift-cluster/redeploy-certificates/masters-backup.yml b/playbooks/openshift-master/private/certificates-backup.yml
index 4dbc041b0..4dbc041b0 100644
--- a/playbooks/common/openshift-cluster/redeploy-certificates/masters-backup.yml
+++ b/playbooks/openshift-master/private/certificates-backup.yml
diff --git a/playbooks/openshift-master/private/certificates.yml b/playbooks/openshift-master/private/certificates.yml
new file mode 100644
index 000000000..d42d4402b
--- /dev/null
+++ b/playbooks/openshift-master/private/certificates.yml
@@ -0,0 +1,14 @@
+---
+- name: Create OpenShift certificates for master hosts
+ hosts: oo_masters_to_config
+ vars:
+ openshift_ca_host: "{{ groups.oo_first_master.0 }}"
+ roles:
+ - role: openshift_master_facts
+ - role: openshift_named_certificates
+ - role: openshift_ca
+ - role: openshift_master_certificates
+ openshift_master_etcd_hosts: "{{ hostvars
+ | lib_utils_oo_select_keys(groups['oo_etcd_to_config'] | default([]))
+ | lib_utils_oo_collect('openshift.common.hostname')
+ | default(none, true) }}"
diff --git a/playbooks/openshift-master/private/config.yml b/playbooks/openshift-master/private/config.yml
new file mode 100644
index 000000000..3093444b4
--- /dev/null
+++ b/playbooks/openshift-master/private/config.yml
@@ -0,0 +1,250 @@
+---
+- name: Master Install Checkpoint Start
+ hosts: all
+ gather_facts: false
+ tasks:
+ - name: Set Master install 'In Progress'
+ run_once: true
+ set_stats:
+ data:
+ installer_phase_master:
+ status: "In Progress"
+ start: "{{ lookup('pipe', 'date +%Y%m%d%H%M%SZ') }}"
+
+- import_playbook: certificates.yml
+
+- name: Disable excluders
+ hosts: oo_masters_to_config
+ gather_facts: no
+ roles:
+ - role: openshift_excluder
+ r_openshift_excluder_action: disable
+
+- name: Gather and set facts for master hosts
+ hosts: oo_masters_to_config
+ pre_tasks:
+ # Per https://bugzilla.redhat.com/show_bug.cgi?id=1469336
+ #
+ # When scaling up a cluster upgraded from OCP <= 3.5, ensure that
+ # OPENSHIFT_DEFAULT_REGISTRY is present as defined on the existing
+ # masters, or absent if such is the case.
+ - name: Detect if this host is a new master in a scale up
+ set_fact:
+ g_openshift_master_is_scaleup: "{{ openshift.common.hostname in ( groups['new_masters'] | default([]) ) }}"
+
+ - name: Scaleup Detection
+ debug:
+ var: g_openshift_master_is_scaleup
+
+ - name: Check for RPM generated config marker file .config_managed
+ stat:
+ path: /etc/origin/.config_managed
+ register: rpmgenerated_config
+
+ - name: Remove RPM generated config files if present
+ file:
+ path: "/etc/origin/{{ item }}"
+ state: absent
+ when:
+ - rpmgenerated_config.stat.exists == true
+ - deployment_type == 'openshift-enterprise'
+ with_items:
+ - master
+ - node
+ - .config_managed
+
+ - set_fact:
+ openshift_master_etcd_port: "{{ (etcd_client_port | default('2379')) if (groups.oo_etcd_to_config is defined and groups.oo_etcd_to_config) else none }}"
+ openshift_master_etcd_hosts: "{{ hostvars
+ | lib_utils_oo_select_keys(groups['oo_etcd_to_config']
+ | default([]))
+ | lib_utils_oo_collect('openshift.common.hostname')
+ | default(none, true) }}"
+ roles:
+ - openshift_facts
+ post_tasks:
+ - openshift_facts:
+ role: master
+ local_facts:
+ api_port: "{{ openshift_master_api_port | default(None) }}"
+ api_url: "{{ openshift_master_api_url | default(None) }}"
+ api_use_ssl: "{{ openshift_master_api_use_ssl | default(None) }}"
+ controllers_port: "{{ openshift_master_controllers_port | default(None) }}"
+ public_api_url: "{{ openshift_master_public_api_url | default(None) }}"
+ cluster_hostname: "{{ openshift_master_cluster_hostname | default(None) }}"
+ cluster_public_hostname: "{{ openshift_master_cluster_public_hostname | default(None) }}"
+ console_path: "{{ openshift_master_console_path | default(None) }}"
+ console_port: "{{ openshift_master_console_port | default(None) }}"
+ console_url: "{{ openshift_master_console_url | default(None) }}"
+ console_use_ssl: "{{ openshift_master_console_use_ssl | default(None) }}"
+ public_console_url: "{{ openshift_master_public_console_url | default(None) }}"
+ ha: "{{ openshift_master_ha | default(groups.oo_masters | length > 1) }}"
+ master_count: "{{ openshift_master_count | default(groups.oo_masters | length) }}"
+
+- name: Inspect state of first master config settings
+ hosts: oo_first_master
+ roles:
+ - role: openshift_facts
+ post_tasks:
+ - openshift_facts:
+ role: master
+ local_facts:
+ session_auth_secrets: "{{ openshift_master_session_auth_secrets | default(openshift.master.session_auth_secrets | default(None)) }}"
+ session_encryption_secrets: "{{ openshift_master_session_encryption_secrets | default(openshift.master.session_encryption_secrets | default(None)) }}"
+ - name: Check for existing configuration
+ stat:
+ path: /etc/origin/master/master-config.yaml
+ register: master_config_stat
+
+ - name: Set clean install fact
+ set_fact:
+ l_clean_install: "{{ not master_config_stat.stat.exists | bool }}"
+
+ - name: Determine if etcd3 storage is in use
+ command: grep -Pzo "storage-backend:\n.*etcd3" /etc/origin/master/master-config.yaml -q
+ register: etcd3_grep
+ failed_when: false
+ changed_when: false
+
+ - name: Set etcd3 fact
+ set_fact:
+ l_etcd3_enabled: "{{ etcd3_grep.rc == 0 | bool }}"
+
+ - name: Check if atomic-openshift-master sysconfig exists yet
+ stat:
+ path: /etc/sysconfig/atomic-openshift-master
+ register: l_aom_exists
+
+ - name: Preserve OPENSHIFT_DEFAULT_REGISTRY master parameter if present
+ command: awk '/^OPENSHIFT_DEFAULT_REGISTRY/' /etc/sysconfig/atomic-openshift-master
+ register: l_default_registry_defined
+ when: l_aom_exists.stat.exists | bool
+
+ - name: Check if atomic-openshift-master-api sysconfig exists yet
+ stat:
+ path: /etc/sysconfig/atomic-openshift-master-api
+ register: l_aom_api_exists
+
+ - name: Preserve OPENSHIFT_DEFAULT_REGISTRY master-api parameter if present
+ command: awk '/^OPENSHIFT_DEFAULT_REGISTRY/' /etc/sysconfig/atomic-openshift-master-api
+ register: l_default_registry_defined_api
+ when: l_aom_api_exists.stat.exists | bool
+
+ - name: Check if atomic-openshift-master-controllers sysconfig exists yet
+ stat:
+ path: /etc/sysconfig/atomic-openshift-master-controllers
+ register: l_aom_controllers_exists
+
+ - name: Preserve OPENSHIFT_DEFAULT_REGISTRY master-controllers parameter if present
+ command: awk '/^OPENSHIFT_DEFAULT_REGISTRY/' /etc/sysconfig/atomic-openshift-master-controllers
+ register: l_default_registry_defined_controllers
+ when: l_aom_controllers_exists.stat.exists | bool
+
+ - name: Update facts with OPENSHIFT_DEFAULT_REGISTRY value
+ set_fact:
+ l_default_registry_value: "{{ l_default_registry_defined.stdout | default('') }}"
+ l_default_registry_value_api: "{{ l_default_registry_defined_api.stdout | default('') }}"
+ l_default_registry_value_controllers: "{{ l_default_registry_defined_controllers.stdout | default('') }}"
+
+- name: Generate master session secrets
+ hosts: oo_first_master
+ vars:
+ g_session_secrets_present: "{{ (openshift.master.session_auth_secrets | default([])) | length > 0 and (openshift.master.session_encryption_secrets | default([])) | length > 0 }}"
+ g_session_auth_secrets: "{{ [ 24 | lib_utils_oo_generate_secret ] }}"
+ g_session_encryption_secrets: "{{ [ 24 | lib_utils_oo_generate_secret ] }}"
+ roles:
+ - role: openshift_facts
+ tasks:
+ - openshift_facts:
+ role: master
+ local_facts:
+ session_auth_secrets: "{{ g_session_auth_secrets }}"
+ session_encryption_secrets: "{{ g_session_encryption_secrets }}"
+ when: not g_session_secrets_present | bool
+
+- name: Configure masters
+ hosts: oo_masters_to_config
+ any_errors_fatal: true
+ vars:
+ openshift_master_ha: "{{ openshift.master.ha }}"
+ openshift_master_count: "{{ openshift.master.master_count }}"
+ openshift_master_session_auth_secrets: "{{ hostvars[groups.oo_first_master.0].openshift.master.session_auth_secrets }}"
+ openshift_master_session_encryption_secrets: "{{ hostvars[groups.oo_first_master.0].openshift.master.session_encryption_secrets }}"
+ openshift_ca_host: "{{ groups.oo_first_master.0 }}"
+ openshift_master_etcd_hosts: "{{ hostvars
+ | lib_utils_oo_select_keys(groups['oo_etcd_to_config'] | default([]))
+ | lib_utils_oo_collect('openshift.common.hostname')
+ | default(none, true) }}"
+ openshift_no_proxy_etcd_host_ips: "{{ hostvars | lib_utils_oo_select_keys(groups['oo_etcd_to_config'] | default([]))
+ | lib_utils_oo_collect('openshift.common.ip') | default([]) | join(',')
+ }}"
+ roles:
+ - role: openshift_master_facts
+ - role: openshift_clock
+ - role: openshift_cloud_provider
+ - role: openshift_builddefaults
+ - role: openshift_buildoverrides
+ - role: nickhammond.logrotate
+ - role: contiv
+ contiv_role: netmaster
+ when: openshift_use_contiv | default(False) | bool
+ - role: openshift_master
+ openshift_master_hosts: "{{ groups.oo_masters_to_config }}"
+ r_openshift_master_clean_install: "{{ hostvars[groups.oo_first_master.0].l_clean_install }}"
+ r_openshift_master_etcd3_storage: "{{ hostvars[groups.oo_first_master.0].l_etcd3_enabled }}"
+ openshift_master_is_scaleup_host: "{{ g_openshift_master_is_scaleup | default(false) }}"
+ openshift_master_default_registry_value: "{{ hostvars[groups.oo_first_master.0].l_default_registry_value }}"
+ openshift_master_default_registry_value_api: "{{ hostvars[groups.oo_first_master.0].l_default_registry_value_api }}"
+ openshift_master_default_registry_value_controllers: "{{ hostvars[groups.oo_first_master.0].l_default_registry_value_controllers }}"
+ - role: tuned
+ - role: nuage_ca
+ when: openshift_use_nuage | default(false) | bool
+ - role: nuage_common
+ when: openshift_use_nuage | default(false) | bool
+ - role: nuage_master
+ when: openshift_use_nuage | default(false) | bool
+ - role: calico_master
+ when: openshift_use_calico | default(false) | bool
+ tasks:
+ - include_role:
+ name: kuryr
+ tasks_from: master
+ when: openshift_use_kuryr | default(false) | bool
+
+ - name: Setup the node group config maps
+ include_role:
+ name: openshift_node_group
+ when: openshift_master_bootstrap_enabled | default(false) | bool
+ run_once: True
+
+ post_tasks:
+ - name: Create group for deployment type
+ group_by: key=oo_masters_deployment_type_{{ openshift.common.deployment_type }}
+ changed_when: False
+
+- name: Configure API Aggregation on masters
+ hosts: oo_masters
+ serial: 1
+ roles:
+ - role: openshift_facts
+ tasks:
+ - include_tasks: tasks/wire_aggregator.yml
+
+- name: Re-enable excluder if it was previously enabled
+ hosts: oo_masters_to_config
+ gather_facts: no
+ roles:
+ - role: openshift_excluder
+ r_openshift_excluder_action: enable
+
+- name: Master Install Checkpoint End
+ hosts: all
+ gather_facts: false
+ tasks:
+ - name: Set Master install 'Complete'
+ run_once: true
+ set_stats:
+ data:
+ installer_phase_master:
+ status: "Complete"
+ end: "{{ lookup('pipe', 'date +%Y%m%d%H%M%SZ') }}"
diff --git a/playbooks/openshift-master/private/redeploy-certificates.yml b/playbooks/openshift-master/private/redeploy-certificates.yml
new file mode 100644
index 000000000..c0f75ae80
--- /dev/null
+++ b/playbooks/openshift-master/private/redeploy-certificates.yml
@@ -0,0 +1,6 @@
+---
+- import_playbook: certificates-backup.yml
+
+- import_playbook: certificates.yml
+ vars:
+ openshift_certificates_redeploy: true
diff --git a/playbooks/openshift-master/private/redeploy-openshift-ca.yml b/playbooks/openshift-master/private/redeploy-openshift-ca.yml
new file mode 100644
index 000000000..9d3c12ba1
--- /dev/null
+++ b/playbooks/openshift-master/private/redeploy-openshift-ca.yml
@@ -0,0 +1,300 @@
+---
+- name: Check cert expirys
+ hosts: oo_nodes_to_config:oo_masters_to_config:oo_etcd_to_config
+ vars:
+ openshift_certificate_expiry_show_all: yes
+ roles:
+ # Sets 'check_results' per host which contains health status for
+ # etcd, master and node certificates. We will use 'check_results'
+ # to determine if any certificates were expired prior to running
+ # this playbook. Service restarts will be skipped if any
+ # certificates were previously expired.
+ - role: openshift_certificate_expiry
+
+# Update master config when ca-bundle not referenced. Services will be
+# restarted below after new CA certificate has been distributed.
+- name: Ensure ca-bundle.crt is referenced in master configuration
+ hosts: oo_masters_to_config
+ tasks:
+ - slurp:
+ src: "{{ openshift.common.config_base }}/master/master-config.yaml"
+ register: g_master_config_output
+ - modify_yaml:
+ dest: "{{ openshift.common.config_base }}/master/master-config.yaml"
+ yaml_key: kubeletClientInfo.ca
+ yaml_value: ca-bundle.crt
+ when: (g_master_config_output.content|b64decode|from_yaml).kubeletClientInfo.ca != 'ca-bundle.crt'
+ - modify_yaml:
+ dest: "{{ openshift.common.config_base }}/master/master-config.yaml"
+ yaml_key: serviceAccountConfig.masterCA
+ yaml_value: ca-bundle.crt
+ when: (g_master_config_output.content|b64decode|from_yaml).serviceAccountConfig.masterCA != 'ca-bundle.crt'
+ - modify_yaml:
+ dest: "{{ openshift.common.config_base }}/master/master-config.yaml"
+ yaml_key: oauthConfig.masterCA
+ yaml_value: ca-bundle.crt
+ when: (g_master_config_output.content|b64decode|from_yaml).oauthConfig.masterCA != 'ca-bundle.crt'
+ - modify_yaml:
+ dest: "{{ openshift.common.config_base }}/master/master-config.yaml"
+ yaml_key: etcdClientInfo.ca
+ yaml_value: ca-bundle.crt
+ when:
+ - groups.oo_etcd_to_config | default([]) | length == 0
+ - (g_master_config_output.content|b64decode|from_yaml).etcdClientInfo.ca != 'ca-bundle.crt'
+ - modify_yaml:
+ dest: "{{ openshift.common.config_base }}/master/master-config.yaml"
+ yaml_key: etcdConfig.peerServingInfo.clientCA
+ yaml_value: ca-bundle.crt
+ when:
+ - groups.oo_etcd_to_config | default([]) | length == 0
+ - (g_master_config_output.content|b64decode|from_yaml).etcdConfig.peerServingInfo.clientCA != 'ca-bundle.crt'
+ - modify_yaml:
+ dest: "{{ openshift.common.config_base }}/master/master-config.yaml"
+ yaml_key: etcdConfig.servingInfo.clientCA
+ yaml_value: ca-bundle.crt
+ when:
+ - groups.oo_etcd_to_config | default([]) | length == 0
+ - (g_master_config_output.content|b64decode|from_yaml).etcdConfig.servingInfo.clientCA != 'ca-bundle.crt'
+ # Set servingInfo.clientCA to client-ca-bundle.crt in order to roll the CA certificate.
+ # This change will be reverted in playbooks/redeploy-certificates.yml
+ - modify_yaml:
+ dest: "{{ openshift.common.config_base }}/master/master-config.yaml"
+ yaml_key: servingInfo.clientCA
+ yaml_value: client-ca-bundle.crt
+ when: (g_master_config_output.content|b64decode|from_yaml).servingInfo.clientCA != 'client-ca-bundle.crt'
+
+- name: Copy current OpenShift CA to legacy directory
+ hosts: oo_masters_to_config
+ pre_tasks:
+ - name: Create legacy-ca directory
+ file:
+ path: "{{ openshift.common.config_base }}/master/legacy-ca"
+ state: directory
+ mode: 0700
+ owner: root
+ group: root
+ - command: mktemp -u XXXXXX
+ register: g_legacy_ca_mktemp
+ changed_when: false
+ # Copy CA certificate, key, serial and bundle to legacy-ca with a
+ # prefix generated by mktemp, ie. XXXXXX-ca.crt.
+ #
+ # The following roles will pick up all CA certificates matching
+ # /.*-ca.crt/ in the legacy-ca directory and ensure they are present
+ # in the OpenShift CA bundle.
+ # - openshift_ca
+ # - openshift_master_certificates
+ # - openshift_node_certificates
+ - name: Copy current OpenShift CA to legacy directory
+ copy:
+ src: "{{ openshift.common.config_base }}/master/{{ item }}"
+ dest: "{{ openshift.common.config_base }}/master/legacy-ca/{{ g_legacy_ca_mktemp.stdout }}-{{ item }}"
+ remote_src: true
+ # It is possible that redeploying failed and files may be missing.
+ # Ignore errors in this case. Files should have been copied to
+ # legacy-ca directory in previous run.
+ ignore_errors: true
+ with_items:
+ - "ca.crt"
+ - "ca.key"
+ - "ca.serial.txt"
+ - "ca-bundle.crt"
+
+- name: Create temporary directory for creating new CA certificate
+ hosts: oo_first_master
+ tasks:
+ - name: Create temporary directory for creating new CA certificate
+ command: >
+ mktemp -d /tmp/openshift-ansible-XXXXXXX
+ register: g_new_openshift_ca_mktemp
+ changed_when: false
+
+- name: Create OpenShift CA
+ hosts: oo_first_master
+ vars:
+ # Set openshift_ca_config_dir to a temporary directory where CA
+ # will be created. We'll replace the existing CA with the CA
+ # created in the temporary directory.
+ openshift_ca_config_dir: "{{ hostvars[groups.oo_first_master.0].g_new_openshift_ca_mktemp.stdout }}"
+ roles:
+ - role: openshift_master_facts
+ - role: openshift_named_certificates
+ - role: openshift_ca
+ openshift_ca_host: "{{ groups.oo_first_master.0 }}"
+
+- name: Create temp directory for syncing certs
+ hosts: localhost
+ connection: local
+ become: no
+ gather_facts: no
+ tasks:
+ - name: Create local temp directory for syncing certs
+ local_action: command mktemp -d /tmp/openshift-ansible-XXXXXXX
+ register: g_master_mktemp
+ changed_when: false
+
+- name: Retrieve OpenShift CA
+ hosts: oo_first_master
+ vars:
+ openshift_ca_host: "{{ groups.oo_first_master.0 }}"
+ tasks:
+ - name: Retrieve CA certificate, key, bundle and serial
+ fetch:
+ src: "{{ hostvars[openshift_ca_host].g_new_openshift_ca_mktemp.stdout }}/{{ item }}"
+ dest: "{{ hostvars['localhost'].g_master_mktemp.stdout }}/"
+ flat: yes
+ fail_on_missing: yes
+ validate_checksum: yes
+ with_items:
+ - ca.crt
+ - ca.key
+ - ca-bundle.crt
+ - ca.serial.txt
+ - client-ca-bundle.crt
+ delegate_to: "{{ openshift_ca_host }}"
+ run_once: true
+ changed_when: false
+
+- name: Distribute OpenShift CA to masters
+ hosts: oo_masters_to_config
+ vars:
+ openshift_ca_host: "{{ groups.oo_first_master.0 }}"
+ tasks:
+ - name: Deploy CA certificate, key, bundle and serial
+ copy:
+ src: "{{ hostvars['localhost'].g_master_mktemp.stdout }}/{{ item }}"
+ dest: "{{ openshift.common.config_base }}/master/"
+ with_items:
+ - ca.crt
+ - ca.key
+ - ca-bundle.crt
+ - ca.serial.txt
+ - client-ca-bundle.crt
+ - name: Update master client kubeconfig CA data
+ kubeclient_ca:
+ client_path: "{{ openshift.common.config_base }}/master/openshift-master.kubeconfig"
+ ca_path: "{{ openshift.common.config_base }}/master/ca-bundle.crt"
+ - name: Update admin client kubeconfig CA data
+ kubeclient_ca:
+ client_path: "{{ openshift.common.config_base }}/master/admin.kubeconfig"
+ ca_path: "{{ openshift.common.config_base }}/master/ca-bundle.crt"
+ - name: Lookup default group for ansible_ssh_user
+ command: "/usr/bin/id -g {{ ansible_ssh_user | quote }}"
+ changed_when: false
+ register: _ansible_ssh_user_gid
+ - set_fact:
+ client_users: "{{ [ansible_ssh_user, 'root'] | unique }}"
+ - name: Create the client config dir(s)
+ file:
+ path: "~{{ item }}/.kube"
+ state: directory
+ mode: 0700
+ owner: "{{ item }}"
+ group: "{{ 'root' if item == 'root' else _ansible_ssh_user_gid.stdout }}"
+ with_items: "{{ client_users }}"
+ - name: Copy the admin client config(s)
+ copy:
+ src: "{{ openshift.common.config_base }}/master/admin.kubeconfig"
+ dest: "~{{ item }}/.kube/config"
+ remote_src: yes
+ with_items: "{{ client_users }}"
+ - name: Update the permissions on the admin client config(s)
+ file:
+ path: "~{{ item }}/.kube/config"
+ state: file
+ mode: 0700
+ owner: "{{ item }}"
+ group: "{{ 'root' if item == 'root' else _ansible_ssh_user_gid.stdout }}"
+ with_items: "{{ client_users }}"
+
+- import_playbook: restart.yml
+ # Do not restart masters when master or etcd certificates were previously expired.
+ when:
+ # masters
+ - ('expired' not in hostvars
+ | lib_utils_oo_select_keys(groups['oo_masters_to_config'])
+ | lib_utils_oo_collect('check_results.check_results.ocp_certs')
+ | lib_utils_oo_collect('health', {'path':hostvars[groups.oo_first_master.0].openshift.common.config_base ~ "/master/master.server.crt"}))
+ - ('expired' not in hostvars
+ | lib_utils_oo_select_keys(groups['oo_masters_to_config'])
+ | lib_utils_oo_collect('check_results.check_results.ocp_certs')
+ | lib_utils_oo_collect('health', {'path':hostvars[groups.oo_first_master.0].openshift.common.config_base ~ "/master/ca-bundle.crt"}))
+ # etcd
+ - ('expired' not in (hostvars
+ | lib_utils_oo_select_keys(groups['etcd'])
+ | lib_utils_oo_collect('check_results.check_results.etcd')
+ | lib_utils_oo_collect('health')))
+
+- name: Distribute OpenShift CA certificate to nodes
+ hosts: oo_nodes_to_config
+ vars:
+ openshift_ca_host: "{{ groups.oo_first_master.0 }}"
+ tasks:
+ - copy:
+ src: "{{ hostvars['localhost'].g_master_mktemp.stdout }}/ca-bundle.crt"
+ dest: "{{ openshift.common.config_base }}/node/ca.crt"
+ - name: Copy OpenShift CA to system CA trust
+ copy:
+ src: "{{ item.cert }}"
+ dest: "/etc/pki/ca-trust/source/anchors/{{ item.id }}-{{ item.cert | basename }}"
+ remote_src: yes
+ with_items:
+ - id: openshift
+ cert: "{{ openshift.common.config_base }}/node/ca.crt"
+ notify:
+ - update ca trust
+ - name: Update node client kubeconfig CA data
+ kubeclient_ca:
+ client_path: "{{ openshift.common.config_base }}/node/system:node:{{ openshift.common.hostname }}.kubeconfig"
+ ca_path: "{{ openshift.common.config_base }}/node/ca.crt"
+ handlers:
+ # Normally this handler would restart docker after updating ca
+ # trust. We'll do that when we restart nodes to avoid restarting
+ # docker on all nodes in parallel.
+ - name: update ca trust
+ command: update-ca-trust
+
+- name: Delete temporary directory on CA host
+ hosts: oo_first_master
+ tasks:
+ - file:
+ path: "{{ g_new_openshift_ca_mktemp.stdout }}"
+ state: absent
+
+- name: Delete temporary directory on localhost
+ hosts: localhost
+ connection: local
+ become: no
+ gather_facts: no
+ tasks:
+ - file:
+ name: "{{ g_master_mktemp.stdout }}"
+ state: absent
+ changed_when: false
+
+- import_playbook: ../../openshift-node/private/restart.yml
+ # Do not restart nodes when node, master or etcd certificates were previously expired.
+ when:
+ # nodes
+ - ('expired' not in hostvars
+ | lib_utils_oo_select_keys(groups['oo_nodes_to_config'])
+ | lib_utils_oo_collect('check_results.check_results.ocp_certs')
+ | lib_utils_oo_collect('health', {'path':hostvars[groups.oo_nodes_to_config.0].openshift.common.config_base ~ "/node/server.crt"}))
+ - ('expired' not in hostvars
+ | lib_utils_oo_select_keys(groups['oo_nodes_to_config'])
+ | lib_utils_oo_collect('check_results.check_results.ocp_certs')
+ | lib_utils_oo_collect('health', {'path':hostvars[groups.oo_nodes_to_config.0].openshift.common.config_base ~ "/node/ca.crt"}))
+ # masters
+ - ('expired' not in hostvars
+ | lib_utils_oo_select_keys(groups['oo_masters_to_config'])
+ | lib_utils_oo_collect('check_results.check_results.ocp_certs')
+ | lib_utils_oo_collect('health', {'path':hostvars[groups.oo_first_master.0].openshift.common.config_base ~ "/master/master.server.crt"}))
+ - ('expired' not in hostvars
+ | lib_utils_oo_select_keys(groups['oo_masters_to_config'])
+ | lib_utils_oo_collect('check_results.check_results.ocp_certs')
+ | lib_utils_oo_collect('health', {'path':hostvars[groups.oo_first_master.0].openshift.common.config_base ~ "/master/ca-bundle.crt"}))
+ # etcd
+ - ('expired' not in (hostvars
+ | lib_utils_oo_select_keys(groups['etcd'])
+ | lib_utils_oo_collect('check_results.check_results.etcd')
+ | lib_utils_oo_collect('health')))
diff --git a/playbooks/openshift-master/private/restart.yml b/playbooks/openshift-master/private/restart.yml
new file mode 100644
index 000000000..5cb284935
--- /dev/null
+++ b/playbooks/openshift-master/private/restart.yml
@@ -0,0 +1,18 @@
+---
+- import_playbook: validate_restart.yml
+
+- name: Restart masters
+ hosts: oo_masters_to_config
+ vars:
+ openshift_master_ha: "{{ groups.oo_masters_to_config | length > 1 }}"
+ serial: 1
+ handlers:
+ - import_tasks: ../../../roles/openshift_master/handlers/main.yml
+ roles:
+ - openshift_facts
+ post_tasks:
+ - include_tasks: tasks/restart_hosts.yml
+ when: openshift_rolling_restart_mode | default('services') == 'system'
+
+ - include_tasks: tasks/restart_services.yml
+ when: openshift_rolling_restart_mode | default('services') == 'services'
diff --git a/playbooks/openshift-master/private/revert-client-ca.yml b/playbooks/openshift-master/private/revert-client-ca.yml
new file mode 100644
index 000000000..9ae23bf5b
--- /dev/null
+++ b/playbooks/openshift-master/private/revert-client-ca.yml
@@ -0,0 +1,17 @@
+---
+- name: Set servingInfo.clientCA = ca.crt in master config
+ hosts: oo_masters_to_config
+ tasks:
+ - name: Read master config
+ slurp:
+ src: "{{ openshift.common.config_base }}/master/master-config.yaml"
+ register: g_master_config_output
+
+ # servingInfo.clientCA may be set as the client-ca-bundle.crt from
+ # CA redeployment and this task reverts that change.
+ - name: Set servingInfo.clientCA = ca.crt in master config
+ modify_yaml:
+ dest: "{{ openshift.common.config_base }}/master/master-config.yaml"
+ yaml_key: servingInfo.clientCA
+ yaml_value: ca.crt
+ when: (g_master_config_output.content|b64decode|from_yaml).servingInfo.clientCA != 'ca.crt'
diff --git a/playbooks/common/openshift-glusterfs/roles b/playbooks/openshift-master/private/roles
index e2b799b9d..e2b799b9d 120000
--- a/playbooks/common/openshift-glusterfs/roles
+++ b/playbooks/openshift-master/private/roles
diff --git a/playbooks/openshift-master/private/scaleup.yml b/playbooks/openshift-master/private/scaleup.yml
new file mode 100644
index 000000000..007b23ea3
--- /dev/null
+++ b/playbooks/openshift-master/private/scaleup.yml
@@ -0,0 +1,57 @@
+---
+- name: Update master count
+ hosts: oo_masters:!oo_masters_to_config
+ serial: 1
+ roles:
+ - openshift_facts
+ post_tasks:
+ - openshift_facts:
+ role: master
+ local_facts:
+ ha: "{{ openshift_master_ha | default(groups.oo_masters | length > 1) }}"
+ master_count: "{{ openshift_master_count | default(groups.oo_masters | length) }}"
+ - name: Update master count
+ modify_yaml:
+ dest: "{{ openshift.common.config_base}}/master/master-config.yaml"
+ yaml_key: 'kubernetesMasterConfig.masterCount'
+ yaml_value: "{{ openshift.master.master_count }}"
+ notify:
+ - restart master api
+ - restart master controllers
+ handlers:
+ - name: restart master api
+ service: name={{ openshift_service_type }}-master-controllers state=restarted
+ notify: verify api server
+ # We retry the controllers because the API may not be 100% initialized yet.
+ - name: restart master controllers
+ command: "systemctl restart {{ openshift_service_type }}-master-controllers"
+ retries: 3
+ delay: 5
+ register: result
+ until: result.rc == 0
+ - name: verify api server
+ command: >
+ curl --silent --tlsv1.2
+ --cacert {{ openshift.common.config_base }}/master/ca-bundle.crt
+ {{ openshift.master.api_url }}/healthz/ready
+ args:
+ # Disables the following warning:
+ # Consider using get_url or uri module rather than running curl
+ warn: no
+ register: api_available_output
+ until: api_available_output.stdout == 'ok'
+ retries: 120
+ delay: 1
+ changed_when: false
+
+- import_playbook: set_network_facts.yml
+
+- import_playbook: ../../openshift-etcd/private/certificates.yml
+
+- import_playbook: config.yml
+
+- import_playbook: ../../openshift-loadbalancer/private/config.yml
+
+- import_playbook: ../../openshift-node/private/certificates.yml
+
+- import_playbook: ../../openshift-node/private/config.yml
diff --git a/playbooks/common/openshift-master/set_network_facts.yml b/playbooks/openshift-master/private/set_network_facts.yml
index 9a6cf26fc..9a6cf26fc 100644
--- a/playbooks/common/openshift-master/set_network_facts.yml
+++ b/playbooks/openshift-master/private/set_network_facts.yml
diff --git a/playbooks/common/openshift-master/restart_hosts.yml b/playbooks/openshift-master/private/tasks/restart_hosts.yml
index a5dbe0590..a5dbe0590 100644
--- a/playbooks/common/openshift-master/restart_hosts.yml
+++ b/playbooks/openshift-master/private/tasks/restart_hosts.yml
diff --git a/playbooks/openshift-master/private/tasks/restart_services.yml b/playbooks/openshift-master/private/tasks/restart_services.yml
new file mode 100644
index 000000000..4e1b3a3be
--- /dev/null
+++ b/playbooks/openshift-master/private/tasks/restart_services.yml
@@ -0,0 +1,4 @@
+---
+- include_role:
+ name: openshift_master
+ tasks_from: restart.yml
diff --git a/playbooks/openshift-master/private/tasks/wire_aggregator.yml b/playbooks/openshift-master/private/tasks/wire_aggregator.yml
new file mode 100644
index 000000000..4f55d5c82
--- /dev/null
+++ b/playbooks/openshift-master/private/tasks/wire_aggregator.yml
@@ -0,0 +1,214 @@
+---
+- name: Make temp cert dir
+ command: mktemp -d /tmp/openshift-service-catalog-ansible-XXXXXX
+ register: certtemp
+ changed_when: False
+
+- name: Check for First Master Aggregator Signer cert
+ stat:
+ path: /etc/origin/master/front-proxy-ca.crt
+ register: first_proxy_ca_crt
+ changed_when: false
+ delegate_to: "{{ groups.oo_first_master.0 }}"
+
+- name: Check for First Master Aggregator Signer key
+ stat:
+ path: /etc/origin/master/front-proxy-ca.crt
+ register: first_proxy_ca_key
+ changed_when: false
+ delegate_to: "{{ groups.oo_first_master.0 }}"
+
+# TODO: this currently has a bug where hostnames are required
+- name: Creating First Master Aggregator signer certs
+ command: >
+ {{ hostvars[groups.oo_first_master.0].openshift.common.client_binary }} adm ca create-signer-cert
+ --cert=/etc/origin/master/front-proxy-ca.crt
+ --key=/etc/origin/master/front-proxy-ca.key
+ --serial=/etc/origin/master/ca.serial.txt
+ delegate_to: "{{ groups.oo_first_master.0 }}"
+ when:
+ - not first_proxy_ca_crt.stat.exists
+ - not first_proxy_ca_key.stat.exists
+
+- name: Check for Aggregator Signer cert
+ stat:
+ path: /etc/origin/master/front-proxy-ca.crt
+ register: proxy_ca_crt
+ changed_when: false
+
+- name: Check for Aggregator Signer key
+ stat:
+ path: /etc/origin/master/front-proxy-ca.crt
+ register: proxy_ca_key
+ changed_when: false
+
+- name: Copy Aggregator Signer certs from first master
+ fetch:
+ src: "/etc/origin/master/{{ item }}"
+ dest: "{{ certtemp.stdout }}/{{ item }}"
+ flat: yes
+ with_items:
+ - front-proxy-ca.crt
+ - front-proxy-ca.key
+ delegate_to: "{{ groups.oo_first_master.0 }}"
+ when:
+ - not proxy_ca_key.stat.exists
+ - not proxy_ca_crt.stat.exists
+
+- name: Copy Aggregator Signer certs to host
+ copy:
+ src: "{{ certtemp.stdout }}/{{ item }}"
+ dest: "/etc/origin/master/{{ item }}"
+ with_items:
+ - front-proxy-ca.crt
+ - front-proxy-ca.key
+ when:
+ - not proxy_ca_key.stat.exists
+ - not proxy_ca_crt.stat.exists
+
+# oc_adm_ca_server_cert:
+# cert: /etc/origin/master/front-proxy-ca.crt
+# key: /etc/origin/master/front-proxy-ca.key
+
+- name: Check for first master api-client config
+ stat:
+ path: /etc/origin/master/aggregator-front-proxy.kubeconfig
+ register: first_front_proxy_kubeconfig
+ delegate_to: "{{ groups.oo_first_master.0 }}"
+ run_once: true
+
+# create-api-client-config generates a ca.crt file which will
+# overwrite the OpenShift CA certificate. Generate the aggregator
+# kubeconfig in a temporary directory and then copy files into the
+# master config dir to avoid overwriting ca.crt.
+- block:
+ - name: Create first master api-client config for Aggregator
+ command: >
+ {{ hostvars[groups.oo_first_master.0].openshift.common.client_binary }} adm create-api-client-config
+ --certificate-authority=/etc/origin/master/front-proxy-ca.crt
+ --signer-cert=/etc/origin/master/front-proxy-ca.crt
+ --signer-key=/etc/origin/master/front-proxy-ca.key
+ --user aggregator-front-proxy
+ --client-dir={{ certtemp.stdout }}
+ --signer-serial=/etc/origin/master/ca.serial.txt
+ delegate_to: "{{ groups.oo_first_master.0 }}"
+ run_once: true
+ - name: Copy first master api-client config for Aggregator
+ copy:
+ src: "{{ certtemp.stdout }}/{{ item }}"
+ dest: "/etc/origin/master/"
+ remote_src: true
+ with_items:
+ - aggregator-front-proxy.crt
+ - aggregator-front-proxy.key
+ - aggregator-front-proxy.kubeconfig
+ delegate_to: "{{ groups.oo_first_master.0 }}"
+ run_once: true
+ when:
+ - not first_front_proxy_kubeconfig.stat.exists
+
+- name: Check for api-client config
+ stat:
+ path: /etc/origin/master/aggregator-front-proxy.kubeconfig
+ register: front_proxy_kubeconfig
+
+- name: Copy api-client config from first master
+ fetch:
+ src: "/etc/origin/master/{{ item }}"
+ dest: "{{ certtemp.stdout }}/{{ item }}"
+ flat: yes
+ delegate_to: "{{ groups.oo_first_master.0 }}"
+ with_items:
+ - aggregator-front-proxy.crt
+ - aggregator-front-proxy.key
+ - aggregator-front-proxy.kubeconfig
+ when:
+ - not front_proxy_kubeconfig.stat.exists
+
+- name: Copy api-client config to host
+ copy:
+ src: "{{ certtemp.stdout }}/{{ item }}"
+ dest: "/etc/origin/master/{{ item }}"
+ with_items:
+ - aggregator-front-proxy.crt
+ - aggregator-front-proxy.key
+ - aggregator-front-proxy.kubeconfig
+ when:
+ - not front_proxy_kubeconfig.stat.exists
+
+- name: Delete temp directory
+ file:
+ name: "{{ certtemp.stdout }}"
+ state: absent
+ changed_when: False
+
+- name: Setup extension file for service console UI
+ template:
+ src: ../templates/openshift-ansible-catalog-console.js
+ dest: /etc/origin/master/openshift-ansible-catalog-console.js
+
+- name: Update master config
+ yedit:
+ state: present
+ src: /etc/origin/master/master-config.yaml
+ edits:
+ - key: aggregatorConfig.proxyClientInfo.certFile
+ value: aggregator-front-proxy.crt
+ - key: aggregatorConfig.proxyClientInfo.keyFile
+ value: aggregator-front-proxy.key
+ - key: authConfig.requestHeader.clientCA
+ value: front-proxy-ca.crt
+ - key: authConfig.requestHeader.clientCommonNames
+ value: [aggregator-front-proxy]
+ - key: authConfig.requestHeader.usernameHeaders
+ value: [X-Remote-User]
+ - key: authConfig.requestHeader.groupHeaders
+ value: [X-Remote-Group]
+ - key: authConfig.requestHeader.extraHeaderPrefixes
+ value: [X-Remote-Extra-]
+ - key: assetConfig.extensionScripts
+ value: [/etc/origin/master/openshift-ansible-catalog-console.js]
+ - key: kubernetesMasterConfig.apiServerArguments.runtime-config
+ value: [apis/settings.k8s.io/v1alpha1=true]
+ - key: admissionConfig.pluginConfig.PodPreset.configuration.kind
+ value: DefaultAdmissionConfig
+ - key: admissionConfig.pluginConfig.PodPreset.configuration.apiVersion
+ value: v1
+ - key: admissionConfig.pluginConfig.PodPreset.configuration.disable
+ value: false
+ register: yedit_output
+
+#restart master serially here
+- name: restart master api
+ systemd: name={{ openshift_service_type }}-master-api state=restarted
+ when:
+ - yedit_output.changed
+
+# We retry the controllers because the API may not be 100% initialized yet.
+- name: restart master controllers
+ command: "systemctl restart {{ openshift_service_type }}-master-controllers"
+ retries: 3
+ delay: 5
+ register: result
+ until: result.rc == 0
+ when:
+ - yedit_output.changed
+
+- name: Verify API Server
+ # Using curl here since the uri module requires python-httplib2 and
+ # wait_for port doesn't provide health information.
+ command: >
+ curl --silent --tlsv1.2
+ --cacert {{ openshift.common.config_base }}/master/ca-bundle.crt
+ {{ openshift.master.api_url }}/healthz/ready
+ args:
+ # Disables the following warning:
+ # Consider using get_url or uri module rather than running curl
+ warn: no
+ register: api_available_output
+ until: api_available_output.stdout == 'ok'
+ retries: 120
+ delay: 1
+ changed_when: false
+ when:
+ - yedit_output.changed
diff --git a/playbooks/openshift-master/private/templates/openshift-ansible-catalog-console.js b/playbooks/openshift-master/private/templates/openshift-ansible-catalog-console.js
new file mode 100644
index 000000000..fd02325ba
--- /dev/null
+++ b/playbooks/openshift-master/private/templates/openshift-ansible-catalog-console.js
@@ -0,0 +1 @@
+window.OPENSHIFT_CONSTANTS.TEMPLATE_SERVICE_BROKER_ENABLED = {{ 'true' if (template_service_broker_install | default(True)) else 'false' }};
diff --git a/playbooks/openshift-master/private/validate_restart.yml b/playbooks/openshift-master/private/validate_restart.yml
new file mode 100644
index 000000000..1077d0b9c
--- /dev/null
+++ b/playbooks/openshift-master/private/validate_restart.yml
@@ -0,0 +1,62 @@
+---
+- name: Validate configuration for rolling restart
+ hosts: oo_masters_to_config
+ roles:
+ - openshift_facts
+ tasks:
+ - fail:
+ msg: "openshift_rolling_restart_mode must be set to either 'services' or 'system'"
+ when: openshift_rolling_restart_mode is defined and openshift_rolling_restart_mode not in ["services", "system"]
+ - openshift_facts:
+ role: "{{ item.role }}"
+ local_facts: "{{ item.local_facts }}"
+ with_items:
+ - role: common
+ local_facts:
+ rolling_restart_mode: "{{ openshift_rolling_restart_mode | default('services') }}"
+
+# Creating a temp file on localhost, we then check each system that will
+# be rebooted to see if that file exists, if so we know we're running
+# ansible on a machine that needs a reboot, and we need to error out.
+- name: Create temp file on localhost
+ hosts: localhost
+ connection: local
+ become: no
+ gather_facts: no
+ tasks:
+ - local_action: command mktemp
+ register: mktemp
+ changed_when: false
+
+- name: Check if temp file exists on any masters
+ hosts: oo_masters_to_config
+ tasks:
+ - stat: path="{{ hostvars.localhost.mktemp.stdout }}"
+ register: exists
+ changed_when: false
+
+- name: Cleanup temp file on localhost
+ hosts: localhost
+ connection: local
+ become: no
+ gather_facts: no
+ tasks:
+ - file: path="{{ hostvars.localhost.mktemp.stdout }}" state=absent
+ changed_when: false
+
+- name: Warn if restarting the system where ansible is running
+ hosts: oo_masters_to_config
+ tasks:
+ - pause:
+ prompt: >
+ Warning: Running playbook from a host that will be restarted!
+ Press CTRL+C and A to abort playbook execution. You may
+ continue by pressing ENTER but the playbook will stop
+ executing after this system has been restarted and services
+ must be verified manually. To only restart services, set
+ openshift_master_rolling_restart_mode=services in host
+ inventory and relaunch the playbook.
+ when: exists.stat.exists and openshift.common.rolling_restart_mode == 'system'
+ - set_fact:
+ current_host: "{{ exists.stat.exists }}"
+ when: openshift.common.rolling_restart_mode == 'system'
diff --git a/playbooks/openshift-master/redeploy-certificates.yml b/playbooks/openshift-master/redeploy-certificates.yml
new file mode 100644
index 000000000..8b7272485
--- /dev/null
+++ b/playbooks/openshift-master/redeploy-certificates.yml
@@ -0,0 +1,6 @@
+---
+- import_playbook: ../init/main.yml
+
+- import_playbook: private/redeploy-certificates.yml
+
+- import_playbook: private/restart.yml
diff --git a/playbooks/openshift-master/redeploy-openshift-ca.yml b/playbooks/openshift-master/redeploy-openshift-ca.yml
new file mode 100644
index 000000000..27f4e6b7d
--- /dev/null
+++ b/playbooks/openshift-master/redeploy-openshift-ca.yml
@@ -0,0 +1,4 @@
+---
+- import_playbook: ../init/main.yml
+
+- import_playbook: private/redeploy-openshift-ca.yml
diff --git a/playbooks/openshift-master/restart.yml b/playbooks/openshift-master/restart.yml
new file mode 100644
index 000000000..041c1384d
--- /dev/null
+++ b/playbooks/openshift-master/restart.yml
@@ -0,0 +1,4 @@
+---
+- import_playbook: ../init/main.yml
+
+- import_playbook: private/restart.yml
diff --git a/playbooks/openshift-master/scaleup.yml b/playbooks/openshift-master/scaleup.yml
new file mode 100644
index 000000000..f717cd0e9
--- /dev/null
+++ b/playbooks/openshift-master/scaleup.yml
@@ -0,0 +1,23 @@
+---
+- import_playbook: ../init/evaluate_groups.yml
+
+- name: Ensure there are new_masters or new_nodes
+ hosts: localhost
+ connection: local
+ become: no
+ gather_facts: no
+ tasks:
+ - fail:
+ msg: >
+ Detected no new_masters or no new_nodes in inventory. Please
+ add hosts to the new_masters and new_nodes host groups to add
+ masters.
+ when:
+ - g_new_master_hosts | default([]) | length == 0
+ - g_new_node_hosts | default([]) | length == 0
+
+# Need a better way to do the above check for node without
+# running evaluate_groups and init/main.yml
+- import_playbook: ../init/main.yml
+
+- import_playbook: private/scaleup.yml
diff --git a/playbooks/openshift-metrics/config.yml b/playbooks/openshift-metrics/config.yml
new file mode 100644
index 000000000..c7814207c
--- /dev/null
+++ b/playbooks/openshift-metrics/config.yml
@@ -0,0 +1,4 @@
+---
+- import_playbook: ../init/main.yml
+
+- import_playbook: private/config.yml
diff --git a/playbooks/openshift-metrics/private/config.yml b/playbooks/openshift-metrics/private/config.yml
new file mode 100644
index 000000000..80cd93e5f
--- /dev/null
+++ b/playbooks/openshift-metrics/private/config.yml
@@ -0,0 +1,38 @@
+---
+- name: Metrics Install Checkpoint Start
+ hosts: all
+ gather_facts: false
+ tasks:
+ - name: Set Metrics install 'In Progress'
+ run_once: true
+ set_stats:
+ data:
+ installer_phase_metrics:
+ status: "In Progress"
+ start: "{{ lookup('pipe', 'date +%Y%m%d%H%M%SZ') }}"
+
+- name: OpenShift Metrics
+ hosts: oo_first_master
+ roles:
+ - role: openshift_metrics
+
+- name: OpenShift Metrics
+ hosts: oo_masters:!oo_first_master
+ serial: 1
+ tasks:
+ - name: Setup the non-first masters configs
+ include_role:
+ name: openshift_metrics
+ tasks_from: update_master_config.yaml
+
+- name: Metrics Install Checkpoint End
+ hosts: all
+ gather_facts: false
+ tasks:
+ - name: Set Metrics install 'Complete'
+ run_once: true
+ set_stats:
+ data:
+ installer_phase_metrics:
+ status: "Complete"
+ end: "{{ lookup('pipe', 'date +%Y%m%d%H%M%SZ') }}"
diff --git a/playbooks/common/openshift-management/roles b/playbooks/openshift-metrics/private/roles
index 20c4c58cf..20c4c58cf 120000
--- a/playbooks/common/openshift-management/roles
+++ b/playbooks/openshift-metrics/private/roles
diff --git a/playbooks/openshift-nfs/config.yml b/playbooks/openshift-nfs/config.yml
new file mode 100644
index 000000000..c7814207c
--- /dev/null
+++ b/playbooks/openshift-nfs/config.yml
@@ -0,0 +1,4 @@
+---
+- import_playbook: ../init/main.yml
+
+- import_playbook: private/config.yml
diff --git a/playbooks/openshift-nfs/private/config.yml b/playbooks/openshift-nfs/private/config.yml
new file mode 100644
index 000000000..3625efcc6
--- /dev/null
+++ b/playbooks/openshift-nfs/private/config.yml
@@ -0,0 +1,29 @@
+---
+- name: NFS Install Checkpoint Start
+ hosts: all
+ gather_facts: false
+ tasks:
+ - name: Set NFS install 'In Progress'
+ run_once: true
+ set_stats:
+ data:
+ installer_phase_nfs:
+ status: "In Progress"
+ start: "{{ lookup('pipe', 'date +%Y%m%d%H%M%SZ') }}"
+
+- name: Configure nfs
+ hosts: oo_nfs_to_config
+ roles:
+ - role: openshift_storage_nfs
+
+- name: NFS Install Checkpoint End
+ hosts: all
+ gather_facts: false
+ tasks:
+ - name: Set NFS install 'Complete'
+ run_once: true
+ set_stats:
+ data:
+ installer_phase_nfs:
+ status: "Complete"
+ end: "{{ lookup('pipe', 'date +%Y%m%d%H%M%SZ') }}"
diff --git a/playbooks/common/openshift-loadbalancer/roles b/playbooks/openshift-nfs/private/roles
index e2b799b9d..e2b799b9d 120000
--- a/playbooks/common/openshift-loadbalancer/roles
+++ b/playbooks/openshift-nfs/private/roles
diff --git a/playbooks/openshift-node/certificates.yml b/playbooks/openshift-node/certificates.yml
new file mode 100644
index 000000000..7ae87c09a
--- /dev/null
+++ b/playbooks/openshift-node/certificates.yml
@@ -0,0 +1,4 @@
+---
+- import_playbook: ../init/main.yml
+
+- import_playbook: private/certificates.yml
diff --git a/playbooks/openshift-node/config.yml b/playbooks/openshift-node/config.yml
new file mode 100644
index 000000000..c7814207c
--- /dev/null
+++ b/playbooks/openshift-node/config.yml
@@ -0,0 +1,4 @@
+---
+- import_playbook: ../init/main.yml
+
+- import_playbook: private/config.yml
diff --git a/playbooks/openshift-node/network_manager.yml b/playbooks/openshift-node/network_manager.yml
new file mode 100644
index 000000000..88a93952d
--- /dev/null
+++ b/playbooks/openshift-node/network_manager.yml
@@ -0,0 +1,4 @@
+---
+- import_playbook: ../init/evaluate_groups.yml
+
+- import_playbook: private/network_manager.yml
diff --git a/playbooks/openshift-node/private/additional_config.yml b/playbooks/openshift-node/private/additional_config.yml
new file mode 100644
index 000000000..b86cb3cc2
--- /dev/null
+++ b/playbooks/openshift-node/private/additional_config.yml
@@ -0,0 +1,63 @@
+---
+- name: create additional node network plugin groups
+ hosts: "{{ openshift_node_scale_up_group | default('oo_nodes_to_config') }}"
+ tasks:
+ # Creating these node groups will prevent a ton of skipped tasks.
+ # Create group for flannel nodes
+ - group_by:
+ key: oo_nodes_use_{{ (openshift_use_flannel | default(False)) | ternary('flannel','nothing') }}
+ changed_when: False
+ # Create group for calico nodes
+ - group_by:
+ key: oo_nodes_use_{{ (openshift_use_calico | default(False)) | ternary('calico','nothing') }}
+ changed_when: False
+ # Create group for nuage nodes
+ - group_by:
+ key: oo_nodes_use_{{ (openshift_use_nuage | default(False)) | ternary('nuage','nothing') }}
+ changed_when: False
+ # Create group for contiv nodes
+ - group_by:
+ key: oo_nodes_use_{{ (openshift_use_contiv | default(False)) | ternary('contiv','nothing') }}
+ changed_when: False
+ # Create group for kuryr nodes
+ - group_by:
+ key: oo_nodes_use_{{ (openshift_use_kuryr | default(False)) | ternary('kuryr','nothing') }}
+ changed_when: False
+
+- import_playbook: etcd_client_config.yml
+ vars:
+ openshift_node_scale_up_group: "oo_nodes_use_flannel:oo_nodes_use_calico:oo_nodes_use_contiv:oo_nodes_use_kuryr"
+
+- name: Additional node config
+ hosts: oo_nodes_use_flannel
+ roles:
+ - role: flannel
+ etcd_urls: "{{ hostvars[groups.oo_first_master.0].openshift.master.etcd_urls }}"
+ when: openshift_use_flannel | default(false) | bool
+
+- name: Additional node config
+ hosts: oo_nodes_use_calico
+ roles:
+ - role: calico
+ when: openshift_use_calico | default(false) | bool
+
+- name: Additional node config
+ hosts: oo_nodes_use_nuage
+ roles:
+ - role: nuage_node
+ when: openshift_use_nuage | default(false) | bool
+
+- name: Additional node config
+ hosts: oo_nodes_use_contiv
+ roles:
+ - role: contiv
+ contiv_role: netplugin
+ when: openshift_use_contiv | default(false) | bool
+
+- name: Configure Kuryr node
+ hosts: oo_nodes_use_kuryr
+ tasks:
+ - include_role:
+ name: kuryr
+ tasks_from: node
+ when: openshift_use_kuryr | default(false) | bool
diff --git a/playbooks/common/openshift-cluster/redeploy-certificates/nodes-backup.yml b/playbooks/openshift-node/private/certificates-backup.yml
index 2ad84b3b9..2ad84b3b9 100644
--- a/playbooks/common/openshift-cluster/redeploy-certificates/nodes-backup.yml
+++ b/playbooks/openshift-node/private/certificates-backup.yml
diff --git a/playbooks/common/openshift-node/certificates.yml b/playbooks/openshift-node/private/certificates.yml
index 908885ee6..908885ee6 100644
--- a/playbooks/common/openshift-node/certificates.yml
+++ b/playbooks/openshift-node/private/certificates.yml
diff --git a/playbooks/common/openshift-node/clean_image.yml b/playbooks/openshift-node/private/clean_image.yml
index 38753d0af..38753d0af 100644
--- a/playbooks/common/openshift-node/clean_image.yml
+++ b/playbooks/openshift-node/private/clean_image.yml
diff --git a/playbooks/openshift-node/private/config.yml b/playbooks/openshift-node/private/config.yml
new file mode 100644
index 000000000..300a90371
--- /dev/null
+++ b/playbooks/openshift-node/private/config.yml
@@ -0,0 +1,38 @@
+---
+- name: Node Install Checkpoint Start
+ hosts: all
+ gather_facts: false
+ tasks:
+ - name: Set Node install 'In Progress'
+ run_once: true
+ set_stats:
+ data:
+ installer_phase_node:
+ status: "In Progress"
+ start: "{{ lookup('pipe', 'date +%Y%m%d%H%M%SZ') }}"
+
+- import_playbook: certificates.yml
+
+- import_playbook: setup.yml
+
+- import_playbook: containerized_nodes.yml
+
+- import_playbook: configure_nodes.yml
+
+- import_playbook: additional_config.yml
+
+- import_playbook: manage_node.yml
+
+- import_playbook: enable_excluders.yml
+
+- name: Node Install Checkpoint End
+ hosts: all
+ gather_facts: false
+ tasks:
+ - name: Set Node install 'Complete'
+ run_once: true
+ set_stats:
+ data:
+ installer_phase_node:
+ status: "Complete"
+ end: "{{ lookup('pipe', 'date +%Y%m%d%H%M%SZ') }}"
diff --git a/playbooks/openshift-node/private/configure_nodes.yml b/playbooks/openshift-node/private/configure_nodes.yml
new file mode 100644
index 000000000..548ff7c4f
--- /dev/null
+++ b/playbooks/openshift-node/private/configure_nodes.yml
@@ -0,0 +1,16 @@
+---
+- name: Configure nodes
+ hosts: oo_nodes_to_config:!oo_containerized_master_nodes
+ vars:
+ openshift_node_master_api_url: "{{ hostvars[groups.oo_first_master.0].openshift.master.api_url }}"
+ openshift_node_first_master_ip: "{{ hostvars[groups.oo_first_master.0].openshift.common.ip }}"
+ openshift_no_proxy_internal_hostnames: "{{ hostvars | lib_utils_oo_select_keys(groups['oo_nodes_to_config']
+ | union(groups['oo_masters_to_config'])
+ | union(groups['oo_etcd_to_config'] | default([])))
+ | lib_utils_oo_collect('openshift.common.hostname') | default([]) | join (',')
+ }}"
+ roles:
+ - role: openshift_clock
+ - role: openshift_node
+ - role: tuned
+ - role: nickhammond.logrotate
diff --git a/playbooks/openshift-node/private/containerized_nodes.yml b/playbooks/openshift-node/private/containerized_nodes.yml
new file mode 100644
index 000000000..dc68d7585
--- /dev/null
+++ b/playbooks/openshift-node/private/containerized_nodes.yml
@@ -0,0 +1,18 @@
+---
+- name: Configure containerized nodes
+ hosts: oo_containerized_master_nodes
+ serial: 1
+ vars:
+ openshift_node_master_api_url: "{{ hostvars[groups.oo_first_master.0].openshift.master.api_url }}"
+ openshift_node_first_master_ip: "{{ hostvars[groups.oo_first_master.0].openshift.common.ip }}"
+ openshift_no_proxy_internal_hostnames: "{{ hostvars | lib_utils_oo_select_keys(groups['oo_nodes_to_config']
+ | union(groups['oo_masters_to_config'])
+ | union(groups['oo_etcd_to_config'] | default([])))
+ | lib_utils_oo_collect('openshift.common.hostname') | default([]) | join (',')
+ }}"
+
+ roles:
+ - role: openshift_clock
+ - role: openshift_node
+ openshift_ca_host: "{{ groups.oo_first_master.0 }}"
+ - role: nickhammond.logrotate
diff --git a/playbooks/openshift-node/private/enable_excluders.yml b/playbooks/openshift-node/private/enable_excluders.yml
new file mode 100644
index 000000000..30713e694
--- /dev/null
+++ b/playbooks/openshift-node/private/enable_excluders.yml
@@ -0,0 +1,7 @@
+---
+- name: Re-enable excluder if it was previously enabled
+ hosts: oo_nodes_to_config
+ gather_facts: no
+ roles:
+ - role: openshift_excluder
+ r_openshift_excluder_action: enable
diff --git a/playbooks/common/openshift-node/etcd_client_config.yml b/playbooks/openshift-node/private/etcd_client_config.yml
index c3fa38a81..c3fa38a81 100644
--- a/playbooks/common/openshift-node/etcd_client_config.yml
+++ b/playbooks/openshift-node/private/etcd_client_config.yml
diff --git a/playbooks/openshift-node/private/image_prep.yml b/playbooks/openshift-node/private/image_prep.yml
new file mode 100644
index 000000000..6b517197d
--- /dev/null
+++ b/playbooks/openshift-node/private/image_prep.yml
@@ -0,0 +1,19 @@
+---
+- name: normalize groups
+ import_playbook: ../../prerequisites.yml
+ vars:
+ skip_version: True
+ skip_sanity_checks: True
+ skip_validate_hostnames: True
+
+- name: run node config setup
+ import_playbook: setup.yml
+
+- name: run node config
+ import_playbook: configure_nodes.yml
+
+- name: Re-enable excluders
+ import_playbook: enable_excluders.yml
+
+- name: Remove any undesired artifacts from build
+ import_playbook: clean_image.yml
diff --git a/playbooks/openshift-node/private/manage_node.yml b/playbooks/openshift-node/private/manage_node.yml
new file mode 100644
index 000000000..121c54a3d
--- /dev/null
+++ b/playbooks/openshift-node/private/manage_node.yml
@@ -0,0 +1,13 @@
+---
+- name: Additional node config
+ hosts: "{{ openshift_node_scale_up_group | default('oo_nodes_to_config') }}"
+ vars:
+ openshift_node_master_api_url: "{{ hostvars[groups.oo_first_master.0].openshift.master.api_url }}"
+ roles:
+ - role: openshift_manage_node
+ openshift_master_host: "{{ groups.oo_first_master.0 }}"
+ openshift_manage_node_is_master: "{{ ('oo_masters_to_config' in group_names) | bool }}"
+ tasks:
+ - name: Create group for deployment type
+ group_by: key=oo_nodes_deployment_type_{{ openshift.common.deployment_type }}
+ changed_when: False
diff --git a/playbooks/openshift-node/private/network_manager.yml b/playbooks/openshift-node/private/network_manager.yml
new file mode 100644
index 000000000..2638c5223
--- /dev/null
+++ b/playbooks/openshift-node/private/network_manager.yml
@@ -0,0 +1,28 @@
+---
+- name: Install and configure NetworkManager
+ hosts: oo_all_hosts
+ become: yes
+ tasks:
+ - name: install NetworkManager
+ package:
+ name: 'NetworkManager'
+ state: present
+ register: result
+ until: result is succeeded
+
+ - name: configure NetworkManager
+ lineinfile:
+ dest: "/etc/sysconfig/network-scripts/ifcfg-{{ ansible_default_ipv4['interface'] }}"
+ regexp: '^{{ item }}='
+ line: '{{ item }}=yes'
+ state: present
+ create: yes
+ with_items:
+ - 'USE_PEERDNS'
+ - 'NM_CONTROLLED'
+
+ - name: enable and start NetworkManager
+ service:
+ name: 'NetworkManager'
+ state: started
+ enabled: yes
diff --git a/playbooks/openshift-node/private/redeploy-certificates.yml b/playbooks/openshift-node/private/redeploy-certificates.yml
new file mode 100644
index 000000000..c0f75ae80
--- /dev/null
+++ b/playbooks/openshift-node/private/redeploy-certificates.yml
@@ -0,0 +1,6 @@
+---
+- import_playbook: certificates-backup.yml
+
+- import_playbook: certificates.yml
+ vars:
+ openshift_certificates_redeploy: true
diff --git a/playbooks/openshift-node/private/restart.yml b/playbooks/openshift-node/private/restart.yml
new file mode 100644
index 000000000..c2092b23c
--- /dev/null
+++ b/playbooks/openshift-node/private/restart.yml
@@ -0,0 +1,58 @@
+---
+- name: Restart nodes
+ hosts: oo_nodes_to_config
+ serial: "{{ openshift_restart_nodes_serial | default(1) }}"
+
+ roles:
+ - lib_openshift
+ - openshift_facts
+
+ tasks:
+ - name: Restart docker
+ service:
+ name: docker
+ state: restarted
+ register: l_docker_restart_docker_in_node_result
+ until: not (l_docker_restart_docker_in_node_result is failed)
+ retries: 3
+ delay: 30
+
+ - name: Restart containerized services
+ service:
+ name: "{{ item }}"
+ state: started
+ with_items:
+ - etcd_container
+ - openvswitch
+ - "{{ openshift_service_type }}-master-api"
+ - "{{ openshift_service_type }}-master-controllers"
+ - "{{ openshift_service_type }}-node"
+ failed_when: false
+ when: openshift.common.is_containerized | bool
+
+ - name: Wait for master API to come back online
+ wait_for:
+ host: "{{ openshift.common.hostname }}"
+ state: started
+ delay: 10
+ port: "{{ openshift.master.api_port }}"
+ timeout: 600
+ when: inventory_hostname in groups.oo_masters_to_config
+
+ - name: restart node
+ service:
+ name: "{{ openshift_service_type }}-node"
+ state: restarted
+
+ - name: Wait for node to be ready
+ oc_obj:
+ state: list
+ kind: node
+ name: "{{ openshift.common.hostname | lower }}"
+ register: node_output
+ delegate_to: "{{ groups.oo_first_master.0 }}"
+ when: inventory_hostname in groups.oo_nodes_to_config
+ until: node_output.results.returncode == 0 and node_output.results.results[0].status.conditions | selectattr('type', 'match', '^Ready$') | map(attribute='status') | join | bool == True
+ # Give the node two minutes to come back online.
+ retries: 24
+ delay: 5
diff --git a/playbooks/common/openshift-master/roles b/playbooks/openshift-node/private/roles
index e2b799b9d..e2b799b9d 120000
--- a/playbooks/common/openshift-master/roles
+++ b/playbooks/openshift-node/private/roles
diff --git a/playbooks/openshift-node/private/setup.yml b/playbooks/openshift-node/private/setup.yml
new file mode 100644
index 000000000..541913aef
--- /dev/null
+++ b/playbooks/openshift-node/private/setup.yml
@@ -0,0 +1,26 @@
+---
+- name: Disable excluders
+ hosts: oo_nodes_to_config
+ gather_facts: no
+ roles:
+ - role: openshift_excluder
+ r_openshift_excluder_action: disable
+
+- name: Evaluate node groups
+ hosts: localhost
+ become: no
+ connection: local
+ tasks:
+ - name: Evaluate oo_containerized_master_nodes
+ add_host:
+ name: "{{ item }}"
+ groups: oo_containerized_master_nodes
+ ansible_ssh_user: "{{ g_ssh_user | default(omit) }}"
+ ansible_become: "{{ g_sudo | default(omit) }}"
+ with_items: "{{ groups.oo_nodes_to_config | default([]) }}"
+ when:
+ - hostvars[item].openshift is defined
+ - hostvars[item].openshift.common is defined
+ - hostvars[item].openshift.common.is_containerized | bool
+ - (item in groups.oo_nodes_to_config and item in groups.oo_masters_to_config)
+ changed_when: False
diff --git a/playbooks/openshift-node/redeploy-certificates.yml b/playbooks/openshift-node/redeploy-certificates.yml
new file mode 100644
index 000000000..8b7272485
--- /dev/null
+++ b/playbooks/openshift-node/redeploy-certificates.yml
@@ -0,0 +1,6 @@
+---
+- import_playbook: ../init/main.yml
+
+- import_playbook: private/redeploy-certificates.yml
+
+- import_playbook: private/restart.yml
diff --git a/playbooks/openshift-node/restart.yml b/playbooks/openshift-node/restart.yml
new file mode 100644
index 000000000..041c1384d
--- /dev/null
+++ b/playbooks/openshift-node/restart.yml
@@ -0,0 +1,4 @@
+---
+- import_playbook: ../init/main.yml
+
+- import_playbook: private/restart.yml
diff --git a/playbooks/openshift-node/scaleup.yml b/playbooks/openshift-node/scaleup.yml
new file mode 100644
index 000000000..bdfd3d3e6
--- /dev/null
+++ b/playbooks/openshift-node/scaleup.yml
@@ -0,0 +1,21 @@
+---
+- import_playbook: ../init/evaluate_groups.yml
+
+- name: Ensure there are new_nodes
+ hosts: localhost
+ connection: local
+ become: no
+ gather_facts: no
+ tasks:
+ - fail:
+ msg: >
+ Detected no new_nodes in inventory. Please add hosts to the
+ new_nodes host group to add nodes.
+ when:
+ - g_new_node_hosts | default([]) | length == 0
+
+# Need a better way to do the above check for node without
+# running evaluate_groups and init/main.yml
+- import_playbook: ../init/main.yml
+
+- import_playbook: private/config.yml
diff --git a/playbooks/openshift-prometheus/config.yml b/playbooks/openshift-prometheus/config.yml
new file mode 100644
index 000000000..c7814207c
--- /dev/null
+++ b/playbooks/openshift-prometheus/config.yml
@@ -0,0 +1,4 @@
+---
+- import_playbook: ../init/main.yml
+
+- import_playbook: private/config.yml
diff --git a/playbooks/openshift-prometheus/private/config.yml b/playbooks/openshift-prometheus/private/config.yml
new file mode 100644
index 000000000..d13261a7a
--- /dev/null
+++ b/playbooks/openshift-prometheus/private/config.yml
@@ -0,0 +1,29 @@
+---
+- name: Prometheus Install Checkpoint Start
+ hosts: all
+ gather_facts: false
+ tasks:
+ - name: Set Prometheus install 'In Progress'
+ run_once: true
+ set_stats:
+ data:
+ installer_phase_prometheus:
+ status: "In Progress"
+ start: "{{ lookup('pipe', 'date +%Y%m%d%H%M%SZ') }}"
+
+- name: OpenShift Prometheus
+ hosts: oo_first_master
+ roles:
+ - role: openshift_prometheus
+
+- name: Prometheus Install Checkpoint End
+ hosts: all
+ gather_facts: false
+ tasks:
+ - name: Set Prometheus install 'Complete'
+ run_once: true
+ set_stats:
+ data:
+ installer_phase_prometheus:
+ status: "Complete"
+ end: "{{ lookup('pipe', 'date +%Y%m%d%H%M%SZ') }}"
diff --git a/playbooks/openshift-prometheus/private/roles b/playbooks/openshift-prometheus/private/roles
new file mode 120000
index 000000000..20c4c58cf
--- /dev/null
+++ b/playbooks/openshift-prometheus/private/roles
@@ -0,0 +1 @@
+../../../roles \ No newline at end of file
diff --git a/playbooks/openshift-provisioners/config.yml b/playbooks/openshift-provisioners/config.yml
new file mode 100644
index 000000000..c7814207c
--- /dev/null
+++ b/playbooks/openshift-provisioners/config.yml
@@ -0,0 +1,4 @@
+---
+- import_playbook: ../init/main.yml
+
+- import_playbook: private/config.yml
diff --git a/playbooks/common/openshift-cluster/openshift_provisioners.yml b/playbooks/openshift-provisioners/private/config.yml
index b1ca6f606..b1ca6f606 100644
--- a/playbooks/common/openshift-cluster/openshift_provisioners.yml
+++ b/playbooks/openshift-provisioners/private/config.yml
diff --git a/playbooks/openshift-provisioners/private/roles b/playbooks/openshift-provisioners/private/roles
new file mode 120000
index 000000000..20c4c58cf
--- /dev/null
+++ b/playbooks/openshift-provisioners/private/roles
@@ -0,0 +1 @@
+../../../roles \ No newline at end of file
diff --git a/playbooks/openshift-service-catalog/config.yml b/playbooks/openshift-service-catalog/config.yml
new file mode 100644
index 000000000..c7814207c
--- /dev/null
+++ b/playbooks/openshift-service-catalog/config.yml
@@ -0,0 +1,4 @@
+---
+- import_playbook: ../init/main.yml
+
+- import_playbook: private/config.yml
diff --git a/playbooks/openshift-service-catalog/private/config.yml b/playbooks/openshift-service-catalog/private/config.yml
new file mode 100644
index 000000000..7bb8511f6
--- /dev/null
+++ b/playbooks/openshift-service-catalog/private/config.yml
@@ -0,0 +1,33 @@
+---
+- name: Service Catalog Install Checkpoint Start
+ hosts: all
+ gather_facts: false
+ tasks:
+ - name: Set Service Catalog install 'In Progress'
+ run_once: true
+ set_stats:
+ data:
+ installer_phase_servicecatalog:
+ status: "In Progress"
+ start: "{{ lookup('pipe', 'date +%Y%m%d%H%M%SZ') }}"
+
+- name: Service Catalog
+ hosts: oo_first_master
+ roles:
+ - openshift_service_catalog
+ - ansible_service_broker
+ - template_service_broker
+ vars:
+ first_master: "{{ groups.oo_first_master[0] }}"
+
+- name: Service Catalog Install Checkpoint End
+ hosts: all
+ gather_facts: false
+ tasks:
+ - name: Set Service Catalog install 'Complete'
+ run_once: true
+ set_stats:
+ data:
+ installer_phase_servicecatalog:
+ status: "Complete"
+ end: "{{ lookup('pipe', 'date +%Y%m%d%H%M%SZ') }}"
diff --git a/playbooks/openshift-service-catalog/private/roles b/playbooks/openshift-service-catalog/private/roles
new file mode 120000
index 000000000..20c4c58cf
--- /dev/null
+++ b/playbooks/openshift-service-catalog/private/roles
@@ -0,0 +1 @@
+../../../roles \ No newline at end of file
diff --git a/playbooks/openstack/README.md b/playbooks/openstack/README.md
new file mode 100644
index 000000000..d361d6278
--- /dev/null
+++ b/playbooks/openstack/README.md
@@ -0,0 +1,235 @@
+# OpenStack Provisioning
+
+This directory contains [Ansible][ansible] playbooks and roles to create
+OpenStack resources (servers, networking, volumes, security groups,
+etc.). The result is an environment ready for OpenShift installation
+via [openshift-ansible].
+
+We provide everything necessary to be able to install OpenShift on
+OpenStack (including the load balancer servers when
+necessary). In addition, we work on providing integration with the
+OpenStack-native services (storage, lbaas, baremetal as a service,
+dns, etc.).
+
+
+## OpenStack Requirements
+
+Before you start the installation, you need to have an OpenStack
+environment to connect to. You can use a public cloud or an OpenStack
+within your organisation. It is also possible to
+use [Devstack][devstack] or [TripleO][tripleo]. In the case of
+TripleO, we will be running on top of the **overcloud**.
+
+The OpenStack release must be Newton (for Red Hat OpenStack this is
+version 10) or newer. It must also satisfy these requirements:
+
+* Heat (Orchestration) must be available
+* The deployment image (CentOS 7.4 or RHEL 7) must be loaded
+* The deployment flavor must be available to your user
+ - `m1.medium` / 4GB RAM + 40GB disk should be enough for testing
+ - look at
+ the [Minimum Hardware Requirements page][hardware-requirements]
+ for production
+* The keypair for SSH must be available in openstack
+* `keystonerc` file that lets you talk to the openstack services
+ * NOTE: only Keystone V2 is currently supported
+
+Optional:
+* External Neutron network with a floating IP address pool
+
+
+
+## Installation
+
+There are four main parts to the installation:
+
+1. [Preparing Ansible and dependencies](#1-preparing-ansible-and-dependencies)
+2. [Configuring the desired OpenStack environment and OpenShift cluster](#2-configuring-the-openstack-environment-and-openshift-cluster)
+3. [Creating the OpenStack Resources and Installing OpenShift](#3-creating-the-openstack-resources-and-installing-openshift)
+
+This guide is going to install [OpenShift Origin][origin]
+with [CentOS 7][centos7] images with minimal customisation.
+
+We will create the VMs for running OpenShift, in a new Neutron network and
+assign Floating IP addresses.
+
+The OpenShift cluster will have a single Master node that will run
+`etcd`, a single Infra node and two App nodes.
+
+You can look at
+the [Advanced Configuration page][advanced-configuration] for
+additional options.
+
+
+
+### 1. Preparing Ansible and dependencies
+
+First, you need to select where to run [Ansible][ansible] from (the
+*Ansible host*). This can be the computer you read this guide on or an
+OpenStack VM you'll create specifically for this purpose.
+
+We will use
+a
+[Docker image that has all the dependencies installed][control-host-image] to
+make things easier. If you don't want to use Docker, take a look at
+the [Ansible host dependencies][ansible-dependencies] and make sure
+they're installed.
+
+Your *Ansible host* needs to have the following:
+
+1. Docker
+2. `keystonerc` file with your OpenStack credentials
+3. SSH private key for logging in to your OpenShift nodes
+
+Assuming your private key is `~/.ssh/id_rsa` and `keystonerc` in your
+current directory:
+
+```bash
+$ sudo docker run -it -v ~/.ssh:/mnt/.ssh:Z \
+ -v $PWD/keystonerc:/root/.config/openstack/keystonerc.sh:Z \
+ redhatcop/control-host-openstack bash
+```
+
+This will create the container, add your SSH key and source your
+`keystonerc`. It should be set up for the installation.
+
+You can verify that everything is in order:
+
+
+```bash
+$ less .ssh/id_rsa
+$ ansible --version
+$ openstack image list
+```
+
+
+### 2. Configuring the OpenStack Environment and OpenShift Cluster
+
+The configuration is all done in an Ansible inventory directory. We
+will clone the [openshift-ansible][openshift-ansible] repository and set
+things up for a minimal installation.
+
+
+```
+$ git clone https://github.com/openshift/openshift-ansible
+$ cp -r openshift-ansible/playbooks/openstack/sample-inventory/ inventory
+```
+
+If you're testing multiple configurations, you can have multiple
+inventories and switch between them.
+
+#### OpenStack Configuration
+
+The OpenStack configuration is in `inventory/group_vars/all.yml`.
+
+Open the file and plug in the image, flavor and network configuration
+corresponding to your OpenStack installation.
+
+```bash
+$ vi inventory/group_vars/all.yml
+```
+
+1. Set the `openshift_openstack_keypair_name` to your OpenStack keypair name.
+ - See `openstack keypair list` to find the keypairs registered with
+ OpenShift.
+ - This must correspond to your private SSH key in `~/.ssh/id_rsa`
+2. Set the `openshift_openstack_external_network_name` to the floating IP
+ network of your openstack.
+ - See `openstack network list` for the list of networks.
+ - It's often called `public`, `external` or `ext-net`.
+3. Set the `openshift_openstack_default_image_name` to the image you want your
+ OpenShift VMs to run.
+ - See `openstack image list` for the list of available images.
+4. Set the `openshift_openstack_default_flavor` to the flavor you want your
+ OpenShift VMs to use.
+ - See `openstack flavor list` for the list of available flavors.
+
+
+
+#### OpenShift configuration
+
+The OpenShift configuration is in `inventory/group_vars/OSEv3.yml`.
+
+The default options will mostly work, but unless you used the large
+flavors for a production-ready environment, openshift-ansible's
+hardware check will fail.
+
+Let's disable those checks by putting this in
+`inventory/group_vars/OSEv3.yml`:
+
+```yaml
+openshift_disable_check: disk_availability,memory_availability
+```
+
+**NOTE**: The default authentication method will allow **any username
+and password** in! If you're running this in a public place, you need
+to set up access control.
+
+Feel free to look at
+the [Sample OpenShift Inventory][sample-openshift-inventory] and
+the [advanced configuration][advanced-configuration].
+
+
+### 3. Creating the OpenStack Resources and Installing OpenShift
+
+We provide an `ansible.cfg` file which has some useful defaults -- you should
+copy it to the directory you're going to run `ansible-playbook` from.
+
+```bash
+$ cp openshift-ansible/ansible.cfg ansible.cfg
+```
+
+Then run the provision + install playbook -- this will create the OpenStack
+resources:
+
+```bash
+$ ansible-playbook --user openshift -i inventory \
+ openshift-ansible/playbooks/openstack/openshift-cluster/provision_install.yaml \
+ -e openshift_repos_enable_testing=true
+```
+
+Note, you may want to use the testing repo for development purposes only.
+Normally, `openshift_repos_enable_testing` should not be specified.
+
+If you're using multiple inventories, make sure you pass the path to
+the right one to `-i`.
+
+If your SSH private key is not in `~/.ssh/id_rsa` use the `--private-key`
+option to specify the correct path.
+
+
+
+### Next Steps
+
+And that's it! You should have a small but functional OpenShift
+cluster now.
+
+Take a look at [how to access the cluster][accessing-openshift]
+and [how to remove it][uninstall-openshift] as well as the more
+advanced configuration:
+
+* [Accessing the OpenShift cluster][accessing-openshift]
+* [Removing the OpenShift cluster][uninstall-openshift]
+* Set Up Authentication (TODO)
+* [Multiple Masters with a load balancer][loadbalancer]
+* [External Dns][external-dns]
+* Multiple Clusters (TODO)
+* [Cinder Registry][cinder-registry]
+
+
+[ansible]: https://www.ansible.com/
+[openshift-ansible]: https://github.com/openshift/openshift-ansible
+[devstack]: https://docs.openstack.org/devstack/
+[tripleo]: http://tripleo.org/
+[ansible-dependencies]: ./advanced-configuration.md#dependencies-for-localhost-ansible-controladmin-node
+[control-host-image]: https://hub.docker.com/r/redhatcop/control-host-openstack/
+[hardware-requirements]: https://docs.openshift.org/latest/install_config/install/prerequisites.html#hardware
+[origin]: https://www.openshift.org/
+[centos7]: https://www.centos.org/
+[sample-openshift-inventory]: https://github.com/openshift/openshift-ansible/blob/master/inventory/hosts.example
+[advanced-configuration]: ./advanced-configuration.md
+[accessing-openshift]: ./advanced-configuration.md#accessing-the-openshift-cluster
+[uninstall-openshift]: ./advanced-configuration.md#removing-the-openshift-cluster
+[loadbalancer]: ./advanced-configuration.md#multi-master-configuration
+[external-dns]: ./advanced-configuration.md#dns-configuration-variables
+[cinder-registry]: ./advanced-configuration.md#creating-and-using-a-cinder-volume-for-the-openshift-registry
diff --git a/playbooks/openstack/advanced-configuration.md b/playbooks/openstack/advanced-configuration.md
new file mode 100644
index 000000000..2c9b70b5f
--- /dev/null
+++ b/playbooks/openstack/advanced-configuration.md
@@ -0,0 +1,641 @@
+## Dependencies for localhost (ansible control/admin node)
+
+* [Ansible 2.3](https://pypi.python.org/pypi/ansible)
+* [Ansible-galaxy](https://pypi.python.org/pypi/ansible-galaxy-local-deps)
+* [jinja2](http://jinja.pocoo.org/docs/2.9/)
+* [shade](https://pypi.python.org/pypi/shade)
+* python-jmespath / [jmespath](https://pypi.python.org/pypi/jmespath)
+* python-dns / [dnspython](https://pypi.python.org/pypi/dnspython)
+* Become (sudo) is not required.
+
+**NOTE**: You can use a Docker image with all dependencies set up.
+Find more in the [Deployment section](#deployment).
+
+### Optional Dependencies for localhost
+**Note**: When using rhel images, `rhel-7-server-openstack-10-rpms` repository is required in order to install these packages.
+
+* `python-openstackclient`
+* `python-heatclient`
+
+## Dependencies for OpenStack hosted cluster nodes (servers)
+
+There are no additional dependencies for the cluster nodes. Required
+configuration steps are done by Heat given a specific user data config
+that normally should not be changed.
+
+## Accessing the OpenShift Cluster
+
+### Configure DNS
+
+OpenShift requires a two public DNS records to function fully. The first one points to
+the master/load balancer and provides the UI/API access. The other one is a
+wildcard domain that resolves app route requests to the infra node. A private DNS
+server and records are not required and not managed here.
+
+If you followed the default installation from the README section, there is no
+DNS configured. You should add two entries to the `/etc/hosts` file on the
+Ansible host (where you to do a quick validation. A real deployment will
+however require a DNS server with the following entries set.
+
+First, run the `openstack server list` command and note the floating IP
+addresses of the *master* and *infra* nodes (we will use `10.40.128.130` for
+master and `10.40.128.134` for infra here).
+
+Then add the following entries to your `/etc/hosts`:
+
+```
+10.40.128.130 console.openshift.example.com
+10.40.128.134 cakephp-mysql-example-test.apps.openshift.example.com
+```
+
+This points the cluster domain (as defined in the
+`openshift_master_cluster_public_hostname` Ansible variable in `OSEv3`) to the
+master node and any routes for deployed apps to the infra node.
+
+If you deploy another app, it will end up with a different URL (e.g.
+myapp-test.apps.openshift.example.com) and you will need to add that too. This
+is why a real deployment should always run a DNS where the second entry will be
+a wildcard `*.apps.openshift.example.com).
+
+This will be sufficient to validate the cluster here.
+
+Take a look at the [External DNS](#dns-configuration-variables) section for
+configuring a DNS service.
+
+
+### Get the `oc` Client
+
+**NOTE**: You can skip this section if you're using the Docker image
+-- it already has the `oc` binary.
+
+You need to download the OpenShift command line client (called `oc`).
+You can download and extract `openshift-origin-client-tools` from the
+OpenShift release page:
+
+https://github.com/openshift/origin/releases/latest/
+
+Or you can now copy it from the master node:
+
+ $ ansible -i inventory masters[0] -m fetch -a "src=/bin/oc dest=oc"
+
+Either way, find the `oc` binary and put it in your `PATH`.
+
+
+### Logging in Using the Command Line
+
+
+```
+oc login --insecure-skip-tls-verify=true https://master-0.openshift.example.com:8443 -u user -p password
+oc new-project test
+oc new-app --template=cakephp-mysql-example
+oc status -v
+curl http://cakephp-mysql-example-test.apps.openshift.example.com
+```
+
+This will trigger an image build. You can run `oc logs -f
+bc/cakephp-mysql-example` to follow its progress.
+
+Wait until the build has finished and both pods are deployed and running:
+
+```
+$ oc status -v
+In project test on server https://master-0.openshift.example.com:8443
+
+http://cakephp-mysql-example-test.apps.openshift.example.com (svc/cakephp-mysql-example)
+ dc/cakephp-mysql-example deploys istag/cakephp-mysql-example:latest <-
+ bc/cakephp-mysql-example source builds https://github.com/openshift/cakephp-ex.git on openshift/php:7.0
+ deployment #1 deployed about a minute ago - 1 pod
+
+svc/mysql - 172.30.144.36:3306
+ dc/mysql deploys openshift/mysql:5.7
+ deployment #1 deployed 3 minutes ago - 1 pod
+
+Info:
+ * pod/cakephp-mysql-example-1-build has no liveness probe to verify pods are still running.
+ try: oc set probe pod/cakephp-mysql-example-1-build --liveness ...
+View details with 'oc describe <resource>/<name>' or list everything with 'oc get all'.
+
+```
+
+You can now look at the deployed app using its route:
+
+```
+$ curl http://cakephp-mysql-example-test.apps.openshift.example.com
+```
+
+Its `title` should say: "Welcome to OpenShift".
+
+
+### Accessing the UI
+
+You can also access the OpenShift cluster with a web browser by going to:
+
+https://master-0.openshift.example.com:8443
+
+Note that for this to work, the OpenShift nodes must be accessible
+from your computer and it's DNS configuration must use the cruster's
+DNS.
+
+
+## Removing the OpenShift Cluster
+
+Everything in the cluster is contained within a Heat stack. To
+completely remove the cluster and all the related OpenStack resources,
+run this command:
+
+```bash
+openstack stack delete --wait --yes openshift.example.com
+```
+
+
+## DNS configuration variables
+
+Pay special attention to the values in the first paragraph -- these
+will depend on your OpenStack environment.
+
+Note that the provsisioning playbooks update the original Neutron subnet
+created with the Heat stack to point to the configured DNS servers.
+So the provisioned cluster nodes will start using those natively as
+default nameservers. Technically, this allows to deploy OpenShift clusters
+without dnsmasq proxies.
+
+The `openshift_openstack_clusterid` and `openshift_openstack_public_dns_domain`
+will form the cluster's public DNS domain all your servers will be under. With
+the default values, this will be `openshift.example.com`. For workloads, the
+default subdomain is 'apps'. That sudomain can be set as well by the
+`openshift_openstack_app_subdomain` variable in the inventory.
+
+If you want to use a two sets of hostnames for public and private/prefixed DNS
+records for your externally managed public DNS server, you can specify
+`openshift_openstack_public_hostname_suffix` and/or
+`openshift_openstack_private_hostname_suffix`. The suffixes will be added
+to the nsupdate records sent to the external DNS server. Those are empty by default.
+
+**Note** the real hostnames, Nova servers' or ansible hostnames and inventory
+variables will not be updated. The deployment may be done on arbitrary named
+hosts with the hostnames managed by cloud-init. Inventory hostnames will ignore
+the suffixes.
+
+The `openstack_<role name>_hostname` is a set of variables used for customising
+public names of Nova servers provisioned with a given role. When such a variable stays commented,
+default value (usually the role name) is used.
+
+The `openshift_openstack_dns_nameservers` is a list of DNS servers accessible from all
+the created Nova servers. These will provide the internal name resolution for
+your OpenShift nodes (as well as upstream name resolution for installing
+packages, etc.).
+
+The `openshift_use_dnsmasq` controls either dnsmasq is deployed or not.
+By default, dnsmasq is deployed and comes as the hosts' /etc/resolv.conf file
+first nameserver entry that points to the local host instance of the dnsmasq
+daemon that in turn proxies DNS requests to the authoritative DNS server.
+When Network Manager is enabled for provisioned cluster nodes, which is
+normally the case, you should not change the defaults and always deploy dnsmasq.
+
+`openshift_openstack_external_nsupdate_keys` describes an external authoritative DNS server(s)
+processing dynamic records updates in the public only cluster view:
+
+ openshift_openstack_external_nsupdate_keys:
+ public:
+ key_secret: <some nsupdate key>
+ key_algorithm: 'hmac-md5'
+ key_name: 'update-key'
+ server: <public DNS server IP>
+
+Here, for the public view section, we specified another key algorithm and
+optional `key_name`, which normally defaults to the cluster's DNS domain.
+This just illustrates a compatibility mode with a DNS service deployed
+by OpenShift on OSP10 reference architecture, and used in a mixed mode with
+another external DNS server.
+
+## Flannel networking
+
+In order to configure the
+[flannel networking](https://docs.openshift.com/container-platform/3.6/install_config/configuring_sdn.html#using-flannel),
+uncomment and adjust the appropriate `inventory/group_vars/OSEv3.yml` group vars.
+Note that the `osm_cluster_network_cidr` must not overlap with the default
+Docker bridge subnet of 172.17.0.0/16. Or you should change the docker0 default
+CIDR range otherwise. For example, by adding `--bip=192.168.2.1/24` to
+`DOCKER_NETWORK_OPTIONS` located in `/etc/sysconfig/docker-network`.
+
+Also note that the flannel network will be provisioned on a separate isolated Neutron
+subnet defined from `osm_cluster_network_cidr` and having ports security disabled.
+Use the `openstack_private_data_network_name` variable to define the network
+name for the heat stack resource.
+
+After the cluster deployment done, you should run an additional post installation
+step for flannel and docker iptables configuration:
+
+ ansible-playbook openshift-ansible-contrib/playbooks/provisioning/openstack/post-install.yml
+
+## Other configuration variables
+
+`openshift_openstack_keypair_name` is a Nova keypair - you can see your
+keypairs with `openstack keypair list`. It must correspond to the
+private SSH key Ansible will use to log into the created VMs. This is
+`~/.ssh/id_rsa` by default, but you can use a different key by passing
+`--private-key` to `ansible-playbook`.
+
+`openshift_openstack_default_image_name` is the default name of the Glance image the
+servers will use. You can see your images with `openstack image list`.
+In order to set a different image for a role, uncomment the line with the
+corresponding variable (e.g. `openshift_openstack_lb_image_name` for load balancer) and
+set its value to another available image name. `openshift_openstack_default_image_name`
+must stay defined as it is used as a default value for the rest of the roles.
+
+`openshift_openstack_default_flavor` is the default Nova flavor the servers will use.
+You can see your flavors with `openstack flavor list`.
+In order to set a different flavor for a role, uncomment the line with the
+corresponding variable (e.g. `openshift_openstack_lb_flavor` for load balancer) and
+set its value to another available flavor. `openshift_openstack_default_flavor` must
+stay defined as it is used as a default value for the rest of the roles.
+
+`openshift_openstack_external_network_name` is the name of the Neutron network
+providing external connectivity. It is often called `public`,
+`external` or `ext-net`. You can see your networks with `openstack
+network list`.
+
+`openshift_openstack_private_network_name` is the name of the private Neutron network
+providing admin/control access for ansible. It can be merged with other
+cluster networks, there are no special requirements for networking.
+
+The `openshift_openstack_num_masters`, `openshift_openstack_num_infra` and
+`openshift_openstack_num_nodes` values specify the number of Master, Infra and
+App nodes to create.
+
+The `openshift_openstack_cluster_node_labels` defines custom labels for your openshift
+cluster node groups. It currently supports app and infra node groups.
+The default value of this variable sets `region: primary` to app nodes and
+`region: infra` to infra nodes.
+An example of setting a customised label:
+```
+openshift_openstack_cluster_node_labels:
+ app:
+ mylabel: myvalue
+```
+
+The `openshift_openstack_nodes_to_remove` allows you to specify the numerical indexes
+of App nodes that should be removed; for example, ['0', '2'],
+
+The `docker_volume_size` is the default Docker volume size the servers will use.
+In order to set a different volume size for a role,
+uncomment the line with the corresponding variable (e. g. `docker_master_volume_size`
+for master) and change its value. `docker_volume_size` must stay defined as it is
+used as a default value for some of the servers (master, infra, app node).
+The rest of the roles (etcd, load balancer, dns) have their defaults hard-coded.
+
+**Note**: If the `openshift_openstack_ephemeral_volumes` is set to `true`, the `*_volume_size` variables
+will be ignored and the deployment will not create any cinder volumes.
+
+The `openshift_openstack_flat_secgrp`, controls Neutron security groups creation for Heat
+stacks. Set it to true, if you experience issues with sec group rules
+quotas. It trades security for number of rules, by sharing the same set
+of firewall rules for master, node, etcd and infra nodes.
+
+The `openshift_openstack_required_packages` variable also provides a list of the additional
+prerequisite packages to be installed before to deploy an OpenShift cluster.
+Those are ignored though, if the `manage_packages: False`.
+
+## Multi-master configuration
+
+Please refer to the official documentation for the
+[multi-master setup](https://docs.openshift.com/container-platform/3.6/install_config/install/advanced_install.html#multiple-masters)
+and define the corresponding [inventory
+variables](https://docs.openshift.com/container-platform/3.6/install_config/install/advanced_install.html#configuring-cluster-variables)
+in `inventory/group_vars/OSEv3.yml`. For example, given a load balancer node
+under the ansible group named `ext_lb`:
+
+ openshift_master_cluster_hostname: "{{ groups.ext_lb.0 }}"
+ openshift_master_cluster_public_hostname: "{{ groups.ext_lb.0 }}"
+
+## Provider Network
+
+Normally, the playbooks create a new Neutron network and subnet and attach
+floating IP addresses to each node. If you have a provider network set up, this
+is all unnecessary as you can just access servers that are placed in the
+provider network directly.
+
+To use a provider network, set its name in `openshift_openstack_provider_network_name` in
+`inventory/group_vars/all.yml`.
+
+If you set the provider network name, the `openshift_openstack_external_network_name` and
+`openshift_openstack_private_network_name` fields will be ignored.
+
+**NOTE**: this will not update the nodes' DNS, so running openshift-ansible
+right after provisioning will fail (unless you're using an external DNS server
+your provider network knows about). You must make sure your nodes are able to
+resolve each other by name.
+
+## Security notes
+
+Configure required `*_ingress_cidr` variables to restrict public access
+to provisioned servers from your laptop (a /32 notation should be used)
+or your trusted network. The most important is the `openshift_openstack_node_ingress_cidr`
+that restricts public access to the deployed DNS server and cluster
+nodes' ephemeral ports range.
+
+Note, the command ``curl https://api.ipify.org`` helps fiding an external
+IP address of your box (the ansible admin node).
+
+There is also the `manage_packages` variable (defaults to True) you
+may want to turn off in order to speed up the provisioning tasks. This may
+be the case for development environments. When turned off, the servers will
+be provisioned omitting the ``yum update`` command. This brings security
+implications though, and is not recommended for production deployments.
+
+## Configure the OpenShift parameters
+
+Finally, you need to update the DNS entry in
+`inventory/group_vars/OSEv3.yml` (look at
+`openshift_master_default_subdomain`).
+
+In addition, this is the place where you can customise your OpenShift
+installation for example by specifying the authentication.
+
+The full list of options is available in this sample inventory:
+
+https://github.com/openshift/openshift-ansible/blob/master/inventory/hosts.example
+
+Note, that in order to deploy OpenShift origin, you should update the following
+variables for the `inventory/group_vars/OSEv3.yml`, `all.yml`:
+
+ deployment_type: origin
+ openshift_deployment_type: "{{ deployment_type }}"
+
+
+## Setting a custom entrypoint
+
+In order to set a custom entrypoint, update `openshift_master_cluster_public_hostname`
+
+ openshift_master_cluster_public_hostname: api.openshift.example.com
+
+Note than an empty hostname does not work, so if your domain is `openshift.example.com`,
+you cannot set this value to simply `openshift.example.com`.
+
+## Creating and using a Cinder volume for the OpenShift registry
+
+You can optionally have the playbooks create a Cinder volume and set
+it up as the OpenShift hosted registry.
+
+To do that you need specify the desired Cinder volume name and size in
+Gigabytes in `inventory/group_vars/all.yml`:
+
+ openshift_openstack_cinder_hosted_registry_name: cinder-registry
+ openshift_openstack_cinder_hosted_registry_size_gb: 10
+
+With this, the playbooks will create the volume and set up its
+filesystem. If there is an existing volume of the same name, we will
+use it but keep the existing data on it.
+
+To use the volume for the registry, you must first configure it with
+the OpenStack credentials by putting the following to `OSEv3.yml`:
+
+ openshift_cloudprovider_openstack_username: "{{ lookup('env','OS_USERNAME') }}"
+ openshift_cloudprovider_openstack_password: "{{ lookup('env','OS_PASSWORD') }}"
+ openshift_cloudprovider_openstack_auth_url: "{{ lookup('env','OS_AUTH_URL') }}"
+ openshift_cloudprovider_openstack_tenant_name: "{{ lookup('env','OS_TENANT_NAME') }}"
+
+This will use the credentials from your shell environment. If you want
+to enter them explicitly, you can. You can also use credentials
+different from the provisioning ones (say for quota or access control
+reasons).
+
+**NOTE**: If you're testing this on (DevStack)[devstack], you must
+explicitly set your Keystone API version to v2 (e.g.
+`OS_AUTH_URL=http://10.34.37.47/identity/v2.0`) instead of the default
+value provided by `openrc`. You may also encounter the following issue
+with Cinder:
+
+https://github.com/kubernetes/kubernetes/issues/50461
+
+You can read the (OpenShift documentation on configuring
+OpenStack)[openstack] for more information.
+
+[devstack]: https://docs.openstack.org/devstack/latest/
+[openstack]: https://docs.openshift.org/latest/install_config/configuring_openstack.html
+
+
+Next, we need to instruct OpenShift to use the Cinder volume for it's
+registry. Again in `OSEv3.yml`:
+
+ #openshift_hosted_registry_storage_kind: openstack
+ #openshift_hosted_registry_storage_access_modes: ['ReadWriteOnce']
+ #openshift_hosted_registry_storage_openstack_filesystem: xfs
+
+The filesystem value here will be used in the initial formatting of
+the volume.
+
+If you're using the dynamic inventory, you must uncomment these two values as
+well:
+
+ #openshift_hosted_registry_storage_openstack_volumeID: "{{ lookup('os_cinder', openshift_openstack_cinder_hosted_registry_name).id }}"
+ #openshift_hosted_registry_storage_volume_size: "{{ openshift_openstack_cinder_hosted_registry_size_gb }}Gi"
+
+But note that they use the `os_cinder` lookup plugin we provide, so you must
+tell Ansible where to find it either in `ansible.cfg` (the one we provide is
+configured properly) or by exporting the
+`ANSIBLE_LOOKUP_PLUGINS=openshift-ansible-contrib/lookup_plugins` environment
+variable.
+
+
+
+## Use an existing Cinder volume for the OpenShift registry
+
+You can also use a pre-existing Cinder volume for the storage of your
+OpenShift registry.
+
+To do that, you need to have a Cinder volume. You can create one by
+running:
+
+ openstack volume create --size <volume size in gb> <volume name>
+
+The volume needs to have a file system created before you put it to
+use.
+
+As with the automatically-created volume, you have to set up the
+OpenStack credentials in `inventory/group_vars/OSEv3.yml` as well as
+registry values:
+
+ #openshift_hosted_registry_storage_kind: openstack
+ #openshift_hosted_registry_storage_access_modes: ['ReadWriteOnce']
+ #openshift_hosted_registry_storage_openstack_filesystem: xfs
+ #openshift_hosted_registry_storage_openstack_volumeID: e0ba2d73-d2f9-4514-a3b2-a0ced507fa05
+ #openshift_hosted_registry_storage_volume_size: 10Gi
+
+Note the `openshift_hosted_registry_storage_openstack_volumeID` and
+`openshift_hosted_registry_storage_volume_size` values: these need to
+be added in addition to the previous variables.
+
+The **Cinder volume ID**, **filesystem** and **volume size** variables
+must correspond to the values in your volume. The volume ID must be
+the **UUID** of the Cinder volume, *not its name*.
+
+We can do formate the volume for you if you ask for it in
+`inventory/group_vars/all.yml`:
+
+ openshift_openstack_prepare_and_format_registry_volume: true
+
+**NOTE:** doing so **will destroy any data that's currently on the volume**!
+
+You can also run the registry setup playbook directly:
+
+ ansible-playbook -i inventory playbooks/provisioning/openstack/prepare-and-format-cinder-volume.yaml
+
+(the provisioning phase must be completed, first)
+
+
+
+## Using Docker on the Ansible host
+
+If you don't want to worry about the dependencies, you can use the
+[OpenStack Control Host image][control-host-image].
+
+[control-host-image]: https://hub.docker.com/r/redhatcop/control-host-openstack/
+
+It has all the dependencies installed, but you'll need to map your
+code and credentials to it. Assuming your SSH keys live in `~/.ssh`
+and everything else is in your current directory (i.e. `ansible.cfg`,
+`keystonerc`, `inventory`, `openshift-ansible`,
+`openshift-ansible-contrib`), this is how you run the deployment:
+
+ sudo docker run -it -v ~/.ssh:/mnt/.ssh:Z \
+ -v $PWD:/root/openshift:Z \
+ -v $PWD/keystonerc:/root/.config/openstack/keystonerc.sh:Z \
+ redhatcop/control-host-openstack bash
+
+(feel free to replace `$PWD` with an actual path to your inventory and
+checkouts, but note that relative paths don't work)
+
+The first run may take a few minutes while the image is being
+downloaded. After that, you'll be inside the container and you can run
+the playbooks:
+
+ cd openshift
+ ansible-playbook openshift-ansible-contrib/playbooks/provisioning/openstack/provision.yaml
+
+
+## Running Custom Post-Provision Actions
+
+A custom playbook can be run like this:
+
+```
+ansible-playbook --private-key ~/.ssh/openshift -i inventory/ openshift-ansible-contrib/playbooks/provisioning/openstack/custom-actions/custom-playbook.yml
+```
+
+If you'd like to limit the run to one particular host, you can do so as follows:
+
+```
+ansible-playbook --private-key ~/.ssh/openshift -i inventory/ openshift-ansible-contrib/playbooks/provisioning/openstack/custom-actions/custom-playbook.yml -l app-node-0.openshift.example.com
+```
+
+You can also create your own custom playbook. Here are a few examples:
+
+### Adding additional YUM repositories
+
+```
+---
+- hosts: app
+ tasks:
+
+ # enable EPL
+ - name: Add repository
+ yum_repository:
+ name: epel
+ description: EPEL YUM repo
+ baseurl: https://download.fedoraproject.org/pub/epel/$releasever/$basearch/
+```
+
+This example runs against app nodes. The list of options include:
+
+ - cluster_hosts (all hosts: app, infra, masters, dns, lb)
+ - OSEv3 (app, infra, masters)
+ - app
+ - dns
+ - masters
+ - infra_hosts
+
+### Attaching additional RHN pools
+
+```
+---
+- hosts: cluster_hosts
+ tasks:
+ - name: Attach additional RHN pool
+ become: true
+ command: "/usr/bin/subscription-manager attach --pool=<pool ID>"
+ register: attach_rhn_pool_result
+ until: attach_rhn_pool_result.rc == 0
+ retries: 10
+ delay: 1
+```
+
+This playbook runs against all cluster nodes. In order to help prevent slow connectivity
+problems, the task is retried 10 times in case of initial failure.
+Note that in order for this example to work in your deployment, your servers must use the RHEL image.
+
+### Adding extra Docker registry URLs
+
+This playbook is located in the [custom-actions](https://github.com/openshift/openshift-ansible-contrib/tree/master/playbooks/provisioning/openstack/custom-actions) directory.
+
+It adds URLs passed as arguments to the docker configuration program.
+Going into more detail, the configuration program (which is in the YAML format) is loaded into an ansible variable
+([lines 27-30](https://github.com/openshift/openshift-ansible-contrib/blob/master/playbooks/provisioning/openstack/custom-actions/add-docker-registry.yml#L27-L30))
+and in its structure, `registries` and `insecure_registries` sections are expanded with the newly added items
+([lines 56-76](https://github.com/openshift/openshift-ansible-contrib/blob/master/playbooks/provisioning/openstack/custom-actions/add-docker-registry.yml#L56-L76)).
+The new content is then saved into the original file
+([lines 78-82](https://github.com/openshift/openshift-ansible-contrib/blob/master/playbooks/provisioning/openstack/custom-actions/add-docker-registry.yml#L78-L82))
+and docker is restarted.
+
+Example usage:
+```
+ansible-playbook -i <inventory> openshift-ansible-contrib/playbooks/provisioning/openstack/custom-actions/add-docker-registry.yml --extra-vars '{"registries": "reg1", "insecure_registries": ["ins_reg1","ins_reg2"]}'
+```
+
+### Adding extra CAs to the trust chain
+
+This playbook is also located in the [custom-actions](https://github.com/openshift/openshift-ansible-contrib/blob/master/playbooks/provisioning/openstack/custom-actions) directory.
+It copies passed CAs to the trust chain location and updates the trust chain on each selected host.
+
+Example usage:
+```
+ansible-playbook -i <inventory> openshift-ansible-contrib/playbooks/provisioning/openstack/custom-actions/add-cas.yml --extra-vars '{"ca_files": [<absolute path to ca1 file>, <absolute path to ca2 file>]}'
+```
+
+Please consider contributing your custom playbook back to openshift-ansible-contrib!
+
+A library of custom post-provision actions exists in `openshift-ansible-contrib/playbooks/provisioning/openstack/custom-actions`. Playbooks include:
+
+* [add-yum-repos.yml](https://github.com/openshift/openshift-ansible-contrib/blob/master/playbooks/provisioning/openstack/custom-actions/add-yum-repos.yml): adds a list of custom yum repositories to every node in the cluster
+* [add-rhn-pools.yml](https://github.com/openshift/openshift-ansible-contrib/blob/master/playbooks/provisioning/openstack/custom-actions/add-rhn-pools.yml): attaches a list of additional RHN pools to every node in the cluster
+* [add-docker-registry.yml](https://github.com/openshift/openshift-ansible-contrib/blob/master/playbooks/provisioning/openstack/custom-actions/add-docker-registry.yml): adds a list of docker registries to the docker configuration on every node in the cluster
+* [add-cas.yml](https://github.com/openshift/openshift-ansible-contrib/blob/master/playbooks/provisioning/openstack/custom-actions/add-rhn-pools.yml): adds a list of CAs to the trust chain on every node in the cluster
+
+
+## Install OpenShift
+
+Once it succeeds, you can install openshift by running:
+
+ ansible-playbook openshift-ansible/playbooks/deploy_cluster.yml
+
+## Access UI
+
+OpenShift UI may be accessed via the 1st master node FQDN, port 8443.
+
+## Scale Deployment up/down
+
+### Scaling up
+
+One can scale up the number of application nodes by executing the ansible playbook
+`openshift-ansible-contrib/playbooks/provisioning/openstack/scale-up.yaml`.
+This process can be done even if there is currently no deployment available.
+The `increment_by` variable is used to specify by how much the deployment should
+be scaled up (if none exists, it serves as a target number of application nodes).
+The path to `openshift-ansible` directory can be customised by the `openshift_ansible_dir`
+variable. Its value must be an absolute path to `openshift-ansible` and it cannot
+contain the '/' symbol at the end.
+
+Usage:
+
+```
+ansible-playbook -i <path to inventory> openshift-ansible-contrib/playbooks/provisioning/openstack/scale-up.yaml` [-e increment_by=<number>] [-e openshift_ansible_dir=<path to openshift-ansible>]
+```
diff --git a/playbooks/openstack/openshift-cluster/install.yml b/playbooks/openstack/openshift-cluster/install.yml
new file mode 100644
index 000000000..3211f619a
--- /dev/null
+++ b/playbooks/openstack/openshift-cluster/install.yml
@@ -0,0 +1,12 @@
+---
+# NOTE(shadower): the AWS playbook builds an in-memory inventory of
+# all the EC2 instances here. We don't need to as that's done by the
+# dynamic inventory.
+
+# TODO(shadower): the AWS playbook sets the
+# `openshift_master_cluster_hostname` and `osm_custom_cors_origins`
+# values here. We do it in the OSEv3 group vars. Do we need to add
+# some logic here?
+
+- name: run the cluster deploy
+ import_playbook: ../../deploy_cluster.yml
diff --git a/playbooks/openstack/openshift-cluster/prerequisites.yml b/playbooks/openstack/openshift-cluster/prerequisites.yml
new file mode 100644
index 000000000..0356b37dd
--- /dev/null
+++ b/playbooks/openstack/openshift-cluster/prerequisites.yml
@@ -0,0 +1,12 @@
+---
+- hosts: localhost
+ tasks:
+ - name: Check dependencies and OpenStack prerequisites
+ include_role:
+ name: openshift_openstack
+ tasks_from: check-prerequisites.yml
+
+ - name: Check network configuration
+ include_role:
+ name: openshift_openstack
+ tasks_from: net_vars_check.yaml
diff --git a/playbooks/openstack/openshift-cluster/provision.yml b/playbooks/openstack/openshift-cluster/provision.yml
new file mode 100644
index 000000000..fa5c91ace
--- /dev/null
+++ b/playbooks/openstack/openshift-cluster/provision.yml
@@ -0,0 +1,74 @@
+---
+- name: Create the OpenStack resources for cluster installation
+ hosts: localhost
+ tasks:
+ - name: provision cluster
+ include_role:
+ name: openshift_openstack
+ tasks_from: provision.yml
+
+
+# NOTE(shadower): Bring in the host groups:
+- name: evaluate groups
+ import_playbook: ../../init/evaluate_groups.yml
+
+
+- name: Wait for the nodes and gather their facts
+ hosts: oo_all_hosts
+ become: yes
+ # NOTE: The nodes may not be up yet, don't gather facts here.
+ # They'll be collected after `wait_for_connection`.
+ gather_facts: no
+ tasks:
+ - name: Wait for the the nodes to come up
+ wait_for_connection:
+
+ - name: Gather facts for the new nodes
+ setup:
+
+- name: set common facts
+ import_playbook: ../../init/facts.yml
+
+
+# TODO(shadower): consider splitting this up so people can stop here
+# and configure their DNS if they have to.
+- name: Populate the DNS entries
+ hosts: localhost
+ tasks:
+ - name: Populate DNS entries
+ include_role:
+ name: openshift_openstack
+ tasks_from: populate-dns.yml
+ when:
+ - openshift_openstack_external_nsupdate_keys is defined
+ - openshift_openstack_external_nsupdate_keys.private is defined or openshift_openstack_external_nsupdate_keys.public is defined
+
+- name: Prepare the Nodes in the cluster for installation
+ hosts: oo_all_hosts
+ become: yes
+ gather_facts: yes
+ tasks:
+ - name: Subscribe RHEL instances
+ include_role:
+ name: rhel_subscribe
+ when:
+ - ansible_distribution == "RedHat"
+ - rhsub_user is defined
+ - rhsub_pass is defined
+
+ - name: Enable required YUM repositories
+ include_role:
+ name: openshift_repos
+ when:
+ - ansible_distribution == "RedHat"
+ - rh_subscribed is defined
+
+ - name: Install dependencies
+ include_role:
+ name: openshift_openstack
+ tasks_from: node-packages.yml
+
+ - name: Configure Node
+ include_role:
+ name: openshift_openstack
+ tasks_from: node-configuration.yml
diff --git a/playbooks/openstack/openshift-cluster/provision_install.yml b/playbooks/openstack/openshift-cluster/provision_install.yml
new file mode 100644
index 000000000..fc2854605
--- /dev/null
+++ b/playbooks/openstack/openshift-cluster/provision_install.yml
@@ -0,0 +1,9 @@
+---
+- name: Check the prerequisites for cluster provisioning in OpenStack
+ import_playbook: prerequisites.yml
+
+- name: Include the provision.yml playbook to create cluster
+ import_playbook: provision.yml
+
+- name: Include the install.yml playbook to install cluster
+ import_playbook: install.yml
diff --git a/playbooks/common/openshift-nfs/roles b/playbooks/openstack/openshift-cluster/roles
index e2b799b9d..e2b799b9d 120000
--- a/playbooks/common/openshift-nfs/roles
+++ b/playbooks/openstack/openshift-cluster/roles
diff --git a/playbooks/openstack/sample-inventory/group_vars/OSEv3.yml b/playbooks/openstack/sample-inventory/group_vars/OSEv3.yml
new file mode 100644
index 000000000..933117127
--- /dev/null
+++ b/playbooks/openstack/sample-inventory/group_vars/OSEv3.yml
@@ -0,0 +1,59 @@
+---
+## Openshift product versions and repos to install from
+openshift_deployment_type: origin
+#openshift_repos_enable_testing: true
+#openshift_deployment_type: openshift-enterprise
+#openshift_release: v3.5
+openshift_master_default_subdomain: "apps.{{ openshift_openstack_clusterid }}.{{ openshift_openstack_public_dns_domain }}"
+
+openshift_master_cluster_public_hostname: "console.{{ openshift_openstack_clusterid }}.{{ openshift_openstack_public_dns_domain }}"
+
+osm_default_node_selector: 'region=primary'
+
+openshift_hosted_router_wait: True
+openshift_hosted_registry_wait: True
+
+## Openstack credentials
+#openshift_cloudprovider_kind=openstack
+#openshift_cloudprovider_openstack_auth_url: "{{ lookup('env','OS_AUTH_URL') }}"
+#openshift_cloudprovider_openstack_username: "{{ lookup('env','OS_USERNAME') }}"
+#openshift_cloudprovider_openstack_password: "{{ lookup('env','OS_PASSWORD') }}"
+#openshift_cloudprovider_openstack_tenant_name: "{{ lookup('env','OS_TENANT_NAME') }}"
+#openshift_cloudprovider_openstack_region="{{ lookup('env', 'OS_REGION_NAME') }}"
+
+
+## Use Cinder volume for Openshift registry:
+#openshift_hosted_registry_storage_kind: openstack
+#openshift_hosted_registry_storage_access_modes: ['ReadWriteOnce']
+#openshift_hosted_registry_storage_openstack_filesystem: xfs
+
+## NOTE(shadower): This won't work until the openshift-ansible issue #5657 is fixed:
+## https://github.com/openshift/openshift-ansible/issues/5657
+## If you're using the `openshift_openstack_cinder_hosted_registry_name` option from
+## `all.yml`, uncomment these lines:
+#openshift_hosted_registry_storage_openstack_volumeID: "{{ lookup('os_cinder', openshift_openstack_cinder_hosted_registry_name).id }}"
+#openshift_hosted_registry_storage_volume_size: "{{ openshift_openstack_cinder_hosted_registry_size_gb }}Gi"
+
+## If you're using a Cinder volume you've set up yourself, uncomment these lines:
+#openshift_hosted_registry_storage_openstack_volumeID: e0ba2d73-d2f9-4514-a3b2-a0ced507fa05
+#openshift_hosted_registry_storage_volume_size: 10Gi
+
+
+# NOTE(shadower): the hostname check seems to always fail because the
+# host's floating IP address doesn't match the address received from
+# inside the host.
+openshift_override_hostname_check: true
+
+# For POCs or demo environments that are using smaller instances than
+# the official recommended values for RAM and DISK, uncomment the line below.
+#openshift_disable_check: disk_availability,memory_availability
+
+# NOTE(shadower): Always switch to root on the OSEv3 nodes.
+# openshift-ansible requires an explicit `become`.
+ansible_become: true
+
+# # Flannel networking
+#osm_cluster_network_cidr: 10.128.0.0/14
+#openshift_use_openshift_sdn: false
+#openshift_use_flannel: true
+#flannel_interface: eth1
diff --git a/playbooks/openstack/sample-inventory/group_vars/all.yml b/playbooks/openstack/sample-inventory/group_vars/all.yml
new file mode 100644
index 000000000..c7afe9a24
--- /dev/null
+++ b/playbooks/openstack/sample-inventory/group_vars/all.yml
@@ -0,0 +1,121 @@
+---
+openshift_openstack_clusterid: "openshift"
+openshift_openstack_public_dns_domain: "example.com"
+openshift_openstack_dns_nameservers: []
+
+# # Used Hostnames
+# # - set custom hostnames for roles by uncommenting corresponding lines
+#openshift_openstack_master_hostname: "master"
+#openshift_openstack_infra_hostname: "infra-node"
+#openshift_openstack_node_hostname: "app-node"
+#openshift_openstack_lb_hostname: "lb"
+#openshift_openstack_etcd_hostname: "etcd"
+
+openshift_openstack_keypair_name: "openshift"
+openshift_openstack_external_network_name: "public"
+#openshift_openstack_private_network_name: "openshift-ansible-{{ openshift_openstack_stack_name }}-net"
+# # A dedicated Neutron network name for containers data network
+# # Configures the data network to be separated from openshift_openstack_private_network_name
+# # NOTE: this is only supported with Flannel SDN yet
+#openstack_private_data_network_name: "openshift-ansible-{{ openshift_openstack_stack_name }}-data-net"
+
+## If you want to use a provider network, set its name here.
+## NOTE: the `openshift_openstack_external_network_name` and
+## `openshift_openstack_private_network_name` options will be ignored when using a
+## provider network.
+#openshift_openstack_provider_network_name: "provider"
+
+# # Used Images
+# # - set specific images for roles by uncommenting corresponding lines
+# # - note: do not remove openshift_openstack_default_image_name definition
+#openshift_openstack_master_image_name: "centos7"
+#openshift_openstack_infra_image_name: "centos7"
+#openshift_openstack_node_image_name: "centos7"
+#openshift_openstack_lb_image_name: "centos7"
+#openshift_openstack_etcd_image_name: "centos7"
+openshift_openstack_default_image_name: "centos7"
+
+openshift_openstack_num_masters: 1
+openshift_openstack_num_infra: 1
+openshift_openstack_num_nodes: 2
+
+# # Used Flavors
+# # - set specific flavors for roles by uncommenting corresponding lines
+# # - note: do note remove openshift_openstack_default_flavor definition
+#openshift_openstack_master_flavor: "m1.medium"
+#openshift_openstack_infra_flavor: "m1.medium"
+#openshift_openstack_node_flavor: "m1.medium"
+#openshift_openstack_lb_flavor: "m1.medium"
+#openshift_openstack_etcd_flavor: "m1.medium"
+openshift_openstack_default_flavor: "m1.medium"
+
+# # Numerical index of nodes to remove
+# openshift_openstack_nodes_to_remove: []
+
+# # Docker volume size
+# # - set specific volume size for roles by uncommenting corresponding lines
+# # - note: do not remove docker_default_volume_size definition
+#openshift_openstack_docker_master_volume_size: "15"
+#openshift_openstack_docker_infra_volume_size: "15"
+#openshift_openstack_docker_node_volume_size: "15"
+#openshift_openstack_docker_etcd_volume_size: "2"
+#openshift_openstack_docker_lb_volume_size: "5"
+openshift_openstack_docker_volume_size: "15"
+
+## Specify server group policies for master and infra nodes. Nova must be configured to
+## enable these policies. 'anti-affinity' will ensure that each VM is launched on a
+## different physical host.
+#openshift_openstack_master_server_group_policies: [anti-affinity]
+#openshift_openstack_infra_server_group_policies: [anti-affinity]
+
+## Create a Cinder volume and use it for the OpenShift registry.
+## NOTE: the openstack credentials and hosted registry options must be set in OSEv3.yml!
+#openshift_openstack_cinder_hosted_registry_name: cinder-registry
+#openshift_openstack_cinder_hosted_registry_size_gb: 10
+
+## Set up a filesystem on the cinder volume specified in `OSEv3.yaml`.
+## You need to specify the file system and volume ID in OSEv3 via
+## `openshift_hosted_registry_storage_openstack_filesystem` and
+## `openshift_hosted_registry_storage_openstack_volumeID`.
+## WARNING: This will delete any data on the volume!
+#openshift_openstack_prepare_and_format_registry_volume: False
+
+openshift_openstack_subnet_prefix: "192.168.99"
+
+## Red Hat subscription:
+#rhsub_user: '<username>'
+#rhsub_pass: '<password>'
+#rhsub_pool: '<pool name>'
+
+
+# # Roll-your-own DNS
+#openshift_openstack_external_nsupdate_keys:
+# public:
+# key_secret: 'SKqKNdpfk7llKxZ57bbxUnUDobaaJp9t8CjXLJPl+fRI5mPcSBuxTAyvJPa6Y9R7vUg9DwCy/6WTpgLNqnV4Hg=='
+# key_algorithm: 'hmac-md5'
+# server: '192.168.1.1'
+# private:
+# key_secret: 'kVE2bVTgZjrdJipxPhID8BEZmbHD8cExlVPR+zbFpW6la8kL5wpXiwOh8q5AAosXQI5t95UXwq3Inx8QT58duw=='
+# key_algorithm: 'hmac-md5'
+# server: '192.168.1.2'
+
+
+# NOTE(shadower): Do not change this value. The Ansible user is currently
+# hardcoded to `openshift`.
+ansible_user: openshift
+
+# # Use a single security group for a cluster (default: false)
+#openshift_openstack_flat_secgrp: false
+
+# If you want to use the VM storage instead of Cinder volumes, set this to `true`.
+# NOTE: this is for testing only! Your data will be gone once the VM disappears!
+# openshift_openstack_ephemeral_volumes: false
+
+# # OpenShift node labels
+# # - in order to customise node labels for app and/or infra group, set the
+# # openshift_openstack_cluster_node_labels variable
+#openshift_openstack_cluster_node_labels:
+# app:
+# region: primary
+# infra:
+# region: infra
diff --git a/playbooks/openstack/sample-inventory/inventory.py b/playbooks/openstack/sample-inventory/inventory.py
new file mode 100755
index 000000000..ad3fd936b
--- /dev/null
+++ b/playbooks/openstack/sample-inventory/inventory.py
@@ -0,0 +1,105 @@
+#!/usr/bin/env python
+"""
+This is an Ansible dynamic inventory for OpenStack.
+
+It requires your OpenStack credentials to be set in clouds.yaml or your shell
+environment.
+
+"""
+
+from __future__ import print_function
+
+import json
+
+import shade
+
+
+def build_inventory():
+ '''Build the dynamic inventory.'''
+ cloud = shade.openstack_cloud()
+
+ inventory = {}
+
+ # TODO(shadower): filter the servers based on the `OPENSHIFT_CLUSTER`
+ # environment variable.
+ cluster_hosts = [
+ server for server in cloud.list_servers()
+ if 'metadata' in server and 'clusterid' in server.metadata]
+
+ masters = [server.name for server in cluster_hosts
+ if server.metadata['host-type'] == 'master']
+
+ etcd = [server.name for server in cluster_hosts
+ if server.metadata['host-type'] == 'etcd']
+ if not etcd:
+ etcd = masters
+
+ infra_hosts = [server.name for server in cluster_hosts
+ if server.metadata['host-type'] == 'node' and
+ server.metadata['sub-host-type'] == 'infra']
+
+ app = [server.name for server in cluster_hosts
+ if server.metadata['host-type'] == 'node' and
+ server.metadata['sub-host-type'] == 'app']
+
+ nodes = list(set(masters + infra_hosts + app))
+
+ dns = [server.name for server in cluster_hosts
+ if server.metadata['host-type'] == 'dns']
+
+ load_balancers = [server.name for server in cluster_hosts
+ if server.metadata['host-type'] == 'lb']
+
+ osev3 = list(set(nodes + etcd + load_balancers))
+
+ inventory['cluster_hosts'] = {'hosts': [s.name for s in cluster_hosts]}
+ inventory['OSEv3'] = {'hosts': osev3}
+ inventory['masters'] = {'hosts': masters}
+ inventory['etcd'] = {'hosts': etcd}
+ inventory['nodes'] = {'hosts': nodes}
+ inventory['infra_hosts'] = {'hosts': infra_hosts}
+ inventory['app'] = {'hosts': app}
+ inventory['dns'] = {'hosts': dns}
+ inventory['lb'] = {'hosts': load_balancers}
+
+ for server in cluster_hosts:
+ if 'group' in server.metadata:
+ group = server.metadata.group
+ if group not in inventory:
+ inventory[group] = {'hosts': []}
+ inventory[group]['hosts'].append(server.name)
+
+ inventory['_meta'] = {'hostvars': {}}
+
+ for server in cluster_hosts:
+ ssh_ip_address = server.public_v4 or server.private_v4
+ hostvars = {
+ 'ansible_host': ssh_ip_address
+ }
+
+ public_v4 = server.public_v4 or server.private_v4
+ if public_v4:
+ hostvars['public_v4'] = server.public_v4
+ hostvars['openshift_public_ip'] = server.public_v4
+ # TODO(shadower): what about multiple networks?
+ if server.private_v4:
+ hostvars['private_v4'] = server.private_v4
+ # NOTE(shadower): Yes, we set both hostname and IP to the private
+ # IP address for each node. OpenStack doesn't resolve nodes by
+ # name at all, so using a hostname here would require an internal
+ # DNS which would complicate the setup and potentially introduce
+ # performance issues.
+ hostvars['openshift_ip'] = server.private_v4
+ hostvars['openshift_hostname'] = server.private_v4
+ hostvars['openshift_public_hostname'] = server.name
+
+ node_labels = server.metadata.get('node_labels')
+ if node_labels:
+ hostvars['openshift_node_labels'] = node_labels
+
+ inventory['_meta']['hostvars'][server.name] = hostvars
+ return inventory
+
+
+if __name__ == '__main__':
+ print(json.dumps(build_inventory(), indent=4, sort_keys=True))
diff --git a/playbooks/prerequisites.yml b/playbooks/prerequisites.yml
new file mode 100644
index 000000000..5ba62a6d6
--- /dev/null
+++ b/playbooks/prerequisites.yml
@@ -0,0 +1,14 @@
+---
+- import_playbook: init/main.yml
+ vars:
+ skip_verison: True
+
+- import_playbook: init/repos.yml
+
+# This is required for container runtime for crio, only needs to run once.
+- name: Configure os_firewall
+ hosts: oo_masters_to_config:oo_etcd_to_config:oo_lb_to_config:oo_nfs_to_config:oo_nodes_to_config
+ roles:
+ - role: os_firewall
+
+- import_playbook: container-runtime/private/config.yml
diff --git a/playbooks/redeploy-certificates.yml b/playbooks/redeploy-certificates.yml
new file mode 100644
index 000000000..4e6defd6e
--- /dev/null
+++ b/playbooks/redeploy-certificates.yml
@@ -0,0 +1,26 @@
+---
+- import_playbook: init/main.yml
+
+- import_playbook: openshift-etcd/private/redeploy-certificates.yml
+
+- import_playbook: openshift-master/private/redeploy-certificates.yml
+
+- import_playbook: openshift-node/private/redeploy-certificates.yml
+
+- import_playbook: openshift-etcd/private/restart.yml
+ vars:
+ g_etcd_certificates_expired: "{{ ('expired' in (hostvars | lib_utils_oo_select_keys(groups['etcd']) | lib_utils_oo_collect('check_results.check_results.etcd') | lib_utils_oo_collect('health'))) | bool }}"
+
+- import_playbook: openshift-master/private/restart.yml
+
+- import_playbook: openshift-node/private/restart.yml
+
+- import_playbook: openshift-hosted/private/redeploy-router-certificates.yml
+ when: openshift_hosted_manage_router | default(true) | bool
+
+- import_playbook: openshift-hosted/private/redeploy-registry-certificates.yml
+ when: openshift_hosted_manage_registry | default(true) | bool
+
+- import_playbook: openshift-master/private/revert-client-ca.yml
+
+- import_playbook: openshift-master/private/restart.yml
diff --git a/playbooks/roles b/playbooks/roles
new file mode 120000
index 000000000..d8c4472ca
--- /dev/null
+++ b/playbooks/roles
@@ -0,0 +1 @@
+../roles \ No newline at end of file
diff --git a/requirements.txt b/requirements.txt
index bf95b4ff9..67cdaaff5 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,10 +1,11 @@
# Versions are pinned to prevent pypi releases arbitrarily breaking
# tests with new APIs/semantics. We want to update versions deliberately.
-ansible==2.3.1.0
+ansible==2.4.1.0
boto==2.34.0
click==6.7
pyOpenSSL==16.2.0
# We need to disable ruamel.yaml for now because of test failures
#ruamel.yaml
six==1.10.0
+shade==1.24.0
passlib==1.6.5
diff --git a/roles/ansible_service_broker/defaults/main.yml b/roles/ansible_service_broker/defaults/main.yml
index dc05b03b5..bea126618 100644
--- a/roles/ansible_service_broker/defaults/main.yml
+++ b/roles/ansible_service_broker/defaults/main.yml
@@ -1,7 +1,7 @@
---
ansible_service_broker_remove: false
-ansible_service_broker_install: false
+ansible_service_broker_install: true
ansible_service_broker_log_level: info
ansible_service_broker_output_request: false
ansible_service_broker_recovery: true
@@ -10,7 +10,10 @@ ansible_service_broker_dev_broker: false
ansible_service_broker_refresh_interval: 600s
# Recommended you do not enable this for now
ansible_service_broker_launch_apb_on_bind: false
+ansible_service_broker_keep_namespace_on_error: true
+ansible_service_broker_keep_namespace: false
ansible_service_broker_image_pull_policy: IfNotPresent
ansible_service_broker_sandbox_role: edit
ansible_service_broker_auto_escalate: false
+ansible_service_broker_local_registry_whitelist: []
diff --git a/roles/ansible_service_broker/meta/main.yml b/roles/ansible_service_broker/meta/main.yml
index ec4aafb79..65b736500 100644
--- a/roles/ansible_service_broker/meta/main.yml
+++ b/roles/ansible_service_broker/meta/main.yml
@@ -12,4 +12,5 @@ galaxy_info:
categories:
- cloud
dependencies:
+- role: lib_utils
- role: lib_openshift
diff --git a/roles/ansible_service_broker/tasks/generate_certs.yml b/roles/ansible_service_broker/tasks/generate_certs.yml
new file mode 100644
index 000000000..3da896548
--- /dev/null
+++ b/roles/ansible_service_broker/tasks/generate_certs.yml
@@ -0,0 +1,44 @@
+---
+
+- when: ansible_service_broker_certs_dir is undefined
+ block:
+ - name: Create ansible-service-broker cert directory
+ file:
+ path: "{{ openshift.common.config_base }}/ansible-service-broker"
+ state: directory
+ mode: 0755
+ check_mode: no
+
+ - name: Create self signing ca cert
+ command: 'openssl req -nodes -x509 -newkey rsa:4096 -keyout {{ openshift.common.config_base }}/ansible-service-broker/key.pem -out {{ openshift.common.config_base }}/ansible-service-broker/cert.pem -days 365 -subj "/CN=asb-etcd.openshift-ansible-service-broker.svc"'
+ args:
+ creates: '{{ openshift.common.config_base }}/ansible-service-broker/cert.pem'
+
+ - name: Create self signed client cert
+ command: '{{ item.cmd }}'
+ args:
+ creates: '{{ item.creates }}'
+ with_items:
+ - cmd: openssl genrsa -out {{ openshift.common.config_base }}/ansible-service-broker/client.key 2048
+ creates: '{{ openshift.common.config_base }}/ansible-service-broker/client.key'
+ - cmd: 'openssl req -new -key {{ openshift.common.config_base }}/ansible-service-broker/client.key -out {{ openshift.common.config_base }}/ansible-service-broker/client.csr -subj "/CN=client"'
+ creates: '{{ openshift.common.config_base }}/ansible-service-broker/client.csr'
+ - cmd: openssl x509 -req -in {{ openshift.common.config_base }}/ansible-service-broker/client.csr -CA {{ openshift.common.config_base }}/ansible-service-broker/cert.pem -CAkey {{ openshift.common.config_base }}/ansible-service-broker/key.pem -CAcreateserial -out {{ openshift.common.config_base }}/ansible-service-broker/client.pem -days 1024
+ creates: '{{ openshift.common.config_base }}/ansible-service-broker/client.pem'
+
+ - set_fact:
+ ansible_service_broker_certs_dir: "{{ openshift.common.config_base }}/ansible-service-broker"
+
+- name: Read in certs for etcd
+ slurp:
+ src: '{{ ansible_service_broker_certs_dir }}/{{ item }}'
+ register: asb_etcd_certs
+ with_items:
+ - cert.pem
+ - client.pem
+ - client.key
+
+- set_fact:
+ etcd_ca_cert: "{{ asb_etcd_certs.results.0.content | b64decode }}"
+ etcd_client_cert: "{{ asb_etcd_certs.results.1.content | b64decode }}"
+ etcd_client_key: "{{ asb_etcd_certs.results.2.content | b64decode }}"
diff --git a/roles/ansible_service_broker/tasks/install.yml b/roles/ansible_service_broker/tasks/install.yml
index 89a84c4df..4ca47d074 100644
--- a/roles/ansible_service_broker/tasks/install.yml
+++ b/roles/ansible_service_broker/tasks/install.yml
@@ -30,8 +30,9 @@
ansible_service_broker_image: "{{ ansible_service_broker_image_prefix }}ansible-service-broker:{{ ansible_service_broker_image_tag }}"
ansible_service_broker_etcd_image: "{{ ansible_service_broker_etcd_image_prefix }}etcd:{{ ansible_service_broker_etcd_image_tag }}"
-- include: validate_facts.yml
+- include_tasks: validate_facts.yml
+- include_tasks: generate_certs.yml
# Deployment of ansible-service-broker starts here
- name: create openshift-ansible-service-broker project
@@ -68,6 +69,9 @@
- apiGroups: ["authentication.k8s.io"]
resources: ["tokenreviews"]
verbs: ["create"]
+ - apiGroups: ["image.openshift.io", ""]
+ resources: ["images"]
+ verbs: ["get", "list"]
- name: Create asb-access cluster role
oc_clusterrole:
@@ -116,6 +120,24 @@
kubernetes.io/service-account.name: asb-client
type: kubernetes.io/service-account-token
+- name: Create etcd-auth secret
+ oc_secret:
+ name: etcd-auth-secret
+ namespace: openshift-ansible-service-broker
+ contents:
+ - path: ca.crt
+ data: '{{ etcd_ca_cert }}'
+
+- name: Create broker-etcd-auth secret
+ oc_secret:
+ name: broker-etcd-auth-secret
+ namespace: openshift-ansible-service-broker
+ contents:
+ - path: client.crt
+ data: '{{ etcd_client_cert }}'
+ - path: client.key
+ data: '{{ etcd_client_key }}'
+
- oc_secret:
state: list
namespace: openshift-ansible-service-broker
@@ -125,36 +147,41 @@
- set_fact:
service_ca_crt: "{{ asb_client_secret.results.results.0.data['service-ca.crt'] }}"
-# Using oc_obj because oc_service doesn't seem to allow annotations
-# TODO: Extend oc_service to allow annotations
- name: create ansible-service-broker service
- oc_obj:
+ oc_service:
name: asb
namespace: openshift-ansible-service-broker
- state: present
- kind: Service
- content:
- path: /tmp/asbsvcout
- data:
- apiVersion: v1
- kind: Service
- metadata:
- name: asb
- namespace: openshift-ansible-service-broker
- labels:
- app: openshift-ansible-service-broker
- service: asb
- annotations:
- service.alpha.openshift.io/serving-cert-secret-name: asb-tls
- spec:
- ports:
- - name: port-1338
- port: 1338
- targetPort: 1338
- protocol: TCP
- selector:
- app: openshift-ansible-service-broker
- service: asb
+ labels:
+ app: openshift-ansible-service-broker
+ service: asb
+ annotations:
+ service.alpha.openshift.io/serving-cert-secret-name: asb-tls
+ ports:
+ - name: port-1338
+ port: 1338
+ targetPort: 1338
+ protocol: TCP
+ selector:
+ app: openshift-ansible-service-broker
+ service: asb
+
+- name: create asb-etcd service
+ oc_service:
+ name: asb-etcd
+ namespace: openshift-ansible-service-broker
+ labels:
+ app: etcd
+ service: asb-etcd
+ annotations:
+ service.alpha.openshift.io/serving-cert-secret-name: etcd-tls
+ ports:
+ - name: port-2379
+ port: 2379
+ targetPort: 2379
+ protocol: TCP
+ selector:
+ app: etcd
+ service: asb-etcd
- name: create route for ansible-service-broker service
oc_route:
@@ -169,28 +196,25 @@
tls_termination: Reencrypt
- name: create persistent volume claim for etcd
- oc_obj:
+ oc_pvc:
name: etcd
namespace: openshift-ansible-service-broker
- state: present
- kind: PersistentVolumeClaim
- content:
- path: /tmp/pvcout
- data:
- apiVersion: v1
- kind: PersistentVolumeClaim
- metadata:
- name: etcd
- namespace: openshift-ansible-service-broker
- spec:
- accessModes:
- - ReadWriteOnce
- resources:
- requests:
- storage: 1Gi
+ access_modes:
+ - ReadWriteOnce
+ volume_capacity: 1G
+
+- name: Search for existing Ansible Service Broker deployment config
+ oc_obj:
+ name: asb
+ namespace: openshift-ansible-service-broker
+ kind: DeploymentConfig
+ state: list
+ register: asb_dc
- name: Create Ansible Service Broker deployment config
+ when: asb_dc.results.results.0 | length == 0
oc_obj:
+ force: yes
name: asb
namespace: openshift-ansible-service-broker
state: present
@@ -227,6 +251,8 @@
mountPath: /etc/ansible-service-broker
- name: asb-tls
mountPath: /etc/tls/private
+ - name: asb-etcd-auth
+ mountPath: /var/run/asb-etcd-auth
ports:
- containerPort: 1338
protocol: TCP
@@ -249,7 +275,59 @@
scheme: HTTPS
initialDelaySeconds: 15
timeoutSeconds: 1
+ volumes:
+ - name: config-volume
+ configMap:
+ name: broker-config
+ items:
+ - key: broker-config
+ path: config.yaml
+ - name: asb-tls
+ secret:
+ secretName: asb-tls
+ - name: asb-etcd-auth
+ secret:
+ secretName: broker-etcd-auth-secret
+- name: Search for existing Ansible Service Broker etcd deployment config
+ oc_obj:
+ name: asb-etcd
+ namespace: openshift-ansible-service-broker
+ kind: DeploymentConfig
+ state: list
+ register: asb_etcd_dc
+
+- name: Create asb-etcd deployment config
+ when: asb_etcd_dc.results.results.0 | length == 0
+ oc_obj:
+ name: asb-etcd
+ namespace: openshift-ansible-service-broker
+ state: present
+ kind: DeploymentConfig
+ content:
+ path: /tmp/dcout
+ data:
+ apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: asb-etcd
+ labels:
+ app: etcd
+ service: asb-etcd
+ spec:
+ replicas: 1
+ selector:
+ app: etcd
+ strategy:
+ type: Rolling
+ template:
+ metadata:
+ labels:
+ app: etcd
+ service: asb-etcd
+ spec:
+ serviceAccount: asb
+ containers:
- image: "{{ ansible_service_broker_etcd_image }}"
name: etcd
imagePullPolicy: IfNotPresent
@@ -258,8 +336,12 @@
args:
- "{{ ansible_service_broker_etcd_image_etcd_path }}"
- "--data-dir=/data"
- - "--listen-client-urls=http://0.0.0.0:2379"
- - "--advertise-client-urls=http://0.0.0.0:2379"
+ - "--listen-client-urls=https://0.0.0.0:2379"
+ - "--advertise-client-urls=https://asb-etcd.openshift-ansible-service-broker.svc:2379"
+ - "--client-cert-auth"
+ - "--trusted-ca-file=/var/run/etcd-auth-secret/ca.crt"
+ - "--cert-file=/etc/tls/private/tls.crt"
+ - "--key-file=/etc/tls/private/tls.key"
ports:
- containerPort: 2379
protocol: TCP
@@ -267,21 +349,22 @@
- name: ETCDCTL_API
value: "3"
volumeMounts:
- - mountPath: /data
- name: etcd
+ - name: etcd
+ mountPath: /data
+ - name: etcd-tls
+ mountPath: /etc/tls/private
+ - name: etcd-auth
+ mountPath: /var/run/etcd-auth-secret
volumes:
- name: etcd
persistentVolumeClaim:
claimName: etcd
- - name: config-volume
- configMap:
- name: broker-config
- items:
- - key: broker-config
- path: config.yaml
- - name: asb-tls
+ - name: etcd-tls
secret:
- secretName: asb-tls
+ secretName: etcd-tls
+ - name: etcd-auth
+ secret:
+ secretName: etcd-auth-secret
# TODO: saw a oc_configmap in the library, but didn't understand how to get it to do the following:
@@ -307,16 +390,20 @@
- type: {{ ansible_service_broker_registry_type }}
name: {{ ansible_service_broker_registry_name }}
url: {{ ansible_service_broker_registry_url }}
- user: {{ ansible_service_broker_registry_user }}
- pass: {{ ansible_service_broker_registry_password }}
org: {{ ansible_service_broker_registry_organization }}
tag: {{ ansible_service_broker_registry_tag }}
- white_list: {{ ansible_service_broker_registry_whitelist }}
+ white_list: {{ ansible_service_broker_registry_whitelist | to_yaml }}
+ - type: local_openshift
+ name: localregistry
+ namespaces: ['openshift']
+ white_list: {{ ansible_service_broker_local_registry_whitelist | to_yaml }}
dao:
- etcd_host: 0.0.0.0
+ etcd_host: asb-etcd.openshift-ansible-service-broker.svc
etcd_port: 2379
+ etcd_ca_file: /var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt
+ etcd_client_cert: /var/run/asb-etcd-auth/client.crt
+ etcd_client_key: /var/run/asb-etcd-auth/client.key
log:
- logfile: /var/log/ansible-service-broker/asb.log
stdout: true
level: {{ ansible_service_broker_log_level }}
color: true
@@ -326,6 +413,8 @@
bearer_token_file: ""
sandbox_role: {{ ansible_service_broker_sandbox_role }}
image_pull_policy: {{ ansible_service_broker_image_pull_policy }}
+ keep_namespace: {{ ansible_service_broker_keep_namespace | bool | lower }}
+ keep_namespace_on_error: {{ ansible_service_broker_keep_namespace_on_error | bool | lower }}
broker:
dev_broker: {{ ansible_service_broker_dev_broker | bool | lower }}
bootstrap_on_startup: {{ ansible_service_broker_bootstrap_on_startup | bool | lower }}
@@ -340,6 +429,15 @@
- type: basic
enabled: false
+- oc_secret:
+ name: asb-registry-auth
+ namespace: openshift-ansible-service-broker
+ state: present
+ contents:
+ - path: username
+ data: "{{ ansible_service_broker_registry_user }}"
+ - path: password
+ data: "{{ ansible_service_broker_registry_password }}"
- name: Create the Broker resource in the catalog
oc_obj:
diff --git a/roles/ansible_service_broker/tasks/main.yml b/roles/ansible_service_broker/tasks/main.yml
index 2ed156728..4a3c15d01 100644
--- a/roles/ansible_service_broker/tasks/main.yml
+++ b/roles/ansible_service_broker/tasks/main.yml
@@ -1,8 +1,8 @@
---
# do any asserts here
-- include: install.yml
- when: ansible_service_broker_install | default(true) | bool
+- include_tasks: install.yml
+ when: ansible_service_broker_install | bool
-- include: remove.yml
- when: ansible_service_broker_remove | default(false) | bool
+- include_tasks: remove.yml
+ when: ansible_service_broker_remove | bool
diff --git a/roles/ansible_service_broker/tasks/remove.yml b/roles/ansible_service_broker/tasks/remove.yml
index 51b86fb26..a1ac740e0 100644
--- a/roles/ansible_service_broker/tasks/remove.yml
+++ b/roles/ansible_service_broker/tasks/remove.yml
@@ -46,18 +46,42 @@
resource_name: asb-access
user: "system:serviceaccount:openshift-ansible-service-broker:asb-client"
+- name: remove asb-registry auth secret
+ oc_secret:
+ state: absent
+ name: asb-registry-auth
+ namespace: openshift-ansible-service-broker
+
- name: remove asb-client token secret
oc_secret:
state: absent
name: asb-client
namespace: openshift-ansible-service-broker
+- name: Remove etcd-auth secret
+ oc_secret:
+ state: absent
+ name: etcd-auth-secret
+ namespace: openshift-ansible-service-broker
+
+- name: Remove broker-etcd-auth secret
+ oc_secret:
+ state: absent
+ name: broker-etcd-auth-secret
+ namespace: openshift-ansible-service-broker
+
- name: remove ansible-service-broker service
oc_service:
name: asb
namespace: openshift-ansible-service-broker
state: absent
+- name: remove asb-etcd service
+ oc_service:
+ state: absent
+ name: asb-etcd
+ namespace: openshift-ansible-service-broker
+
- name: remove etcd service
oc_service:
name: etcd
@@ -83,6 +107,14 @@
kind: DeploymentConfig
state: absent
+- name: remove Ansible Service Broker etcd deployment config
+ oc_obj:
+ name: asb-etcd
+ namespace: openshift-ansible-service-broker
+ kind: DeploymentConfig
+ state: absent
+
+
- name: remove secret for broker auth
oc_obj:
name: asb-client
diff --git a/roles/ansible_service_broker/tasks/validate_facts.yml b/roles/ansible_service_broker/tasks/validate_facts.yml
index 604d24e1d..a2345551b 100644
--- a/roles/ansible_service_broker/tasks/validate_facts.yml
+++ b/roles/ansible_service_broker/tasks/validate_facts.yml
@@ -1,11 +1,9 @@
---
- name: validate Dockerhub registry settings
- fail: msg="To use the dockerhub registry, you must provide the ansible_service_broker_registry_user. ansible_service_broker_registry_password, and ansible_service_broker_registry_organization parameters"
+ fail: msg="To use the dockerhub registry, you must provide the ansible_service_broker_registry_organization"
when:
- ansible_service_broker_registry_type == 'dockerhub'
- - not (ansible_service_broker_registry_user and
- ansible_service_broker_registry_password and
- ansible_service_broker_registry_organization)
+ - not ansible_service_broker_registry_organization
- name: validate RHCC registry settings
diff --git a/roles/ansible_service_broker/vars/default_images.yml b/roles/ansible_service_broker/vars/default_images.yml
index 8438e993f..248e0363d 100644
--- a/roles/ansible_service_broker/vars/default_images.yml
+++ b/roles/ansible_service_broker/vars/default_images.yml
@@ -12,6 +12,6 @@ __ansible_service_broker_registry_name: dh
__ansible_service_broker_registry_url: null
__ansible_service_broker_registry_user: null
__ansible_service_broker_registry_password: null
-__ansible_service_broker_registry_organization: null
+__ansible_service_broker_registry_organization: ansibleplaybookbundle
__ansible_service_broker_registry_tag: latest
__ansible_service_broker_registry_whitelist: []
diff --git a/roles/calico/handlers/main.yml b/roles/calico/handlers/main.yml
index 67fc0065f..ed484c0dd 100644
--- a/roles/calico/handlers/main.yml
+++ b/roles/calico/handlers/main.yml
@@ -3,12 +3,12 @@
become: yes
systemd: name=calico state=restarted
-- name: restart docker
+- name: restart container runtime
become: yes
systemd:
- name: "{{ openshift.docker.service_name }}"
+ name: "{{ openshift_docker_service_name }}"
state: restarted
register: l_docker_restart_docker_in_calico_result
- until: not l_docker_restart_docker_in_calico_result | failed
+ until: not (l_docker_restart_docker_in_calico_result is failed)
retries: 3
delay: 30
diff --git a/roles/calico/meta/main.yml b/roles/calico/meta/main.yml
index 816c81369..e3997911b 100644
--- a/roles/calico/meta/main.yml
+++ b/roles/calico/meta/main.yml
@@ -13,5 +13,6 @@ galaxy_info:
- cloud
- system
dependencies:
+- role: lib_utils
- role: openshift_facts
- role: openshift_master_facts
diff --git a/roles/calico/tasks/main.yml b/roles/calico/tasks/main.yml
index 0e3863304..bbc6edd48 100644
--- a/roles/calico/tasks/main.yml
+++ b/roles/calico/tasks/main.yml
@@ -14,7 +14,6 @@
vars:
etcd_cert_prefix: calico.etcd-
etcd_cert_config_dir: "{{ openshift.common.config_base }}/calico"
- embedded_etcd: "{{ hostvars[groups.oo_first_master.0].openshift.master.embedded_etcd }}"
etcd_ca_host: "{{ groups.oo_etcd_to_config.0 }}"
etcd_cert_subdir: "openshift-calico-{{ openshift.common.hostname }}"
diff --git a/roles/calico/templates/calico.service.j2 b/roles/calico/templates/calico.service.j2
index 7653e19b1..a7809b9f9 100644
--- a/roles/calico/templates/calico.service.j2
+++ b/roles/calico/templates/calico.service.j2
@@ -1,7 +1,7 @@
[Unit]
Description=calico
-After={{ openshift.docker.service_name }}.service
-Requires={{ openshift.docker.service_name }}.service
+After={{ openshift_docker_service_name }}.service
+Requires={{ openshift_docker_service_name }}.service
[Service]
Restart=always
diff --git a/roles/calico_master/meta/main.yml b/roles/calico_master/meta/main.yml
index 4d70c79cf..73c94db4e 100644
--- a/roles/calico_master/meta/main.yml
+++ b/roles/calico_master/meta/main.yml
@@ -13,5 +13,6 @@ galaxy_info:
- cloud
- system
dependencies:
+- role: lib_utils
- role: calico
- role: openshift_facts
diff --git a/roles/cockpit-ui/meta/main.yml b/roles/cockpit-ui/meta/main.yml
index 4d619fff6..2250fe4cb 100644
--- a/roles/cockpit-ui/meta/main.yml
+++ b/roles/cockpit-ui/meta/main.yml
@@ -12,4 +12,5 @@ galaxy_info:
categories:
- cloud
dependencies:
+- role: lib_utils
- role: lib_openshift
diff --git a/roles/cockpit-ui/tasks/main.yml b/roles/cockpit-ui/tasks/main.yml
index 244e2cc41..f60912033 100644
--- a/roles/cockpit-ui/tasks/main.yml
+++ b/roles/cockpit-ui/tasks/main.yml
@@ -37,11 +37,11 @@
cp {{ openshift_master_config_dir }}/admin.kubeconfig {{ openshift_hosted_kubeconfig }}
changed_when: False
- # TODO: Need to fix the origin and enterprise templates so that they both respect IMAGE_PREFIX
- name: Deploy registry-console
command: >
{{ openshift.common.client_binary }} new-app --template=registry-console
{% if openshift_cockpit_deployer_prefix is defined %}-p IMAGE_PREFIX="{{ openshift_cockpit_deployer_prefix }}"{% endif %}
+ {% if openshift_cockpit_deployer_basename is defined %}-p IMAGE_BASENAME="{{ openshift_cockpit_deployer_basename }}"{% endif %}
{% if openshift_cockpit_deployer_version is defined %}-p IMAGE_VERSION="{{ openshift_cockpit_deployer_version }}"{% endif %}
-p OPENSHIFT_OAUTH_PROVIDER_URL="{{ openshift.master.public_api_url }}"
-p REGISTRY_HOST="{{ docker_registry_route.results[0].spec.host }}"
diff --git a/roles/cockpit/meta/main.yml b/roles/cockpit/meta/main.yml
index 8c0ed3cb8..07e466f04 100644
--- a/roles/cockpit/meta/main.yml
+++ b/roles/cockpit/meta/main.yml
@@ -12,4 +12,4 @@ galaxy_info:
categories:
- cloud
dependencies:
-- role: lib_os_firewall
+- role: lib_utils
diff --git a/roles/cockpit/tasks/main.yml b/roles/cockpit/tasks/main.yml
index 066ee3f3b..fc13afed3 100644
--- a/roles/cockpit/tasks/main.yml
+++ b/roles/cockpit/tasks/main.yml
@@ -1,7 +1,6 @@
---
- name: setup firewall
- include: firewall.yml
- static: yes
+ import_tasks: firewall.yml
- name: Install cockpit-ws
package: name={{ item }} state=present
@@ -12,6 +11,8 @@
- cockpit-docker
- "{{ cockpit_plugins }}"
when: not openshift.common.is_containerized | bool
+ register: result
+ until: result is succeeded
- name: Enable cockpit-ws
systemd:
diff --git a/roles/container_runtime/README.md b/roles/container_runtime/README.md
new file mode 100644
index 000000000..51f469aaf
--- /dev/null
+++ b/roles/container_runtime/README.md
@@ -0,0 +1,44 @@
+Container Runtime
+=========
+
+Ensures docker package or system container is installed, and optionally raises timeout for systemd-udevd.service to 5 minutes.
+
+container-daemon.json items may be found at https://docs.docker.com/engine/reference/commandline/dockerd/#daemon-configuration-file
+
+This role is designed to be used with include_role and tasks_from.
+
+Entry points
+------------
+* package_docker.yml - install and setup docker container runtime.
+* systemcontainer_docker.yml - utilize docker + systemcontainer
+* systemcontainer_crio.yml - utilize crio + systemcontainer
+* registry_auth.yml - place docker login credentials.
+
+Requirements
+------------
+
+Ansible 2.4
+
+
+Dependencies
+------------
+
+Depends on openshift_facts having already been run.
+
+Example Playbook
+----------------
+
+ - hosts: servers
+ tasks:
+ - include_role: container_runtime
+ tasks_from: package_docker.yml
+
+License
+-------
+
+ASL 2.0
+
+Author Information
+------------------
+
+Red Hat, Inc
diff --git a/roles/container_runtime/defaults/main.yml b/roles/container_runtime/defaults/main.yml
new file mode 100644
index 000000000..6ab0456bc
--- /dev/null
+++ b/roles/container_runtime/defaults/main.yml
@@ -0,0 +1,133 @@
+---
+docker_cli_auth_config_path: '/root/.docker'
+openshift_docker_signature_verification: False
+
+repoquery_cmd: "{{ 'dnf repoquery --latest-limit 1 -d 0' if ansible_pkg_mgr == 'dnf' else 'repoquery --plugins' }}"
+
+openshift_docker_alternative_creds: False
+
+# oreg_url is defined by user input.
+oreg_host: "{{ oreg_url.split('/')[0] if (oreg_url is defined and '.' in oreg_url.split('/')[0]) else '' }}"
+oreg_auth_credentials_replace: False
+
+openshift_docker_use_system_container: False
+openshift_docker_disable_push_dockerhub: False # bool
+openshift_docker_selinux_enabled: True
+openshift_docker_service_name: "{{ 'container-engine' if (openshift_docker_use_system_container | default(False)) else 'docker' }}"
+
+openshift_docker_hosted_registry_insecure: False # bool
+
+openshift_docker_hosted_registry_network_default: "{{ openshift_portal_net | default(False) }}"
+openshift_docker_hosted_registry_network: "{{ openshift_docker_hosted_registry_network_default }}"
+
+openshift_docker_additional_registries: []
+openshift_docker_blocked_registries: []
+openshift_docker_insecure_registries: []
+
+openshift_docker_ent_reg: 'registry.access.redhat.com'
+
+openshift_docker_options: False # str
+openshift_docker_log_driver: False # str
+openshift_docker_log_options: []
+
+# The l2_docker_* variables convert csv strings to lists, if
+# necessary. These variables should be used in place of their respective
+# openshift_docker_* counterparts to ensure the properly formatted lists are
+# utilized.
+l2_docker_additional_registries: "{% if openshift_docker_additional_registries is string %}{% if openshift_docker_additional_registries == '' %}[]{% elif ',' in openshift_docker_additional_registries %}{{ openshift_docker_additional_registries.split(',') | list }}{% else %}{{ [ openshift_docker_additional_registries ] }}{% endif %}{% else %}{{ openshift_docker_additional_registries }}{% endif %}"
+l2_docker_blocked_registries: "{% if openshift_docker_blocked_registries is string %}{% if openshift_docker_blocked_registries == '' %}[]{% elif ',' in openshift_docker_blocked_registries %}{{ openshift_docker_blocked_registries.split(',') | list }}{% else %}{{ [ openshift_docker_blocked_registries ] }}{% endif %}{% else %}{{ openshift_docker_blocked_registries }}{% endif %}"
+l2_docker_insecure_registries: "{% if openshift_docker_insecure_registries is string %}{% if openshift_docker_insecure_registries == '' %}[]{% elif ',' in openshift_docker_insecure_registries %}{{ openshift_docker_insecure_registries.split(',') | list }}{% else %}{{ [ openshift_docker_insecure_registries ] }}{% endif %}{% else %}{{ openshift_docker_insecure_registries }}{% endif %}"
+l2_docker_log_options: "{% if openshift_docker_log_options is string %}{% if ',' in openshift_docker_log_options %}{{ openshift_docker_log_options.split(',') | list }}{% else %}{{ [ openshift_docker_log_options ] }}{% endif %}{% else %}{{ openshift_docker_log_options }}{% endif %}"
+
+openshift_docker_use_etc_containers: False
+containers_registries_conf_path: /etc/containers/registries.conf
+
+r_crio_firewall_enabled: "{{ os_firewall_enabled | default(True) }}"
+r_crio_use_firewalld: "{{ os_firewall_use_firewalld | default(False) }}"
+
+r_crio_os_firewall_deny: []
+r_crio_os_firewall_allow:
+- service: crio
+ port: 10010/tcp
+
+
+openshift_docker_is_node_or_master: "{{ True if inventory_hostname in (groups['oo_masters_to_config']|default([])) or inventory_hostname in (groups['oo_nodes_to_config']|default([])) else False | bool }}"
+
+docker_alt_storage_path: /var/lib/containers/docker
+docker_default_storage_path: /var/lib/docker
+
+# Set local versions of facts that must be in json format for container-daemon.json
+# NOTE: When jinja2.9+ is used the container-daemon.json file can move to using tojson
+l_docker_log_options: "{{ l2_docker_log_options | to_json }}"
+l_docker_log_options_dict: "{{ l2_docker_log_options | lib_utils_oo_list_to_dict | to_json }}"
+l_docker_additional_registries: "{{ l2_docker_additional_registries | to_json }}"
+l_docker_blocked_registries: "{{ l2_docker_blocked_registries | to_json }}"
+l_docker_insecure_registries: "{{ l2_docker_insecure_registries | to_json }}"
+l_docker_selinux_enabled: "{{ openshift_docker_selinux_enabled | to_json }}"
+
+docker_http_proxy: "{{ openshift_http_proxy | default('') }}"
+docker_https_proxy: "{{ openshift.common.https_proxy | default('') }}"
+docker_no_proxy: "{{ openshift.common.no_proxy | default('') }}"
+
+openshift_use_crio: False
+openshift_use_crio_only: False
+
+l_openshift_image_tag_default: "{{ openshift_release | default('latest') }}"
+l_openshift_image_tag: "{{ openshift_image_tag | default(l_openshift_image_tag_default) | string}}"
+
+# --------------------- #
+# systemcontainers_crio #
+# --------------------- #
+l_insecure_crio_registries: "{{ '\"{}\"'.format('\", \"'.join(l2_docker_insecure_registries)) }}"
+l_crio_registries: "{{ l2_docker_additional_registries + ['docker.io'] }}"
+l_additional_crio_registries: "{{ '\"{}\"'.format('\", \"'.join(l_crio_registries)) }}"
+
+
+openshift_crio_image_tag_default: "latest"
+
+l_crt_crio_image_tag_dict:
+ openshift-enterprise: "{{ l_openshift_image_tag }}"
+ origin: "{{ openshift_crio_image_tag | default(openshift_crio_image_tag_default) }}"
+
+l_crt_crio_image_prepend_dict:
+ openshift-enterprise: "registry.access.redhat.com/openshift3"
+ origin: "docker.io/gscrivano"
+
+l_crt_crio_image_dict:
+ Fedora:
+ crio_image_name: "cri-o-fedora"
+ crio_image_tag: "latest"
+ CentOS:
+ crio_image_name: "cri-o-centos"
+ crio_image_tag: "latest"
+ RedHat:
+ crio_image_name: "cri-o"
+ crio_image_tag: "{{ openshift_crio_image_tag | default(l_crt_crio_image_tag_dict[openshift_deployment_type]) }}"
+
+l_crio_image_prepend: "{{ l_crt_crio_image_prepend_dict[openshift_deployment_type] }}"
+l_crio_image_name: "{{ l_crt_crio_image_dict[ansible_distribution]['crio_image_name'] }}"
+l_crio_image_tag: "{{ l_crt_crio_image_dict[ansible_distribution] }}"
+
+l_crio_image_default: "{{ l_crio_image_prepend }}/{{ l_crio_image_name }}:{{ l_crio_image_tag }}"
+l_crio_image: "{{ openshift_crio_systemcontainer_image_override | default(l_crio_image_default) }}"
+
+# ----------------------- #
+# systemcontainers_docker #
+# ----------------------- #
+l_crt_docker_image_prepend_dict:
+ Fedora: "registry.fedoraproject.org/latest"
+ Centos: "docker.io/gscrivano"
+ RedHat: "registry.access.redhat.com/openshift3"
+
+openshift_docker_image_tag_default: "latest"
+l_crt_docker_image_tag_dict:
+ openshift-enterprise: "{{ l_openshift_image_tag }}"
+ origin: "{{ openshift_docker_image_tag | default(openshift_docker_image_tag_default) }}"
+
+l_docker_image_prepend: "{{ l_crt_docker_image_prepend_dict[ansible_distribution] }}"
+l_docker_image_tag: "{{ l_crt_docker_image_tag_dict[openshift_deployment_type] }}"
+
+l_docker_image_default: "{{ l_docker_image_prepend }}/{{ openshift_docker_service_name }}:{{ l_docker_image_tag }}"
+l_docker_image: "{{ openshift_docker_systemcontainer_image_override | default(l_docker_image_default) }}"
+
+l_is_node_system_container: "{{ (openshift_use_node_system_container | default(openshift_use_system_containers | default(false)) | bool) }}"
diff --git a/roles/container_runtime/handlers/main.yml b/roles/container_runtime/handlers/main.yml
new file mode 100644
index 000000000..87c5de0e9
--- /dev/null
+++ b/roles/container_runtime/handlers/main.yml
@@ -0,0 +1,18 @@
+---
+
+- name: restart container runtime
+ systemd:
+ name: "{{ openshift_docker_service_name }}"
+ state: restarted
+ daemon_reload: yes
+ register: r_docker_restart_docker_result
+ until: not (r_docker_restart_docker_result is failed)
+ retries: 3
+ delay: 30
+ when: not docker_service_status_changed | default(false) | bool
+
+- name: restart udev
+ systemd:
+ name: systemd-udevd
+ state: restarted
+ daemon_reload: yes
diff --git a/roles/container_runtime/meta/main.yml b/roles/container_runtime/meta/main.yml
new file mode 100644
index 000000000..5c4c569de
--- /dev/null
+++ b/roles/container_runtime/meta/main.yml
@@ -0,0 +1,14 @@
+---
+galaxy_info:
+ author: OpenShift
+ description: container runtime install and configure
+ company: Red Hat, Inc
+ license: ASL 2.0
+ min_ansible_version: 2.2
+ platforms:
+ - name: EL
+ versions:
+ - 7
+dependencies:
+- role: lib_openshift
+- role: lib_utils
diff --git a/roles/openshift_atomic/tasks/proxy.yml b/roles/container_runtime/tasks/common/atomic_proxy.yml
index dde099984..dde099984 100644
--- a/roles/openshift_atomic/tasks/proxy.yml
+++ b/roles/container_runtime/tasks/common/atomic_proxy.yml
diff --git a/roles/container_runtime/tasks/common/post.yml b/roles/container_runtime/tasks/common/post.yml
new file mode 100644
index 000000000..d790eb2c0
--- /dev/null
+++ b/roles/container_runtime/tasks/common/post.yml
@@ -0,0 +1,26 @@
+---
+- name: Ensure /var/lib/containers exists
+ file:
+ path: /var/lib/containers
+ state: directory
+
+- name: Fix SELinux Permissions on /var/lib/containers
+ command: "restorecon -R /var/lib/containers/"
+ changed_when: false
+
+- meta: flush_handlers
+
+# This needs to run after docker is restarted to account for proxy settings.
+# registry_auth is called directly with include_role in some places, so we
+# have to put it in the root of the tasks/ directory.
+- include_tasks: ../registry_auth.yml
+
+- name: stat the docker data dir
+ stat:
+ path: "{{ docker_default_storage_path }}"
+ register: dockerstat
+
+- include_tasks: setup_docker_symlink.yml
+ when:
+ - openshift_use_crio
+ - dockerstat.stat.islnk is defined and not (dockerstat.stat.islnk | bool)
diff --git a/roles/container_runtime/tasks/common/pre.yml b/roles/container_runtime/tasks/common/pre.yml
new file mode 100644
index 000000000..990fe66da
--- /dev/null
+++ b/roles/container_runtime/tasks/common/pre.yml
@@ -0,0 +1,12 @@
+---
+- include_tasks: udev_workaround.yml
+ when: docker_udev_workaround | default(False) | bool
+
+- name: Add enterprise registry, if necessary
+ set_fact:
+ l2_docker_additional_registries: "{{ l2_docker_additional_registries + [openshift_docker_ent_reg] }}"
+ when:
+ - openshift.common.deployment_type == 'openshift-enterprise'
+ - openshift_docker_ent_reg != ''
+ - openshift_docker_ent_reg not in l2_docker_additional_registries
+ - not openshift_use_crio_only | bool
diff --git a/roles/container_runtime/tasks/common/setup_docker_symlink.yml b/roles/container_runtime/tasks/common/setup_docker_symlink.yml
new file mode 100644
index 000000000..d7aeb192e
--- /dev/null
+++ b/roles/container_runtime/tasks/common/setup_docker_symlink.yml
@@ -0,0 +1,38 @@
+---
+- block:
+ - name: stop the current running docker
+ systemd:
+ state: stopped
+ name: "{{ openshift_docker_service_name }}"
+
+ - name: copy "{{ docker_default_storage_path }}" to "{{ docker_alt_storage_path }}"
+ command: "cp -r {{ docker_default_storage_path }} {{ docker_alt_storage_path }}"
+ register: results
+ failed_when:
+ - results.rc != 0
+
+ - name: "Set the selinux context on {{ docker_alt_storage_path }}"
+ command: "semanage fcontext -a -e {{ docker_default_storage_path }} {{ docker_alt_storage_path }}"
+ register: results
+ failed_when:
+ - results.rc == 1
+ - "'already exists' not in results.stderr"
+
+ - name: "restorecon the {{ docker_alt_storage_path }}"
+ command: "restorecon -r {{ docker_alt_storage_path }}"
+
+ - name: Remove the old docker location
+ file:
+ state: absent
+ path: "{{ docker_default_storage_path }}"
+
+ - name: Setup the link
+ file:
+ state: link
+ src: "{{ docker_alt_storage_path }}"
+ path: "{{ docker_default_storage_path }}"
+
+ - name: start docker
+ systemd:
+ state: started
+ name: "{{ openshift_docker_service_name }}"
diff --git a/roles/container_runtime/tasks/common/syscontainer_packages.yml b/roles/container_runtime/tasks/common/syscontainer_packages.yml
new file mode 100644
index 000000000..b41122880
--- /dev/null
+++ b/roles/container_runtime/tasks/common/syscontainer_packages.yml
@@ -0,0 +1,28 @@
+---
+
+- name: Ensure container-selinux is installed
+ package:
+ name: container-selinux
+ state: present
+ when: not openshift.common.is_atomic | bool
+ register: result
+ until: result is succeeded
+
+# Used to pull and install the system container
+- name: Ensure atomic is installed
+ package:
+ name: atomic
+ state: present
+ when: not openshift.common.is_atomic | bool
+ register: result
+ until: result is succeeded
+
+# At the time of writing the atomic command requires runc for it's own use. This
+# task is here in the even that the atomic package ever removes the dependency.
+- name: Ensure runc is installed
+ package:
+ name: runc
+ state: present
+ when: not openshift.common.is_atomic | bool
+ register: result
+ until: result is succeeded
diff --git a/roles/docker/tasks/udev_workaround.yml b/roles/container_runtime/tasks/common/udev_workaround.yml
index 257c3123d..257c3123d 100644
--- a/roles/docker/tasks/udev_workaround.yml
+++ b/roles/container_runtime/tasks/common/udev_workaround.yml
diff --git a/roles/docker/tasks/crio_firewall.yml b/roles/container_runtime/tasks/crio_firewall.yml
index fbd1ff515..fbd1ff515 100644
--- a/roles/docker/tasks/crio_firewall.yml
+++ b/roles/container_runtime/tasks/crio_firewall.yml
diff --git a/roles/container_runtime/tasks/docker_sanity.yml b/roles/container_runtime/tasks/docker_sanity.yml
new file mode 100644
index 000000000..bc4da1cce
--- /dev/null
+++ b/roles/container_runtime/tasks/docker_sanity.yml
@@ -0,0 +1,42 @@
+---
+# Sanity checks to ensure the role will complete and provide helpful error
+# messages for common problems.
+
+- name: Error out if Docker pre-installed but too old
+ fail:
+ msg: "Docker {{ curr_docker_version.stdout }} is installed, but >= 1.9.1 is required."
+ when:
+ - not (curr_docker_version is skipped)
+ - curr_docker_version.stdout != ''
+ - curr_docker_version.stdout is version_compare('1.9.1', '<')
+ - not (docker_version is defined)
+
+- name: Error out if requested Docker is too old
+ fail:
+ msg: "Docker {{ docker_version }} requested, but >= 1.9.1 is required."
+ when:
+ - docker_version is defined
+ - docker_version is version_compare('1.9.1', '<')
+
+# If a docker_version was requested, sanity check that we can install or upgrade to it, and
+# no downgrade is required.
+- name: Fail if Docker version requested but downgrade is required
+ fail:
+ msg: "Docker {{ curr_docker_version.stdout }} is installed, but version {{ docker_version }} was requested."
+ when:
+ - not (curr_docker_version is skipped)
+ - curr_docker_version.stdout != ''
+ - docker_version is defined
+ - curr_docker_version.stdout is version_compare(docker_version, '>')
+
+# This involves an extremely slow migration process, users should instead run the
+# Docker 1.10 upgrade playbook to accomplish this.
+- name: Error out if attempting to upgrade Docker across the 1.10 boundary
+ fail:
+ msg: "Cannot upgrade Docker to >= 1.10, please upgrade or remove Docker manually, or use the Docker upgrade playbook if OpenShift is already installed."
+ when:
+ - not (curr_docker_version is skipped)
+ - curr_docker_version.stdout != ''
+ - curr_docker_version.stdout is version_compare('1.10', '<')
+ - docker_version is defined
+ - docker_version is version_compare('1.10', '>=')
diff --git a/roles/container_runtime/tasks/docker_upgrade_check.yml b/roles/container_runtime/tasks/docker_upgrade_check.yml
new file mode 100644
index 000000000..6731963dd
--- /dev/null
+++ b/roles/container_runtime/tasks/docker_upgrade_check.yml
@@ -0,0 +1,74 @@
+---
+
+# This snippet determines if a Docker upgrade is required by checking the inventory
+# variables, the available packages, and sets l_docker_upgrade to True if so.
+
+- set_fact:
+ docker_upgrade: True
+ when: docker_upgrade is not defined
+
+- name: Check if Docker is installed
+ command: rpm -q docker
+ args:
+ warn: no
+ register: pkg_check
+ failed_when: pkg_check.rc > 1
+ changed_when: no
+
+- name: Get current version of Docker
+ command: "{{ repoquery_installed }} --qf '%{version}' docker"
+ register: curr_docker_version
+ retries: 4
+ until: curr_docker_version is succeeded
+ changed_when: false
+
+- name: Get latest available version of Docker
+ command: >
+ {{ repoquery_cmd }} --qf '%{version}' "docker"
+ register: avail_docker_version
+ retries: 4
+ until: avail_docker_version is succeeded
+ # Don't expect docker rpm to be available on hosts that don't already have it installed:
+ when: pkg_check.rc == 0
+ failed_when: false
+ changed_when: false
+
+- fail:
+ msg: This playbook requires access to Docker 1.12 or later
+ # Disable the 1.12 requirement if the user set a specific Docker version
+ when:
+ - docker_version is not defined
+ - docker_upgrade is not defined or docker_upgrade | bool == True
+ - (pkg_check.rc == 0 and (avail_docker_version.stdout == "" or avail_docker_version.stdout is version_compare('1.12','<')))
+
+# Default l_docker_upgrade to False, we'll set to True if an upgrade is required:
+- set_fact:
+ l_docker_upgrade: False
+
+# Make sure a docker_version is set if none was requested:
+- set_fact:
+ docker_version: "{{ avail_docker_version.stdout }}"
+ when: pkg_check.rc == 0 and docker_version is not defined
+
+- name: Flag for Docker upgrade if necessary
+ set_fact:
+ l_docker_upgrade: True
+ when:
+ - pkg_check.rc == 0
+ - curr_docker_version.stdout is version_compare(docker_version,'<')
+
+# Additional checks for Atomic hosts:
+- name: Determine available Docker
+ shell: "rpm -q --queryformat '---\ncurr_version: %{VERSION}\navail_version: \n' docker"
+ register: g_atomic_docker_version_result
+ when: openshift.common.is_atomic | bool
+
+- set_fact:
+ l_docker_version: "{{ g_atomic_docker_version_result.stdout | from_yaml }}"
+ when: openshift.common.is_atomic | bool
+
+- fail:
+ msg: This playbook requires access to Docker 1.12 or later
+ when:
+ - openshift.common.is_atomic | bool
+ - l_docker_version.avail_version | default(l_docker_version.curr_version, true) is version_compare('1.12','<')
diff --git a/roles/container_runtime/tasks/main.yml b/roles/container_runtime/tasks/main.yml
new file mode 100644
index 000000000..96d8606c6
--- /dev/null
+++ b/roles/container_runtime/tasks/main.yml
@@ -0,0 +1,2 @@
+---
+# This role is meant to be used with include_role and tasks_from.
diff --git a/roles/container_runtime/tasks/package_docker.yml b/roles/container_runtime/tasks/package_docker.yml
new file mode 100644
index 000000000..6604e6ad5
--- /dev/null
+++ b/roles/container_runtime/tasks/package_docker.yml
@@ -0,0 +1,150 @@
+---
+- include_tasks: common/pre.yml
+
+- name: Get current installed Docker version
+ command: "{{ repoquery_installed }} --qf '%{version}' docker"
+ when: not openshift.common.is_atomic | bool
+ register: curr_docker_version
+ retries: 4
+ until: curr_docker_version is succeeded
+ changed_when: false
+
+# Some basic checks to ensure the role will complete
+- include_tasks: docker_sanity.yml
+
+# Make sure Docker is installed, but does not update a running version.
+# Docker upgrades are handled by a separate playbook.
+# Note: The curr_docker_version.stdout check can be removed when https://github.com/ansible/ansible/issues/33187 gets fixed.
+- name: Install Docker
+ package:
+ name: "docker{{ '-' + docker_version if docker_version is defined else '' }}"
+ state: present
+ when:
+ - not (openshift.common.is_atomic | bool)
+ - not (curr_docker_version is skipped)
+ - not (curr_docker_version.stdout != '')
+ register: result
+ until: result is succeeded
+
+- block:
+ # Extend the default Docker service unit file when using iptables-services
+ - name: Ensure docker.service.d directory exists
+ file:
+ path: "{{ docker_systemd_dir }}"
+ state: directory
+
+ - name: Configure Docker service unit file
+ template:
+ dest: "{{ docker_systemd_dir }}/custom.conf"
+ src: custom.conf.j2
+ notify:
+ - restart container runtime
+ when: not (os_firewall_use_firewalld | default(False)) | bool
+
+- stat: path=/etc/sysconfig/docker
+ register: docker_check
+
+- name: Set registry params
+ lineinfile:
+ dest: /etc/sysconfig/docker
+ regexp: '^{{ item.reg_conf_var }}=.*$'
+ line: "{{ item.reg_conf_var }}='{{ item.reg_fact_val | lib_utils_oo_prepend_strings_in_list(item.reg_flag ~ ' ') | join(' ') }}'"
+ when:
+ - item.reg_fact_val != []
+ - docker_check.stat.isreg is defined
+ - docker_check.stat.isreg
+ with_items:
+ - reg_conf_var: ADD_REGISTRY
+ reg_fact_val: "{{ l2_docker_additional_registries }}"
+ reg_flag: --add-registry
+ - reg_conf_var: BLOCK_REGISTRY
+ reg_fact_val: "{{ l2_docker_blocked_registries }}"
+ reg_flag: --block-registry
+ - reg_conf_var: INSECURE_REGISTRY
+ reg_fact_val: "{{ l2_docker_insecure_registries }}"
+ reg_flag: --insecure-registry
+ notify:
+ - restart container runtime
+
+- name: Place additional/blocked/insecure registries in /etc/containers/registries.conf
+ template:
+ dest: "{{ containers_registries_conf_path }}"
+ src: registries.conf
+ when: openshift_docker_use_etc_containers | bool
+ notify:
+ - restart container runtime
+
+- name: Set Proxy Settings
+ lineinfile:
+ dest: /etc/sysconfig/docker
+ regexp: '^{{ item.reg_conf_var }}=.*$'
+ line: "{{ item.reg_conf_var }}='{{ item.reg_fact_val }}'"
+ state: "{{ 'present' if item.reg_fact_val != '' else 'absent'}}"
+ with_items:
+ - reg_conf_var: HTTP_PROXY
+ reg_fact_val: "{{ docker_http_proxy }}"
+ - reg_conf_var: HTTPS_PROXY
+ reg_fact_val: "{{ docker_https_proxy }}"
+ - reg_conf_var: NO_PROXY
+ reg_fact_val: "{{ docker_no_proxy }}"
+ notify:
+ - restart container runtime
+ when:
+ - docker_check.stat.isreg is defined
+ - docker_check.stat.isreg
+ - docker_http_proxy != '' or docker_https_proxy != ''
+
+- name: Set various Docker options
+ lineinfile:
+ dest: /etc/sysconfig/docker
+ regexp: '^OPTIONS=.*$'
+ line: "OPTIONS='\
+ {% if ansible_selinux.status | default(None) == 'enabled' and openshift_docker_selinux_enabled | default(true) | bool %} --selinux-enabled {% endif %} \
+ {% if openshift_docker_log_driver | bool %} --log-driver {{ openshift_docker_log_driver }}{% endif %} \
+ {% if l2_docker_log_options != [] %} {{ l2_docker_log_options | lib_utils_oo_split() | lib_utils_oo_prepend_strings_in_list('--log-opt ') | join(' ')}}{% endif %} \
+ {% if openshift_docker_hosted_registry_insecure and (openshift_docker_hosted_registry_network | bool) %} --insecure-registry={{ openshift_docker_hosted_registry_network }} {% endif %} \
+ {% if docker_options is defined %} {{ docker_options }}{% endif %} \
+ {% if openshift_docker_options %} {{ openshift_docker_options }}{% endif %} \
+ {% if openshift_docker_disable_push_dockerhub %} --confirm-def-push={{ openshift_docker_disable_push_dockerhub | bool }}{% endif %} \
+ --signature-verification={{ openshift_docker_signature_verification | bool }}'"
+ when: docker_check.stat.isreg is defined and docker_check.stat.isreg
+ notify:
+ - restart container runtime
+
+- stat: path=/etc/sysconfig/docker-network
+ register: sysconfig_docker_network_check
+
+- name: Configure Docker Network OPTIONS
+ lineinfile:
+ dest: /etc/sysconfig/docker-network
+ regexp: '^DOCKER_NETWORK_OPTIONS=.*$'
+ line: "DOCKER_NETWORK_OPTIONS='\
+ {% if openshift.node is defined and openshift.node.sdn_mtu is defined %} --mtu={{ openshift.node.sdn_mtu }}{% endif %}'"
+ when:
+ - sysconfig_docker_network_check.stat.isreg is defined
+ - sysconfig_docker_network_check.stat.isreg
+ notify:
+ - restart container runtime
+
+# The following task is needed as the systemd module may report a change in
+# state even though docker is already running.
+- name: Detect if docker is already started
+ command: "systemctl show docker -p ActiveState"
+ changed_when: False
+ register: r_docker_already_running_result
+
+- name: Start the Docker service
+ systemd:
+ name: docker
+ enabled: yes
+ state: started
+ daemon_reload: yes
+ register: r_docker_package_docker_start_result
+ until: not (r_docker_package_docker_start_result is failed)
+ retries: 3
+ delay: 30
+
+- set_fact:
+ docker_service_status_changed: "{{ (r_docker_package_docker_start_result is changed) and (r_docker_already_running_result.stdout != 'ActiveState=active' ) }}"
+
+- include_tasks: common/post.yml
diff --git a/roles/container_runtime/tasks/registry_auth.yml b/roles/container_runtime/tasks/registry_auth.yml
new file mode 100644
index 000000000..2c7bc5711
--- /dev/null
+++ b/roles/container_runtime/tasks/registry_auth.yml
@@ -0,0 +1,32 @@
+---
+- name: Check for credentials file for registry auth
+ stat:
+ path: "{{ docker_cli_auth_config_path }}/config.json"
+ when: oreg_auth_user is defined
+ register: docker_cli_auth_credentials_stat
+
+- name: Create credentials for docker cli registry auth
+ command: "docker --config={{ docker_cli_auth_config_path }} login -u {{ oreg_auth_user }} -p {{ oreg_auth_password }} {{ oreg_host }}"
+ register: openshift_docker_credentials_create_res
+ retries: 3
+ delay: 5
+ until: openshift_docker_credentials_create_res.rc == 0
+ when:
+ - not openshift_docker_alternative_creds | bool
+ - oreg_auth_user is defined
+ - (not docker_cli_auth_credentials_stat.stat.exists or oreg_auth_credentials_replace) | bool
+
+# docker_creds is a custom module from lib_utils
+# 'docker login' requires a docker.service running on the local host, this is an
+# alternative implementation for non-docker hosts. This implementation does not
+# check the registry to determine whether or not the credentials will work.
+- name: Create credentials for docker cli registry auth (alternative)
+ docker_creds:
+ path: "{{ docker_cli_auth_config_path }}"
+ registry: "{{ oreg_host }}"
+ username: "{{ oreg_auth_user }}"
+ password: "{{ oreg_auth_password }}"
+ when:
+ - openshift_docker_alternative_creds | bool
+ - oreg_auth_user is defined
+ - (not docker_cli_auth_credentials_stat.stat.exists or oreg_auth_credentials_replace) | bool
diff --git a/roles/container_runtime/tasks/systemcontainer_crio.yml b/roles/container_runtime/tasks/systemcontainer_crio.yml
new file mode 100644
index 000000000..61f122f3c
--- /dev/null
+++ b/roles/container_runtime/tasks/systemcontainer_crio.yml
@@ -0,0 +1,96 @@
+---
+# TODO: Much of this file is shared with container engine tasks
+- name: Check we are not using node as a Docker container with CRI-O
+ fail: msg='Cannot use CRI-O with node configured as a Docker container'
+ when:
+ - openshift.common.is_containerized | bool
+ - not l_is_node_system_container | bool
+
+- include_tasks: common/pre.yml
+
+- include_tasks: common/syscontainer_packages.yml
+
+- name: Check that overlay is in the kernel
+ shell: lsmod | grep overlay
+ register: l_has_overlay_in_kernel
+ ignore_errors: yes
+ failed_when: false
+
+- when: l_has_overlay_in_kernel.rc != 0
+ block:
+
+ - name: Add overlay to modprobe.d
+ template:
+ dest: /etc/modules-load.d/overlay.conf
+ src: overlay.conf.j2
+ backup: yes
+
+ - name: Manually modprobe overlay into the kernel
+ command: modprobe overlay
+
+ - name: Enable and start systemd-modules-load
+ service:
+ name: systemd-modules-load
+ enabled: yes
+ state: restarted
+
+- name: Ensure proxies are in the atomic.conf
+ include_tasks: common/atomic_proxy.yml
+
+# Be nice and let the user see the variable result
+- debug:
+ var: l_crio_image
+
+# NOTE: no_proxy added as a workaround until https://github.com/projectatomic/atomic/pull/999 is released
+- name: Pre-pull CRI-O System Container image
+ command: "atomic pull --storage ostree {{ l_crio_image }}"
+ changed_when: false
+ environment:
+ NO_PROXY: "{{ openshift.common.no_proxy | default('') }}"
+
+- name: Install CRI-O System Container
+ oc_atomic_container:
+ name: "cri-o"
+ image: "{{ l_crio_image }}"
+ state: latest
+
+- name: Remove CRI-O default configuration files
+ file:
+ path: "{{ item }}"
+ state: absent
+ with_items:
+ - /etc/cni/net.d/200-loopback.conf
+ - /etc/cni/net.d/100-crio-bridge.conf
+
+- name: Create the CRI-O configuration
+ template:
+ dest: /etc/crio/crio.conf
+ src: crio.conf.j2
+ backup: yes
+
+- name: Ensure CNI configuration directory exists
+ file:
+ path: /etc/cni/net.d/
+ state: directory
+
+- name: setup firewall for CRI-O
+ import_tasks: crio_firewall.yml
+
+- name: Configure the CNI network
+ template:
+ dest: /etc/cni/net.d/openshift-sdn.conf
+ src: 80-openshift-sdn.conf.j2
+
+- name: Start the CRI-O service
+ systemd:
+ name: "cri-o"
+ enabled: yes
+ state: started
+ daemon_reload: yes
+ register: start_result
+
+# If we are using crio only, docker.service might not be available for
+# 'docker login'
+- include_tasks: common/post.yml
+ vars:
+ openshift_docker_alternative_creds: "{{ openshift_use_crio_only }}"
diff --git a/roles/container_runtime/tasks/systemcontainer_docker.yml b/roles/container_runtime/tasks/systemcontainer_docker.yml
new file mode 100644
index 000000000..639585367
--- /dev/null
+++ b/roles/container_runtime/tasks/systemcontainer_docker.yml
@@ -0,0 +1,101 @@
+---
+# If docker_options are provided we should fail. We should not install docker and ignore
+# the users configuration. NOTE: docker_options == inventory:openshift_docker_options
+- name: Fail quickly if openshift_docker_options are set
+ assert:
+ that:
+ - "{% if not openshift_docker_options %}1{% else %}0{% endif %}"
+ msg: |
+ Docker via System Container does not allow for the use of the openshift_docker_options
+ variable. If you want to use openshift_docker_options you will need to use the
+ traditional docker package install. Otherwise, comment out openshift_docker_options
+ in your inventory file.
+
+- include_tasks: common/pre.yml
+
+- include_tasks: common/syscontainer_packages.yml
+
+# Make sure Docker is installed so we are able to use the client
+- name: Install Docker so we can use the client
+ package: name=docker{{ '-' + docker_version if docker_version is defined else '' }} state=present
+ when: not openshift.common.is_atomic | bool
+ register: result
+ until: result is succeeded
+
+# Make sure docker is disabled. Errors are ignored.
+- name: Disable Docker
+ systemd:
+ name: docker
+ enabled: no
+ state: stopped
+ daemon_reload: yes
+ ignore_errors: True
+ register: r_docker_systemcontainer_docker_stop_result
+ until: not (r_docker_systemcontainer_docker_stop_result is failed)
+ retries: 3
+ delay: 30
+
+- name: Ensure proxies are in the atomic.conf
+ include_tasks: common/atomic_proxy.yml
+
+# Be nice and let the user see the variable result
+- debug:
+ var: l_docker_image
+
+# NOTE: no_proxy added as a workaround until https://github.com/projectatomic/atomic/pull/999 is released
+- name: Pre-pull Container Engine System Container image
+ command: "atomic pull --storage ostree {{ l_docker_image }}"
+ changed_when: false
+ environment:
+ NO_PROXY: "{{ docker_no_proxy }}"
+
+
+- name: Ensure container-engine.service.d directory exists
+ file:
+ path: "{{ container_engine_systemd_dir }}"
+ state: directory
+
+- name: Ensure /etc/docker directory exists
+ file:
+ path: "{{ docker_conf_dir }}"
+ state: directory
+
+- name: Install Container Engine System Container
+ oc_atomic_container:
+ name: "{{ openshift_docker_service_name }}"
+ image: "{{ l_docker_image }}"
+ state: latest
+
+- name: Configure Container Engine Service File
+ template:
+ dest: "{{ container_engine_systemd_dir }}/custom.conf"
+ src: systemcontainercustom.conf.j2
+
+# Configure container-engine using the container-daemon.json file
+# NOTE: daemon.json and container-daemon.json have been seperated to avoid
+# collision.
+- name: Configure Container Engine
+ template:
+ dest: "{{ docker_conf_dir }}/container-daemon.json"
+ src: daemon.json
+
+# Enable and start the container-engine service
+- name: Start the Container Engine service
+ systemd:
+ name: "{{ openshift_docker_service_name }}"
+ enabled: yes
+ state: started
+ daemon_reload: yes
+ register: r_docker_systemcontainer_docker_start_result
+ until: not (r_docker_systemcontainer_docker_start_result is failed)
+ retries: 3
+ delay: 30
+
+- set_fact:
+ docker_service_status_changed: "{{ r_docker_systemcontainer_docker_start_result is changed }}"
+
+# Since docker is running as a system container, docker login will fail to create
+# credentials. Use alternate method if requiring authenticated registries.
+- include_tasks: common/post.yml
+ vars:
+ openshift_docker_alternative_creds: True
diff --git a/roles/docker/templates/80-openshift-sdn.conf.j2 b/roles/container_runtime/templates/80-openshift-sdn.conf.j2
index a693aea5f..a693aea5f 100644
--- a/roles/docker/templates/80-openshift-sdn.conf.j2
+++ b/roles/container_runtime/templates/80-openshift-sdn.conf.j2
diff --git a/roles/container_runtime/templates/crio.conf.j2 b/roles/container_runtime/templates/crio.conf.j2
new file mode 100644
index 000000000..0a1ff2e0a
--- /dev/null
+++ b/roles/container_runtime/templates/crio.conf.j2
@@ -0,0 +1,164 @@
+# {{ ansible_managed }}
+
+# The "crio" table contains all of the server options.
+[crio]
+
+# root is a path to the "root directory". CRIO stores all of its data,
+# including container images, in this directory.
+root = "/var/lib/containers/storage"
+
+# run is a path to the "run directory". CRIO stores all of its state
+# in this directory.
+runroot = "/var/run/containers/storage"
+
+# storage_driver select which storage driver is used to manage storage
+# of images and containers.
+storage_driver = "overlay"
+
+# storage_option is used to pass an option to the storage driver.
+storage_option = [
+{% if ansible_distribution in ['RedHat', 'CentOS'] %}
+ "overlay.override_kernel_check=1"
+{% endif %}
+]
+
+# The "crio.api" table contains settings for the kubelet/gRPC
+# interface (which is also used by crioctl).
+[crio.api]
+
+# listen is the path to the AF_LOCAL socket on which crio will listen.
+listen = "/var/run/crio/crio.sock"
+
+# stream_address is the IP address on which the stream server will listen
+stream_address = ""
+
+# stream_port is the port on which the stream server will listen
+stream_port = "10010"
+
+# file_locking is whether file-based locking will be used instead of
+# in-memory locking
+file_locking = true
+
+# The "crio.runtime" table contains settings pertaining to the OCI
+# runtime used and options for how to set up and manage the OCI runtime.
+[crio.runtime]
+
+# runtime is the OCI compatible runtime used for trusted container workloads.
+# This is a mandatory setting as this runtime will be the default one
+# and will also be used for untrusted container workloads if
+# runtime_untrusted_workload is not set.
+runtime = "/usr/bin/runc"
+
+# runtime_untrusted_workload is the OCI compatible runtime used for untrusted
+# container workloads. This is an optional setting, except if
+# default_container_trust is set to "untrusted".
+runtime_untrusted_workload = ""
+
+# default_workload_trust is the default level of trust crio puts in container
+# workloads. It can either be "trusted" or "untrusted", and the default
+# is "trusted".
+# Containers can be run through different container runtimes, depending on
+# the trust hints we receive from kubelet:
+# - If kubelet tags a container workload as untrusted, crio will try first to
+# run it through the untrusted container workload runtime. If it is not set,
+# crio will use the trusted runtime.
+# - If kubelet does not provide any information about the container workload trust
+# level, the selected runtime will depend on the default_container_trust setting.
+# If it is set to "untrusted", then all containers except for the host privileged
+# ones, will be run by the runtime_untrusted_workload runtime. Host privileged
+# containers are by definition trusted and will always use the trusted container
+# runtime. If default_container_trust is set to "trusted", crio will use the trusted
+# container runtime for all containers.
+default_workload_trust = "trusted"
+
+# no_pivot instructs the runtime to not use pivot_root, but instead use MS_MOVE
+no_pivot = false
+
+# conmon is the path to conmon binary, used for managing the runtime.
+conmon = "/usr/libexec/crio/conmon"
+
+# conmon_env is the environment variable list for conmon process,
+# used for passing necessary environment variable to conmon or runtime.
+conmon_env = [
+ "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
+]
+
+# selinux indicates whether or not SELinux will be used for pod
+# separation on the host. If you enable this flag, SELinux must be running
+# on the host.
+selinux = true
+
+# seccomp_profile is the seccomp json profile path which is used as the
+# default for the runtime.
+seccomp_profile = "/etc/crio/seccomp.json"
+
+# apparmor_profile is the apparmor profile name which is used as the
+# default for the runtime.
+apparmor_profile = "crio-default"
+
+# cgroup_manager is the cgroup management implementation to be used
+# for the runtime.
+cgroup_manager = "systemd"
+
+# hooks_dir_path is the oci hooks directory for automatically executed hooks
+hooks_dir_path = "/usr/share/containers/oci/hooks.d"
+
+# default_mounts is the mounts list to be mounted for the container when created
+default_mounts = [
+ "/usr/share/rhel/secrets:/run/secrets",
+]
+
+# pids_limit is the number of processes allowed in a container
+pids_limit = 1024
+
+# log_size_max is the max limit for the container log size in bytes.
+# Negative values indicate that no limit is imposed.
+log_size_max = 52428800
+
+# The "crio.image" table contains settings pertaining to the
+# management of OCI images.
+[crio.image]
+
+# default_transport is the prefix we try prepending to an image name if the
+# image name as we receive it can't be parsed as a valid source reference
+default_transport = "docker://"
+
+# pause_image is the image which we use to instantiate infra containers.
+pause_image = "kubernetes/pause"
+
+# pause_command is the command to run in a pause_image to have a container just
+# sit there. If the image contains the necessary information, this value need
+# not be specified.
+pause_command = "/pause"
+
+# signature_policy is the name of the file which decides what sort of policy we
+# use when deciding whether or not to trust an image that we've pulled.
+# Outside of testing situations, it is strongly advised that this be left
+# unspecified so that the default system-wide policy will be used.
+signature_policy = ""
+
+# image_volumes controls how image volumes are handled.
+# The valid values are mkdir and ignore.
+image_volumes = "mkdir"
+
+# insecure_registries is used to skip TLS verification when pulling images.
+insecure_registries = [
+{{ l_insecure_crio_registries|default("") }}
+]
+
+# registries is used to specify a comma separated list of registries to be used
+# when pulling an unqualified image (e.g. fedora:rawhide).
+registries = [
+{{ l_additional_crio_registries|default("") }}
+]
+
+# The "crio.network" table contains settings pertaining to the
+# management of CNI plugins.
+[crio.network]
+
+# network_dir is is where CNI network configuration
+# files are stored.
+network_dir = "/etc/cni/net.d/"
+
+# plugin_dir is is where CNI plugin binaries are stored.
+plugin_dir = "/opt/cni/bin/"
diff --git a/roles/docker/templates/custom.conf.j2 b/roles/container_runtime/templates/custom.conf.j2
index 713412473..713412473 100644
--- a/roles/docker/templates/custom.conf.j2
+++ b/roles/container_runtime/templates/custom.conf.j2
diff --git a/roles/container_runtime/templates/daemon.json b/roles/container_runtime/templates/daemon.json
new file mode 100644
index 000000000..1a72d812a
--- /dev/null
+++ b/roles/container_runtime/templates/daemon.json
@@ -0,0 +1,20 @@
+{
+ "authorization-plugins": ["rhel-push-plugin"],
+ "default-runtime": "oci",
+ "containerd": "/run/containerd.sock",
+ "disable-legacy-registry": false,
+ "exec-opts": ["native.cgroupdriver=systemd"],
+ "insecure-registries": {{ l_docker_insecure_registries }},
+{% if openshift_docker_log_driver %}
+ "log-driver": "{{ openshift_docker_log_driver }}",
+{%- endif %}
+ "log-opts": {{ l_docker_log_options_dict }},
+ "runtimes": {
+ "oci": {
+ "path": "/usr/libexec/docker/docker-runc-current"
+ }
+ },
+ "selinux-enabled": {{ l_docker_selinux_enabled | lower }},
+ "add-registry": {{ l_docker_additional_registries }},
+ "block-registry": {{ l_docker_blocked_registries }}
+}
diff --git a/roles/docker/templates/overlay.conf.j2 b/roles/container_runtime/templates/overlay.conf.j2
index 782f46c2e..782f46c2e 100644
--- a/roles/docker/templates/overlay.conf.j2
+++ b/roles/container_runtime/templates/overlay.conf.j2
diff --git a/roles/docker/templates/registries.conf b/roles/container_runtime/templates/registries.conf
index d379b2be0..d379b2be0 100644
--- a/roles/docker/templates/registries.conf
+++ b/roles/container_runtime/templates/registries.conf
diff --git a/roles/docker/templates/systemcontainercustom.conf.j2 b/roles/container_runtime/templates/systemcontainercustom.conf.j2
index 86eebfba6..86eebfba6 100644
--- a/roles/docker/templates/systemcontainercustom.conf.j2
+++ b/roles/container_runtime/templates/systemcontainercustom.conf.j2
diff --git a/roles/docker/vars/main.yml b/roles/container_runtime/vars/main.yml
index 4e940b7f5..4e940b7f5 100644
--- a/roles/docker/vars/main.yml
+++ b/roles/container_runtime/vars/main.yml
diff --git a/roles/contiv/defaults/main.yml b/roles/contiv/defaults/main.yml
index b5d2f7c6e..aa976d921 100644
--- a/roles/contiv/defaults/main.yml
+++ b/roles/contiv/defaults/main.yml
@@ -119,3 +119,5 @@ contiv_h1_gw_default: "10.129.0.1"
# contiv default private subnet for ext access
contiv_private_ext_subnet: "10.130.0.0/16"
+
+openshift_docker_service_name: "{{ 'container-engine' if (openshift_docker_use_system_container | default(False)) else 'docker' }}"
diff --git a/roles/contiv/meta/main.yml b/roles/contiv/meta/main.yml
index a2c2f98a7..67fb23db8 100644
--- a/roles/contiv/meta/main.yml
+++ b/roles/contiv/meta/main.yml
@@ -13,6 +13,7 @@ galaxy_info:
- cloud
- system
dependencies:
+- role: lib_utils
- role: contiv_facts
- role: etcd
etcd_service: contiv-etcd
@@ -21,7 +22,7 @@ dependencies:
etcd_client_port: 22379
etcd_conf_dir: /etc/contiv-etcd/
etcd_data_dir: /var/lib/contiv-etcd/
- etcd_ca_host: "{{ inventory_hostname }}"
+ etcd_ca_host: "{{ groups.oo_etcd_to_config.0 }}"
etcd_cert_config_dir: /etc/contiv-etcd/
etcd_url_scheme: http
etcd_peer_url_scheme: http
diff --git a/roles/contiv/tasks/default_network.yml b/roles/contiv/tasks/default_network.yml
index f679443e0..8a928ea54 100644
--- a/roles/contiv/tasks/default_network.yml
+++ b/roles/contiv/tasks/default_network.yml
@@ -8,51 +8,64 @@
- name: Contiv | Set globals
command: 'netctl --netmaster "http://{{ inventory_hostname }}:{{ netmaster_port }}" global set --fabric-mode {{ contiv_fabric_mode }} --vlan-range {{ contiv_vlan_range }} --fwd-mode {{ netplugin_fwd_mode }} --private-subnet {{ contiv_private_ext_subnet }}'
+ run_once: true
- name: Contiv | Set arp mode to flood if ACI
command: 'netctl --netmaster "http://{{ inventory_hostname }}:{{ netmaster_port }}" global set --arp-mode flood'
when: contiv_fabric_mode == "aci"
+ run_once: true
- name: Contiv | Check if default-net exists
command: 'netctl --netmaster "http://{{ inventory_hostname }}:{{ netmaster_port }}" net ls'
register: net_result
+ run_once: true
- name: Contiv | Create default-net
command: 'netctl --netmaster "http://{{ inventory_hostname }}:{{ netmaster_port }}" net create --subnet={{ contiv_default_subnet }} -e {{ contiv_encap_mode }} -p {{ contiv_default_network_tag }} --gateway {{ contiv_default_gw }} default-net'
when: net_result.stdout.find("default-net") == -1
+ run_once: true
- name: Contiv | Create host access infra network for VxLan routing case
command: 'netctl --netmaster "http://{{ inventory_hostname }}:{{ netmaster_port }}" net create --subnet={{ contiv_h1_subnet_default }} --gateway={{ contiv_h1_gw_default }} --nw-type="infra" contivh1'
when: (contiv_encap_mode == "vxlan") and (netplugin_fwd_mode == "routing")
+ run_once: true
#- name: Contiv | Create an allow-all policy for the default-group
# command: 'netctl --netmaster "http://{{ inventory_hostname }}:{{ netmaster_port }}" policy create ose-allow-all-policy'
# when: contiv_fabric_mode == "aci"
+# run_once: true
- name: Contiv | Set up aci external contract to consume default external contract
command: 'netctl --netmaster "http://{{ inventory_hostname }}:{{ netmaster_port }}" external-contracts create -c -a {{ apic_default_external_contract }} oseExtToConsume'
when: (contiv_fabric_mode == "aci") and (apic_configure_default_policy == true)
+ run_once: true
- name: Contiv | Set up aci external contract to provide default external contract
command: 'netctl --netmaster "http://{{ inventory_hostname }}:{{ netmaster_port }}" external-contracts create -p -a {{ apic_default_external_contract }} oseExtToProvide'
when: (contiv_fabric_mode == "aci") and (apic_configure_default_policy == true)
+ run_once: true
- name: Contiv | Create aci default-group
command: 'netctl --netmaster "http://{{ inventory_hostname }}:{{ netmaster_port }}" group create default-net default-group'
when: contiv_fabric_mode == "aci"
+ run_once: true
- name: Contiv | Add external contracts to the default-group
command: 'netctl --netmaster "http://{{ inventory_hostname }}:{{ netmaster_port }}" group create -e oseExtToConsume -e oseExtToProvide default-net default-group'
when: (contiv_fabric_mode == "aci") and (apic_configure_default_policy == true)
+ run_once: true
#- name: Contiv | Add policy rule 1 for allow-all policy
# command: 'netctl --netmaster "http://{{ inventory_hostname }}:{{ netmaster_port }}" policy rule-add -d in --action allow ose-allow-all-policy 1'
# when: contiv_fabric_mode == "aci"
+# run_once: true
#- name: Contiv | Add policy rule 2 for allow-all policy
# command: 'netctl --netmaster "http://{{ inventory_hostname }}:{{ netmaster_port }}" policy rule-add -d out --action allow ose-allow-all-policy 2'
# when: contiv_fabric_mode == "aci"
+# run_once: true
- name: Contiv | Create default aci app profile
command: 'netctl --netmaster "http://{{ inventory_hostname }}:{{ netmaster_port }}" app-profile create -g default-group {{ apic_default_app_profile }}'
when: contiv_fabric_mode == "aci"
+ run_once: true
diff --git a/roles/contiv/tasks/download_bins.yml b/roles/contiv/tasks/download_bins.yml
index 319fce46c..831fd360a 100644
--- a/roles/contiv/tasks/download_bins.yml
+++ b/roles/contiv/tasks/download_bins.yml
@@ -8,6 +8,8 @@
yum:
name: bzip2
state: installed
+ register: result
+ until: result is succeeded
- name: Download Bins | Download Contiv tar file
get_url:
diff --git a/roles/contiv/tasks/main.yml b/roles/contiv/tasks/main.yml
index 40a0f9e61..cb9196a71 100644
--- a/roles/contiv/tasks/main.yml
+++ b/roles/contiv/tasks/main.yml
@@ -5,10 +5,10 @@
recurse: yes
state: directory
-- include: download_bins.yml
+- include_tasks: download_bins.yml
-- include: netmaster.yml
+- include_tasks: netmaster.yml
when: contiv_role == "netmaster"
-- include: netplugin.yml
+- include_tasks: netplugin.yml
when: contiv_role == "netplugin"
diff --git a/roles/contiv/tasks/netmaster.yml b/roles/contiv/tasks/netmaster.yml
index cc52d3a43..6f15af8c2 100644
--- a/roles/contiv/tasks/netmaster.yml
+++ b/roles/contiv/tasks/netmaster.yml
@@ -1,8 +1,8 @@
---
-- include: netmaster_firewalld.yml
+- include_tasks: netmaster_firewalld.yml
when: has_firewalld
-- include: netmaster_iptables.yml
+- include_tasks: netmaster_iptables.yml
when: not has_firewalld and has_iptables
- name: Netmaster | Check is /etc/hosts file exists
@@ -70,8 +70,8 @@
state: started
register: netmaster_started
-- include: aci.yml
+- include_tasks: aci.yml
when: contiv_fabric_mode == "aci"
-- include: default_network.yml
+- include_tasks: default_network.yml
when: contiv_default_network == true
diff --git a/roles/contiv/tasks/netmaster_iptables.yml b/roles/contiv/tasks/netmaster_iptables.yml
index 07bb16ea7..c98e7b6a5 100644
--- a/roles/contiv/tasks/netmaster_iptables.yml
+++ b/roles/contiv/tasks/netmaster_iptables.yml
@@ -13,9 +13,15 @@
- name: Netmaster IPtables | Open Netmaster with iptables
command: /sbin/iptables -I INPUT 1 -p tcp --dport {{ item }} -j ACCEPT -m comment --comment "contiv"
with_items:
- - "{{ netmaster_port }}"
- "{{ contiv_rpc_port1 }}"
- "{{ contiv_rpc_port2 }}"
- "{{ contiv_rpc_port3 }}"
when: iptablesrules.stdout.find("contiv") == -1
notify: Save iptables rules
+
+- name: Netmaster IPtables | Open netmaster main port
+ command: /sbin/iptables -I INPUT 1 -p tcp -s {{ item }} --dport {{ netmaster_port }} -j ACCEPT -m comment --comment "contiv"
+ with_items:
+ - "{{ groups.oo_nodes_to_config|difference(hostvars[inventory_hostname]['ansible_' + netmaster_interface].ipv4.address)|list }}"
+ when: iptablesrules.stdout.find("contiv") == -1
+ notify: Save iptables rules
diff --git a/roles/contiv/tasks/netplugin.yml b/roles/contiv/tasks/netplugin.yml
index e861a2591..540f6e4bc 100644
--- a/roles/contiv/tasks/netplugin.yml
+++ b/roles/contiv/tasks/netplugin.yml
@@ -1,8 +1,8 @@
---
-- include: netplugin_firewalld.yml
+- include_tasks: netplugin_firewalld.yml
when: has_firewalld
-- include: netplugin_iptables.yml
+- include_tasks: netplugin_iptables.yml
when: has_iptables
- name: Netplugin | Ensure localhost entry correct in /etc/hosts
@@ -19,7 +19,7 @@
line: '::1 '
state: absent
-- include: ovs.yml
+- include_tasks: ovs.yml
when: netplugin_driver == "ovs"
- name: Netplugin | Create Netplugin bin symlink
@@ -101,15 +101,15 @@
- name: systemd reload
command: systemctl daemon-reload
- when: docker_updated|changed
+ when: docker_updated is changed
- name: Docker | Restart docker
service:
- name: "{{ openshift.docker.service_name }}"
+ name: "{{ openshift_docker_service_name }}"
state: restarted
- when: docker_updated|changed
+ when: docker_updated is changed
register: l_docker_restart_docker_in_contiv_result
- until: not l_docker_restart_docker_in_contiv_result | failed
+ until: not (l_docker_restart_docker_in_contiv_result is failed)
retries: 3
delay: 30
diff --git a/roles/contiv/tasks/ovs.yml b/roles/contiv/tasks/ovs.yml
index 0c1b994c7..5c92e90e9 100644
--- a/roles/contiv/tasks/ovs.yml
+++ b/roles/contiv/tasks/ovs.yml
@@ -1,5 +1,5 @@
---
-- include: packageManagerInstall.yml
+- include_tasks: packageManagerInstall.yml
when: source_type == "packageManager"
tags:
- binary-update
diff --git a/roles/contiv/tasks/packageManagerInstall.yml b/roles/contiv/tasks/packageManagerInstall.yml
index e0d48e643..d5726476c 100644
--- a/roles/contiv/tasks/packageManagerInstall.yml
+++ b/roles/contiv/tasks/packageManagerInstall.yml
@@ -3,7 +3,7 @@
set_fact:
did_install: false
-- include: pkgMgrInstallers/centos-install.yml
+- include_tasks: pkgMgrInstallers/centos-install.yml
when: (ansible_os_family == "RedHat") and
not is_atomic
diff --git a/roles/contiv/tasks/pkgMgrInstallers/centos-install.yml b/roles/contiv/tasks/pkgMgrInstallers/centos-install.yml
index 91e6aadf3..53c5b4099 100644
--- a/roles/contiv/tasks/pkgMgrInstallers/centos-install.yml
+++ b/roles/contiv/tasks/pkgMgrInstallers/centos-install.yml
@@ -3,6 +3,8 @@
yum:
pkg=net-tools
state=latest
+ register: result
+ until: result is succeeded
- name: PkgMgr RHEL/CentOS | Get openstack ocata rpm
get_url:
@@ -20,10 +22,12 @@
yum: name=/tmp/rdo-release-ocata-2.noarch.rpm state=present
tags:
- ovs_install
+ register: result
+ until: result is succeeded
- name: PkgMgr RHEL/CentOS | Install ovs
yum:
- pkg=openvswitch-2.5.0-2.el7.x86_64
+ pkg=openvswitch
state=present
environment:
http_proxy: "{{ http_proxy|default('') }}"
@@ -31,3 +35,5 @@
no_proxy: "{{ no_proxy|default('') }}"
tags:
- ovs_install
+ register: result
+ until: result is succeeded
diff --git a/roles/contiv/templates/aci-gw.service b/roles/contiv/templates/aci-gw.service
index 4506d2231..9b3f12567 100644
--- a/roles/contiv/templates/aci-gw.service
+++ b/roles/contiv/templates/aci-gw.service
@@ -1,10 +1,13 @@
[Unit]
Description=Contiv ACI gw
-After=auditd.service systemd-user-sessions.service time-sync.target {{ openshift.docker.service_name }}.service
+After=auditd.service systemd-user-sessions.service time-sync.target {{ openshift_docker_service_name }}.service
[Service]
ExecStart={{ bin_dir }}/aci_gw.sh start
ExecStop={{ bin_dir }}/aci_gw.sh stop
KillMode=control-group
-Restart=on-failure
+Restart=always
RestartSec=10
+
+[Install]
+WantedBy=multi-user.target
diff --git a/roles/contiv/templates/netmaster.service b/roles/contiv/templates/netmaster.service
index a602c955e..ce7d0c75e 100644
--- a/roles/contiv/templates/netmaster.service
+++ b/roles/contiv/templates/netmaster.service
@@ -6,5 +6,8 @@ After=auditd.service systemd-user-sessions.service contiv-etcd.service
EnvironmentFile=/etc/default/netmaster
ExecStart={{ bin_dir }}/netmaster $NETMASTER_ARGS
KillMode=control-group
-Restart=on-failure
+Restart=always
RestartSec=10
+
+[Install]
+WantedBy=multi-user.target
diff --git a/roles/contiv/templates/netplugin.service b/roles/contiv/templates/netplugin.service
index dc7b95bb5..6358d89ec 100644
--- a/roles/contiv/templates/netplugin.service
+++ b/roles/contiv/templates/netplugin.service
@@ -6,3 +6,8 @@ After=auditd.service systemd-user-sessions.service contiv-etcd.service
EnvironmentFile=/etc/default/netplugin
ExecStart={{ bin_dir }}/netplugin $NETPLUGIN_ARGS
KillMode=control-group
+Restart=always
+RestartSec=10
+
+[Install]
+WantedBy=multi-user.target
diff --git a/roles/contiv_facts/tasks/fedora-install.yml b/roles/contiv_facts/tasks/fedora-install.yml
index db56a18c0..932ff091a 100644
--- a/roles/contiv_facts/tasks/fedora-install.yml
+++ b/roles/contiv_facts/tasks/fedora-install.yml
@@ -3,6 +3,8 @@
yum:
name: dnf
state: installed
+ register: result
+ until: result is succeeded
- name: Update repo cache
command: dnf update -y
diff --git a/roles/contiv_facts/tasks/main.yml b/roles/contiv_facts/tasks/main.yml
index 7a4972fca..3267a4ab0 100644
--- a/roles/contiv_facts/tasks/main.yml
+++ b/roles/contiv_facts/tasks/main.yml
@@ -81,8 +81,8 @@
has_iptables: false
# collect information about what packages are installed
-- include: rpm.yml
+- include_tasks: rpm.yml
when: has_rpm
-- include: fedora-install.yml
+- include_tasks: fedora-install.yml
when: not is_atomic and ansible_distribution == "Fedora"
diff --git a/roles/contiv_facts/tasks/rpm.yml b/roles/contiv_facts/tasks/rpm.yml
index 07401a6dd..d12436f96 100644
--- a/roles/contiv_facts/tasks/rpm.yml
+++ b/roles/contiv_facts/tasks/rpm.yml
@@ -6,10 +6,17 @@
failed_when: false
check_mode: no
+- name: RPM | Determine if firewalld enabled
+ command: "systemctl status firewalld.service"
+ register: ss
+ changed_when: false
+ failed_when: false
+ check_mode: no
+
- name: Set the has_firewalld fact
set_fact:
has_firewalld: true
- when: s.rc == 0
+ when: s.rc == 0 and ss.rc == 0
- name: Determine if iptables-services installed
command: "rpm -q iptables-services"
diff --git a/roles/docker/README.md b/roles/docker/README.md
deleted file mode 100644
index 19908c036..000000000
--- a/roles/docker/README.md
+++ /dev/null
@@ -1,43 +0,0 @@
-Docker
-=========
-
-Ensures docker package or system container is installed, and optionally raises timeout for systemd-udevd.service to 5 minutes.
-
-container-daemon.json items may be found at https://docs.docker.com/engine/reference/commandline/dockerd/#daemon-configuration-file
-
-Requirements
-------------
-
-Ansible 2.2
-
-Role Variables
---------------
-
-docker_conf_dir: location of the Docker configuration directory
-docker_systemd_dir location of the systemd directory for Docker
-docker_udev_workaround: raises udevd timeout to 5 minutes (https://bugzilla.redhat.com/show_bug.cgi?id=1272446)
-udevw_udevd_dir: location of systemd config for systemd-udevd.service
-
-Dependencies
-------------
-
-Depends on the os_firewall role.
-
-Example Playbook
-----------------
-
- - hosts: servers
- roles:
- - role: docker
- docker_udev_workaround: "true"
- docker_use_system_container: False
-
-License
--------
-
-ASL 2.0
-
-Author Information
-------------------
-
-OpenShift operations, Red Hat, Inc
diff --git a/roles/docker/defaults/main.yml b/roles/docker/defaults/main.yml
deleted file mode 100644
index f6f2bd77e..000000000
--- a/roles/docker/defaults/main.yml
+++ /dev/null
@@ -1,35 +0,0 @@
----
-docker_cli_auth_config_path: '/root/.docker'
-openshift_docker_signature_verification: False
-
-# oreg_url is defined by user input.
-oreg_host: "{{ oreg_url.split('/')[0] if (oreg_url is defined and '.' in oreg_url.split('/')[0]) else '' }}"
-oreg_auth_credentials_replace: False
-
-openshift_docker_additional_registries: []
-openshift_docker_blocked_registries: []
-openshift_docker_insecure_registries: []
-
-openshift_docker_ent_reg: 'registry.access.redhat.com'
-
-# The l2_docker_* variables convert csv strings to lists, if
-# necessary. These variables should be used in place of their respective
-# openshift_docker_* counterparts to ensure the properly formatted lists are
-# utilized.
-l2_docker_additional_registries: "{% if openshift_docker_additional_registries is string %}{% if openshift_docker_additional_registries == '' %}[]{% elif ',' in openshift_docker_additional_registries %}{{ openshift_docker_additional_registries.split(',') | list }}{% else %}{{ [ openshift_docker_additional_registries ] }}{% endif %}{% else %}{{ openshift_docker_additional_registries }}{% endif %}"
-l2_docker_blocked_registries: "{% if openshift_docker_blocked_registries is string %}{% if openshift_docker_blocked_registries == '' %}[]{% elif ',' in openshift_docker_blocked_registries %}{{ openshift_docker_blocked_registries.split(',') | list }}{% else %}{{ [ openshift_docker_blocked_registries ] }}{% endif %}{% else %}{{ openshift_docker_blocked_registries }}{% endif %}"
-l2_docker_insecure_registries: "{% if openshift_docker_insecure_registries is string %}{% if openshift_docker_insecure_registries == '' %}[]{% elif ',' in openshift_docker_insecure_registries %}{{ openshift_docker_insecure_registries.split(',') | list }}{% else %}{{ [ openshift_docker_insecure_registries ] }}{% endif %}{% else %}{{ openshift_docker_insecure_registries }}{% endif %}"
-
-openshift_docker_use_etc_containers: False
-containers_registries_conf_path: /etc/containers/registries.conf
-
-r_crio_firewall_enabled: "{{ os_firewall_enabled | default(True) }}"
-r_crio_use_firewalld: "{{ os_firewall_use_firewalld | default(False) }}"
-
-r_crio_os_firewall_deny: []
-r_crio_os_firewall_allow:
-- service: crio
- port: 10010/tcp
-
-
-openshift_docker_is_node_or_master: "{{ True if inventory_hostname in (groups['oo_masters_to_config']|default([])) or inventory_hostname in (groups['oo_nodes_to_config']|default([])) else False | bool }}"
diff --git a/roles/docker/handlers/main.yml b/roles/docker/handlers/main.yml
deleted file mode 100644
index 866ed0452..000000000
--- a/roles/docker/handlers/main.yml
+++ /dev/null
@@ -1,18 +0,0 @@
----
-
-- name: restart docker
- systemd:
- name: "{{ openshift.docker.service_name }}"
- state: restarted
- daemon_reload: yes
- register: r_docker_restart_docker_result
- until: not r_docker_restart_docker_result | failed
- retries: 3
- delay: 30
- when: not docker_service_status_changed | default(false) | bool
-
-- name: restart udev
- systemd:
- name: systemd-udevd
- state: restarted
- daemon_reload: yes
diff --git a/roles/docker/meta/main.yml b/roles/docker/meta/main.yml
deleted file mode 100644
index 62b8a2eb5..000000000
--- a/roles/docker/meta/main.yml
+++ /dev/null
@@ -1,14 +0,0 @@
----
-galaxy_info:
- author: OpenShift
- description: docker package install
- company: Red Hat, Inc
- license: ASL 2.0
- min_ansible_version: 2.2
- platforms:
- - name: EL
- versions:
- - 7
-dependencies:
-- role: lib_openshift
-- role: lib_os_firewall
diff --git a/roles/docker/tasks/main.yml b/roles/docker/tasks/main.yml
deleted file mode 100644
index 1539af53f..000000000
--- a/roles/docker/tasks/main.yml
+++ /dev/null
@@ -1,38 +0,0 @@
----
-# These tasks dispatch to the proper set of docker tasks based on the
-# inventory:openshift_docker_use_system_container variable
-
-- include: udev_workaround.yml
- when: docker_udev_workaround | default(False) | bool
-
-- set_fact:
- l_use_system_container: "{{ openshift.docker.use_system_container | default(False) }}"
- l_use_crio: "{{ openshift_use_crio | default(False) }}"
- l_use_crio_only: "{{ openshift_use_crio_only | default(False) }}"
-
-- name: Add enterprise registry, if necessary
- set_fact:
- l2_docker_additional_registries: "{{ l2_docker_additional_registries + [openshift_docker_ent_reg] }}"
- when:
- - openshift.common.deployment_type == 'openshift-enterprise'
- - openshift_docker_ent_reg != ''
- - openshift_docker_ent_reg not in l2_docker_additional_registries
- - not l_use_crio_only
-
-- name: Use Package Docker if Requested
- include: package_docker.yml
- when:
- - not l_use_system_container
- - not l_use_crio_only
-
-- name: Use System Container Docker if Requested
- include: systemcontainer_docker.yml
- when:
- - l_use_system_container
- - not l_use_crio_only
-
-- name: Add CRI-O usage Requested
- include: systemcontainer_crio.yml
- when:
- - l_use_crio
- - openshift_docker_is_node_or_master | bool
diff --git a/roles/docker/tasks/package_docker.yml b/roles/docker/tasks/package_docker.yml
deleted file mode 100644
index c1aedf879..000000000
--- a/roles/docker/tasks/package_docker.yml
+++ /dev/null
@@ -1,159 +0,0 @@
----
-- name: Get current installed Docker version
- command: "{{ repoquery_cmd }} --installed --qf '%{version}' docker"
- when: not openshift.common.is_atomic | bool
- register: curr_docker_version
- retries: 4
- until: curr_docker_version | succeeded
- changed_when: false
-
-- name: Error out if Docker pre-installed but too old
- fail:
- msg: "Docker {{ curr_docker_version.stdout }} is installed, but >= 1.9.1 is required."
- when: not curr_docker_version | skipped and curr_docker_version.stdout != '' and curr_docker_version.stdout | version_compare('1.9.1', '<') and not docker_version is defined
-
-- name: Error out if requested Docker is too old
- fail:
- msg: "Docker {{ docker_version }} requested, but >= 1.9.1 is required."
- when: docker_version is defined and docker_version | version_compare('1.9.1', '<')
-
-# If a docker_version was requested, sanity check that we can install or upgrade to it, and
-# no downgrade is required.
-- name: Fail if Docker version requested but downgrade is required
- fail:
- msg: "Docker {{ curr_docker_version.stdout }} is installed, but version {{ docker_version }} was requested."
- when: not curr_docker_version | skipped and curr_docker_version.stdout != '' and docker_version is defined and curr_docker_version.stdout | version_compare(docker_version, '>')
-
-# This involves an extremely slow migration process, users should instead run the
-# Docker 1.10 upgrade playbook to accomplish this.
-- name: Error out if attempting to upgrade Docker across the 1.10 boundary
- fail:
- msg: "Cannot upgrade Docker to >= 1.10, please upgrade or remove Docker manually, or use the Docker upgrade playbook if OpenShift is already installed."
- when: not curr_docker_version | skipped and curr_docker_version.stdout != '' and curr_docker_version.stdout | version_compare('1.10', '<') and docker_version is defined and docker_version | version_compare('1.10', '>=')
-
-# Make sure Docker is installed, but does not update a running version.
-# Docker upgrades are handled by a separate playbook.
-- name: Install Docker
- package: name=docker{{ '-' + docker_version if docker_version is defined else '' }} state=present
- when: not openshift.common.is_atomic | bool
-
-- block:
- # Extend the default Docker service unit file when using iptables-services
- - name: Ensure docker.service.d directory exists
- file:
- path: "{{ docker_systemd_dir }}"
- state: directory
-
- - name: Configure Docker service unit file
- template:
- dest: "{{ docker_systemd_dir }}/custom.conf"
- src: custom.conf.j2
- notify:
- - restart docker
- when: not (os_firewall_use_firewalld | default(False)) | bool
-
-- stat: path=/etc/sysconfig/docker
- register: docker_check
-
-- name: Set registry params
- lineinfile:
- dest: /etc/sysconfig/docker
- regexp: '^{{ item.reg_conf_var }}=.*$'
- line: "{{ item.reg_conf_var }}='{{ item.reg_fact_val | oo_prepend_strings_in_list(item.reg_flag ~ ' ') | join(' ') }}'"
- when:
- - item.reg_fact_val != []
- - docker_check.stat.isreg is defined
- - docker_check.stat.isreg
- with_items:
- - reg_conf_var: ADD_REGISTRY
- reg_fact_val: "{{ l2_docker_additional_registries }}"
- reg_flag: --add-registry
- - reg_conf_var: BLOCK_REGISTRY
- reg_fact_val: "{{ l2_docker_blocked_registries }}"
- reg_flag: --block-registry
- - reg_conf_var: INSECURE_REGISTRY
- reg_fact_val: "{{ l2_docker_insecure_registries }}"
- reg_flag: --insecure-registry
- notify:
- - restart docker
-
-- name: Place additional/blocked/insecure registries in /etc/containers/registries.conf
- template:
- dest: "{{ containers_registries_conf_path }}"
- src: registries.conf
- when: openshift_docker_use_etc_containers | bool
- notify:
- - restart docker
-
-- name: Set Proxy Settings
- lineinfile:
- dest: /etc/sysconfig/docker
- regexp: '^{{ item.reg_conf_var }}=.*$'
- line: "{{ item.reg_conf_var }}='{{ item.reg_fact_val }}'"
- state: "{{ 'present' if item.reg_fact_val != '' else 'absent'}}"
- with_items:
- - reg_conf_var: HTTP_PROXY
- reg_fact_val: "{{ docker_http_proxy | default('') }}"
- - reg_conf_var: HTTPS_PROXY
- reg_fact_val: "{{ docker_https_proxy | default('') }}"
- - reg_conf_var: NO_PROXY
- reg_fact_val: "{{ docker_no_proxy | default('') }}"
- notify:
- - restart docker
- when:
- - docker_check.stat.isreg is defined and docker_check.stat.isreg and '"http_proxy" in openshift.common or "https_proxy" in openshift.common'
-
-- name: Set various Docker options
- lineinfile:
- dest: /etc/sysconfig/docker
- regexp: '^OPTIONS=.*$'
- line: "OPTIONS='\
- {% if ansible_selinux.status | default(None) == 'enabled' and docker_selinux_enabled | default(true) | bool %} --selinux-enabled {% endif %} \
- {% if docker_log_driver is defined %} --log-driver {{ docker_log_driver }}{% endif %} \
- {% if docker_log_options is defined %} {{ docker_log_options | oo_split() | oo_prepend_strings_in_list('--log-opt ') | join(' ')}}{% endif %} \
- {% if docker_options is defined %} {{ docker_options }}{% endif %} \
- {% if docker_disable_push_dockerhub is defined %} --confirm-def-push={{ docker_disable_push_dockerhub | bool }}{% endif %} \
- --signature-verification={{ openshift_docker_signature_verification | bool }}'"
- when: docker_check.stat.isreg is defined and docker_check.stat.isreg
- notify:
- - restart docker
-
-- stat: path=/etc/sysconfig/docker-network
- register: sysconfig_docker_network_check
-
-- name: Configure Docker Network OPTIONS
- lineinfile:
- dest: /etc/sysconfig/docker-network
- regexp: '^DOCKER_NETWORK_OPTIONS=.*$'
- line: "DOCKER_NETWORK_OPTIONS='\
- {% if openshift.node is defined and openshift.node.sdn_mtu is defined %} --mtu={{ openshift.node.sdn_mtu }}{% endif %}'"
- when:
- - sysconfig_docker_network_check.stat.isreg is defined
- - sysconfig_docker_network_check.stat.isreg
- notify:
- - restart docker
-
-# The following task is needed as the systemd module may report a change in
-# state even though docker is already running.
-- name: Detect if docker is already started
- command: "systemctl show docker -p ActiveState"
- changed_when: False
- register: r_docker_already_running_result
-
-- name: Start the Docker service
- systemd:
- name: docker
- enabled: yes
- state: started
- daemon_reload: yes
- register: r_docker_package_docker_start_result
- until: not r_docker_package_docker_start_result | failed
- retries: 3
- delay: 30
-
-- set_fact:
- docker_service_status_changed: "{{ (r_docker_package_docker_start_result | changed) and (r_docker_already_running_result.stdout != 'ActiveState=active' ) }}"
-
-- include: registry_auth.yml
-
-- meta: flush_handlers
diff --git a/roles/docker/tasks/registry_auth.yml b/roles/docker/tasks/registry_auth.yml
deleted file mode 100644
index d05b7f2b8..000000000
--- a/roles/docker/tasks/registry_auth.yml
+++ /dev/null
@@ -1,16 +0,0 @@
----
-- name: Check for credentials file for registry auth
- stat:
- path: "{{ docker_cli_auth_config_path }}/config.json"
- when: oreg_auth_user is defined
- register: docker_cli_auth_credentials_stat
-
-- name: Create credentials for docker cli registry auth
- command: "docker --config={{ docker_cli_auth_config_path }} login -u {{ oreg_auth_user }} -p {{ oreg_auth_password }} {{ oreg_host }}"
- register: openshift_docker_credentials_create_res
- retries: 3
- delay: 5
- until: openshift_docker_credentials_create_res.rc == 0
- when:
- - oreg_auth_user is defined
- - (not docker_cli_auth_credentials_stat.stat.exists or oreg_auth_credentials_replace) | bool
diff --git a/roles/docker/tasks/systemcontainer_crio.yml b/roles/docker/tasks/systemcontainer_crio.yml
deleted file mode 100644
index 67ede0d21..000000000
--- a/roles/docker/tasks/systemcontainer_crio.yml
+++ /dev/null
@@ -1,185 +0,0 @@
----
-
-# TODO: Much of this file is shared with container engine tasks
-- set_fact:
- l_insecure_crio_registries: "{{ '\"{}\"'.format('\", \"'.join(l2_docker_insecure_registries)) }}"
- when: l2_docker_insecure_registries | bool
-- set_fact:
- l_crio_registries: "{{ l2_docker_additional_registries + ['docker.io'] }}"
- when: l2_docker_additional_registries | bool
-- set_fact:
- l_crio_registries: "{{ ['docker.io'] }}"
- when: not (l2_docker_additional_registries | bool)
-- set_fact:
- l_additional_crio_registries: "{{ '\"{}\"'.format('\", \"'.join(l_crio_registries)) }}"
- when: l2_docker_additional_registries | bool
-
-- set_fact:
- l_openshift_image_tag: "{{ openshift_image_tag | string }}"
- when: openshift_image_tag is defined
-
-- set_fact:
- l_openshift_image_tag: "latest"
- when:
- - openshift_image_tag is not defined
- - openshift_release == "latest"
-
-- set_fact:
- l_openshift_image_tag: "{{ openshift_release | string }}"
- when:
- - openshift_image_tag is not defined
- - openshift_release != "latest"
-
-- name: Ensure container-selinux is installed
- package:
- name: container-selinux
- state: present
- when: not openshift.common.is_atomic | bool
-
-- name: Check we are not using node as a Docker container with CRI-O
- fail: msg='Cannot use CRI-O with node configured as a Docker container'
- when:
- - openshift.common.is_containerized | bool
- - not openshift.common.is_node_system_container | bool
-
-# Used to pull and install the system container
-- name: Ensure atomic is installed
- package:
- name: atomic
- state: present
- when: not openshift.common.is_atomic | bool
-
-# At the time of writing the atomic command requires runc for it's own use. This
-# task is here in the even that the atomic package ever removes the dependency.
-- name: Ensure runc is installed
- package:
- name: runc
- state: present
- when: not openshift.common.is_atomic | bool
-
-
-- name: Check that overlay is in the kernel
- shell: lsmod | grep overlay
- register: l_has_overlay_in_kernel
- ignore_errors: yes
- failed_when: false
-
-- when: l_has_overlay_in_kernel.rc != 0
- block:
-
- - name: Add overlay to modprobe.d
- template:
- dest: /etc/modules-load.d/overlay.conf
- src: overlay.conf.j2
- backup: yes
-
- - name: Manually modprobe overlay into the kernel
- command: modprobe overlay
-
- - name: Enable and start systemd-modules-load
- service:
- name: systemd-modules-load
- enabled: yes
- state: restarted
-
-- name: Ensure proxies are in the atomic.conf
- include_role:
- name: openshift_atomic
- tasks_from: proxy
-
-- block:
-
- - name: Set CRI-O image defaults
- set_fact:
- l_crio_image_prepend: "docker.io/gscrivano"
- l_crio_image_name: "cri-o-fedora"
- l_crio_image_tag: "latest"
-
- - name: Use Centos based image when distribution is CentOS
- set_fact:
- l_crio_image_name: "cri-o-centos"
- when: ansible_distribution == "CentOS"
-
- - name: Set CRI-O image tag
- set_fact:
- l_crio_image_tag: "{{ l_openshift_image_tag }}"
- when:
- - openshift_deployment_type == 'openshift-enterprise'
-
- - name: Use RHEL based image when distribution is Red Hat
- set_fact:
- l_crio_image_prepend: "registry.access.redhat.com/openshift3"
- l_crio_image_name: "cri-o"
- when: ansible_distribution == "RedHat"
-
- - name: Set the full image name
- set_fact:
- l_crio_image: "{{ l_crio_image_prepend }}/{{ l_crio_image_name }}:{{ l_crio_image_tag }}"
-
- # For https://github.com/openshift/aos-cd-jobs/pull/624#pullrequestreview-61816548
- - name: Use a specific image if requested
- set_fact:
- l_crio_image: "{{ openshift_crio_systemcontainer_image_override }}"
- when:
- - openshift_crio_systemcontainer_image_override is defined
- - openshift_crio_systemcontainer_image_override != ""
-
- # Be nice and let the user see the variable result
- - debug:
- var: l_crio_image
-
-# NOTE: no_proxy added as a workaround until https://github.com/projectatomic/atomic/pull/999 is released
-- name: Pre-pull CRI-O System Container image
- command: "atomic pull --storage ostree {{ l_crio_image }}"
- changed_when: false
- environment:
- NO_PROXY: "{{ openshift.common.no_proxy | default('') }}"
-
-
-- name: Install CRI-O System Container
- oc_atomic_container:
- name: "cri-o"
- image: "{{ l_crio_image }}"
- state: latest
-
-- name: Remove CRI-O default configuration files
- file:
- path: "{{ item }}"
- state: absent
- with_items:
- - /etc/cni/net.d/200-loopback.conf
- - /etc/cni/net.d/100-crio-bridge.conf
-
-- name: Create the CRI-O configuration
- template:
- dest: /etc/crio/crio.conf
- src: crio.conf.j2
- backup: yes
-
-- name: Ensure CNI configuration directory exists
- file:
- path: /etc/cni/net.d/
- state: directory
-
-- name: setup firewall for CRI-O
- include: crio_firewall.yml
- static: yes
-
-- name: Configure the CNI network
- template:
- dest: /etc/cni/net.d/openshift-sdn.conf
- src: 80-openshift-sdn.conf.j2
-
-- name: Fix SELinux Permissions on /var/lib/containers
- command: "restorecon -R /var/lib/containers/"
- changed_when: false
-
-- name: Start the CRI-O service
- systemd:
- name: "cri-o"
- enabled: yes
- state: started
- daemon_reload: yes
- register: start_result
-
-- meta: flush_handlers
diff --git a/roles/docker/tasks/systemcontainer_docker.yml b/roles/docker/tasks/systemcontainer_docker.yml
deleted file mode 100644
index aa3b35ddd..000000000
--- a/roles/docker/tasks/systemcontainer_docker.yml
+++ /dev/null
@@ -1,178 +0,0 @@
----
-
-- set_fact:
- l_openshift_image_tag: "{{ openshift_image_tag | string }}"
- when: openshift_image_tag is defined
-
-- set_fact:
- l_openshift_image_tag: "latest"
- when:
- - openshift_image_tag is not defined
- - openshift_release == "latest"
-
-- set_fact:
- l_openshift_image_tag: "{{ openshift_release | string }}"
- when:
- - openshift_image_tag is not defined
- - openshift_release != "latest"
-
-# If docker_options are provided we should fail. We should not install docker and ignore
-# the users configuration. NOTE: docker_options == inventory:openshift_docker_options
-- name: Fail quickly if openshift_docker_options are set
- assert:
- that:
- - docker_options is defined
- - docker_options != ""
- msg: |
- Docker via System Container does not allow for the use of the openshift_docker_options
- variable. If you want to use openshift_docker_options you will need to use the
- traditional docker package install. Otherwise, comment out openshift_docker_options
- in your inventory file.
-
-- name: Ensure container-selinux is installed
- package:
- name: container-selinux
- state: present
- when: not openshift.common.is_atomic | bool
-
-# Used to pull and install the system container
-- name: Ensure atomic is installed
- package:
- name: atomic
- state: present
- when: not openshift.common.is_atomic | bool
-
-# At the time of writing the atomic command requires runc for it's own use. This
-# task is here in the even that the atomic package ever removes the dependency.
-- name: Ensure runc is installed
- package:
- name: runc
- state: present
- when: not openshift.common.is_atomic | bool
-
-# Make sure Docker is installed so we are able to use the client
-- name: Install Docker so we can use the client
- package: name=docker{{ '-' + docker_version if docker_version is defined else '' }} state=present
- when: not openshift.common.is_atomic | bool
-
-# Make sure docker is disabled. Errors are ignored.
-- name: Disable Docker
- systemd:
- name: docker
- enabled: no
- state: stopped
- daemon_reload: yes
- ignore_errors: True
- register: r_docker_systemcontainer_docker_stop_result
- until: not r_docker_systemcontainer_docker_stop_result | failed
- retries: 3
- delay: 30
-
-- name: Ensure proxies are in the atomic.conf
- include_role:
- name: openshift_atomic
- tasks_from: proxy
-
-- block:
-
- - name: Set to default prepend
- set_fact:
- l_docker_image_prepend: "gscrivano"
- l_docker_image_tag: "latest"
-
- - name: Set container engine image tag
- set_fact:
- l_docker_image_tag: "{{ l_openshift_image_tag }}"
- when:
- - openshift_deployment_type == 'openshift-enterprise'
-
- - name: Use Red Hat Registry for image when distribution is Red Hat
- set_fact:
- l_docker_image_prepend: "registry.access.redhat.com/openshift3"
- when: ansible_distribution == 'RedHat'
-
- - name: Use Fedora Registry for image when distribution is Fedora
- set_fact:
- l_docker_image_prepend: "registry.fedoraproject.org/f25"
- when: ansible_distribution == 'Fedora'
-
- - name: Set the full image name
- set_fact:
- l_docker_image: "{{ l_docker_image_prepend }}/{{ openshift.docker.service_name }}:{{ l_docker_image_tag }}"
-
- # For https://github.com/openshift/openshift-ansible/pull/5354#issuecomment-328552959
- - name: Use a specific image if requested
- set_fact:
- l_docker_image: "{{ openshift_docker_systemcontainer_image_override }}"
- when:
- - openshift_docker_systemcontainer_image_override is defined
- - openshift_docker_systemcontainer_image_override != ""
-
- # Be nice and let the user see the variable result
- - debug:
- var: l_docker_image
-
-# NOTE: no_proxy added as a workaround until https://github.com/projectatomic/atomic/pull/999 is released
-- name: Pre-pull Container Engine System Container image
- command: "atomic pull --storage ostree {{ l_docker_image }}"
- changed_when: false
- environment:
- NO_PROXY: "{{ openshift.common.no_proxy | default('') }}"
-
-
-- name: Ensure container-engine.service.d directory exists
- file:
- path: "{{ container_engine_systemd_dir }}"
- state: directory
-
-- name: Ensure /etc/docker directory exists
- file:
- path: "{{ docker_conf_dir }}"
- state: directory
-
-- name: Install Container Engine System Container
- oc_atomic_container:
- name: "{{ openshift.docker.service_name }}"
- image: "{{ l_docker_image }}"
- state: latest
-
-- name: Configure Container Engine Service File
- template:
- dest: "{{ container_engine_systemd_dir }}/custom.conf"
- src: systemcontainercustom.conf.j2
-
-# Set local versions of facts that must be in json format for container-daemon.json
-# NOTE: When jinja2.9+ is used the container-daemon.json file can move to using tojson
-- set_fact:
- l_docker_insecure_registries: "{{ l2_docker_insecure_registries | default([]) | to_json }}"
- l_docker_log_options: "{{ docker_log_options | default({}) | to_json }}"
- l_docker_additional_registries: "{{ l2_docker_additional_registries | default([]) | to_json }}"
- l_docker_blocked_registries: "{{ l2_docker_blocked_registries | default([]) | to_json }}"
- l_docker_selinux_enabled: "{{ docker_selinux_enabled | default(true) | to_json }}"
-
-# Configure container-engine using the container-daemon.json file
-# NOTE: daemon.json and container-daemon.json have been seperated to avoid
-# collision.
-- name: Configure Container Engine
- template:
- dest: "{{ docker_conf_dir }}/container-daemon.json"
- src: daemon.json
-
-# Enable and start the container-engine service
-- name: Start the Container Engine service
- systemd:
- name: "{{ openshift.docker.service_name }}"
- enabled: yes
- state: started
- daemon_reload: yes
- register: r_docker_systemcontainer_docker_start_result
- until: not r_docker_systemcontainer_docker_start_result | failed
- retries: 3
- delay: 30
-
-- set_fact:
- docker_service_status_changed: "{{ r_docker_systemcontainer_docker_start_result | changed }}"
-
-- include: registry_auth.yml
-
-- meta: flush_handlers
diff --git a/roles/docker/templates/crio.conf.j2 b/roles/docker/templates/crio.conf.j2
deleted file mode 100644
index 93014a80d..000000000
--- a/roles/docker/templates/crio.conf.j2
+++ /dev/null
@@ -1,159 +0,0 @@
-# {{ ansible_managed }}
-
-# The "crio" table contains all of the server options.
-[crio]
-
-# root is a path to the "root directory". CRIO stores all of its data,
-# including container images, in this directory.
-root = "/var/lib/containers/storage"
-
-# run is a path to the "run directory". CRIO stores all of its state
-# in this directory.
-runroot = "/var/run/containers/storage"
-
-# storage_driver select which storage driver is used to manage storage
-# of images and containers.
-storage_driver = "overlay"
-
-# storage_option is used to pass an option to the storage driver.
-storage_option = [
-{% if ansible_distribution in ['RedHat', 'CentOS'] %}
- "overlay.override_kernel_check=1"
-{% endif %}
-]
-
-# The "crio.api" table contains settings for the kubelet/gRPC
-# interface (which is also used by crioctl).
-[crio.api]
-
-# listen is the path to the AF_LOCAL socket on which crio will listen.
-listen = "/var/run/crio.sock"
-
-# stream_address is the IP address on which the stream server will listen
-stream_address = ""
-
-# stream_port is the port on which the stream server will listen
-stream_port = "10010"
-
-# file_locking is whether file-based locking will be used instead of
-# in-memory locking
-file_locking = true
-
-# The "crio.runtime" table contains settings pertaining to the OCI
-# runtime used and options for how to set up and manage the OCI runtime.
-[crio.runtime]
-
-# runtime is the OCI compatible runtime used for trusted container workloads.
-# This is a mandatory setting as this runtime will be the default one
-# and will also be used for untrusted container workloads if
-# runtime_untrusted_workload is not set.
-runtime = "/usr/bin/runc"
-
-# runtime_untrusted_workload is the OCI compatible runtime used for untrusted
-# container workloads. This is an optional setting, except if
-# default_container_trust is set to "untrusted".
-runtime_untrusted_workload = ""
-
-# default_workload_trust is the default level of trust crio puts in container
-# workloads. It can either be "trusted" or "untrusted", and the default
-# is "trusted".
-# Containers can be run through different container runtimes, depending on
-# the trust hints we receive from kubelet:
-# - If kubelet tags a container workload as untrusted, crio will try first to
-# run it through the untrusted container workload runtime. If it is not set,
-# crio will use the trusted runtime.
-# - If kubelet does not provide any information about the container workload trust
-# level, the selected runtime will depend on the default_container_trust setting.
-# If it is set to "untrusted", then all containers except for the host privileged
-# ones, will be run by the runtime_untrusted_workload runtime. Host privileged
-# containers are by definition trusted and will always use the trusted container
-# runtime. If default_container_trust is set to "trusted", crio will use the trusted
-# container runtime for all containers.
-default_workload_trust = "trusted"
-
-# no_pivot instructs the runtime to not use pivot_root, but instead use MS_MOVE
-no_pivot = false
-
-# conmon is the path to conmon binary, used for managing the runtime.
-conmon = "/usr/libexec/crio/conmon"
-
-# conmon_env is the environment variable list for conmon process,
-# used for passing necessary environment variable to conmon or runtime.
-conmon_env = [
- "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
-]
-
-# selinux indicates whether or not SELinux will be used for pod
-# separation on the host. If you enable this flag, SELinux must be running
-# on the host.
-selinux = true
-
-# seccomp_profile is the seccomp json profile path which is used as the
-# default for the runtime.
-seccomp_profile = "/etc/crio/seccomp.json"
-
-# apparmor_profile is the apparmor profile name which is used as the
-# default for the runtime.
-apparmor_profile = "crio-default"
-
-# cgroup_manager is the cgroup management implementation to be used
-# for the runtime.
-cgroup_manager = "systemd"
-
-# hooks_dir_path is the oci hooks directory for automatically executed hooks
-hooks_dir_path = "/usr/share/containers/oci/hooks.d"
-
-# pids_limit is the number of processes allowed in a container
-pids_limit = 1024
-
-# log_size_max is the max limit for the container log size in bytes.
-# Negative values indicate that no limit is imposed.
-log_size_max = 52428800
-
-# The "crio.image" table contains settings pertaining to the
-# management of OCI images.
-[crio.image]
-
-# default_transport is the prefix we try prepending to an image name if the
-# image name as we receive it can't be parsed as a valid source reference
-default_transport = "docker://"
-
-# pause_image is the image which we use to instantiate infra containers.
-pause_image = "kubernetes/pause"
-
-# pause_command is the command to run in a pause_image to have a container just
-# sit there. If the image contains the necessary information, this value need
-# not be specified.
-pause_command = "/pause"
-
-# signature_policy is the name of the file which decides what sort of policy we
-# use when deciding whether or not to trust an image that we've pulled.
-# Outside of testing situations, it is strongly advised that this be left
-# unspecified so that the default system-wide policy will be used.
-signature_policy = ""
-
-# image_volumes controls how image volumes are handled.
-# The valid values are mkdir and ignore.
-image_volumes = "mkdir"
-
-# insecure_registries is used to skip TLS verification when pulling images.
-insecure_registries = [
-{{ l_insecure_crio_registries|default("") }}
-]
-
-# registries is used to specify a comma separated list of registries to be used
-# when pulling an unqualified image (e.g. fedora:rawhide).
-registries = [
-{{ l_additional_crio_registries|default("") }}
-]
-
-# The "crio.network" table contains settings pertaining to the
-# management of CNI plugins.
-[crio.network]
-
-# network_dir is is where CNI network configuration
-# files are stored.
-network_dir = "/etc/cni/net.d/"
-
-# plugin_dir is is where CNI plugin binaries are stored.
-plugin_dir = "/opt/cni/bin/"
diff --git a/roles/docker/templates/daemon.json b/roles/docker/templates/daemon.json
deleted file mode 100644
index a41b7cdbd..000000000
--- a/roles/docker/templates/daemon.json
+++ /dev/null
@@ -1,20 +0,0 @@
-{
- "authorization-plugins": ["rhel-push-plugin"],
- "default-runtime": "oci",
- "containerd": "/run/containerd.sock",
- "disable-legacy-registry": false,
- "exec-opts": ["native.cgroupdriver=systemd"],
- "insecure-registries": {{ l_docker_insecure_registries }},
-{% if docker_log_driver is defined %}
- "log-driver": "{{ docker_log_driver }}",
-{%- endif %}
- "log-opts": {{ l_docker_log_options }},
- "runtimes": {
- "oci": {
- "path": "/usr/libexec/docker/docker-runc-current"
- }
- },
- "selinux-enabled": {{ l_docker_selinux_enabled | lower }},
- "add-registry": {{ l_docker_additional_registries }},
- "block-registry": {{ l_docker_blocked_registries }}
-}
diff --git a/roles/etcd/defaults/main.yaml b/roles/etcd/defaults/main.yaml
index 4b734d4ed..86cea5c46 100644
--- a/roles/etcd/defaults/main.yaml
+++ b/roles/etcd/defaults/main.yaml
@@ -2,10 +2,18 @@
r_etcd_common_backup_tag: ''
r_etcd_common_backup_sufix_name: ''
+l_is_etcd_system_container: "{{ (openshift_use_etcd_system_container | default(openshift_use_system_containers | default(false)) | bool) }}"
+
# runc, docker, host
-r_etcd_common_etcd_runtime: "docker"
+r_etcd_common_etcd_runtime: "{{ 'runc' if l_is_etcd_system_container else 'docker' if l_is_containerized else 'host' }}"
r_etcd_common_embedded_etcd: false
+osm_etcd_image: 'registry.access.redhat.com/rhel7/etcd'
+etcd_image_dict:
+ origin: "registry.fedoraproject.org/latest/etcd"
+ openshift-enterprise: "{{ osm_etcd_image }}"
+etcd_image: "{{ etcd_image_dict[openshift_deployment_type | default('origin')] }}"
+
# etcd run on a host => use etcdctl command directly
# etcd run as a docker container => use docker exec
# etcd run as a runc container => use runc exec
@@ -89,3 +97,5 @@ r_etcd_os_firewall_allow:
# set the backend quota to 4GB by default
etcd_quota_backend_bytes: 4294967296
+
+openshift_docker_service_name: "{{ 'container-engine' if (openshift_docker_use_system_container | default(False)) else 'docker' }}"
diff --git a/roles/etcd/meta/main.yml b/roles/etcd/meta/main.yml
index 879ca4f4e..af58eff62 100644
--- a/roles/etcd/meta/main.yml
+++ b/roles/etcd/meta/main.yml
@@ -17,5 +17,5 @@ galaxy_info:
- system
dependencies:
- role: lib_openshift
-- role: lib_os_firewall
- role: lib_utils
+- role: openshift_facts
diff --git a/roles/etcd/tasks/auxiliary/drop_etcdctl.yml b/roles/etcd/tasks/auxiliary/drop_etcdctl.yml
index 11bd2310e..ccfd9da14 100644
--- a/roles/etcd/tasks/auxiliary/drop_etcdctl.yml
+++ b/roles/etcd/tasks/auxiliary/drop_etcdctl.yml
@@ -2,6 +2,8 @@
- name: Install etcd for etcdctl
package: name=etcd{{ '-' + etcd_version if etcd_version is defined else '' }} state=present
when: not openshift.common.is_atomic | bool
+ register: result
+ until: result is succeeded
- name: Configure etcd profile.d aliases
template:
diff --git a/roles/etcd/tasks/backup.archive.yml b/roles/etcd/tasks/backup.archive.yml
index 6daa6dc51..a29a90ea3 100644
--- a/roles/etcd/tasks/backup.archive.yml
+++ b/roles/etcd/tasks/backup.archive.yml
@@ -1,3 +1,3 @@
---
-- include: backup/vars.yml
-- include: backup/archive.yml
+- include_tasks: backup/vars.yml
+- include_tasks: backup/archive.yml
diff --git a/roles/etcd/tasks/backup.copy.yml b/roles/etcd/tasks/backup.copy.yml
index cc540cbca..6e8502e3b 100644
--- a/roles/etcd/tasks/backup.copy.yml
+++ b/roles/etcd/tasks/backup.copy.yml
@@ -1,3 +1,3 @@
---
-- include: backup/vars.yml
-- include: backup/copy.yml
+- include_tasks: backup/vars.yml
+- include_tasks: backup/copy.yml
diff --git a/roles/etcd/tasks/backup.fetch.yml b/roles/etcd/tasks/backup.fetch.yml
index 26ec15043..d33878804 100644
--- a/roles/etcd/tasks/backup.fetch.yml
+++ b/roles/etcd/tasks/backup.fetch.yml
@@ -1,3 +1,3 @@
---
-- include: backup/vars.yml
-- include: backup/fetch.yml
+- include_tasks: backup/vars.yml
+- include_tasks: backup/fetch.yml
diff --git a/roles/etcd/tasks/backup.force_new_cluster.yml b/roles/etcd/tasks/backup.force_new_cluster.yml
index d2e866416..7dd0899ee 100644
--- a/roles/etcd/tasks/backup.force_new_cluster.yml
+++ b/roles/etcd/tasks/backup.force_new_cluster.yml
@@ -1,5 +1,5 @@
---
-- include: backup/vars.yml
+- include_tasks: backup/vars.yml
- name: Move content of etcd backup under the etcd data directory
command: >
@@ -9,4 +9,4 @@
command: >
chown -R etcd:etcd "{{ etcd_data_dir }}"
-- include: auxiliary/force_new_cluster.yml
+- include_tasks: auxiliary/force_new_cluster.yml
diff --git a/roles/etcd/tasks/backup.unarchive.yml b/roles/etcd/tasks/backup.unarchive.yml
index 77a637360..f92e87c3d 100644
--- a/roles/etcd/tasks/backup.unarchive.yml
+++ b/roles/etcd/tasks/backup.unarchive.yml
@@ -1,3 +1,3 @@
---
-- include: backup/vars.yml
-- include: backup/unarchive.yml
+- include_tasks: backup/vars.yml
+- include_tasks: backup/unarchive.yml
diff --git a/roles/etcd/tasks/backup.yml b/roles/etcd/tasks/backup.yml
index c0538e596..60bb82100 100644
--- a/roles/etcd/tasks/backup.yml
+++ b/roles/etcd/tasks/backup.yml
@@ -1,2 +1,2 @@
---
-- include: backup/backup.yml
+- include_tasks: backup/backup.yml
diff --git a/roles/etcd/tasks/backup/backup.yml b/roles/etcd/tasks/backup/backup.yml
index ca0d29155..acd1bb0bc 100644
--- a/roles/etcd/tasks/backup/backup.yml
+++ b/roles/etcd/tasks/backup/backup.yml
@@ -1,5 +1,5 @@
---
-- include: vars.yml
+- include_tasks: vars.yml
# TODO: replace shell module with command and update later checks
- name: Check available disk space for etcd backup
@@ -43,6 +43,8 @@
when:
- r_etcd_common_embedded_etcd | bool
- not l_ostree_booted.stat.exists | bool
+ register: result
+ until: result is succeeded
- name: Check selinux label of '{{ etcd_data_dir }}'
command: >
diff --git a/roles/etcd/tasks/backup_ca_certificates.yml b/roles/etcd/tasks/backup_ca_certificates.yml
index a41b032f3..c87359900 100644
--- a/roles/etcd/tasks/backup_ca_certificates.yml
+++ b/roles/etcd/tasks/backup_ca_certificates.yml
@@ -1,2 +1,2 @@
---
-- include: certificates/backup_ca_certificates.yml
+- include_tasks: certificates/backup_ca_certificates.yml
diff --git a/roles/etcd/tasks/backup_generated_certificates.yml b/roles/etcd/tasks/backup_generated_certificates.yml
index 8cf2a10cc..fa73ea590 100644
--- a/roles/etcd/tasks/backup_generated_certificates.yml
+++ b/roles/etcd/tasks/backup_generated_certificates.yml
@@ -1,2 +1,2 @@
---
-- include: certificates/backup_generated_certificates.yml
+- include_tasks: certificates/backup_generated_certificates.yml
diff --git a/roles/etcd/tasks/backup_master_etcd_certificates.yml b/roles/etcd/tasks/backup_master_etcd_certificates.yml
index 129e1831c..5526825fa 100644
--- a/roles/etcd/tasks/backup_master_etcd_certificates.yml
+++ b/roles/etcd/tasks/backup_master_etcd_certificates.yml
@@ -1,2 +1,2 @@
---
-- include: certificates/backup_master_etcd_certificates.yml
+- include_tasks: certificates/backup_master_etcd_certificates.yml
diff --git a/roles/etcd/tasks/backup_server_certificates.yml b/roles/etcd/tasks/backup_server_certificates.yml
index 267ffeb4d..5f3052be1 100644
--- a/roles/etcd/tasks/backup_server_certificates.yml
+++ b/roles/etcd/tasks/backup_server_certificates.yml
@@ -1,2 +1,2 @@
---
-- include: certificates/backup_server_certificates.yml
+- include_tasks: certificates/backup_server_certificates.yml
diff --git a/roles/etcd/tasks/ca.yml b/roles/etcd/tasks/ca.yml
index cca1e9ad7..dd4b59e24 100644
--- a/roles/etcd/tasks/ca.yml
+++ b/roles/etcd/tasks/ca.yml
@@ -1,2 +1,2 @@
---
-- include: certificates/deploy_ca.yml
+- include_tasks: certificates/deploy_ca.yml
diff --git a/roles/etcd/tasks/certificates/deploy_ca.yml b/roles/etcd/tasks/certificates/deploy_ca.yml
index 3d32290a2..ebaff353b 100644
--- a/roles/etcd/tasks/certificates/deploy_ca.yml
+++ b/roles/etcd/tasks/certificates/deploy_ca.yml
@@ -6,6 +6,8 @@
when: not etcd_is_atomic | bool
delegate_to: "{{ etcd_ca_host }}"
run_once: true
+ register: result
+ until: result is succeeded
- file:
path: "{{ item }}"
diff --git a/roles/etcd/tasks/certificates/fetch_client_certificates_from_ca.yml b/roles/etcd/tasks/certificates/fetch_client_certificates_from_ca.yml
index 119071a72..d4518554c 100644
--- a/roles/etcd/tasks/certificates/fetch_client_certificates_from_ca.yml
+++ b/roles/etcd/tasks/certificates/fetch_client_certificates_from_ca.yml
@@ -28,7 +28,7 @@
etcd_client_certs_missing: "{{ true if etcd_certificates_redeploy | default(false) | bool
else (False in (g_external_etcd_cert_stat_result.results
| default({})
- | oo_collect(attribute='stat.exists')
+ | lib_utils_oo_collect(attribute='stat.exists')
| list)) }}"
- name: Ensure generated_certs directory present
diff --git a/roles/etcd/tasks/certificates/fetch_server_certificates_from_ca.yml b/roles/etcd/tasks/certificates/fetch_server_certificates_from_ca.yml
index 00b8f4a0b..59a6b6590 100644
--- a/roles/etcd/tasks/certificates/fetch_server_certificates_from_ca.yml
+++ b/roles/etcd/tasks/certificates/fetch_server_certificates_from_ca.yml
@@ -4,6 +4,8 @@
name: "etcd{{ '-' + etcd_version if etcd_version is defined else '' }}"
state: present
when: not etcd_is_containerized | bool
+ register: result
+ until: result is succeeded
- name: Check status of etcd certificates
stat:
@@ -19,7 +21,7 @@
etcd_server_certs_missing: "{{ true if etcd_certificates_redeploy | default(false) | bool
else (False in (g_etcd_server_cert_stat_result.results
| default({})
- | oo_collect(attribute='stat.exists')
+ | lib_utils_oo_collect(attribute='stat.exists')
| list)) }}"
- name: Ensure generated_certs directory present
diff --git a/roles/etcd/tasks/check_cluster_health.yml b/roles/etcd/tasks/check_cluster_health.yml
index 75c110972..3410528eb 100644
--- a/roles/etcd/tasks/check_cluster_health.yml
+++ b/roles/etcd/tasks/check_cluster_health.yml
@@ -1,2 +1,2 @@
---
-- include: migration/check_cluster_health.yml
+- include_tasks: migration/check_cluster_health.yml
diff --git a/roles/etcd/tasks/clean_data.yml b/roles/etcd/tasks/clean_data.yml
index d131ffd21..12538c2d0 100644
--- a/roles/etcd/tasks/clean_data.yml
+++ b/roles/etcd/tasks/clean_data.yml
@@ -1,2 +1,2 @@
---
-- include: auxiliary/clean_data.yml
+- include_tasks: auxiliary/clean_data.yml
diff --git a/roles/etcd/tasks/client_certificates.yml b/roles/etcd/tasks/client_certificates.yml
index 2f4108a0d..f3201816d 100644
--- a/roles/etcd/tasks/client_certificates.yml
+++ b/roles/etcd/tasks/client_certificates.yml
@@ -1,2 +1,2 @@
---
-- include: certificates/fetch_client_certificates_from_ca.yml
+- include_tasks: certificates/fetch_client_certificates_from_ca.yml
diff --git a/roles/etcd/tasks/disable_etcd.yml b/roles/etcd/tasks/disable_etcd.yml
index 9202e6e48..55fb7f6ea 100644
--- a/roles/etcd/tasks/disable_etcd.yml
+++ b/roles/etcd/tasks/disable_etcd.yml
@@ -1,2 +1,2 @@
---
-- include: auxiliary/disable_etcd.yml
+- include_tasks: auxiliary/disable_etcd.yml
diff --git a/roles/etcd/tasks/distribute_ca b/roles/etcd/tasks/distribute_ca
deleted file mode 100644
index 040c5f7af..000000000
--- a/roles/etcd/tasks/distribute_ca
+++ /dev/null
@@ -1,2 +0,0 @@
----
-- include: certificates/distribute_ca.yml
diff --git a/roles/etcd/tasks/distribute_ca.yml b/roles/etcd/tasks/distribute_ca.yml
new file mode 100644
index 000000000..7d2607844
--- /dev/null
+++ b/roles/etcd/tasks/distribute_ca.yml
@@ -0,0 +1,2 @@
+---
+- include_tasks: certificates/distribute_ca.yml
diff --git a/roles/etcd/tasks/drop_etcdctl.yml b/roles/etcd/tasks/drop_etcdctl.yml
index 4c1f609f7..3258ab1a8 100644
--- a/roles/etcd/tasks/drop_etcdctl.yml
+++ b/roles/etcd/tasks/drop_etcdctl.yml
@@ -1,2 +1,2 @@
---
-- include: auxiliary/drop_etcdctl.yml
+- include_tasks: auxiliary/drop_etcdctl.yml
diff --git a/roles/etcd/tasks/fetch_backup.yml b/roles/etcd/tasks/fetch_backup.yml
deleted file mode 100644
index 513eed17a..000000000
--- a/roles/etcd/tasks/fetch_backup.yml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-- include: backup/vars.yml
-
-- include: backup/archive.yml
-
-- include: backup/sync_backup.yml
-
-- include: backup/
diff --git a/roles/etcd/tasks/main.yml b/roles/etcd/tasks/main.yml
index 3e69af314..12e41667e 100644
--- a/roles/etcd/tasks/main.yml
+++ b/roles/etcd/tasks/main.yml
@@ -7,20 +7,21 @@
etcd_ip: "{{ etcd_ip }}"
- name: setup firewall
- include: firewall.yml
- static: yes
+ import_tasks: firewall.yml
- name: Install etcd
package: name=etcd{{ '-' + etcd_version if etcd_version is defined else '' }} state=present
when: not etcd_is_containerized | bool
+ register: result
+ until: result is succeeded
-- include: drop_etcdctl.yml
+- include_tasks: drop_etcdctl.yml
when:
- openshift_etcd_etcdctl_profile | default(true) | bool
- block:
- name: Pull etcd container
- command: docker pull {{ openshift.etcd.etcd_image }}
+ command: docker pull {{ etcd_image }}
register: pull_result
changed_when: "'Downloaded newer image' in pull_result.stdout"
@@ -30,7 +31,7 @@
src: etcd.docker.service
when:
- etcd_is_containerized | bool
- - not openshift.common.is_etcd_system_container | bool
+ - not l_is_etcd_system_container | bool
# Start secondary etcd instance for third party integrations
# TODO: Determine an alternative to using thirdparty variable
@@ -90,19 +91,21 @@
enabled: no
masked: yes
daemon_reload: yes
- when: not openshift.common.is_etcd_system_container | bool
+ when: not l_is_etcd_system_container | bool
register: task_result
- failed_when: task_result|failed and 'could not' not in task_result.msg|lower
+ failed_when:
+ - task_result is failed
+ - ('could not' not in task_result.msg|lower)
- name: Install etcd container service file
template:
dest: "/etc/systemd/system/etcd_container.service"
src: etcd.docker.service
- when: not openshift.common.is_etcd_system_container | bool
+ when: not l_is_etcd_system_container | bool
- name: Install Etcd system container
- include: system_container.yml
- when: openshift.common.is_etcd_system_container | bool
+ include_tasks: system_container.yml
+ when: l_is_etcd_system_container | bool
when: etcd_is_containerized | bool
- name: Validate permissions on the config dir
@@ -130,4 +133,4 @@
- name: Set fact etcd_service_status_changed
set_fact:
- etcd_service_status_changed: "{{ start_result | changed }}"
+ etcd_service_status_changed: "{{ start_result is changed }}"
diff --git a/roles/etcd/tasks/migrate.add_ttls.yml b/roles/etcd/tasks/migrate.add_ttls.yml
index bc27e4ea1..1dd3c9269 100644
--- a/roles/etcd/tasks/migrate.add_ttls.yml
+++ b/roles/etcd/tasks/migrate.add_ttls.yml
@@ -1,2 +1,2 @@
---
-- include: migration/add_ttls.yml
+- include_tasks: migration/add_ttls.yml
diff --git a/roles/etcd/tasks/migrate.configure_master.yml b/roles/etcd/tasks/migrate.configure_master.yml
index 3ada6e362..5be9cebd7 100644
--- a/roles/etcd/tasks/migrate.configure_master.yml
+++ b/roles/etcd/tasks/migrate.configure_master.yml
@@ -1,2 +1,2 @@
---
-- include: migration/configure_master.yml
+- include_tasks: migration/configure_master.yml
diff --git a/roles/etcd/tasks/migrate.pre_check.yml b/roles/etcd/tasks/migrate.pre_check.yml
index 124d21561..4cb67d322 100644
--- a/roles/etcd/tasks/migrate.pre_check.yml
+++ b/roles/etcd/tasks/migrate.pre_check.yml
@@ -1,2 +1,2 @@
---
-- include: migration/check.yml
+- include_tasks: migration/check.yml
diff --git a/roles/etcd/tasks/migrate.yml b/roles/etcd/tasks/migrate.yml
index 5d5385873..1a75f63f1 100644
--- a/roles/etcd/tasks/migrate.yml
+++ b/roles/etcd/tasks/migrate.yml
@@ -1,2 +1,2 @@
---
-- include: migration/migrate.yml
+- include_tasks: migration/migrate.yml
diff --git a/roles/etcd/tasks/migration/add_ttls.yml b/roles/etcd/tasks/migration/add_ttls.yml
index 14625e49e..a4b0ff31d 100644
--- a/roles/etcd/tasks/migration/add_ttls.yml
+++ b/roles/etcd/tasks/migration/add_ttls.yml
@@ -6,12 +6,12 @@
- set_fact:
accessTokenMaxAgeSeconds: "{{ (g_master_config_output.content|b64decode|from_yaml).oauthConfig.tokenConfig.accessTokenMaxAgeSeconds | default(86400) }}"
- authroizeTokenMaxAgeSeconds: "{{ (g_master_config_output.content|b64decode|from_yaml).oauthConfig.tokenConfig.authroizeTokenMaxAgeSeconds | default(500) }}"
+ authorizeTokenMaxAgeSeconds: "{{ (g_master_config_output.content|b64decode|from_yaml).oauthConfig.tokenConfig.authorizeTokenMaxAgeSeconds | default(500) }}"
controllerLeaseTTL: "{{ (g_master_config_output.content|b64decode|from_yaml).controllerLeaseTTL | default(30) }}"
- name: Re-introduce leases (as a replacement for key TTLs)
command: >
- oadm migrate etcd-ttl \
+ {{ openshift.common.client_binary }} adm migrate etcd-ttl \
--cert {{ r_etcd_common_master_peer_cert_file }} \
--key {{ r_etcd_common_master_peer_key_file }} \
--cacert {{ r_etcd_common_master_peer_ca_file }} \
@@ -29,6 +29,6 @@
- keys: "/openshift.io/oauth/accesstokens"
ttl: "{{ accessTokenMaxAgeSeconds }}s"
- keys: "/openshift.io/oauth/authorizetokens"
- ttl: "{{ authroizeTokenMaxAgeSeconds }}s"
+ ttl: "{{ authorizeTokenMaxAgeSeconds }}s"
- keys: "/openshift.io/leases/controllers"
ttl: "{{ controllerLeaseTTL }}s"
diff --git a/roles/etcd/tasks/migration/check.yml b/roles/etcd/tasks/migration/check.yml
index 5c45e5ae1..8ef81da28 100644
--- a/roles/etcd/tasks/migration/check.yml
+++ b/roles/etcd/tasks/migration/check.yml
@@ -1,7 +1,7 @@
---
# Check the cluster is healthy
-- include: check_cluster_health.yml
+- include_tasks: check_cluster_health.yml
# Check if there is at least one v2 snapshot
- name: Check if there is at least one v2 snapshot
@@ -39,7 +39,7 @@
# - with_items not supported over block
# Check the cluster status for the first time
-- include: check_cluster_status.yml
+- include_tasks: check_cluster_status.yml
# Check the cluster status for the second time
- block:
@@ -50,7 +50,7 @@
seconds: 5
when: not l_etcd_cluster_status_ok | bool
- - include: check_cluster_status.yml
+ - include_tasks: check_cluster_status.yml
when: not l_etcd_cluster_status_ok | bool
@@ -63,5 +63,5 @@
seconds: 5
when: not l_etcd_cluster_status_ok | bool
- - include: check_cluster_status.yml
+ - include_tasks: check_cluster_status.yml
when: not l_etcd_cluster_status_ok | bool
diff --git a/roles/etcd/tasks/remove_ca_certificates.yml b/roles/etcd/tasks/remove_ca_certificates.yml
index 36df1a1cc..c1ea4e6c9 100644
--- a/roles/etcd/tasks/remove_ca_certificates.yml
+++ b/roles/etcd/tasks/remove_ca_certificates.yml
@@ -1,2 +1,2 @@
---
-- include: certificates/remove_ca_certificates.yml
+- include_tasks: certificates/remove_ca_certificates.yml
diff --git a/roles/etcd/tasks/remove_generated_certificates.yml b/roles/etcd/tasks/remove_generated_certificates.yml
index b10a4b32d..8cdeea187 100644
--- a/roles/etcd/tasks/remove_generated_certificates.yml
+++ b/roles/etcd/tasks/remove_generated_certificates.yml
@@ -1,2 +1,2 @@
---
-- include: certificates/remove_generated_certificates.yml
+- include_tasks: certificates/remove_generated_certificates.yml
diff --git a/roles/etcd/tasks/restart.yml b/roles/etcd/tasks/restart.yml
new file mode 100644
index 000000000..d4a016eec
--- /dev/null
+++ b/roles/etcd/tasks/restart.yml
@@ -0,0 +1,21 @@
+---
+
+- name: restart etcd
+ service:
+ name: "{{ etcd_service }}"
+ state: restarted
+ when:
+ - not g_etcd_certificates_expired | default(false) | bool
+
+- name: stop etcd
+ service:
+ name: "{{ etcd_service }}"
+ state: stopped
+ when:
+ - g_etcd_certificates_expired | default(false) | bool
+- name: start etcd
+ service:
+ name: "{{ etcd_service }}"
+ state: started
+ when:
+ - g_etcd_certificates_expired | default(false) | bool
diff --git a/roles/etcd/tasks/retrieve_ca_certificates.yml b/roles/etcd/tasks/retrieve_ca_certificates.yml
index bd6c4ec85..2184e669c 100644
--- a/roles/etcd/tasks/retrieve_ca_certificates.yml
+++ b/roles/etcd/tasks/retrieve_ca_certificates.yml
@@ -1,2 +1,2 @@
---
-- include: certificates/retrieve_ca_certificates.yml
+- include_tasks: certificates/retrieve_ca_certificates.yml
diff --git a/roles/etcd/tasks/server_certificates.yml b/roles/etcd/tasks/server_certificates.yml
index ae26079f9..75c35d59e 100644
--- a/roles/etcd/tasks/server_certificates.yml
+++ b/roles/etcd/tasks/server_certificates.yml
@@ -1,6 +1,6 @@
---
-- include: ca.yml
+- include_tasks: ca.yml
when:
- etcd_ca_setup | default(True) | bool
-- include: certificates/fetch_server_certificates_from_ca.yml
+- include_tasks: certificates/fetch_server_certificates_from_ca.yml
diff --git a/roles/etcd/tasks/system_container.yml b/roles/etcd/tasks/system_container.yml
index f71d9b551..e37652536 100644
--- a/roles/etcd/tasks/system_container.yml
+++ b/roles/etcd/tasks/system_container.yml
@@ -1,11 +1,6 @@
---
-- name: Ensure proxies are in the atomic.conf
- include_role:
- name: openshift_atomic
- tasks_from: proxy
-
- name: Pull etcd system container
- command: atomic pull --storage=ostree {{ openshift.etcd.etcd_image }}
+ command: atomic pull --storage=ostree {{ etcd_image }}
register: pull_result
changed_when: "'Pulling layer' in pull_result.stdout"
@@ -34,7 +29,9 @@
masked: no
daemon_reload: yes
register: task_result
- failed_when: task_result|failed and 'could not' not in task_result.msg|lower
+ failed_when:
+ - task_result is failed
+ - ('could not' not in task_result.msg|lower)
when: "'etcd' not in etcd_result.stdout"
- name: Disable etcd_container
@@ -44,7 +41,9 @@
enabled: no
daemon_reload: yes
register: task_result
- failed_when: task_result|failed and 'could not' not in task_result.msg|lower
+ failed_when:
+ - task_result is failed
+ - ('could not' not in task_result.msg|lower)
- name: Remove etcd_container.service
file:
@@ -57,7 +56,7 @@
- name: Install or Update Etcd system container package
oc_atomic_container:
name: etcd
- image: "{{ openshift.etcd.etcd_image }}"
+ image: "{{ etcd_image }}"
state: latest
values:
- ETCD_DATA_DIR=/var/lib/etcd
diff --git a/roles/etcd/tasks/upgrade/upgrade_image.yml b/roles/etcd/tasks/upgrade/upgrade_image.yml
index 24071f9ad..13bb0faca 100644
--- a/roles/etcd/tasks/upgrade/upgrade_image.yml
+++ b/roles/etcd/tasks/upgrade/upgrade_image.yml
@@ -44,6 +44,8 @@
name: etcd
state: latest
when: not l_ostree_booted.stat.exists | bool
+ register: result
+ until: result is succeeded
- name: Verify cluster is healthy
command: "{{ etcdctlv2 }} cluster-health"
diff --git a/roles/etcd/tasks/upgrade/upgrade_rpm.yml b/roles/etcd/tasks/upgrade/upgrade_rpm.yml
index 505e28afb..180ed4135 100644
--- a/roles/etcd/tasks/upgrade/upgrade_rpm.yml
+++ b/roles/etcd/tasks/upgrade/upgrade_rpm.yml
@@ -18,6 +18,8 @@
package:
name: "{{ l_etcd_target_package }}"
state: latest
+ register: result
+ until: result is succeeded
- lineinfile:
destfile: "{{ etcd_conf_file }}"
diff --git a/roles/etcd/tasks/upgrade_image.yml b/roles/etcd/tasks/upgrade_image.yml
index 9e69027eb..35385cb9a 100644
--- a/roles/etcd/tasks/upgrade_image.yml
+++ b/roles/etcd/tasks/upgrade_image.yml
@@ -1,2 +1,2 @@
---
-- include: upgrade/upgrade_image.yml
+- include_tasks: upgrade/upgrade_image.yml
diff --git a/roles/etcd/tasks/upgrade_rpm.yml b/roles/etcd/tasks/upgrade_rpm.yml
index 29603d2b6..fbd3cd919 100644
--- a/roles/etcd/tasks/upgrade_rpm.yml
+++ b/roles/etcd/tasks/upgrade_rpm.yml
@@ -1,2 +1,2 @@
---
-- include: upgrade/upgrade_rpm.yml
+- include_tasks: upgrade/upgrade_rpm.yml
diff --git a/roles/etcd/tasks/version_detect.yml b/roles/etcd/tasks/version_detect.yml
new file mode 100644
index 000000000..fe1e418d8
--- /dev/null
+++ b/roles/etcd/tasks/version_detect.yml
@@ -0,0 +1,55 @@
+---
+- block:
+ - name: Record RPM based etcd version
+ command: rpm -qa --qf '%{version}' etcd\*
+ args:
+ warn: no
+ register: etcd_rpm_version
+ failed_when: false
+ # AUDIT:changed_when: `false` because we are only inspecting
+ # state, not manipulating anything
+ changed_when: false
+ - debug:
+ msg: "Etcd rpm version {{ etcd_rpm_version.stdout }} detected"
+ when:
+ - not openshift.common.is_containerized | bool
+
+- block:
+ - name: Record containerized etcd version (docker)
+ command: docker exec etcd_container rpm -qa --qf '%{version}' etcd\*
+ register: etcd_container_version_docker
+ failed_when: false
+ # AUDIT:changed_when: `false` because we are only inspecting
+ # state, not manipulating anything
+ changed_when: false
+ when:
+ - not l_is_etcd_system_container | bool
+
+ # Given a register variables is set even if the whwen condition
+ # is false, we need to set etcd_container_version separately
+ - set_fact:
+ etcd_container_version: "{{ etcd_container_version_docker.stdout }}"
+ when:
+ - not l_is_etcd_system_container | bool
+
+ - name: Record containerized etcd version (runc)
+ command: runc exec etcd rpm -qa --qf '%{version}' etcd\*
+ register: etcd_container_version_runc
+ failed_when: false
+ # AUDIT:changed_when: `false` because we are only inspecting
+ # state, not manipulating anything
+ changed_when: false
+ when:
+ - l_is_etcd_system_container | bool
+
+ # Given a register variables is set even if the whwen condition
+ # is false, we need to set etcd_container_version separately
+ - set_fact:
+ etcd_container_version: "{{ etcd_container_version_runc.stdout }}"
+ when:
+ - l_is_etcd_system_container | bool
+
+ - debug:
+ msg: "Etcd containerized version {{ etcd_container_version }} detected"
+ when:
+ - openshift.common.is_containerized | bool
diff --git a/roles/etcd/templates/etcd.docker.service b/roles/etcd/templates/etcd.docker.service
index adeca7a91..4c25a9955 100644
--- a/roles/etcd/templates/etcd.docker.service
+++ b/roles/etcd/templates/etcd.docker.service
@@ -1,17 +1,17 @@
[Unit]
Description=The Etcd Server container
-After={{ openshift.docker.service_name }}.service
-Requires={{ openshift.docker.service_name }}.service
-PartOf={{ openshift.docker.service_name }}.service
+After={{ openshift_docker_service_name }}.service
+Requires={{ openshift_docker_service_name }}.service
+PartOf={{ openshift_docker_service_name }}.service
[Service]
EnvironmentFile={{ etcd_conf_file }}
ExecStartPre=-/usr/bin/docker rm -f {{ etcd_service }}
-ExecStart=/usr/bin/docker run --name {{ etcd_service }} --rm -v {{ etcd_data_dir }}:{{ etcd_data_dir }}:z -v {{ etcd_conf_dir }}:{{ etcd_conf_dir }}:ro --env-file={{ etcd_conf_file }} --net=host --entrypoint=/usr/bin/etcd {{ openshift.etcd.etcd_image }}
+ExecStart=/usr/bin/docker run --name {{ etcd_service }} --rm -v {{ etcd_data_dir }}:{{ etcd_data_dir }}:z -v {{ etcd_conf_dir }}:{{ etcd_conf_dir }}:ro --env-file={{ etcd_conf_file }} --net=host --entrypoint=/usr/bin/etcd {{ etcd_image }}
ExecStop=/usr/bin/docker stop {{ etcd_service }}
SyslogIdentifier=etcd_container
Restart=always
RestartSec=5s
[Install]
-WantedBy={{ openshift.docker.service_name }}.service
+WantedBy={{ openshift_docker_service_name }}.service
diff --git a/roles/flannel/defaults/main.yaml b/roles/flannel/defaults/main.yaml
index 988731ef2..2e4a0dc39 100644
--- a/roles/flannel/defaults/main.yaml
+++ b/roles/flannel/defaults/main.yaml
@@ -2,6 +2,8 @@
flannel_interface: "{{ ansible_default_ipv4.interface }}"
flannel_etcd_key: /openshift.com/network
etcd_hosts: "{{ etcd_urls }}"
-etcd_peer_ca_file: "{{ openshift.common.config_base }}/node/{{ 'ca' if (embedded_etcd | bool) else 'flannel.etcd-ca' }}.crt"
-etcd_peer_cert_file: "{{ openshift.common.config_base }}/node/{{ 'system:node:' + openshift.common.hostname if (embedded_etcd | bool) else 'flannel.etcd-client' }}.crt"
-etcd_peer_key_file: "{{ openshift.common.config_base }}/node/{{ 'system:node:' + openshift.common.hostname if (embedded_etcd | bool) else 'flannel.etcd-client' }}.key"
+etcd_peer_ca_file: "{{ openshift.common.config_base }}/node/flannel.etcd-ca.crt"
+etcd_peer_cert_file: "{{ openshift.common.config_base }}/node/flannel.etcd-client.crt"
+etcd_peer_key_file: "{{ openshift.common.config_base }}/node/flannel.etcd-client.key"
+
+openshift_docker_service_name: "{{ 'container-engine' if (openshift_docker_use_system_container | default(False)) else 'docker' }}"
diff --git a/roles/flannel/handlers/main.yml b/roles/flannel/handlers/main.yml
index 889069485..7d79bd3d4 100644
--- a/roles/flannel/handlers/main.yml
+++ b/roles/flannel/handlers/main.yml
@@ -6,18 +6,18 @@
- name: restart docker
become: yes
systemd:
- name: "{{ openshift.docker.service_name }}"
+ name: "{{ openshift_docker_service_name }}"
state: restarted
register: l_docker_restart_docker_in_flannel_result
- until: not l_docker_restart_docker_in_flannel_result | failed
+ until: not (l_docker_restart_docker_in_flannel_result is failed)
retries: 3
delay: 30
- name: restart node
systemd:
- name: "{{ openshift.common.service_type }}-node"
+ name: "{{ openshift_service_type }}-node"
state: restarted
register: l_restart_node_result
- until: not l_restart_node_result | failed
+ until: not (l_restart_node_result is failed)
retries: 3
delay: 30
diff --git a/roles/flannel/meta/main.yml b/roles/flannel/meta/main.yml
index 51128dba6..7634b8192 100644
--- a/roles/flannel/meta/main.yml
+++ b/roles/flannel/meta/main.yml
@@ -12,4 +12,5 @@ galaxy_info:
categories:
- cloud
- system
-dependencies: []
+dependencies:
+- role: lib_utils
diff --git a/roles/flannel/tasks/main.yml b/roles/flannel/tasks/main.yml
index 3a8945a82..9b9250f31 100644
--- a/roles/flannel/tasks/main.yml
+++ b/roles/flannel/tasks/main.yml
@@ -3,6 +3,8 @@
become: yes
package: name=flannel state=present
when: not openshift.common.is_atomic | bool
+ register: result
+ until: result is succeeded
- name: Set flannel etcd options
become: yes
diff --git a/roles/flannel_register/defaults/main.yaml b/roles/flannel_register/defaults/main.yaml
index 1d0f5df6a..cd11fd9ff 100644
--- a/roles/flannel_register/defaults/main.yaml
+++ b/roles/flannel_register/defaults/main.yaml
@@ -4,6 +4,6 @@ flannel_subnet_len: "{{ 32 - (openshift.master.sdn_host_subnet_length | int) }}"
flannel_etcd_key: /openshift.com/network
etcd_hosts: "{{ etcd_urls }}"
etcd_conf_dir: "{{ openshift.common.config_base }}/master"
-etcd_peer_ca_file: "{{ etcd_conf_dir + '/ca.crt' if (openshift.master.embedded_etcd | bool) else etcd_conf_dir + '/master.etcd-ca.crt' }}"
+etcd_peer_ca_file: "{{ etcd_conf_dir + '/master.etcd-ca.crt' }}"
etcd_peer_cert_file: "{{ etcd_conf_dir }}/master.etcd-client.crt"
etcd_peer_key_file: "{{ etcd_conf_dir }}/master.etcd-client.key"
diff --git a/roles/flannel_register/meta/main.yml b/roles/flannel_register/meta/main.yml
index 73bddcca4..1e44ff5ba 100644
--- a/roles/flannel_register/meta/main.yml
+++ b/roles/flannel_register/meta/main.yml
@@ -13,4 +13,5 @@ galaxy_info:
- cloud
- system
dependencies:
-- { role: openshift_facts }
+- role: openshift_facts
+- role: lib_utils
diff --git a/roles/installer_checkpoint/README.md b/roles/installer_checkpoint/README.md
index 83e00e504..68c0357b6 100644
--- a/roles/installer_checkpoint/README.md
+++ b/roles/installer_checkpoint/README.md
@@ -16,7 +16,7 @@ displaying and logging of the installer status at the end of a playbook run.
To ensure the callback plugin is loaded, regardless of ansible.cfg file
configuration, the plugin has been placed inside the installer_checkpoint role
-which must be called early in playbook execution. The `std_include.yml` playbook
+which must be called early in playbook execution. The `init/main.yml` playbook
is run first for all entry point playbooks, therefore, the initialization of the
checkpoint plugin has been placed at the beginning of that file.
@@ -64,11 +64,11 @@ phase are stored in the `phase_attributes` variable.
},
'installer_phase_etcd': {
'title': 'etcd Install',
- 'playbook': 'playbooks/byo/openshift-etcd/config.yml'
+ 'playbook': 'playbooks/openshift-etcd/config.yml'
},
'installer_phase_nfs': {
'title': 'NFS Install',
- 'playbook': 'playbooks/byo/openshift-nfs/config.yml'
+ 'playbook': 'playbooks/openshift-nfs/config.yml'
},
#...
}
@@ -89,39 +89,42 @@ phase/component and then a final play for setting `installer_hase_initialize` to
"Complete".
```yaml
-# common/openshift-cluster/std_include.yml
+# init/main.yml
---
- name: Initialization Checkpoint Start
- hosts: oo_all_hosts
+ hosts: all
gather_facts: false
roles:
- installer_checkpoint
tasks:
- name: Set install initialization 'In Progress'
+ run_once: true
set_stats:
data:
- installer_phase_initialize: "In Progress"
- aggregate: false
+ installer_phase_initialize:
+ status: "In Progress"
+ start: "{{ lookup('pipe', 'date +%Y%m%d%H%M%SZ') }}"
#...
# Various plays here
#...
- name: Initialization Checkpoint End
- hosts: localhost
- connection: local
+ hosts: all
gather_facts: false
tasks:
- name: Set install initialization 'Complete'
+ run_once: true
set_stats:
data:
- installer_phase_initialize: "Complete"
- aggregate: false
+ installer_phase_initialize:
+ status: "Complete"
+ end: "{{ lookup('pipe', 'date +%Y%m%d%H%M%SZ') }}"
```
Each phase or component of the installer will follow a similar pattern, with the
exception that the `installer_checkpoint` role does not need to be called since
-it was already loaded by the play in `std_include.yml`. It is important to
+it was already loaded by the play in `init/main.yml`. It is important to
place the 'In Progress' and 'Complete' plays as the first and last plays of the
phase or component.
@@ -139,37 +142,25 @@ localhost : ok=24 changed=0 unreachable=0 failed=0
INSTALLER STATUS ***************************************************************
-Initialization : Complete
-etcd Install : Complete
-NFS Install : Not Started
-Load balancer Install : Not Started
-Master Install : Complete
-Master Additional Install : Complete
-Node Install : Complete
-GlusterFS Install : Not Started
-Hosted Install : Complete
-Metrics Install : Not Started
-Logging Install : Not Started
-Service Catalog Install : Not Started
+Initialization : Complete (0:02:14)
+Health Check : Complete (0:01:10)
+etcd Install : Complete (0:02:01)
+Master Install : Complete (0:11:43)
+Master Additional Install : Complete (0:00:54)
+Node Install : Complete (0:14:11)
+Hosted Install : Complete (0:03:28)
```
Example display if a failure occurs during execution:
```
INSTALLER STATUS ***************************************************************
-Initialization : Complete
-etcd Install : Complete
-NFS Install : Not Started
-Load balancer Install : Not Started
-Master Install : In Progress
- This phase can be restarted by running: playbooks/byo/openshift-master/config.yml
-Master Additional Install : Not Started
-Node Install : Not Started
-GlusterFS Install : Not Started
-Hosted Install : Not Started
-Metrics Install : Not Started
-Logging Install : Not Started
-Service Catalog Install : Not Started
+Initialization : Complete (0:02:14)
+Health Check : Complete (0:01:10)
+etcd Install : Complete (0:02:58)
+Master Install : Complete (0:09:20)
+Master Additional Install : In Progress (0:20:04)
+ This phase can be restarted by running: playbooks/openshift-master/additional_config.yml
```
[set_stats]: http://docs.ansible.com/ansible/latest/set_stats_module.html
diff --git a/roles/installer_checkpoint/callback_plugins/installer_checkpoint.py b/roles/installer_checkpoint/callback_plugins/installer_checkpoint.py
index b17358882..83ca83350 100644
--- a/roles/installer_checkpoint/callback_plugins/installer_checkpoint.py
+++ b/roles/installer_checkpoint/callback_plugins/installer_checkpoint.py
@@ -1,60 +1,10 @@
"""Ansible callback plugin to print a summary completion status of installation
phases.
"""
+from datetime import datetime
from ansible.plugins.callback import CallbackBase
from ansible import constants as C
-DOCUMENTATION = '''
-
-'''
-
-EXAMPLES = '''
----------------------------------------------
-Example display of a successful playbook run:
-
-PLAY RECAP *********************************************************************
-master01.example.com : ok=158 changed=16 unreachable=0 failed=0
-node01.example.com : ok=469 changed=74 unreachable=0 failed=0
-node02.example.com : ok=157 changed=17 unreachable=0 failed=0
-localhost : ok=24 changed=0 unreachable=0 failed=0
-
-
-INSTALLER STATUS ***************************************************************
-Initialization : Complete
-etcd Install : Complete
-NFS Install : Not Started
-Load balancer Install : Not Started
-Master Install : Complete
-Master Additional Install : Complete
-Node Install : Complete
-GlusterFS Install : Not Started
-Hosted Install : Complete
-Metrics Install : Not Started
-Logging Install : Not Started
-Prometheus Install : Not Started
-Service Catalog Install : Not Started
-
------------------------------------------------------
-Example display if a failure occurs during execution:
-
-INSTALLER STATUS ***************************************************************
-Initialization : Complete
-etcd Install : Complete
-NFS Install : Not Started
-Load balancer Install : Not Started
-Master Install : In Progress
- This phase can be restarted by running: playbooks/byo/openshift-master/config.yml
-Master Additional Install : Not Started
-Node Install : Not Started
-GlusterFS Install : Not Started
-Hosted Install : Not Started
-Metrics Install : Not Started
-Logging Install : Not Started
-Prometheus Install : Not Started
-Service Catalog Install : Not Started
-
-'''
-
class CallbackModule(CallbackBase):
"""This callback summarizes installation phase status."""
@@ -96,59 +46,59 @@ class CallbackModule(CallbackBase):
},
'installer_phase_health': {
'title': 'Health Check',
- 'playbook': 'playbooks/byo/openshift-checks/pre-install.yml'
+ 'playbook': 'playbooks/openshift-checks/pre-install.yml'
},
'installer_phase_etcd': {
'title': 'etcd Install',
- 'playbook': 'playbooks/byo/openshift-etcd/config.yml'
+ 'playbook': 'playbooks/openshift-etcd/config.yml'
},
'installer_phase_nfs': {
'title': 'NFS Install',
- 'playbook': 'playbooks/byo/openshift-nfs/config.yml'
+ 'playbook': 'playbooks/openshift-nfs/config.yml'
},
'installer_phase_loadbalancer': {
'title': 'Load balancer Install',
- 'playbook': 'playbooks/byo/openshift-loadbalancer/config.yml'
+ 'playbook': 'playbooks/openshift-loadbalancer/config.yml'
},
'installer_phase_master': {
'title': 'Master Install',
- 'playbook': 'playbooks/byo/openshift-master/config.yml'
+ 'playbook': 'playbooks/openshift-master/config.yml'
},
'installer_phase_master_additional': {
'title': 'Master Additional Install',
- 'playbook': 'playbooks/byo/openshift-master/additional_config.yml'
+ 'playbook': 'playbooks/openshift-master/additional_config.yml'
},
'installer_phase_node': {
'title': 'Node Install',
- 'playbook': 'playbooks/byo/openshift-node/config.yml'
+ 'playbook': 'playbooks/openshift-node/config.yml'
},
'installer_phase_glusterfs': {
'title': 'GlusterFS Install',
- 'playbook': 'playbooks/byo/openshift-glusterfs/config.yml'
+ 'playbook': 'playbooks/openshift-glusterfs/config.yml'
},
'installer_phase_hosted': {
'title': 'Hosted Install',
- 'playbook': 'playbooks/byo/openshift-cluster/openshift-hosted.yml'
+ 'playbook': 'playbooks/openshift-hosted/config.yml'
},
'installer_phase_metrics': {
'title': 'Metrics Install',
- 'playbook': 'playbooks/byo/openshift-cluster/openshift-metrics.yml'
+ 'playbook': 'playbooks/openshift-metrics/config.yml'
},
'installer_phase_logging': {
'title': 'Logging Install',
- 'playbook': 'playbooks/byo/openshift-cluster/openshift-logging.yml'
+ 'playbook': 'playbooks/openshift-logging/config.yml'
},
'installer_phase_prometheus': {
'title': 'Prometheus Install',
- 'playbook': 'playbooks/byo/openshift-cluster/openshift-prometheus.yml'
+ 'playbook': 'playbooks/openshift-prometheus/config.yml'
},
'installer_phase_servicecatalog': {
'title': 'Service Catalog Install',
- 'playbook': 'playbooks/byo/openshift-cluster/service-catalog.yml'
+ 'playbook': 'playbooks/openshift-service-catalog/config.yml'
},
'installer_phase_management': {
'title': 'Management Install',
- 'playbook': 'playbooks/byo/openshift-management/config.yml'
+ 'playbook': 'playbooks/openshift-management/config.yml'
},
}
@@ -163,9 +113,10 @@ class CallbackModule(CallbackBase):
phase_title = phase_attributes[phase]['title']
padding = max_column - len(phase_title) + 2
if phase in stats.custom['_run']:
- phase_status = stats.custom['_run'][phase]
+ phase_status = stats.custom['_run'][phase]['status']
+ phase_time = phase_time_delta(stats.custom['_run'][phase])
self._display.display(
- '{}{}: {}'.format(phase_title, ' ' * padding, phase_status),
+ '{}{}: {} ({})'.format(phase_title, ' ' * padding, phase_status, phase_time),
color=self.phase_color(phase_status))
if phase_status == 'In Progress' and phase != 'installer_phase_initialize':
self._display.display(
@@ -192,3 +143,17 @@ class CallbackModule(CallbackBase):
phase_color = C.COLOR_WARN
return phase_color
+
+
+def phase_time_delta(phase):
+ """ Calculate the difference between phase start and end times """
+ time_format = '%Y%m%d%H%M%SZ'
+ phase_start = datetime.strptime(phase['start'], time_format)
+ if 'end' not in phase:
+ # The phase failed so set the end time to now
+ phase_end = datetime.now()
+ else:
+ phase_end = datetime.strptime(phase['end'], time_format)
+ delta = str(phase_end - phase_start).split(".")[0] # Trim microseconds
+
+ return delta
diff --git a/roles/kuryr/README.md b/roles/kuryr/README.md
index 7b618f902..269788a11 100644
--- a/roles/kuryr/README.md
+++ b/roles/kuryr/README.md
@@ -31,6 +31,11 @@ pods. This allows to have interconnectivity between pods and OpenStack VMs.
* ``kuryr_openstack_pod_service_id=service_subnet_uuid``
* ``kuryr_openstack_pod_project_id=pod_project_uuid``
* ``kuryr_openstack_worker_nodes_subnet_id=worker_nodes_subnet_uuid``
+* ``kuryr_openstack_enable_pools=True``
+* ``kuryr_openstack_pool_max=0``
+* ``kuryr_openstack_pool_min=1``
+* ``kuryr_openstack_pool_batch=5``
+* ``kuryr_openstack_pool_update_frequency=20``
## Kuryr resources
diff --git a/roles/kuryr/meta/main.yml b/roles/kuryr/meta/main.yml
index 7fd5adf41..7eb8ed781 100644
--- a/roles/kuryr/meta/main.yml
+++ b/roles/kuryr/meta/main.yml
@@ -13,5 +13,6 @@ galaxy_info:
- cloud
- system
dependencies:
-- { role: lib_openshift }
-- { role: openshift_facts }
+- role: lib_utils
+- role: lib_openshift
+- role: openshift_facts
diff --git a/roles/kuryr/tasks/master.yaml b/roles/kuryr/tasks/master.yaml
index 55ab16f74..1cc6d2375 100644
--- a/roles/kuryr/tasks/master.yaml
+++ b/roles/kuryr/tasks/master.yaml
@@ -1,6 +1,6 @@
---
-- name: Perform OpenShit ServiceAccount config
- include: serviceaccount.yaml
+- name: Perform OpenShift ServiceAccount config
+ include_tasks: serviceaccount.yaml
- name: Create kuryr manifests tempdir
command: mktemp -d
diff --git a/roles/kuryr/tasks/node.yaml b/roles/kuryr/tasks/node.yaml
index ffe814713..08f2d5adc 100644
--- a/roles/kuryr/tasks/node.yaml
+++ b/roles/kuryr/tasks/node.yaml
@@ -36,7 +36,7 @@
- name: Configure OpenShift node with disabled service proxy
lineinfile:
- dest: "/etc/sysconfig/{{ openshift.common.service_type }}-node"
+ dest: "/etc/sysconfig/{{ openshift_service_type }}-node"
regexp: '^OPTIONS="?(.*?)"?$'
backrefs: yes
backup: yes
@@ -44,5 +44,5 @@
- name: force node restart to disable the proxy
service:
- name: "{{ openshift.common.service_type }}-node"
+ name: "{{ openshift_service_type }}-node"
state: restarted
diff --git a/roles/kuryr/templates/configmap.yaml.j2 b/roles/kuryr/templates/configmap.yaml.j2
index e874d6c25..96c215f00 100644
--- a/roles/kuryr/templates/configmap.yaml.j2
+++ b/roles/kuryr/templates/configmap.yaml.j2
@@ -161,6 +161,14 @@ data:
# The driver that provides VIFs for Kubernetes Pods. (string value)
pod_vif_driver = nested-vlan
+ # The driver that manages VIFs pools for Kubernetes Pods (string value)
+ vif_pool_driver = {{ kuryr_openstack_enable_pools | default(False) | ternary('nested', 'noop') }}
+
+ [vif_pool]
+ ports_pool_max = {{ kuryr_openstack_pool_max | default(0) }}
+ ports_pool_min = {{ kuryr_openstack_pool_min | default(1) }}
+ ports_pool_batch = {{ kuryr_openstack_pool_batch | default(5) }}
+ ports_pool_update_frequency = {{ kuryr_openstack_pool_update_frequency | default(20) }}
[neutron]
# Configuration options for OpenStack Neutron
@@ -221,6 +229,7 @@ data:
# TODO (apuimedo): Remove the duplicated line just after this one once the
# RDO packaging contains the upstream patch
worker_nodes_subnet = {{ kuryr_openstack_worker_nodes_subnet_id }}
+ external_svc_subnet = {{ kuryr_openstack_external_svc_subnet_id }}
[pod_vif_nested]
worker_nodes_subnet = {{ kuryr_openstack_worker_nodes_subnet_id }}
diff --git a/roles/lib_openshift/library/oc_adm_policy_user.py b/roles/lib_openshift/library/oc_adm_policy_user.py
index 1ceaf5d0d..92515889b 100644
--- a/roles/lib_openshift/library/oc_adm_policy_user.py
+++ b/roles/lib_openshift/library/oc_adm_policy_user.py
@@ -71,6 +71,12 @@ options:
required: false
default: None
aliases: []
+ role_namespace:
+ description:
+ - The namespace where to find the role
+ required: false
+ default: None
+ aliases: []
debug:
description:
- Turn on debug output.
@@ -122,6 +128,14 @@ EXAMPLES = '''
resource_kind: cluster-role
resource_name: system:build-strategy-docker
state: present
+
+- name: oc adm policy add-role-to-user system:build-strategy-docker ausername --role-namespace foo
+ oc_adm_policy_user:
+ user: ausername
+ resource_kind: cluster-role
+ resource_name: system:build-strategy-docker
+ state: present
+ role_namespace: foo
'''
# -*- -*- -*- End included fragment: doc/policy_user -*- -*- -*-
@@ -2065,6 +2079,9 @@ class PolicyUser(OpenShiftCLI):
self.config.config_options['name']['value'],
self.config.config_options['user']['value']]
+ if self.config.config_options['role_namespace']['value'] is not None:
+ cmd.extend(['--role-namespace', self.config.config_options['role_namespace']['value']])
+
return self.openshift_cmd(cmd, oadm=True)
@staticmethod
@@ -2085,6 +2102,7 @@ class PolicyUser(OpenShiftCLI):
'user': {'value': params['user'], 'include': False},
'resource_kind': {'value': params['resource_kind'], 'include': False},
'name': {'value': params['resource_name'], 'include': False},
+ 'role_namespace': {'value': params['role_namespace'], 'include': False},
})
policyuser = PolicyUser(nconfig, params['debug'])
@@ -2149,6 +2167,7 @@ def main():
debug=dict(default=False, type='bool'),
resource_name=dict(required=True, type='str'),
namespace=dict(default='default', type='str'),
+ role_namespace=dict(default=None, type='str'),
kubeconfig=dict(default='/etc/origin/master/admin.kubeconfig', type='str'),
user=dict(required=True, type='str'),
diff --git a/roles/lib_openshift/library/oc_adm_registry.py b/roles/lib_openshift/library/oc_adm_registry.py
index 0771aa5a5..fe565987c 100644
--- a/roles/lib_openshift/library/oc_adm_registry.py
+++ b/roles/lib_openshift/library/oc_adm_registry.py
@@ -1993,6 +1993,7 @@ class ServiceConfig(object):
sname,
namespace,
ports,
+ annotations=None,
selector=None,
labels=None,
cluster_ip=None,
@@ -2004,6 +2005,7 @@ class ServiceConfig(object):
self.name = sname
self.namespace = namespace
self.ports = ports
+ self.annotations = annotations
self.selector = selector
self.labels = labels
self.cluster_ip = cluster_ip
@@ -2026,6 +2028,9 @@ class ServiceConfig(object):
self.data['metadata']['labels'] = {}
for lab, lab_value in self.labels.items():
self.data['metadata']['labels'][lab] = lab_value
+ if self.annotations:
+ self.data['metadata']['annotations'] = self.annotations
+
self.data['spec'] = {}
if self.ports:
diff --git a/roles/lib_openshift/library/oc_adm_router.py b/roles/lib_openshift/library/oc_adm_router.py
index 146f71f68..44de29592 100644
--- a/roles/lib_openshift/library/oc_adm_router.py
+++ b/roles/lib_openshift/library/oc_adm_router.py
@@ -1559,6 +1559,7 @@ class ServiceConfig(object):
sname,
namespace,
ports,
+ annotations=None,
selector=None,
labels=None,
cluster_ip=None,
@@ -1570,6 +1571,7 @@ class ServiceConfig(object):
self.name = sname
self.namespace = namespace
self.ports = ports
+ self.annotations = annotations
self.selector = selector
self.labels = labels
self.cluster_ip = cluster_ip
@@ -1592,6 +1594,9 @@ class ServiceConfig(object):
self.data['metadata']['labels'] = {}
for lab, lab_value in self.labels.items():
self.data['metadata']['labels'][lab] = lab_value
+ if self.annotations:
+ self.data['metadata']['annotations'] = self.annotations
+
self.data['spec'] = {}
if self.ports:
@@ -3154,14 +3159,14 @@ def main():
external_host_insecure=dict(default=False, type='bool'),
external_host_partition_path=dict(default=None, type='str'),
external_host_username=dict(default=None, type='str'),
- external_host_password=dict(default=None, type='str'),
- external_host_private_key=dict(default=None, type='str'),
+ external_host_password=dict(default=None, type='str', no_log=True),
+ external_host_private_key=dict(default=None, type='str', no_log=True),
# Metrics
expose_metrics=dict(default=False, type='bool'),
metrics_image=dict(default=None, type='str'),
# Stats
stats_user=dict(default=None, type='str'),
- stats_password=dict(default=None, type='str'),
+ stats_password=dict(default=None, type='str', no_log=True),
stats_port=dict(default=1936, type='int'),
# extra
cacert_file=dict(default=None, type='str'),
diff --git a/roles/lib_openshift/library/oc_edit.py b/roles/lib_openshift/library/oc_edit.py
index 0b6a8436b..0cea07256 100644
--- a/roles/lib_openshift/library/oc_edit.py
+++ b/roles/lib_openshift/library/oc_edit.py
@@ -1556,20 +1556,7 @@ def main():
debug=dict(default=False, type='bool'),
namespace=dict(default='default', type='str'),
name=dict(default=None, required=True, type='str'),
- kind=dict(required=True,
- type='str',
- choices=['dc', 'deploymentconfig',
- 'rc', 'replicationcontroller',
- 'svc', 'service',
- 'scc', 'securitycontextconstraints',
- 'ns', 'namespace', 'project', 'projects',
- 'is', 'imagestream',
- 'istag', 'imagestreamtag',
- 'bc', 'buildconfig',
- 'routes',
- 'node',
- 'secret',
- 'pv', 'persistentvolume']),
+ kind=dict(required=True, type='str'),
file_name=dict(default=None, type='str'),
file_format=dict(default='yaml', type='str'),
content=dict(default=None, required=True, type='dict'),
diff --git a/roles/lib_openshift/library/oc_service.py b/roles/lib_openshift/library/oc_service.py
index 3e8aea4f1..c541e1bbd 100644
--- a/roles/lib_openshift/library/oc_service.py
+++ b/roles/lib_openshift/library/oc_service.py
@@ -90,6 +90,12 @@ options:
required: false
default: default
aliases: []
+ annotations:
+ description:
+ - Annotations to apply to the object
+ required: false
+ default: None
+ aliases: []
selector:
description:
- The selector to apply when filtering for services.
@@ -1471,6 +1477,7 @@ class ServiceConfig(object):
sname,
namespace,
ports,
+ annotations=None,
selector=None,
labels=None,
cluster_ip=None,
@@ -1482,6 +1489,7 @@ class ServiceConfig(object):
self.name = sname
self.namespace = namespace
self.ports = ports
+ self.annotations = annotations
self.selector = selector
self.labels = labels
self.cluster_ip = cluster_ip
@@ -1504,6 +1512,9 @@ class ServiceConfig(object):
self.data['metadata']['labels'] = {}
for lab, lab_value in self.labels.items():
self.data['metadata']['labels'][lab] = lab_value
+ if self.annotations:
+ self.data['metadata']['annotations'] = self.annotations
+
self.data['spec'] = {}
if self.ports:
@@ -1662,6 +1673,7 @@ class OCService(OpenShiftCLI):
sname,
namespace,
labels,
+ annotations,
selector,
cluster_ip,
portal_ip,
@@ -1674,7 +1686,7 @@ class OCService(OpenShiftCLI):
''' Constructor for OCVolume '''
super(OCService, self).__init__(namespace, kubeconfig, verbose)
self.namespace = namespace
- self.config = ServiceConfig(sname, namespace, ports, selector, labels,
+ self.config = ServiceConfig(sname, namespace, ports, annotations, selector, labels,
cluster_ip, portal_ip, session_affinity, service_type,
external_ips)
self.user_svc = Service(content=self.config.data)
@@ -1739,6 +1751,7 @@ class OCService(OpenShiftCLI):
oc_svc = OCService(params['name'],
params['namespace'],
params['labels'],
+ params['annotations'],
params['selector'],
params['clusterip'],
params['portalip'],
@@ -1840,6 +1853,7 @@ def main():
debug=dict(default=False, type='bool'),
namespace=dict(default='default', type='str'),
name=dict(default=None, type='str'),
+ annotations=dict(default=None, type='dict'),
labels=dict(default=None, type='dict'),
selector=dict(default=None, type='dict'),
clusterip=dict(default=None, type='str'),
diff --git a/roles/lib_openshift/library/oc_storageclass.py b/roles/lib_openshift/library/oc_storageclass.py
index e88f3ae8d..7e7d0fa60 100644
--- a/roles/lib_openshift/library/oc_storageclass.py
+++ b/roles/lib_openshift/library/oc_storageclass.py
@@ -1664,7 +1664,7 @@ def main():
name=dict(default=None, type='str'),
annotations=dict(default=None, type='dict'),
parameters=dict(default=None, type='dict'),
- provisioner=dict(required=True, type='str', choices=['aws-ebs', 'gce-pd', 'glusterfs', 'cinder']),
+ provisioner=dict(required=True, type='str'),
api_version=dict(default='v1', type='str'),
default_storage_class=dict(default="false", type='str'),
),
diff --git a/roles/lib_openshift/src/ansible/oc_adm_policy_user.py b/roles/lib_openshift/src/ansible/oc_adm_policy_user.py
index a22496866..642001021 100644
--- a/roles/lib_openshift/src/ansible/oc_adm_policy_user.py
+++ b/roles/lib_openshift/src/ansible/oc_adm_policy_user.py
@@ -14,6 +14,7 @@ def main():
debug=dict(default=False, type='bool'),
resource_name=dict(required=True, type='str'),
namespace=dict(default='default', type='str'),
+ role_namespace=dict(default=None, type='str'),
kubeconfig=dict(default='/etc/origin/master/admin.kubeconfig', type='str'),
user=dict(required=True, type='str'),
diff --git a/roles/lib_openshift/src/ansible/oc_adm_router.py b/roles/lib_openshift/src/ansible/oc_adm_router.py
index c6563cc2f..52499b273 100644
--- a/roles/lib_openshift/src/ansible/oc_adm_router.py
+++ b/roles/lib_openshift/src/ansible/oc_adm_router.py
@@ -34,14 +34,14 @@ def main():
external_host_insecure=dict(default=False, type='bool'),
external_host_partition_path=dict(default=None, type='str'),
external_host_username=dict(default=None, type='str'),
- external_host_password=dict(default=None, type='str'),
- external_host_private_key=dict(default=None, type='str'),
+ external_host_password=dict(default=None, type='str', no_log=True),
+ external_host_private_key=dict(default=None, type='str', no_log=True),
# Metrics
expose_metrics=dict(default=False, type='bool'),
metrics_image=dict(default=None, type='str'),
# Stats
stats_user=dict(default=None, type='str'),
- stats_password=dict(default=None, type='str'),
+ stats_password=dict(default=None, type='str', no_log=True),
stats_port=dict(default=1936, type='int'),
# extra
cacert_file=dict(default=None, type='str'),
diff --git a/roles/lib_openshift/src/ansible/oc_edit.py b/roles/lib_openshift/src/ansible/oc_edit.py
index 5c5954747..221047393 100644
--- a/roles/lib_openshift/src/ansible/oc_edit.py
+++ b/roles/lib_openshift/src/ansible/oc_edit.py
@@ -15,20 +15,7 @@ def main():
debug=dict(default=False, type='bool'),
namespace=dict(default='default', type='str'),
name=dict(default=None, required=True, type='str'),
- kind=dict(required=True,
- type='str',
- choices=['dc', 'deploymentconfig',
- 'rc', 'replicationcontroller',
- 'svc', 'service',
- 'scc', 'securitycontextconstraints',
- 'ns', 'namespace', 'project', 'projects',
- 'is', 'imagestream',
- 'istag', 'imagestreamtag',
- 'bc', 'buildconfig',
- 'routes',
- 'node',
- 'secret',
- 'pv', 'persistentvolume']),
+ kind=dict(required=True, type='str'),
file_name=dict(default=None, type='str'),
file_format=dict(default='yaml', type='str'),
content=dict(default=None, required=True, type='dict'),
diff --git a/roles/lib_openshift/src/ansible/oc_service.py b/roles/lib_openshift/src/ansible/oc_service.py
index b90c08255..0c55391e3 100644
--- a/roles/lib_openshift/src/ansible/oc_service.py
+++ b/roles/lib_openshift/src/ansible/oc_service.py
@@ -14,6 +14,7 @@ def main():
debug=dict(default=False, type='bool'),
namespace=dict(default='default', type='str'),
name=dict(default=None, type='str'),
+ annotations=dict(default=None, type='dict'),
labels=dict(default=None, type='dict'),
selector=dict(default=None, type='dict'),
clusterip=dict(default=None, type='str'),
diff --git a/roles/lib_openshift/src/ansible/oc_storageclass.py b/roles/lib_openshift/src/ansible/oc_storageclass.py
index e9f3ebbd3..a8f371661 100644
--- a/roles/lib_openshift/src/ansible/oc_storageclass.py
+++ b/roles/lib_openshift/src/ansible/oc_storageclass.py
@@ -14,7 +14,7 @@ def main():
name=dict(default=None, type='str'),
annotations=dict(default=None, type='dict'),
parameters=dict(default=None, type='dict'),
- provisioner=dict(required=True, type='str', choices=['aws-ebs', 'gce-pd', 'glusterfs', 'cinder']),
+ provisioner=dict(required=True, type='str'),
api_version=dict(default='v1', type='str'),
default_storage_class=dict(default="false", type='str'),
),
diff --git a/roles/lib_openshift/src/class/oc_adm_policy_user.py b/roles/lib_openshift/src/class/oc_adm_policy_user.py
index 6fc8145c8..481564c2d 100644
--- a/roles/lib_openshift/src/class/oc_adm_policy_user.py
+++ b/roles/lib_openshift/src/class/oc_adm_policy_user.py
@@ -148,6 +148,9 @@ class PolicyUser(OpenShiftCLI):
self.config.config_options['name']['value'],
self.config.config_options['user']['value']]
+ if self.config.config_options['role_namespace']['value'] is not None:
+ cmd.extend(['--role-namespace', self.config.config_options['role_namespace']['value']])
+
return self.openshift_cmd(cmd, oadm=True)
@staticmethod
@@ -168,6 +171,7 @@ class PolicyUser(OpenShiftCLI):
'user': {'value': params['user'], 'include': False},
'resource_kind': {'value': params['resource_kind'], 'include': False},
'name': {'value': params['resource_name'], 'include': False},
+ 'role_namespace': {'value': params['role_namespace'], 'include': False},
})
policyuser = PolicyUser(nconfig, params['debug'])
diff --git a/roles/lib_openshift/src/class/oc_service.py b/roles/lib_openshift/src/class/oc_service.py
index 7268a0c88..e41237b7e 100644
--- a/roles/lib_openshift/src/class/oc_service.py
+++ b/roles/lib_openshift/src/class/oc_service.py
@@ -13,6 +13,7 @@ class OCService(OpenShiftCLI):
sname,
namespace,
labels,
+ annotations,
selector,
cluster_ip,
portal_ip,
@@ -25,7 +26,7 @@ class OCService(OpenShiftCLI):
''' Constructor for OCVolume '''
super(OCService, self).__init__(namespace, kubeconfig, verbose)
self.namespace = namespace
- self.config = ServiceConfig(sname, namespace, ports, selector, labels,
+ self.config = ServiceConfig(sname, namespace, ports, annotations, selector, labels,
cluster_ip, portal_ip, session_affinity, service_type,
external_ips)
self.user_svc = Service(content=self.config.data)
@@ -90,6 +91,7 @@ class OCService(OpenShiftCLI):
oc_svc = OCService(params['name'],
params['namespace'],
params['labels'],
+ params['annotations'],
params['selector'],
params['clusterip'],
params['portalip'],
diff --git a/roles/lib_openshift/src/doc/policy_user b/roles/lib_openshift/src/doc/policy_user
index 351c9af65..a98652571 100644
--- a/roles/lib_openshift/src/doc/policy_user
+++ b/roles/lib_openshift/src/doc/policy_user
@@ -20,6 +20,12 @@ options:
required: false
default: None
aliases: []
+ role_namespace:
+ description:
+ - The namespace where to find the role
+ required: false
+ default: None
+ aliases: []
debug:
description:
- Turn on debug output.
@@ -71,4 +77,12 @@ EXAMPLES = '''
resource_kind: cluster-role
resource_name: system:build-strategy-docker
state: present
+
+- name: oc adm policy add-role-to-user system:build-strategy-docker ausername --role-namespace foo
+ oc_adm_policy_user:
+ user: ausername
+ resource_kind: cluster-role
+ resource_name: system:build-strategy-docker
+ state: present
+ role_namespace: foo
'''
diff --git a/roles/lib_openshift/src/doc/service b/roles/lib_openshift/src/doc/service
index ba9aa0b38..b596dff85 100644
--- a/roles/lib_openshift/src/doc/service
+++ b/roles/lib_openshift/src/doc/service
@@ -39,6 +39,12 @@ options:
required: false
default: default
aliases: []
+ annotations:
+ description:
+ - Annotations to apply to the object
+ required: false
+ default: None
+ aliases: []
selector:
description:
- The selector to apply when filtering for services.
diff --git a/roles/lib_openshift/src/lib/service.py b/roles/lib_openshift/src/lib/service.py
index 0e8cc3aa5..84620c518 100644
--- a/roles/lib_openshift/src/lib/service.py
+++ b/roles/lib_openshift/src/lib/service.py
@@ -10,6 +10,7 @@ class ServiceConfig(object):
sname,
namespace,
ports,
+ annotations=None,
selector=None,
labels=None,
cluster_ip=None,
@@ -21,6 +22,7 @@ class ServiceConfig(object):
self.name = sname
self.namespace = namespace
self.ports = ports
+ self.annotations = annotations
self.selector = selector
self.labels = labels
self.cluster_ip = cluster_ip
@@ -43,6 +45,9 @@ class ServiceConfig(object):
self.data['metadata']['labels'] = {}
for lab, lab_value in self.labels.items():
self.data['metadata']['labels'][lab] = lab_value
+ if self.annotations:
+ self.data['metadata']['annotations'] = self.annotations
+
self.data['spec'] = {}
if self.ports:
diff --git a/roles/lib_openshift/src/test/unit/test_oc_service.py b/roles/lib_openshift/src/test/unit/test_oc_service.py
index 9c21a262f..2a7b3c7dc 100755
--- a/roles/lib_openshift/src/test/unit/test_oc_service.py
+++ b/roles/lib_openshift/src/test/unit/test_oc_service.py
@@ -34,6 +34,7 @@ class OCServiceTest(unittest.TestCase):
'ports': None,
'state': 'list',
'labels': None,
+ 'annotations': None,
'clusterip': None,
'portalip': None,
'selector': None,
@@ -120,6 +121,7 @@ class OCServiceTest(unittest.TestCase):
'targetPOrt': 9000},
'state': 'present',
'labels': None,
+ 'annotations': None,
'clusterip': None,
'portalip': None,
'selector': {'router': 'router'},
@@ -318,6 +320,7 @@ class OCServiceTest(unittest.TestCase):
'targetPOrt': 9000},
'state': 'present',
'labels': {'component': 'some_component', 'infra': 'true'},
+ 'annotations': None,
'clusterip': None,
'portalip': None,
'selector': {'router': 'router'},
@@ -407,6 +410,7 @@ class OCServiceTest(unittest.TestCase):
'targetPOrt': 9000},
'state': 'present',
'labels': {'component': 'some_component', 'infra': 'true'},
+ 'annotations': None,
'clusterip': None,
'portalip': None,
'selector': {'router': 'router'},
diff --git a/roles/lib_os_firewall/README.md b/roles/lib_os_firewall/README.md
deleted file mode 100644
index ba8c84865..000000000
--- a/roles/lib_os_firewall/README.md
+++ /dev/null
@@ -1,63 +0,0 @@
-lib_os_firewall
-===========
-
-lib_os_firewall manages iptables firewall settings for a minimal use
-case (Adding/Removing rules based on protocol and port number).
-
-Note: firewalld is not supported on Atomic Host
-https://bugzilla.redhat.com/show_bug.cgi?id=1403331
-
-Requirements
-------------
-
-Ansible 2.2
-
-Role Variables
---------------
-
-| Name | Default | |
-|---------------------------|---------|----------------------------------------|
-| os_firewall_allow | [] | List of service,port mappings to allow |
-| os_firewall_deny | [] | List of service, port mappings to deny |
-
-Dependencies
-------------
-
-None.
-
-Example Playbook
-----------------
-
-Use iptables and open tcp ports 80 and 443:
-```
----
-- hosts: servers
- vars:
- os_firewall_use_firewalld: false
- os_firewall_allow:
- - service: httpd
- port: 80/tcp
- - service: https
- port: 443/tcp
- tasks:
- - include_role:
- name: lib_os_firewall
-
- - name: set allow rules
- os_firewall_manage_iptables:
- name: "{{ item.service }}"
- action: add
- protocol: "{{ item.port.split('/')[1] }}"
- port: "{{ item.port.split('/')[0] }}"
- with_items: "{{ os_firewall_allow }}"
-```
-
-
-License
--------
-
-Apache License, Version 2.0
-
-Author Information
-------------------
-Jason DeTiberus - jdetiber@redhat.com
diff --git a/roles/lib_utils/callback_plugins/aa_version_requirement.py b/roles/lib_utils/callback_plugins/aa_version_requirement.py
new file mode 100644
index 000000000..1093acdae
--- /dev/null
+++ b/roles/lib_utils/callback_plugins/aa_version_requirement.py
@@ -0,0 +1,60 @@
+#!/usr/bin/python
+
+"""
+This callback plugin verifies the required minimum version of Ansible
+is installed for proper operation of the OpenShift Ansible Installer.
+The plugin is named with leading `aa_` to ensure this plugin is loaded
+first (alphanumerically) by Ansible.
+"""
+import sys
+from ansible import __version__
+
+if __version__ < '2.0':
+ # pylint: disable=import-error,no-name-in-module
+ # Disabled because pylint warns when Ansible v2 is installed
+ from ansible.callbacks import display as pre2_display
+ CallbackBase = object
+
+ def display(*args, **kwargs):
+ """Set up display function for pre Ansible v2"""
+ pre2_display(*args, **kwargs)
+else:
+ from ansible.plugins.callback import CallbackBase
+ from ansible.utils.display import Display
+
+ def display(*args, **kwargs):
+ """Set up display function for Ansible v2"""
+ display_instance = Display()
+ display_instance.display(*args, **kwargs)
+
+
+# Set to minimum required Ansible version
+REQUIRED_VERSION = '2.4.1.0'
+DESCRIPTION = "Supported versions: %s or newer" % REQUIRED_VERSION
+
+
+def version_requirement(version):
+ """Test for minimum required version"""
+ return version >= REQUIRED_VERSION
+
+
+class CallbackModule(CallbackBase):
+ """
+ Ansible callback plugin
+ """
+
+ CALLBACK_VERSION = 1.0
+ CALLBACK_NAME = 'version_requirement'
+
+ def __init__(self):
+ """
+ Version verification is performed in __init__ to catch the
+ requirement early in the execution of Ansible and fail gracefully
+ """
+ super(CallbackModule, self).__init__()
+
+ if not version_requirement(__version__):
+ display(
+ 'FATAL: Current Ansible version (%s) is not supported. %s'
+ % (__version__, DESCRIPTION), color='red')
+ sys.exit(1)
diff --git a/callback_plugins/openshift_quick_installer.py b/roles/lib_utils/callback_plugins/openshift_quick_installer.py
index c0fdbc650..c0fdbc650 100644
--- a/callback_plugins/openshift_quick_installer.py
+++ b/roles/lib_utils/callback_plugins/openshift_quick_installer.py
diff --git a/roles/lib_utils/filter_plugins/oo_filters.py b/roles/lib_utils/filter_plugins/oo_filters.py
new file mode 100644
index 000000000..a2ea287cf
--- /dev/null
+++ b/roles/lib_utils/filter_plugins/oo_filters.py
@@ -0,0 +1,621 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+# pylint: disable=too-many-lines
+"""
+Custom filters for use in openshift-ansible
+"""
+import os
+import pdb
+import random
+import re
+
+from base64 import b64encode
+from collections import Mapping
+# pylint no-name-in-module and import-error disabled here because pylint
+# fails to properly detect the packages when installed in a virtualenv
+from distutils.util import strtobool # pylint:disable=no-name-in-module,import-error
+from operator import itemgetter
+
+import yaml
+
+from ansible import errors
+from ansible.parsing.yaml.dumper import AnsibleDumper
+
+# ansible.compat.six goes away with Ansible 2.4
+try:
+ from ansible.compat.six import string_types, u
+ from ansible.compat.six.moves.urllib.parse import urlparse
+except ImportError:
+ from ansible.module_utils.six import string_types, u
+ from ansible.module_utils.six.moves.urllib.parse import urlparse
+
+HAS_OPENSSL = False
+try:
+ import OpenSSL.crypto
+ HAS_OPENSSL = True
+except ImportError:
+ pass
+
+
+# pylint: disable=C0103
+
+def lib_utils_oo_pdb(arg):
+ """ This pops you into a pdb instance where arg is the data passed in
+ from the filter.
+ Ex: "{{ hostvars | lib_utils_oo_pdb }}"
+ """
+ pdb.set_trace()
+ return arg
+
+
+def get_attr(data, attribute=None):
+ """ This looks up dictionary attributes of the form a.b.c and returns
+ the value.
+
+ If the key isn't present, None is returned.
+ Ex: data = {'a': {'b': {'c': 5}}}
+ attribute = "a.b.c"
+ returns 5
+ """
+ if not attribute:
+ raise errors.AnsibleFilterError("|failed expects attribute to be set")
+
+ ptr = data
+ for attr in attribute.split('.'):
+ if attr in ptr:
+ ptr = ptr[attr]
+ else:
+ ptr = None
+ break
+
+ return ptr
+
+
+def oo_flatten(data):
+ """ This filter plugin will flatten a list of lists
+ """
+ if not isinstance(data, list):
+ raise errors.AnsibleFilterError("|failed expects to flatten a List")
+
+ return [item for sublist in data for item in sublist]
+
+
+def lib_utils_oo_collect(data_list, attribute=None, filters=None):
+ """ This takes a list of dict and collects all attributes specified into a
+ list. If filter is specified then we will include all items that
+ match _ALL_ of filters. If a dict entry is missing the key in a
+ filter it will be excluded from the match.
+ Ex: data_list = [ {'a':1, 'b':5, 'z': 'z'}, # True, return
+ {'a':2, 'z': 'z'}, # True, return
+ {'a':3, 'z': 'z'}, # True, return
+ {'a':4, 'z': 'b'}, # FAILED, obj['z'] != obj['z']
+ ]
+ attribute = 'a'
+ filters = {'z': 'z'}
+ returns [1, 2, 3]
+
+ This also deals with lists of lists with dict as elements.
+ Ex: data_list = [
+ [ {'a':1, 'b':5, 'z': 'z'}, # True, return
+ {'a':2, 'b':6, 'z': 'z'} # True, return
+ ],
+ [ {'a':3, 'z': 'z'}, # True, return
+ {'a':4, 'z': 'b'} # FAILED, obj['z'] != obj['z']
+ ],
+ {'a':5, 'z': 'z'}, # True, return
+ ]
+ attribute = 'a'
+ filters = {'z': 'z'}
+ returns [1, 2, 3, 5]
+ """
+ if not isinstance(data_list, list):
+ raise errors.AnsibleFilterError("lib_utils_oo_collect expects to filter on a List")
+
+ if not attribute:
+ raise errors.AnsibleFilterError("lib_utils_oo_collect expects attribute to be set")
+
+ data = []
+ retval = []
+
+ for item in data_list:
+ if isinstance(item, list):
+ retval.extend(lib_utils_oo_collect(item, attribute, filters))
+ else:
+ data.append(item)
+
+ if filters is not None:
+ if not isinstance(filters, dict):
+ raise errors.AnsibleFilterError(
+ "lib_utils_oo_collect expects filter to be a dict")
+ retval.extend([get_attr(d, attribute) for d in data if (
+ all([d.get(key, None) == filters[key] for key in filters]))])
+ else:
+ retval.extend([get_attr(d, attribute) for d in data])
+
+ retval = [val for val in retval if val is not None]
+
+ return retval
+
+
+def lib_utils_oo_select_keys_from_list(data, keys):
+ """ This returns a list, which contains the value portions for the keys
+ Ex: data = { 'a':1, 'b':2, 'c':3 }
+ keys = ['a', 'c']
+ returns [1, 3]
+ """
+
+ if not isinstance(data, list):
+ raise errors.AnsibleFilterError("|lib_utils_oo_select_keys_from_list failed expects to filter on a list")
+
+ if not isinstance(keys, list):
+ raise errors.AnsibleFilterError("|lib_utils_oo_select_keys_from_list failed expects first param is a list")
+
+ # Gather up the values for the list of keys passed in
+ retval = [lib_utils_oo_select_keys(item, keys) for item in data]
+
+ return oo_flatten(retval)
+
+
+def lib_utils_oo_select_keys(data, keys):
+ """ This returns a list, which contains the value portions for the keys
+ Ex: data = { 'a':1, 'b':2, 'c':3 }
+ keys = ['a', 'c']
+ returns [1, 3]
+ """
+
+ if not isinstance(data, Mapping):
+ raise errors.AnsibleFilterError("|lib_utils_oo_select_keys failed expects to filter on a dict or object")
+
+ if not isinstance(keys, list):
+ raise errors.AnsibleFilterError("|lib_utils_oo_select_keys failed expects first param is a list")
+
+ # Gather up the values for the list of keys passed in
+ retval = [data[key] for key in keys if key in data]
+
+ return retval
+
+
+def lib_utils_oo_prepend_strings_in_list(data, prepend):
+ """ This takes a list of strings and prepends a string to each item in the
+ list
+ Ex: data = ['cart', 'tree']
+ prepend = 'apple-'
+ returns ['apple-cart', 'apple-tree']
+ """
+ if not isinstance(data, list):
+ raise errors.AnsibleFilterError("|failed expects first param is a list")
+ if not all(isinstance(x, string_types) for x in data):
+ raise errors.AnsibleFilterError("|failed expects first param is a list"
+ " of strings")
+ retval = [prepend + s for s in data]
+ return retval
+
+
+def lib_utils_oo_dict_to_list_of_dict(data, key_title='key', value_title='value'):
+ """Take a dict and arrange them as a list of dicts
+
+ Input data:
+ {'region': 'infra', 'test_k': 'test_v'}
+
+ Return data:
+ [{'key': 'region', 'value': 'infra'}, {'key': 'test_k', 'value': 'test_v'}]
+
+ Written for use of the oc_label module
+ """
+ if not isinstance(data, dict):
+ # pylint: disable=line-too-long
+ raise errors.AnsibleFilterError("|failed expects first param is a dict. Got %s. Type: %s" % (str(data), str(type(data))))
+
+ rval = []
+ for label in data.items():
+ rval.append({key_title: label[0], value_title: label[1]})
+
+ return rval
+
+
+def oo_ami_selector(data, image_name):
+ """ This takes a list of amis and an image name and attempts to return
+ the latest ami.
+ """
+ if not isinstance(data, list):
+ raise errors.AnsibleFilterError("|failed expects first param is a list")
+
+ if not data:
+ return None
+ else:
+ if image_name is None or not image_name.endswith('_*'):
+ ami = sorted(data, key=itemgetter('name'), reverse=True)[0]
+ return ami['ami_id']
+ else:
+ ami_info = [(ami, ami['name'].split('_')[-1]) for ami in data]
+ ami = sorted(ami_info, key=itemgetter(1), reverse=True)[0][0]
+ return ami['ami_id']
+
+
+def lib_utils_oo_split(string, separator=','):
+ """ This splits the input string into a list. If the input string is
+ already a list we will return it as is.
+ """
+ if isinstance(string, list):
+ return string
+ return string.split(separator)
+
+
+def lib_utils_oo_dict_to_keqv_list(data):
+ """Take a dict and return a list of k=v pairs
+
+ Input data:
+ {'a': 1, 'b': 2}
+
+ Return data:
+ ['a=1', 'b=2']
+ """
+ return ['='.join(str(e) for e in x) for x in data.items()]
+
+
+def lib_utils_oo_list_to_dict(lst, separator='='):
+ """ This converts a list of ["k=v"] to a dictionary {k: v}.
+ """
+ kvs = [i.split(separator) for i in lst]
+ return {k: v for k, v in kvs}
+
+
+def haproxy_backend_masters(hosts, port):
+ """ This takes an array of dicts and returns an array of dicts
+ to be used as a backend for the haproxy role
+ """
+ servers = []
+ for idx, host_info in enumerate(hosts):
+ server = dict(name="master%s" % idx)
+ server_ip = host_info['openshift']['common']['ip']
+ server['address'] = "%s:%s" % (server_ip, port)
+ server['opts'] = 'check'
+ servers.append(server)
+ return servers
+
+
+# pylint: disable=too-many-branches
+def lib_utils_oo_parse_named_certificates(certificates, named_certs_dir, internal_hostnames):
+ """ Parses names from list of certificate hashes.
+
+ Ex: certificates = [{ "certfile": "/root/custom1.crt",
+ "keyfile": "/root/custom1.key",
+ "cafile": "/root/custom-ca1.crt" },
+ { "certfile": "custom2.crt",
+ "keyfile": "custom2.key",
+ "cafile": "custom-ca2.crt" }]
+
+ returns [{ "certfile": "/etc/origin/master/named_certificates/custom1.crt",
+ "keyfile": "/etc/origin/master/named_certificates/custom1.key",
+ "cafile": "/etc/origin/master/named_certificates/custom-ca1.crt",
+ "names": [ "public-master-host.com",
+ "other-master-host.com" ] },
+ { "certfile": "/etc/origin/master/named_certificates/custom2.crt",
+ "keyfile": "/etc/origin/master/named_certificates/custom2.key",
+ "cafile": "/etc/origin/master/named_certificates/custom-ca-2.crt",
+ "names": [ "some-hostname.com" ] }]
+ """
+ if not isinstance(named_certs_dir, string_types):
+ raise errors.AnsibleFilterError("|failed expects named_certs_dir is str or unicode")
+
+ if not isinstance(internal_hostnames, list):
+ raise errors.AnsibleFilterError("|failed expects internal_hostnames is list")
+
+ if not HAS_OPENSSL:
+ raise errors.AnsibleFilterError("|missing OpenSSL python bindings")
+
+ for certificate in certificates:
+ if 'names' in certificate.keys():
+ continue
+ else:
+ certificate['names'] = []
+
+ if not os.path.isfile(certificate['certfile']) or not os.path.isfile(certificate['keyfile']):
+ raise errors.AnsibleFilterError("|certificate and/or key does not exist '%s', '%s'" %
+ (certificate['certfile'], certificate['keyfile']))
+
+ try:
+ st_cert = open(certificate['certfile'], 'rt').read()
+ cert = OpenSSL.crypto.load_certificate(OpenSSL.crypto.FILETYPE_PEM, st_cert)
+ certificate['names'].append(str(cert.get_subject().commonName.decode()))
+ for i in range(cert.get_extension_count()):
+ if cert.get_extension(i).get_short_name() == 'subjectAltName':
+ for name in str(cert.get_extension(i)).replace('DNS:', '').split(', '):
+ certificate['names'].append(name)
+ except Exception:
+ raise errors.AnsibleFilterError(("|failed to parse certificate '%s', " % certificate['certfile'] +
+ "please specify certificate names in host inventory"))
+
+ certificate['names'] = list(set(certificate['names']))
+ if 'cafile' not in certificate:
+ certificate['names'] = [name for name in certificate['names'] if name not in internal_hostnames]
+ if not certificate['names']:
+ raise errors.AnsibleFilterError(("|failed to parse certificate '%s' or " % certificate['certfile'] +
+ "detected a collision with internal hostname, please specify " +
+ "certificate names in host inventory"))
+
+ for certificate in certificates:
+ # Update paths for configuration
+ certificate['certfile'] = os.path.join(named_certs_dir, os.path.basename(certificate['certfile']))
+ certificate['keyfile'] = os.path.join(named_certs_dir, os.path.basename(certificate['keyfile']))
+ if 'cafile' in certificate:
+ certificate['cafile'] = os.path.join(named_certs_dir, os.path.basename(certificate['cafile']))
+ return certificates
+
+
+def lib_utils_oo_generate_secret(num_bytes):
+ """ generate a session secret """
+
+ if not isinstance(num_bytes, int):
+ raise errors.AnsibleFilterError("|failed expects num_bytes is int")
+
+ return b64encode(os.urandom(num_bytes)).decode('utf-8')
+
+
+def lib_utils_to_padded_yaml(data, level=0, indent=2, **kw):
+ """ returns a yaml snippet padded to match the indent level you specify """
+ if data in [None, ""]:
+ return ""
+
+ try:
+ transformed = u(yaml.dump(data, indent=indent, allow_unicode=True,
+ default_flow_style=False,
+ Dumper=AnsibleDumper, **kw))
+ padded = "\n".join([" " * level * indent + line for line in transformed.splitlines()])
+ return "\n{0}".format(padded)
+ except Exception as my_e:
+ raise errors.AnsibleFilterError('Failed to convert: %s' % my_e)
+
+
+def lib_utils_oo_pods_match_component(pods, deployment_type, component):
+ """ Filters a list of Pods and returns the ones matching the deployment_type and component
+ """
+ if not isinstance(pods, list):
+ raise errors.AnsibleFilterError("failed expects to filter on a list")
+ if not isinstance(deployment_type, string_types):
+ raise errors.AnsibleFilterError("failed expects deployment_type to be a string")
+ if not isinstance(component, string_types):
+ raise errors.AnsibleFilterError("failed expects component to be a string")
+
+ image_prefix = 'openshift/origin-'
+ if deployment_type == 'openshift-enterprise':
+ image_prefix = 'openshift3/ose-'
+
+ matching_pods = []
+ image_regex = image_prefix + component + r'.*'
+ for pod in pods:
+ for container in pod['spec']['containers']:
+ if re.search(image_regex, container['image']):
+ matching_pods.append(pod)
+ break # stop here, don't add a pod more than once
+
+ return matching_pods
+
+
+def lib_utils_oo_image_tag_to_rpm_version(version, include_dash=False):
+ """ Convert an image tag string to an RPM version if necessary
+ Empty strings and strings that are already in rpm version format
+ are ignored. Also remove non semantic version components.
+
+ Ex. v3.2.0.10 -> -3.2.0.10
+ v1.2.0-rc1 -> -1.2.0
+ """
+ if not isinstance(version, string_types):
+ raise errors.AnsibleFilterError("|failed expects a string or unicode")
+ if version.startswith("v"):
+ version = version[1:]
+ # Strip release from requested version, we no longer support this.
+ version = version.split('-')[0]
+
+ if include_dash and version and not version.startswith("-"):
+ version = "-" + version
+
+ return version
+
+
+def lib_utils_oo_hostname_from_url(url):
+ """ Returns the hostname contained in a URL
+
+ Ex: https://ose3-master.example.com/v1/api -> ose3-master.example.com
+ """
+ if not isinstance(url, string_types):
+ raise errors.AnsibleFilterError("|failed expects a string or unicode")
+ parse_result = urlparse(url)
+ if parse_result.netloc != '':
+ return parse_result.netloc
+ else:
+ # netloc wasn't parsed, assume url was missing scheme and path
+ return parse_result.path
+
+
+# pylint: disable=invalid-name, unused-argument
+def lib_utils_oo_loadbalancer_frontends(
+ api_port, servers_hostvars, use_nuage=False, nuage_rest_port=None):
+ """TODO: Document me."""
+ loadbalancer_frontends = [{'name': 'atomic-openshift-api',
+ 'mode': 'tcp',
+ 'options': ['tcplog'],
+ 'binds': ["*:{0}".format(api_port)],
+ 'default_backend': 'atomic-openshift-api'}]
+ if bool(strtobool(str(use_nuage))) and nuage_rest_port is not None:
+ loadbalancer_frontends.append({'name': 'nuage-monitor',
+ 'mode': 'tcp',
+ 'options': ['tcplog'],
+ 'binds': ["*:{0}".format(nuage_rest_port)],
+ 'default_backend': 'nuage-monitor'})
+ return loadbalancer_frontends
+
+
+# pylint: disable=invalid-name
+def lib_utils_oo_loadbalancer_backends(
+ api_port, servers_hostvars, use_nuage=False, nuage_rest_port=None):
+ """TODO: Document me."""
+ loadbalancer_backends = [{'name': 'atomic-openshift-api',
+ 'mode': 'tcp',
+ 'option': 'tcplog',
+ 'balance': 'source',
+ 'servers': haproxy_backend_masters(servers_hostvars, api_port)}]
+ if bool(strtobool(str(use_nuage))) and nuage_rest_port is not None:
+ # pylint: disable=line-too-long
+ loadbalancer_backends.append({'name': 'nuage-monitor',
+ 'mode': 'tcp',
+ 'option': 'tcplog',
+ 'balance': 'source',
+ 'servers': haproxy_backend_masters(servers_hostvars, nuage_rest_port)})
+ return loadbalancer_backends
+
+
+def lib_utils_oo_chomp_commit_offset(version):
+ """Chomp any "+git.foo" commit offset string from the given `version`
+ and return the modified version string.
+
+Ex:
+- chomp_commit_offset(None) => None
+- chomp_commit_offset(1337) => "1337"
+- chomp_commit_offset("v3.4.0.15+git.derp") => "v3.4.0.15"
+- chomp_commit_offset("v3.4.0.15") => "v3.4.0.15"
+- chomp_commit_offset("v1.3.0+52492b4") => "v1.3.0"
+ """
+ if version is None:
+ return version
+ else:
+ # Stringify, just in case it's a Number type. Split by '+' and
+ # return the first split. No concerns about strings without a
+ # '+', .split() returns an array of the original string.
+ return str(version).split('+')[0]
+
+
+def lib_utils_oo_random_word(length, source='abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789'):
+ """Generates a random string of given length from a set of alphanumeric characters.
+ The default source uses [a-z][A-Z][0-9]
+ Ex:
+ - lib_utils_oo_random_word(3) => aB9
+ - lib_utils_oo_random_word(4, source='012') => 0123
+ """
+ return ''.join(random.choice(source) for i in range(length))
+
+
+def lib_utils_oo_contains_rule(source, apiGroups, resources, verbs):
+ '''Return true if the specified rule is contained within the provided source'''
+
+ rules = source['rules']
+
+ if rules:
+ for rule in rules:
+ if set(rule['apiGroups']) == set(apiGroups):
+ if set(rule['resources']) == set(resources):
+ if set(rule['verbs']) == set(verbs):
+ return True
+
+ return False
+
+
+def lib_utils_oo_selector_to_string_list(user_dict):
+ """Convert a dict of selectors to a key=value list of strings
+
+Given input of {'region': 'infra', 'zone': 'primary'} returns a list
+of items as ['region=infra', 'zone=primary']
+ """
+ selectors = []
+ for key in user_dict:
+ selectors.append("{}={}".format(key, user_dict[key]))
+ return selectors
+
+
+def lib_utils_oo_filter_sa_secrets(sa_secrets, secret_hint='-token-'):
+ """Parse the Service Account Secrets list, `sa_secrets`, (as from
+oc_serviceaccount_secret:state=list) and return the name of the secret
+containing the `secret_hint` string. For example, by default this will
+return the name of the secret holding the SA bearer token.
+
+Only provide the 'results' object to this filter. This filter expects
+to receive a list like this:
+
+ [
+ {
+ "name": "management-admin-dockercfg-p31s2"
+ },
+ {
+ "name": "management-admin-token-bnqsh"
+ }
+ ]
+
+
+Returns:
+
+* `secret_name` [string] - The name of the secret matching the
+ `secret_hint` parameter. By default this is the secret holding the
+ SA's bearer token.
+
+Example playbook usage:
+
+Register a return value from oc_serviceaccount_secret with and pass
+that result to this filter plugin.
+
+ - name: Get all SA Secrets
+ oc_serviceaccount_secret:
+ state: list
+ service_account: management-admin
+ namespace: management-infra
+ register: sa
+
+ - name: Save the SA bearer token secret name
+ set_fact:
+ management_token: "{{ sa.results | lib_utils_oo_filter_sa_secrets }}"
+
+ - name: Get the SA bearer token value
+ oc_secret:
+ state: list
+ name: "{{ management_token }}"
+ namespace: management-infra
+ decode: true
+ register: sa_secret
+
+ - name: Print the bearer token value
+ debug:
+ var: sa_secret.results.decoded.token
+
+ """
+ secret_name = None
+
+ for secret in sa_secrets:
+ # each secret is a hash
+ if secret['name'].find(secret_hint) == -1:
+ continue
+ else:
+ secret_name = secret['name']
+ break
+
+ return secret_name
+
+
+class FilterModule(object):
+ """ Custom ansible filter mapping """
+
+ # pylint: disable=no-self-use, too-few-public-methods
+ def filters(self):
+ """ returns a mapping of filters to methods """
+ return {
+ "lib_utils_oo_select_keys": lib_utils_oo_select_keys,
+ "lib_utils_oo_select_keys_from_list": lib_utils_oo_select_keys_from_list,
+ "lib_utils_oo_chomp_commit_offset": lib_utils_oo_chomp_commit_offset,
+ "lib_utils_oo_collect": lib_utils_oo_collect,
+ "lib_utils_oo_pdb": lib_utils_oo_pdb,
+ "lib_utils_oo_prepend_strings_in_list": lib_utils_oo_prepend_strings_in_list,
+ "lib_utils_oo_dict_to_list_of_dict": lib_utils_oo_dict_to_list_of_dict,
+ "lib_utils_oo_split": lib_utils_oo_split,
+ "lib_utils_oo_dict_to_keqv_list": lib_utils_oo_dict_to_keqv_list,
+ "lib_utils_oo_list_to_dict": lib_utils_oo_list_to_dict,
+ "lib_utils_oo_parse_named_certificates": lib_utils_oo_parse_named_certificates,
+ "lib_utils_oo_generate_secret": lib_utils_oo_generate_secret,
+ "lib_utils_oo_pods_match_component": lib_utils_oo_pods_match_component,
+ "lib_utils_oo_image_tag_to_rpm_version": lib_utils_oo_image_tag_to_rpm_version,
+ "lib_utils_oo_hostname_from_url": lib_utils_oo_hostname_from_url,
+ "lib_utils_oo_loadbalancer_frontends": lib_utils_oo_loadbalancer_frontends,
+ "lib_utils_oo_loadbalancer_backends": lib_utils_oo_loadbalancer_backends,
+ "lib_utils_to_padded_yaml": lib_utils_to_padded_yaml,
+ "lib_utils_oo_random_word": lib_utils_oo_random_word,
+ "lib_utils_oo_contains_rule": lib_utils_oo_contains_rule,
+ "lib_utils_oo_selector_to_string_list": lib_utils_oo_selector_to_string_list,
+ "lib_utils_oo_filter_sa_secrets": lib_utils_oo_filter_sa_secrets,
+ }
diff --git a/roles/lib_utils/library/docker_creds.py b/roles/lib_utils/library/docker_creds.py
new file mode 100644
index 000000000..d4674845e
--- /dev/null
+++ b/roles/lib_utils/library/docker_creds.py
@@ -0,0 +1,207 @@
+#!/usr/bin/env python
+# pylint: disable=missing-docstring
+#
+# Copyright 2017 Red Hat, Inc. and/or its affiliates
+# and other contributors as indicated by the @author tags.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+import base64
+import json
+import os
+
+from ansible.module_utils.basic import AnsibleModule
+
+
+DOCUMENTATION = '''
+---
+module: docker_creds
+
+short_description: Creates/updates a 'docker login' file in place of using 'docker login'
+
+version_added: "2.4"
+
+description:
+ - This module creates a docker config.json file in the directory provided by 'path'
+ on hosts that do not support 'docker login' but need the file present for
+ registry authentication purposes of various other services.
+
+options:
+ path:
+ description:
+ - This is the message to send to the sample module
+ required: true
+ registry:
+ description:
+ - This is the registry the credentials are for.
+ required: true
+ username:
+ description:
+ - This is the username to authenticate to the registry with.
+ required: true
+ password:
+ description:
+ - This is the password to authenticate to the registry with.
+ required: true
+
+author:
+ - "Michael Gugino <mgugino@redhat.com>"
+'''
+
+EXAMPLES = '''
+# Pass in a message
+- name: Place credentials in file
+ docker_creds:
+ path: /root/.docker
+ registry: registry.example.com:443
+ username: myuser
+ password: mypassword
+'''
+
+
+def check_dest_dir_exists(module, dest):
+ '''Check if dest dir is present and is a directory'''
+ dir_exists = os.path.exists(dest)
+ if dir_exists:
+ if not os.path.isdir(dest):
+ msg = "{} exists but is not a directory".format(dest)
+ result = {'failed': True,
+ 'changed': False,
+ 'msg': msg,
+ 'state': 'unknown'}
+ module.fail_json(**result)
+ else:
+ return 1
+ else:
+ return 0
+
+
+def create_dest_dir(module, dest):
+ try:
+ os.makedirs(dest, mode=0o700)
+ except OSError as oserror:
+ result = {'failed': True,
+ 'changed': False,
+ 'msg': str(oserror),
+ 'state': 'unknown'}
+ module.fail_json(**result)
+
+
+def load_config_file(module, dest):
+ '''load the config.json in directory dest'''
+ conf_file_path = os.path.join(dest, 'config.json')
+ if os.path.exists(conf_file_path):
+ # Try to open the file and load json data
+ try:
+ with open(conf_file_path) as conf_file:
+ data = conf_file.read()
+ jdata = json.loads(data)
+
+ except IOError as ioerror:
+ result = {'failed': True,
+ 'changed': False,
+ 'msg': str(ioerror),
+ 'state': 'unknown'}
+ module.fail_json(**result)
+ except ValueError as jsonerror:
+ result = {'failed': True,
+ 'changed': False,
+ 'msg': str(jsonerror),
+ 'state': 'unknown'}
+ module.fail_json(**result)
+ return jdata
+ else:
+ # File doesn't exist, we just return an empty dictionary.
+ return {}
+
+
+def update_config(docker_config, registry, username, password):
+ '''Add our registry auth credentials into docker_config dict'''
+
+ # Add anything that might be missing in our dictionary
+ if 'auths' not in docker_config:
+ docker_config['auths'] = {}
+ if registry not in docker_config['auths']:
+ docker_config['auths'][registry] = {}
+
+ # base64 encode our username:password string
+ encoded_data = base64.b64encode('{}:{}'.format(username, password))
+
+ # check if the same value is already present for idempotency.
+ if 'auth' in docker_config['auths'][registry]:
+ if docker_config['auths'][registry]['auth'] == encoded_data:
+ # No need to go further, everything is already set in file.
+ return False
+ docker_config['auths'][registry]['auth'] = encoded_data
+ return True
+
+
+def write_config(module, docker_config, dest):
+ '''Write updated credentials into dest/config.json'''
+ conf_file_path = os.path.join(dest, 'config.json')
+ try:
+ with open(conf_file_path, 'w') as conf_file:
+ json.dump(docker_config, conf_file, indent=8)
+ except IOError as ioerror:
+ result = {'failed': True,
+ 'changed': False,
+ 'msg': str(ioerror),
+ 'state': 'unknown'}
+ module.fail_json(**result)
+
+
+def run_module():
+ '''Run this module'''
+ module_args = dict(
+ path=dict(aliases=['dest', 'name'], required=True, type='path'),
+ registry=dict(type='str', required=True),
+ username=dict(type='str', required=True),
+ password=dict(type='str', required=True, no_log=True)
+ )
+
+ module = AnsibleModule(
+ argument_spec=module_args,
+ supports_check_mode=False
+ )
+
+ # First, create our dest dir if necessary
+ dest = module.params['path']
+ registry = module.params['registry']
+ username = module.params['username']
+ password = module.params['password']
+
+ if not check_dest_dir_exists(module, dest):
+ create_dest_dir(module, dest)
+ docker_config = {}
+ else:
+ # We want to scrape the contents of dest/config.json
+ # in case there are other registries/settings already present.
+ docker_config = load_config_file(module, dest)
+
+ # Put the registry auth info into the config dict.
+ changed = update_config(docker_config, registry, username, password)
+
+ if changed:
+ write_config(module, docker_config, dest)
+
+ result = {'changed': changed}
+
+ module.exit_json(**result)
+
+
+def main():
+ run_module()
+
+
+if __name__ == '__main__':
+ main()
diff --git a/library/kubeclient_ca.py b/roles/lib_utils/library/kubeclient_ca.py
index a89a5574f..a89a5574f 100644
--- a/library/kubeclient_ca.py
+++ b/roles/lib_utils/library/kubeclient_ca.py
diff --git a/library/modify_yaml.py b/roles/lib_utils/library/modify_yaml.py
index 9b8f9ba33..9b8f9ba33 100755..100644
--- a/library/modify_yaml.py
+++ b/roles/lib_utils/library/modify_yaml.py
diff --git a/roles/lib_utils/library/oo_ec2_group.py b/roles/lib_utils/library/oo_ec2_group.py
new file mode 100644
index 000000000..615021ac5
--- /dev/null
+++ b/roles/lib_utils/library/oo_ec2_group.py
@@ -0,0 +1,903 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+
+# pylint: skip-file
+# flake8: noqa
+
+# This file is part of Ansible
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['stableinterface'],
+ 'supported_by': 'core'}
+
+DOCUMENTATION = '''
+---
+module: ec2_group
+author: "Andrew de Quincey (@adq)"
+version_added: "1.3"
+requirements: [ boto3 ]
+short_description: maintain an ec2 VPC security group.
+description:
+ - maintains ec2 security groups. This module has a dependency on python-boto >= 2.5
+options:
+ name:
+ description:
+ - Name of the security group.
+ - One of and only one of I(name) or I(group_id) is required.
+ - Required if I(state=present).
+ required: false
+ group_id:
+ description:
+ - Id of group to delete (works only with absent).
+ - One of and only one of I(name) or I(group_id) is required.
+ required: false
+ version_added: "2.4"
+ description:
+ description:
+ - Description of the security group. Required when C(state) is C(present).
+ required: false
+ vpc_id:
+ description:
+ - ID of the VPC to create the group in.
+ required: false
+ rules:
+ description:
+ - List of firewall inbound rules to enforce in this group (see example). If none are supplied,
+ no inbound rules will be enabled. Rules list may include its own name in `group_name`.
+ This allows idempotent loopback additions (e.g. allow group to access itself).
+ Rule sources list support was added in version 2.4. This allows to define multiple sources per
+ source type as well as multiple source types per rule. Prior to 2.4 an individual source is allowed.
+ required: false
+ rules_egress:
+ description:
+ - List of firewall outbound rules to enforce in this group (see example). If none are supplied,
+ a default all-out rule is assumed. If an empty list is supplied, no outbound rules will be enabled.
+ Rule Egress sources list support was added in version 2.4.
+ required: false
+ version_added: "1.6"
+ state:
+ version_added: "1.4"
+ description:
+ - Create or delete a security group
+ required: false
+ default: 'present'
+ choices: [ "present", "absent" ]
+ aliases: []
+ purge_rules:
+ version_added: "1.8"
+ description:
+ - Purge existing rules on security group that are not found in rules
+ required: false
+ default: 'true'
+ aliases: []
+ purge_rules_egress:
+ version_added: "1.8"
+ description:
+ - Purge existing rules_egress on security group that are not found in rules_egress
+ required: false
+ default: 'true'
+ aliases: []
+ tags:
+ version_added: "2.4"
+ description:
+ - A dictionary of one or more tags to assign to the security group.
+ required: false
+ purge_tags:
+ version_added: "2.4"
+ description:
+ - If yes, existing tags will be purged from the resource to match exactly what is defined by I(tags) parameter. If the I(tags) parameter is not set then
+ tags will not be modified.
+ required: false
+ default: yes
+ choices: [ 'yes', 'no' ]
+
+extends_documentation_fragment:
+ - aws
+ - ec2
+
+notes:
+ - If a rule declares a group_name and that group doesn't exist, it will be
+ automatically created. In that case, group_desc should be provided as well.
+ The module will refuse to create a depended-on group without a description.
+'''
+
+EXAMPLES = '''
+- name: example ec2 group
+ ec2_group:
+ name: example
+ description: an example EC2 group
+ vpc_id: 12345
+ region: eu-west-1
+ aws_secret_key: SECRET
+ aws_access_key: ACCESS
+ rules:
+ - proto: tcp
+ from_port: 80
+ to_port: 80
+ cidr_ip: 0.0.0.0/0
+ - proto: tcp
+ from_port: 22
+ to_port: 22
+ cidr_ip: 10.0.0.0/8
+ - proto: tcp
+ from_port: 443
+ to_port: 443
+ group_id: amazon-elb/sg-87654321/amazon-elb-sg
+ - proto: tcp
+ from_port: 3306
+ to_port: 3306
+ group_id: 123412341234/sg-87654321/exact-name-of-sg
+ - proto: udp
+ from_port: 10050
+ to_port: 10050
+ cidr_ip: 10.0.0.0/8
+ - proto: udp
+ from_port: 10051
+ to_port: 10051
+ group_id: sg-12345678
+ - proto: icmp
+ from_port: 8 # icmp type, -1 = any type
+ to_port: -1 # icmp subtype, -1 = any subtype
+ cidr_ip: 10.0.0.0/8
+ - proto: all
+ # the containing group name may be specified here
+ group_name: example
+ rules_egress:
+ - proto: tcp
+ from_port: 80
+ to_port: 80
+ cidr_ip: 0.0.0.0/0
+ cidr_ipv6: 64:ff9b::/96
+ group_name: example-other
+ # description to use if example-other needs to be created
+ group_desc: other example EC2 group
+
+- name: example2 ec2 group
+ ec2_group:
+ name: example2
+ description: an example2 EC2 group
+ vpc_id: 12345
+ region: eu-west-1
+ rules:
+ # 'ports' rule keyword was introduced in version 2.4. It accepts a single port value or a list of values including ranges (from_port-to_port).
+ - proto: tcp
+ ports: 22
+ group_name: example-vpn
+ - proto: tcp
+ ports:
+ - 80
+ - 443
+ - 8080-8099
+ cidr_ip: 0.0.0.0/0
+ # Rule sources list support was added in version 2.4. This allows to define multiple sources per source type as well as multiple source types per rule.
+ - proto: tcp
+ ports:
+ - 6379
+ - 26379
+ group_name:
+ - example-vpn
+ - example-redis
+ - proto: tcp
+ ports: 5665
+ group_name: example-vpn
+ cidr_ip:
+ - 172.16.1.0/24
+ - 172.16.17.0/24
+ cidr_ipv6:
+ - 2607:F8B0::/32
+ - 64:ff9b::/96
+ group_id:
+ - sg-edcd9784
+
+- name: "Delete group by its id"
+ ec2_group:
+ group_id: sg-33b4ee5b
+ state: absent
+'''
+
+RETURN = '''
+group_name:
+ description: Security group name
+ sample: My Security Group
+ type: string
+ returned: on create/update
+group_id:
+ description: Security group id
+ sample: sg-abcd1234
+ type: string
+ returned: on create/update
+description:
+ description: Description of security group
+ sample: My Security Group
+ type: string
+ returned: on create/update
+tags:
+ description: Tags associated with the security group
+ sample:
+ Name: My Security Group
+ Purpose: protecting stuff
+ type: dict
+ returned: on create/update
+vpc_id:
+ description: ID of VPC to which the security group belongs
+ sample: vpc-abcd1234
+ type: string
+ returned: on create/update
+ip_permissions:
+ description: Inbound rules associated with the security group.
+ sample:
+ - from_port: 8182
+ ip_protocol: tcp
+ ip_ranges:
+ - cidr_ip: "1.1.1.1/32"
+ ipv6_ranges: []
+ prefix_list_ids: []
+ to_port: 8182
+ user_id_group_pairs: []
+ type: list
+ returned: on create/update
+ip_permissions_egress:
+ description: Outbound rules associated with the security group.
+ sample:
+ - ip_protocol: -1
+ ip_ranges:
+ - cidr_ip: "0.0.0.0/0"
+ ipv6_ranges: []
+ prefix_list_ids: []
+ user_id_group_pairs: []
+ type: list
+ returned: on create/update
+owner_id:
+ description: AWS Account ID of the security group
+ sample: 123456789012
+ type: int
+ returned: on create/update
+'''
+
+import json
+import re
+from ansible.module_utils.basic import AnsibleModule
+from ansible.module_utils.ec2 import boto3_conn
+from ansible.module_utils.ec2 import get_aws_connection_info
+from ansible.module_utils.ec2 import ec2_argument_spec
+from ansible.module_utils.ec2 import camel_dict_to_snake_dict
+from ansible.module_utils.ec2 import HAS_BOTO3
+from ansible.module_utils.ec2 import boto3_tag_list_to_ansible_dict, ansible_dict_to_boto3_tag_list, compare_aws_tags
+from ansible.module_utils.ec2 import AWSRetry
+import traceback
+
+try:
+ import botocore
+except ImportError:
+ pass # caught by imported HAS_BOTO3
+
+
+@AWSRetry.backoff(tries=5, delay=5, backoff=2.0)
+def get_security_groups_with_backoff(connection, **kwargs):
+ return connection.describe_security_groups(**kwargs)
+
+
+def deduplicate_rules_args(rules):
+ """Returns unique rules"""
+ if rules is None:
+ return None
+ return list(dict(zip((json.dumps(r, sort_keys=True) for r in rules), rules)).values())
+
+
+def make_rule_key(prefix, rule, group_id, cidr_ip):
+ if 'proto' in rule:
+ proto, from_port, to_port = [rule.get(x, None) for x in ('proto', 'from_port', 'to_port')]
+ elif 'IpProtocol' in rule:
+ proto, from_port, to_port = [rule.get(x, None) for x in ('IpProtocol', 'FromPort', 'ToPort')]
+ if proto not in ['icmp', 'tcp', 'udp'] and from_port == -1 and to_port == -1:
+ from_port = 'none'
+ to_port = 'none'
+ key = "%s-%s-%s-%s-%s-%s" % (prefix, proto, from_port, to_port, group_id, cidr_ip)
+ return key.lower().replace('-none', '-None')
+
+
+def add_rules_to_lookup(ipPermissions, group_id, prefix, dict):
+ for rule in ipPermissions:
+ for groupGrant in rule.get('UserIdGroupPairs', []):
+ dict[make_rule_key(prefix, rule, group_id, groupGrant.get('GroupId'))] = (rule, groupGrant)
+ for ipv4Grants in rule.get('IpRanges', []):
+ dict[make_rule_key(prefix, rule, group_id, ipv4Grants.get('CidrIp'))] = (rule, ipv4Grants)
+ for ipv6Grants in rule.get('Ipv6Ranges', []):
+ dict[make_rule_key(prefix, rule, group_id, ipv6Grants.get('CidrIpv6'))] = (rule, ipv6Grants)
+
+
+def validate_rule(module, rule):
+ VALID_PARAMS = ('cidr_ip', 'cidr_ipv6',
+ 'group_id', 'group_name', 'group_desc',
+ 'proto', 'from_port', 'to_port')
+ if not isinstance(rule, dict):
+ module.fail_json(msg='Invalid rule parameter type [%s].' % type(rule))
+ for k in rule:
+ if k not in VALID_PARAMS:
+ module.fail_json(msg='Invalid rule parameter \'{}\''.format(k))
+
+ if 'group_id' in rule and 'cidr_ip' in rule:
+ module.fail_json(msg='Specify group_id OR cidr_ip, not both')
+ elif 'group_name' in rule and 'cidr_ip' in rule:
+ module.fail_json(msg='Specify group_name OR cidr_ip, not both')
+ elif 'group_id' in rule and 'cidr_ipv6' in rule:
+ module.fail_json(msg="Specify group_id OR cidr_ipv6, not both")
+ elif 'group_name' in rule and 'cidr_ipv6' in rule:
+ module.fail_json(msg="Specify group_name OR cidr_ipv6, not both")
+ elif 'cidr_ip' in rule and 'cidr_ipv6' in rule:
+ module.fail_json(msg="Specify cidr_ip OR cidr_ipv6, not both")
+ elif 'group_id' in rule and 'group_name' in rule:
+ module.fail_json(msg='Specify group_id OR group_name, not both')
+
+
+def get_target_from_rule(module, client, rule, name, group, groups, vpc_id):
+ """
+ Returns tuple of (group_id, ip) after validating rule params.
+
+ rule: Dict describing a rule.
+ name: Name of the security group being managed.
+ groups: Dict of all available security groups.
+
+ AWS accepts an ip range or a security group as target of a rule. This
+ function validate the rule specification and return either a non-None
+ group_id or a non-None ip range.
+ """
+
+ FOREIGN_SECURITY_GROUP_REGEX = '^(\S+)/(sg-\S+)/(\S+)'
+ group_id = None
+ group_name = None
+ ip = None
+ ipv6 = None
+ target_group_created = False
+
+ if 'group_id' in rule and 'cidr_ip' in rule:
+ module.fail_json(msg="Specify group_id OR cidr_ip, not both")
+ elif 'group_name' in rule and 'cidr_ip' in rule:
+ module.fail_json(msg="Specify group_name OR cidr_ip, not both")
+ elif 'group_id' in rule and 'cidr_ipv6' in rule:
+ module.fail_json(msg="Specify group_id OR cidr_ipv6, not both")
+ elif 'group_name' in rule and 'cidr_ipv6' in rule:
+ module.fail_json(msg="Specify group_name OR cidr_ipv6, not both")
+ elif 'group_id' in rule and 'group_name' in rule:
+ module.fail_json(msg="Specify group_id OR group_name, not both")
+ elif 'cidr_ip' in rule and 'cidr_ipv6' in rule:
+ module.fail_json(msg="Specify cidr_ip OR cidr_ipv6, not both")
+ elif rule.get('group_id') and re.match(FOREIGN_SECURITY_GROUP_REGEX, rule['group_id']):
+ # this is a foreign Security Group. Since you can't fetch it you must create an instance of it
+ owner_id, group_id, group_name = re.match(FOREIGN_SECURITY_GROUP_REGEX, rule['group_id']).groups()
+ group_instance = dict(GroupId=group_id, GroupName=group_name)
+ groups[group_id] = group_instance
+ groups[group_name] = group_instance
+ elif 'group_id' in rule:
+ group_id = rule['group_id']
+ elif 'group_name' in rule:
+ group_name = rule['group_name']
+ if group_name == name:
+ group_id = group['GroupId']
+ groups[group_id] = group
+ groups[group_name] = group
+ elif group_name in groups and group.get('VpcId') and groups[group_name].get('VpcId'):
+ # both are VPC groups, this is ok
+ group_id = groups[group_name]['GroupId']
+ elif group_name in groups and not (group.get('VpcId') or groups[group_name].get('VpcId')):
+ # both are EC2 classic, this is ok
+ group_id = groups[group_name]['GroupId']
+ else:
+ # if we got here, either the target group does not exist, or there
+ # is a mix of EC2 classic + VPC groups. Mixing of EC2 classic + VPC
+ # is bad, so we have to create a new SG because no compatible group
+ # exists
+ if not rule.get('group_desc', '').strip():
+ module.fail_json(msg="group %s will be automatically created by rule %s and "
+ "no description was provided" % (group_name, rule))
+ if not module.check_mode:
+ params = dict(GroupName=group_name, Description=rule['group_desc'])
+ if vpc_id:
+ params['VpcId'] = vpc_id
+ auto_group = client.create_security_group(**params)
+ group_id = auto_group['GroupId']
+ groups[group_id] = auto_group
+ groups[group_name] = auto_group
+ target_group_created = True
+ elif 'cidr_ip' in rule:
+ ip = rule['cidr_ip']
+ elif 'cidr_ipv6' in rule:
+ ipv6 = rule['cidr_ipv6']
+
+ return group_id, ip, ipv6, target_group_created
+
+
+def ports_expand(ports):
+ # takes a list of ports and returns a list of (port_from, port_to)
+ ports_expanded = []
+ for port in ports:
+ if not isinstance(port, str):
+ ports_expanded.append((port,) * 2)
+ elif '-' in port:
+ ports_expanded.append(tuple(p.strip() for p in port.split('-', 1)))
+ else:
+ ports_expanded.append((port.strip(),) * 2)
+
+ return ports_expanded
+
+
+def rule_expand_ports(rule):
+ # takes a rule dict and returns a list of expanded rule dicts
+ if 'ports' not in rule:
+ return [rule]
+
+ ports = rule['ports'] if isinstance(rule['ports'], list) else [rule['ports']]
+
+ rule_expanded = []
+ for from_to in ports_expand(ports):
+ temp_rule = rule.copy()
+ del temp_rule['ports']
+ temp_rule['from_port'], temp_rule['to_port'] = from_to
+ rule_expanded.append(temp_rule)
+
+ return rule_expanded
+
+
+def rules_expand_ports(rules):
+ # takes a list of rules and expands it based on 'ports'
+ if not rules:
+ return rules
+
+ return [rule for rule_complex in rules
+ for rule in rule_expand_ports(rule_complex)]
+
+
+def rule_expand_source(rule, source_type):
+ # takes a rule dict and returns a list of expanded rule dicts for specified source_type
+ sources = rule[source_type] if isinstance(rule[source_type], list) else [rule[source_type]]
+ source_types_all = ('cidr_ip', 'cidr_ipv6', 'group_id', 'group_name')
+
+ rule_expanded = []
+ for source in sources:
+ temp_rule = rule.copy()
+ for s in source_types_all:
+ temp_rule.pop(s, None)
+ temp_rule[source_type] = source
+ rule_expanded.append(temp_rule)
+
+ return rule_expanded
+
+
+def rule_expand_sources(rule):
+ # takes a rule dict and returns a list of expanded rule discts
+ source_types = (stype for stype in ('cidr_ip', 'cidr_ipv6', 'group_id', 'group_name') if stype in rule)
+
+ return [r for stype in source_types
+ for r in rule_expand_source(rule, stype)]
+
+
+def rules_expand_sources(rules):
+ # takes a list of rules and expands it based on 'cidr_ip', 'group_id', 'group_name'
+ if not rules:
+ return rules
+
+ return [rule for rule_complex in rules
+ for rule in rule_expand_sources(rule_complex)]
+
+
+def authorize_ip(type, changed, client, group, groupRules,
+ ip, ip_permission, module, rule, ethertype):
+ # If rule already exists, don't later delete it
+ for thisip in ip:
+ rule_id = make_rule_key(type, rule, group['GroupId'], thisip)
+ if rule_id in groupRules:
+ del groupRules[rule_id]
+ else:
+ if not module.check_mode:
+ ip_permission = serialize_ip_grant(rule, thisip, ethertype)
+ if ip_permission:
+ try:
+ if type == "in":
+ client.authorize_security_group_ingress(GroupId=group['GroupId'],
+ IpPermissions=[ip_permission])
+ elif type == "out":
+ client.authorize_security_group_egress(GroupId=group['GroupId'],
+ IpPermissions=[ip_permission])
+ except botocore.exceptions.ClientError as e:
+ module.fail_json(msg="Unable to authorize %s for ip %s security group '%s' - %s" %
+ (type, thisip, group['GroupName'], e),
+ exception=traceback.format_exc(), **camel_dict_to_snake_dict(e.response))
+ changed = True
+ return changed, ip_permission
+
+
+def serialize_group_grant(group_id, rule):
+ permission = {'IpProtocol': rule['proto'],
+ 'FromPort': rule['from_port'],
+ 'ToPort': rule['to_port'],
+ 'UserIdGroupPairs': [{'GroupId': group_id}]}
+
+ return fix_port_and_protocol(permission)
+
+
+def serialize_revoke(grant, rule):
+ permission = dict()
+ fromPort = rule['FromPort'] if 'FromPort' in rule else None
+ toPort = rule['ToPort'] if 'ToPort' in rule else None
+ if 'GroupId' in grant:
+ permission = {'IpProtocol': rule['IpProtocol'],
+ 'FromPort': fromPort,
+ 'ToPort': toPort,
+ 'UserIdGroupPairs': [{'GroupId': grant['GroupId']}]
+ }
+ elif 'CidrIp' in grant:
+ permission = {'IpProtocol': rule['IpProtocol'],
+ 'FromPort': fromPort,
+ 'ToPort': toPort,
+ 'IpRanges': [grant]
+ }
+ elif 'CidrIpv6' in grant:
+ permission = {'IpProtocol': rule['IpProtocol'],
+ 'FromPort': fromPort,
+ 'ToPort': toPort,
+ 'Ipv6Ranges': [grant]
+ }
+ return fix_port_and_protocol(permission)
+
+
+def serialize_ip_grant(rule, thisip, ethertype):
+ permission = {'IpProtocol': rule['proto'],
+ 'FromPort': rule['from_port'],
+ 'ToPort': rule['to_port']}
+ if ethertype == "ipv4":
+ permission['IpRanges'] = [{'CidrIp': thisip}]
+ elif ethertype == "ipv6":
+ permission['Ipv6Ranges'] = [{'CidrIpv6': thisip}]
+
+ return fix_port_and_protocol(permission)
+
+
+def fix_port_and_protocol(permission):
+ for key in ['FromPort', 'ToPort']:
+ if key in permission:
+ if permission[key] is None:
+ del permission[key]
+ else:
+ permission[key] = int(permission[key])
+
+ permission['IpProtocol'] = str(permission['IpProtocol'])
+
+ return permission
+
+
+def main():
+ argument_spec = ec2_argument_spec()
+ argument_spec.update(dict(
+ name=dict(),
+ group_id=dict(),
+ description=dict(),
+ vpc_id=dict(),
+ rules=dict(type='list'),
+ rules_egress=dict(type='list'),
+ state=dict(default='present', type='str', choices=['present', 'absent']),
+ purge_rules=dict(default=True, required=False, type='bool'),
+ purge_rules_egress=dict(default=True, required=False, type='bool'),
+ tags=dict(required=False, type='dict', aliases=['resource_tags']),
+ purge_tags=dict(default=True, required=False, type='bool')
+ )
+ )
+ module = AnsibleModule(
+ argument_spec=argument_spec,
+ supports_check_mode=True,
+ required_one_of=[['name', 'group_id']],
+ required_if=[['state', 'present', ['name']]],
+ )
+
+ if not HAS_BOTO3:
+ module.fail_json(msg='boto3 required for this module')
+
+ name = module.params['name']
+ group_id = module.params['group_id']
+ description = module.params['description']
+ vpc_id = module.params['vpc_id']
+ rules = deduplicate_rules_args(rules_expand_sources(rules_expand_ports(module.params['rules'])))
+ rules_egress = deduplicate_rules_args(rules_expand_sources(rules_expand_ports(module.params['rules_egress'])))
+ state = module.params.get('state')
+ purge_rules = module.params['purge_rules']
+ purge_rules_egress = module.params['purge_rules_egress']
+ tags = module.params['tags']
+ purge_tags = module.params['purge_tags']
+
+ if state == 'present' and not description:
+ module.fail_json(msg='Must provide description when state is present.')
+
+ changed = False
+ region, ec2_url, aws_connect_params = get_aws_connection_info(module, boto3=True)
+ if not region:
+ module.fail_json(msg="The AWS region must be specified as an "
+ "environment variable or in the AWS credentials "
+ "profile.")
+ client = boto3_conn(module, conn_type='client', resource='ec2', endpoint=ec2_url, region=region, **aws_connect_params)
+ group = None
+ groups = dict()
+ security_groups = []
+ # do get all security groups
+ # find if the group is present
+ try:
+ response = get_security_groups_with_backoff(client)
+ security_groups = response.get('SecurityGroups', [])
+ except botocore.exceptions.NoCredentialsError as e:
+ module.fail_json(msg="Error in describe_security_groups: %s" % "Unable to locate credentials", exception=traceback.format_exc())
+ except botocore.exceptions.ClientError as e:
+ module.fail_json(msg="Error in describe_security_groups: %s" % e, exception=traceback.format_exc(),
+ **camel_dict_to_snake_dict(e.response))
+
+ for sg in security_groups:
+ groups[sg['GroupId']] = sg
+ groupName = sg['GroupName']
+ if groupName in groups:
+ # Prioritise groups from the current VPC
+ # even if current VPC is EC2-Classic
+ if groups[groupName].get('VpcId') == vpc_id:
+ # Group saved already matches current VPC, change nothing
+ pass
+ elif vpc_id is None and groups[groupName].get('VpcId') is None:
+ # We're in EC2 classic, and the group already saved is as well
+ # No VPC groups can be used alongside EC2 classic groups
+ pass
+ else:
+ # the current SG stored has no direct match, so we can replace it
+ groups[groupName] = sg
+ else:
+ groups[groupName] = sg
+
+ if group_id and sg['GroupId'] == group_id:
+ group = sg
+ elif groupName == name and (vpc_id is None or sg.get('VpcId') == vpc_id):
+ group = sg
+
+ # Ensure requested group is absent
+ if state == 'absent':
+ if group:
+ # found a match, delete it
+ try:
+ if not module.check_mode:
+ client.delete_security_group(GroupId=group['GroupId'])
+ except botocore.exceptions.ClientError as e:
+ module.fail_json(msg="Unable to delete security group '%s' - %s" % (group, e),
+ exception=traceback.format_exc(), **camel_dict_to_snake_dict(e.response))
+ else:
+ group = None
+ changed = True
+ else:
+ # no match found, no changes required
+ pass
+
+ # Ensure requested group is present
+ elif state == 'present':
+ if group:
+ # existing group
+ if group['Description'] != description:
+ module.warn("Group description does not match existing group. Descriptions cannot be changed without deleting "
+ "and re-creating the security group. Try using state=absent to delete, then rerunning this task.")
+
+ # if the group doesn't exist, create it now
+ else:
+ # no match found, create it
+ if not module.check_mode:
+ params = dict(GroupName=name, Description=description)
+ if vpc_id:
+ params['VpcId'] = vpc_id
+ group = client.create_security_group(**params)
+ # When a group is created, an egress_rule ALLOW ALL
+ # to 0.0.0.0/0 is added automatically but it's not
+ # reflected in the object returned by the AWS API
+ # call. We re-read the group for getting an updated object
+ # amazon sometimes takes a couple seconds to update the security group so wait till it exists
+ while True:
+ group = get_security_groups_with_backoff(client, GroupIds=[group['GroupId']])['SecurityGroups'][0]
+ if group.get('VpcId') and not group.get('IpPermissionsEgress'):
+ pass
+ else:
+ break
+
+ changed = True
+
+ if tags is not None:
+ current_tags = boto3_tag_list_to_ansible_dict(group.get('Tags', []))
+ tags_need_modify, tags_to_delete = compare_aws_tags(current_tags, tags, purge_tags)
+ if tags_to_delete:
+ try:
+ client.delete_tags(Resources=[group['GroupId']], Tags=[{'Key': tag} for tag in tags_to_delete])
+ except botocore.exceptions.ClientError as e:
+ module.fail_json(msg=e.message, exception=traceback.format_exc(), **camel_dict_to_snake_dict(e.response))
+ changed = True
+
+ # Add/update tags
+ if tags_need_modify:
+ try:
+ client.create_tags(Resources=[group['GroupId']], Tags=ansible_dict_to_boto3_tag_list(tags_need_modify))
+ except botocore.exceptions.ClientError as e:
+ module.fail_json(msg=e.message, exception=traceback.format_exc(), **camel_dict_to_snake_dict(e.response))
+ changed = True
+
+ else:
+ module.fail_json(msg="Unsupported state requested: %s" % state)
+
+ # create a lookup for all existing rules on the group
+ ip_permission = []
+ if group:
+ # Manage ingress rules
+ groupRules = {}
+ add_rules_to_lookup(group['IpPermissions'], group['GroupId'], 'in', groupRules)
+ # Now, go through all provided rules and ensure they are there.
+ if rules is not None:
+ for rule in rules:
+ validate_rule(module, rule)
+ group_id, ip, ipv6, target_group_created = get_target_from_rule(module, client, rule, name,
+ group, groups, vpc_id)
+ if target_group_created:
+ changed = True
+
+ if rule['proto'] in ('all', '-1', -1):
+ rule['proto'] = -1
+ rule['from_port'] = None
+ rule['to_port'] = None
+
+ if group_id:
+ rule_id = make_rule_key('in', rule, group['GroupId'], group_id)
+ if rule_id in groupRules:
+ del groupRules[rule_id]
+ else:
+ if not module.check_mode:
+ ip_permission = serialize_group_grant(group_id, rule)
+ if ip_permission:
+ ips = ip_permission
+ if vpc_id:
+ [useridpair.update({'VpcId': vpc_id}) for useridpair in
+ ip_permission.get('UserIdGroupPairs', [])]
+ try:
+ client.authorize_security_group_ingress(GroupId=group['GroupId'], IpPermissions=[ips])
+ except botocore.exceptions.ClientError as e:
+ module.fail_json(
+ msg="Unable to authorize ingress for group %s security group '%s' - %s" %
+ (group_id, group['GroupName'], e),
+ exception=traceback.format_exc(), **camel_dict_to_snake_dict(e.response))
+ changed = True
+ elif ip:
+ # Convert ip to list we can iterate over
+ if ip and not isinstance(ip, list):
+ ip = [ip]
+
+ changed, ip_permission = authorize_ip("in", changed, client, group, groupRules, ip, ip_permission,
+ module, rule, "ipv4")
+ elif ipv6:
+ # Convert ip to list we can iterate over
+ if not isinstance(ipv6, list):
+ ipv6 = [ipv6]
+ # If rule already exists, don't later delete it
+ changed, ip_permission = authorize_ip("in", changed, client, group, groupRules, ipv6, ip_permission,
+ module, rule, "ipv6")
+ # Finally, remove anything left in the groupRules -- these will be defunct rules
+ if purge_rules:
+ for (rule, grant) in groupRules.values():
+ ip_permission = serialize_revoke(grant, rule)
+ if not module.check_mode:
+ try:
+ client.revoke_security_group_ingress(GroupId=group['GroupId'], IpPermissions=[ip_permission])
+ except botocore.exceptions.ClientError as e:
+ module.fail_json(
+ msg="Unable to revoke ingress for security group '%s' - %s" %
+ (group['GroupName'], e),
+ exception=traceback.format_exc(), **camel_dict_to_snake_dict(e.response))
+ changed = True
+
+ # Manage egress rules
+ groupRules = {}
+ add_rules_to_lookup(group['IpPermissionsEgress'], group['GroupId'], 'out', groupRules)
+ # Now, go through all provided rules and ensure they are there.
+ if rules_egress is not None:
+ for rule in rules_egress:
+ validate_rule(module, rule)
+ group_id, ip, ipv6, target_group_created = get_target_from_rule(module, client, rule, name,
+ group, groups, vpc_id)
+ if target_group_created:
+ changed = True
+
+ if rule['proto'] in ('all', '-1', -1):
+ rule['proto'] = -1
+ rule['from_port'] = None
+ rule['to_port'] = None
+
+ if group_id:
+ rule_id = make_rule_key('out', rule, group['GroupId'], group_id)
+ if rule_id in groupRules:
+ del groupRules[rule_id]
+ else:
+ if not module.check_mode:
+ ip_permission = serialize_group_grant(group_id, rule)
+ if ip_permission:
+ ips = ip_permission
+ if vpc_id:
+ [useridpair.update({'VpcId': vpc_id}) for useridpair in
+ ip_permission.get('UserIdGroupPairs', [])]
+ try:
+ client.authorize_security_group_egress(GroupId=group['GroupId'], IpPermissions=[ips])
+ except botocore.exceptions.ClientError as e:
+ module.fail_json(
+ msg="Unable to authorize egress for group %s security group '%s' - %s" %
+ (group_id, group['GroupName'], e),
+ exception=traceback.format_exc(), **camel_dict_to_snake_dict(e.response))
+ changed = True
+ elif ip:
+ # Convert ip to list we can iterate over
+ if not isinstance(ip, list):
+ ip = [ip]
+ changed, ip_permission = authorize_ip("out", changed, client, group, groupRules, ip,
+ ip_permission, module, rule, "ipv4")
+ elif ipv6:
+ # Convert ip to list we can iterate over
+ if not isinstance(ipv6, list):
+ ipv6 = [ipv6]
+ # If rule already exists, don't later delete it
+ changed, ip_permission = authorize_ip("out", changed, client, group, groupRules, ipv6,
+ ip_permission, module, rule, "ipv6")
+ elif vpc_id is not None:
+ # when no egress rules are specified and we're in a VPC,
+ # we add in a default allow all out rule, which was the
+ # default behavior before egress rules were added
+ default_egress_rule = 'out--1-None-None-' + group['GroupId'] + '-0.0.0.0/0'
+ if default_egress_rule not in groupRules:
+ if not module.check_mode:
+ ip_permission = [{'IpProtocol': '-1',
+ 'IpRanges': [{'CidrIp': '0.0.0.0/0'}]
+ }
+ ]
+ try:
+ client.authorize_security_group_egress(GroupId=group['GroupId'], IpPermissions=ip_permission)
+ except botocore.exceptions.ClientError as e:
+ module.fail_json(msg="Unable to authorize egress for ip %s security group '%s' - %s" %
+ ('0.0.0.0/0',
+ group['GroupName'],
+ e),
+ exception=traceback.format_exc(), **camel_dict_to_snake_dict(e.response))
+ changed = True
+ else:
+ # make sure the default egress rule is not removed
+ del groupRules[default_egress_rule]
+
+ # Finally, remove anything left in the groupRules -- these will be defunct rules
+ if purge_rules_egress and vpc_id is not None:
+ for (rule, grant) in groupRules.values():
+ # we shouldn't be revoking 0.0.0.0 egress
+ if grant != '0.0.0.0/0':
+ ip_permission = serialize_revoke(grant, rule)
+ if not module.check_mode:
+ try:
+ client.revoke_security_group_egress(GroupId=group['GroupId'], IpPermissions=[ip_permission])
+ except botocore.exceptions.ClientError as e:
+ module.fail_json(msg="Unable to revoke egress for ip %s security group '%s' - %s" %
+ (grant, group['GroupName'], e),
+ exception=traceback.format_exc(), **camel_dict_to_snake_dict(e.response))
+ changed = True
+
+ if group:
+ security_group = get_security_groups_with_backoff(client, GroupIds=[group['GroupId']])['SecurityGroups'][0]
+ security_group = camel_dict_to_snake_dict(security_group)
+ security_group['tags'] = boto3_tag_list_to_ansible_dict(security_group.get('tags', []),
+ tag_name_key_name='key', tag_value_key_name='value')
+ module.exit_json(changed=changed, **security_group)
+ else:
+ module.exit_json(changed=changed, group_id=None)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/roles/lib_os_firewall/library/os_firewall_manage_iptables.py b/roles/lib_utils/library/os_firewall_manage_iptables.py
index aeee3ede8..aeee3ede8 100755..100644
--- a/roles/lib_os_firewall/library/os_firewall_manage_iptables.py
+++ b/roles/lib_utils/library/os_firewall_manage_iptables.py
diff --git a/library/rpm_q.py b/roles/lib_utils/library/rpm_q.py
index 3dec50fc2..3dec50fc2 100644
--- a/library/rpm_q.py
+++ b/roles/lib_utils/library/rpm_q.py
diff --git a/roles/nickhammond.logrotate/tasks/main.yml b/roles/nickhammond.logrotate/tasks/main.yml
index 657cb10ec..677f206ea 100644
--- a/roles/nickhammond.logrotate/tasks/main.yml
+++ b/roles/nickhammond.logrotate/tasks/main.yml
@@ -2,6 +2,8 @@
- name: nickhammond.logrotate | Install logrotate
package: name=logrotate state=present
when: not openshift.common.is_atomic | bool
+ register: result
+ until: result is succeeded
- name: nickhammond.logrotate | Setup logrotate.d scripts
template:
diff --git a/roles/nickhammond.logrotate/templates/logrotate.d.j2 b/roles/nickhammond.logrotate/templates/logrotate.d.j2
index 6453be6b2..1ad1c595c 100644
--- a/roles/nickhammond.logrotate/templates/logrotate.d.j2
+++ b/roles/nickhammond.logrotate/templates/logrotate.d.j2
@@ -7,7 +7,7 @@
{% endfor -%}
{% endif %}
{%- if item.scripts is defined -%}
- {%- for name, script in item.scripts.iteritems() -%}
+ {%- for name, script in item.scripts.items() -%}
{{ name }}
{{ script }}
endscript
diff --git a/roles/nuage_ca/meta/main.yml b/roles/nuage_ca/meta/main.yml
index 36838debc..0d0b8d1a5 100644
--- a/roles/nuage_ca/meta/main.yml
+++ b/roles/nuage_ca/meta/main.yml
@@ -13,4 +13,4 @@ galaxy_info:
- cloud
- system
dependencies:
-- { role: nuage_common }
+- role: nuage_common
diff --git a/roles/nuage_ca/tasks/main.yaml b/roles/nuage_ca/tasks/main.yaml
index 8d73e6840..d96d0d802 100644
--- a/roles/nuage_ca/tasks/main.yaml
+++ b/roles/nuage_ca/tasks/main.yaml
@@ -2,6 +2,8 @@
- name: Install openssl
package: name=openssl state=present
when: not openshift.common.is_atomic | bool
+ register: result
+ until: result is succeeded
- name: Create CA directory
file: path="{{ nuage_ca_dir }}" state=directory
diff --git a/roles/nuage_master/handlers/main.yaml b/roles/nuage_master/handlers/main.yaml
index 21da6b953..7b55dda56 100644
--- a/roles/nuage_master/handlers/main.yaml
+++ b/roles/nuage_master/handlers/main.yaml
@@ -1,16 +1,19 @@
---
- name: restart master api
- systemd: name={{ openshift.common.service_type }}-master-api state=restarted
+ systemd: name={{ openshift_service_type }}-master-api state=restarted
when: >
(openshift_master_ha | bool) and
- (not master_api_service_status_changed | default(false)) and
- openshift.master.cluster_method == 'native'
+ (not master_api_service_status_changed | default(false))
# TODO: need to fix up ignore_errors here
+# We retry the controllers because the API may not be 100% initialized yet.
- name: restart master controllers
- systemd: name={{ openshift.common.service_type }}-master-controllers state=restarted
+ command: "systemctl restart {{ openshift_service_type }}-master-controllers"
+ retries: 3
+ delay: 5
+ register: result
+ until: result.rc == 0
when: >
(openshift_master_ha | bool) and
- (not master_controllers_service_status_changed | default(false)) and
- openshift.master.cluster_method == 'native'
+ (not master_controllers_service_status_changed | default(false))
ignore_errors: yes
diff --git a/roles/nuage_master/meta/main.yml b/roles/nuage_master/meta/main.yml
index e2f7af5ad..643800680 100644
--- a/roles/nuage_master/meta/main.yml
+++ b/roles/nuage_master/meta/main.yml
@@ -14,4 +14,4 @@ galaxy_info:
- system
dependencies:
- role: lib_openshift
-- role: lib_os_firewall
+- role: lib_utils
diff --git a/roles/nuage_master/tasks/main.yaml b/roles/nuage_master/tasks/main.yaml
index f3c487132..c264427de 100644
--- a/roles/nuage_master/tasks/main.yaml
+++ b/roles/nuage_master/tasks/main.yaml
@@ -1,7 +1,6 @@
---
- name: setup firewall
- include: firewall.yml
- static: yes
+ import_tasks: firewall.yml
- name: Set the Nuage certificate directory fact for Atomic hosts
set_fact:
@@ -62,7 +61,7 @@
become: yes
file: path={{ nuage_mon_rest_server_logdir }} state=directory
-- include: serviceaccount.yml
+- include_tasks: serviceaccount.yml
- name: Download the certs and keys
become: yes
@@ -82,7 +81,7 @@
- nuage.key
- nuage.kubeconfig
-- include: certificates.yml
+- include_tasks: certificates.yml
- name: Install Nuage VSD user certificate
become: yes
diff --git a/roles/nuage_node/handlers/main.yaml b/roles/nuage_node/handlers/main.yaml
index e68ae74bd..ede6f2125 100644
--- a/roles/nuage_node/handlers/main.yaml
+++ b/roles/nuage_node/handlers/main.yaml
@@ -1,7 +1,7 @@
---
- name: restart node
become: yes
- systemd: name={{ openshift.common.service_type }}-node daemon-reload=yes state=restarted
+ systemd: name={{ openshift_service_type }}-node daemon-reload=yes state=restarted
- name: save iptable rules
become: yes
diff --git a/roles/nuage_node/meta/main.yml b/roles/nuage_node/meta/main.yml
index 9b0315054..0480502b7 100644
--- a/roles/nuage_node/meta/main.yml
+++ b/roles/nuage_node/meta/main.yml
@@ -15,4 +15,4 @@ galaxy_info:
dependencies:
- role: nuage_common
- role: nuage_ca
-- role: lib_os_firewall
+- role: lib_utils
diff --git a/roles/nuage_node/tasks/main.yaml b/roles/nuage_node/tasks/main.yaml
index 9db9dbb6a..c6b7a9b10 100644
--- a/roles/nuage_node/tasks/main.yaml
+++ b/roles/nuage_node/tasks/main.yaml
@@ -31,7 +31,7 @@
- nuage.key
- nuage.kubeconfig
-- include: certificates.yml
+- include_tasks: certificates.yml
- name: Add additional Docker mounts for Nuage for atomic hosts
become: yes
@@ -44,8 +44,7 @@
- restart node
ignore_errors: true
-- include: iptables.yml
+- include_tasks: iptables.yml
- name: setup firewall
- include: firewall.yml
- static: yes
+ import_tasks: firewall.yml
diff --git a/roles/nuage_node/vars/main.yaml b/roles/nuage_node/vars/main.yaml
index fdf01b7c2..88d62de49 100644
--- a/roles/nuage_node/vars/main.yaml
+++ b/roles/nuage_node/vars/main.yaml
@@ -23,5 +23,5 @@ cni_conf_dir: "/etc/cni/net.d/"
cni_bin_dir: "/opt/cni/bin/"
nuage_plugin_crt_dir: /usr/share/vsp-openshift
-openshift_atomic_node_config_file: /etc/sysconfig/{{ openshift.common.service_type }}-node
+openshift_atomic_node_config_file: /etc/sysconfig/{{ openshift_service_type }}-node
nuage_atomic_docker_additional_mounts: "NUAGE_ADDTL_BIND_MOUNTS=-v /var/usr/share/vsp-openshift:/var/usr/share/vsp-openshift -v /etc/default:/etc/default -v /var/run:/var/run -v /opt/cni/bin:/opt/cni/bin -v /etc/cni/net.d:/etc/cni/net.d"
diff --git a/roles/openshift_atomic/README.md b/roles/openshift_atomic/README.md
deleted file mode 100644
index 8c10c9991..000000000
--- a/roles/openshift_atomic/README.md
+++ /dev/null
@@ -1,28 +0,0 @@
-OpenShift Atomic
-================
-
-This role houses atomic specific tasks.
-
-Requirements
-------------
-
-Role Variables
---------------
-
-Dependencies
-------------
-
-Example Playbook
-----------------
-
-```
-- name: Ensure atomic proxies are defined
- hosts: localhost
- roles:
- - role: openshift_atomic
-```
-
-License
--------
-
-Apache License Version 2.0
diff --git a/roles/openshift_atomic/meta/main.yml b/roles/openshift_atomic/meta/main.yml
deleted file mode 100644
index ea129f514..000000000
--- a/roles/openshift_atomic/meta/main.yml
+++ /dev/null
@@ -1,13 +0,0 @@
----
-galaxy_info:
- author: OpenShift
- description: Atomic related tasks
- company: Red Hat, Inc
- license: ASL 2.0
- min_ansible_version: 2.2
- platforms:
- - name: EL
- versions:
- - 7
-dependencies:
-- role: lib_openshift
diff --git a/roles/openshift_aws/defaults/main.yml b/roles/openshift_aws/defaults/main.yml
index 9f3c14bad..74e5d1dde 100644
--- a/roles/openshift_aws/defaults/main.yml
+++ b/roles/openshift_aws/defaults/main.yml
@@ -1,11 +1,12 @@
---
openshift_aws_create_s3: True
openshift_aws_create_iam_cert: True
+openshift_aws_create_iam_role: False
openshift_aws_create_security_groups: True
openshift_aws_create_launch_config: True
openshift_aws_create_scale_group: True
-openshift_aws_node_group_type: master
+openshift_aws_node_group_upgrade: False
openshift_aws_wait_for_ssh: True
openshift_aws_clusterid: default
@@ -16,7 +17,10 @@ openshift_aws_build_ami_group: "{{ openshift_aws_clusterid }}"
openshift_aws_iam_cert_name: "{{ openshift_aws_clusterid }}-master-external"
openshift_aws_iam_cert_path: ''
openshift_aws_iam_cert_key_path: ''
-openshift_aws_scale_group_name: "{{ openshift_aws_clusterid }} openshift {{ openshift_aws_node_group_type }}"
+
+openshift_aws_iam_role_name: openshift_node_describe_instances
+openshift_aws_iam_role_policy_json: "{{ lookup('file', 'describeinstances.json') }}"
+openshift_aws_iam_role_policy_name: "describe_instances"
openshift_aws_iam_kms_alias: "alias/{{ openshift_aws_clusterid }}_kms"
openshift_aws_ami: ''
@@ -27,14 +31,13 @@ openshift_aws_ami_name: openshift-gi
openshift_aws_base_ami_name: ami_base
openshift_aws_launch_config_bootstrap_token: ''
-openshift_aws_launch_config_name: "{{ openshift_aws_clusterid }}-{{ openshift_aws_node_group_type }}-{{ ansible_date_time.epoch }}"
openshift_aws_users: []
openshift_aws_ami_tags:
bootstrap: "true"
openshift-created: "true"
- clusterid: "{{ openshift_aws_clusterid }}"
+ parent: "{{ openshift_aws_base_ami | default('unknown') }}"
openshift_aws_s3_mode: create
openshift_aws_s3_bucket_name: "{{ openshift_aws_clusterid }}-docker-registry"
@@ -47,19 +50,19 @@ openshift_aws_elb_health_check:
unhealthy_threshold: 2
healthy_threshold: 2
-openshift_aws_elb_basename: "{{ openshift_aws_clusterid }}-{{ openshift_aws_node_group_type }}"
+openshift_aws_elb_basename: "{{ openshift_aws_clusterid }}"
openshift_aws_elb_name_dict:
master:
- external: "{{ openshift_aws_elb_basename }}-external"
- internal: "{{ openshift_aws_elb_basename }}-internal"
+ external: "{{ openshift_aws_elb_basename }}-master-external"
+ internal: "{{ openshift_aws_elb_basename }}-master-internal"
infra:
- external: "{{ openshift_aws_elb_basename }}"
+ external: "{{ openshift_aws_elb_basename }}-infra"
openshift_aws_elb_idle_timout: 400
openshift_aws_elb_scheme: internet-facing
openshift_aws_elb_cert_arn: ''
-openshift_aws_elb_listeners:
+openshift_aws_elb_dict:
master:
external:
- protocol: tcp
@@ -110,13 +113,30 @@ openshift_aws_node_group_config_tags: "{{ openshift_aws_clusterid | build_instan
openshift_aws_node_group_termination_policy: Default
openshift_aws_node_group_replace_instances: []
openshift_aws_node_group_replace_all_instances: False
-openshift_aws_node_group_config_extra_labels: {}
-openshift_aws_node_group_config:
- tags: "{{ openshift_aws_node_group_config_tags }}"
+openshift_aws_ami_map:
+ master: "{{ openshift_aws_ami }}"
+ infra: "{{ openshift_aws_ami }}"
+ compute: "{{ openshift_aws_ami }}"
+
+openshift_aws_master_group:
+- name: "{{ openshift_aws_clusterid }} master group"
+ group: master
+
+openshift_aws_node_groups:
+- name: "{{ openshift_aws_clusterid }} compute group"
+ group: compute
+- name: "{{ openshift_aws_clusterid }} infra group"
+ group: infra
+
+openshift_aws_created_asgs: []
+openshift_aws_current_asgs: []
+
+# these will be used during upgrade
+openshift_aws_master_group_config:
+ # The 'master' key is always required here.
master:
instance_type: m4.xlarge
- ami: "{{ openshift_aws_ami }}"
volumes: "{{ openshift_aws_node_group_config_master_volumes }}"
health_check:
period: 60
@@ -127,15 +147,19 @@ openshift_aws_node_group_config:
tags:
host-type: master
sub-host-type: default
- labels:
- type: master
+ runtime: docker
wait_for_instances: True
termination_policy: "{{ openshift_aws_node_group_termination_policy }}"
replace_all_instances: "{{ openshift_aws_node_group_replace_all_instances }}"
- elbs: "{{ openshift_aws_elb_name_dict[openshift_aws_node_group_type].keys()| map('extract', openshift_aws_elb_name_dict[openshift_aws_node_group_type]) | list }}"
+ iam_role: "{{ openshift_aws_iam_role_name }}"
+ policy_name: "{{ openshift_aws_iam_role_policy_name }}"
+ policy_json: "{{ openshift_aws_iam_role_policy_json }}"
+ elbs: "{{ openshift_aws_elb_name_dict['master'].keys()| map('extract', openshift_aws_elb_name_dict['master']) | list }}"
+
+openshift_aws_node_group_config:
+ # The 'compute' key is always required here.
compute:
instance_type: m4.xlarge
- ami: "{{ openshift_aws_ami }}"
volumes: "{{ openshift_aws_node_group_config_node_volumes }}"
health_check:
period: 60
@@ -146,13 +170,15 @@ openshift_aws_node_group_config:
tags:
host-type: node
sub-host-type: compute
- labels:
- type: compute
+ runtime: docker
termination_policy: "{{ openshift_aws_node_group_termination_policy }}"
replace_all_instances: "{{ openshift_aws_node_group_replace_all_instances }}"
+ iam_role: "{{ openshift_aws_iam_role_name }}"
+ policy_name: "{{ openshift_aws_iam_role_policy_name }}"
+ policy_json: "{{ openshift_aws_iam_role_policy_json }}"
+ # The 'infra' key is always required here.
infra:
instance_type: m4.xlarge
- ami: "{{ openshift_aws_ami }}"
volumes: "{{ openshift_aws_node_group_config_node_volumes }}"
health_check:
period: 60
@@ -163,26 +189,37 @@ openshift_aws_node_group_config:
tags:
host-type: node
sub-host-type: infra
- labels:
- type: infra
+ runtime: docker
termination_policy: "{{ openshift_aws_node_group_termination_policy }}"
replace_all_instances: "{{ openshift_aws_node_group_replace_all_instances }}"
- elbs: "{{ openshift_aws_elb_name_dict[openshift_aws_node_group_type].keys()| map('extract', openshift_aws_elb_name_dict[openshift_aws_node_group_type]) | list }}"
+ iam_role: "{{ openshift_aws_iam_role_name }}"
+ policy_name: "{{ openshift_aws_iam_role_policy_name }}"
+ policy_json: "{{ openshift_aws_iam_role_policy_json }}"
+ elbs: "{{ openshift_aws_elb_name_dict['infra'].keys()| map('extract', openshift_aws_elb_name_dict['infra']) | list }}"
-openshift_aws_elb_tags: "{{ openshift_aws_clusterid | build_instance_tags }}"
+openshift_aws_elb_tags: "{{ openshift_aws_kube_tags }}"
openshift_aws_elb_az_load_balancing: False
-openshift_aws_elb_security_groups:
-- "{{ openshift_aws_clusterid }}" # default sg
-- "{{ openshift_aws_clusterid }}_{{ openshift_aws_node_group_type }}" # node type sg
-- "{{ openshift_aws_clusterid }}_{{ openshift_aws_node_group_type }}_k8s" # node type sg k8s
+openshift_aws_kube_tags: "{{ openshift_aws_clusterid | build_instance_tags }}"
-openshift_aws_elb_instance_filter:
- "tag:clusterid": "{{ openshift_aws_clusterid }}"
- "tag:host-type": "{{ openshift_aws_node_group_type }}"
- instance-state-name: running
+openshift_aws_elb_security_groups: "{{ openshift_aws_launch_config_security_groups }}"
+
+openshift_aws_launch_config_security_groups:
+ compute:
+ - "{{ openshift_aws_clusterid }}" # default sg
+ - "{{ openshift_aws_clusterid }}_compute" # node type sg
+ - "{{ openshift_aws_clusterid }}_compute_k8s" # node type sg k8s
+ infra:
+ - "{{ openshift_aws_clusterid }}" # default sg
+ - "{{ openshift_aws_clusterid }}_infra" # node type sg
+ - "{{ openshift_aws_clusterid }}_infra_k8s" # node type sg k8s
+ master:
+ - "{{ openshift_aws_clusterid }}" # default sg
+ - "{{ openshift_aws_clusterid }}_master" # node type sg
+ - "{{ openshift_aws_clusterid }}_master_k8s" # node type sg k8s
+
+openshift_aws_security_groups_tags: "{{ openshift_aws_kube_tags }}"
-openshift_aws_security_groups_tags: "{{ openshift_aws_clusterid | build_instance_tags }}"
openshift_aws_node_security_groups:
default:
name: "{{ openshift_aws_clusterid }}"
@@ -234,7 +271,7 @@ openshift_aws_node_security_groups:
openshift_aws_vpc_tags:
Name: "{{ openshift_aws_vpc_name }}"
-openshift_aws_subnet_name: us-east-1c
+openshift_aws_subnet_az: us-east-1c
openshift_aws_vpc:
name: "{{ openshift_aws_vpc_name }}"
@@ -251,3 +288,5 @@ openshift_aws_vpc:
openshift_aws_node_run_bootstrap_startup: True
openshift_aws_node_user_data: ''
openshift_aws_node_config_namespace: openshift-node
+
+openshift_aws_masters_groups: masters,etcd,nodes
diff --git a/roles/openshift_aws/files/describeinstances.json b/roles/openshift_aws/files/describeinstances.json
new file mode 100644
index 000000000..40de49721
--- /dev/null
+++ b/roles/openshift_aws/files/describeinstances.json
@@ -0,0 +1,15 @@
+{
+ "Version": "2012-10-17",
+ "Statement": [
+ {
+ "Action": [
+ "ec2:DescribeInstances"
+ ],
+ "Resource": [
+ "*"
+ ],
+ "Effect": "Allow",
+ "Sid": "Stmt1438195894000"
+ }
+ ]
+}
diff --git a/roles/openshift_aws/files/trustpolicy.json b/roles/openshift_aws/files/trustpolicy.json
new file mode 100644
index 000000000..87c7d7c42
--- /dev/null
+++ b/roles/openshift_aws/files/trustpolicy.json
@@ -0,0 +1,12 @@
+{
+ "Version": "2012-10-17",
+ "Statement": [
+ {
+ "Effect": "Allow",
+ "Principal": {
+ "Service": "ec2.amazonaws.com"
+ },
+ "Action": "sts:AssumeRole"
+ }
+ ]
+}
diff --git a/roles/openshift_aws/filter_plugins/openshift_aws_filters.py b/roles/openshift_aws/filter_plugins/openshift_aws_filters.py
index a9893c0a7..dfcb11da3 100644
--- a/roles/openshift_aws/filter_plugins/openshift_aws_filters.py
+++ b/roles/openshift_aws/filter_plugins/openshift_aws_filters.py
@@ -4,11 +4,55 @@
Custom filters for use in openshift_aws
'''
+from ansible import errors
+
class FilterModule(object):
''' Custom ansible filters for use by openshift_aws role'''
@staticmethod
+ def scale_groups_serial(scale_group_info, upgrade=False):
+ ''' This function will determine what the deployment serial should be and return it
+
+ Search through the tags and find the deployment_serial tag. Once found,
+ determine if an increment is needed during an upgrade.
+ if upgrade is true then increment the serial and return it
+ else return the serial
+ '''
+ if scale_group_info == []:
+ return 1
+
+ scale_group_info = scale_group_info[0]
+
+ if not isinstance(scale_group_info, dict):
+ raise errors.AnsibleFilterError("|filter plugin failed: Expected scale_group_info to be a dict")
+
+ serial = None
+
+ for tag in scale_group_info['tags']:
+ if tag['key'] == 'deployment_serial':
+ serial = int(tag['value'])
+ if upgrade:
+ serial += 1
+ break
+ else:
+ raise errors.AnsibleFilterError("|filter plugin failed: deployment_serial tag was not found")
+
+ return serial
+
+ @staticmethod
+ def scale_groups_match_capacity(scale_group_info):
+ ''' This function will verify that the scale group instance count matches
+ the scale group desired capacity
+
+ '''
+ for scale_group in scale_group_info:
+ if scale_group['desired_capacity'] != len(scale_group['instances']):
+ return False
+
+ return True
+
+ @staticmethod
def build_instance_tags(clusterid):
''' This function will return a dictionary of the instance tags.
@@ -25,4 +69,6 @@ class FilterModule(object):
def filters(self):
''' returns a mapping of filters to methods '''
- return {'build_instance_tags': self.build_instance_tags}
+ return {'build_instance_tags': self.build_instance_tags,
+ 'scale_groups_match_capacity': self.scale_groups_match_capacity,
+ 'scale_groups_serial': self.scale_groups_serial}
diff --git a/roles/openshift_aws/meta/main.yml b/roles/openshift_aws/meta/main.yml
index 875efcb8f..fa0a24a33 100644
--- a/roles/openshift_aws/meta/main.yml
+++ b/roles/openshift_aws/meta/main.yml
@@ -1,3 +1,4 @@
---
dependencies:
- lib_utils
+- lib_openshift
diff --git a/roles/openshift_aws/tasks/accept_nodes.yml b/roles/openshift_aws/tasks/accept_nodes.yml
new file mode 100644
index 000000000..c2a2cea30
--- /dev/null
+++ b/roles/openshift_aws/tasks/accept_nodes.yml
@@ -0,0 +1,39 @@
+---
+- name: fetch masters
+ ec2_instance_facts:
+ region: "{{ openshift_aws_region | default('us-east-1') }}"
+ filters:
+ "{{ {'tag:kubernetes.io/cluster/' ~ openshift_aws_clusterid: openshift_aws_clusterid,
+ 'tag:host-type': 'master', 'instance-state-name': 'running'} }}"
+ register: mastersout
+ retries: 20
+ delay: 3
+ until: "'instances' in mastersout and mastersout.instances|length > 0"
+
+- name: fetch new node instances
+ ec2_instance_facts:
+ region: "{{ openshift_aws_region }}"
+ filters:
+ "{{ {'tag:kubernetes.io/cluster/' ~ openshift_aws_clusterid: openshift_aws_clusterid,
+ 'tag:host-type': 'node',
+ 'instance-state-name': 'running'} }}"
+ register: instancesout
+ retries: 20
+ delay: 3
+ until: "'instances' in instancesout and instancesout.instances|length > 0"
+
+- name: Dump the private dns names
+ debug:
+ msg: "{{ instancesout.instances|map(attribute='private_dns_name') | list }}"
+
+- name: Dump the master public ip address
+ debug:
+ msg: "{{ mastersout.instances[0].public_ip_address }}"
+
+- name: approve nodes
+ oc_adm_csr:
+ #approve_all: True
+ nodes: "{{ instancesout.instances|map(attribute='private_dns_name') | list }}"
+ timeout: 60
+ register: nodeout
+ delegate_to: "{{ mastersout.instances[0].public_ip_address }}"
diff --git a/roles/openshift_aws/tasks/build_node_group.yml b/roles/openshift_aws/tasks/build_node_group.yml
index 0aac40ddd..7fb617dd5 100644
--- a/roles/openshift_aws/tasks/build_node_group.yml
+++ b/roles/openshift_aws/tasks/build_node_group.yml
@@ -21,10 +21,44 @@
- "'results' in amiout"
- amiout.results|length > 0
+# Need to set epoch time in one place to use for launch_config and scale_group
+- set_fact:
+ l_epoch_time: "{{ ansible_date_time.epoch }}"
+#
+# query asg's and determine if we need to create the others.
+# if we find more than 1 for each type, then exit
+- name: query all asg's for this cluster
+ ec2_asg_facts:
+ region: "{{ openshift_aws_region }}"
+ tags: "{{ {'kubernetes.io/cluster/' ~ openshift_aws_clusterid: openshift_aws_clusterid} | combine(l_node_group_config[openshift_aws_node_group.group].tags) }}"
+ register: asgs
+
+- fail:
+ msg: "Found more than 1 auto scaling group that matches the query for group: {{ openshift_aws_node_group }}"
+ when:
+ - asgs.results|length > 1
+
+- debug:
+ msg: "{{ asgs }}"
+
+- name: set the value for the deployment_serial and the current asgs
+ set_fact:
+ l_deployment_serial: "{{ openshift_aws_node_group_deployment_serial if openshift_aws_node_group_deployment_serial is defined else asgs.results | scale_groups_serial(openshift_aws_node_group_upgrade) }}"
+ openshift_aws_current_asgs: "{{ asgs.results | map(attribute='auto_scaling_group_name') | list | union(openshift_aws_current_asgs) }}"
+
+- name: dump deployment serial
+ debug:
+ msg: "Deployment serial: {{ l_deployment_serial }}"
+
+- name: dump current_asgs
+ debug:
+ msg: "openshift_aws_current_asgs: {{ openshift_aws_current_asgs }}"
+
+- when: openshift_aws_create_iam_role
+ include_tasks: iam_role.yml
+
- when: openshift_aws_create_launch_config
- name: "Create {{ openshift_aws_node_group_type }} launch config"
- include: launch_config.yml
+ include_tasks: launch_config.yml
- when: openshift_aws_create_scale_group
- name: "Create {{ openshift_aws_node_group_type }} node group"
- include: scale_group.yml
+ include_tasks: scale_group.yml
diff --git a/roles/openshift_aws/tasks/elb.yml b/roles/openshift_aws/tasks/elb.yml
index 56abe9dd7..5d371ec7a 100644
--- a/roles/openshift_aws/tasks/elb.yml
+++ b/roles/openshift_aws/tasks/elb.yml
@@ -1,45 +1,25 @@
---
-- name: query vpc
- ec2_vpc_net_facts:
- region: "{{ openshift_aws_region }}"
- filters:
- 'tag:Name': "{{ openshift_aws_vpc_name }}"
- register: vpcout
-
-- name: debug
- debug: var=vpcout
-
-- name: fetch the default subnet id
- ec2_vpc_subnet_facts:
- region: "{{ openshift_aws_region }}"
- filters:
- "tag:Name": "{{ openshift_aws_subnet_name }}"
- vpc-id: "{{ vpcout.vpcs[0].id }}"
- register: subnetout
-
-- name: dump the elb listeners
+- name: "dump the elb listeners for {{ l_elb_dict_item.key }}"
debug:
- msg: "{{ openshift_aws_elb_listeners[openshift_aws_node_group_type][openshift_aws_elb_direction]
- if 'master' in openshift_aws_node_group_type or 'infra' in openshift_aws_node_group_type
- else openshift_aws_elb_listeners }}"
+ msg: "{{ l_elb_dict_item.value }}"
-- name: "Create ELB {{ l_openshift_aws_elb_name }}"
+- name: "Create ELB {{ l_elb_dict_item.key }}"
ec2_elb_lb:
- name: "{{ l_openshift_aws_elb_name }}"
+ name: "{{ l_openshift_aws_elb_name_dict[l_elb_dict_item.key][item.key] }}"
state: present
cross_az_load_balancing: "{{ openshift_aws_elb_az_load_balancing }}"
- security_group_names: "{{ openshift_aws_elb_security_groups }}"
+ security_group_names: "{{ l_elb_security_groups[l_elb_dict_item.key] }}"
idle_timeout: "{{ openshift_aws_elb_idle_timout }}"
region: "{{ openshift_aws_region }}"
subnets:
- "{{ subnetout.subnets[0].id }}"
health_check: "{{ openshift_aws_elb_health_check }}"
- listeners: "{{ openshift_aws_elb_listeners[openshift_aws_node_group_type][openshift_aws_elb_direction]
- if 'master' in openshift_aws_node_group_type or 'infra' in openshift_aws_node_group_type
- else openshift_aws_elb_listeners }}"
+ listeners: "{{ item.value }}"
scheme: "{{ openshift_aws_elb_scheme }}"
tags: "{{ openshift_aws_elb_tags }}"
+ wait: True
register: new_elb
+ with_dict: "{{ l_elb_dict_item.value }}"
- debug:
msg: "{{ item }}"
diff --git a/roles/openshift_aws/tasks/iam_role.yml b/roles/openshift_aws/tasks/iam_role.yml
new file mode 100644
index 000000000..cf3bb28fb
--- /dev/null
+++ b/roles/openshift_aws/tasks/iam_role.yml
@@ -0,0 +1,34 @@
+---
+#####
+# Instance profiles consist of two parts. The first part is creating a role
+# in which the instance has access and will use this role's permissions
+# to make API calls on his behalf. This role requires a trust policy
+# which links a service (ec2) to the role. This states that this role
+# has access to make call ec2 API calls.
+# See ../files/trustpolicy.json
+#
+# Currently openshift-node requires
+# access to the AWS API to call describeinstances.
+# https://bugzilla.redhat.com/show_bug.cgi?id=1510519
+#####
+- name: Create an iam role
+ iam_role:
+ name: "{{ l_node_group_config[openshift_aws_node_group.group].iam_role }}"
+ assume_role_policy_document: "{{ lookup('file','trustpolicy.json') }}"
+ state: "{{ openshift_aws_iam_role_state | default('present') }}"
+ when: l_node_group_config[openshift_aws_node_group.group].iam_role is defined
+
+#####
+# The second part of this task file is linking the role to a policy
+# that specifies which calls the role can make to the ec2 API.
+# Currently all that is required is DescribeInstances.
+# See ../files/describeinstances.json
+#####
+- name: create an iam policy
+ iam_policy:
+ iam_type: role
+ iam_name: "{{ l_node_group_config[openshift_aws_node_group.group].iam_role }}"
+ policy_json: "{{ l_node_group_config[openshift_aws_node_group.group].policy_json }}"
+ policy_name: "{{ l_node_group_config[openshift_aws_node_group.group].policy_name }}"
+ state: "{{ openshift_aws_iam_role_state | default('present') }}"
+ when: "'iam_role' in l_node_group_config[openshift_aws_node_group.group]"
diff --git a/roles/openshift_aws/tasks/launch_config.yml b/roles/openshift_aws/tasks/launch_config.yml
index 94aca5a35..6f78ee00a 100644
--- a/roles/openshift_aws/tasks/launch_config.yml
+++ b/roles/openshift_aws/tasks/launch_config.yml
@@ -1,25 +1,8 @@
---
-- fail:
- msg: "Ensure that an AMI value is defined for openshift_aws_ami or openshift_aws_launch_config_custom_image."
- when:
- - openshift_aws_ami is undefined
-
-- fail:
- msg: "Ensure that openshift_deployment_type is defined."
- when:
- - openshift_deployment_type is undefined
-
-- name: query vpc
- ec2_vpc_net_facts:
- region: "{{ openshift_aws_region }}"
- filters:
- 'tag:Name': "{{ openshift_aws_vpc_name }}"
- register: vpcout
-
- name: fetch the security groups for launch config
ec2_group_facts:
filters:
- group-name: "{{ openshift_aws_elb_security_groups }}"
+ group-name: "{{ openshift_aws_launch_config_security_groups[openshift_aws_node_group.group] }}"
vpc-id: "{{ vpcout.vpcs[0].id }}"
region: "{{ openshift_aws_region }}"
register: ec2sgs
@@ -27,13 +10,17 @@
# Create the scale group config
- name: Create the node scale group launch config
ec2_lc:
- name: "{{ openshift_aws_launch_config_name }}"
+ name: "{{ openshift_aws_node_group.name }}-{{ openshift_aws_ami_map[openshift_aws_node_group.group] | default(openshift_aws_ami) }}-{{ l_epoch_time }}"
region: "{{ openshift_aws_region }}"
- image_id: "{{ openshift_aws_ami }}"
- instance_type: "{{ openshift_aws_node_group_config[openshift_aws_node_group_type].instance_type }}"
+ image_id: "{{ openshift_aws_ami_map[openshift_aws_node_group.group] | default(openshift_aws_ami) }}"
+ instance_type: "{{ l_node_group_config[openshift_aws_node_group.group].instance_type }}"
security_groups: "{{ openshift_aws_launch_config_security_group_id | default(ec2sgs.security_groups | map(attribute='group_id')| list) }}"
+ instance_profile_name: "{{ l_node_group_config[openshift_aws_node_group.group].iam_role if l_node_group_config[openshift_aws_node_group.group].iam_role is defined and
+ l_node_group_config[openshift_aws_node_group.group].iam_role != '' and
+ openshift_aws_create_iam_role
+ else omit }}"
user_data: "{{ lookup('template', 'user_data.j2') }}"
key_name: "{{ openshift_aws_ssh_key_name }}"
ebs_optimized: False
- volumes: "{{ openshift_aws_node_group_config[openshift_aws_node_group_type].volumes }}"
+ volumes: "{{ l_node_group_config[openshift_aws_node_group.group].volumes }}"
assign_public_ip: True
diff --git a/roles/openshift_aws/tasks/master_facts.yml b/roles/openshift_aws/tasks/master_facts.yml
index 1c99229ff..530b0134d 100644
--- a/roles/openshift_aws/tasks/master_facts.yml
+++ b/roles/openshift_aws/tasks/master_facts.yml
@@ -3,7 +3,7 @@
ec2_elb_facts:
region: "{{ openshift_aws_region }}"
names:
- - "{{ openshift_aws_elb_name_dict[openshift_aws_node_group_type]['internal'] }}"
+ - "{{ openshift_aws_elb_name_dict['master']['internal'] }}"
delegate_to: localhost
register: elbs
diff --git a/roles/openshift_aws/tasks/provision.yml b/roles/openshift_aws/tasks/provision.yml
index e99017b9f..786a2e4cf 100644
--- a/roles/openshift_aws/tasks/provision.yml
+++ b/roles/openshift_aws/tasks/provision.yml
@@ -1,53 +1,37 @@
---
- when: openshift_aws_create_iam_cert | bool
name: create the iam_cert for elb certificate
- include: iam_cert.yml
+ include_tasks: iam_cert.yml
- when: openshift_aws_create_s3 | bool
name: create s3 bucket for registry
- include: s3.yml
+ include_tasks: s3.yml
-- when: openshift_aws_create_security_groups
- block:
- - name: "Create {{ openshift_aws_node_group_type }} security groups"
- include: security_group.yml
+- include_tasks: vpc_and_subnet_id.yml
- - name: "Create {{ openshift_aws_node_group_type }} security groups"
- include: security_group.yml
- vars:
- openshift_aws_node_group_type: infra
-
-- name: create our master internal load balancer
- include: elb.yml
- vars:
- openshift_aws_elb_direction: internal
- openshift_aws_elb_scheme: internal
- l_openshift_aws_elb_name: "{{ openshift_aws_elb_name_dict[openshift_aws_node_group_type]['internal'] }}"
-
-- name: create our master external load balancer
- include: elb.yml
+- name: create elbs
+ include_tasks: elb.yml
+ with_dict: "{{ openshift_aws_elb_dict }}"
vars:
- openshift_aws_elb_direction: external
- openshift_aws_elb_scheme: internet-facing
- l_openshift_aws_elb_name: "{{ openshift_aws_elb_name_dict[openshift_aws_node_group_type]['external'] }}"
-
-- name: create our infra node external load balancer
- include: elb.yml
- vars:
- l_openshift_aws_elb_name: "{{ openshift_aws_elb_name_dict['infra']['external'] }}"
- openshift_aws_elb_direction: external
- openshift_aws_elb_scheme: internet-facing
- openshift_aws_node_group_type: infra
+ l_elb_security_groups: "{{ openshift_aws_elb_security_groups }}"
+ l_openshift_aws_elb_name_dict: "{{ openshift_aws_elb_name_dict }}"
+ loop_control:
+ loop_var: l_elb_dict_item
- name: include scale group creation for master
- include: build_node_group.yml
+ include_tasks: build_node_group.yml
+ with_items: "{{ openshift_aws_master_group }}"
+ vars:
+ l_node_group_config: "{{ openshift_aws_master_group_config }}"
+ loop_control:
+ loop_var: openshift_aws_node_group
- name: fetch newly created instances
- ec2_remote_facts:
+ ec2_instance_facts:
region: "{{ openshift_aws_region }}"
filters:
"tag:clusterid": "{{ openshift_aws_clusterid }}"
- "tag:host-type": "{{ openshift_aws_node_group_type }}"
+ "tag:host-type": "master"
instance-state-name: running
register: instancesout
retries: 20
diff --git a/roles/openshift_aws/tasks/provision_instance.yml b/roles/openshift_aws/tasks/provision_instance.yml
index 25ae6ce1c..696b323c0 100644
--- a/roles/openshift_aws/tasks/provision_instance.yml
+++ b/roles/openshift_aws/tasks/provision_instance.yml
@@ -3,20 +3,7 @@
set_fact:
openshift_node_bootstrap: True
-- name: query vpc
- ec2_vpc_net_facts:
- region: "{{ openshift_aws_region }}"
- filters:
- 'tag:Name': "{{ openshift_aws_vpc_name }}"
- register: vpcout
-
-- name: fetch the default subnet id
- ec2_vpc_subnet_facts:
- region: "{{ openshift_aws_region }}"
- filters:
- "tag:Name": "{{ openshift_aws_subnet_name }}"
- vpc-id: "{{ vpcout.vpcs[0].id }}"
- register: subnetout
+- include_tasks: vpc_and_subnet_id.yml
- name: create instance for ami creation
ec2:
@@ -40,7 +27,7 @@
Name: "{{ openshift_aws_base_ami_name }}"
- name: fetch newly created instances
- ec2_remote_facts:
+ ec2_instance_facts:
region: "{{ openshift_aws_region }}"
filters:
"tag:Name": "{{ openshift_aws_base_ami_name }}"
diff --git a/roles/openshift_aws/tasks/provision_nodes.yml b/roles/openshift_aws/tasks/provision_nodes.yml
index fc4996c68..d82f18574 100644
--- a/roles/openshift_aws/tasks/provision_nodes.yml
+++ b/roles/openshift_aws/tasks/provision_nodes.yml
@@ -3,7 +3,7 @@
# bootstrap should be created on first master
# need to fetch it and shove it into cloud data
- name: fetch master instances
- ec2_remote_facts:
+ ec2_instance_facts:
region: "{{ openshift_aws_region }}"
filters:
"tag:clusterid": "{{ openshift_aws_clusterid }}"
@@ -12,7 +12,9 @@
register: instancesout
retries: 20
delay: 3
- until: instancesout.instances|length > 0
+ until:
+ - "'instances' in instancesout"
+ - instancesout.instances|length > 0
- name: slurp down the bootstrap.kubeconfig
slurp:
@@ -25,42 +27,19 @@
set_fact:
openshift_aws_launch_config_bootstrap_token: "{{ bootstrap['content'] | b64decode }}"
-- name: include build node group for infra
- include: build_node_group.yml
- vars:
- openshift_aws_node_group_type: infra
- openshift_aws_scale_group_name: "{{ openshift_aws_clusterid }} openshift infra"
- openshift_aws_launch_config_name: "{{ openshift_aws_clusterid }}-infra-{{ ansible_date_time.epoch }}"
+- include_tasks: vpc_and_subnet_id.yml
-- name: include build node group for compute
- include: build_node_group.yml
+- name: include build compute and infra node groups
+ include_tasks: build_node_group.yml
+ with_items: "{{ openshift_aws_node_groups }}"
vars:
- openshift_aws_node_group_type: compute
- openshift_aws_scale_group_name: "{{ openshift_aws_clusterid }} openshift compute"
- openshift_aws_launch_config_name: "{{ openshift_aws_clusterid }}-compute-{{ ansible_date_time.epoch }}"
+ l_node_group_config: "{{ openshift_aws_node_group_config }}"
+ loop_control:
+ loop_var: openshift_aws_node_group
+# instances aren't scaling fast enough here, we need to wait for them
- when: openshift_aws_wait_for_ssh | bool
- block:
- - name: pause and allow for instances to scale before we query them
- pause:
- seconds: 10
-
- - name: fetch newly created instances
- ec2_remote_facts:
- region: "{{ openshift_aws_region }}"
- filters:
- "tag:clusterid": "{{ openshift_aws_clusterid }}"
- "tag:host-type": node
- instance-state-name: running
- register: instancesout
- retries: 20
- delay: 3
- until: instancesout.instances|length > 0
-
- - name: wait for ssh to become available
- wait_for:
- port: 22
- host: "{{ item.public_ip_address }}"
- timeout: 300
- search_regex: OpenSSH
- with_items: "{{ instancesout.instances }}"
+ name: wait for our new nodes to come up
+ include_tasks: wait_for_groups.yml
+ vars:
+ created_asgs: "{{ openshift_aws_created_asgs }}"
diff --git a/roles/openshift_aws/tasks/remove_scale_group.yml b/roles/openshift_aws/tasks/remove_scale_group.yml
new file mode 100644
index 000000000..a01cde294
--- /dev/null
+++ b/roles/openshift_aws/tasks/remove_scale_group.yml
@@ -0,0 +1,30 @@
+---
+# FIGURE OUT HOW TO REMOVE SCALE GROUPS
+# use openshift_aws_current_asgs??
+- name: fetch the scale groups
+ ec2_asg_facts:
+ region: "{{ openshift_aws_region }}"
+ name: "^{{ item }}$"
+ tags:
+ "{{ {'kubernetes.io/cluster/' ~ openshift_aws_clusterid: openshift_aws_clusterid} }}"
+ with_items: "{{ openshift_aws_current_asgs if openshift_aws_current_asgs != [] else openshift_aws_asgs_to_remove }}"
+ register: qasg
+
+- name: remove non-master scale groups
+ ec2_asg:
+ region: "{{ openshift_aws_region }}"
+ state: absent
+ name: "{{ item.auto_scaling_group_name }}"
+ when: "'master' not in item.auto_scaling_group_name"
+ register: asg_results
+ with_items: "{{ qasg | json_query('results[*]') | sum(attribute='results', start=[]) }}"
+ async: 600
+ poll: 0
+
+- name: join the asynch scale group removals
+ async_status:
+ jid: "{{ item.ansible_job_id }}"
+ register: jobs_results
+ with_items: "{{ asg_results.results }}"
+ until: jobs_results.finished
+ retries: 200
diff --git a/roles/openshift_aws/tasks/s3.yml b/roles/openshift_aws/tasks/s3.yml
index 9cf37c840..ba70bcff6 100644
--- a/roles/openshift_aws/tasks/s3.yml
+++ b/roles/openshift_aws/tasks/s3.yml
@@ -1,6 +1,6 @@
---
- name: Create an s3 bucket
- s3:
+ aws_s3:
bucket: "{{ openshift_aws_s3_bucket_name }}"
mode: "{{ openshift_aws_s3_mode }}"
region: "{{ openshift_aws_region }}"
diff --git a/roles/openshift_aws/tasks/scale_group.yml b/roles/openshift_aws/tasks/scale_group.yml
index eb31636e7..3632f7ce9 100644
--- a/roles/openshift_aws/tasks/scale_group.yml
+++ b/roles/openshift_aws/tasks/scale_group.yml
@@ -1,34 +1,30 @@
---
-- name: query vpc
- ec2_vpc_net_facts:
- region: "{{ openshift_aws_region }}"
- filters:
- 'tag:Name': "{{ openshift_aws_vpc_name }}"
- register: vpcout
-
-- name: fetch the subnet to use in scale group
- ec2_vpc_subnet_facts:
- region: "{{ openshift_aws_region }}"
- filters:
- "tag:Name": "{{ openshift_aws_subnet_name }}"
- vpc-id: "{{ vpcout.vpcs[0].id }}"
- register: subnetout
+- name: set node group name
+ set_fact:
+ l_node_group_name: "{{ openshift_aws_node_group.name }} {{ l_deployment_serial }}"
- name: Create the scale group
ec2_asg:
- name: "{{ openshift_aws_scale_group_name }}"
- launch_config_name: "{{ openshift_aws_launch_config_name }}"
- health_check_period: "{{ openshift_aws_node_group_config[openshift_aws_node_group_type].health_check.period }}"
- health_check_type: "{{ openshift_aws_node_group_config[openshift_aws_node_group_type].health_check.type }}"
- min_size: "{{ openshift_aws_node_group_config[openshift_aws_node_group_type].min_size }}"
- max_size: "{{ openshift_aws_node_group_config[openshift_aws_node_group_type].max_size }}"
- desired_capacity: "{{ openshift_aws_node_group_config[openshift_aws_node_group_type].desired_size }}"
+ name: "{{ l_node_group_name }}"
+ launch_config_name: "{{ openshift_aws_node_group.name }}-{{ openshift_aws_ami_map[openshift_aws_node_group.group] | default(openshift_aws_ami) }}-{{ l_epoch_time }}"
+ health_check_period: "{{ l_node_group_config[openshift_aws_node_group.group].health_check.period }}"
+ health_check_type: "{{ l_node_group_config[openshift_aws_node_group.group].health_check.type }}"
+ min_size: "{{ l_node_group_config[openshift_aws_node_group.group].min_size }}"
+ max_size: "{{ l_node_group_config[openshift_aws_node_group.group].max_size }}"
+ desired_capacity: "{{ l_node_group_config[openshift_aws_node_group.group].desired_size }}"
region: "{{ openshift_aws_region }}"
- termination_policies: "{{ openshift_aws_node_group_config[openshift_aws_node_group_type].termination_policy if 'termination_policy' in openshift_aws_node_group_config[openshift_aws_node_group_type] else omit }}"
- load_balancers: "{{ openshift_aws_node_group_config[openshift_aws_node_group_type].elbs if 'elbs' in openshift_aws_node_group_config[openshift_aws_node_group_type] else omit }}"
- wait_for_instances: "{{ openshift_aws_node_group_config[openshift_aws_node_group_type].wait_for_instances | default(False)}}"
+ termination_policies: "{{ l_node_group_config[openshift_aws_node_group.group].termination_policy if 'termination_policy' in l_node_group_config[openshift_aws_node_group.group] else omit }}"
+ load_balancers: "{{ l_node_group_config[openshift_aws_node_group.group].elbs if 'elbs' in l_node_group_config[openshift_aws_node_group.group] else omit }}"
+ wait_for_instances: "{{ l_node_group_config[openshift_aws_node_group.group].wait_for_instances | default(False)}}"
vpc_zone_identifier: "{{ subnetout.subnets[0].id }}"
replace_instances: "{{ openshift_aws_node_group_replace_instances if openshift_aws_node_group_replace_instances != [] else omit }}"
- replace_all_instances: "{{ omit if openshift_aws_node_group_replace_instances != [] else (openshift_aws_node_group_config[openshift_aws_node_group_type].replace_all_instances | default(omit)) }}"
+ replace_all_instances: "{{ omit if openshift_aws_node_group_replace_instances != []
+ else (l_node_group_config[openshift_aws_node_group.group].replace_all_instances | default(omit)) }}"
tags:
- - "{{ openshift_aws_node_group_config.tags | combine(openshift_aws_node_group_config[openshift_aws_node_group_type].tags) }}"
+ - "{{ openshift_aws_node_group_config_tags
+ | combine(l_node_group_config[openshift_aws_node_group.group].tags)
+ | combine({'deployment_serial': l_deployment_serial, 'ami': openshift_aws_ami_map[openshift_aws_node_group.group] | default(openshift_aws_ami)}) }}"
+
+- name: append the asg name to the openshift_aws_created_asgs fact
+ set_fact:
+ openshift_aws_created_asgs: "{{ [l_node_group_name] | union(openshift_aws_created_asgs) | list }}"
diff --git a/roles/openshift_aws/tasks/seal_ami.yml b/roles/openshift_aws/tasks/seal_ami.yml
index 0cb749dcc..74877d5c7 100644
--- a/roles/openshift_aws/tasks/seal_ami.yml
+++ b/roles/openshift_aws/tasks/seal_ami.yml
@@ -1,6 +1,6 @@
---
- name: fetch newly created instances
- ec2_remote_facts:
+ ec2_instance_facts:
region: "{{ openshift_aws_region }}"
filters:
"tag:Name": "{{ openshift_aws_base_ami_name }}"
@@ -12,7 +12,7 @@
- name: bundle ami
ec2_ami:
- instance_id: "{{ instancesout.instances.0.id }}"
+ instance_id: "{{ instancesout.instances.0.instance_id }}"
region: "{{ openshift_aws_region }}"
state: present
description: "This was provisioned {{ ansible_date_time.iso8601 }}"
@@ -31,7 +31,7 @@
source-ami: "{{ amioutput.image_id }}"
- name: copy the ami for encrypted disks
- include: ami_copy.yml
+ include_tasks: ami_copy.yml
vars:
openshift_aws_ami_copy_name: "{{ openshift_aws_ami_name }}-encrypted"
openshift_aws_ami_copy_src_ami: "{{ amioutput.image_id }}"
@@ -46,4 +46,4 @@
ec2:
state: absent
region: "{{ openshift_aws_region }}"
- instance_ids: "{{ instancesout.instances.0.id }}"
+ instance_ids: "{{ instancesout.instances.0.instance_id }}"
diff --git a/roles/openshift_aws/tasks/security_group.yml b/roles/openshift_aws/tasks/security_group.yml
index e1fb99b02..0568a0190 100644
--- a/roles/openshift_aws/tasks/security_group.yml
+++ b/roles/openshift_aws/tasks/security_group.yml
@@ -6,35 +6,23 @@
"tag:Name": "{{ openshift_aws_clusterid }}"
register: vpcout
-- name: Create default security group for cluster
- ec2_group:
- name: "{{ openshift_aws_node_security_groups.default.name }}"
- description: "{{ openshift_aws_node_security_groups.default.desc }}"
- region: "{{ openshift_aws_region }}"
- vpc_id: "{{ vpcout.vpcs[0].id }}"
- rules: "{{ openshift_aws_node_security_groups.default.rules | default(omit, True)}}"
- register: sg_default_created
-
- name: create the node group sgs
- ec2_group:
- name: "{{ item.name}}"
- description: "{{ item.desc }}"
- rules: "{{ item.rules if 'rules' in item else [] }}"
+ oo_ec2_group:
+ name: "{{ item.value.name}}"
+ description: "{{ item.value.desc }}"
+ rules: "{{ item.value.rules if 'rules' in item.value else [] }}"
region: "{{ openshift_aws_region }}"
vpc_id: "{{ vpcout.vpcs[0].id }}"
- register: sg_create
- with_items:
- - "{{ openshift_aws_node_security_groups[openshift_aws_node_group_type]}}"
+ with_dict: "{{ openshift_aws_node_security_groups }}"
- name: create the k8s sgs for the node group
- ec2_group:
- name: "{{ item.name }}_k8s"
- description: "{{ item.desc }} for k8s"
+ oo_ec2_group:
+ name: "{{ item.value.name }}_k8s"
+ description: "{{ item.value.desc }} for k8s"
region: "{{ openshift_aws_region }}"
vpc_id: "{{ vpcout.vpcs[0].id }}"
+ with_dict: "{{ openshift_aws_node_security_groups }}"
register: k8s_sg_create
- with_items:
- - "{{ openshift_aws_node_security_groups[openshift_aws_node_group_type]}}"
- name: tag sg groups with proper tags
ec2_tag:
diff --git a/roles/openshift_aws/tasks/setup_master_group.yml b/roles/openshift_aws/tasks/setup_master_group.yml
index 166f3b938..700917ef4 100644
--- a/roles/openshift_aws/tasks/setup_master_group.yml
+++ b/roles/openshift_aws/tasks/setup_master_group.yml
@@ -8,7 +8,7 @@
msg: "openshift_aws_region={{ openshift_aws_region }}"
- name: fetch newly created instances
- ec2_remote_facts:
+ ec2_instance_facts:
region: "{{ openshift_aws_region }}"
filters:
"tag:clusterid": "{{ openshift_aws_clusterid }}"
@@ -19,11 +19,13 @@
delay: 3
until: instancesout.instances|length > 0
+- debug: var=instancesout
+
- name: add new master to masters group
add_host:
- groups: "masters,etcd,nodes"
+ groups: "{{ openshift_aws_masters_groups }}"
name: "{{ item.public_dns_name }}"
- hostname: "{{ openshift_aws_clusterid }}-master-{{ item.id[:-5] }}"
+ hostname: "{{ openshift_aws_clusterid }}-master-{{ item.instance_id[:-5] }}"
with_items: "{{ instancesout.instances }}"
- name: wait for ssh to become available
diff --git a/roles/openshift_aws/tasks/setup_scale_group_facts.yml b/roles/openshift_aws/tasks/setup_scale_group_facts.yml
new file mode 100644
index 000000000..14c5246c9
--- /dev/null
+++ b/roles/openshift_aws/tasks/setup_scale_group_facts.yml
@@ -0,0 +1,49 @@
+---
+- name: fetch all created instances
+ ec2_instance_facts:
+ region: "{{ openshift_aws_region }}"
+ filters:
+ "{{ {'tag:kubernetes.io/cluster/' ~ openshift_aws_clusterid: openshift_aws_clusterid,
+ 'instance-state-name': 'running'} }}"
+ register: qinstances
+
+# The building of new and current groups is dependent of having a list of the current asgs and the created ones
+# that can be found in the variables: openshift_aws_created_asgs, openshift_aws_current_asgs. If these do not exist, we cannot determine which hosts are
+# new and which hosts are current.
+- name: Build new node group
+ add_host:
+ groups: oo_sg_new_nodes
+ ansible_ssh_host: "{{ item.public_dns_name }}"
+ name: "{{ item.public_dns_name }}"
+ hostname: "{{ item.public_dns_name }}"
+ when:
+ - openshift_aws_created_asgs != []
+ - "'aws:autoscaling:groupName' in item.tags"
+ - item.tags['aws:autoscaling:groupName'] in openshift_aws_created_asgs
+ - "'node' in item.tags['host-type']"
+ with_items: "{{ qinstances.instances }}"
+
+- name: dump openshift_aws_current_asgs
+ debug:
+ msg: "{{ openshift_aws_current_asgs }}"
+
+- name: Build current node group
+ add_host:
+ groups: oo_sg_current_nodes
+ ansible_ssh_host: "{{ item.public_dns_name }}"
+ name: "{{ item.public_dns_name }}"
+ hostname: "{{ item.public_dns_name }}"
+ when:
+ - openshift_aws_current_asgs != []
+ - "'aws:autoscaling:groupName' in item.tags"
+ - item.tags['aws:autoscaling:groupName'] in openshift_aws_current_asgs
+ - "'node' in item.tags['host-type']"
+ with_items: "{{ qinstances.instances }}"
+
+- name: place all nodes into nodes group
+ add_host:
+ groups: nodes
+ ansible_ssh_host: "{{ item.public_dns_name }}"
+ name: "{{ item.public_dns_name }}"
+ hostname: "{{ item.public_dns_name }}"
+ with_items: "{{ qinstances.instances }}"
diff --git a/roles/openshift_aws/tasks/upgrade_node_group.yml b/roles/openshift_aws/tasks/upgrade_node_group.yml
new file mode 100644
index 000000000..4f4730dd6
--- /dev/null
+++ b/roles/openshift_aws/tasks/upgrade_node_group.yml
@@ -0,0 +1,26 @@
+---
+- include_tasks: provision_nodes.yml
+ vars:
+ openshift_aws_node_group_upgrade: True
+ when:
+ - openshift_aws_upgrade_provision_nodes | default(True)
+
+- debug: var=openshift_aws_current_asgs
+- debug: var=openshift_aws_created_asgs
+
+- name: fail if asg variables aren't set
+ fail:
+ msg: "Please ensure that openshift_aws_created_asgs and openshift_aws_current_asgs are defined."
+ when:
+ - openshift_aws_created_asgs == []
+ - openshift_aws_current_asgs == []
+
+- include_tasks: accept_nodes.yml
+ when: openshift_aws_upgrade_accept_nodes | default(True)
+
+- include_tasks: setup_scale_group_facts.yml
+
+- include_tasks: setup_master_group.yml
+ vars:
+ # we do not set etcd here as its limited to 1 or 3
+ openshift_aws_masters_groups: masters,nodes
diff --git a/roles/openshift_aws/tasks/vpc_and_subnet_id.yml b/roles/openshift_aws/tasks/vpc_and_subnet_id.yml
new file mode 100644
index 000000000..1b754f863
--- /dev/null
+++ b/roles/openshift_aws/tasks/vpc_and_subnet_id.yml
@@ -0,0 +1,21 @@
+---
+- name: query vpc
+ ec2_vpc_net_facts:
+ region: "{{ openshift_aws_region }}"
+ filters:
+ 'tag:Name': "{{ openshift_aws_vpc_name }}"
+ register: vpcout
+
+- name: debug vcpout
+ debug: var=vpcout
+
+- name: fetch the default subnet id
+ ec2_vpc_subnet_facts:
+ region: "{{ openshift_aws_region }}"
+ filters:
+ "availability_zone": "{{ openshift_aws_subnet_az }}"
+ vpc-id: "{{ vpcout.vpcs[0].id }}"
+ register: subnetout
+
+- name: debug subnetout
+ debug: var=subnetout
diff --git a/roles/openshift_aws/tasks/wait_for_groups.yml b/roles/openshift_aws/tasks/wait_for_groups.yml
new file mode 100644
index 000000000..1f4ef3e1c
--- /dev/null
+++ b/roles/openshift_aws/tasks/wait_for_groups.yml
@@ -0,0 +1,41 @@
+---
+# The idea here is to wait until all scale groups are at
+# their desired capacity before continuing.
+# This is accomplished with a custom filter_plugin and until clause
+- name: "fetch the scale groups"
+ ec2_asg_facts:
+ region: "{{ openshift_aws_region }}"
+ tags:
+ "{{ {'kubernetes.io/cluster/' ~ openshift_aws_clusterid: openshift_aws_clusterid } }}"
+ register: qasg
+ until: qasg | json_query('results[*]') | scale_groups_match_capacity | bool
+ delay: 10
+ retries: 60
+
+- debug: var=openshift_aws_created_asgs
+
+# how do we gaurantee the instances are up?
+- name: fetch newly created instances
+ ec2_instance_facts:
+ region: "{{ openshift_aws_region }}"
+ filters:
+ "{{ {'tag:kubernetes.io/cluster/' ~ openshift_aws_clusterid: openshift_aws_clusterid,
+ 'tag:aws:autoscaling:groupName': item,
+ 'instance-state-name': 'running'} }}"
+ with_items: "{{ openshift_aws_created_asgs if openshift_aws_created_asgs != [] else qasg | sum(attribute='results', start=[]) }}"
+ register: instancesout
+ until: instancesout.instances|length > 0
+ delay: 5
+ retries: 60
+
+- name: dump instances
+ debug:
+ msg: "{{ instancesout.results | sum(attribute='instances', start=[]) }}"
+
+- name: wait for ssh to become available
+ wait_for:
+ port: 22
+ host: "{{ item.public_ip_address }}"
+ timeout: 300
+ search_regex: OpenSSH
+ with_items: "{{ instancesout.results | sum(attribute='instances', start=[]) }}"
diff --git a/roles/openshift_aws/templates/user_data.j2 b/roles/openshift_aws/templates/user_data.j2
index 76aebdcea..bda1334cd 100644
--- a/roles/openshift_aws/templates/user_data.j2
+++ b/roles/openshift_aws/templates/user_data.j2
@@ -7,8 +7,8 @@ write_files:
owner: 'root:root'
permissions: '0640'
content: |
- openshift_group_type: {{ openshift_aws_node_group_type }}
-{% if openshift_aws_node_group_type != 'master' %}
+ openshift_group_type: {{ openshift_aws_node_group.group }}
+{% if openshift_aws_node_group.group != 'master' %}
- path: /etc/origin/node/bootstrap.kubeconfig
owner: 'root:root'
permissions: '0640'
@@ -19,7 +19,8 @@ runcmd:
{% if openshift_aws_node_run_bootstrap_startup %}
- [ ansible-playbook, /root/openshift_bootstrap/bootstrap.yml]
{% endif %}
-{% if openshift_aws_node_group_type != 'master' %}
+{% if openshift_aws_node_group.group != 'master' %}
+- [ systemctl, restart, NetworkManager]
- [ systemctl, enable, {% if openshift_deployment_type == 'openshift-enterprise' %}atomic-openshift{% else %}origin{% endif %}-node]
- [ systemctl, start, {% if openshift_deployment_type == 'openshift-enterprise' %}atomic-openshift{% else %}origin{% endif %}-node]
{% endif %}
diff --git a/roles/openshift_builddefaults/meta/main.yml b/roles/openshift_builddefaults/meta/main.yml
index 422d08400..60ac189a8 100644
--- a/roles/openshift_builddefaults/meta/main.yml
+++ b/roles/openshift_builddefaults/meta/main.yml
@@ -13,3 +13,4 @@ galaxy_info:
- cloud
dependencies:
- role: openshift_facts
+- role: lib_utils
diff --git a/roles/openshift_builddefaults/tasks/main.yml b/roles/openshift_builddefaults/tasks/main.yml
index e0b51eee0..612b6522d 100644
--- a/roles/openshift_builddefaults/tasks/main.yml
+++ b/roles/openshift_builddefaults/tasks/main.yml
@@ -4,11 +4,6 @@
role: builddefaults
# TODO: add ability to define builddefaults env vars sort of like this
# may need to move the config generation to a filter however.
- # openshift_env: "{{ hostvars
- # | oo_merge_hostvars(vars, inventory_hostname)
- # | oo_openshift_env }}"
- # openshift_env_structures:
- # - 'openshift.builddefaults.env.*'
local_facts:
http_proxy: "{{ openshift_builddefaults_http_proxy | default(None) }}"
https_proxy: "{{ openshift_builddefaults_https_proxy | default(None) }}"
diff --git a/roles/openshift_buildoverrides/meta/main.yml b/roles/openshift_buildoverrides/meta/main.yml
index e9d2e8712..edca92e6f 100644
--- a/roles/openshift_buildoverrides/meta/main.yml
+++ b/roles/openshift_buildoverrides/meta/main.yml
@@ -13,3 +13,4 @@ galaxy_info:
- cloud
dependencies:
- role: openshift_facts
+- role: lib_utils
diff --git a/roles/openshift_ca/meta/main.yml b/roles/openshift_ca/meta/main.yml
index f8b784a63..b2081efc6 100644
--- a/roles/openshift_ca/meta/main.yml
+++ b/roles/openshift_ca/meta/main.yml
@@ -14,3 +14,5 @@ galaxy_info:
- system
dependencies:
- role: openshift_cli
+- role: openshift_facts
+- role: lib_utils
diff --git a/roles/openshift_ca/tasks/main.yml b/roles/openshift_ca/tasks/main.yml
index fad1ff5de..358b8528f 100644
--- a/roles/openshift_ca/tasks/main.yml
+++ b/roles/openshift_ca/tasks/main.yml
@@ -9,16 +9,17 @@
- name: Install the base package for admin tooling
package:
- name: "{{ openshift.common.service_type }}{{ openshift_pkg_version | default('') | oo_image_tag_to_rpm_version(include_dash=True) }}"
+ name: "{{ openshift_service_type }}{{ openshift_pkg_version | default('') | lib_utils_oo_image_tag_to_rpm_version(include_dash=True) }}"
state: present
when: not openshift.common.is_containerized | bool
register: install_result
+ until: install_result is succeeded
delegate_to: "{{ openshift_ca_host }}"
run_once: true
- name: Reload generated facts
openshift_facts:
- when: hostvars[openshift_ca_host].install_result | changed
+ when: hostvars[openshift_ca_host].install_result is changed
- name: Create openshift_ca_config_dir if it does not exist
file:
@@ -40,7 +41,7 @@
- set_fact:
master_ca_missing: "{{ False in (g_master_ca_stat_result.results
- | oo_collect(attribute='stat.exists')
+ | lib_utils_oo_collect(attribute='stat.exists')
| list) }}"
run_once: true
@@ -87,25 +88,53 @@
- name: Create the master certificates if they do not already exist
command: >
{{ hostvars[openshift_ca_host].openshift.common.client_binary }} adm ca create-master-certs
- {% for named_ca_certificate in openshift.master.named_certificates | default([]) | oo_collect('cafile') %}
+ {% for named_ca_certificate in openshift.master.named_certificates | default([]) | lib_utils_oo_collect('cafile') %}
--certificate-authority {{ named_ca_certificate }}
{% endfor %}
- {% for legacy_ca_certificate in g_master_legacy_ca_result.files | default([]) | oo_collect('path') %}
+ {% for legacy_ca_certificate in g_master_legacy_ca_result.files | default([]) | lib_utils_oo_collect('path') %}
--certificate-authority {{ legacy_ca_certificate }}
{% endfor %}
--hostnames={{ hostvars[openshift_ca_host].openshift.common.all_hostnames | join(',') }}
--master={{ openshift.master.api_url }}
--public-master={{ openshift.master.public_api_url }}
--cert-dir={{ openshift_ca_config_dir }}
- {% if openshift_version | oo_version_gte_3_5_or_1_5(openshift.common.deployment_type) | bool %}
--expire-days={{ openshift_master_cert_expire_days }}
--signer-expire-days={{ openshift_ca_cert_expire_days }}
- {% endif %}
--overwrite=false
when: master_ca_missing | bool or openshift_certificates_redeploy | default(false) | bool
delegate_to: "{{ openshift_ca_host }}"
run_once: true
+# Create client-ca-bundle.crt containing old and new OpenShift CA
+# certificates. This bundle will be used when rolling the OpenShift CA
+# certificate.
+- name: Create client-ca-bundle.crt
+ block:
+ - command: mktemp -d /tmp/openshift-ansible-XXXXXX
+ register: openshift_ca_clientconfig_tmpdir
+ delegate_to: "{{ openshift_ca_host }}"
+ - copy:
+ src: "{{ item }}"
+ dest: "{{ openshift_ca_clientconfig_tmpdir.stdout }}/"
+ remote_src: true
+ with_items: "{{ g_master_legacy_ca_result.files | default([]) | lib_utils_oo_collect('path') }}"
+ delegate_to: "{{ openshift_ca_host }}"
+ run_once: true
+ - copy:
+ src: "{{ openshift_ca_config_dir }}/ca.crt"
+ dest: "{{ openshift_ca_clientconfig_tmpdir.stdout }}/"
+ remote_src: true
+ delegate_to: "{{ openshift_ca_host }}"
+ run_once: true
+ - assemble:
+ src: "{{ openshift_ca_clientconfig_tmpdir.stdout }}"
+ dest: "{{ openshift_ca_config_dir }}/client-ca-bundle.crt"
+ mode: 0644
+ owner: root
+ group: root
+ delegate_to: "{{ openshift_ca_host }}"
+ run_once: true
+
- name: Test local loopback context
command: >
{{ hostvars[openshift_ca_host].openshift.common.client_binary }} config view
@@ -127,7 +156,7 @@
command: >
{{ hostvars[openshift_ca_host].openshift.common.client_binary }} adm create-api-client-config
--certificate-authority={{ openshift_ca_cert }}
- {% for named_ca_certificate in openshift.master.named_certificates | default([]) | oo_collect('cafile') %}
+ {% for named_ca_certificate in openshift.master.named_certificates | default([]) | lib_utils_oo_collect('cafile') %}
--certificate-authority {{ named_ca_certificate }}
{% endfor %}
--client-dir={{ openshift_ca_loopback_tmpdir.stdout }}
@@ -139,9 +168,7 @@
--signer-serial={{ openshift_ca_serial }}
--user=system:openshift-master
--basename=openshift-master
- {% if openshift_version | oo_version_gte_3_5_or_1_5(openshift.common.deployment_type) | bool %}
--expire-days={{ openshift_master_cert_expire_days }}
- {% endif %}
- name: Copy generated loopback master client config to master config dir
copy:
src: "{{ openshift_ca_loopback_tmpdir.stdout }}/{{ item }}"
diff --git a/roles/openshift_certificate_expiry/README.md b/roles/openshift_certificate_expiry/README.md
index f19a421cb..48338ca1b 100644
--- a/roles/openshift_certificate_expiry/README.md
+++ b/roles/openshift_certificate_expiry/README.md
@@ -54,7 +54,7 @@ included in this role, or you can [read on below for more examples](#more-exampl
to help you craft you own.
```
-$ ansible-playbook -v -i HOSTS playbooks/byo/openshift-checks/certificate_expiry/easy-mode.yaml
+$ ansible-playbook -v -i HOSTS playbooks/openshift-checks/certificate_expiry/easy-mode.yaml
```
Using the `easy-mode.yaml` playbook will produce:
@@ -65,7 +65,7 @@ Using the `easy-mode.yaml` playbook will produce:
> **Note:** If you are running from an RPM install use
-> `/usr/share/ansible/openshift-ansible/playbooks/byo/openshift-checks/certificate_expiry/easy-mode.yaml`
+> `/usr/share/ansible/openshift-ansible/playbooks/openshift-checks/certificate_expiry/easy-mode.yaml`
> instead
## Run from a container
@@ -80,7 +80,7 @@ There are several [examples](../../examples/README.md) in the `examples` directo
## More Example Playbooks
> **Note:** These Playbooks are available to run directly out of the
-> [/playbooks/byo/openshift-checks/certificate_expiry/](../../playbooks/byo/openshift-checks/certificate_expiry/) directory.
+> [/playbooks/openshift-checks/certificate_expiry/](../../playbooks/openshift-checks/certificate_expiry/) directory.
### Default behavior
@@ -99,14 +99,14 @@ This playbook just invokes the certificate expiration check role with default op
**From git:**
```
-$ ansible-playbook -v -i HOSTS playbooks/byo/openshift-checks/certificate_expiry/default.yaml
+$ ansible-playbook -v -i HOSTS playbooks/openshift-checks/certificate_expiry/default.yaml
```
**From openshift-ansible-playbooks rpm:**
```
-$ ansible-playbook -v -i HOSTS /usr/share/ansible/openshift-ansible/playbooks/byo/openshift-checks/certificate_expiry/default.yaml
+$ ansible-playbook -v -i HOSTS /usr/share/ansible/openshift-ansible/playbooks/openshift-checks/certificate_expiry/default.yaml
```
-> [View This Playbook](../../playbooks/byo/openshift-checks/certificate_expiry/default.yaml)
+> [View This Playbook](../../playbooks/openshift-checks/certificate_expiry/default.yaml)
### Easy mode
@@ -130,14 +130,14 @@ certificates (healthy or not) are included in the results:
**From git:**
```
-$ ansible-playbook -v -i HOSTS playbooks/byo/openshift-checks/certificate_expiry/easy-mode.yaml
+$ ansible-playbook -v -i HOSTS playbooks/openshift-checks/certificate_expiry/easy-mode.yaml
```
**From openshift-ansible-playbooks rpm:**
```
-$ ansible-playbook -v -i HOSTS /usr/share/ansible/openshift-ansible/playbooks/byo/openshift-checks/certificate_expiry/easy-mode.yaml
+$ ansible-playbook -v -i HOSTS /usr/share/ansible/openshift-ansible/playbooks/openshift-checks/certificate_expiry/easy-mode.yaml
```
-> [View This Playbook](../../playbooks/byo/openshift-checks/certificate_expiry/easy-mode.yaml)
+> [View This Playbook](../../playbooks/openshift-checks/certificate_expiry/easy-mode.yaml)
### Easy mode and upload reports to masters
@@ -193,14 +193,14 @@ options via environment variables:
**From git:**
```
-$ ansible-playbook -v -i HOSTS playbooks/byo/openshift-checks/certificate_expiry/easy-mode-upload.yaml
+$ ansible-playbook -v -i HOSTS playbooks/openshift-checks/certificate_expiry/easy-mode-upload.yaml
```
**From openshift-ansible-playbooks rpm:**
```
-$ ansible-playbook -v -i HOSTS /usr/share/ansible/openshift-ansible/playbooks/byo/openshift-checks/certificate_expiry/easy-mode-upload.yaml
+$ ansible-playbook -v -i HOSTS /usr/share/ansible/openshift-ansible/playbooks/openshift-checks/certificate_expiry/easy-mode-upload.yaml
```
-> [View This Playbook](../../playbooks/byo/openshift-checks/certificate_expiry/easy-mode-upload.yaml)
+> [View This Playbook](../../playbooks/openshift-checks/certificate_expiry/easy-mode-upload.yaml)
### Generate HTML and JSON artifacts in their default paths
@@ -219,14 +219,14 @@ $ ansible-playbook -v -i HOSTS /usr/share/ansible/openshift-ansible/playbooks/by
**From git:**
```
-$ ansible-playbook -v -i HOSTS playbooks/byo/openshift-checks/certificate_expiry/html_and_json_default_paths.yaml
+$ ansible-playbook -v -i HOSTS playbooks/openshift-checks/certificate_expiry/html_and_json_default_paths.yaml
```
**From openshift-ansible-playbooks rpm:**
```
-$ ansible-playbook -v -i HOSTS /usr/share/ansible/openshift-ansible/playbooks/byo/openshift-checks/certificate_expiry/html_and_json_default_paths.yaml
+$ ansible-playbook -v -i HOSTS /usr/share/ansible/openshift-ansible/playbooks/openshift-checks/certificate_expiry/html_and_json_default_paths.yaml
```
-> [View This Playbook](../../playbooks/byo/openshift-checks/certificate_expiry/html_and_json_default_paths.yaml)
+> [View This Playbook](../../playbooks/openshift-checks/certificate_expiry/html_and_json_default_paths.yaml)
### Generate HTML and JSON reports in a custom path
@@ -250,14 +250,14 @@ This example customizes the report generation path to point to a specific path (
**From git:**
```
-$ ansible-playbook -v -i HOSTS playbooks/byo/openshift-checks/certificate_expiry/html_and_json_timestamp.yaml
+$ ansible-playbook -v -i HOSTS playbooks/openshift-checks/certificate_expiry/html_and_json_timestamp.yaml
```
**From openshift-ansible-playbooks rpm:**
```
-$ ansible-playbook -v -i HOSTS /usr/share/ansible/openshift-ansible/playbooks/byo/openshift-checks/certificate_expiry/html_and_json_timestamp.yaml
+$ ansible-playbook -v -i HOSTS /usr/share/ansible/openshift-ansible/playbooks/openshift-checks/certificate_expiry/html_and_json_timestamp.yaml
```
-> [View This Playbook](../../playbooks/byo/openshift-checks/certificate_expiry/html_and_json_timestamp.yaml)
+> [View This Playbook](../../playbooks/openshift-checks/certificate_expiry/html_and_json_timestamp.yaml)
### Long warning window
@@ -278,14 +278,14 @@ the module out):
**From git:**
```
-$ ansible-playbook -v -i HOSTS playbooks/byo/openshift-checks/certificate_expiry/longer_warning_period.yaml
+$ ansible-playbook -v -i HOSTS playbooks/openshift-checks/certificate_expiry/longer_warning_period.yaml
```
**From openshift-ansible-playbooks rpm:**
```
-$ ansible-playbook -v -i HOSTS /usr/share/ansible/openshift-ansible/playbooks/byo/openshift-checks/certificate_expiry/longer_warning_period.yaml
+$ ansible-playbook -v -i HOSTS /usr/share/ansible/openshift-ansible/playbooks/openshift-checks/certificate_expiry/longer_warning_period.yaml
```
-> [View This Playbook](../../playbooks/byo/openshift-checks/certificate_expiry/longer_warning_period.yaml)
+> [View This Playbook](../../playbooks/openshift-checks/certificate_expiry/longer_warning_period.yaml)
### Long warning window and JSON report
@@ -307,14 +307,14 @@ the module out) and save the results as a JSON file:
**From git:**
```
-$ ansible-playbook -v -i HOSTS playbooks/byo/openshift-checks/certificate_expiry/longer-warning-period-json-results.yaml
+$ ansible-playbook -v -i HOSTS playbooks/openshift-checks/certificate_expiry/longer-warning-period-json-results.yaml
```
**From openshift-ansible-playbooks rpm:**
```
-$ ansible-playbook -v -i HOSTS /usr/share/ansible/openshift-ansible/playbooks/byo/openshift-checks/certificate_expiry/longer-warning-period-json-results.yaml
+$ ansible-playbook -v -i HOSTS /usr/share/ansible/openshift-ansible/playbooks/openshift-checks/certificate_expiry/longer-warning-period-json-results.yaml
```
-> [View This Playbook](../../playbooks/byo/openshift-checks/certificate_expiry/longer-warning-period-json-results.yaml)
+> [View This Playbook](../../playbooks/openshift-checks/certificate_expiry/longer-warning-period-json-results.yaml)
diff --git a/roles/openshift_certificate_expiry/meta/main.yml b/roles/openshift_certificate_expiry/meta/main.yml
index c13b29ba5..6758f5b36 100644
--- a/roles/openshift_certificate_expiry/meta/main.yml
+++ b/roles/openshift_certificate_expiry/meta/main.yml
@@ -13,4 +13,5 @@ galaxy_info:
categories:
- cloud
- system
-dependencies: []
+dependencies:
+- role: lib_utils
diff --git a/roles/openshift_cli/defaults/main.yml b/roles/openshift_cli/defaults/main.yml
index ed97d539c..631a0455e 100644
--- a/roles/openshift_cli/defaults/main.yml
+++ b/roles/openshift_cli/defaults/main.yml
@@ -1 +1,11 @@
---
+system_images_registry_dict:
+ openshift-enterprise: "registry.access.redhat.com"
+ origin: "docker.io"
+
+system_images_registry: "{{ system_images_registry_dict[openshift_deployment_type | default('origin')] }}"
+
+openshift_use_crio_only: False
+
+l_is_system_container_image: "{{ openshift_use_master_system_container | default(openshift_use_system_containers | default(False)) | bool }}"
+l_use_cli_atomic_image: "{{ openshift_use_crio_only or l_is_system_container_image }}"
diff --git a/roles/openshift_cli/library/openshift_container_binary_sync.py b/roles/openshift_cli/library/openshift_container_binary_sync.py
index b40c49701..440b8ec28 100644
--- a/roles/openshift_cli/library/openshift_container_binary_sync.py
+++ b/roles/openshift_cli/library/openshift_container_binary_sync.py
@@ -27,7 +27,7 @@ class BinarySyncError(Exception):
# pylint: disable=too-few-public-methods,too-many-instance-attributes
class BinarySyncer(object):
"""
- Syncs the openshift, oc, oadm, and kubectl binaries/symlinks out of
+ Syncs the openshift, oc, and kubectl binaries/symlinks out of
a container onto the host system.
"""
@@ -36,7 +36,7 @@ class BinarySyncer(object):
self.changed = False
self.output = []
self.bin_dir = '/usr/local/bin'
- self.image = image
+ self._image = image
self.tag = tag
self.backend = backend
self.temp_dir = None # TBD
@@ -108,7 +108,10 @@ class BinarySyncer(object):
# Ensure correct symlinks created:
self._sync_symlink('kubectl', 'openshift')
- self._sync_symlink('oadm', 'openshift')
+
+ # Remove old oadm binary
+ if os.path.exists(os.path.join(self.bin_dir, 'oadm')):
+ os.remove(os.path.join(self.bin_dir, 'oadm'))
def _sync_symlink(self, binary_name, link_to):
""" Ensure the given binary name exists and links to the expected binary. """
@@ -142,6 +145,33 @@ class BinarySyncer(object):
self.output.append("Moved %s to %s." % (src_path, dest_path))
self.changed = True
+ @property
+ def raw_image(self):
+ """
+ Returns the image as it was originally passed in to the instance.
+
+ .. note::
+ This image string will only work directly with the atomic command.
+
+ :returns: The original image passed in.
+ :rtype: str
+ """
+ return self._image
+
+ @property
+ def image(self):
+ """
+ Returns the image without atomic prefixes used to map to skopeo args.
+
+ :returns: The image string without prefixes
+ :rtype: str
+ """
+ image = self._image
+ for remove in ('oci:', 'http:', 'https:'):
+ if image.startswith(remove):
+ image = image.replace(remove, '')
+ return image
+
def main():
module = AnsibleModule( # noqa: F405
diff --git a/roles/openshift_cli/meta/main.yml b/roles/openshift_cli/meta/main.yml
index 29ed82783..e531543b9 100644
--- a/roles/openshift_cli/meta/main.yml
+++ b/roles/openshift_cli/meta/main.yml
@@ -12,6 +12,5 @@ galaxy_info:
categories:
- cloud
dependencies:
-- role: openshift_docker
- when: not skip_docker_role | default(False) | bool
- role: openshift_facts
+- role: lib_utils
diff --git a/roles/openshift_cli/tasks/main.yml b/roles/openshift_cli/tasks/main.yml
index 14d8a3325..68d82e436 100644
--- a/roles/openshift_cli/tasks/main.yml
+++ b/roles/openshift_cli/tasks/main.yml
@@ -1,24 +1,20 @@
---
-- set_fact:
- l_use_crio_only: "{{ openshift_use_crio_only | default(false) }}"
- l_is_system_container_image: "{{ openshift_use_master_system_container | default(openshift_use_system_containers | default(false)) | bool }}"
-- set_fact:
- l_use_cli_atomic_image: "{{ l_use_crio_only or l_is_system_container_image }}"
-
- name: Install clients
- package: name={{ openshift.common.service_type }}-clients state=present
+ package: name={{ openshift_service_type }}-clients{{ openshift_pkg_version | default('') }} state=present
when: not openshift.common.is_containerized | bool
+ register: result
+ until: result is succeeded
- block:
- name: Pull CLI Image
command: >
- docker pull {{ openshift.common.cli_image }}:{{ openshift_image_tag }}
+ docker pull {{ openshift_cli_image }}:{{ openshift_image_tag }}
register: pull_result
changed_when: "'Downloaded newer image' in pull_result.stdout"
- name: Copy client binaries/symlinks out of CLI image for use on the host
openshift_container_binary_sync:
- image: "{{ openshift.common.cli_image }}"
+ image: "{{ openshift_cli_image }}"
tag: "{{ openshift_image_tag }}"
backend: "docker"
when:
@@ -28,13 +24,13 @@
- block:
- name: Pull CLI Image
command: >
- atomic pull --storage ostree {{ 'docker:' if openshift.common.system_images_registry == 'docker' else openshift.common.system_images_registry + '/' }}{{ openshift.common.cli_image }}:{{ openshift_image_tag }}
+ atomic pull --storage ostree {{ 'docker:' if system_images_registry == 'docker' else system_images_registry + '/' }}{{ openshift_cli_image }}:{{ openshift_image_tag }}
register: pull_result
changed_when: "'Pulling layer' in pull_result.stdout"
- name: Copy client binaries/symlinks out of CLI image for use on the host
openshift_container_binary_sync:
- image: "{{ '' if openshift.common.system_images_registry == 'docker' else openshift.common.system_images_registry + '/' }}{{ openshift.common.cli_image }}"
+ image: "{{ '' if system_images_registry == 'docker' else system_images_registry + '/' }}{{ openshift_cli_image }}"
tag: "{{ openshift_image_tag }}"
backend: "atomic"
when:
@@ -47,3 +43,5 @@
- name: Install bash completion for oc tools
package: name=bash-completion state=present
when: not openshift.common.is_containerized | bool
+ register: result
+ until: result is succeeded
diff --git a/roles/openshift_clock/tasks/main.yaml b/roles/openshift_clock/tasks/main.yaml
index f8b02524a..cdacdd042 100644
--- a/roles/openshift_clock/tasks/main.yaml
+++ b/roles/openshift_clock/tasks/main.yaml
@@ -9,6 +9,8 @@
when:
- openshift_clock_enabled | bool
- chrony_installed.rc != 0
+ register: result
+ until: result is succeeded
- name: Start and enable ntpd/chronyd
command: timedatectl set-ntp true
diff --git a/roles/openshift_cloud_provider/meta/main.yml b/roles/openshift_cloud_provider/meta/main.yml
index 8ab95bf5a..e49cc4430 100644
--- a/roles/openshift_cloud_provider/meta/main.yml
+++ b/roles/openshift_cloud_provider/meta/main.yml
@@ -13,3 +13,4 @@ galaxy_info:
- cloud
dependencies:
- role: openshift_facts
+- role: lib_utils
diff --git a/roles/openshift_cloud_provider/tasks/main.yml b/roles/openshift_cloud_provider/tasks/main.yml
index ab3055c8b..dff492a69 100644
--- a/roles/openshift_cloud_provider/tasks/main.yml
+++ b/roles/openshift_cloud_provider/tasks/main.yml
@@ -11,11 +11,11 @@
state: directory
when: has_cloudprovider | bool
-- include: openstack.yml
+- include_tasks: openstack.yml
when: cloudprovider_is_openstack | bool
-- include: aws.yml
+- include_tasks: aws.yml
when: cloudprovider_is_aws | bool
-- include: gce.yml
+- include_tasks: gce.yml
when: cloudprovider_is_gce | bool
diff --git a/roles/openshift_cloud_provider/tasks/openstack.yml b/roles/openshift_cloud_provider/tasks/openstack.yml
index 5788e6d74..324630491 100644
--- a/roles/openshift_cloud_provider/tasks/openstack.yml
+++ b/roles/openshift_cloud_provider/tasks/openstack.yml
@@ -1,8 +1,4 @@
---
-- fail:
- msg: "The Openstack integration requires OpenShift Enterprise 3.2 or Origin 1.2."
- when: not openshift.common.version_gte_3_2_or_1_2 | bool
-
- name: Create cloud config
template:
dest: "{{ openshift.common.config_base }}/cloudprovider/openstack.conf"
diff --git a/roles/openshift_cluster_autoscaler/README.md b/roles/openshift_cluster_autoscaler/README.md
new file mode 100644
index 000000000..d775a8a71
--- /dev/null
+++ b/roles/openshift_cluster_autoscaler/README.md
@@ -0,0 +1,58 @@
+Openshift cluster autoscaler
+================================
+
+Install the cluster autoscaler
+
+Requirements
+------------
+
+* One or more Master servers
+* A cloud provider that supports the cluster-autoscaler
+
+Role Variables
+--------------
+Check defaults/main.yml
+
+Dependencies
+------------
+
+
+Example Playbook
+----------------
+
+#!/usr/bin/ansible-playbook
+```
+---
+- hosts: masters
+ gather_facts: no
+ remote_user: root
+ tasks:
+ - name: include role autoscaler
+ include_role:
+ name: openshift_cluster_autoscaler
+ vars:
+ openshift_clusterid: opstest
+ openshift_cluster_autoscaler_aws_key: <aws_key>
+ openshift_cluster_autoscaler_aws_secret_key: <aws_secret_key>
+```
+
+
+Notes
+-----
+
+This is currently experimental software. This role allows users to install the cluster-autoscaler and the necessary authorization pieces that allow the autoscaler to function.
+
+
+This feature requires cloud provider credentials or a serviceaccount that has access to scale up/down nodes within the scaling groups.
+
+https://github.com/kubernetes/autoscaler/tree/master/cluster-autoscaler
+
+License
+-------
+
+Apache License, Version 2.0
+
+Author Information
+------------------
+
+Openshift
diff --git a/roles/openshift_cluster_autoscaler/defaults/main.yml b/roles/openshift_cluster_autoscaler/defaults/main.yml
new file mode 100644
index 000000000..707e3c79b
--- /dev/null
+++ b/roles/openshift_cluster_autoscaler/defaults/main.yml
@@ -0,0 +1,40 @@
+---
+openshift_cluster_autoscaler_name: cluster-autoscaler
+openshift_cluster_autoscaler_version: 4
+
+openshift_cluster_autoscaler_template_location: /tmp
+openshift_cluster_autoscaler_template_name: "{{ openshift_cluster_autoscaler_name }}"
+
+openshift_cluster_autoscaler_node_selector:
+ type: infra
+
+openshift_cluster_autoscaler_state: present
+openshift_cluster_autoscaler_namespace: openshift-infra
+openshift_cluster_autoscaler_delete_config: True
+openshift_cluster_autoscaler_skip_nodes_local_storage: False
+openshift_cluster_autoscaler_serviceaccount: cluster-autoscaler
+openshift_cluster_autoscaler_region: us-east-1
+
+openshift_cluster_autoscaler_image: docker.io/openshift/kubernetes-autoscaler:v0.6.1
+
+openshift_cluster_autoscaler_cloud_provider: aws
+
+# AWS specific variables here
+openshift_cluster_autoscaler_aws_creds_name: aws-creds
+openshift_cluster_autoscaler_aws_secret_name: autoscaler-credentials
+openshift_cluster_autoscaler_aws_creds_path: "/var/run/secrets/{{ openshift_cluster_autoscaler_aws_creds_name }}/creds"
+openshift_cluster_autoscaler_aws_env_vars:
+- name: AWS_REGION
+ value: "{{ openshift_cluster_autoscaler_region }}"
+- name: AWS_SHARED_CREDENTIALS_FILE
+ value: "{{ openshift_cluster_autoscaler_aws_creds_path }}"
+
+## End AWS vars ##
+
+openshift_cluster_autoscaler_env_vars: []
+
+
+openshift_cluster_autoscaler_node_groups:
+- min: 3
+ max: 10
+ name: "{{ openshift_cluster_autoscaler_node_group_name | default(openshift_clusterid ~ ' openshift compute') }}"
diff --git a/roles/openshift_cluster_autoscaler/files/clusterrole.yml b/roles/openshift_cluster_autoscaler/files/clusterrole.yml
new file mode 100644
index 000000000..a4691888a
--- /dev/null
+++ b/roles/openshift_cluster_autoscaler/files/clusterrole.yml
@@ -0,0 +1,41 @@
+---
+apiVersion: v1
+kind: ClusterRole
+metadata:
+ name: system:cluster-autoscaler
+rules:
+- apiGroups:
+ - ""
+ resources:
+ - nodes
+ - persistentvolumeclaims
+ - persistentvolumes
+ - pods
+ - replicationcontrollers
+ - services
+ verbs:
+ - get
+ - list
+ - watch
+ attributeRestrictions: null
+- apiGroups:
+ - extensions
+ - apps
+ resources:
+ - daemonsets
+ - replicasets
+ - statefulsets
+ verbs:
+ - get
+ - list
+ - watch
+ attributeRestrictions: null
+- apiGroups:
+ - policy
+ resources:
+ - poddisruptionbudgets
+ verbs:
+ - get
+ - list
+ - watch
+ attributeRestrictions: null
diff --git a/roles/openshift_cluster_autoscaler/files/role.yml b/roles/openshift_cluster_autoscaler/files/role.yml
new file mode 100644
index 000000000..c2abb5435
--- /dev/null
+++ b/roles/openshift_cluster_autoscaler/files/role.yml
@@ -0,0 +1,33 @@
+---
+apiVersion: v1
+kind: Role
+metadata:
+ name: cluster-autoscaler
+rules:
+- apiGroups:
+ - ""
+ resources:
+ - configmaps
+ resourceNames:
+ - cluster-autoscaler
+ - cluster-autoscaler-status
+ verbs:
+ - create
+ - get
+ - patch
+ - update
+ attributeRestrictions: null
+- apiGroups:
+ - ""
+ resources:
+ - configmaps
+ verbs:
+ - create
+ attributeRestrictions: null
+- apiGroups:
+ - ""
+ resources:
+ - events
+ verbs:
+ - create
+ attributeRestrictions: null
diff --git a/roles/openshift_cluster_autoscaler/meta/main.yml b/roles/openshift_cluster_autoscaler/meta/main.yml
new file mode 100644
index 000000000..543eb6fed
--- /dev/null
+++ b/roles/openshift_cluster_autoscaler/meta/main.yml
@@ -0,0 +1,4 @@
+---
+dependencies:
+- lib_openshift
+- role: lib_utils
diff --git a/roles/openshift_cluster_autoscaler/tasks/aws.yml b/roles/openshift_cluster_autoscaler/tasks/aws.yml
new file mode 100644
index 000000000..f08e97ebc
--- /dev/null
+++ b/roles/openshift_cluster_autoscaler/tasks/aws.yml
@@ -0,0 +1,17 @@
+---
+- when: openshift_cluster_autoscaler_cloud_provider == 'aws'
+ block:
+ - name: laydown the aws-credentials
+ template:
+ src: aws-creds.j2
+ dest: "{{ openshift_cluster_autoscaler_template_location }}/{{ openshift_cluster_autoscaler_aws_creds_name }}"
+ when: openshift_cluster_autoscaler_state == 'present'
+
+ - name: create the aws creds secret
+ oc_secret:
+ state: "{{ openshift_cluster_autoscaler_state }}"
+ name: "{{ openshift_cluster_autoscaler_aws_secret_name }}"
+ namespace: "{{ openshift_cluster_autoscaler_namespace }}"
+ files:
+ - name: creds
+ path: "{{ openshift_cluster_autoscaler_template_location }}/{{ openshift_cluster_autoscaler_aws_creds_name }}"
diff --git a/roles/openshift_cluster_autoscaler/tasks/main.yml b/roles/openshift_cluster_autoscaler/tasks/main.yml
new file mode 100644
index 000000000..ca7dfb885
--- /dev/null
+++ b/roles/openshift_cluster_autoscaler/tasks/main.yml
@@ -0,0 +1,72 @@
+---
+- name: create the cluster-autoscaler serviceaccount
+ oc_serviceaccount:
+ name: "{{ openshift_cluster_autoscaler_serviceaccount }}"
+ namespace: "{{ openshift_cluster_autoscaler_namespace }}"
+ state: "{{ openshift_cluster_autoscaler_state }}"
+
+- name: copy the cluster-autoscaler files
+ copy:
+ src: "{{ item }}"
+ dest: "{{ openshift_cluster_autoscaler_template_location }}/{{ item }}"
+ with_items:
+ - clusterrole.yml
+ - role.yml
+ when: openshift_cluster_autoscaler_state == 'present'
+
+- name: "Ensure the cluster-autoscaler roles are {{ openshift_cluster_autoscaler_state }}"
+ oc_obj:
+ namespace: "{{ openshift_cluster_autoscaler_namespace }}"
+ state: "{{ openshift_cluster_autoscaler_state }}"
+ kind: "{{ item.type }}"
+ name: "{{ item.name }}"
+ delete_after: "{{ openshift_cluster_autoscaler_delete_config }}"
+ files:
+ - "{{ openshift_cluster_autoscaler_template_location }}/{{ item.fname }}"
+ with_items:
+ - fname: clusterrole.yml
+ type: clusterrole
+ name: "system:{{ openshift_cluster_autoscaler_name }}"
+ - fname: role.yml
+ type: role
+ name: "{{ openshift_cluster_autoscaler_name }}"
+
+- include_tasks: aws.yml
+ when: openshift_cluster_autoscaler_cloud_provider == 'aws'
+
+- name: create the policies
+ oc_adm_policy_user:
+ state: "{{ openshift_cluster_autoscaler_state }}"
+ user: "system:serviceaccount:openshift-infra:{{ openshift_cluster_autoscaler_serviceaccount }}"
+ namespace: "{{ openshift_cluster_autoscaler_namespace }}"
+ resource_kind: "{{ item.name }}"
+ resource_name: cluster-autoscaler
+ role_namespace: "{{ item.role_namespace | default(omit) }}"
+ with_items:
+ - name: cluster-role
+ - name: role
+ role_namespace: "{{ openshift_cluster_autoscaler_namespace }}"
+
+- name: "grant cluster-reader to {{ openshift_cluster_autoscaler_serviceaccount }}"
+ oc_adm_policy_user:
+ state: "{{ openshift_cluster_autoscaler_state }}"
+ user: "system:serviceaccount:{{ openshift_cluster_autoscaler_namespace }}:{{ openshift_cluster_autoscaler_serviceaccount }}"
+ namespace: "{{ openshift_cluster_autoscaler_namespace }}"
+ resource_name: cluster-reader
+ resource_kind: cluster-role
+
+- name: laydown the deployment file for cluster-autoscaler
+ template:
+ src: cluster-autoscaler.j2
+ dest: "{{ openshift_cluster_autoscaler_template_location }}/{{ openshift_cluster_autoscaler_template_name }}"
+ when: openshift_cluster_autoscaler_state == 'present'
+
+- name: "Ensure the cluster-autoscaler is {{ openshift_cluster_autoscaler_state }}"
+ oc_obj:
+ namespace: "{{ openshift_cluster_autoscaler_namespace }}"
+ state: "{{ openshift_cluster_autoscaler_state }}"
+ kind: deployment
+ name: "{{ openshift_cluster_autoscaler_name }}"
+ delete_after: "{{ openshift_cluster_autoscaler_delete_config }}"
+ files:
+ - "{{ openshift_cluster_autoscaler_template_location }}/{{ openshift_cluster_autoscaler_template_name }}"
diff --git a/roles/openshift_cluster_autoscaler/templates/aws-creds.j2 b/roles/openshift_cluster_autoscaler/templates/aws-creds.j2
new file mode 100644
index 000000000..28399e652
--- /dev/null
+++ b/roles/openshift_cluster_autoscaler/templates/aws-creds.j2
@@ -0,0 +1,3 @@
+[default]
+aws_access_key_id = {{ openshift_cluster_autoscaler_aws_key }}
+aws_secret_access_key = {{ openshift_cluster_autoscaler_aws_secret_key }}
diff --git a/roles/openshift_cluster_autoscaler/templates/cluster-autoscaler.j2 b/roles/openshift_cluster_autoscaler/templates/cluster-autoscaler.j2
new file mode 100644
index 000000000..f76bce37b
--- /dev/null
+++ b/roles/openshift_cluster_autoscaler/templates/cluster-autoscaler.j2
@@ -0,0 +1,58 @@
+---
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+ labels:
+ app: {{ openshift_cluster_autoscaler_name }}
+ name: {{ openshift_cluster_autoscaler_name }}
+ namespace: {{ openshift_cluster_autoscaler_namespace }}
+spec:
+ replicas: 1
+ selector:
+ matchLabels:
+ app: {{ openshift_cluster_autoscaler_name }}
+ role: infra
+ template:
+ metadata:
+ labels:
+ app: {{ openshift_cluster_autoscaler_name }}
+ role: infra
+ spec:
+ containers:
+ - args:
+ - --alsologtostderr
+ - --v={{ openshift_cluster_autoscaler_version }}
+ - --skip-nodes-with-local-storage={{ openshift_cluster_autoscaler_skip_nodes_local_storage }}
+ - --leader-elect-resource-lock=configmaps
+ - --namespace={{ openshift_cluster_autoscaler_namespace }}
+{% if openshift_cluster_autoscaler_scale_down_delay is defined %}
+ - --scale-down-delay={{ openshift_cluster_autoscaler_scale_down_delay }}
+{% endif %}
+ - --cloud-provider={{ openshift_cluster_autoscaler_cloud_provider }}
+{% for group in openshift_cluster_autoscaler_node_groups %}
+ - --nodes={{ group.min }}:{{ group.max }}:{{ group.name }}
+{% endfor %}
+{% if openshift_cluster_autoscaler_cloud_provider == 'aws' %}
+ env: {{ openshift_cluster_autoscaler_aws_env_vars | union(openshift_cluster_autoscaler_env_vars) | to_json }}
+{% else %}
+ env: {{ openshift_cluster_autoscaler_env_vars }}
+{% endif %}
+ image: {{ openshift_cluster_autoscaler_image }}
+ name: autoscaler
+{% if openshift_cluster_autoscaler_cloud_provider == 'aws' %}
+ volumeMounts:
+ - mountPath: {{ openshift_cluster_autoscaler_aws_creds_path | dirname }}
+ name: {{ openshift_cluster_autoscaler_aws_creds_name }}
+ readOnly: true
+{% endif %}
+ nodeSelector: {{ openshift_cluster_autoscaler_node_selector | to_json }}
+ dnsPolicy: ClusterFirst
+ serviceAccountName: {{ openshift_cluster_autoscaler_serviceaccount }}
+ terminationGracePeriodSeconds: 30
+{% if openshift_cluster_autoscaler_cloud_provider == 'aws' %}
+ volumes:
+ - name: {{ openshift_cluster_autoscaler_aws_creds_name }}
+ secret:
+ defaultMode: 420
+ secretName: {{ openshift_cluster_autoscaler_aws_secret_name }}
+{% endif %}
diff --git a/roles/openshift_default_storage_class/meta/main.yml b/roles/openshift_default_storage_class/meta/main.yml
index d7d57fe39..30671a59a 100644
--- a/roles/openshift_default_storage_class/meta/main.yml
+++ b/roles/openshift_default_storage_class/meta/main.yml
@@ -13,3 +13,4 @@ galaxy_info:
- cloud
dependencies:
- role: lib_openshift
+- role: lib_utils
diff --git a/roles/openshift_docker/defaults/main.yml b/roles/openshift_docker/defaults/main.yml
deleted file mode 100644
index ed97d539c..000000000
--- a/roles/openshift_docker/defaults/main.yml
+++ /dev/null
@@ -1 +0,0 @@
----
diff --git a/roles/openshift_docker/meta/main.yml b/roles/openshift_docker/meta/main.yml
deleted file mode 100644
index 60efd4e45..000000000
--- a/roles/openshift_docker/meta/main.yml
+++ /dev/null
@@ -1,16 +0,0 @@
----
-galaxy_info:
- author: Jason DeTiberus
- description: OpenShift Docker
- company: Red Hat, Inc.
- license: Apache License, Version 2.0
- min_ansible_version: 1.9
- platforms:
- - name: EL
- versions:
- - 7
- categories:
- - cloud
-dependencies:
-- role: openshift_docker_facts
-- role: docker
diff --git a/roles/openshift_docker/tasks/main.yml b/roles/openshift_docker/tasks/main.yml
deleted file mode 100644
index ed97d539c..000000000
--- a/roles/openshift_docker/tasks/main.yml
+++ /dev/null
@@ -1 +0,0 @@
----
diff --git a/roles/openshift_docker_facts/defaults/main.yml b/roles/openshift_docker_facts/defaults/main.yml
deleted file mode 100644
index ed97d539c..000000000
--- a/roles/openshift_docker_facts/defaults/main.yml
+++ /dev/null
@@ -1 +0,0 @@
----
diff --git a/roles/openshift_docker_facts/meta/main.yml b/roles/openshift_docker_facts/meta/main.yml
deleted file mode 100644
index 5b1be7a8d..000000000
--- a/roles/openshift_docker_facts/meta/main.yml
+++ /dev/null
@@ -1,15 +0,0 @@
----
-galaxy_info:
- author: Jason DeTiberus
- description: OpenShift Docker Facts
- company: Red Hat, Inc.
- license: Apache License, Version 2.0
- min_ansible_version: 1.9
- platforms:
- - name: EL
- versions:
- - 7
- categories:
- - cloud
-dependencies:
-- { role: openshift_facts }
diff --git a/roles/openshift_docker_facts/tasks/main.yml b/roles/openshift_docker_facts/tasks/main.yml
deleted file mode 100644
index 5a3e50678..000000000
--- a/roles/openshift_docker_facts/tasks/main.yml
+++ /dev/null
@@ -1,39 +0,0 @@
----
-- name: Set docker facts
- openshift_facts:
- role: "{{ item.role }}"
- local_facts: "{{ item.local_facts }}"
- with_items:
- - role: docker
- local_facts:
- selinux_enabled: "{{ openshift_docker_selinux_enabled | default(None) }}"
- log_driver: "{{ openshift_docker_log_driver | default(None) }}"
- log_options: "{{ openshift_docker_log_options | default(None) }}"
- options: "{{ openshift_docker_options | default(None) }}"
- disable_push_dockerhub: "{{ openshift_disable_push_dockerhub | default(None) }}"
- hosted_registry_insecure: "{{ openshift_docker_hosted_registry_insecure | default(openshift.docker.hosted_registry_insecure | default(False)) }}"
- hosted_registry_network: "{{ openshift_docker_hosted_registry_network | default(None) }}"
- use_system_container: "{{ openshift_docker_use_system_container | default(False) }}"
- use_crio: "{{ openshift_use_crio | default(False) }}"
- - role: node
- local_facts:
- sdn_mtu: "{{ openshift_node_sdn_mtu | default(None) }}"
-
-- set_fact:
- docker_selinux_enabled: "{{ openshift.docker.selinux_enabled | default(omit) }}"
- docker_log_driver: "{{ openshift.docker.log_driver | default(omit) }}"
- docker_log_options: "{{ openshift.docker.log_options | default(omit) }}"
- docker_push_dockerhub: "{{ openshift.docker.disable_push_dockerhub
- | default(omit) }}"
- docker_http_proxy: "{{ openshift.common.http_proxy | default(omit) }}"
- docker_https_proxy: "{{ openshift.common.https_proxy | default(omit) }}"
- docker_no_proxy: "{{ openshift.common.no_proxy | default(omit) }}"
-
-- set_fact:
- docker_options: "--insecure-registry={{ openshift.docker.hosted_registry_network }} {{ openshift.docker.options | default ('') }}"
- when: openshift.docker.hosted_registry_insecure | default(False) | bool and openshift.docker.hosted_registry_network is defined
- register: hosted_registry_options
-
-- set_fact:
- docker_options: "{{ openshift.docker.options | default(omit) }}"
- when: hosted_registry_options | skipped
diff --git a/roles/openshift_docker_facts/vars/main.yml b/roles/openshift_docker_facts/vars/main.yml
deleted file mode 100644
index 55c04b0c1..000000000
--- a/roles/openshift_docker_facts/vars/main.yml
+++ /dev/null
@@ -1,2 +0,0 @@
----
-repoquery_cmd: "{{ 'dnf repoquery --latest-limit 1 -d 0' if ansible_pkg_mgr == 'dnf' else 'repoquery --plugins' }}"
diff --git a/roles/openshift_docker_gc/meta/main.yml b/roles/openshift_docker_gc/meta/main.yml
index f88a7c533..c8472d8bc 100644
--- a/roles/openshift_docker_gc/meta/main.yml
+++ b/roles/openshift_docker_gc/meta/main.yml
@@ -11,3 +11,4 @@ galaxy_info:
- 7
dependencies:
- role: lib_openshift
+- role: lib_utils
diff --git a/roles/openshift_docker_gc/templates/dockergc-ds.yaml.j2 b/roles/openshift_docker_gc/templates/dockergc-ds.yaml.j2
index 53e8b448b..3d51abc52 100644
--- a/roles/openshift_docker_gc/templates/dockergc-ds.yaml.j2
+++ b/roles/openshift_docker_gc/templates/dockergc-ds.yaml.j2
@@ -5,7 +5,7 @@ items:
kind: ServiceAccount
metadata:
name: dockergc
- # You must grant privileged via: oadm policy add-scc-to-user -z dockergc privileged
+ # You must grant privileged via: oc adm policy add-scc-to-user -z dockergc privileged
# in order for the dockergc to access the docker socket and root directory
- apiVersion: extensions/v1beta1
kind: DaemonSet
diff --git a/roles/openshift_etcd/meta/main.yml b/roles/openshift_etcd/meta/main.yml
index de36b201b..25ae6a936 100644
--- a/roles/openshift_etcd/meta/main.yml
+++ b/roles/openshift_etcd/meta/main.yml
@@ -13,7 +13,5 @@ galaxy_info:
- cloud
dependencies:
- role: openshift_etcd_facts
-- role: openshift_clock
-- role: openshift_docker
- when: openshift.common.is_containerized | bool
- role: etcd
+- role: lib_utils
diff --git a/roles/openshift_etcd_client_certificates/meta/main.yml b/roles/openshift_etcd_client_certificates/meta/main.yml
index fbc72c8a3..6c79d345c 100644
--- a/roles/openshift_etcd_client_certificates/meta/main.yml
+++ b/roles/openshift_etcd_client_certificates/meta/main.yml
@@ -11,4 +11,5 @@ galaxy_info:
- 7
categories:
- cloud
-dependencies: []
+dependencies:
+- role: lib_utils
diff --git a/roles/openshift_etcd_facts/meta/main.yml b/roles/openshift_etcd_facts/meta/main.yml
index 925aa9f92..5e64a8596 100644
--- a/roles/openshift_etcd_facts/meta/main.yml
+++ b/roles/openshift_etcd_facts/meta/main.yml
@@ -13,3 +13,4 @@ galaxy_info:
- cloud
dependencies:
- role: openshift_facts
+- role: lib_utils
diff --git a/roles/openshift_etcd_facts/tasks/main.yml b/roles/openshift_etcd_facts/tasks/main.yml
index 22fb39006..ed97d539c 100644
--- a/roles/openshift_etcd_facts/tasks/main.yml
+++ b/roles/openshift_etcd_facts/tasks/main.yml
@@ -1,5 +1 @@
---
-- openshift_facts:
- role: etcd
- local_facts:
- etcd_image: "{{ osm_etcd_image | default(None) }}"
diff --git a/roles/openshift_examples/defaults/main.yml b/roles/openshift_examples/defaults/main.yml
index fc4b56bbf..e623b33f3 100644
--- a/roles/openshift_examples/defaults/main.yml
+++ b/roles/openshift_examples/defaults/main.yml
@@ -10,10 +10,12 @@ content_version: "{{ openshift.common.examples_content_version }}"
examples_base: "{{ openshift.common.config_base if openshift.common.is_containerized | bool else '/usr/share/openshift' }}/examples"
image_streams_base: "{{ examples_base }}/image-streams"
-centos_image_streams: "{{ image_streams_base}}/image-streams-centos7.json"
+centos_image_streams:
+ - "{{ image_streams_base }}/image-streams-centos7.json"
+ - "{{ image_streams_base }}/dotnet_imagestreams_centos.json"
rhel_image_streams:
- - "{{ image_streams_base}}/image-streams-rhel7.json"
- - "{{ image_streams_base}}/dotnet_imagestreams.json"
+ - "{{ image_streams_base }}/image-streams-rhel7.json"
+ - "{{ image_streams_base }}/dotnet_imagestreams.json"
db_templates_base: "{{ examples_base }}/db-templates"
xpaas_image_streams: "{{ examples_base }}/xpaas-streams/"
xpaas_templates_base: "{{ examples_base }}/xpaas-templates"
diff --git a/roles/openshift_examples/examples-sync.sh b/roles/openshift_examples/examples-sync.sh
index 1a14c32f5..68a0e8857 100755
--- a/roles/openshift_examples/examples-sync.sh
+++ b/roles/openshift_examples/examples-sync.sh
@@ -5,7 +5,7 @@
#
# This script should be run from openshift-ansible/roles/openshift_examples
-XPAAS_VERSION=ose-v1.4.5
+XPAAS_VERSION=ose-v1.4.7
ORIGIN_VERSION=${1:-v3.7}
RHAMP_TAG=2.0.0.GA
EXAMPLES_BASE=$(pwd)/files/examples/${ORIGIN_VERSION}
@@ -38,6 +38,7 @@ find 3scale-amp-openshift-templates-${RHAMP_TAG}/ -name '*.yml' -exec mv {} ${EX
popd
wget https://raw.githubusercontent.com/redhat-developer/s2i-dotnetcore/master/dotnet_imagestreams.json -O ${EXAMPLES_BASE}/image-streams/dotnet_imagestreams.json
+wget https://raw.githubusercontent.com/redhat-developer/s2i-dotnetcore/master/dotnet_imagestreams_centos.json -O ${EXAMPLES_BASE}/image-streams/dotnet_imagestreams_centos.json
wget https://raw.githubusercontent.com/redhat-developer/s2i-dotnetcore/master/templates/dotnet-example.json -O ${EXAMPLES_BASE}/quickstart-templates/dotnet-example.json
wget https://raw.githubusercontent.com/redhat-developer/s2i-dotnetcore/master/templates/dotnet-pgsql-persistent.json -O ${EXAMPLES_BASE}/quickstart-templates/dotnet-pgsql-persistent.json
wget https://raw.githubusercontent.com/redhat-developer/s2i-dotnetcore/master/templates/dotnet-runtime-example.json -O ${EXAMPLES_BASE}/quickstart-templates/dotnet-runtime-example.json
diff --git a/roles/openshift_examples/files/examples/latest b/roles/openshift_examples/files/examples/latest
index 7658d1015..8cad94b63 120000
--- a/roles/openshift_examples/files/examples/latest
+++ b/roles/openshift_examples/files/examples/latest
@@ -1 +1 @@
-v3.7 \ No newline at end of file
+v3.9 \ No newline at end of file
diff --git a/roles/openshift_examples/files/examples/v1.5/image-streams/dotnet_imagestreams_centos.json b/roles/openshift_examples/files/examples/v1.5/image-streams/dotnet_imagestreams_centos.json
new file mode 100644
index 000000000..79afc355b
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.5/image-streams/dotnet_imagestreams_centos.json
@@ -0,0 +1,104 @@
+{
+ "kind": "ImageStreamList",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "dotnet-image-streams",
+ "annotations": {
+ "description": "ImageStream definitions for .NET Core on CentOS"
+ }
+ },
+ "items": [
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "dotnet",
+ "annotations": {
+ "openshift.io/display-name": ".NET Core Builder Images"
+ }
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "latest",
+ "annotations": {
+ "openshift.io/display-name": ".NET Core (Latest)",
+ "description": "Build and run .NET Core applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/redhat-developer/s2i-dotnetcore/tree/master/2.0/build/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of .NET Core available on OpenShift, including major versions updates.",
+ "iconClass": "icon-dotnet",
+ "tags": "builder,.net,dotnet,dotnetcore",
+ "supports":"dotnet",
+ "sampleRepo": "https://github.com/redhat-developer/s2i-dotnetcore-ex.git",
+ "sampleContextDir": "app",
+ "sampleRef": "dotnetcore-2.0"
+ },
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "2.0"
+ }
+ },
+ {
+ "name": "2.0",
+ "annotations": {
+ "openshift.io/display-name": ".NET Core 2.0",
+ "description": "Build and run .NET Core 2.0 applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/redhat-developer/s2i-dotnetcore/tree/master/2.0/build/README.md.",
+ "iconClass": "icon-dotnet",
+ "tags": "builder,.net,dotnet,dotnetcore,rh-dotnet20",
+ "supports":"dotnet:2.0,dotnet",
+ "sampleRepo": "https://github.com/redhat-developer/s2i-dotnetcore-ex.git",
+ "sampleContextDir": "app",
+ "sampleRef": "dotnetcore-2.0",
+ "version": "2.0"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.centos.org/dotnet/dotnet-20-centos7:latest"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "dotnet-runtime",
+ "annotations": {
+ "openshift.io/display-name": ".NET Core Runtime Images"
+ }
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "latest",
+ "annotations": {
+ "openshift.io/display-name": ".NET Core Runtime (Latest)",
+ "description": "Run .NET Core applications on CentOS 7. For more information about using this image, including OpenShift considerations, see https://github.com/redhat-developer/s2i-dotnetcore/tree/master/2.0/runtime/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of .NET Core Runtime available on OpenShift, including major versions updates.",
+ "iconClass": "icon-dotnet",
+ "tags": "runtime,.net-runtime,dotnet-runtime,dotnetcore-runtime",
+ "supports":"dotnet-runtime"
+ },
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "2.0"
+ }
+ },
+ {
+ "name": "2.0",
+ "annotations": {
+ "openshift.io/display-name": ".NET Core 2.0 Runtime",
+ "description": "Run .NET Core applications on CentOS 7. For more information about using this image, including OpenShift considerations, see https://github.com/redhat-developer/s2i-dotnetcore/tree/master/2.0/runtime/README.md.",
+ "iconClass": "icon-dotnet",
+ "tags": "runtime,.net-runtime,dotnet-runtime,dotnetcore-runtime",
+ "supports":"dotnet-runtime",
+ "version": "2.0"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.centos.org/dotnet/dotnet-20-runtime-centos7:latest"
+ }
+ }
+ ]
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.6/image-streams/dotnet_imagestreams_centos.json b/roles/openshift_examples/files/examples/v3.6/image-streams/dotnet_imagestreams_centos.json
new file mode 100644
index 000000000..79afc355b
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.6/image-streams/dotnet_imagestreams_centos.json
@@ -0,0 +1,104 @@
+{
+ "kind": "ImageStreamList",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "dotnet-image-streams",
+ "annotations": {
+ "description": "ImageStream definitions for .NET Core on CentOS"
+ }
+ },
+ "items": [
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "dotnet",
+ "annotations": {
+ "openshift.io/display-name": ".NET Core Builder Images"
+ }
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "latest",
+ "annotations": {
+ "openshift.io/display-name": ".NET Core (Latest)",
+ "description": "Build and run .NET Core applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/redhat-developer/s2i-dotnetcore/tree/master/2.0/build/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of .NET Core available on OpenShift, including major versions updates.",
+ "iconClass": "icon-dotnet",
+ "tags": "builder,.net,dotnet,dotnetcore",
+ "supports":"dotnet",
+ "sampleRepo": "https://github.com/redhat-developer/s2i-dotnetcore-ex.git",
+ "sampleContextDir": "app",
+ "sampleRef": "dotnetcore-2.0"
+ },
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "2.0"
+ }
+ },
+ {
+ "name": "2.0",
+ "annotations": {
+ "openshift.io/display-name": ".NET Core 2.0",
+ "description": "Build and run .NET Core 2.0 applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/redhat-developer/s2i-dotnetcore/tree/master/2.0/build/README.md.",
+ "iconClass": "icon-dotnet",
+ "tags": "builder,.net,dotnet,dotnetcore,rh-dotnet20",
+ "supports":"dotnet:2.0,dotnet",
+ "sampleRepo": "https://github.com/redhat-developer/s2i-dotnetcore-ex.git",
+ "sampleContextDir": "app",
+ "sampleRef": "dotnetcore-2.0",
+ "version": "2.0"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.centos.org/dotnet/dotnet-20-centos7:latest"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "dotnet-runtime",
+ "annotations": {
+ "openshift.io/display-name": ".NET Core Runtime Images"
+ }
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "latest",
+ "annotations": {
+ "openshift.io/display-name": ".NET Core Runtime (Latest)",
+ "description": "Run .NET Core applications on CentOS 7. For more information about using this image, including OpenShift considerations, see https://github.com/redhat-developer/s2i-dotnetcore/tree/master/2.0/runtime/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of .NET Core Runtime available on OpenShift, including major versions updates.",
+ "iconClass": "icon-dotnet",
+ "tags": "runtime,.net-runtime,dotnet-runtime,dotnetcore-runtime",
+ "supports":"dotnet-runtime"
+ },
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "2.0"
+ }
+ },
+ {
+ "name": "2.0",
+ "annotations": {
+ "openshift.io/display-name": ".NET Core 2.0 Runtime",
+ "description": "Run .NET Core applications on CentOS 7. For more information about using this image, including OpenShift considerations, see https://github.com/redhat-developer/s2i-dotnetcore/tree/master/2.0/runtime/README.md.",
+ "iconClass": "icon-dotnet",
+ "tags": "runtime,.net-runtime,dotnet-runtime,dotnetcore-runtime",
+ "supports":"dotnet-runtime",
+ "version": "2.0"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.centos.org/dotnet/dotnet-20-runtime-centos7:latest"
+ }
+ }
+ ]
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-streams/jboss-image-streams.json b/roles/openshift_examples/files/examples/v3.6/xpaas-streams/jboss-image-streams.json
index 0bb56452b..af66b9ea4 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-streams/jboss-image-streams.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-streams/jboss-image-streams.json
@@ -31,6 +31,10 @@
"sampleContextDir": "tomcat-websocket-chat",
"version": "1.1",
"openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 7"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-webserver-3/webserver30-tomcat7-openshift:1.1"
}
},
{
@@ -44,6 +48,10 @@
"sampleContextDir": "tomcat-websocket-chat",
"version": "1.2",
"openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 7"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-webserver-3/webserver30-tomcat7-openshift:1.2"
}
},
{
@@ -56,6 +64,10 @@
"sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"sampleContextDir": "tomcat-websocket-chat",
"version": "1.3"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-webserver-3/webserver30-tomcat7-openshift:1.3"
}
}
]
@@ -84,6 +96,10 @@
"sampleContextDir": "tomcat-websocket-chat",
"version": "1.1",
"openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 8"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-webserver-3/webserver30-tomcat8-openshift:1.1"
}
},
{
@@ -97,6 +113,10 @@
"sampleContextDir": "tomcat-websocket-chat",
"version": "1.2",
"openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 8"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-webserver-3/webserver30-tomcat8-openshift:1.2"
}
},
{
@@ -109,6 +129,10 @@
"sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"sampleContextDir": "tomcat-websocket-chat",
"version": "1.3"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-webserver-3/webserver30-tomcat8-openshift:1.3"
}
}
]
@@ -137,6 +161,10 @@
"sampleContextDir": "tomcat-websocket-chat",
"version": "1.0",
"openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 7"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-webserver-3/webserver31-tomcat7-openshift:1.0"
}
}
]
@@ -165,6 +193,10 @@
"sampleContextDir": "tomcat-websocket-chat",
"version": "1.0",
"openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 8"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-webserver-3/webserver31-tomcat8-openshift:1.0"
}
}
]
@@ -194,6 +226,10 @@
"sampleRef": "6.4.x",
"version": "1.1",
"openshift.io/display-name": "Red Hat JBoss EAP 6.4"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-eap-6/eap64-openshift:1.1"
}
},
{
@@ -208,6 +244,10 @@
"sampleRef": "6.4.x",
"version": "1.2",
"openshift.io/display-name": "Red Hat JBoss EAP 6.4"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-eap-6/eap64-openshift:1.2"
}
},
{
@@ -222,6 +262,10 @@
"sampleRef": "6.4.x",
"version": "1.3",
"openshift.io/display-name": "Red Hat JBoss EAP 6.4"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-eap-6/eap64-openshift:1.3"
}
},
{
@@ -236,6 +280,10 @@
"sampleRef": "6.4.x",
"version": "1.4",
"openshift.io/display-name": "Red Hat JBoss EAP 6.4"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-eap-6/eap64-openshift:1.4"
}
},
{
@@ -248,7 +296,12 @@
"sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
"sampleContextDir": "kitchensink",
"sampleRef": "6.4.x",
- "version": "1.5"
+ "version": "1.5",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-eap-6/eap64-openshift:1.5"
}
}
]
@@ -278,6 +331,10 @@
"sampleRef": "7.0.0.GA",
"version": "1.3",
"openshift.io/display-name": "Red Hat JBoss EAP 7.0"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-eap-7/eap70-openshift:1.3"
}
},
{
@@ -292,6 +349,10 @@
"sampleRef": "7.0.0.GA",
"version": "1.4",
"openshift.io/display-name": "Red Hat JBoss EAP 7.0"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-eap-7/eap70-openshift:1.4"
}
},
{
@@ -304,7 +365,44 @@
"sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
"sampleContextDir": "kitchensink",
"sampleRef": "7.0.0.GA",
- "version": "1.5"
+ "version": "1.5",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-eap-7/eap70-openshift:1.5"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jboss-eap71-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.1"
+ }
+ },
+ "spec": {
+ "dockerImageRepository": "registry.access.redhat.com/jboss-eap-7/eap71-openshift",
+ "tags": [
+ {
+ "name": "1.0-TP",
+ "annotations": {
+ "description": "JBoss EAP 7.1 Tech Preview.",
+ "iconClass": "icon-jboss",
+ "tags": "builder,eap,javaee,java,jboss,xpaas",
+ "supports":"eap:7.1,javaee:7,java:8,xpaas:1.0",
+ "sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
+ "sampleContextDir": "kitchensink",
+ "sampleRef": "7.0.0.GA",
+ "version": "1.0"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-eap-7-tech-preview/eap71-openshift:1.0"
}
}
]
@@ -334,6 +432,10 @@
"sampleRef": "1.2",
"version": "1.2",
"openshift.io/display-name": "Red Hat JBoss BRMS 6.2 decision server"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-decisionserver-6/decisionserver62-openshift:1.2"
}
}
]
@@ -363,6 +465,10 @@
"sampleRef": "1.3",
"version": "1.3",
"openshift.io/display-name": "Red Hat JBoss BRMS 6.3 decision server"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-decisionserver-6/decisionserver63-openshift:1.3"
}
},
{
@@ -375,7 +481,12 @@
"sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"sampleContextDir": "decisionserver/hellorules",
"sampleRef": "1.3",
- "version": "1.4"
+ "version": "1.4",
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.3 decision server"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-decisionserver-6/decisionserver63-openshift:1.4"
}
}
]
@@ -400,7 +511,12 @@
"sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"sampleContextDir": "decisionserver/hellorules",
"sampleRef": "1.3",
- "version": "1.0"
+ "version": "1.0",
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.4 decision server"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-decisionserver-6/decisionserver64-openshift:1.0"
}
}
]
@@ -430,6 +546,10 @@
"sampleRef": "1.3",
"version": "1.3",
"openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-processserver-6/processserver63-openshift:1.3"
}
},
{
@@ -442,7 +562,12 @@
"sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"sampleContextDir": "processserver/library",
"sampleRef": "1.3",
- "version": "1.4"
+ "version": "1.4",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-processserver-6/processserver63-openshift:1.4"
}
}
]
@@ -467,7 +592,12 @@
"sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"sampleContextDir": "processserver/library",
"sampleRef": "1.3",
- "version": "1.0"
+ "version": "1.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.4 intelligent process server"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-processserver-6/processserver64-openshift:1.0"
}
}
]
@@ -494,6 +624,10 @@
"supports": "datagrid:6.5,xpaas:1.2",
"version": "1.2",
"openshift.io/display-name": "Red Hat JBoss Data Grid 6.5"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-datagrid-6/datagrid65-openshift:1.2"
}
},
{
@@ -505,6 +639,10 @@
"supports": "datagrid:6.5,xpaas:1.4",
"version": "1.3",
"openshift.io/display-name": "Red Hat JBoss Data Grid 6.5"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-datagrid-6/datagrid65-openshift:1.3"
}
},
{
@@ -514,7 +652,42 @@
"iconClass": "icon-jboss",
"tags": "datagrid,jboss,xpaas",
"supports":"datagrid:6.5,xpaas:1.4",
- "version": "1.4"
+ "version": "1.4",
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-datagrid-6/datagrid65-openshift:1.4"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jboss-datagrid71-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 7.1"
+ }
+ },
+ "spec": {
+ "dockerImageRepository": "registry.access.redhat.com/jboss-datagrid-7/datagrid71-openshift",
+ "tags": [
+ {
+ "name": "1.0",
+ "annotations": {
+ "description": "JBoss Data Grid 7.1 S2I images.",
+ "iconClass": "icon-jboss",
+ "tags": "datagrid,jboss,xpaas",
+ "supports": "datagrid:7.1,xpaas:1.0",
+ "version": "1.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 7.1"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-datagrid-7/datagrid71-openshift:1.0"
}
}
]
@@ -540,6 +713,39 @@
"tags": "client,jboss,xpaas",
"version": "1.0",
"openshift.io/display-name": "Red Hat JBoss Data Grid 6.5 Client Modules for EAP"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-datagrid-6/datagrid65-client-openshift:1.0"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jboss-datagrid71-client-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 7.1 Client Modules for EAP"
+ }
+ },
+ "spec": {
+ "dockerImageRepository": "registry.access.redhat.com/jboss-datagrid-7/datagrid71-client-openshift",
+ "tags": [
+ {
+ "name": "1.0",
+ "annotations": {
+ "description": "JBoss Data Grid 7.1 Client Modules for EAP.",
+ "iconClass": "icon-jboss",
+ "tags": "client,jboss,xpaas",
+ "version": "1.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 7.1 Client Modules for EAP"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-datagrid-7/datagrid71-client-openshift:1.0"
}
}
]
@@ -566,6 +772,10 @@
"supports": "datavirt:6.3,xpaas:1.4",
"version": "1.0",
"openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.3"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-datavirt-6/datavirt63-openshift:1.0"
}
},
{
@@ -577,6 +787,10 @@
"supports": "datavirt:6.3,xpaas:1.4",
"version": "1.1",
"openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.3"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-datavirt-6/datavirt63-openshift:1.1"
}
},
{
@@ -586,7 +800,12 @@
"iconClass": "icon-jboss",
"tags": "datavirt,jboss,xpaas",
"supports":"datavirt:6.3,xpaas:1.4",
- "version": "1.2"
+ "version": "1.2",
+ "openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.3"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-datavirt-6/datavirt63-openshift:1.2"
}
}
]
@@ -612,6 +831,10 @@
"tags": "client,jboss,xpaas",
"version": "1.0",
"openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.5 JDBC Driver Modules for EAP"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-datavirt-6/datavirt63-driver-openshift:1.0"
}
}
]
@@ -638,6 +861,10 @@
"supports": "amq:6.2,messaging,xpaas:1.1",
"version": "1.1",
"openshift.io/display-name": "Red Hat JBoss A-MQ 6.2"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-amq-6/amq62-openshift:1.1"
}
},
{
@@ -649,6 +876,10 @@
"supports": "amq:6.2,messaging,xpaas:1.2",
"version": "1.2",
"openshift.io/display-name": "Red Hat JBoss A-MQ 6.2"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-amq-6/amq62-openshift:1.2"
}
},
{
@@ -660,6 +891,10 @@
"supports": "amq:6.2,messaging,xpaas:1.3",
"version": "1.3",
"openshift.io/display-name": "Red Hat JBoss A-MQ 6.2"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-amq-6/amq62-openshift:1.3"
}
},
{
@@ -669,7 +904,27 @@
"iconClass": "icon-jboss",
"tags": "messaging,amq,jboss,xpaas",
"supports":"amq:6.2,messaging,xpaas:1.4",
- "version": "1.4"
+ "version": "1.4",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.2"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-amq-6/amq62-openshift:1.4"
+ }
+ },
+ {
+ "name": "1.5",
+ "annotations": {
+ "description": "JBoss A-MQ 6.2 broker image.",
+ "iconClass": "icon-jboss",
+ "tags": "messaging,amq,jboss,xpaas",
+ "supports":"amq:6.2,messaging,xpaas:1.5",
+ "version": "1.5",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.2"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-amq-6/amq62-openshift:1.5"
}
}
]
@@ -696,6 +951,25 @@
"supports": "amq:6.3,messaging,xpaas:1.0",
"version": "1.0",
"openshift.io/display-name": "Red Hat JBoss A-MQ 6.3"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-amq-6/amq63-openshift:1.0"
+ }
+ },
+ {
+ "name": "1.1",
+ "annotations": {
+ "description": "JBoss A-MQ 6.3 broker image.",
+ "iconClass": "icon-jboss",
+ "tags": "messaging,amq,jboss,xpaas",
+ "supports": "amq:6.3,messaging,xpaas:1.1",
+ "version": "1.1",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.3"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-amq-6/amq63-openshift:1.1"
}
}
]
@@ -723,6 +997,10 @@
"supports": "sso:7.0,xpaas:1.3",
"version": "1.3",
"openshift.io/display-name": "Red Hat Single Sign-On 7.0"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/redhat-sso-7/sso70-openshift:1.3"
}
},
{
@@ -734,6 +1012,10 @@
"supports": "sso:7.0,xpaas:1.4",
"version": "1.4",
"openshift.io/display-name": "Red Hat Single Sign-On 7.0"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/redhat-sso-7/sso70-openshift:1.4"
}
}
]
@@ -761,6 +1043,10 @@
"supports": "sso:7.1,xpaas:1.4",
"version": "1.0",
"openshift.io/display-name": "Red Hat Single Sign-On 7.1"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/redhat-sso-7/sso71-openshift:1.0"
}
},
{
@@ -772,6 +1058,10 @@
"supports": "sso:7.1,xpaas:1.4",
"version": "1.1",
"openshift.io/display-name": "Red Hat Single Sign-On 7.1"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/redhat-sso-7/sso71-openshift:1.1"
}
}
]
@@ -800,6 +1090,10 @@
"sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts",
"sampleContextDir": "undertow-servlet",
"version": "1.0"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/redhat-openjdk-18/openjdk18-openshift:1.0"
}
},
{
@@ -813,6 +1107,10 @@
"sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts",
"sampleContextDir": "undertow-servlet",
"version": "1.1"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/redhat-openjdk-18/openjdk18-openshift:1.1"
}
}
]
diff --git a/roles/openshift_examples/files/examples/v3.7/image-streams/dotnet_imagestreams_centos.json b/roles/openshift_examples/files/examples/v3.7/image-streams/dotnet_imagestreams_centos.json
new file mode 100644
index 000000000..79afc355b
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.7/image-streams/dotnet_imagestreams_centos.json
@@ -0,0 +1,104 @@
+{
+ "kind": "ImageStreamList",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "dotnet-image-streams",
+ "annotations": {
+ "description": "ImageStream definitions for .NET Core on CentOS"
+ }
+ },
+ "items": [
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "dotnet",
+ "annotations": {
+ "openshift.io/display-name": ".NET Core Builder Images"
+ }
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "latest",
+ "annotations": {
+ "openshift.io/display-name": ".NET Core (Latest)",
+ "description": "Build and run .NET Core applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/redhat-developer/s2i-dotnetcore/tree/master/2.0/build/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of .NET Core available on OpenShift, including major versions updates.",
+ "iconClass": "icon-dotnet",
+ "tags": "builder,.net,dotnet,dotnetcore",
+ "supports":"dotnet",
+ "sampleRepo": "https://github.com/redhat-developer/s2i-dotnetcore-ex.git",
+ "sampleContextDir": "app",
+ "sampleRef": "dotnetcore-2.0"
+ },
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "2.0"
+ }
+ },
+ {
+ "name": "2.0",
+ "annotations": {
+ "openshift.io/display-name": ".NET Core 2.0",
+ "description": "Build and run .NET Core 2.0 applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/redhat-developer/s2i-dotnetcore/tree/master/2.0/build/README.md.",
+ "iconClass": "icon-dotnet",
+ "tags": "builder,.net,dotnet,dotnetcore,rh-dotnet20",
+ "supports":"dotnet:2.0,dotnet",
+ "sampleRepo": "https://github.com/redhat-developer/s2i-dotnetcore-ex.git",
+ "sampleContextDir": "app",
+ "sampleRef": "dotnetcore-2.0",
+ "version": "2.0"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.centos.org/dotnet/dotnet-20-centos7:latest"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "dotnet-runtime",
+ "annotations": {
+ "openshift.io/display-name": ".NET Core Runtime Images"
+ }
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "latest",
+ "annotations": {
+ "openshift.io/display-name": ".NET Core Runtime (Latest)",
+ "description": "Run .NET Core applications on CentOS 7. For more information about using this image, including OpenShift considerations, see https://github.com/redhat-developer/s2i-dotnetcore/tree/master/2.0/runtime/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of .NET Core Runtime available on OpenShift, including major versions updates.",
+ "iconClass": "icon-dotnet",
+ "tags": "runtime,.net-runtime,dotnet-runtime,dotnetcore-runtime",
+ "supports":"dotnet-runtime"
+ },
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "2.0"
+ }
+ },
+ {
+ "name": "2.0",
+ "annotations": {
+ "openshift.io/display-name": ".NET Core 2.0 Runtime",
+ "description": "Run .NET Core applications on CentOS 7. For more information about using this image, including OpenShift considerations, see https://github.com/redhat-developer/s2i-dotnetcore/tree/master/2.0/runtime/README.md.",
+ "iconClass": "icon-dotnet",
+ "tags": "runtime,.net-runtime,dotnet-runtime,dotnetcore-runtime",
+ "supports":"dotnet-runtime",
+ "version": "2.0"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.centos.org/dotnet/dotnet-20-runtime-centos7:latest"
+ }
+ }
+ ]
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.7/quickstart-templates/cakephp-mysql-persistent.json b/roles/openshift_examples/files/examples/v3.7/quickstart-templates/cakephp-mysql-persistent.json
index a8b90a493..86ddc184a 100644
--- a/roles/openshift_examples/files/examples/v3.7/quickstart-templates/cakephp-mysql-persistent.json
+++ b/roles/openshift_examples/files/examples/v3.7/quickstart-templates/cakephp-mysql-persistent.json
@@ -11,7 +11,8 @@
"openshift.io/long-description": "This template defines resources needed to develop a CakePHP application, including a build configuration, application deployment configuration, and database deployment configuration.",
"openshift.io/provider-display-name": "Red Hat, Inc.",
"openshift.io/documentation-url": "https://github.com/openshift/cakephp-ex",
- "openshift.io/support-url": "https://access.redhat.com"
+ "openshift.io/support-url": "https://access.redhat.com",
+ "template.openshift.io/bindable": "false"
}
},
"message": "The following service(s) have been created in your project: ${NAME}, ${DATABASE_SERVICE_NAME}.\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/openshift/cake-ex/blob/master/README.md.",
@@ -60,10 +61,7 @@
"kind": "Route",
"apiVersion": "v1",
"metadata": {
- "name": "${NAME}",
- "annotations": {
- "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}"
- }
+ "name": "${NAME}"
},
"spec": {
"host": "${APPLICATION_DOMAIN}",
diff --git a/roles/openshift_examples/files/examples/v3.7/quickstart-templates/cakephp-mysql.json b/roles/openshift_examples/files/examples/v3.7/quickstart-templates/cakephp-mysql.json
index e84397394..3c964bd6a 100644
--- a/roles/openshift_examples/files/examples/v3.7/quickstart-templates/cakephp-mysql.json
+++ b/roles/openshift_examples/files/examples/v3.7/quickstart-templates/cakephp-mysql.json
@@ -11,7 +11,8 @@
"openshift.io/long-description": "This template defines resources needed to develop a CakePHP application, including a build configuration, application deployment configuration, and database deployment configuration. The database is stored in non-persistent storage, so this configuration should be used for experimental purposes only.",
"openshift.io/provider-display-name": "Red Hat, Inc.",
"openshift.io/documentation-url": "https://github.com/openshift/cakephp-ex",
- "openshift.io/support-url": "https://access.redhat.com"
+ "openshift.io/support-url": "https://access.redhat.com",
+ "template.openshift.io/bindable": "false"
}
},
"message": "The following service(s) have been created in your project: ${NAME}, ${DATABASE_SERVICE_NAME}.\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/openshift/cake-ex/blob/master/README.md.",
@@ -60,10 +61,7 @@
"kind": "Route",
"apiVersion": "v1",
"metadata": {
- "name": "${NAME}",
- "annotations": {
- "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}"
- }
+ "name": "${NAME}"
},
"spec": {
"host": "${APPLICATION_DOMAIN}",
diff --git a/roles/openshift_examples/files/examples/v3.7/quickstart-templates/dancer-mysql-persistent.json b/roles/openshift_examples/files/examples/v3.7/quickstart-templates/dancer-mysql-persistent.json
index 96048f200..0a10c5fbc 100644
--- a/roles/openshift_examples/files/examples/v3.7/quickstart-templates/dancer-mysql-persistent.json
+++ b/roles/openshift_examples/files/examples/v3.7/quickstart-templates/dancer-mysql-persistent.json
@@ -11,7 +11,8 @@
"openshift.io/long-description": "This template defines resources needed to develop a Dancer based application, including a build configuration, application deployment configuration, and database deployment configuration.",
"openshift.io/provider-display-name": "Red Hat, Inc.",
"openshift.io/documentation-url": "https://github.com/openshift/dancer-ex",
- "openshift.io/support-url": "https://access.redhat.com"
+ "openshift.io/support-url": "https://access.redhat.com",
+ "template.openshift.io/bindable": "false"
}
},
"message": "The following service(s) have been created in your project: ${NAME}, ${DATABASE_SERVICE_NAME}.\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/openshift/dancer-ex/blob/master/README.md.",
@@ -58,10 +59,7 @@
"kind": "Route",
"apiVersion": "v1",
"metadata": {
- "name": "${NAME}",
- "annotations": {
- "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}"
- }
+ "name": "${NAME}"
},
"spec": {
"host": "${APPLICATION_DOMAIN}",
diff --git a/roles/openshift_examples/files/examples/v3.7/quickstart-templates/dancer-mysql.json b/roles/openshift_examples/files/examples/v3.7/quickstart-templates/dancer-mysql.json
index 1c87e05f3..6122d5436 100644
--- a/roles/openshift_examples/files/examples/v3.7/quickstart-templates/dancer-mysql.json
+++ b/roles/openshift_examples/files/examples/v3.7/quickstart-templates/dancer-mysql.json
@@ -11,7 +11,8 @@
"openshift.io/long-description": "This template defines resources needed to develop a Dancer based application, including a build configuration, application deployment configuration, and database deployment configuration. The database is stored in non-persistent storage, so this configuration should be used for experimental purposes only.",
"openshift.io/provider-display-name": "Red Hat, Inc.",
"openshift.io/documentation-url": "https://github.com/openshift/dancer-ex",
- "openshift.io/support-url": "https://access.redhat.com"
+ "openshift.io/support-url": "https://access.redhat.com",
+ "template.openshift.io/bindable": "false"
}
},
"message": "The following service(s) have been created in your project: ${NAME}, ${DATABASE_SERVICE_NAME}.\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/openshift/dancer-ex/blob/master/README.md.",
@@ -58,10 +59,7 @@
"kind": "Route",
"apiVersion": "v1",
"metadata": {
- "name": "${NAME}",
- "annotations": {
- "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}"
- }
+ "name": "${NAME}"
},
"spec": {
"host": "${APPLICATION_DOMAIN}",
diff --git a/roles/openshift_examples/files/examples/v3.7/quickstart-templates/django-postgresql-persistent.json b/roles/openshift_examples/files/examples/v3.7/quickstart-templates/django-postgresql-persistent.json
index 060f45dac..f3b5838fa 100644
--- a/roles/openshift_examples/files/examples/v3.7/quickstart-templates/django-postgresql-persistent.json
+++ b/roles/openshift_examples/files/examples/v3.7/quickstart-templates/django-postgresql-persistent.json
@@ -11,7 +11,8 @@
"openshift.io/long-description": "This template defines resources needed to develop a Django based application, including a build configuration, application deployment configuration, and database deployment configuration.",
"openshift.io/provider-display-name": "Red Hat, Inc.",
"openshift.io/documentation-url": "https://github.com/openshift/django-ex",
- "openshift.io/support-url": "https://access.redhat.com"
+ "openshift.io/support-url": "https://access.redhat.com",
+ "template.openshift.io/bindable": "false"
}
},
"message": "The following service(s) have been created in your project: ${NAME}, ${DATABASE_SERVICE_NAME}.\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/openshift/django-ex/blob/master/README.md.",
@@ -58,10 +59,7 @@
"kind": "Route",
"apiVersion": "v1",
"metadata": {
- "name": "${NAME}",
- "annotations": {
- "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}"
- }
+ "name": "${NAME}"
},
"spec": {
"host": "${APPLICATION_DOMAIN}",
diff --git a/roles/openshift_examples/files/examples/v3.7/quickstart-templates/django-postgresql.json b/roles/openshift_examples/files/examples/v3.7/quickstart-templates/django-postgresql.json
index 66f2f0ca1..b21295df2 100644
--- a/roles/openshift_examples/files/examples/v3.7/quickstart-templates/django-postgresql.json
+++ b/roles/openshift_examples/files/examples/v3.7/quickstart-templates/django-postgresql.json
@@ -11,7 +11,8 @@
"openshift.io/long-description": "This template defines resources needed to develop a Django based application, including a build configuration, application deployment configuration, and database deployment configuration. The database is stored in non-persistent storage, so this configuration should be used for experimental purposes only.",
"openshift.io/provider-display-name": "Red Hat, Inc.",
"openshift.io/documentation-url": "https://github.com/openshift/django-ex",
- "openshift.io/support-url": "https://access.redhat.com"
+ "openshift.io/support-url": "https://access.redhat.com",
+ "template.openshift.io/bindable": "false"
}
},
"message": "The following service(s) have been created in your project: ${NAME}, ${DATABASE_SERVICE_NAME}.\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/openshift/django-ex/blob/master/README.md.",
@@ -58,10 +59,7 @@
"kind": "Route",
"apiVersion": "v1",
"metadata": {
- "name": "${NAME}",
- "annotations": {
- "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}"
- }
+ "name": "${NAME}"
},
"spec": {
"host": "${APPLICATION_DOMAIN}",
diff --git a/roles/openshift_examples/files/examples/v3.7/quickstart-templates/httpd.json b/roles/openshift_examples/files/examples/v3.7/quickstart-templates/httpd.json
index ebba9ee65..3771280bf 100644
--- a/roles/openshift_examples/files/examples/v3.7/quickstart-templates/httpd.json
+++ b/roles/openshift_examples/files/examples/v3.7/quickstart-templates/httpd.json
@@ -11,7 +11,8 @@
"openshift.io/long-description": "This template defines resources needed to develop a static application served by Apache HTTP Server (httpd), including a build configuration and application deployment configuration.",
"openshift.io/provider-display-name": "Red Hat, Inc.",
"openshift.io/documentation-url": "https://github.com/openshift/httpd-ex",
- "openshift.io/support-url": "https://access.redhat.com"
+ "openshift.io/support-url": "https://access.redhat.com",
+ "template.openshift.io/bindable": "false"
}
},
"message": "The following service(s) have been created in your project: ${NAME}.\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/openshift/httpd-ex/blob/master/README.md.",
@@ -45,10 +46,7 @@
"kind": "Route",
"apiVersion": "v1",
"metadata": {
- "name": "${NAME}",
- "annotations": {
- "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}"
- }
+ "name": "${NAME}"
},
"spec": {
"host": "${APPLICATION_DOMAIN}",
diff --git a/roles/openshift_examples/files/examples/v3.7/quickstart-templates/nodejs-mongodb-persistent.json b/roles/openshift_examples/files/examples/v3.7/quickstart-templates/nodejs-mongodb-persistent.json
index 9543b5681..7f2a5d804 100644
--- a/roles/openshift_examples/files/examples/v3.7/quickstart-templates/nodejs-mongodb-persistent.json
+++ b/roles/openshift_examples/files/examples/v3.7/quickstart-templates/nodejs-mongodb-persistent.json
@@ -11,7 +11,8 @@
"openshift.io/long-description": "This template defines resources needed to develop a NodeJS application, including a build configuration, application deployment configuration, and database deployment configuration.",
"openshift.io/provider-display-name": "Red Hat, Inc.",
"openshift.io/documentation-url": "https://github.com/openshift/nodejs-ex",
- "openshift.io/support-url": "https://access.redhat.com"
+ "openshift.io/support-url": "https://access.redhat.com",
+ "template.openshift.io/bindable": "false"
}
},
"message": "The following service(s) have been created in your project: ${NAME}, ${DATABASE_SERVICE_NAME}.\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/openshift/nodejs-ex/blob/master/README.md.",
@@ -58,10 +59,7 @@
"kind": "Route",
"apiVersion": "v1",
"metadata": {
- "name": "${NAME}",
- "annotations": {
- "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}"
- }
+ "name": "${NAME}"
},
"spec": {
"host": "${APPLICATION_DOMAIN}",
diff --git a/roles/openshift_examples/files/examples/v3.7/quickstart-templates/nodejs-mongodb.json b/roles/openshift_examples/files/examples/v3.7/quickstart-templates/nodejs-mongodb.json
index 0649d6204..b3afae46e 100644
--- a/roles/openshift_examples/files/examples/v3.7/quickstart-templates/nodejs-mongodb.json
+++ b/roles/openshift_examples/files/examples/v3.7/quickstart-templates/nodejs-mongodb.json
@@ -11,7 +11,8 @@
"openshift.io/long-description": "This template defines resources needed to develop a NodeJS application, including a build configuration, application deployment configuration, and database deployment configuration. The database is stored in non-persistent storage, so this configuration should be used for experimental purposes only.",
"openshift.io/provider-display-name": "Red Hat, Inc.",
"openshift.io/documentation-url": "https://github.com/openshift/nodejs-ex",
- "openshift.io/support-url": "https://access.redhat.com"
+ "openshift.io/support-url": "https://access.redhat.com",
+ "template.openshift.io/bindable": "false"
}
},
"message": "The following service(s) have been created in your project: ${NAME}, ${DATABASE_SERVICE_NAME}.\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/openshift/nodejs-ex/blob/master/README.md.",
@@ -58,10 +59,7 @@
"kind": "Route",
"apiVersion": "v1",
"metadata": {
- "name": "${NAME}",
- "annotations": {
- "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}"
- }
+ "name": "${NAME}"
},
"spec": {
"host": "${APPLICATION_DOMAIN}",
diff --git a/roles/openshift_examples/files/examples/v3.7/quickstart-templates/rails-postgresql-persistent.json b/roles/openshift_examples/files/examples/v3.7/quickstart-templates/rails-postgresql-persistent.json
index 3810ef727..1c03be28a 100644
--- a/roles/openshift_examples/files/examples/v3.7/quickstart-templates/rails-postgresql-persistent.json
+++ b/roles/openshift_examples/files/examples/v3.7/quickstart-templates/rails-postgresql-persistent.json
@@ -11,7 +11,8 @@
"openshift.io/long-description": "This template defines resources needed to develop a Rails application, including a build configuration, application deployment configuration, and database deployment configuration.",
"openshift.io/provider-display-name": "Red Hat, Inc.",
"openshift.io/documentation-url": "https://github.com/openshift/rails-ex",
- "openshift.io/support-url": "https://access.redhat.com"
+ "openshift.io/support-url": "https://access.redhat.com",
+ "template.openshift.io/bindable": "false"
}
},
"message": "The following service(s) have been created in your project: ${NAME}, ${DATABASE_SERVICE_NAME}.\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/openshift/rails-ex/blob/master/README.md.",
@@ -23,11 +24,7 @@
"kind": "Secret",
"apiVersion": "v1",
"metadata": {
- "name": "${NAME}",
- "annotations": {
- "template.openshift.io/expose-username": "{.data['application-user']}",
- "template.openshift.io/expose-password": "{.data['application-password']}"
- }
+ "name": "${NAME}"
},
"stringData" : {
"database-user" : "${DATABASE_USER}",
@@ -64,10 +61,7 @@
"kind": "Route",
"apiVersion": "v1",
"metadata": {
- "name": "${NAME}",
- "annotations": {
- "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}"
- }
+ "name": "${NAME}"
},
"spec": {
"host": "${APPLICATION_DOMAIN}",
diff --git a/roles/openshift_examples/files/examples/v3.7/quickstart-templates/rails-postgresql.json b/roles/openshift_examples/files/examples/v3.7/quickstart-templates/rails-postgresql.json
index 3d8336c5a..240289d33 100644
--- a/roles/openshift_examples/files/examples/v3.7/quickstart-templates/rails-postgresql.json
+++ b/roles/openshift_examples/files/examples/v3.7/quickstart-templates/rails-postgresql.json
@@ -11,7 +11,8 @@
"openshift.io/long-description": "This template defines resources needed to develop a Rails application, including a build configuration, application deployment configuration, and database deployment configuration. The database is stored in non-persistent storage, so this configuration should be used for experimental purposes only.",
"openshift.io/provider-display-name": "Red Hat, Inc.",
"openshift.io/documentation-url": "https://github.com/openshift/rails-ex",
- "openshift.io/support-url": "https://access.redhat.com"
+ "openshift.io/support-url": "https://access.redhat.com",
+ "template.openshift.io/bindable": "false"
}
},
"message": "The following service(s) have been created in your project: ${NAME}, ${DATABASE_SERVICE_NAME}.\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/openshift/rails-ex/blob/master/README.md.",
@@ -23,11 +24,7 @@
"kind": "Secret",
"apiVersion": "v1",
"metadata": {
- "name": "${NAME}",
- "annotations": {
- "template.openshift.io/expose-username": "{.data['application-user']}",
- "template.openshift.io/expose-password": "{.data['application-password']}"
- }
+ "name": "${NAME}"
},
"stringData" : {
"database-user" : "${DATABASE_USER}",
@@ -64,10 +61,7 @@
"kind": "Route",
"apiVersion": "v1",
"metadata": {
- "name": "${NAME}",
- "annotations": {
- "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}"
- }
+ "name": "${NAME}"
},
"spec": {
"host": "${APPLICATION_DOMAIN}",
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-streams/jboss-image-streams.json b/roles/openshift_examples/files/examples/v3.7/xpaas-streams/jboss-image-streams.json
index 0aad7fae6..ed2dbf572 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-streams/jboss-image-streams.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-streams/jboss-image-streams.json
@@ -4,7 +4,8 @@
"metadata": {
"name": "jboss-image-streams",
"annotations": {
- "description": "ImageStream definitions for JBoss Middleware products."
+ "description": "ImageStream definitions for JBoss Middleware products.",
+ "openshift.io/provider-display-name": "Red Hat, Inc."
}
},
"items": [
@@ -14,48 +15,65 @@
"metadata": {
"name": "jboss-webserver30-tomcat7-openshift",
"annotations": {
- "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 7"
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Apache Tomcat 7",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "version": "1.4.7"
}
},
+ "labels": {
+ "xpaas": "1.4.7"
+ },
"spec": {
- "dockerImageRepository": "registry.access.redhat.com/jboss-webserver-3/webserver30-tomcat7-openshift",
"tags": [
{
"name": "1.1",
"annotations": {
- "description": "JBoss Web Server 3.0 Tomcat 7 S2I images.",
- "iconClass": "icon-jboss",
- "tags": "builder,tomcat,tomcat7,java,jboss,xpaas",
- "supports": "tomcat7:3.0,tomcat:7,java:8,xpaas:1.1",
+ "description": "JBoss Web Server 3.0 Apache Tomcat 7 S2I images.",
+ "iconClass": "icon-rh-tomcat",
+ "tags": "builder,tomcat,tomcat7,java,jboss,hidden",
+ "supports": "tomcat7:3.0,tomcat:7,java:8",
"sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"sampleContextDir": "tomcat-websocket-chat",
"version": "1.1",
- "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 7"
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Apache Tomcat 7"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-webserver-3/webserver30-tomcat7-openshift:1.1"
}
},
{
"name": "1.2",
"annotations": {
- "description": "JBoss Web Server 3.0 Tomcat 7 S2I images.",
- "iconClass": "icon-jboss",
- "tags": "builder,tomcat,tomcat7,java,jboss,xpaas",
- "supports": "tomcat7:3.0,tomcat:7,java:8,xpaas:1.2",
+ "description": "JBoss Web Server 3.0 Apache Tomcat 7 S2I images.",
+ "iconClass": "icon-rh-tomcat",
+ "tags": "builder,tomcat,tomcat7,java,jboss,hidden",
+ "supports": "tomcat7:3.0,tomcat:7,java:8",
"sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"sampleContextDir": "tomcat-websocket-chat",
"version": "1.2",
- "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 7"
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Apache Tomcat 7"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-webserver-3/webserver30-tomcat7-openshift:1.2"
}
},
{
"name": "1.3",
"annotations": {
- "description": "JBoss Web Server 3.0 Tomcat 7 S2I images.",
- "iconClass": "icon-jboss",
- "tags": "builder,tomcat,tomcat7,java,jboss,xpaas",
- "supports":"tomcat7:3.0,tomcat:7,java:8,xpaas:1.3",
+ "description": "JBoss Web Server 3.0 Apache Tomcat 7 S2I images.",
+ "iconClass": "icon-rh-tomcat",
+ "tags": "builder,tomcat,tomcat7,java,jboss,hidden",
+ "supports": "tomcat7:3.0,tomcat:7,java:8",
"sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"sampleContextDir": "tomcat-websocket-chat",
- "version": "1.3"
+ "version": "1.3",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 ApacheTomcat 7"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-webserver-3/webserver30-tomcat7-openshift:1.3"
}
}
]
@@ -67,48 +85,65 @@
"metadata": {
"name": "jboss-webserver30-tomcat8-openshift",
"annotations": {
- "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 8"
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Apache Tomcat 8",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "version": "1.4.7"
}
},
+ "labels": {
+ "xpaas": "1.4.7"
+ },
"spec": {
- "dockerImageRepository": "registry.access.redhat.com/jboss-webserver-3/webserver30-tomcat8-openshift",
"tags": [
{
"name": "1.1",
"annotations": {
- "description": "JBoss Web Server 3.0 Tomcat 8 S2I images.",
- "iconClass": "icon-jboss",
- "tags": "builder,tomcat,tomcat8,java,jboss,xpaas",
- "supports": "tomcat8:3.0,tomcat:8,java:8,xpaas:1.1",
+ "description": "JBoss Web Server 3.0 Apache Tomcat 8 S2I images.",
+ "iconClass": "icon-rh-tomcat",
+ "tags": "builder,tomcat,tomcat8,java,jboss,hidden",
+ "supports": "tomcat8:3.0,tomcat:8,java:8",
"sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"sampleContextDir": "tomcat-websocket-chat",
"version": "1.1",
- "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 8"
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Apache Tomcat 8"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-webserver-3/webserver30-tomcat8-openshift:1.1"
}
},
{
"name": "1.2",
"annotations": {
- "description": "JBoss Web Server 3.0 Tomcat 8 S2I images.",
- "iconClass": "icon-jboss",
- "tags": "builder,tomcat,tomcat8,java,jboss,xpaas",
- "supports": "tomcat8:3.0,tomcat:8,java:8,xpaas:1.2",
+ "description": "JBoss Web Server 3.0 Apache Tomcat 8 S2I images.",
+ "iconClass": "icon-rh-tomcat",
+ "tags": "builder,tomcat,tomcat8,java,jboss,hidden",
+ "supports": "tomcat8:3.0,tomcat:8,java:8",
"sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"sampleContextDir": "tomcat-websocket-chat",
"version": "1.2",
- "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 8"
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Apache Tomcat 8"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-webserver-3/webserver30-tomcat8-openshift:1.2"
}
},
{
"name": "1.3",
"annotations": {
- "description": "JBoss Web Server 3.0 Tomcat 8 S2I images.",
- "iconClass": "icon-jboss",
- "tags": "builder,tomcat,tomcat8,java,jboss,xpaas",
- "supports":"tomcat8:3.0,tomcat:8,java:8,xpaas:1.3",
+ "description": "JBoss Web Server 3.0 Apache Tomcat 8 S2I images.",
+ "iconClass": "icon-rh-tomcat",
+ "tags": "builder,tomcat,tomcat8,java,jboss,hidden",
+ "supports": "tomcat8:3.0,tomcat:8,java:8",
"sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"sampleContextDir": "tomcat-websocket-chat",
- "version": "1.3"
+ "version": "1.3",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Apache Tomcat 8"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-webserver-3/webserver30-tomcat8-openshift:1.3"
}
}
]
@@ -120,23 +155,48 @@
"metadata": {
"name": "jboss-webserver31-tomcat7-openshift",
"annotations": {
- "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 7"
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Apache Tomcat 7",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "version": "1.4.7"
}
},
+ "labels": {
+ "xpaas": "1.4.7"
+ },
"spec": {
- "dockerImageRepository": "registry.access.redhat.com/jboss-webserver-3/webserver31-tomcat7-openshift",
"tags": [
{
"name": "1.0",
"annotations": {
- "description": "JBoss Web Server 3.1 Tomcat 7 S2I images.",
- "iconClass": "icon-jboss",
- "tags": "builder,tomcat,tomcat7,java,jboss,xpaas",
- "supports": "tomcat7:3.1,tomcat:7,java:8,xpaas:1.4",
+ "description": "JBoss Web Server 3.1 Apache Tomcat 7 S2I images.",
+ "iconClass": "icon-rh-tomcat",
+ "tags": "builder,tomcat,tomcat7,java,jboss,hidden",
+ "supports": "tomcat7:3.1,tomcat:7,java:8",
"sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"sampleContextDir": "tomcat-websocket-chat",
"version": "1.0",
- "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 7"
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Apache Tomcat 7"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-webserver-3/webserver31-tomcat7-openshift:1.0"
+ }
+ },
+ {
+ "name": "1.1",
+ "annotations": {
+ "description": "JBoss Web Server 3.1 Apache Tomcat 7 S2I images.",
+ "iconClass": "icon-rh-tomcat",
+ "tags": "builder,tomcat,tomcat7,java,jboss,hidden",
+ "supports": "tomcat7:3.1,tomcat:7,java:8",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "sampleContextDir": "tomcat-websocket-chat",
+ "version": "1.1",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Apache Tomcat 7"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-webserver-3/webserver31-tomcat7-openshift:1.1"
}
}
]
@@ -148,23 +208,48 @@
"metadata": {
"name": "jboss-webserver31-tomcat8-openshift",
"annotations": {
- "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 8"
+ "openshift.io/display-name": "JBoss Web Server 3.1 Apache Tomcat 8",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "version": "1.4.7"
}
},
+ "labels": {
+ "xpaas": "1.4.7"
+ },
"spec": {
- "dockerImageRepository": "registry.access.redhat.com/jboss-webserver-3/webserver31-tomcat8-openshift",
"tags": [
{
"name": "1.0",
"annotations": {
- "description": "JBoss Web Server 3.1 Tomcat 8 S2I images.",
- "iconClass": "icon-jboss",
- "tags": "builder,tomcat,tomcat8,java,jboss,xpaas",
- "supports": "tomcat8:3.1,tomcat:8,java:8,xpaas:1.4",
+ "description": "JBoss Web Server 3.1 Apache Tomcat 8 S2I images.",
+ "iconClass": "icon-rh-tomcat",
+ "tags": "builder,tomcat,tomcat8,java,jboss,hidden",
+ "supports": "tomcat8:3.1,tomcat:8,java:8",
"sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"sampleContextDir": "tomcat-websocket-chat",
"version": "1.0",
- "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 8"
+ "openshift.io/display-name": "JBoss Web Server 3.1 Apache Tomcat 8"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-webserver-3/webserver31-tomcat8-openshift:1.0"
+ }
+ },
+ {
+ "name": "1.1",
+ "annotations": {
+ "description": "JBoss Web Server 3.1 Apache Tomcat 8 S2I images.",
+ "iconClass": "icon-rh-tomcat",
+ "tags": "builder,tomcat,tomcat8,java,jboss,hidden",
+ "supports": "tomcat8:3.1,tomcat:8,java:8",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "sampleContextDir": "tomcat-websocket-chat",
+ "version": "1.1",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Apache Tomcat 8"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-webserver-3/webserver31-tomcat8-openshift:1.1"
}
}
]
@@ -176,79 +261,122 @@
"metadata": {
"name": "jboss-eap64-openshift",
"annotations": {
- "openshift.io/display-name": "Red Hat JBoss EAP 6.4"
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "version": "1.4.7"
}
},
+ "labels": {
+ "xpaas": "1.4.7"
+ },
"spec": {
- "dockerImageRepository": "registry.access.redhat.com/jboss-eap-6/eap64-openshift",
"tags": [
{
"name": "1.1",
"annotations": {
"description": "JBoss EAP 6.4 S2I images.",
- "iconClass": "icon-jboss",
- "tags": "builder,eap,javaee,java,jboss,xpaas",
- "supports": "eap:6.4,javaee:6,java:8,xpaas:1.1",
+ "iconClass": "icon-eap",
+ "tags": "builder,eap,javaee,java,jboss,hidden",
+ "supports": "eap:6.4,javaee:6,java:8",
"sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
"sampleContextDir": "kitchensink",
"sampleRef": "6.4.x",
"version": "1.1",
"openshift.io/display-name": "Red Hat JBoss EAP 6.4"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-eap-6/eap64-openshift:1.1"
}
},
{
"name": "1.2",
"annotations": {
"description": "JBoss EAP 6.4 S2I images.",
- "iconClass": "icon-jboss",
- "tags": "builder,eap,javaee,java,jboss,xpaas",
- "supports": "eap:6.4,javaee:6,java:8,xpaas:1.2",
+ "iconClass": "icon-eap",
+ "tags": "builder,eap,javaee,java,jboss,hidden",
+ "supports": "eap:6.4,javaee:6,java:8",
"sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
"sampleContextDir": "kitchensink",
"sampleRef": "6.4.x",
"version": "1.2",
"openshift.io/display-name": "Red Hat JBoss EAP 6.4"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-eap-6/eap64-openshift:1.2"
}
},
{
"name": "1.3",
"annotations": {
"description": "JBoss EAP 6.4 S2I images.",
- "iconClass": "icon-jboss",
- "tags": "builder,eap,javaee,java,jboss,xpaas",
- "supports": "eap:6.4,javaee:6,java:8,xpaas:1.3",
+ "iconClass": "icon-eap",
+ "tags": "builder,eap,javaee,java,jboss,hidden",
+ "supports": "eap:6.4,javaee:6,java:8",
"sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
"sampleContextDir": "kitchensink",
"sampleRef": "6.4.x",
"version": "1.3",
"openshift.io/display-name": "Red Hat JBoss EAP 6.4"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-eap-6/eap64-openshift:1.3"
}
},
{
"name": "1.4",
"annotations": {
"description": "JBoss EAP 6.4 S2I images.",
- "iconClass": "icon-jboss",
- "tags": "builder,eap,javaee,java,jboss,xpaas",
- "supports": "eap:6.4,javaee:6,java:8,xpaas:1.4",
+ "iconClass": "icon-eap",
+ "tags": "builder,eap,javaee,java,jboss,hidden",
+ "supports": "eap:6.4,javaee:6,java:8",
"sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
"sampleContextDir": "kitchensink",
"sampleRef": "6.4.x",
"version": "1.4",
"openshift.io/display-name": "Red Hat JBoss EAP 6.4"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-eap-6/eap64-openshift:1.4"
}
},
{
"name": "1.5",
"annotations": {
"description": "JBoss EAP 6.4 S2I images.",
- "iconClass": "icon-jboss",
- "tags": "builder,eap,javaee,java,jboss,xpaas",
- "supports":"eap:6.4,javaee:6,java:8,xpaas:1.5",
+ "iconClass": "icon-eap",
+ "tags": "builder,eap,javaee,java,jboss,hidden",
+ "supports": "eap:6.4,javaee:6,java:8",
+ "sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
+ "sampleContextDir": "kitchensink",
+ "sampleRef": "6.4.x",
+ "version": "1.5",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-eap-6/eap64-openshift:1.5"
+ }
+ },
+ {
+ "name": "1.6",
+ "annotations": {
+ "description": "JBoss EAP 6.4 S2I images.",
+ "iconClass": "icon-eap",
+ "tags": "builder,eap,javaee,java,jboss,hidden",
+ "supports": "eap:6.4,javaee:6,java:8",
"sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
"sampleContextDir": "kitchensink",
"sampleRef": "6.4.x",
- "version": "1.5"
+ "version": "1.6",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-eap-6/eap64-openshift:1.6"
}
}
]
@@ -260,51 +388,86 @@
"metadata": {
"name": "jboss-eap70-openshift",
"annotations": {
- "openshift.io/display-name": "Red Hat JBoss EAP 7.0"
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "version": "1.4.7"
}
},
+ "labels": {
+ "xpaas": "1.4.7"
+ },
"spec": {
- "dockerImageRepository": "registry.access.redhat.com/jboss-eap-7/eap70-openshift",
"tags": [
{
"name": "1.3",
"annotations": {
"description": "JBoss EAP 7.0 S2I images.",
- "iconClass": "icon-jboss",
- "tags": "builder,eap,javaee,java,jboss,xpaas",
- "supports": "eap:7.0,javaee:7,java:8,xpaas:1.3",
+ "iconClass": "icon-eap",
+ "tags": "builder,eap,javaee,java,jboss,hidden",
+ "supports": "eap:7.0,javaee:7,java:8",
"sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
"sampleContextDir": "kitchensink",
"sampleRef": "7.0.0.GA",
"version": "1.3",
"openshift.io/display-name": "Red Hat JBoss EAP 7.0"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-eap-7/eap70-openshift:1.3"
}
},
{
"name": "1.4",
"annotations": {
"description": "JBoss EAP 7.0 S2I images.",
- "iconClass": "icon-jboss",
- "tags": "builder,eap,javaee,java,jboss,xpaas",
- "supports": "eap:7.0,javaee:7,java:8,xpaas:1.4",
+ "iconClass": "icon-eap",
+ "tags": "builder,eap,javaee,java,jboss,hidden",
+ "supports": "eap:7.0,javaee:7,java:8",
"sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
"sampleContextDir": "kitchensink",
"sampleRef": "7.0.0.GA",
"version": "1.4",
"openshift.io/display-name": "Red Hat JBoss EAP 7.0"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-eap-7/eap70-openshift:1.4"
}
},
{
"name": "1.5",
"annotations": {
"description": "JBoss EAP 7.0 S2I images.",
- "iconClass": "icon-jboss",
- "tags": "builder,eap,javaee,java,jboss,xpaas",
- "supports":"eap:7.0,javaee:7,java:8,xpaas:1.5",
+ "iconClass": "icon-eap",
+ "tags": "builder,eap,javaee,java,jboss,hidden",
+ "supports": "eap:7.0,javaee:7,java:8",
+ "sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
+ "sampleContextDir": "kitchensink",
+ "sampleRef": "7.0.0.GA",
+ "version": "1.5",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-eap-7/eap70-openshift:1.5"
+ }
+ },
+ {
+ "name": "1.6",
+ "annotations": {
+ "description": "JBoss EAP 7.0 S2I images.",
+ "iconClass": "icon-eap",
+ "tags": "builder,eap,javaee,java,jboss,hidden",
+ "supports": "eap:7.0,javaee:7,java:8",
"sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
"sampleContextDir": "kitchensink",
"sampleRef": "7.0.0.GA",
- "version": "1.5"
+ "version": "1.6",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-eap-7/eap70-openshift:1.6"
}
}
]
@@ -316,27 +479,50 @@
"metadata": {
"name": "jboss-eap71-openshift",
"annotations": {
- "openshift.io/display-name": "Red Hat JBoss EAP 7.1"
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.1",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "version": "1.4.7"
}
},
+ "labels": {
+ "xpaas": "1.4.7"
+ },
"spec": {
- "dockerImageRepository": "registry.access.redhat.com/jboss-eap-7/eap71-openshift",
"tags": [
{
+ "name": "TP",
+ "annotations": {
+ "description": "JBoss EAP 7.1 Tech Preview.",
+ "iconClass": "icon-eap",
+ "tags": "builder,eap,javaee,java,jboss,hidden",
+ "supports": "eap:7.1,javaee:7,java:8,xpass:1.0",
+ "sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
+ "sampleContextDir": "kitchensink",
+ "sampleRef": "7.0.0.GA",
+ "version": "TP",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.1 (Tech Preview)"
+ },
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "1.0-TP"
+ }
+ },
+ {
"name": "1.0-TP",
"annotations": {
"description": "JBoss EAP 7.1 Tech Preview.",
- "iconClass": "icon-jboss",
- "tags": "builder,eap,javaee,java,jboss,xpaas",
- "supports":"eap:7.1,javaee:7,java:8,xpaas:1.0",
+ "iconClass": "icon-eap",
+ "tags": "builder,eap,javaee,java,jboss,hidden",
+ "supports": "eap:7.1,javaee:7,java:8",
"sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
"sampleContextDir": "kitchensink",
"sampleRef": "7.0.0.GA",
- "version": "1.0"
+ "version": "1.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.1 (Tech Preview)"
},
"from": {
- "kind": "DockerImage",
- "name": "registry.access.redhat.com/jboss-eap-7-tech-preview/eap71-openshift:1.0"
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-eap-7-tech-preview/eap71-openshift:1.0"
}
}
]
@@ -348,24 +534,31 @@
"metadata": {
"name": "jboss-decisionserver62-openshift",
"annotations": {
- "openshift.io/display-name": "Red Hat JBoss BRMS 6.2 decision server"
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.2 decision server",
+ "version": "1.4.7"
}
},
+ "labels": {
+ "xpaas": "1.4.7"
+ },
"spec": {
- "dockerImageRepository": "registry.access.redhat.com/jboss-decisionserver-6/decisionserver62-openshift",
"tags": [
{
"name": "1.2",
"annotations": {
"description": "Red Hat JBoss BRMS 6.2 decision server S2I images.",
- "iconClass": "icon-jboss",
- "tags": "builder,decisionserver,xpaas",
- "supports": "decisionserver:6.2,xpaas:1.2",
+ "iconClass": "icon-decisionserver",
+ "tags": "builder,decisionserver,hidden",
+ "supports": "decisionserver:6.2",
"sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"sampleContextDir": "decisionserver/hellorules",
"sampleRef": "1.2",
"version": "1.2",
"openshift.io/display-name": "Red Hat JBoss BRMS 6.2 decision server"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-decisionserver-6/decisionserver62-openshift:1.2"
}
}
]
@@ -377,37 +570,50 @@
"metadata": {
"name": "jboss-decisionserver63-openshift",
"annotations": {
- "openshift.io/display-name": "Red Hat JBoss BRMS 6.3 decision server"
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.3 decision server",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "version": "1.4.7"
}
},
+ "labels": {
+ "xpaas": "1.4.7"
+ },
"spec": {
- "dockerImageRepository": "registry.access.redhat.com/jboss-decisionserver-6/decisionserver63-openshift",
"tags": [
{
"name": "1.3",
"annotations": {
"description": "Red Hat JBoss BRMS 6.3 decision server S2I images.",
- "iconClass": "icon-jboss",
- "tags": "builder,decisionserver,xpaas",
- "supports": "decisionserver:6.3,xpaas:1.3",
+ "iconClass": "icon-decisionserver",
+ "tags": "builder,decisionserver,hidden",
+ "supports": "decisionserver:6.3",
"sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"sampleContextDir": "decisionserver/hellorules",
"sampleRef": "1.3",
"version": "1.3",
"openshift.io/display-name": "Red Hat JBoss BRMS 6.3 decision server"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-decisionserver-6/decisionserver63-openshift:1.3"
}
},
{
"name": "1.4",
"annotations": {
"description": "Red Hat JBoss BRMS 6.3 decision server S2I images.",
- "iconClass": "icon-jboss",
- "tags": "builder,decisionserver,java,xpaas",
- "supports":"decisionserver:6.3,java:8,xpaas:1.4",
+ "iconClass": "icon-decisionserver",
+ "tags": "builder,decisionserver,java,hidden",
+ "supports": "decisionserver:6.3,java:8",
"sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"sampleContextDir": "decisionserver/hellorules",
"sampleRef": "1.3",
- "version": "1.4"
+ "version": "1.4",
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.3 decision server"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-decisionserver-6/decisionserver63-openshift:1.4"
}
}
]
@@ -417,22 +623,52 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "jboss-decisionserver64-openshift"
+ "name": "jboss-decisionserver64-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.4 decision server",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "version": "1.4.7"
+ }
+ },
+ "labels": {
+ "xpaas": "1.4.7"
},
"spec": {
- "dockerImageRepository": "registry.access.redhat.com/jboss-decisionserver-6/decisionserver64-openshift",
"tags": [
{
"name": "1.0",
"annotations": {
"description": "Red Hat JBoss BRMS 6.4 decision server S2I images.",
- "iconClass": "icon-jboss",
- "tags": "builder,decisionserver,java,xpaas",
- "supports":"decisionserver:6.4,java:8,xpaas:1.4",
+ "iconClass": "icon-decisionserver",
+ "tags": "builder,decisionserver,java,hidden",
+ "supports": "decisionserver:6.4,java:8",
"sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"sampleContextDir": "decisionserver/hellorules",
"sampleRef": "1.3",
- "version": "1.0"
+ "version": "1.0",
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.4 decision server"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-decisionserver-6/decisionserver64-openshift:1.0"
+ }
+ },
+ {
+ "name": "1.1",
+ "annotations": {
+ "description": "Red Hat JBoss BRMS 6.4 decision server S2I images.",
+ "iconClass": "icon-decisionserver",
+ "tags": "builder,decisionserver,java,hidden",
+ "supports": "decisionserver:6.4,java:8",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "sampleContextDir": "decisionserver/hellorules",
+ "sampleRef": "1.3",
+ "version": "1.1",
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.4 decision server"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-decisionserver-6/decisionserver64-openshift:1.1"
}
}
]
@@ -444,37 +680,50 @@
"metadata": {
"name": "jboss-processserver63-openshift",
"annotations": {
- "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server"
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "version": "1.4.7"
}
},
+ "labels": {
+ "xpaas": "1.4.7"
+ },
"spec": {
- "dockerImageRepository": "registry.access.redhat.com/jboss-processserver-6/processserver63-openshift",
"tags": [
{
"name": "1.3",
"annotations": {
"description": "Red Hat JBoss BPM Suite 6.3 intelligent process server S2I images.",
- "iconClass": "icon-jboss",
- "tags": "builder,processserver,xpaas",
- "supports": "processserver:6.3,xpaas:1.3",
+ "iconClass": "icon-processserver",
+ "tags": "builder,processserver,hidden",
+ "supports": "processserver:6.3",
"sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"sampleContextDir": "processserver/library",
"sampleRef": "1.3",
"version": "1.3",
"openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-processserver-6/processserver63-openshift:1.3"
}
},
{
"name": "1.4",
"annotations": {
"description": "Red Hat JBoss BPM Suite 6.3 intelligent process server S2I images.",
- "iconClass": "icon-jboss",
- "tags": "builder,processserver,java,xpaas",
- "supports":"processserver:6.3,java:8,xpaas:1.4",
+ "iconClass": "icon-processserver",
+ "tags": "builder,processserver,java,hidden",
+ "supports": "processserver:6.3,java:8",
"sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"sampleContextDir": "processserver/library",
"sampleRef": "1.3",
- "version": "1.4"
+ "version": "1.4",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-processserver-6/processserver63-openshift:1.4"
}
}
]
@@ -484,22 +733,52 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "jboss-processserver64-openshift"
+ "name": "jboss-processserver64-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.4 intelligent process server",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "version": "1.4.7"
+ }
+ },
+ "labels": {
+ "xpaas": "1.4.7"
},
"spec": {
- "dockerImageRepository": "registry.access.redhat.com/jboss-processserver-6/processserver64-openshift",
"tags": [
{
"name": "1.0",
"annotations": {
"description": "Red Hat JBoss BPM Suite 6.4 intelligent process server S2I images.",
- "iconClass": "icon-jboss",
- "tags": "builder,processserver,java,xpaas",
- "supports":"processserver:6.4,java:8,xpaas:1.4",
+ "iconClass": "icon-processserver",
+ "tags": "builder,processserver,java,hidden",
+ "supports": "processserver:6.4,java:8",
"sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"sampleContextDir": "processserver/library",
"sampleRef": "1.3",
- "version": "1.0"
+ "version": "1.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.4 intelligent process server"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-processserver-6/processserver64-openshift:1.0"
+ }
+ },
+ {
+ "name": "1.1",
+ "annotations": {
+ "description": "Red Hat JBoss BPM Suite 6.4 intelligent process server S2I images.",
+ "iconClass": "icon-processserver",
+ "tags": "builder,processserver,java,hidden",
+ "supports": "processserver:6.4,java:8",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "sampleContextDir": "processserver/library",
+ "sampleRef": "1.3",
+ "version": "1.1",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.4 intelligent process server"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-processserver-6/processserver64-openshift:1.1"
}
}
]
@@ -511,42 +790,74 @@
"metadata": {
"name": "jboss-datagrid65-openshift",
"annotations": {
- "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5"
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "version": "1.4.7"
}
},
+ "labels": {
+ "xpaas": "1.4.7"
+ },
"spec": {
- "dockerImageRepository": "registry.access.redhat.com/jboss-datagrid-6/datagrid65-openshift",
"tags": [
{
"name": "1.2",
"annotations": {
"description": "JBoss Data Grid 6.5 S2I images.",
- "iconClass": "icon-jboss",
- "tags": "datagrid,jboss,xpaas",
- "supports": "datagrid:6.5,xpaas:1.2",
+ "iconClass": "icon-datagrid",
+ "tags": "datagrid,jboss,hidden",
+ "supports": "datagrid:6.5",
"version": "1.2",
"openshift.io/display-name": "Red Hat JBoss Data Grid 6.5"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-datagrid-6/datagrid65-openshift:1.2"
}
},
{
"name": "1.3",
"annotations": {
"description": "JBoss Data Grid 6.5 S2I images.",
- "iconClass": "icon-jboss",
- "tags": "datagrid,jboss,xpaas",
- "supports": "datagrid:6.5,xpaas:1.4",
+ "iconClass": "icon-datagrid",
+ "tags": "datagrid,jboss,hidden",
+ "supports": "datagrid:6.5",
"version": "1.3",
"openshift.io/display-name": "Red Hat JBoss Data Grid 6.5"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-datagrid-6/datagrid65-openshift:1.3"
}
},
{
"name": "1.4",
"annotations": {
"description": "JBoss Data Grid 6.5 S2I images.",
- "iconClass": "icon-jboss",
- "tags": "datagrid,jboss,xpaas",
- "supports":"datagrid:6.5,xpaas:1.4",
- "version": "1.4"
+ "iconClass": "icon-datagrid",
+ "tags": "datagrid,jboss,hidden",
+ "supports": "datagrid:6.5",
+ "version": "1.4",
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-datagrid-6/datagrid65-openshift:1.4"
+ }
+ },
+ {
+ "name": "1.5",
+ "annotations": {
+ "description": "JBoss Data Grid 6.5 S2I images.",
+ "iconClass": "icon-datagrid",
+ "tags": "datagrid,jboss,hidden",
+ "supports": "datagrid:6.5",
+ "version": "1.5",
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-datagrid-6/datagrid65-openshift:1.5"
}
}
]
@@ -558,21 +869,44 @@
"metadata": {
"name": "jboss-datagrid71-openshift",
"annotations": {
- "openshift.io/display-name": "Red Hat JBoss Data Grid 7.1"
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 7.1",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "version": "1.4.7"
}
},
+ "labels": {
+ "xpaas": "1.4.7"
+ },
"spec": {
- "dockerImageRepository": "registry.access.redhat.com/jboss-datagrid-7/datagrid71-openshift",
"tags": [
{
"name": "1.0",
"annotations": {
"description": "JBoss Data Grid 7.1 S2I images.",
- "iconClass": "icon-jboss",
- "tags": "datagrid,jboss,xpaas",
- "supports": "datagrid:7.1,xpaas:1.0",
+ "iconClass": "icon-datagrid",
+ "tags": "datagrid,jboss,hidden",
+ "supports": "datagrid:7.1",
"version": "1.0",
"openshift.io/display-name": "Red Hat JBoss Data Grid 7.1"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-datagrid-7/datagrid71-openshift:1.0"
+ }
+ },
+ {
+ "name": "1.1",
+ "annotations": {
+ "description": "JBoss Data Grid 7.1 S2I images.",
+ "iconClass": "icon-datagrid",
+ "tags": "datagrid,jboss,hidden",
+ "supports": "datagrid:7.1",
+ "version": "1.1",
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 7.1"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-datagrid-7/datagrid71-openshift:1.1"
}
}
]
@@ -584,20 +918,42 @@
"metadata": {
"name": "jboss-datagrid65-client-openshift",
"annotations": {
- "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5 Client Modules for EAP"
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5 Client Modules for EAP",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "version": "1.4.7"
}
},
+ "labels": {
+ "xpaas": "1.4.7"
+ },
"spec": {
- "dockerImageRepository": "registry.access.redhat.com/jboss-datagrid-6/datagrid65-client-openshift",
"tags": [
{
"name": "1.0",
"annotations": {
"description": "JBoss Data Grid 6.5 Client Modules for EAP.",
- "iconClass": "icon-jboss",
- "tags": "client,jboss,xpaas",
+ "iconClass": "icon-datagrid",
+ "tags": "client,jboss,hidden",
"version": "1.0",
"openshift.io/display-name": "Red Hat JBoss Data Grid 6.5 Client Modules for EAP"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-datagrid-6/datagrid65-client-openshift:1.0"
+ }
+ },
+ {
+ "name": "1.1",
+ "annotations": {
+ "description": "JBoss Data Grid 6.5 Client Modules for EAP.",
+ "iconClass": "icon-datagrid",
+ "tags": "client,jboss,hidden",
+ "version": "1.1",
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5 Client Modules for EAP"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-datagrid-6/datagrid65-client-openshift:1.1"
}
}
]
@@ -609,20 +965,28 @@
"metadata": {
"name": "jboss-datagrid71-client-openshift",
"annotations": {
- "openshift.io/display-name": "Red Hat JBoss Data Grid 7.1 Client Modules for EAP"
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 7.1 Client Modules for EAP",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "version": "1.4.7"
}
},
+ "labels": {
+ "xpaas": "1.4.7"
+ },
"spec": {
- "dockerImageRepository": "registry.access.redhat.com/jboss-datagrid-7/datagrid71-client-openshift",
"tags": [
{
"name": "1.0",
"annotations": {
"description": "JBoss Data Grid 7.1 Client Modules for EAP.",
- "iconClass": "icon-jboss",
- "tags": "client,jboss,xpaas",
+ "iconClass": "icon-datagrid",
+ "tags": "client,jboss,hidden",
"version": "1.0",
"openshift.io/display-name": "Red Hat JBoss Data Grid 7.1 Client Modules for EAP"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-datagrid-7/datagrid71-client-openshift:1.0"
}
}
]
@@ -634,44 +998,76 @@
"metadata": {
"name": "jboss-datavirt63-openshift",
"annotations": {
- "openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.3"
+ "openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.3",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "version": "1.4.7"
}
},
+ "labels": {
+ "xpaas": "1.4.7"
+ },
"spec": {
- "dockerImageRepository": "registry.access.redhat.com/jboss-datavirt-6/datavirt63-openshift",
"tags": [
{
"name": "1.0",
"annotations": {
"description": "Red Hat JBoss Data Virtualization 6.3 S2I images.",
- "iconClass": "icon-jboss",
- "tags": "datavirt,jboss,xpaas",
- "supports": "datavirt:6.3,xpaas:1.4",
+ "iconClass": "icon-datavirt",
+ "tags": "datavirt,jboss,hidden",
+ "supports": "datavirt:6.3",
"version": "1.0",
"openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.3"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-datavirt-6/datavirt63-openshift:1.0"
}
},
{
"name": "1.1",
"annotations": {
"description": "Red Hat JBoss Data Virtualization 6.3 S2I images.",
- "iconClass": "icon-jboss",
- "tags": "datavirt,jboss,xpaas",
- "supports": "datavirt:6.3,xpaas:1.4",
+ "iconClass": "icon-datavirt",
+ "tags": "datavirt,jboss,hidden",
+ "supports": "datavirt:6.3",
"version": "1.1",
"openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.3"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-datavirt-6/datavirt63-openshift:1.1"
}
},
{
"name": "1.2",
"annotations": {
"description": "Red Hat JBoss Data Virtualization 6.3 S2I images.",
- "iconClass": "icon-jboss",
- "tags": "datavirt,jboss,xpaas",
- "supports":"datavirt:6.3,xpaas:1.4",
- "version": "1.2"
+ "iconClass": "icon-datavirt",
+ "tags": "datavirt,jboss,hidden",
+ "supports": "datavirt:6.3",
+ "version": "1.2",
+ "openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.3"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-datavirt-6/datavirt63-openshift:1.2"
}
- }
+ },
+ {
+ "name": "1.3",
+ "annotations": {
+ "description": "Red Hat JBoss Data Virtualization 6.3 S2I images.",
+ "iconClass": "icon-datavirt",
+ "tags": "datavirt,jboss,hidden",
+ "supports":"datavirt:6.3",
+ "version": "1.3",
+ "openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.3"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-datavirt-6/datavirt63-openshift:1.3"
+ }
+ }
]
}
},
@@ -681,20 +1077,42 @@
"metadata": {
"name": "jboss-datavirt63-driver-openshift",
"annotations": {
- "openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.5 JDBC Driver Modules for EAP"
+ "openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.5 JDBC Driver Modules for EAP",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "version": "1.4.7"
}
},
+ "labels": {
+ "xpaas": "1.4.7"
+ },
"spec": {
- "dockerImageRepository": "registry.access.redhat.com/jboss-datavirt-6/datavirt63-driver-openshift",
"tags": [
{
"name": "1.0",
"annotations": {
"description": "JBoss Data Virtualization 6.5 JDBC Driver Modules for EAP.",
- "iconClass": "icon-jboss",
- "tags": "client,jboss,xpaas",
+ "iconClass": "icon-datavirt",
+ "tags": "client,jboss,hidden",
"version": "1.0",
"openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.5 JDBC Driver Modules for EAP"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-datavirt-6/datavirt63-driver-openshift:1.0"
+ }
+ },
+ {
+ "name": "1.1",
+ "annotations": {
+ "description": "JBoss Data Virtualization 6.5 JDBC Driver Modules for EAP.",
+ "iconClass": "icon-datavirt",
+ "tags": "client,jboss,hidden",
+ "version": "1.1",
+ "openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.5 JDBC Driver Modules for EAP"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-datavirt-6/datavirt63-driver-openshift:1.1"
}
}
]
@@ -706,65 +1124,106 @@
"metadata": {
"name": "jboss-amq-62",
"annotations": {
- "openshift.io/display-name": "Red Hat JBoss A-MQ 6.2"
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.2",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "version": "1.4.7"
}
},
+ "labels": {
+ "xpaas": "1.4.7"
+ },
"spec": {
- "dockerImageRepository": "registry.access.redhat.com/jboss-amq-6/amq62-openshift",
"tags": [
{
"name": "1.1",
"annotations": {
"description": "JBoss A-MQ 6.2 broker image.",
- "iconClass": "icon-jboss",
- "tags": "messaging,amq,jboss,xpaas",
- "supports": "amq:6.2,messaging,xpaas:1.1",
+ "iconClass": "icon-amq",
+ "tags": "messaging,amq,jboss,hidden",
+ "supports": "amq:6.2,messaging",
"version": "1.1",
"openshift.io/display-name": "Red Hat JBoss A-MQ 6.2"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-amq-6/amq62-openshift:1.1"
}
},
{
"name": "1.2",
"annotations": {
"description": "JBoss A-MQ 6.2 broker image.",
- "iconClass": "icon-jboss",
- "tags": "messaging,amq,jboss,xpaas",
- "supports": "amq:6.2,messaging,xpaas:1.2",
+ "iconClass": "icon-amq",
+ "tags": "messaging,amq,jboss,hidden",
+ "supports": "amq:6.2,messaging",
"version": "1.2",
"openshift.io/display-name": "Red Hat JBoss A-MQ 6.2"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-amq-6/amq62-openshift:1.2"
}
},
{
"name": "1.3",
"annotations": {
"description": "JBoss A-MQ 6.2 broker image.",
- "iconClass": "icon-jboss",
- "tags": "messaging,amq,jboss,xpaas",
- "supports": "amq:6.2,messaging,xpaas:1.3",
+ "iconClass": "icon-amq",
+ "tags": "messaging,amq,jboss,hidden",
+ "supports": "amq:6.2,messaging",
"version": "1.3",
"openshift.io/display-name": "Red Hat JBoss A-MQ 6.2"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-amq-6/amq62-openshift:1.3"
}
},
{
"name": "1.4",
"annotations": {
"description": "JBoss A-MQ 6.2 broker image.",
- "iconClass": "icon-jboss",
- "tags": "messaging,amq,jboss,xpaas",
- "supports":"amq:6.2,messaging,xpaas:1.4",
- "version": "1.4"
+ "iconClass": "icon-amq",
+ "tags": "messaging,amq,jboss,hidden",
+ "supports": "amq:6.2,messaging",
+ "version": "1.4",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.2"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-amq-6/amq62-openshift:1.4"
}
},
{
"name": "1.5",
"annotations": {
"description": "JBoss A-MQ 6.2 broker image.",
- "iconClass": "icon-jboss",
- "tags": "messaging,amq,jboss,xpaas",
- "supports":"amq:6.2,messaging,xpaas:1.5",
- "version": "1.5"
+ "iconClass": "icon-amq",
+ "tags": "messaging,amq,jboss,hidden",
+ "supports": "amq:6.2,messaging",
+ "version": "1.5",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.2"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-amq-6/amq62-openshift:1.5"
}
- }
+ },
+ {
+ "name": "1.6",
+ "annotations": {
+ "description": "JBoss A-MQ 6.2 broker image.",
+ "iconClass": "icon-amq",
+ "tags": "messaging,amq,jboss,hidden",
+ "supports":"amq:6.2,messaging",
+ "version": "1.6",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.2"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-amq-6/amq62-openshift:1.6"
+ }
+ }
]
}
},
@@ -774,32 +1233,59 @@
"metadata": {
"name": "jboss-amq-63",
"annotations": {
- "openshift.io/display-name": "Red Hat JBoss A-MQ 6.3"
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.3",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "version": "1.4.7"
}
},
+ "labels": {
+ "xpaas": "1.4.7"
+ },
"spec": {
- "dockerImageRepository": "registry.access.redhat.com/jboss-amq-6/amq63-openshift",
"tags": [
{
"name": "1.0",
"annotations": {
"description": "JBoss A-MQ 6.3 broker image.",
- "iconClass": "icon-jboss",
- "tags": "messaging,amq,jboss,xpaas",
- "supports": "amq:6.3,messaging,xpaas:1.0",
+ "iconClass": "icon-amq",
+ "tags": "messaging,amq,jboss,hidden",
+ "supports": "amq:6.3,messaging",
"version": "1.0",
"openshift.io/display-name": "Red Hat JBoss A-MQ 6.3"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-amq-6/amq63-openshift:1.0"
}
},
{
"name": "1.1",
"annotations": {
"description": "JBoss A-MQ 6.3 broker image.",
- "iconClass": "icon-jboss",
- "tags": "messaging,amq,jboss,xpaas",
- "supports": "amq:6.3,messaging,xpaas:1.1",
+ "iconClass": "icon-amq",
+ "tags": "messaging,amq,jboss,hidden",
+ "supports": "amq:6.3,messaging",
"version": "1.1",
"openshift.io/display-name": "Red Hat JBoss A-MQ 6.3"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-amq-6/amq63-openshift:1.1"
+ }
+ },
+ {
+ "name": "1.2",
+ "annotations": {
+ "description": "JBoss A-MQ 6.3 broker image.",
+ "iconClass": "icon-amq",
+ "tags": "messaging,amq,jboss,hidden",
+ "supports": "amq:6.3,messaging",
+ "version": "1.2",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.3"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-amq-6/amq63-openshift:1.2"
}
}
]
@@ -812,32 +1298,44 @@
"name": "redhat-sso70-openshift",
"annotations": {
"description": "Red Hat SSO 7.0",
- "openshift.io/display-name": "Red Hat Single Sign-On 7.0"
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.0",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "version": "1.4.7"
}
},
+ "labels": {
+ "xpaas": "1.4.7"
+ },
"spec": {
- "dockerImageRepository": "registry.access.redhat.com/redhat-sso-7/sso70-openshift",
"tags": [
{
"name": "1.3",
"annotations": {
"description": "Red Hat SSO 7.0",
- "iconClass": "icon-jboss",
- "tags": "sso,keycloak,redhat",
- "supports": "sso:7.0,xpaas:1.3",
+ "iconClass": "icon-sso",
+ "tags": "sso,keycloak,redhat,hidden",
+ "supports": "sso:7.0",
"version": "1.3",
"openshift.io/display-name": "Red Hat Single Sign-On 7.0"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/redhat-sso-7/sso70-openshift:1.3"
}
},
{
"name": "1.4",
"annotations": {
"description": "Red Hat SSO 7.0",
- "iconClass": "icon-jboss",
- "tags": "sso,keycloak,redhat",
- "supports": "sso:7.0,xpaas:1.4",
+ "iconClass": "icon-sso",
+ "tags": "sso,keycloak,redhat,hidden",
+ "supports": "sso:7.0",
"version": "1.4",
"openshift.io/display-name": "Red Hat Single Sign-On 7.0"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/redhat-sso-7/sso70-openshift:1.4"
}
}
]
@@ -850,32 +1348,59 @@
"name": "redhat-sso71-openshift",
"annotations": {
"description": "Red Hat SSO 7.1",
- "openshift.io/display-name": "Red Hat Single Sign-On 7.1"
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.1",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "version": "1.4.7"
}
},
+ "labels": {
+ "xpaas": "1.4.7"
+ },
"spec": {
- "dockerImageRepository": "registry.access.redhat.com/redhat-sso-7/sso71-openshift",
"tags": [
{
"name": "1.0",
"annotations": {
"description": "Red Hat SSO 7.1",
- "iconClass": "icon-jboss",
- "tags": "sso,keycloak,redhat",
- "supports": "sso:7.1,xpaas:1.4",
+ "iconClass": "icon-sso",
+ "tags": "sso,keycloak,redhat,hidden",
+ "supports": "sso:7.1",
"version": "1.0",
"openshift.io/display-name": "Red Hat Single Sign-On 7.1"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/redhat-sso-7/sso71-openshift:1.0"
}
},
{
"name": "1.1",
"annotations": {
"description": "Red Hat SSO 7.1",
- "iconClass": "icon-jboss",
- "tags": "sso,keycloak,redhat",
- "supports": "sso:7.1,xpaas:1.4",
+ "iconClass": "icon-sso",
+ "tags": "sso,keycloak,redhat,hidden",
+ "supports": "sso:7.1",
"version": "1.1",
"openshift.io/display-name": "Red Hat Single Sign-On 7.1"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/redhat-sso-7/sso71-openshift:1.1"
+ }
+ },
+ {
+ "name": "1.2",
+ "annotations": {
+ "description": "Red Hat SSO 7.1",
+ "iconClass": "icon-sso",
+ "tags": "sso,keycloak,redhat,hidden",
+ "supports": "sso:7.1",
+ "version": "1.2",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.1"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/redhat-sso-7/sso71-openshift:1.2"
}
}
]
@@ -887,23 +1412,31 @@
"metadata": {
"name": "redhat-openjdk18-openshift",
"annotations": {
- "openshift.io/display-name": "Red Hat OpenJDK 8"
+ "openshift.io/display-name": "Red Hat OpenJDK 8",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "version": "1.4.7"
}
},
+ "labels": {
+ "xpaas": "1.4.7"
+ },
"spec": {
- "dockerImageRepository": "registry.access.redhat.com/redhat-openjdk-18/openjdk18-openshift",
"tags": [
{
"name": "1.0",
"annotations": {
"openshift.io/display-name": "Red Hat OpenJDK 8",
"description": "Build and run Java applications using Maven and OpenJDK 8.",
- "iconClass": "icon-jboss",
- "tags": "builder,java,xpaas,openjdk",
- "supports": "java:8,xpaas:1.0",
+ "iconClass": "icon-rh-openjdk",
+ "tags": "builder,java,openjdk,hidden",
+ "supports": "java:8",
"sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts",
"sampleContextDir": "undertow-servlet",
"version": "1.0"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/redhat-openjdk-18/openjdk18-openshift:1.0"
}
},
{
@@ -911,12 +1444,33 @@
"annotations": {
"openshift.io/display-name": "Red Hat OpenJDK 8",
"description": "Build and run Java applications using Maven and OpenJDK 8.",
- "iconClass": "icon-jboss",
- "tags": "builder,java,xpaas,openjdk",
- "supports": "java:8,xpaas:1.4",
+ "iconClass": "icon-rh-openjdk",
+ "tags": "builder,java,openjdk",
+ "supports": "java:8",
"sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts",
"sampleContextDir": "undertow-servlet",
"version": "1.1"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/redhat-openjdk-18/openjdk18-openshift:1.1"
+ }
+ },
+ {
+ "name": "1.2",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat OpenJDK 8",
+ "description": "Build and run Java applications using Maven and OpenJDK 8.",
+ "iconClass": "icon-rh-openjdk",
+ "tags": "builder,java,openjdk",
+ "supports": "java:8",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "sampleContextDir": "undertow-servlet",
+ "version": "1.2"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/redhat-openjdk-18/openjdk18-openshift:1.2"
}
}
]
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/amq62-basic.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/amq62-basic.json
index d219ead67..8f8e14cb6 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/amq62-basic.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/amq62-basic.json
@@ -4,16 +4,17 @@
"metadata": {
"annotations": {
"description": "Application template for JBoss A-MQ brokers. These can be deployed as standalone or in a mesh. This template doesn't feature SSL support.",
- "iconClass": "icon-jboss",
- "tags": "messaging,amq,jboss,xpaas",
- "version": "1.5.0",
- "openshift.io/display-name": "Red Hat JBoss A-MQ 6.2 (Ephemeral, no SSL)"
+ "iconClass": "icon-amq",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "tags": "messaging,amq,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss A-MQ 6.2 (Ephemeral, no SSL)"
},
"name": "amq62-basic"
},
"labels": {
"template": "amq62-basic",
- "xpaas": "1.5.0"
+ "xpaas": "1.4.7"
},
"message": "A new messaging service has been created in your project. It will handle the protocol(s) \"${MQ_PROTOCOL}\". The username/password for accessing the service is ${MQ_USERNAME}/${MQ_PASSWORD}.",
"parameters": [
@@ -83,6 +84,13 @@
"required": false
},
{
+ "displayName": "Queue Memory Limit",
+ "description": "The queue memory limit (default is 1mb)",
+ "name": "AMQ_QUEUE_MEMORY_LIMIT",
+ "value": "",
+ "required": false
+ },
+ {
"displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
@@ -215,7 +223,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.5"
+ "name": "jboss-amq-62:1.6"
}
}
},
@@ -322,6 +330,10 @@
{
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "${AMQ_STORAGE_USAGE_LIMIT}"
+ },
+ {
+ "name": "AMQ_QUEUE_MEMORY_LIMIT",
+ "value": "${AMQ_QUEUE_MEMORY_LIMIT}"
}
]
}
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/amq62-persistent-ssl.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/amq62-persistent-ssl.json
index 529a2a8ec..96f9d616f 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/amq62-persistent-ssl.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/amq62-persistent-ssl.json
@@ -3,17 +3,22 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "description": "Application template for JBoss A-MQ brokers. These are deployed as standalone and use persistent storage for saving messages, including message migration when the number of pods are reduced. This template supports SSL and requires usage of OpenShift secrets.",
- "iconClass": "icon-jboss",
- "tags": "messaging,amq,jboss,xpaas",
- "version": "1.5.0",
- "openshift.io/display-name": "Red Hat JBoss A-MQ 6.2 (Persistent with SSL)"
+ "iconClass": "icon-amq",
+ "tags": "messaging,amq,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss A-MQ 6.2 (with SSL)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example JBoss A-MQ application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat JBoss A-MQ 6.2 based application, including a deployment configuration, using persistence and secure communication using SSL.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-amq/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+
},
"name": "amq62-persistent-ssl"
},
"labels": {
"template": "amq62-persistent-ssl",
- "xpaas": "1.5.0"
+ "xpaas": "1.4.7"
},
"message": "A new persistent messaging service with SSL support has been created in your project. It will handle the protocol(s) \"${MQ_PROTOCOL}\". The username/password for accessing the service is ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"amq-service-account\" service account and a secret named \"${AMQ_SECRET}\" containing the trust store and key store files (\"${AMQ_TRUSTSTORE}\" and \"${AMQ_KEYSTORE}\") used for serving secure content.",
"parameters": [
@@ -132,6 +137,13 @@
"required": false
},
{
+ "displayName": "Queue Memory Limit",
+ "description": "The queue memory limit (default is 1mb)",
+ "name": "AMQ_QUEUE_MEMORY_LIMIT",
+ "value": "",
+ "required": false
+ },
+ {
"displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
@@ -360,7 +372,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.5"
+ "name": "jboss-amq-62:1.6"
}
}
},
@@ -523,6 +535,10 @@
{
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "${AMQ_STORAGE_USAGE_LIMIT}"
+ },
+ {
+ "name": "AMQ_QUEUE_MEMORY_LIMIT",
+ "value": "${AMQ_QUEUE_MEMORY_LIMIT}"
}
]
}
@@ -569,7 +585,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.5"
+ "name": "jboss-amq-62:1.6"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/amq62-persistent.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/amq62-persistent.json
index b17d23c06..67c812fb4 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/amq62-persistent.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/amq62-persistent.json
@@ -4,16 +4,17 @@
"metadata": {
"annotations": {
"description": "Application template for JBoss A-MQ brokers. These can be deployed as standalone and use persistent storage for saving messages, including message migration when the number of pods are reduced. This template doesn't feature SSL support.",
- "iconClass": "icon-jboss",
- "tags": "messaging,amq,jboss,xpaas",
- "version": "1.5.0",
- "openshift.io/display-name": "Red Hat JBoss A-MQ 6.2 (Persistent, no SSL)"
+ "iconClass": "icon-amq",
+ "tags": "messaging,amq,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss A-MQ 6.2 (no SSL)",
+ "openshift.io/provider-display-name": "Red Hat, Inc."
},
"name": "amq62-persistent"
},
"labels": {
"template": "amq62-persistent",
- "xpaas": "1.5.0"
+ "xpaas": "1.4.7"
},
"message": "A new persistent messaging service has been created in your project. It will handle the protocol(s) \"${MQ_PROTOCOL}\". The username/password for accessing the service is ${MQ_USERNAME}/${MQ_PASSWORD}.",
"parameters": [
@@ -97,6 +98,13 @@
"required": false
},
{
+ "displayName": "Queue Memory Limit",
+ "description": "The queue memory limit (default is 1mb)",
+ "name": "AMQ_QUEUE_MEMORY_LIMIT",
+ "value": "",
+ "required": false
+ },
+ {
"displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
@@ -229,7 +237,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.5"
+ "name": "jboss-amq-62:1.6"
}
}
},
@@ -346,6 +354,10 @@
{
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "${AMQ_STORAGE_USAGE_LIMIT}"
+ },
+ {
+ "name": "AMQ_QUEUE_MEMORY_LIMIT",
+ "value": "${AMQ_QUEUE_MEMORY_LIMIT}"
}
]
}
@@ -386,7 +398,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.5"
+ "name": "jboss-amq-62:1.6"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/amq62-ssl.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/amq62-ssl.json
index a4a099e08..9f488820c 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/amq62-ssl.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/amq62-ssl.json
@@ -4,16 +4,17 @@
"metadata": {
"annotations": {
"description": "Application template for JBoss A-MQ brokers. These can be deployed as standalone or in a mesh. This template supports SSL and requires usage of OpenShift secrets.",
- "iconClass": "icon-jboss",
- "tags": "messaging,amq,jboss,xpaas",
- "version": "1.5.0",
- "openshift.io/display-name": "Red Hat JBoss A-MQ 6.2 (Ephemeral with SSL)"
+ "iconClass": "icon-amq",
+ "tags": "messaging,amq,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss A-MQ 6.2 (Ephemeral with SSL)",
+ "openshift.io/provider-display-name": "Red Hat, Inc."
},
"name": "amq62-ssl"
},
"labels": {
"template": "amq62-ssl",
- "xpaas": "1.5.0"
+ "xpaas": "1.4.7"
},
"message": "A new messaging service with SSL support has been created in your project. It will handle the protocol(s) \"${MQ_PROTOCOL}\". The username/password for accessing the service is ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"amq-service-account\" service account and a secret named \"${AMQ_SECRET}\" containing the trust store and key store files (\"${AMQ_TRUSTSTORE}\" and \"${AMQ_KEYSTORE}\") used for serving secure content.",
"parameters": [
@@ -118,6 +119,13 @@
"required": false
},
{
+ "displayName": "Queue Memory Limit",
+ "description": "The queue memory limit (default is 1mb)",
+ "name": "AMQ_QUEUE_MEMORY_LIMIT",
+ "value": "",
+ "required": false
+ },
+ {
"displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
@@ -346,7 +354,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.5"
+ "name": "jboss-amq-62:1.6"
}
}
},
@@ -501,6 +509,10 @@
{
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "${AMQ_STORAGE_USAGE_LIMIT}"
+ },
+ {
+ "name": "AMQ_QUEUE_MEMORY_LIMIT",
+ "value": "${AMQ_QUEUE_MEMORY_LIMIT}"
}
]
}
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/amq63-basic.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/amq63-basic.json
index 4655d3174..e13530764 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/amq63-basic.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/amq63-basic.json
@@ -4,16 +4,17 @@
"metadata": {
"annotations": {
"description": "Application template for JBoss A-MQ brokers. These can be deployed as standalone or in a mesh. This template doesn't feature SSL support.",
- "iconClass": "icon-jboss",
- "tags": "messaging,amq,jboss,xpaas",
- "version": "1.1",
- "openshift.io/display-name": "Red Hat JBoss A-MQ 6.3 (Ephemeral, no SSL)"
+ "iconClass": "icon-amq",
+ "tags": "messaging,amq,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.3 (Ephemeral, no SSL)",
+ "openshift.io/provider-display-name": "Red Hat, Inc."
},
"name": "amq63-basic"
},
"labels": {
"template": "amq63-basic",
- "xpaas": "1.5.0"
+ "xpaas": "1.4.7"
},
"message": "A new messaging service has been created in your project. It will handle the protocol(s) \"${MQ_PROTOCOL}\". The username/password for accessing the service is ${MQ_USERNAME}/${MQ_PASSWORD}.",
"parameters": [
@@ -83,6 +84,13 @@
"required": false
},
{
+ "displayName": "Queue Memory Limit",
+ "description": "The queue memory limit (default is 1mb)",
+ "name": "AMQ_QUEUE_MEMORY_LIMIT",
+ "value": "",
+ "required": false
+ },
+ {
"displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
@@ -215,7 +223,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-63:1.1"
+ "name": "jboss-amq-63:1.2"
}
}
},
@@ -322,6 +330,10 @@
{
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "${AMQ_STORAGE_USAGE_LIMIT}"
+ },
+ {
+ "name": "AMQ_QUEUE_MEMORY_LIMIT",
+ "value": "${AMQ_QUEUE_MEMORY_LIMIT}"
}
]
}
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/amq63-persistent-ssl.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/amq63-persistent-ssl.json
index 0e8b80592..3eedee933 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/amq63-persistent-ssl.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/amq63-persistent-ssl.json
@@ -3,17 +3,21 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "description": "Application template for JBoss A-MQ brokers. These are deployed as standalone and use persistent storage for saving messages, including message migration when the number of pods are reduced. This template supports SSL and requires usage of OpenShift secrets.",
- "iconClass": "icon-jboss",
- "tags": "messaging,amq,jboss,xpaas",
- "version": "1.1",
- "openshift.io/display-name": "Red Hat JBoss A-MQ 6.3 (Persistent with SSL)"
+ "iconClass": "icon-amq",
+ "tags": "messaging,amq,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss A-MQ 6.3 (with SSL)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example JBoss A-MQ application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat JBoss A-MQ 6.3 based application, including a deployment configuration, using persistence and secure communication using SSL.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-amq/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
},
"name": "amq63-persistent-ssl"
},
"labels": {
"template": "amq63-persistent-ssl",
- "xpaas": "1.5.0"
+ "xpaas": "1.4.7"
},
"message": "A new persistent messaging service with SSL support has been created in your project. It will handle the protocol(s) \"${MQ_PROTOCOL}\". The username/password for accessing the service is ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"amq-service-account\" service account and a secret named \"${AMQ_SECRET}\" containing the trust store and key store files (\"${AMQ_TRUSTSTORE}\" and \"${AMQ_KEYSTORE}\") used for serving secure content.",
"parameters": [
@@ -132,6 +136,13 @@
"required": false
},
{
+ "displayName": "Queue Memory Limit",
+ "description": "The queue memory limit (default is 1mb)",
+ "name": "AMQ_QUEUE_MEMORY_LIMIT",
+ "value": "",
+ "required": false
+ },
+ {
"displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
@@ -360,7 +371,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-63:1.1"
+ "name": "jboss-amq-63:1.2"
}
}
},
@@ -523,6 +534,10 @@
{
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "${AMQ_STORAGE_USAGE_LIMIT}"
+ },
+ {
+ "name": "AMQ_QUEUE_MEMORY_LIMIT",
+ "value": "${AMQ_QUEUE_MEMORY_LIMIT}"
}
]
}
@@ -569,7 +584,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-63:1.1"
+ "name": "jboss-amq-63:1.2"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/amq63-persistent.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/amq63-persistent.json
index b94a8bbb8..7c0aec61a 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/amq63-persistent.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/amq63-persistent.json
@@ -3,17 +3,21 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "description": "Application template for JBoss A-MQ brokers. These can be deployed as standalone and use persistent storage for saving messages, including message migration when the number of pods are reduced. This template doesn't feature SSL support.",
- "iconClass": "icon-jboss",
- "tags": "messaging,amq,jboss,xpaas",
- "version": "1.1",
- "openshift.io/display-name": "Red Hat JBoss A-MQ 6.3 (Persistent, no SSL)"
+ "iconClass": "icon-amq",
+ "tags": "messaging,amq,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss A-MQ 6.3 (no SSL)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example JBoss A-MQ application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat JBoss A-MQ 6.3 based application, including a deployment configuration and using persistence.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-amq/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
},
"name": "amq63-persistent"
},
"labels": {
"template": "amq63-persistent",
- "xpaas": "1.5.0"
+ "xpaas": "1.4.7"
},
"message": "A new persistent messaging service has been created in your project. It will handle the protocol(s) \"${MQ_PROTOCOL}\". The username/password for accessing the service is ${MQ_USERNAME}/${MQ_PASSWORD}.",
"parameters": [
@@ -97,6 +101,13 @@
"required": false
},
{
+ "displayName": "Queue Memory Limit",
+ "description": "The queue memory limit (default is 1mb)",
+ "name": "AMQ_QUEUE_MEMORY_LIMIT",
+ "value": "",
+ "required": false
+ },
+ {
"displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
@@ -229,7 +240,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-63:1.1"
+ "name": "jboss-amq-63:1.2"
}
}
},
@@ -346,6 +357,10 @@
{
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "${AMQ_STORAGE_USAGE_LIMIT}"
+ },
+ {
+ "name": "AMQ_QUEUE_MEMORY_LIMIT",
+ "value": "${AMQ_QUEUE_MEMORY_LIMIT}"
}
]
}
@@ -386,7 +401,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-63:1.1"
+ "name": "jboss-amq-63:1.2"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/amq63-ssl.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/amq63-ssl.json
index f2de718c5..a55403c79 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/amq63-ssl.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/amq63-ssl.json
@@ -3,17 +3,21 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "description": "Application template for JBoss A-MQ brokers. These can be deployed as standalone or in a mesh. This template supports SSL and requires usage of OpenShift secrets.",
- "iconClass": "icon-jboss",
- "tags": "messaging,amq,jboss,xpaas",
- "version": "1.1",
- "openshift.io/display-name": "Red Hat JBoss A-MQ 6.3 (Ephemeral with SSL)"
+ "iconClass": "icon-amq",
+ "tags": "messaging,amq,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss A-MQ 6.3 (Ephemeral with SSL)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example JBoss A-MQ application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat JBoss A-MQ 6.2 based application, including a deployment configuration, using ephemeral (temporary) storage and secure communication using SSL. These can be deployed as standalone or in a mesh.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-amq/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
},
"name": "amq63-ssl"
},
"labels": {
"template": "amq63-ssl",
- "xpaas": "1.5.0"
+ "xpaas": "1.4.7"
},
"message": "A new messaging service with SSL support has been created in your project. It will handle the protocol(s) \"${MQ_PROTOCOL}\". The username/password for accessing the service is ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"amq-service-account\" service account and a secret named \"${AMQ_SECRET}\" containing the trust store and key store files (\"${AMQ_TRUSTSTORE}\" and \"${AMQ_KEYSTORE}\") used for serving secure content.",
"parameters": [
@@ -118,6 +122,13 @@
"required": false
},
{
+ "displayName": "Queue Memory Limit",
+ "description": "The queue memory limit (default is 1mb)",
+ "name": "AMQ_QUEUE_MEMORY_LIMIT",
+ "value": "",
+ "required": false
+ },
+ {
"displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
@@ -346,7 +357,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-63:1.1"
+ "name": "jboss-amq-63:1.2"
}
}
},
@@ -501,6 +512,10 @@
{
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "${AMQ_STORAGE_USAGE_LIMIT}"
+ },
+ {
+ "name": "AMQ_QUEUE_MEMORY_LIMIT",
+ "value": "${AMQ_QUEUE_MEMORY_LIMIT}"
}
]
}
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/datagrid65-basic.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/datagrid65-basic.json
index 32433bef0..af390c13d 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/datagrid65-basic.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/datagrid65-basic.json
@@ -3,17 +3,18 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "iconClass": "icon-jboss",
+ "iconClass": "icon-datagrid",
"description": "Application template for JDG 6.5 applications.",
- "tags": "datagrid,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5 (Ephemeral, no https)"
+ "tags": "datagrid,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Data Grid 6.5 (Ephemeral, no https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc."
},
"name": "datagrid65-basic"
},
"labels": {
"template": "datagrid65-basic",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
"message": "A new data grid service has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\".",
"parameters": [
@@ -227,7 +228,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-datagrid65-openshift:1.4"
+ "name": "jboss-datagrid65-openshift:1.5"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/datagrid65-https.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/datagrid65-https.json
index e6f020400..97d02c788 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/datagrid65-https.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/datagrid65-https.json
@@ -3,17 +3,18 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "iconClass": "icon-jboss",
+ "iconClass": "icon-datagrid",
"description": "Application template for JDG 6.5 applications.",
- "tags": "datagrid,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5 (Ephemeral with https)"
+ "tags": "datagrid,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Data Grid 6.5 (Ephemeral with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc."
},
"name": "datagrid65-https"
},
"labels": {
"template": "datagrid65-https",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
"message": "A new data grid service has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\". Please be sure to create the \"datagrid-service-account\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
@@ -337,7 +338,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-datagrid65-openshift:1.4"
+ "name": "jboss-datagrid65-openshift:1.5"
}
}
},
@@ -502,6 +503,10 @@
"value": "${REST_SECURITY_DOMAIN}"
},
{
+ "name": "HOTROD_ENCRYPTION",
+ "value": "${HTTPS_NAME}"
+ },
+ {
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "${JGROUPS_ENCRYPT_SECRET}"
},
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/datagrid65-mysql-persistent.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/datagrid65-mysql-persistent.json
index ff57a7936..018132668 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/datagrid65-mysql-persistent.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/datagrid65-mysql-persistent.json
@@ -3,17 +3,21 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "iconClass": "icon-jboss",
- "description": "Application template for JDG 6.5 and MySQL applications with persistent storage.",
- "tags": "datagrid,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5 + MySQL (Persistent with https)"
+ "iconClass": "icon-datagrid",
+ "tags": "datagrid,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Data Grid 6.5 + MySQL (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example JBoss Data Grid application with a MySQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat JBoss Data Grid 6.5 based application, including a deployment configuration, using MySQL databased using persistence and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-data-grid/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
},
"name": "datagrid65-mysql-persistent"
},
"labels": {
"template": "datagrid65-mysql-persistent",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
"message": "A new data grid service (using MySQL with persistent storage) has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\". The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"datagrid-service-account\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
@@ -457,7 +461,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-datagrid65-openshift:1.4"
+ "name": "jboss-datagrid65-openshift:1.5"
}
}
},
@@ -666,6 +670,10 @@
"value": "${APPLICATION_NAME}-hotrod"
},
{
+ "name": "HOTROD_ENCRYPTION",
+ "value": "${HTTPS_NAME}"
+ },
+ {
"name": "MEMCACHED_CACHE",
"value": "${MEMCACHED_CACHE}"
},
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/datagrid65-mysql.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/datagrid65-mysql.json
index 44902de25..1e8ca1b51 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/datagrid65-mysql.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/datagrid65-mysql.json
@@ -3,17 +3,18 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "iconClass": "icon-jboss",
+ "iconClass": "icon-datagrid",
"description": "Application template for JDG 6.5 and MySQL applications.",
- "tags": "datagrid,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5 + MySQL (Ephemeral with https)"
+ "tags": "datagrid,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Data Grid 6.5 + MySQL (Ephemeral with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc."
},
"name": "datagrid65-mysql"
},
"labels": {
"template": "datagrid65-mysql",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
"message": "A new data grid service (using MySQL) has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\". The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"datagrid-service-account\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
@@ -450,7 +451,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-datagrid65-openshift:1.4"
+ "name": "jboss-datagrid65-openshift:1.5"
}
}
},
@@ -659,6 +660,10 @@
"value": "${APPLICATION_NAME}-hotrod"
},
{
+ "name": "HOTROD_ENCRYPTION",
+ "value": "${HTTPS_NAME}"
+ },
+ {
"name": "MEMCACHED_CACHE",
"value": "${MEMCACHED_CACHE}"
},
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/datagrid65-postgresql-persistent.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/datagrid65-postgresql-persistent.json
index 6b90e1370..4a1d818c9 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/datagrid65-postgresql-persistent.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/datagrid65-postgresql-persistent.json
@@ -3,17 +3,22 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "iconClass": "icon-jboss",
+ "iconClass": "icon-datagrid",
"description": "Application template for JDG 6.5 and PostgreSQL applications with persistent storage.",
- "tags": "datagrid,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5 + PostgreSQL (Persistent with https)"
+ "tags": "datagrid,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Data Grid 6.5 + PostgreSQL (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example JBoss Data Grid application with a PostgreSQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat JBoss Data Grid 6.5 based application, including a deployment configuration, using PostgreSQL database using persistence and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-data-grid/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
},
"name": "datagrid65-postgresql-persistent"
},
"labels": {
"template": "datagrid65-postgresql-persistent",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
"message": "A new data grid service (using PostgreSQL with persistent storage) has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\". The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"datagrid-service-account\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
@@ -437,7 +442,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-datagrid65-openshift:1.4"
+ "name": "jboss-datagrid65-openshift:1.5"
}
}
},
@@ -646,6 +651,10 @@
"value": "${APPLICATION_NAME}-hotrod"
},
{
+ "name": "HOTROD_ENCRYPTION",
+ "value": "${HTTPS_NAME}"
+ },
+ {
"name": "MEMCACHED_CACHE",
"value": "${MEMCACHED_CACHE}"
},
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/datagrid65-postgresql.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/datagrid65-postgresql.json
index ae36376db..d97bdfa75 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/datagrid65-postgresql.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/datagrid65-postgresql.json
@@ -3,17 +3,18 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "iconClass": "icon-jboss",
+ "iconClass": "icon-datagrid",
"description": "Application template for JDG 6.5 and PostgreSQL applications built using.",
- "tags": "datagrid,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5 + PostgreSQL (Ephemeral with https)"
+ "tags": "datagrid,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Data Grid 6.5 + PostgreSQL (Ephemeral with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc."
},
"name": "datagrid65-postgresql"
},
"labels": {
"template": "datagrid65-postgresql",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
"message": "A new data grid service (using PostgreSQL) has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\". The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"datagrid-service-account\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
@@ -430,7 +431,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-datagrid65-openshift:1.4"
+ "name": "jboss-datagrid65-openshift:1.5"
}
}
},
@@ -639,6 +640,10 @@
"value": "${APPLICATION_NAME}-hotrod"
},
{
+ "name": "HOTROD_ENCRYPTION",
+ "value": "${HTTPS_NAME}"
+ },
+ {
"name": "MEMCACHED_CACHE",
"value": "${MEMCACHED_CACHE}"
},
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/datagrid71-basic.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/datagrid71-basic.json
index 200f232ea..d4b83da34 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/datagrid71-basic.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/datagrid71-basic.json
@@ -3,17 +3,21 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "iconClass": "icon-jboss",
- "description": "Application template for JDG 7.1 applications.",
- "tags": "datagrid,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss Data Grid 7.1 (Ephemeral, no https)"
+ "iconClass": "icon-datagrid",
+ "tags": "datagrid,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Data Grid 7.1 (Ephemeral, no https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example JBoss Data Grid application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat JBoss Data Grid 7.1 based application, including a deployment configuration, using using ephemeral (temporary) storage and communication using http.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-data-grid/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
},
"name": "datagrid71-basic"
},
"labels": {
"template": "datagrid71-basic",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
"message": "A new data grid service has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\".",
"parameters": [
@@ -46,6 +50,34 @@
"required": false
},
{
+ "displayName": "JDG User Roles/Groups",
+ "description": "Comma delimited list of roles/groups associated with the JDG user",
+ "name": "ADMIN_GROUP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Hotrod Authentication",
+ "description": "Enable Hotrod Authentication",
+ "name": "HOTROD_AUTHENTICATION",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Container Security Role Mapper",
+ "description": "Defines which role mapper to use for cache authentication",
+ "name": "CONTAINER_SECURITY_ROLE_MAPPER",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Container Security Roles",
+ "description": "Comma delimited list of role names and assigned permissions",
+ "name": "CONTAINER_SECURITY_ROLES",
+ "value": "",
+ "required": false
+ },
+ {
"displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
@@ -227,7 +259,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-datagrid71-openshift:1.0"
+ "name": "jboss-datagrid71-openshift:1.1"
}
}
},
@@ -314,6 +346,22 @@
"value": "${PASSWORD}"
},
{
+ "name": "ADMIN_GROUP",
+ "value": "${ADMIN_GROUP}"
+ },
+ {
+ "name": "HOTROD_AUTHENTICATION",
+ "value": "${HOTROD_AUTHENTICATION}"
+ },
+ {
+ "name": "CONTAINER_SECURITY_ROLE_MAPPER",
+ "value": "${CONTAINER_SECURITY_ROLE_MAPPER}"
+ },
+ {
+ "name": "CONTAINER_SECURITY_ROLES",
+ "value": "${CONTAINER_SECURITY_ROLES}"
+ },
+ {
"name": "OPENSHIFT_KUBE_PING_LABELS",
"value": "application=${APPLICATION_NAME}"
},
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/datagrid71-https.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/datagrid71-https.json
index b2c385608..2a46bd3a2 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/datagrid71-https.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/datagrid71-https.json
@@ -3,17 +3,21 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "iconClass": "icon-jboss",
- "description": "Application template for JDG 7.1 applications.",
- "tags": "datagrid,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss Data Grid 7.1 (Ephemeral with https)"
+ "iconClass": "icon-datagrid",
+ "tags": "datagrid,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Data Grid 7.1 (Ephemeral with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example JBoss Data Grid application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat JBoss Data Grid 7.1 based application, including a deployment configuration, using using ephemeral (temporary) storage and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-data-grid/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
},
"name": "datagrid71-https"
},
"labels": {
"template": "datagrid71-https",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
"message": "A new data grid service has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\". Please be sure to create the \"datagrid-service-account\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
@@ -53,6 +57,34 @@
"required": false
},
{
+ "displayName": "JDG User Roles/Groups",
+ "description": "Comma delimited list of roles/groups associated with the JDG user",
+ "name": "ADMIN_GROUP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Hotrod Authentication",
+ "description": "Enable Hotrod Authentication",
+ "name": "HOTROD_AUTHENTICATION",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Container Security Role Mapper",
+ "description": "Defines which role mapper to use for cache authentication",
+ "name": "CONTAINER_SECURITY_ROLE_MAPPER",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Container Security Roles",
+ "description": "Comma delimited list of role names and assigned permissions",
+ "name": "CONTAINER_SECURITY_ROLES",
+ "value": "",
+ "required": false
+ },
+ {
"displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
@@ -337,7 +369,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-datagrid71-openshift:1.0"
+ "name": "jboss-datagrid71-openshift:1.1"
}
}
},
@@ -442,6 +474,22 @@
"value": "${PASSWORD}"
},
{
+ "name": "ADMIN_GROUP",
+ "value": "${ADMIN_GROUP}"
+ },
+ {
+ "name": "HOTROD_AUTHENTICATION",
+ "value": "${HOTROD_AUTHENTICATION}"
+ },
+ {
+ "name": "CONTAINER_SECURITY_ROLE_MAPPER",
+ "value": "${CONTAINER_SECURITY_ROLE_MAPPER}"
+ },
+ {
+ "name": "CONTAINER_SECURITY_ROLES",
+ "value": "${CONTAINER_SECURITY_ROLES}"
+ },
+ {
"name": "HTTPS_KEYSTORE_DIR",
"value": "/etc/datagrid-secret-volume"
},
@@ -494,6 +542,10 @@
"value": "${APPLICATION_NAME}-hotrod"
},
{
+ "name": "HOTROD_ENCRYPTION",
+ "value": "${HTTPS_NAME}"
+ },
+ {
"name": "MEMCACHED_CACHE",
"value": "${MEMCACHED_CACHE}"
},
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/datagrid71-mysql-persistent.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/datagrid71-mysql-persistent.json
index 8512ead55..72bdf2037 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/datagrid71-mysql-persistent.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/datagrid71-mysql-persistent.json
@@ -3,17 +3,21 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "iconClass": "icon-jboss",
- "description": "Application template for JDG 7.1 and MySQL applications with persistent storage.",
- "tags": "datagrid,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss Data Grid 7.1 + MySQL (Persistent with https)"
+ "iconClass": "icon-datagrid",
+ "tags": "datagrid,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Data Grid 7.1 + MySQL (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example JBoss Data Grid application with a MySQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat JBoss Data Grid 7.1 based application, including a deployment configuration, using MySQL databased using persistence and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-data-grid/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
},
"name": "datagrid71-mysql-persistent"
},
"labels": {
"template": "datagrid71-mysql-persistent",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
"message": "A new data grid service (using MySQL with persistent storage) has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\". The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"datagrid-service-account\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
@@ -53,6 +57,34 @@
"required": false
},
{
+ "displayName": "JDG User Roles/Groups",
+ "description": "Comma delimited list of roles/groups associated with the JDG user",
+ "name": "ADMIN_GROUP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Hotrod Authentication",
+ "description": "Enable Hotrod Authentication",
+ "name": "HOTROD_AUTHENTICATION",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Container Security Role Mapper",
+ "description": "Defines which role mapper to use for cache authentication",
+ "name": "CONTAINER_SECURITY_ROLE_MAPPER",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Container Security Roles",
+ "description": "Comma delimited list of role names and assigned permissions",
+ "name": "CONTAINER_SECURITY_ROLES",
+ "value": "",
+ "required": false
+ },
+ {
"displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
@@ -457,7 +489,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-datagrid71-openshift:1.0"
+ "name": "jboss-datagrid71-openshift:1.1"
}
}
},
@@ -562,6 +594,22 @@
"value": "${PASSWORD}"
},
{
+ "name": "ADMIN_GROUP",
+ "value": "${ADMIN_GROUP}"
+ },
+ {
+ "name": "HOTROD_AUTHENTICATION",
+ "value": "${HOTROD_AUTHENTICATION}"
+ },
+ {
+ "name": "CONTAINER_SECURITY_ROLE_MAPPER",
+ "value": "${CONTAINER_SECURITY_ROLE_MAPPER}"
+ },
+ {
+ "name": "CONTAINER_SECURITY_ROLES",
+ "value": "${CONTAINER_SECURITY_ROLES}"
+ },
+ {
"name": "HTTPS_KEYSTORE_DIR",
"value": "/etc/datagrid-secret-volume"
},
@@ -666,6 +714,10 @@
"value": "${APPLICATION_NAME}-hotrod"
},
{
+ "name": "HOTROD_ENCRYPTION",
+ "value": "${HTTPS_NAME}"
+ },
+ {
"name": "MEMCACHED_CACHE",
"value": "${MEMCACHED_CACHE}"
},
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/datagrid71-mysql.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/datagrid71-mysql.json
index 9ac76cecc..99f97a7c7 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/datagrid71-mysql.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/datagrid71-mysql.json
@@ -3,17 +3,21 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "iconClass": "icon-jboss",
- "description": "Application template for JDG 7.1 and MySQL applications.",
- "tags": "datagrid,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss Data Grid 7.1 + MySQL (Ephemeral with https)"
+ "iconClass": "icon-datagrid",
+ "tags": "datagrid,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Data Grid 7.1 + MySQL (Ephemeral with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example JBoss Data Grid application with a MySQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat JBoss Data Grid 7.1 based application, including a deployment configuration, using MySQL databased using ephemeral (temporary) storage and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-data-grid/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
},
"name": "datagrid71-mysql"
},
"labels": {
"template": "datagrid71-mysql",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
"message": "A new data grid service (using MySQL) has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\". The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"datagrid-service-account\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
@@ -53,6 +57,34 @@
"required": false
},
{
+ "displayName": "JDG User Roles/Groups",
+ "description": "Comma delimited list of roles/groups associated with the JDG user",
+ "name": "ADMIN_GROUP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Hotrod Authentication",
+ "description": "Enable Hotrod Authentication",
+ "name": "HOTROD_AUTHENTICATION",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Container Security Role Mapper",
+ "description": "Defines which role mapper to use for cache authentication",
+ "name": "CONTAINER_SECURITY_ROLE_MAPPER",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Container Security Roles",
+ "description": "Comma delimited list of role names and assigned permissions",
+ "name": "CONTAINER_SECURITY_ROLES",
+ "value": "",
+ "required": false
+ },
+ {
"displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
@@ -450,7 +482,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-datagrid71-openshift:1.0"
+ "name": "jboss-datagrid71-openshift:1.1"
}
}
},
@@ -555,6 +587,22 @@
"value": "${PASSWORD}"
},
{
+ "name": "ADMIN_GROUP",
+ "value": "${ADMIN_GROUP}"
+ },
+ {
+ "name": "HOTROD_AUTHENTICATION",
+ "value": "${HOTROD_AUTHENTICATION}"
+ },
+ {
+ "name": "CONTAINER_SECURITY_ROLE_MAPPER",
+ "value": "${CONTAINER_SECURITY_ROLE_MAPPER}"
+ },
+ {
+ "name": "CONTAINER_SECURITY_ROLES",
+ "value": "${CONTAINER_SECURITY_ROLES}"
+ },
+ {
"name": "HTTPS_KEYSTORE_DIR",
"value": "/etc/datagrid-secret-volume"
},
@@ -659,6 +707,10 @@
"value": "${APPLICATION_NAME}-hotrod"
},
{
+ "name": "HOTROD_ENCRYPTION",
+ "value": "${HTTPS_NAME}"
+ },
+ {
"name": "MEMCACHED_CACHE",
"value": "${MEMCACHED_CACHE}"
},
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/datagrid71-partition.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/datagrid71-partition.json
new file mode 100644
index 000000000..baf17dbbb
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/datagrid71-partition.json
@@ -0,0 +1,501 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-datagrid",
+ "tags": "datagrid,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Data Grid 7.1 (Ephemeral, no https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example JBoss Data Grid application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat JBoss Data Grid 7.1 based application, including a deployment configuration, using using ephemeral (temporary) storage and communication using http.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-data-grid/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "datagrid71-partition"
+ },
+ "labels": {
+ "template": "datagrid71-partition",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new data grid service has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\".",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "datagrid-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Username",
+ "description": "User name for JDG user.",
+ "name": "USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Password",
+ "description": "The password to access the JDG Caches. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s). (optional)",
+ "name": "PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Infinispan Connectors",
+ "description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')",
+ "name": "INFINISPAN_CONNECTORS",
+ "value": "hotrod,memcached,rest",
+ "required": false
+ },
+ {
+ "displayName": "Cache Names",
+ "description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configured for each entry.",
+ "name": "CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datavirt Cache Names",
+ "description": "Comma-separated list of caches to configure for use by Red Hat JBoss Data Virtualization for materialization of views. Three caches will be created for each named cache: <name>, <name>_staging and <name>_alias.",
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Default Cache Type",
+ "description": "Default cache type for all caches. If empty then distributed will be the default",
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Encryption Requires SSL Client Authentication?",
+ "description": "",
+ "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Memcached Cache Name",
+ "description": "The name of the cache to expose through this memcached connector (defaults to 'default')",
+ "name": "MEMCACHED_CACHE",
+ "value": "default",
+ "required": false
+ },
+ {
+ "displayName": "ADMIN_GROUP",
+ "description": "Comma delimited list of groups/roles for the Application Realm User",
+ "name": "ADMIN_GROUP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "HOTROD_AUTHENTICATION",
+ "description": "True/False for HotRod Authentication",
+ "name": "HOTROD_AUTHENTICATION",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "CONTAINER_SECURITY_ROLE_MAPPER",
+ "description": "Container Role Mapper",
+ "name": "CONTAINER_SECURITY_ROLE_MAPPER",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "CONTAINER_SECURITY_ROLES",
+ "description": "Comma Delimited List of Container Roles",
+ "name": "CONTAINER_SECURITY_ROLES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "REST Security Domain",
+ "description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint",
+ "name": "REST_SECURITY_DOMAIN",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Datagrid Volume Size",
+ "description": "Size of the volume used by Datagrid for persisting metadata.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "Split Data?",
+ "description": "Split the data directory for each node in a mesh, this is now the default behaviour.",
+ "name": "DATAGRID_SPLIT",
+ "value": "true",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTP port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 11211,
+ "targetPort": 11211
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-memcached",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Memcached service for clustered applications."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 11333,
+ "targetPort": 11333
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-hotrod",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Hot Rod service for clustered applications."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8787,
+ "targetPort": 8787
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-debug",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Hot Rod service for clustered applications."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTP service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-datagrid71-openshift:1.1"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "jboss-datagrid71-openshift",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "mountPath": "/opt/datagrid/standalone/partitioned_data",
+ "name": "${APPLICATION_NAME}-datagrid-pvol"
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/datagrid/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/datagrid/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ },
+ {
+ "name": "memcached",
+ "containerPort": 11211,
+ "protocol": "TCP"
+ },
+ {
+ "name": "hotrod-internal",
+ "containerPort": 11222,
+ "protocol": "TCP"
+ },
+ {
+ "name": "hotrod",
+ "containerPort": 11333,
+ "protocol": "TCP"
+ },
+ {
+ "name": "debug",
+ "containerPort": 8787,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "USERNAME",
+ "value": "${USERNAME}"
+ },
+ {
+ "name": "PASSWORD",
+ "value": "${PASSWORD}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "INFINISPAN_CONNECTORS",
+ "value": "${INFINISPAN_CONNECTORS}"
+ },
+ {
+ "name": "CACHE_NAMES",
+ "value": "${CACHE_NAMES}"
+ },
+ {
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "${DATAVIRT_CACHE_NAMES}"
+ },
+ {
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "${CACHE_TYPE_DEFAULT}"
+ },
+ {
+ "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
+ "value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}"
+ },
+ {
+ "name": "HOTROD_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-hotrod"
+ },
+ {
+ "name": "MEMCACHED_CACHE",
+ "value": "${MEMCACHED_CACHE}"
+ },
+ {
+ "name": "REST_SECURITY_DOMAIN",
+ "value": "${REST_SECURITY_DOMAIN}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "ADMIN_GROUP",
+ "value": "${ADMIN_GROUP}"
+ },
+ {
+ "name": "HOTROD_AUTHENTICATION",
+ "value": "${HOTROD_AUTHENTICATION}"
+ },
+ {
+ "name": "CONTAINER_SECURITY_ROLE_MAPPER",
+ "value": "${CONTAINER_SECURITY_ROLE_MAPPER}"
+ },
+ {
+ "name": "CONTAINER_SECURITY_ROLES",
+ "value": "${CONTAINER_SECURITY_ROLES}"
+ },
+ {
+ "name": "DATAGRID_SPLIT",
+ "value": "${DATAGRID_SPLIT}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-datagrid-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-datagrid-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-datagrid-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteMany"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/datagrid71-postgresql-persistent.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/datagrid71-postgresql-persistent.json
index 8f7180ff6..5cd6e854a 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/datagrid71-postgresql-persistent.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/datagrid71-postgresql-persistent.json
@@ -3,17 +3,21 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "iconClass": "icon-jboss",
- "description": "Application template for JDG 7.1 and PostgreSQL applications with persistent storage.",
- "tags": "datagrid,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss Data Grid 7.1 + PostgreSQL (Persistent with https)"
+ "iconClass": "icon-datagrid",
+ "tags": "datagrid,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Data Grid 7.1 + PostgreSQL (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example JBoss Data Grid application with a PostgreSQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat JBoss Data Grid 7.1 based application, including a deployment configuration, using PostgreSQL database using persistence and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-data-grid/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
},
"name": "datagrid71-postgresql-persistent"
},
"labels": {
"template": "datagrid71-postgresql-persistent",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
"message": "A new data grid service (using PostgreSQL with persistent storage) has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\". The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"datagrid-service-account\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
@@ -53,6 +57,34 @@
"required": false
},
{
+ "displayName": "JDG User Roles/Groups",
+ "description": "Comma delimited list of roles/groups associated with the JDG user",
+ "name": "ADMIN_GROUP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Hotrod Authentication",
+ "description": "Enable Hotrod Authentication",
+ "name": "HOTROD_AUTHENTICATION",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Container Security Role Mapper",
+ "description": "Defines which role mapper to use for cache authentication",
+ "name": "CONTAINER_SECURITY_ROLE_MAPPER",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Container Security Roles",
+ "description": "Comma delimited list of role names and assigned permissions",
+ "name": "CONTAINER_SECURITY_ROLES",
+ "value": "",
+ "required": false
+ },
+ {
"displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
@@ -437,7 +469,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-datagrid71-openshift:1.0"
+ "name": "jboss-datagrid71-openshift:1.1"
}
}
},
@@ -542,6 +574,22 @@
"value": "${PASSWORD}"
},
{
+ "name": "ADMIN_GROUP",
+ "value": "${ADMIN_GROUP}"
+ },
+ {
+ "name": "HOTROD_AUTHENTICATION",
+ "value": "${HOTROD_AUTHENTICATION}"
+ },
+ {
+ "name": "CONTAINER_SECURITY_ROLE_MAPPER",
+ "value": "${CONTAINER_SECURITY_ROLE_MAPPER}"
+ },
+ {
+ "name": "CONTAINER_SECURITY_ROLES",
+ "value": "${CONTAINER_SECURITY_ROLES}"
+ },
+ {
"name": "HTTPS_KEYSTORE_DIR",
"value": "/etc/datagrid-secret-volume"
},
@@ -646,6 +694,10 @@
"value": "${APPLICATION_NAME}-hotrod"
},
{
+ "name": "HOTROD_ENCRYPTION",
+ "value": "${HTTPS_NAME}"
+ },
+ {
"name": "MEMCACHED_CACHE",
"value": "${MEMCACHED_CACHE}"
},
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/datagrid71-postgresql.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/datagrid71-postgresql.json
index 0e9fea735..505d67750 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/datagrid71-postgresql.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/datagrid71-postgresql.json
@@ -3,17 +3,21 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "iconClass": "icon-jboss",
- "description": "Application template for JDG 7.1 and PostgreSQL applications built using.",
- "tags": "datagrid,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss Data Grid 7.1 + PostgreSQL (Ephemeral with https)"
+ "iconClass": "icon-datagrid",
+ "tags": "datagrid,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Data Grid 7.1 + PostgreSQL (Ephemeral with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example JBoss Data Grid application with a PostgreSQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat JBoss Data Grid 7.1 based application, including a deployment configuration, using PostgreSQL database using ephemeral (temporary) storage and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-data-grid/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
},
"name": "datagrid71-postgresql"
},
"labels": {
"template": "datagrid71-postgresql",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
"message": "A new data grid service (using PostgreSQL) has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\". The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"datagrid-service-account\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
@@ -53,6 +57,34 @@
"required": false
},
{
+ "displayName": "JDG User Roles/Groups",
+ "description": "Comma delimited list of roles/groups associated with the JDG user",
+ "name": "ADMIN_GROUP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Hotrod Authentication",
+ "description": "Enable Hotrod Authentication",
+ "name": "HOTROD_AUTHENTICATION",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Container Security Role Mapper",
+ "description": "Defines which role mapper to use for cache authentication",
+ "name": "CONTAINER_SECURITY_ROLE_MAPPER",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Container Security Roles",
+ "description": "Comma delimited list of role names and assigned permissions",
+ "name": "CONTAINER_SECURITY_ROLES",
+ "value": "",
+ "required": false
+ },
+ {
"displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
@@ -430,7 +462,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-datagrid71-openshift:1.0"
+ "name": "jboss-datagrid71-openshift:1.1"
}
}
},
@@ -535,6 +567,22 @@
"value": "${PASSWORD}"
},
{
+ "name": "ADMIN_GROUP",
+ "value": "${ADMIN_GROUP}"
+ },
+ {
+ "name": "HOTROD_AUTHENTICATION",
+ "value": "${HOTROD_AUTHENTICATION}"
+ },
+ {
+ "name": "CONTAINER_SECURITY_ROLE_MAPPER",
+ "value": "${CONTAINER_SECURITY_ROLE_MAPPER}"
+ },
+ {
+ "name": "CONTAINER_SECURITY_ROLES",
+ "value": "${CONTAINER_SECURITY_ROLES}"
+ },
+ {
"name": "HTTPS_KEYSTORE_DIR",
"value": "/etc/datagrid-secret-volume"
},
@@ -639,6 +687,10 @@
"value": "${APPLICATION_NAME}-hotrod"
},
{
+ "name": "HOTROD_ENCRYPTION",
+ "value": "${HTTPS_NAME}"
+ },
+ {
"name": "MEMCACHED_CACHE",
"value": "${MEMCACHED_CACHE}"
},
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/datavirt63-basic-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/datavirt63-basic-s2i.json
index ea2f13742..b6885d6f6 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/datavirt63-basic-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/datavirt63-basic-s2i.json
@@ -3,17 +3,18 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "iconClass": "icon-jboss",
+ "iconClass": "icon-datavirt",
"description": "Application template for JBoss Data Virtualization 6.3 services built using S2I.",
- "tags": "jdv,datavirt,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.3 (no SSL)"
+ "tags": "jdv,datavirt,database,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Data Virtualization 6.3 (no SSL)",
+ "openshift.io/provider-display-name": "Red Hat, Inc."
},
"name": "datavirt63-basic-s2i"
},
"labels": {
"template": "datavirt63-basic-s2i",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
"message": "A new data service has been created in your project. The username/password for accessing the service is ${TEIID_USERNAME}/${TEIID_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the secret named ${CONFIGURATION_NAME} containing the datasource configuration details required by the deployed VDB(s).",
"parameters": [
@@ -173,6 +174,11 @@
"name": "jdbc",
"port": 31000,
"targetPort": "jdbc"
+ },
+ {
+ "name": "odbc",
+ "port": 35432,
+ "targetPort": "odbc"
}
],
"selector": {
@@ -244,7 +250,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-datagrid65-client-openshift:1.0"
+ "name": "jboss-datagrid65-client-openshift:1.1"
},
"paths": [
{
@@ -262,7 +268,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-datavirt63-openshift:1.2"
+ "name": "jboss-datavirt63-openshift:1.3"
},
"env": [
{
@@ -312,7 +318,7 @@
"imageChange": {
"from": {
"kind": "ImageStreamTag",
- "name": "jboss-datagrid65-client-openshift:1.0"
+ "name": "jboss-datagrid65-client-openshift:1.1"
}
}
},
@@ -415,6 +421,11 @@
"protocol": "TCP"
},
{
+ "name": "odbc",
+ "containerPort": 35432,
+ "protocol": "TCP"
+ },
+ {
"name": "ping",
"containerPort": 8888,
"protocol": "TCP"
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/datavirt63-extensions-support-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/datavirt63-extensions-support-s2i.json
index 22b579ecc..a06f714a7 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/datavirt63-extensions-support-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/datavirt63-extensions-support-s2i.json
@@ -3,17 +3,21 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "iconClass": "icon-jboss",
- "description": "Application template for JBoss Data Virtualization 6.3 services built using S2I. Includes support for installing extensions (e.g. third-party DB drivers) and the ability to configure certificates for serving secure content.",
- "tags": "jdv,datavirt,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.3 (with SSL and Extensions)"
+ "iconClass": "icon-datavirt",
+ "tags": "jdv,datavirt,database,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Data Virtualization 6.3 (with SSL and Extensions)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example JBoss Data Virtualization application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Data Virtualization based application, including a build configuration, application deployment configuration, support for installing extensions (e.g. third-party DB drivers) and the ability to configure certificates for serving secure content.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-data-virtualization/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
},
"name": "datavirt63-extensions-support-s2i"
},
"labels": {
"template": "datavirt63-extensions-support-s2i",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
"message": "A new data service has been created in your project. The username/password for accessing the service is ${TEIID_USERNAME}/${TEIID_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${CONFIGURATION_NAME}\" containing the datasource configuration details required by the deployed VDB(s); \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
@@ -288,6 +292,16 @@
"name": "jdbcs",
"port": 31443,
"targetPort": "jdbcs"
+ },
+ {
+ "name": "odbc",
+ "port": 35432,
+ "targetPort": "odbc"
+ },
+ {
+ "name": "odbcs",
+ "port": 35443,
+ "targetPort": "odbcs"
}
],
"selector": {
@@ -470,7 +484,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-datagrid65-client-openshift:1.0"
+ "name": "jboss-datagrid65-client-openshift:1.1"
},
"paths": [
{
@@ -500,7 +514,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-datavirt63-openshift:1.2"
+ "name": "jboss-datavirt63-openshift:1.3"
},
"env": [
{
@@ -559,7 +573,7 @@
"imageChange": {
"from": {
"kind": "ImageStreamTag",
- "name": "jboss-datagrid65-client-openshift:1.0"
+ "name": "jboss-datagrid65-client-openshift:1.1"
}
}
},
@@ -682,6 +696,16 @@
"protocol": "TCP"
},
{
+ "name": "odbc",
+ "containerPort": 35432,
+ "protocol": "TCP"
+ },
+ {
+ "name": "odbcs",
+ "containerPort": 35443,
+ "protocol": "TCP"
+ },
+ {
"name": "ping",
"containerPort": 8888,
"protocol": "TCP"
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/datavirt63-secure-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/datavirt63-secure-s2i.json
index 9392c20a6..1758b1be0 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/datavirt63-secure-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/datavirt63-secure-s2i.json
@@ -3,17 +3,21 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "iconClass": "icon-jboss",
- "description": "Application template for JBoss Data Virtualization 6.3 services built using S2I. Includes ability to configure certificates for serving secure content.",
- "tags": "jdv,datavirt,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.3 (with SSL)"
+ "iconClass": "icon-datavirt",
+ "tags": "jdv,datavirt,database,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Data Virtualization 6.3 (with SSL)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example JBoss Data Virtualization application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Data Virtualization based application, including a build configuration, application deployment configuration and ability to configure certificates for serving secure content.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-data-virtualization/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
},
"name": "datavirt63-secure-s2i"
},
"labels": {
"template": "datavirt63-secure-s2i",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
"message": "A new data service has been created in your project. The username/password for accessing the service is ${TEIID_USERNAME}/${TEIID_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${CONFIGURATION_NAME}\" containing the datasource configuration details required by the deployed VDB(s); \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
@@ -401,6 +405,16 @@
"name": "jdbcs",
"port": 31443,
"targetPort": "jdbcs"
+ },
+ {
+ "name": "odbc",
+ "port": 35432,
+ "targetPort": "odbc"
+ },
+ {
+ "name": "odbcs",
+ "port": 35443,
+ "targetPort": "odbcs"
}
],
"selector": {
@@ -524,7 +538,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-datagrid65-client-openshift:1.0"
+ "name": "jboss-datagrid65-client-openshift:1.1"
},
"paths": [
{
@@ -542,7 +556,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-datavirt63-openshift:1.2"
+ "name": "jboss-datavirt63-openshift:1.3"
},
"env": [
{
@@ -592,7 +606,7 @@
"imageChange": {
"from": {
"kind": "ImageStreamTag",
- "name": "jboss-datagrid65-client-openshift:1.0"
+ "name": "jboss-datagrid65-client-openshift:1.1"
}
}
},
@@ -715,6 +729,16 @@
"protocol": "TCP"
},
{
+ "name": "odbc",
+ "containerPort": 35432,
+ "protocol": "TCP"
+ },
+ {
+ "name": "odbcs",
+ "containerPort": 35443,
+ "protocol": "TCP"
+ },
+ {
"name": "ping",
"containerPort": 8888,
"protocol": "TCP"
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/decisionserver62-amq-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/decisionserver62-amq-s2i.json
deleted file mode 100644
index 1989036fa..000000000
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/decisionserver62-amq-s2i.json
+++ /dev/null
@@ -1,716 +0,0 @@
-{
- "kind": "Template",
- "apiVersion": "v1",
- "metadata": {
- "annotations": {
- "description": "Application template for Red Hat JBoss BRMS 6.2 decision server A-MQ applications built using S2I.",
- "iconClass": "icon-jboss",
- "tags": "decisionserver,jboss,xpaas",
- "version": "1.3.3",
- "openshift.io/display-name": "Red Hat JBoss BRMS 6.2 decision server + A-MQ (with https)"
- },
- "name": "decisionserver62-amq-s2i"
- },
- "labels": {
- "template": "decisionserver62-amq-s2i",
- "xpaas": "1.3.3"
- },
- "message": "A new BRMS/A-MQ application with SSL support has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the A-MQ service use the credentials ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"decisionserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
- "parameters": [
- {
- "displayName": "KIE Container Deployment",
- "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
- "name": "KIE_CONTAINER_DEPLOYMENT",
- "value": "HelloRulesContainer=org.openshift.quickstarts:decisionserver-hellorules:1.2.0.Final",
- "required": false
- },
- {
- "displayName": "KIE Server Username",
- "description": "The user name to access the KIE Server REST or JMS interface.",
- "name": "KIE_SERVER_USER",
- "value": "kieserver",
- "required": false
- },
- {
- "displayName": "KIE Server Password",
- "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
- "name": "KIE_SERVER_PASSWORD",
- "from": "[a-zA-Z]{6}[0-9]{1}!",
- "generate": "expression",
- "required": false
- },
- {
- "displayName": "KIE Server Domain",
- "description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
- "name": "KIE_SERVER_DOMAIN",
- "value": "other",
- "required": false
- },
- {
- "displayName": "KIE Server JMS Queues Response",
- "description": "JNDI name of response queue for JMS.",
- "name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
- "value": "queue/KIE.SERVER.RESPONSE",
- "required": false
- },
- {
- "displayName": "Application Name",
- "description": "The name for the application.",
- "name": "APPLICATION_NAME",
- "value": "kie-app",
- "required": true
- },
- {
- "displayName": "Custom http Route Hostname",
- "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
- "name": "HOSTNAME_HTTP",
- "value": "",
- "required": false
- },
- {
- "displayName": "Custom https Route Hostname",
- "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
- "name": "HOSTNAME_HTTPS",
- "value": "",
- "required": false
- },
- {
- "displayName": "Git Repository URL",
- "description": "Git source URI for application",
- "name": "SOURCE_REPOSITORY_URL",
- "value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
- "required": true
- },
- {
- "displayName": "Git Reference",
- "description": "Git branch/tag reference",
- "name": "SOURCE_REPOSITORY_REF",
- "value": "1.2",
- "required": false
- },
- {
- "displayName": "Context Directory",
- "description": "Path within Git project to build; empty for root project directory.",
- "name": "CONTEXT_DIR",
- "value": "decisionserver/hellorules",
- "required": false
- },
- {
- "displayName": "JMS Connection Factory JNDI Name",
- "description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/JmsXA",
- "name": "MQ_JNDI",
- "value": "java:/JmsXA",
- "required": false
- },
- {
- "displayName": "A-MQ Protocols",
- "description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
- "name": "MQ_PROTOCOL",
- "value": "openwire",
- "required": false
- },
- {
- "displayName": "Queues",
- "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
- "name": "MQ_QUEUES",
- "value": "KIE.SERVER.REQUEST,KIE.SERVER.RESPONSE",
- "required": false
- },
- {
- "displayName": "Topics",
- "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
- "name": "MQ_TOPICS",
- "value": "",
- "required": false
- },
- {
- "displayName": "Server Keystore Secret Name",
- "description": "The name of the secret containing the keystore file",
- "name": "HTTPS_SECRET",
- "value": "decisionserver-app-secret",
- "required": false
- },
- {
- "displayName": "Server Keystore Filename",
- "description": "The name of the keystore file within the secret",
- "name": "HTTPS_KEYSTORE",
- "value": "keystore.jks",
- "required": false
- },
- {
- "displayName": "Server Certificate Name",
- "description": "The name associated with the server certificate",
- "name": "HTTPS_NAME",
- "value": "jboss",
- "required": false
- },
- {
- "displayName": "Server Keystore Password",
- "description": "The password for the keystore and certificate",
- "name": "HTTPS_PASSWORD",
- "value": "mykeystorepass",
- "required": false
- },
- {
- "displayName": "A-MQ Username",
- "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
- "name": "MQ_USERNAME",
- "from": "user[a-zA-Z0-9]{3}",
- "generate": "expression",
- "required": false
- },
- {
- "displayName": "A-MQ Password",
- "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
- "name": "MQ_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": false
- },
- {
- "displayName": "A-MQ Mesh Discovery Type",
- "description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
- "name": "AMQ_MESH_DISCOVERY_TYPE",
- "value": "kube",
- "required": false
- },
- {
- "displayName": "A-MQ Storage Limit",
- "description": "The A-MQ storage usage limit",
- "name": "AMQ_STORAGE_USAGE_LIMIT",
- "value": "100 gb",
- "required": false
- },
- {
- "displayName": "Github Webhook Secret",
- "description": "GitHub trigger secret",
- "name": "GITHUB_WEBHOOK_SECRET",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Generic Webhook Secret",
- "description": "Generic build trigger secret",
- "name": "GENERIC_WEBHOOK_SECRET",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "ImageStream Namespace",
- "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
- "name": "IMAGE_STREAM_NAMESPACE",
- "value": "openshift",
- "required": true
- }
- ],
- "objects": [
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 8080,
- "targetPort": 8080
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The web server's HTTP port.",
- "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
- }
- }
- },
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 8443,
- "targetPort": 8443
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- }
- },
- "metadata": {
- "name": "secure-${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The web server's HTTPS port.",
- "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
- }
- }
- },
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 61616,
- "targetPort": 61616
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}-amq"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}-amq-tcp",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The broker's OpenWire port."
- }
- }
- },
- {
- "kind": "Route",
- "apiVersion": "v1",
- "id": "${APPLICATION_NAME}-http",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "Route for application's HTTP service."
- }
- },
- "spec": {
- "host": "${HOSTNAME_HTTP}",
- "to": {
- "name": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "kind": "Route",
- "apiVersion": "v1",
- "id": "${APPLICATION_NAME}-https",
- "metadata": {
- "name": "secure-${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "Route for application's HTTPS service."
- }
- },
- "spec": {
- "host": "${HOSTNAME_HTTPS}",
- "to": {
- "name": "secure-${APPLICATION_NAME}"
- },
- "tls": {
- "termination": "passthrough"
- }
- }
- },
- {
- "kind": "ImageStream",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "kind": "BuildConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "source": {
- "type": "Git",
- "git": {
- "uri": "${SOURCE_REPOSITORY_URL}",
- "ref": "${SOURCE_REPOSITORY_REF}"
- },
- "contextDir": "${CONTEXT_DIR}"
- },
- "strategy": {
- "type": "Source",
- "sourceStrategy": {
- "env": [
- {
- "name": "KIE_CONTAINER_DEPLOYMENT",
- "value": "${KIE_CONTAINER_DEPLOYMENT}"
- }
- ],
- "forcePull": true,
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-decisionserver62-openshift:1.2"
- }
- }
- },
- "output": {
- "to": {
- "kind": "ImageStreamTag",
- "name": "${APPLICATION_NAME}:latest"
- }
- },
- "triggers": [
- {
- "type": "GitHub",
- "github": {
- "secret": "${GITHUB_WEBHOOK_SECRET}"
- }
- },
- {
- "type": "Generic",
- "generic": {
- "secret": "${GENERIC_WEBHOOK_SECRET}"
- }
- },
- {
- "type": "ImageChange",
- "imageChange": {}
- },
- {
- "type": "ConfigChange"
- }
- ]
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}"
- ],
- "from": {
- "kind": "ImageStreamTag",
- "name": "${APPLICATION_NAME}:latest"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}",
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "serviceAccountName": "decisionserver-service-account",
- "terminationGracePeriodSeconds": 60,
- "containers": [
- {
- "name": "${APPLICATION_NAME}",
- "image": "${APPLICATION_NAME}",
- "imagePullPolicy": "Always",
- "volumeMounts": [
- {
- "name": "decisionserver-keystore-volume",
- "mountPath": "/etc/decisionserver-secret-volume",
- "readOnly": true
- }
- ],
- "livenessProbe": {
- "exec": {
- "command": [
- "/bin/bash",
- "-c",
- "/opt/eap/bin/livenessProbe.sh"
- ]
- }
- },
- "readinessProbe": {
- "exec": {
- "command": [
- "/bin/bash",
- "-c",
- "/opt/eap/bin/readinessProbe.sh"
- ]
- }
- },
- "ports": [
- {
- "name": "jolokia",
- "containerPort": 8778,
- "protocol": "TCP"
- },
- {
- "name": "http",
- "containerPort": 8080,
- "protocol": "TCP"
- },
- {
- "name": "https",
- "containerPort": 8443,
- "protocol": "TCP"
- }
- ],
- "env": [
- {
- "name": "KIE_CONTAINER_DEPLOYMENT",
- "value": "${KIE_CONTAINER_DEPLOYMENT}"
- },
- {
- "name": "KIE_SERVER_USER",
- "value": "${KIE_SERVER_USER}"
- },
- {
- "name": "KIE_SERVER_PASSWORD",
- "value": "${KIE_SERVER_PASSWORD}"
- },
- {
- "name": "KIE_SERVER_DOMAIN",
- "value": "${KIE_SERVER_DOMAIN}"
- },
- {
- "name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
- "value": "${KIE_SERVER_JMS_QUEUES_RESPONSE}"
- },
- {
- "name": "MQ_SERVICE_PREFIX_MAPPING",
- "value": "${APPLICATION_NAME}-amq=MQ"
- },
- {
- "name": "MQ_JNDI",
- "value": "${MQ_JNDI}"
- },
- {
- "name": "MQ_USERNAME",
- "value": "${MQ_USERNAME}"
- },
- {
- "name": "MQ_PASSWORD",
- "value": "${MQ_PASSWORD}"
- },
- {
- "name": "MQ_PROTOCOL",
- "value": "tcp"
- },
- {
- "name": "MQ_QUEUES",
- "value": "${MQ_QUEUES}"
- },
- {
- "name": "MQ_TOPICS",
- "value": "${MQ_TOPICS}"
- },
- {
- "name": "HTTPS_KEYSTORE_DIR",
- "value": "/etc/decisionserver-secret-volume"
- },
- {
- "name": "HTTPS_KEYSTORE",
- "value": "${HTTPS_KEYSTORE}"
- },
- {
- "name": "HTTPS_NAME",
- "value": "${HTTPS_NAME}"
- },
- {
- "name": "HTTPS_PASSWORD",
- "value": "${HTTPS_PASSWORD}"
- }
- ]
- }
- ],
- "volumes": [
- {
- "name": "decisionserver-keystore-volume",
- "secret": {
- "secretName": "${HTTPS_SECRET}"
- }
- }
- ]
- }
- }
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}-amq",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}-amq"
- ],
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.4"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}-amq"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}-amq",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}-amq",
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "terminationGracePeriodSeconds": 60,
- "containers": [
- {
- "name": "${APPLICATION_NAME}-amq",
- "image": "jboss-amq-62",
- "imagePullPolicy": "Always",
- "readinessProbe": {
- "exec": {
- "command": [
- "/bin/bash",
- "-c",
- "/opt/amq/bin/readinessProbe.sh"
- ]
- }
- },
- "ports": [
- {
- "name": "jolokia",
- "containerPort": 8778,
- "protocol": "TCP"
- },
- {
- "name": "amqp",
- "containerPort": 5672,
- "protocol": "TCP"
- },
- {
- "name": "amqp-ssl",
- "containerPort": 5671,
- "protocol": "TCP"
- },
- {
- "name": "mqtt",
- "containerPort": 1883,
- "protocol": "TCP"
- },
- {
- "name": "stomp",
- "containerPort": 61613,
- "protocol": "TCP"
- },
- {
- "name": "stomp-ssl",
- "containerPort": 61612,
- "protocol": "TCP"
- },
- {
- "name": "tcp",
- "containerPort": 61616,
- "protocol": "TCP"
- },
- {
- "name": "tcp-ssl",
- "containerPort": 61617,
- "protocol": "TCP"
- }
- ],
- "env": [
- {
- "name": "AMQ_USER",
- "value": "${MQ_USERNAME}"
- },
- {
- "name": "AMQ_PASSWORD",
- "value": "${MQ_PASSWORD}"
- },
- {
- "name": "AMQ_TRANSPORTS",
- "value": "${MQ_PROTOCOL}"
- },
- {
- "name": "AMQ_MESH_DISCOVERY_TYPE",
- "value": "${AMQ_MESH_DISCOVERY_TYPE}"
- },
- {
- "name": "AMQ_MESH_SERVICE_NAME",
- "value": "${APPLICATION_NAME}-amq-tcp"
- },
- {
- "name": "AMQ_MESH_SERVICE_NAMESPACE",
- "valueFrom": {
- "fieldRef": {
- "fieldPath": "metadata.namespace"
- }
- }
- },
- {
- "name": "AMQ_STORAGE_USAGE_LIMIT",
- "value": "${AMQ_STORAGE_USAGE_LIMIT}"
- }
- ]
- }
- ]
- }
- }
- }
- }
- ]
-}
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/decisionserver62-basic-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/decisionserver62-basic-s2i.json
deleted file mode 100644
index 25b2c162c..000000000
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/decisionserver62-basic-s2i.json
+++ /dev/null
@@ -1,355 +0,0 @@
-{
- "kind": "Template",
- "apiVersion": "v1",
- "metadata": {
- "annotations": {
- "description": "Application template for Red Hat JBoss BRMS 6.2 decision server applications built using S2I.",
- "iconClass": "icon-jboss",
- "tags": "decisionserver,jboss,xpaas",
- "version": "1.3.3",
- "openshift.io/display-name": "Red Hat JBoss BRMS 6.2 decision server (no https)"
- },
- "name": "decisionserver62-basic-s2i"
- },
- "labels": {
- "template": "decisionserver62-basic-s2i",
- "xpaas": "1.3.3"
- },
- "message": "A new BRMS application has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}.",
- "parameters": [
- {
- "displayName": "KIE Container Deployment",
- "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
- "name": "KIE_CONTAINER_DEPLOYMENT",
- "value": "HelloRulesContainer=org.openshift.quickstarts:decisionserver-hellorules:1.2.0.Final",
- "required": false
- },
- {
- "displayName": "KIE Server Username",
- "description": "The user name to access the KIE Server REST or JMS interface.",
- "name": "KIE_SERVER_USER",
- "value": "kieserver",
- "required": false
- },
- {
- "displayName": "KIE Server Password",
- "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
- "name": "KIE_SERVER_PASSWORD",
- "from": "[a-zA-Z]{6}[0-9]{1}!",
- "generate": "expression",
- "required": false
- },
- {
- "displayName": "Application Name",
- "description": "The name for the application.",
- "name": "APPLICATION_NAME",
- "value": "kie-app",
- "required": true
- },
- {
- "displayName": "Custom http Route Hostname",
- "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
- "name": "HOSTNAME_HTTP",
- "value": "",
- "required": false
- },
- {
- "displayName": "Git Repository URL",
- "description": "Git source URI for application",
- "name": "SOURCE_REPOSITORY_URL",
- "value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
- "required": true
- },
- {
- "displayName": "Git Reference",
- "description": "Git branch/tag reference",
- "name": "SOURCE_REPOSITORY_REF",
- "value": "1.2",
- "required": false
- },
- {
- "displayName": "Context Directory",
- "description": "Path within Git project to build; empty for root project directory.",
- "name": "CONTEXT_DIR",
- "value": "decisionserver/hellorules",
- "required": false
- },
- {
- "displayName": "Queues",
- "description": "Queue names",
- "name": "HORNETQ_QUEUES",
- "value": "",
- "required": false
- },
- {
- "displayName": "Topics",
- "description": "Topic names",
- "name": "HORNETQ_TOPICS",
- "value": "",
- "required": false
- },
- {
- "displayName": "HornetQ Password",
- "description": "HornetQ cluster admin password",
- "name": "HORNETQ_CLUSTER_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Github Webhook Secret",
- "description": "GitHub trigger secret",
- "name": "GITHUB_WEBHOOK_SECRET",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Generic Webhook Secret",
- "description": "Generic build trigger secret",
- "name": "GENERIC_WEBHOOK_SECRET",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "ImageStream Namespace",
- "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
- "name": "IMAGE_STREAM_NAMESPACE",
- "value": "openshift",
- "required": true
- }
- ],
- "objects": [
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 8080,
- "targetPort": 8080
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The web server's http port."
- }
- }
- },
- {
- "kind": "Route",
- "apiVersion": "v1",
- "id": "${APPLICATION_NAME}-http",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "Route for application's http service."
- }
- },
- "spec": {
- "host": "${HOSTNAME_HTTP}",
- "to": {
- "name": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "kind": "ImageStream",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "kind": "BuildConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "source": {
- "type": "Git",
- "git": {
- "uri": "${SOURCE_REPOSITORY_URL}",
- "ref": "${SOURCE_REPOSITORY_REF}"
- },
- "contextDir": "${CONTEXT_DIR}"
- },
- "strategy": {
- "type": "Source",
- "sourceStrategy": {
- "env": [
- {
- "name": "KIE_CONTAINER_DEPLOYMENT",
- "value": "${KIE_CONTAINER_DEPLOYMENT}"
- }
- ],
- "forcePull": true,
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-decisionserver62-openshift:1.2"
- }
- }
- },
- "output": {
- "to": {
- "kind": "ImageStreamTag",
- "name": "${APPLICATION_NAME}:latest"
- }
- },
- "triggers": [
- {
- "type": "GitHub",
- "github": {
- "secret": "${GITHUB_WEBHOOK_SECRET}"
- }
- },
- {
- "type": "Generic",
- "generic": {
- "secret": "${GENERIC_WEBHOOK_SECRET}"
- }
- },
- {
- "type": "ImageChange",
- "imageChange": {}
- },
- {
- "type": "ConfigChange"
- }
- ]
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}"
- ],
- "from": {
- "kind": "ImageStreamTag",
- "name": "${APPLICATION_NAME}:latest"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}",
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "terminationGracePeriodSeconds": 60,
- "containers": [
- {
- "name": "${APPLICATION_NAME}",
- "image": "${APPLICATION_NAME}",
- "imagePullPolicy": "Always",
- "livenessProbe": {
- "exec": {
- "command": [
- "/bin/bash",
- "-c",
- "/opt/eap/bin/livenessProbe.sh"
- ]
- }
- },
- "readinessProbe": {
- "exec": {
- "command": [
- "/bin/bash",
- "-c",
- "/opt/eap/bin/readinessProbe.sh"
- ]
- }
- },
- "ports": [
- {
- "name": "jolokia",
- "containerPort": 8778,
- "protocol": "TCP"
- },
- {
- "name": "http",
- "containerPort": 8080,
- "protocol": "TCP"
- }
- ],
- "env": [
- {
- "name": "KIE_CONTAINER_DEPLOYMENT",
- "value": "${KIE_CONTAINER_DEPLOYMENT}"
- },
- {
- "name": "KIE_SERVER_USER",
- "value": "${KIE_SERVER_USER}"
- },
- {
- "name": "KIE_SERVER_PASSWORD",
- "value": "${KIE_SERVER_PASSWORD}"
- },
- {
- "name": "HORNETQ_CLUSTER_PASSWORD",
- "value": "${HORNETQ_CLUSTER_PASSWORD}"
- },
- {
- "name": "HORNETQ_QUEUES",
- "value": "${HORNETQ_QUEUES}"
- },
- {
- "name": "HORNETQ_TOPICS",
- "value": "${HORNETQ_TOPICS}"
- }
- ]
- }
- ]
- }
- }
- }
- }
- ]
-}
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/decisionserver62-https-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/decisionserver62-https-s2i.json
deleted file mode 100644
index 85605d642..000000000
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/decisionserver62-https-s2i.json
+++ /dev/null
@@ -1,496 +0,0 @@
-{
- "kind": "Template",
- "apiVersion": "v1",
- "metadata": {
- "annotations": {
- "description": "Application template for Red Hat JBoss BRMS 6.2 decision server HTTPS applications built using S2I.",
- "iconClass": "icon-jboss",
- "tags": "decisionserver,jboss,xpaas",
- "version": "1.3.3",
- "openshift.io/display-name": "Red Hat JBoss BRMS 6.2 decision server (with https)"
- },
- "name": "decisionserver62-https-s2i"
- },
- "labels": {
- "template": "decisionserver62-https-s2i",
- "xpaas": "1.3.3"
- },
- "message": "A new BRMS application with SSL support has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. Please be sure to create the \"decisionserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
- "parameters": [
- {
- "displayName": "KIE Container Deployment",
- "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
- "name": "KIE_CONTAINER_DEPLOYMENT",
- "value": "HelloRulesContainer=org.openshift.quickstarts:decisionserver-hellorules:1.2.0.Final",
- "required": false
- },
- {
- "displayName": "KIE Server Protocol",
- "description": "The protocol to access the KIE Server REST interface.",
- "name": "KIE_SERVER_PROTOCOL",
- "value": "https",
- "required": false
- },
- {
- "displayName": "KIE Server Port",
- "description": "The port to access the KIE Server REST interface.",
- "name": "KIE_SERVER_PORT",
- "value": "8443",
- "required": false
- },
- {
- "displayName": "KIE Server Username",
- "description": "The user name to access the KIE Server REST or JMS interface.",
- "name": "KIE_SERVER_USER",
- "value": "kieserver",
- "required": false
- },
- {
- "displayName": "KIE Server Password",
- "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
- "name": "KIE_SERVER_PASSWORD",
- "from": "[a-zA-Z]{6}[0-9]{1}!",
- "generate": "expression",
- "required": false
- },
- {
- "displayName": "Application Name",
- "description": "The name for the application.",
- "name": "APPLICATION_NAME",
- "value": "kie-app",
- "required": true
- },
- {
- "displayName": "Custom http Route Hostname",
- "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
- "name": "HOSTNAME_HTTP",
- "value": "",
- "required": false
- },
- {
- "displayName": "Custom https Route Hostname",
- "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
- "name": "HOSTNAME_HTTPS",
- "value": "",
- "required": false
- },
- {
- "displayName": "Git Repository URL",
- "description": "Git source URI for application",
- "name": "SOURCE_REPOSITORY_URL",
- "value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
- "required": true
- },
- {
- "displayName": "Git Reference",
- "description": "Git branch/tag reference",
- "name": "SOURCE_REPOSITORY_REF",
- "value": "1.2",
- "required": false
- },
- {
- "displayName": "Context Directory",
- "description": "Path within Git project to build; empty for root project directory.",
- "name": "CONTEXT_DIR",
- "value": "decisionserver/hellorules",
- "required": false
- },
- {
- "displayName": "Queues",
- "description": "Queue names",
- "name": "HORNETQ_QUEUES",
- "value": "",
- "required": false
- },
- {
- "displayName": "Topics",
- "description": "Topic names",
- "name": "HORNETQ_TOPICS",
- "value": "",
- "required": false
- },
- {
- "displayName": "Server Keystore Secret Name",
- "description": "The name of the secret containing the keystore file",
- "name": "HTTPS_SECRET",
- "value": "decisionserver-app-secret",
- "required": true
- },
- {
- "displayName": "Server Keystore Filename",
- "description": "The name of the keystore file within the secret",
- "name": "HTTPS_KEYSTORE",
- "value": "keystore.jks",
- "required": false
- },
- {
- "displayName": "Server Certificate Name",
- "description": "The name associated with the server certificate",
- "name": "HTTPS_NAME",
- "value": "jboss",
- "required": false
- },
- {
- "displayName": "Server Keystore Password",
- "description": "The password for the keystore and certificate",
- "name": "HTTPS_PASSWORD",
- "value": "mykeystorepass",
- "required": false
- },
- {
- "displayName": "HornetQ Password",
- "description": "HornetQ cluster admin password",
- "name": "HORNETQ_CLUSTER_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Github Webhook Secret",
- "description": "GitHub trigger secret",
- "name": "GITHUB_WEBHOOK_SECRET",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Generic Webhook Secret",
- "description": "Generic build trigger secret",
- "name": "GENERIC_WEBHOOK_SECRET",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "ImageStream Namespace",
- "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
- "name": "IMAGE_STREAM_NAMESPACE",
- "value": "openshift",
- "required": true
- }
- ],
- "objects": [
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 8080,
- "targetPort": 8080
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The web server's http port."
- }
- }
- },
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 8443,
- "targetPort": 8443
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- }
- },
- "metadata": {
- "name": "secure-${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The web server's https port."
- }
- }
- },
- {
- "kind": "Route",
- "apiVersion": "v1",
- "id": "${APPLICATION_NAME}-http",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "Route for application's http service."
- }
- },
- "spec": {
- "host": "${HOSTNAME_HTTP}",
- "to": {
- "name": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "kind": "Route",
- "apiVersion": "v1",
- "id": "${APPLICATION_NAME}-https",
- "metadata": {
- "name": "secure-${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "Route for application's https service."
- }
- },
- "spec": {
- "host": "${HOSTNAME_HTTPS}",
- "to": {
- "name": "secure-${APPLICATION_NAME}"
- },
- "tls": {
- "termination": "passthrough"
- }
- }
- },
- {
- "kind": "ImageStream",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "kind": "BuildConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "source": {
- "type": "Git",
- "git": {
- "uri": "${SOURCE_REPOSITORY_URL}",
- "ref": "${SOURCE_REPOSITORY_REF}"
- },
- "contextDir": "${CONTEXT_DIR}"
- },
- "strategy": {
- "type": "Source",
- "sourceStrategy": {
- "env": [
- {
- "name": "KIE_CONTAINER_DEPLOYMENT",
- "value": "${KIE_CONTAINER_DEPLOYMENT}"
- }
- ],
- "forcePull": true,
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-decisionserver62-openshift:1.2"
- }
- }
- },
- "output": {
- "to": {
- "kind": "ImageStreamTag",
- "name": "${APPLICATION_NAME}:latest"
- }
- },
- "triggers": [
- {
- "type": "GitHub",
- "github": {
- "secret": "${GITHUB_WEBHOOK_SECRET}"
- }
- },
- {
- "type": "Generic",
- "generic": {
- "secret": "${GENERIC_WEBHOOK_SECRET}"
- }
- },
- {
- "type": "ImageChange",
- "imageChange": {}
- },
- {
- "type": "ConfigChange"
- }
- ]
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}"
- ],
- "from": {
- "kind": "ImageStreamTag",
- "name": "${APPLICATION_NAME}:latest"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}",
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "serviceAccountName": "decisionserver-service-account",
- "terminationGracePeriodSeconds": 60,
- "containers": [
- {
- "name": "${APPLICATION_NAME}",
- "image": "${APPLICATION_NAME}",
- "imagePullPolicy": "Always",
- "volumeMounts": [
- {
- "name": "decisionserver-keystore-volume",
- "mountPath": "/etc/decisionserver-secret-volume",
- "readOnly": true
- }
- ],
- "livenessProbe": {
- "exec": {
- "command": [
- "/bin/bash",
- "-c",
- "/opt/eap/bin/livenessProbe.sh"
- ]
- }
- },
- "readinessProbe": {
- "exec": {
- "command": [
- "/bin/bash",
- "-c",
- "/opt/eap/bin/readinessProbe.sh"
- ]
- }
- },
- "ports": [
- {
- "name": "jolokia",
- "containerPort": 8778,
- "protocol": "TCP"
- },
- {
- "name": "http",
- "containerPort": 8080,
- "protocol": "TCP"
- },
- {
- "name": "https",
- "containerPort": 8443,
- "protocol": "TCP"
- }
- ],
- "env": [
- {
- "name": "KIE_CONTAINER_DEPLOYMENT",
- "value": "${KIE_CONTAINER_DEPLOYMENT}"
- },
- {
- "name": "KIE_SERVER_PROTOCOL",
- "value": "${KIE_SERVER_PROTOCOL}"
- },
- {
- "name": "KIE_SERVER_PORT",
- "value": "${KIE_SERVER_PORT}"
- },
- {
- "name": "KIE_SERVER_USER",
- "value": "${KIE_SERVER_USER}"
- },
- {
- "name": "KIE_SERVER_PASSWORD",
- "value": "${KIE_SERVER_PASSWORD}"
- },
- {
- "name": "HTTPS_KEYSTORE_DIR",
- "value": "/etc/decisionserver-secret-volume"
- },
- {
- "name": "HTTPS_KEYSTORE",
- "value": "${HTTPS_KEYSTORE}"
- },
- {
- "name": "HTTPS_NAME",
- "value": "${HTTPS_NAME}"
- },
- {
- "name": "HTTPS_PASSWORD",
- "value": "${HTTPS_PASSWORD}"
- },
- {
- "name": "HORNETQ_CLUSTER_PASSWORD",
- "value": "${HORNETQ_CLUSTER_PASSWORD}"
- },
- {
- "name": "HORNETQ_QUEUES",
- "value": "${HORNETQ_QUEUES}"
- },
- {
- "name": "HORNETQ_TOPICS",
- "value": "${HORNETQ_TOPICS}"
- }
- ]
- }
- ],
- "volumes": [
- {
- "name": "decisionserver-keystore-volume",
- "secret": {
- "secretName": "${HTTPS_SECRET}"
- }
- }
- ]
- }
- }
- }
- }
- ]
-}
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/decisionserver63-amq-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/decisionserver63-amq-s2i.json
deleted file mode 100644
index ecea54d94..000000000
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/decisionserver63-amq-s2i.json
+++ /dev/null
@@ -1,748 +0,0 @@
-{
- "kind": "Template",
- "apiVersion": "v1",
- "metadata": {
- "annotations": {
- "description": "Application template for Red Hat JBoss BRMS 6.3 decision server A-MQ applications built using S2I.",
- "iconClass": "icon-jboss",
- "tags": "decisionserver,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss BRMS 6.3 decision server + A-MQ (with https)"
- },
- "name": "decisionserver63-amq-s2i"
- },
- "labels": {
- "template": "decisionserver63-amq-s2i",
- "xpaas": "1.4.0"
- },
- "message": "A new BRMS/A-MQ application with SSL support has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the A-MQ service use the credentials ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"decisionserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
- "parameters": [
- {
- "displayName": "KIE Container Deployment",
- "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
- "name": "KIE_CONTAINER_DEPLOYMENT",
- "value": "decisionserver-hellorules=org.openshift.quickstarts:decisionserver-hellorules:1.3.0.Final",
- "required": false
- },
- {
- "displayName": "KIE Server Username",
- "description": "The user name to access the KIE Server REST or JMS interface.",
- "name": "KIE_SERVER_USER",
- "value": "kieserver",
- "required": false
- },
- {
- "displayName": "KIE Server Password",
- "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
- "name": "KIE_SERVER_PASSWORD",
- "from": "[a-zA-Z]{6}[0-9]{1}!",
- "generate": "expression",
- "required": false
- },
- {
- "displayName": "KIE Server Domain",
- "description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
- "name": "KIE_SERVER_DOMAIN",
- "value": "other",
- "required": false
- },
- {
- "displayName": "KIE Server JMS Queues Request",
- "description": "JNDI name of request queue for JMS.",
- "name": "KIE_SERVER_JMS_QUEUES_REQUEST",
- "value": "queue/KIE.SERVER.REQUEST",
- "required": false
- },
- {
- "displayName": "KIE Server JMS Queues Response",
- "description": "JNDI name of response queue for JMS.",
- "name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
- "value": "queue/KIE.SERVER.RESPONSE",
- "required": false
- },
- {
- "displayName": "Application Name",
- "description": "The name for the application.",
- "name": "APPLICATION_NAME",
- "value": "kie-app",
- "required": true
- },
- {
- "displayName": "Custom http Route Hostname",
- "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
- "name": "HOSTNAME_HTTP",
- "value": "",
- "required": false
- },
- {
- "displayName": "Custom https Route Hostname",
- "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
- "name": "HOSTNAME_HTTPS",
- "value": "",
- "required": false
- },
- {
- "displayName": "Git Repository URL",
- "description": "Git source URI for application",
- "name": "SOURCE_REPOSITORY_URL",
- "value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
- "required": true
- },
- {
- "displayName": "Git Reference",
- "description": "Git branch/tag reference",
- "name": "SOURCE_REPOSITORY_REF",
- "value": "1.3",
- "required": false
- },
- {
- "displayName": "Context Directory",
- "description": "Path within Git project to build; empty for root project directory.",
- "name": "CONTEXT_DIR",
- "value": "decisionserver/hellorules",
- "required": false
- },
- {
- "displayName": "JMS Connection Factory JNDI Name",
- "description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/JmsXA",
- "name": "MQ_JNDI",
- "value": "java:/JmsXA",
- "required": false
- },
- {
- "displayName": "A-MQ Protocols",
- "description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
- "name": "MQ_PROTOCOL",
- "value": "openwire",
- "required": false
- },
- {
- "displayName": "Queues",
- "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
- "name": "MQ_QUEUES",
- "value": "KIE.SERVER.REQUEST,KIE.SERVER.RESPONSE",
- "required": false
- },
- {
- "displayName": "Topics",
- "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
- "name": "MQ_TOPICS",
- "value": "",
- "required": false
- },
- {
- "displayName": "Server Keystore Secret Name",
- "description": "The name of the secret containing the keystore file",
- "name": "HTTPS_SECRET",
- "value": "decisionserver-app-secret",
- "required": false
- },
- {
- "displayName": "Server Keystore Filename",
- "description": "The name of the keystore file within the secret",
- "name": "HTTPS_KEYSTORE",
- "value": "keystore.jks",
- "required": false
- },
- {
- "displayName": "Server Certificate Name",
- "description": "The name associated with the server certificate",
- "name": "HTTPS_NAME",
- "value": "jboss",
- "required": false
- },
- {
- "displayName": "Server Keystore Password",
- "description": "The password for the keystore and certificate",
- "name": "HTTPS_PASSWORD",
- "value": "mykeystorepass",
- "required": false
- },
- {
- "displayName": "A-MQ Username",
- "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
- "name": "MQ_USERNAME",
- "from": "user[a-zA-Z0-9]{3}",
- "generate": "expression",
- "required": false
- },
- {
- "displayName": "A-MQ Password",
- "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
- "name": "MQ_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": false
- },
- {
- "displayName": "A-MQ Mesh Discovery Type",
- "description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
- "name": "AMQ_MESH_DISCOVERY_TYPE",
- "value": "kube",
- "required": false
- },
- {
- "displayName": "A-MQ Storage Limit",
- "description": "The A-MQ storage usage limit",
- "name": "AMQ_STORAGE_USAGE_LIMIT",
- "value": "100 gb",
- "required": false
- },
- {
- "displayName": "Github Webhook Secret",
- "description": "GitHub trigger secret",
- "name": "GITHUB_WEBHOOK_SECRET",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Generic Webhook Secret",
- "description": "Generic build trigger secret",
- "name": "GENERIC_WEBHOOK_SECRET",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "ImageStream Namespace",
- "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
- "name": "IMAGE_STREAM_NAMESPACE",
- "value": "openshift",
- "required": true
- },
- {
- "displayName": "Maven mirror URL",
- "description": "Maven mirror to use for S2I builds",
- "name": "MAVEN_MIRROR_URL",
- "value": "",
- "required": false
- },
- {
- "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
- "name": "ARTIFACT_DIR",
- "value": "",
- "required": false
- }
- ],
- "objects": [
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 8080,
- "targetPort": 8080
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The web server's HTTP port.",
- "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
- }
- }
- },
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 8443,
- "targetPort": 8443
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- }
- },
- "metadata": {
- "name": "secure-${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The web server's HTTPS port.",
- "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
- }
- }
- },
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 61616,
- "targetPort": 61616
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}-amq"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}-amq-tcp",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The broker's OpenWire port."
- }
- }
- },
- {
- "kind": "Route",
- "apiVersion": "v1",
- "id": "${APPLICATION_NAME}-http",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "Route for application's HTTP service."
- }
- },
- "spec": {
- "host": "${HOSTNAME_HTTP}",
- "to": {
- "name": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "kind": "Route",
- "apiVersion": "v1",
- "id": "${APPLICATION_NAME}-https",
- "metadata": {
- "name": "secure-${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "Route for application's HTTPS service."
- }
- },
- "spec": {
- "host": "${HOSTNAME_HTTPS}",
- "to": {
- "name": "secure-${APPLICATION_NAME}"
- },
- "tls": {
- "termination": "passthrough"
- }
- }
- },
- {
- "kind": "ImageStream",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "kind": "BuildConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "source": {
- "type": "Git",
- "git": {
- "uri": "${SOURCE_REPOSITORY_URL}",
- "ref": "${SOURCE_REPOSITORY_REF}"
- },
- "contextDir": "${CONTEXT_DIR}"
- },
- "strategy": {
- "type": "Source",
- "sourceStrategy": {
- "env": [
- {
- "name": "KIE_CONTAINER_DEPLOYMENT",
- "value": "${KIE_CONTAINER_DEPLOYMENT}"
- },
- {
- "name": "MAVEN_MIRROR_URL",
- "value": "${MAVEN_MIRROR_URL}"
- },
- {
- "name": "ARTIFACT_DIR",
- "value": "${ARTIFACT_DIR}"
- }
- ],
- "forcePull": true,
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-decisionserver63-openshift:1.4"
- }
- }
- },
- "output": {
- "to": {
- "kind": "ImageStreamTag",
- "name": "${APPLICATION_NAME}:latest"
- }
- },
- "triggers": [
- {
- "type": "GitHub",
- "github": {
- "secret": "${GITHUB_WEBHOOK_SECRET}"
- }
- },
- {
- "type": "Generic",
- "generic": {
- "secret": "${GENERIC_WEBHOOK_SECRET}"
- }
- },
- {
- "type": "ImageChange",
- "imageChange": {}
- },
- {
- "type": "ConfigChange"
- }
- ]
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}"
- ],
- "from": {
- "kind": "ImageStream",
- "name": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}",
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "serviceAccountName": "decisionserver-service-account",
- "terminationGracePeriodSeconds": 60,
- "containers": [
- {
- "name": "${APPLICATION_NAME}",
- "image": "${APPLICATION_NAME}",
- "imagePullPolicy": "Always",
- "volumeMounts": [
- {
- "name": "decisionserver-keystore-volume",
- "mountPath": "/etc/decisionserver-secret-volume",
- "readOnly": true
- }
- ],
- "livenessProbe": {
- "exec": {
- "command": [
- "/bin/bash",
- "-c",
- "/opt/eap/bin/livenessProbe.sh"
- ]
- }
- },
- "readinessProbe": {
- "exec": {
- "command": [
- "/bin/bash",
- "-c",
- "/opt/eap/bin/readinessProbe.sh"
- ]
- }
- },
- "ports": [
- {
- "name": "jolokia",
- "containerPort": 8778,
- "protocol": "TCP"
- },
- {
- "name": "http",
- "containerPort": 8080,
- "protocol": "TCP"
- },
- {
- "name": "https",
- "containerPort": 8443,
- "protocol": "TCP"
- }
- ],
- "env": [
- {
- "name": "KIE_CONTAINER_DEPLOYMENT",
- "value": "${KIE_CONTAINER_DEPLOYMENT}"
- },
- {
- "name": "KIE_SERVER_USER",
- "value": "${KIE_SERVER_USER}"
- },
- {
- "name": "KIE_SERVER_PASSWORD",
- "value": "${KIE_SERVER_PASSWORD}"
- },
- {
- "name": "KIE_SERVER_DOMAIN",
- "value": "${KIE_SERVER_DOMAIN}"
- },
- {
- "name": "KIE_SERVER_JMS_QUEUES_REQUEST",
- "value": "${KIE_SERVER_JMS_QUEUES_REQUEST}"
- },
- {
- "name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
- "value": "${KIE_SERVER_JMS_QUEUES_RESPONSE}"
- },
- {
- "name": "MQ_SERVICE_PREFIX_MAPPING",
- "value": "${APPLICATION_NAME}-amq=MQ"
- },
- {
- "name": "MQ_JNDI",
- "value": "${MQ_JNDI}"
- },
- {
- "name": "MQ_USERNAME",
- "value": "${MQ_USERNAME}"
- },
- {
- "name": "MQ_PASSWORD",
- "value": "${MQ_PASSWORD}"
- },
- {
- "name": "MQ_PROTOCOL",
- "value": "tcp"
- },
- {
- "name": "MQ_QUEUES",
- "value": "${MQ_QUEUES}"
- },
- {
- "name": "MQ_TOPICS",
- "value": "${MQ_TOPICS}"
- },
- {
- "name": "HTTPS_KEYSTORE_DIR",
- "value": "/etc/decisionserver-secret-volume"
- },
- {
- "name": "HTTPS_KEYSTORE",
- "value": "${HTTPS_KEYSTORE}"
- },
- {
- "name": "HTTPS_NAME",
- "value": "${HTTPS_NAME}"
- },
- {
- "name": "HTTPS_PASSWORD",
- "value": "${HTTPS_PASSWORD}"
- }
- ]
- }
- ],
- "volumes": [
- {
- "name": "decisionserver-keystore-volume",
- "secret": {
- "secretName": "${HTTPS_SECRET}"
- }
- }
- ]
- }
- }
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}-amq",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}-amq"
- ],
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.4"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}-amq"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}-amq",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}-amq",
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "terminationGracePeriodSeconds": 60,
- "containers": [
- {
- "name": "${APPLICATION_NAME}-amq",
- "image": "jboss-amq-62",
- "imagePullPolicy": "Always",
- "readinessProbe": {
- "exec": {
- "command": [
- "/bin/bash",
- "-c",
- "/opt/amq/bin/readinessProbe.sh"
- ]
- }
- },
- "ports": [
- {
- "name": "jolokia",
- "containerPort": 8778,
- "protocol": "TCP"
- },
- {
- "name": "amqp",
- "containerPort": 5672,
- "protocol": "TCP"
- },
- {
- "name": "amqp-ssl",
- "containerPort": 5671,
- "protocol": "TCP"
- },
- {
- "name": "mqtt",
- "containerPort": 1883,
- "protocol": "TCP"
- },
- {
- "name": "stomp",
- "containerPort": 61613,
- "protocol": "TCP"
- },
- {
- "name": "stomp-ssl",
- "containerPort": 61612,
- "protocol": "TCP"
- },
- {
- "name": "tcp",
- "containerPort": 61616,
- "protocol": "TCP"
- },
- {
- "name": "tcp-ssl",
- "containerPort": 61617,
- "protocol": "TCP"
- }
- ],
- "env": [
- {
- "name": "AMQ_USER",
- "value": "${MQ_USERNAME}"
- },
- {
- "name": "AMQ_PASSWORD",
- "value": "${MQ_PASSWORD}"
- },
- {
- "name": "AMQ_TRANSPORTS",
- "value": "${MQ_PROTOCOL}"
- },
- {
- "name": "AMQ_MESH_DISCOVERY_TYPE",
- "value": "${AMQ_MESH_DISCOVERY_TYPE}"
- },
- {
- "name": "AMQ_MESH_SERVICE_NAME",
- "value": "${APPLICATION_NAME}-amq-tcp"
- },
- {
- "name": "AMQ_MESH_SERVICE_NAMESPACE",
- "valueFrom": {
- "fieldRef": {
- "fieldPath": "metadata.namespace"
- }
- }
- },
- {
- "name": "AMQ_STORAGE_USAGE_LIMIT",
- "value": "${AMQ_STORAGE_USAGE_LIMIT}"
- }
- ]
- }
- ]
- }
- }
- }
- }
- ]
-}
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/decisionserver63-basic-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/decisionserver63-basic-s2i.json
deleted file mode 100644
index d655dbe94..000000000
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/decisionserver63-basic-s2i.json
+++ /dev/null
@@ -1,376 +0,0 @@
-{
- "kind": "Template",
- "apiVersion": "v1",
- "metadata": {
- "annotations": {
- "description": "Application template for Red Hat JBoss BRMS 6.3 decision server applications built using S2I.",
- "iconClass": "icon-jboss",
- "tags": "decisionserver,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss BRMS 6.3 decision server (no https)"
- },
- "name": "decisionserver63-basic-s2i"
- },
- "labels": {
- "template": "decisionserver63-basic-s2i",
- "xpaas": "1.4.0"
- },
- "message": "A new BRMS application has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}.",
- "parameters": [
- {
- "displayName": "KIE Container Deployment",
- "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
- "name": "KIE_CONTAINER_DEPLOYMENT",
- "value": "decisionserver-hellorules=org.openshift.quickstarts:decisionserver-hellorules:1.3.0.Final",
- "required": false
- },
- {
- "displayName": "KIE Server Username",
- "description": "The user name to access the KIE Server REST or JMS interface.",
- "name": "KIE_SERVER_USER",
- "value": "kieserver",
- "required": false
- },
- {
- "displayName": "KIE Server Password",
- "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
- "name": "KIE_SERVER_PASSWORD",
- "from": "[a-zA-Z]{6}[0-9]{1}!",
- "generate": "expression",
- "required": false
- },
- {
- "displayName": "Application Name",
- "description": "The name for the application.",
- "name": "APPLICATION_NAME",
- "value": "kie-app",
- "required": true
- },
- {
- "displayName": "Custom http Route Hostname",
- "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
- "name": "HOSTNAME_HTTP",
- "value": "",
- "required": false
- },
- {
- "displayName": "Git Repository URL",
- "description": "Git source URI for application",
- "name": "SOURCE_REPOSITORY_URL",
- "value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
- "required": true
- },
- {
- "displayName": "Git Reference",
- "description": "Git branch/tag reference",
- "name": "SOURCE_REPOSITORY_REF",
- "value": "1.3",
- "required": false
- },
- {
- "displayName": "Context Directory",
- "description": "Path within Git project to build; empty for root project directory.",
- "name": "CONTEXT_DIR",
- "value": "decisionserver/hellorules",
- "required": false
- },
- {
- "displayName": "Queues",
- "description": "Queue names",
- "name": "HORNETQ_QUEUES",
- "value": "",
- "required": false
- },
- {
- "displayName": "Topics",
- "description": "Topic names",
- "name": "HORNETQ_TOPICS",
- "value": "",
- "required": false
- },
- {
- "displayName": "HornetQ Password",
- "description": "HornetQ cluster admin password",
- "name": "HORNETQ_CLUSTER_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Github Webhook Secret",
- "description": "GitHub trigger secret",
- "name": "GITHUB_WEBHOOK_SECRET",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Generic Webhook Secret",
- "description": "Generic build trigger secret",
- "name": "GENERIC_WEBHOOK_SECRET",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "ImageStream Namespace",
- "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
- "name": "IMAGE_STREAM_NAMESPACE",
- "value": "openshift",
- "required": true
- },
- {
- "displayName": "Maven mirror URL",
- "description": "Maven mirror to use for S2I builds",
- "name": "MAVEN_MIRROR_URL",
- "value": "",
- "required": false
- },
- {
- "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
- "name": "ARTIFACT_DIR",
- "value": "",
- "required": false
- }
- ],
- "objects": [
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 8080,
- "targetPort": 8080
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The web server's http port."
- }
- }
- },
- {
- "kind": "Route",
- "apiVersion": "v1",
- "id": "${APPLICATION_NAME}-http",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "Route for application's http service."
- }
- },
- "spec": {
- "host": "${HOSTNAME_HTTP}",
- "to": {
- "name": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "kind": "ImageStream",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "kind": "BuildConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "source": {
- "type": "Git",
- "git": {
- "uri": "${SOURCE_REPOSITORY_URL}",
- "ref": "${SOURCE_REPOSITORY_REF}"
- },
- "contextDir": "${CONTEXT_DIR}"
- },
- "strategy": {
- "type": "Source",
- "sourceStrategy": {
- "env": [
- {
- "name": "KIE_CONTAINER_DEPLOYMENT",
- "value": "${KIE_CONTAINER_DEPLOYMENT}"
- },
- {
- "name": "MAVEN_MIRROR_URL",
- "value": "${MAVEN_MIRROR_URL}"
- },
- {
- "name": "ARTIFACT_DIR",
- "value": "${ARTIFACT_DIR}"
- }
- ],
- "forcePull": true,
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-decisionserver63-openshift:1.4"
- }
- }
- },
- "output": {
- "to": {
- "kind": "ImageStreamTag",
- "name": "${APPLICATION_NAME}:latest"
- }
- },
- "triggers": [
- {
- "type": "GitHub",
- "github": {
- "secret": "${GITHUB_WEBHOOK_SECRET}"
- }
- },
- {
- "type": "Generic",
- "generic": {
- "secret": "${GENERIC_WEBHOOK_SECRET}"
- }
- },
- {
- "type": "ImageChange",
- "imageChange": {}
- },
- {
- "type": "ConfigChange"
- }
- ]
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}"
- ],
- "from": {
- "kind": "ImageStream",
- "name": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}",
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "terminationGracePeriodSeconds": 60,
- "containers": [
- {
- "name": "${APPLICATION_NAME}",
- "image": "${APPLICATION_NAME}",
- "imagePullPolicy": "Always",
- "livenessProbe": {
- "exec": {
- "command": [
- "/bin/bash",
- "-c",
- "/opt/eap/bin/livenessProbe.sh"
- ]
- }
- },
- "readinessProbe": {
- "exec": {
- "command": [
- "/bin/bash",
- "-c",
- "/opt/eap/bin/readinessProbe.sh"
- ]
- }
- },
- "ports": [
- {
- "name": "jolokia",
- "containerPort": 8778,
- "protocol": "TCP"
- },
- {
- "name": "http",
- "containerPort": 8080,
- "protocol": "TCP"
- }
- ],
- "env": [
- {
- "name": "KIE_CONTAINER_DEPLOYMENT",
- "value": "${KIE_CONTAINER_DEPLOYMENT}"
- },
- {
- "name": "KIE_SERVER_USER",
- "value": "${KIE_SERVER_USER}"
- },
- {
- "name": "KIE_SERVER_PASSWORD",
- "value": "${KIE_SERVER_PASSWORD}"
- },
- {
- "name": "HORNETQ_CLUSTER_PASSWORD",
- "value": "${HORNETQ_CLUSTER_PASSWORD}"
- },
- {
- "name": "HORNETQ_QUEUES",
- "value": "${HORNETQ_QUEUES}"
- },
- {
- "name": "HORNETQ_TOPICS",
- "value": "${HORNETQ_TOPICS}"
- }
- ]
- }
- ]
- }
- }
- }
- }
- ]
-}
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/decisionserver63-https-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/decisionserver63-https-s2i.json
deleted file mode 100644
index 78e79c0cf..000000000
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/decisionserver63-https-s2i.json
+++ /dev/null
@@ -1,517 +0,0 @@
-{
- "kind": "Template",
- "apiVersion": "v1",
- "metadata": {
- "annotations": {
- "description": "Application template for Red Hat JBoss BRMS 6.3 decision server HTTPS applications built using S2I.",
- "iconClass": "icon-jboss",
- "tags": "decisionserver,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss BRMS 6.3 decision server (with https)"
- },
- "name": "decisionserver63-https-s2i"
- },
- "labels": {
- "template": "decisionserver63-https-s2i",
- "xpaas": "1.4.0"
- },
- "message": "A new BRMS application with SSL support has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. Please be sure to create the \"decisionserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
- "parameters": [
- {
- "displayName": "KIE Container Deployment",
- "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
- "name": "KIE_CONTAINER_DEPLOYMENT",
- "value": "decisionserver-hellorules=org.openshift.quickstarts:decisionserver-hellorules:1.3.0.Final",
- "required": false
- },
- {
- "displayName": "KIE Server Protocol",
- "description": "The protocol to access the KIE Server REST interface.",
- "name": "KIE_SERVER_PROTOCOL",
- "value": "https",
- "required": false
- },
- {
- "displayName": "KIE Server Port",
- "description": "The port to access the KIE Server REST interface.",
- "name": "KIE_SERVER_PORT",
- "value": "8443",
- "required": false
- },
- {
- "displayName": "KIE Server Username",
- "description": "The user name to access the KIE Server REST or JMS interface.",
- "name": "KIE_SERVER_USER",
- "value": "kieserver",
- "required": false
- },
- {
- "displayName": "KIE Server Password",
- "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
- "name": "KIE_SERVER_PASSWORD",
- "from": "[a-zA-Z]{6}[0-9]{1}!",
- "generate": "expression",
- "required": false
- },
- {
- "displayName": "Application Name",
- "description": "The name for the application.",
- "name": "APPLICATION_NAME",
- "value": "kie-app",
- "required": true
- },
- {
- "displayName": "Custom http Route Hostname",
- "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
- "name": "HOSTNAME_HTTP",
- "value": "",
- "required": false
- },
- {
- "displayName": "Custom https Route Hostname",
- "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
- "name": "HOSTNAME_HTTPS",
- "value": "",
- "required": false
- },
- {
- "displayName": "Git Repository URL",
- "description": "Git source URI for application",
- "name": "SOURCE_REPOSITORY_URL",
- "value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
- "required": true
- },
- {
- "displayName": "Git Reference",
- "description": "Git branch/tag reference",
- "name": "SOURCE_REPOSITORY_REF",
- "value": "1.3",
- "required": false
- },
- {
- "displayName": "Context Directory",
- "description": "Path within Git project to build; empty for root project directory.",
- "name": "CONTEXT_DIR",
- "value": "decisionserver/hellorules",
- "required": false
- },
- {
- "displayName": "Queues",
- "description": "Queue names",
- "name": "HORNETQ_QUEUES",
- "value": "",
- "required": false
- },
- {
- "displayName": "Topics",
- "description": "Topic names",
- "name": "HORNETQ_TOPICS",
- "value": "",
- "required": false
- },
- {
- "displayName": "Server Keystore Secret Name",
- "description": "The name of the secret containing the keystore file",
- "name": "HTTPS_SECRET",
- "value": "decisionserver-app-secret",
- "required": true
- },
- {
- "displayName": "Server Keystore Filename",
- "description": "The name of the keystore file within the secret",
- "name": "HTTPS_KEYSTORE",
- "value": "keystore.jks",
- "required": false
- },
- {
- "displayName": "Server Certificate Name",
- "description": "The name associated with the server certificate",
- "name": "HTTPS_NAME",
- "value": "jboss",
- "required": false
- },
- {
- "displayName": "Server Keystore Password",
- "description": "The password for the keystore and certificate",
- "name": "HTTPS_PASSWORD",
- "value": "mykeystorepass",
- "required": false
- },
- {
- "displayName": "HornetQ Password",
- "description": "HornetQ cluster admin password",
- "name": "HORNETQ_CLUSTER_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Github Webhook Secret",
- "description": "GitHub trigger secret",
- "name": "GITHUB_WEBHOOK_SECRET",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Generic Webhook Secret",
- "description": "Generic build trigger secret",
- "name": "GENERIC_WEBHOOK_SECRET",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "ImageStream Namespace",
- "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
- "name": "IMAGE_STREAM_NAMESPACE",
- "value": "openshift",
- "required": true
- },
- {
- "displayName": "Maven mirror URL",
- "description": "Maven mirror to use for S2I builds",
- "name": "MAVEN_MIRROR_URL",
- "value": "",
- "required": false
- },
- {
- "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
- "name": "ARTIFACT_DIR",
- "value": "",
- "required": false
- }
- ],
- "objects": [
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 8080,
- "targetPort": 8080
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The web server's http port."
- }
- }
- },
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 8443,
- "targetPort": 8443
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- }
- },
- "metadata": {
- "name": "secure-${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The web server's https port."
- }
- }
- },
- {
- "kind": "Route",
- "apiVersion": "v1",
- "id": "${APPLICATION_NAME}-http",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "Route for application's http service."
- }
- },
- "spec": {
- "host": "${HOSTNAME_HTTP}",
- "to": {
- "name": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "kind": "Route",
- "apiVersion": "v1",
- "id": "${APPLICATION_NAME}-https",
- "metadata": {
- "name": "secure-${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "Route for application's https service."
- }
- },
- "spec": {
- "host": "${HOSTNAME_HTTPS}",
- "to": {
- "name": "secure-${APPLICATION_NAME}"
- },
- "tls": {
- "termination": "passthrough"
- }
- }
- },
- {
- "kind": "ImageStream",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "kind": "BuildConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "source": {
- "type": "Git",
- "git": {
- "uri": "${SOURCE_REPOSITORY_URL}",
- "ref": "${SOURCE_REPOSITORY_REF}"
- },
- "contextDir": "${CONTEXT_DIR}"
- },
- "strategy": {
- "type": "Source",
- "sourceStrategy": {
- "env": [
- {
- "name": "KIE_CONTAINER_DEPLOYMENT",
- "value": "${KIE_CONTAINER_DEPLOYMENT}"
- },
- {
- "name": "MAVEN_MIRROR_URL",
- "value": "${MAVEN_MIRROR_URL}"
- },
- {
- "name": "ARTIFACT_DIR",
- "value": "${ARTIFACT_DIR}"
- }
- ],
- "forcePull": true,
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-decisionserver63-openshift:1.4"
- }
- }
- },
- "output": {
- "to": {
- "kind": "ImageStreamTag",
- "name": "${APPLICATION_NAME}:latest"
- }
- },
- "triggers": [
- {
- "type": "GitHub",
- "github": {
- "secret": "${GITHUB_WEBHOOK_SECRET}"
- }
- },
- {
- "type": "Generic",
- "generic": {
- "secret": "${GENERIC_WEBHOOK_SECRET}"
- }
- },
- {
- "type": "ImageChange",
- "imageChange": {}
- },
- {
- "type": "ConfigChange"
- }
- ]
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}"
- ],
- "from": {
- "kind": "ImageStream",
- "name": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}",
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "serviceAccountName": "decisionserver-service-account",
- "terminationGracePeriodSeconds": 60,
- "containers": [
- {
- "name": "${APPLICATION_NAME}",
- "image": "${APPLICATION_NAME}",
- "imagePullPolicy": "Always",
- "volumeMounts": [
- {
- "name": "decisionserver-keystore-volume",
- "mountPath": "/etc/decisionserver-secret-volume",
- "readOnly": true
- }
- ],
- "livenessProbe": {
- "exec": {
- "command": [
- "/bin/bash",
- "-c",
- "/opt/eap/bin/livenessProbe.sh"
- ]
- }
- },
- "readinessProbe": {
- "exec": {
- "command": [
- "/bin/bash",
- "-c",
- "/opt/eap/bin/readinessProbe.sh"
- ]
- }
- },
- "ports": [
- {
- "name": "jolokia",
- "containerPort": 8778,
- "protocol": "TCP"
- },
- {
- "name": "http",
- "containerPort": 8080,
- "protocol": "TCP"
- },
- {
- "name": "https",
- "containerPort": 8443,
- "protocol": "TCP"
- }
- ],
- "env": [
- {
- "name": "KIE_CONTAINER_DEPLOYMENT",
- "value": "${KIE_CONTAINER_DEPLOYMENT}"
- },
- {
- "name": "KIE_SERVER_PROTOCOL",
- "value": "${KIE_SERVER_PROTOCOL}"
- },
- {
- "name": "KIE_SERVER_PORT",
- "value": "${KIE_SERVER_PORT}"
- },
- {
- "name": "KIE_SERVER_USER",
- "value": "${KIE_SERVER_USER}"
- },
- {
- "name": "KIE_SERVER_PASSWORD",
- "value": "${KIE_SERVER_PASSWORD}"
- },
- {
- "name": "HTTPS_KEYSTORE_DIR",
- "value": "/etc/decisionserver-secret-volume"
- },
- {
- "name": "HTTPS_KEYSTORE",
- "value": "${HTTPS_KEYSTORE}"
- },
- {
- "name": "HTTPS_NAME",
- "value": "${HTTPS_NAME}"
- },
- {
- "name": "HTTPS_PASSWORD",
- "value": "${HTTPS_PASSWORD}"
- },
- {
- "name": "HORNETQ_CLUSTER_PASSWORD",
- "value": "${HORNETQ_CLUSTER_PASSWORD}"
- },
- {
- "name": "HORNETQ_QUEUES",
- "value": "${HORNETQ_QUEUES}"
- },
- {
- "name": "HORNETQ_TOPICS",
- "value": "${HORNETQ_TOPICS}"
- }
- ]
- }
- ],
- "volumes": [
- {
- "name": "decisionserver-keystore-volume",
- "secret": {
- "secretName": "${HTTPS_SECRET}"
- }
- }
- ]
- }
- }
- }
- }
- ]
-}
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/decisionserver64-amq-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/decisionserver64-amq-s2i.json
index c688a2a67..3006a7265 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/decisionserver64-amq-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/decisionserver64-amq-s2i.json
@@ -3,17 +3,21 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "description": "Application template for Red Hat JBoss BRMS 6.4 decision server A-MQ applications built using S2I.",
- "iconClass": "icon-jboss",
- "tags": "decisionserver,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss BRMS 6.4 decision server + A-MQ (with https)"
+ "iconClass": "icon-decisionserver",
+ "tags": "decisionserver,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss BRMS 6.4 decision server + A-MQ (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example BRMS decision server A-MQ application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat JBoss BRMS 6.4 decision server with A-MQ application, including a build configuration and application deployment configuration.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-brms/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
},
"name": "decisionserver64-amq-s2i"
},
"labels": {
"template": "decisionserver64-amq-s2i",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
"message": "A new BRMS/A-MQ application with SSL support has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the A-MQ service use the credentials ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"decisionserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
@@ -392,7 +396,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-decisionserver64-openshift:1.0"
+ "name": "jboss-decisionserver64-openshift:1.1"
}
}
},
@@ -626,7 +630,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-63:1.0"
+ "name": "jboss-amq-63:1.2"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/decisionserver64-basic-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/decisionserver64-basic-s2i.json
index 778c51844..eaee9c1a5 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/decisionserver64-basic-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/decisionserver64-basic-s2i.json
@@ -4,16 +4,16 @@
"metadata": {
"annotations": {
"description": "Application template for Red Hat JBoss BRMS 6.4 decision server applications built using S2I.",
- "iconClass": "icon-jboss",
+ "iconClass": "icon-decisionserver",
"tags": "decisionserver,jboss,xpaas",
- "version": "1.4.0",
+ "version": "1.4.7",
"openshift.io/display-name": "Red Hat JBoss BRMS 6.4 decision server (no https)"
},
"name": "decisionserver64-basic-s2i"
},
"labels": {
"template": "decisionserver64-basic-s2i",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
"message": "A new BRMS application has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}.",
"parameters": [
@@ -227,7 +227,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-decisionserver64-openshift:1.0"
+ "name": "jboss-decisionserver64-openshift:1.1"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/decisionserver64-https-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/decisionserver64-https-s2i.json
index e6c6961c1..cb6eb1706 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/decisionserver64-https-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/decisionserver64-https-s2i.json
@@ -4,16 +4,21 @@
"metadata": {
"annotations": {
"description": "Application template for Red Hat JBoss BRMS 6.4 decision server HTTPS applications built using S2I.",
- "iconClass": "icon-jboss",
- "tags": "decisionserver,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss BRMS 6.4 decision server (with https)"
+ "iconClass": "icon-decisionserver",
+ "tags": "decisionserver,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss BRMS 6.4 decision server (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example BRMS decision server application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat JBoss BRMS 6.4 decision server, including a build configuration, application deployment configuration and secured using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-brms/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
},
"name": "decisionserver64-https-s2i"
},
"labels": {
"template": "decisionserver64-https-s2i",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
"message": "A new BRMS application with SSL support has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. Please be sure to create the \"decisionserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
@@ -323,7 +328,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-decisionserver64-openshift:1.0"
+ "name": "jboss-decisionserver64-openshift:1.1"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap64-amq-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap64-amq-persistent-s2i.json
index 912838175..9ebbfd06c 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap64-amq-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap64-amq-persistent-s2i.json
@@ -3,17 +3,21 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "description": "Application template for EAP 6 A-MQ applications with persistent storage built using S2I.",
- "iconClass": "icon-jboss",
- "tags": "eap,javaee,java,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss EAP 6.4 + A-MQ (Persistent with https)"
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 6.4 + A-MQ (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 6 A-MQ application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 6.4 based application, including a build configuration, application deployment configuration, using Red Hat JBoss A-MQ with persistence and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
},
"name": "eap64-amq-persistent-s2i"
},
"labels": {
"template": "eap64-amq-persistent-s2i",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
"message": "A new EAP 6 and A-MQ persistent based application with SSL support has been created in your project. The username/password for accessing the A-MQ service is ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
@@ -423,7 +427,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap64-openshift:1.5"
+ "name": "jboss-eap64-openshift:1.6"
}
}
},
@@ -700,7 +704,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.4"
+ "name": "jboss-amq-62:1.6"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap64-amq-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap64-amq-s2i.json
index dd4c7a27b..6b0e1a30c 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap64-amq-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap64-amq-s2i.json
@@ -3,17 +3,21 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "description": "Application template for EAP 6 A-MQ applications built using S2I.",
- "iconClass": "icon-jboss",
- "tags": "eap,javaee,java,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss EAP 6.4 + A-MQ (Ephemeral with https)"
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 6.4 + A-MQ (Ephemeral with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 6 A-MQ application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 6.4 based application, including a build configuration, application deployment configuration, using Red Hat JBoss A-MQ and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
},
"name": "eap64-amq-s2i"
},
"labels": {
"template": "eap64-amq-s2i",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
"message": "A new EAP 6 and A-MQ based application with SSL support has been created in your project. The username/password for accessing the A-MQ service is ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
@@ -409,7 +413,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap64-openshift:1.5"
+ "name": "jboss-eap64-openshift:1.6"
}
}
},
@@ -683,7 +687,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.4"
+ "name": "jboss-amq-62:1.6"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap64-basic-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap64-basic-s2i.json
index e13b3851b..17fdd2333 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap64-basic-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap64-basic-s2i.json
@@ -3,17 +3,21 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "iconClass": "icon-jboss",
- "description": "Application template for EAP 6 applications built using S2I.",
- "tags": "eap,javaee,java,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss EAP 6.4 (no https)"
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 6.4 (no https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 6 application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 6.4 based application, including a build configuration, application deployment configuration and insecure communication using http.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
},
"name": "eap64-basic-s2i"
},
"labels": {
"template": "eap64-basic-s2i",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
"message": "A new EAP 6 based application has been created in your project.",
"parameters": [
@@ -216,7 +220,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap64-openshift:1.5"
+ "name": "jboss-eap64-openshift:1.6"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap64-https-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap64-https-s2i.json
index 0da32eb40..8616ac04f 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap64-https-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap64-https-s2i.json
@@ -3,17 +3,21 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "iconClass": "icon-jboss",
- "description": "Application template for EAP 6 applications built using S2I.",
- "tags": "eap,javaee,java,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss EAP 6.4 (with https)"
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 6.4 (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 6 application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 6.4 based application, including a build configuration, application deployment configuration and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
},
"name": "eap64-https-s2i"
},
"labels": {
"template": "eap64-https-s2i",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
"message": "A new EAP 6 based application with SSL support has been created in your project. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
@@ -340,7 +344,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap64-openshift:1.5"
+ "name": "jboss-eap64-openshift:1.6"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap64-mongodb-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap64-mongodb-persistent-s2i.json
index 77b75466d..ea3b46d78 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap64-mongodb-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap64-mongodb-persistent-s2i.json
@@ -3,17 +3,21 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "description": "Application template for EAP 6 MongoDB applications with persistent storage built using S2I.",
- "iconClass": "icon-jboss",
- "tags": "eap,javaee,java,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss EAP 6.4 + MongoDB (Persistent with https)"
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 6.4 + MongoDB (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 6 application with a MongoDB database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 6.4 based application, including a build configuration, application deployment configuration, database deployment configuration for MongoDB using persistence and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
},
"name": "eap64-mongodb-persistent-s2i"
},
"labels": {
"template": "eap64-mongodb-persistent-s2i",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
"message": "A new EAP 6 and MongoDB persistent based application with SSL support has been created in your project. The username/password for accessing the MongoDB database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
@@ -454,7 +458,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap64-openshift:1.5"
+ "name": "jboss-eap64-openshift:1.6"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap64-mongodb-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap64-mongodb-s2i.json
index 2785782d4..4aa9be281 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap64-mongodb-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap64-mongodb-s2i.json
@@ -3,17 +3,21 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "description": "Application template for EAP 6 MongoDB applications built using S2I.",
- "iconClass": "icon-jboss",
- "tags": "eap,javaee,java,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss EAP 6.4 + MongoDB (Ephemeral with https)"
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 6.4 + MongoDB (Ephemeral with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 6 application with a MongoDB database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 6.4 based application, including a build configuration, application deployment configuration, database deployment configuration for MongoDB using ephemeral (temporary) storage and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
},
"name": "eap64-mongodb-s2i"
},
"labels": {
"template": "eap64-mongodb-s2i",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
"message": "A new EAP 6 and MongoDB based application with SSL support has been created in your project. The username/password for accessing the MongoDB database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
@@ -447,7 +451,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap64-openshift:1.5"
+ "name": "jboss-eap64-openshift:1.6"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap64-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap64-mysql-persistent-s2i.json
index cca0f9c2b..304f11348 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap64-mysql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap64-mysql-persistent-s2i.json
@@ -3,17 +3,21 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "description": "Application template for EAP 6 MySQL applications with persistent storage built using S2I.",
- "iconClass": "icon-jboss",
- "tags": "eap,javaee,java,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss EAP 6.4 + MySQL (Persistent with https)"
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 6.4 + MySQL (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 6 application with a MySQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 6.4 based application, including a build configuration, application deployment configuration, database deployment configuration for MySQL using persistence and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
},
"name": "eap64-mysql-persistent-s2i"
},
"labels": {
"template": "eap64-mysql-persistent-s2i",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
"message": "A new EAP 6 and MySQL persistent based application with SSL support has been created in your project. The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
@@ -458,7 +462,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap64-openshift:1.5"
+ "name": "jboss-eap64-openshift:1.6"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap64-mysql-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap64-mysql-s2i.json
index 5766506fd..bc1cdaca5 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap64-mysql-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap64-mysql-s2i.json
@@ -3,17 +3,21 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "description": "Application template for EAP 6 MySQL applications built using S2I.",
- "iconClass": "icon-jboss",
- "tags": "eap,javaee,java,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss EAP 6.4 + MySQL (Ephemeral with https)"
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 6.4 + MySQL (Ephemeral with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 6 application with a MySQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 6.4 based application, including a build configuration, application deployment configuration, database deployment configuration for MySQL using ephemeral (temporary) storage and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
},
"name": "eap64-mysql-s2i"
},
"labels": {
"template": "eap64-mysql-s2i",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
"message": "A new EAP 6 and MySQL based application with SSL support has been created in your project. The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
@@ -451,7 +455,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap64-openshift:1.5"
+ "name": "jboss-eap64-openshift:1.6"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap64-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap64-postgresql-persistent-s2i.json
index 01891774d..d2e6ea25b 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap64-postgresql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap64-postgresql-persistent-s2i.json
@@ -3,17 +3,21 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "description": "Application template for EAP 6 PostgreSQL applications with persistent storage built using S2I.",
- "iconClass": "icon-jboss",
- "tags": "eap,javaee,java,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss EAP 6.4 + PostgreSQL (Persistent with https)"
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4 + PostgreSQL (Persistent with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 6 application with a PostgreSQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 6.4 based application, including a build configuration, application deployment configuration, database deployment configuration for PostgreSQL using persistence and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
},
"name": "eap64-postgresql-persistent-s2i"
},
"labels": {
"template": "eap64-postgresql-persistent-s2i",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
"message": "A new EAP 6 and PostgreSQL persistent based application with SSL support has been created in your project. The username/password for accessing the PostgreSQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
@@ -440,7 +444,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap64-openshift:1.5"
+ "name": "jboss-eap64-openshift:1.6"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap64-postgresql-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap64-postgresql-s2i.json
index e00f2b0e3..7a2d4009e 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap64-postgresql-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap64-postgresql-s2i.json
@@ -3,17 +3,21 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "description": "Application template for EAP 6 PostgreSQL applications built using S2I.",
- "iconClass": "icon-jboss",
- "tags": "eap,javaee,java,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss EAP 6.4 + PostgreSQL (Ephemeral with https)"
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 6.4 + PostgreSQL (Ephemeral with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 6 application with a PostgreSQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 6.4 based application, including a build configuration, application deployment configuration, database deployment configuration for PostgreSQL using ephemeral (temporary) storage and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
},
"name": "eap64-postgresql-s2i"
},
"labels": {
"template": "eap64-postgresql-s2i",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
"message": "A new EAP 6 and PostgreSQL based application with SSL support has been created in your project. The username/password for accessing the PostgreSQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
@@ -433,7 +437,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap64-openshift:1.5"
+ "name": "jboss-eap64-openshift:1.6"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap64-sso-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap64-sso-s2i.json
index ec0739d04..368f147f4 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap64-sso-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap64-sso-s2i.json
@@ -3,17 +3,21 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "iconClass": "icon-jboss",
- "description": "Application template for EAP 6 applications built using S2I, enabled for SSO.",
- "tags": "eap,javaee,java,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss EAP 6.4 + Single Sign-On (with https)"
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 6.4 + Single Sign-On (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 6 Single Sign-On application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 6.4 based application, including a build configuration, application deployment configuration and integrated with Red Hat Single Sign-On.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
},
"name": "eap64-sso-s2i"
},
"labels": {
"template": "eap64-sso-s2i",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
"message": "A new EAP 6 based application with SSL and SSO support has been created in your project. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
@@ -458,7 +462,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap64-openshift:1.5"
+ "name": "jboss-eap64-openshift:1.6"
},
"env": [
{
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap64-third-party-db-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap64-third-party-db-s2i.json
index e8f6d6585..701f4eee6 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap64-third-party-db-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap64-third-party-db-s2i.json
@@ -3,17 +3,21 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "iconClass": "icon-jboss",
- "description": "Application template for EAP 6 DB applications built using S2I. Includes support for installing third-party DB drivers.",
- "tags": "eap,javaee,java,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss EAP 6.4 (with https, supporting third-party DB drivers)"
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4 (with https, DB drivers)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 6 DB application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 6.4 based application, including a build configuration, application deployment configuration, using third-party DB drivers and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
},
"name": "eap64-third-party-db-s2i"
},
"labels": {
"template": "eap64-third-party-db-s2i",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
"message": "A new EAP 6 based application with SSL support has been created in your project. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets:\"${CONFIGURATION_NAME}\" containing the datasource configuration details required by the deployed application(s); \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
@@ -70,7 +74,7 @@
"displayName": "Drivers ImageStreamTag",
"description": "ImageStreamTag definition for the image containing the drivers and configuration, e.g. jboss-datavirt63-openshift:1.0-driver",
"name": "EXTENSIONS_IMAGE",
- "value": "jboss-datavirt63-driver-openshift:1.0",
+ "value": "jboss-datavirt63-driver-openshift:1.1",
"required": true
},
{
@@ -387,7 +391,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap64-openshift:1.5"
+ "name": "jboss-eap64-openshift:1.6"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap70-amq-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap70-amq-persistent-s2i.json
index 3f0eba6e3..d16756bad 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap70-amq-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap70-amq-persistent-s2i.json
@@ -3,17 +3,21 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "description": "Application template for EAP 7 A-MQ applications with persistent storage built using S2I.",
- "iconClass": "icon-jboss",
- "tags": "eap,javaee,java,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss EAP 7.0 + A-MQ (Persistent with https)"
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 7.0 + A-MQ (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 7 A-MQ application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 7.0 based application, including a build configuration, application deployment configuration, using Red Hat JBoss A-MQ with persistence and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
},
"name": "eap70-amq-persistent-s2i"
},
"labels": {
"template": "eap70-amq-persistent-s2i",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
"message": "A new EAP 7 and A-MQ persistent based application with SSL support has been created in your project. The username/password for accessing the A-MQ service is ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
@@ -423,7 +427,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.5"
+ "name": "jboss-eap70-openshift:1.6"
}
}
},
@@ -700,7 +704,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.4"
+ "name": "jboss-amq-62:1.6"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap70-amq-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap70-amq-s2i.json
index f2d65f353..70323214f 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap70-amq-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap70-amq-s2i.json
@@ -3,17 +3,21 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "description": "Application template for EAP 7 A-MQ applications built using S2I.",
- "iconClass": "icon-jboss",
- "tags": "eap,javaee,java,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss EAP 7.0 + A-MQ (with https)"
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 7.0 + A-MQ (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 7 A-MQ application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 7.0 based application, including a build configuration, application deployment configuration, using Red Hat JBoss A-MQ and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
},
"name": "eap70-amq-s2i"
},
"labels": {
"template": "eap70-amq-s2i",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
"message": "A new EAP 7 and A-MQ based application with SSL support has been created in your project. The username/password for accessing the A-MQ service is ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
@@ -409,7 +413,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.5"
+ "name": "jboss-eap70-openshift:1.6"
}
}
},
@@ -683,7 +687,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.4"
+ "name": "jboss-amq-62:1.6"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap70-basic-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap70-basic-s2i.json
index c33e3f7cb..312db1971 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap70-basic-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap70-basic-s2i.json
@@ -3,17 +3,21 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "iconClass": "icon-jboss",
- "description": "Application template for EAP 7 applications built using S2I.",
- "tags": "eap,javaee,java,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss EAP 7.0 (no https)"
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 7.0 (no https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 7 application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 7.0 based application, including a build configuration, application deployment configuration and insecure communication using http.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
},
"name": "eap70-basic-s2i"
},
"labels": {
"template": "eap70-basic-s2i",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
"message": "A new EAP 7 based application has been created in your project.",
"parameters": [
@@ -216,7 +220,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.5"
+ "name": "jboss-eap70-openshift:1.6"
}
}
},
@@ -299,17 +303,6 @@
"name": "${APPLICATION_NAME}",
"image": "${APPLICATION_NAME}",
"imagePullPolicy": "Always",
- "lifecycle": {
- "preStop": {
- "exec": {
- "command": [
- "/opt/eap/bin/jboss-cli.sh",
- "-c",
- ":shutdown(timeout=60)"
- ]
- }
- }
- },
"livenessProbe": {
"exec": {
"command": [
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap70-https-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap70-https-s2i.json
index 7542d31c8..7c3b35f5a 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap70-https-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap70-https-s2i.json
@@ -3,17 +3,21 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "iconClass": "icon-jboss",
- "description": "Application template for EAP 7 applications built using S2I.",
- "tags": "eap,javaee,java,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss EAP 7.0 (with https)"
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 7.0 (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 7 application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 7.0 based application, including a build configuration, application deployment configuration and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
},
"name": "eap70-https-s2i"
},
"labels": {
"template": "eap70-https-s2i",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
"message": "A new EAP 7 based application with SSL support has been created in your project. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
@@ -340,7 +344,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.5"
+ "name": "jboss-eap70-openshift:1.6"
}
}
},
@@ -436,17 +440,6 @@
"readOnly": true
}
],
- "lifecycle": {
- "preStop": {
- "exec": {
- "command": [
- "/opt/eap/bin/jboss-cli.sh",
- "-c",
- ":shutdown(timeout=60)"
- ]
- }
- }
- },
"livenessProbe": {
"exec": {
"command": [
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap70-mongodb-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap70-mongodb-persistent-s2i.json
index 8a7da66c1..205e451c7 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap70-mongodb-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap70-mongodb-persistent-s2i.json
@@ -3,17 +3,21 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "description": "Application template for EAP 7 MongoDB applications with persistent storage built using S2I.",
- "iconClass": "icon-jboss",
- "tags": "eap,javaee,java,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss EAP 7.0 + MongoDB (Persistent with https)"
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 7.0 + MongoDB (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 7 application with a MongoDB database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 7.0 based application, including a build configuration, application deployment configuration, database deployment configuration for MongoDB using persistence and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
},
"name": "eap70-mongodb-persistent-s2i"
},
"labels": {
"template": "eap70-mongodb-persistent-s2i",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
"message": "A new EAP 7 and MongoDB persistent based application with SSL support has been created in your project. The username/password for accessing the MongoDB database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
@@ -454,7 +458,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.5"
+ "name": "jboss-eap70-openshift:1.6"
}
}
},
@@ -550,17 +554,6 @@
"readOnly": true
}
],
- "lifecycle": {
- "preStop": {
- "exec": {
- "command": [
- "/opt/eap/bin/jboss-cli.sh",
- "-c",
- ":shutdown(timeout=60)"
- ]
- }
- }
- },
"livenessProbe": {
"exec": {
"command": [
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap70-mongodb-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap70-mongodb-s2i.json
index ae52a3deb..63b57d5dc 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap70-mongodb-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap70-mongodb-s2i.json
@@ -3,17 +3,21 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "description": "Application template for EAP 7 MongoDB applications built using S2I.",
- "iconClass": "icon-jboss",
- "tags": "eap,javaee,java,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss EAP 7.0 + MongoDB (Ephemeral with https)"
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "Boss EAP 7.0 + MongoDB (Ephemeral with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 7 application with a MongoDB database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 7.0 based application, including a build configuration, application deployment configuration, database deployment configuration for MongoDB using ephemeral (temporary) storage and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
},
"name": "eap70-mongodb-s2i"
},
"labels": {
"template": "eap70-mongodb-s2i",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
"message": "A new EAP 7 and MongoDB based application with SSL support has been created in your project. The username/password for accessing the MongoDB database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
@@ -447,7 +451,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.5"
+ "name": "jboss-eap70-openshift:1.6"
}
}
},
@@ -543,17 +547,6 @@
"readOnly": true
}
],
- "lifecycle": {
- "preStop": {
- "exec": {
- "command": [
- "/opt/eap/bin/jboss-cli.sh",
- "-c",
- ":shutdown(timeout=60)"
- ]
- }
- }
- },
"livenessProbe": {
"exec": {
"command": [
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap70-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap70-mysql-persistent-s2i.json
index a0a3d7717..f9f77f22c 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap70-mysql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap70-mysql-persistent-s2i.json
@@ -3,17 +3,21 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "description": "Application template for EAP 7 MySQL applications with persistent storage built using S2I.",
- "iconClass": "icon-jboss",
- "tags": "eap,javaee,java,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss EAP 7.0 + MySQL (Persistent with https)"
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 7.0 + MySQL (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 7 application with a MySQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 7.0 based application, including a build configuration, application deployment configuration, database deployment configuration for MySQL using persistence and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
},
"name": "eap70-mysql-persistent-s2i"
},
"labels": {
"template": "eap70-mysql-persistent-s2i",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
"message": "A new EAP 7 and MySQL persistent based application with SSL support has been created in your project. The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
@@ -458,7 +462,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.5"
+ "name": "jboss-eap70-openshift:1.6"
}
}
},
@@ -554,17 +558,6 @@
"readOnly": true
}
],
- "lifecycle": {
- "preStop": {
- "exec": {
- "command": [
- "/opt/eap/bin/jboss-cli.sh",
- "-c",
- ":shutdown(timeout=60)"
- ]
- }
- }
- },
"livenessProbe": {
"exec": {
"command": [
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap70-mysql-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap70-mysql-s2i.json
index 8255ade5d..8ea433a80 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap70-mysql-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap70-mysql-s2i.json
@@ -3,17 +3,21 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "description": "Application template for EAP 7 MySQL applications built using S2I.",
- "iconClass": "icon-jboss",
- "tags": "eap,javaee,java,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss EAP 7.0 + MySQL (Ephemeral with https)"
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 7.0 + MySQL (Ephemeral with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 7 application with a MySQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 7.1 based application, including a build configuration, application deployment configuration, database deployment configuration for MySQL using ephemeral (temporary) storage and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
},
"name": "eap70-mysql-s2i"
},
"labels": {
"template": "eap70-mysql-s2i",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
"message": "A new EAP 7 and MySQL based application with SSL support has been created in your project. The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
@@ -451,7 +455,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.5"
+ "name": "jboss-eap70-openshift:1.6"
}
}
},
@@ -547,17 +551,6 @@
"readOnly": true
}
],
- "lifecycle": {
- "preStop": {
- "exec": {
- "command": [
- "/opt/eap/bin/jboss-cli.sh",
- "-c",
- ":shutdown(timeout=60)"
- ]
- }
- }
- },
"livenessProbe": {
"exec": {
"command": [
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap70-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap70-postgresql-persistent-s2i.json
index 436c541d8..a2bc9d3b9 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap70-postgresql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap70-postgresql-persistent-s2i.json
@@ -3,17 +3,21 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "description": "Application template for EAP 7 PostgreSQL applications with persistent storage built using S2I.",
- "iconClass": "icon-jboss",
- "tags": "eap,javaee,java,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss EAP 7.0 + PostgreSQL (Persistent with https)"
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 7.0 + PostgreSQL (Persistent with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 7 application with a PostgreSQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 7.0 based application, including a build configuration, application deployment configuration, database deployment configuration for PostgreSQL using persistence and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
},
"name": "eap70-postgresql-persistent-s2i"
},
"labels": {
"template": "eap70-postgresql-persistent-s2i",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
"message": "A new EAP 7 and PostgreSQL persistent based application with SSL support has been created in your project. The username/password for accessing the PostgreSQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
@@ -440,7 +444,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.5"
+ "name": "jboss-eap70-openshift:1.6"
}
}
},
@@ -536,17 +540,6 @@
"readOnly": true
}
],
- "lifecycle": {
- "preStop": {
- "exec": {
- "command": [
- "/opt/eap/bin/jboss-cli.sh",
- "-c",
- ":shutdown(timeout=60)"
- ]
- }
- }
- },
"livenessProbe": {
"exec": {
"command": [
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap70-postgresql-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap70-postgresql-s2i.json
index a2a37a886..66b0c737d 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap70-postgresql-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap70-postgresql-s2i.json
@@ -3,17 +3,21 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "description": "Application template for EAP 7 PostgreSQL applications built using S2I.",
- "iconClass": "icon-jboss",
- "tags": "eap,javaee,java,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss EAP 7.0 + PostgreSQL (Ephemeral with https)"
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 7.0 + PostgreSQL (Ephemeral with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 7 application with a PostgreSQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 7.0 based application, including a build configuration, application deployment configuration, database deployment configuration for PostgreSQL using ephemeral (temporary) storage and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
},
"name": "eap70-postgresql-s2i"
},
"labels": {
"template": "eap70-postgresql-s2i",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
"message": "A new EAP 7 and PostgreSQL based application with SSL support has been created in your project. The username/password for accessing the PostgreSQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
@@ -433,7 +437,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.5"
+ "name": "jboss-eap70-openshift:1.6"
}
}
},
@@ -529,17 +533,6 @@
"readOnly": true
}
],
- "lifecycle": {
- "preStop": {
- "exec": {
- "command": [
- "/opt/eap/bin/jboss-cli.sh",
- "-c",
- ":shutdown(timeout=60)"
- ]
- }
- }
- },
"livenessProbe": {
"exec": {
"command": [
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap70-sso-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap70-sso-s2i.json
index 08a844cd9..2201ff7f3 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap70-sso-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap70-sso-s2i.json
@@ -3,17 +3,21 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "iconClass": "icon-jboss",
- "description": "Application template for EAP 6 applications built using S2I, enabled for SSO.",
- "tags": "eap,javaee,java,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss EAP 7.0 + Single Sign-On (with https)"
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 7.0 + Single Sign-On (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 7 Single Sign-On application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 7.0 based application, including a build configuration, application deployment configuration and integrated with Red Hat Single Sign-On.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
},
"name": "eap70-sso-s2i"
},
"labels": {
"template": "eap70-sso-s2i",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
"message": "A new EAP 7 based application with SSL and SSO support has been created in your project. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
@@ -62,18 +66,26 @@
{
"displayName": "Queues",
"description": "Queue names",
- "name": "HORNETQ_QUEUES",
+ "name": "MQ_QUEUES",
"value": "",
"required": false
},
{
"displayName": "Topics",
"description": "Topic names",
- "name": "HORNETQ_TOPICS",
+ "name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "A-MQ cluster password",
+ "description": "A-MQ cluster admin password",
+ "name": "MQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
"displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
@@ -116,14 +128,6 @@
"required": false
},
{
- "displayName": "HornetQ Password",
- "description": "HornetQ cluster admin password",
- "name": "HORNETQ_CLUSTER_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
"displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
@@ -458,7 +462,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.5"
+ "name": "jboss-eap70-openshift:1.6"
},
"env": [
{
@@ -578,17 +582,6 @@
"readOnly": true
}
],
- "lifecycle": {
- "preStop": {
- "exec": {
- "command": [
- "/opt/eap/bin/jboss-cli.sh",
- "-c",
- ":shutdown(timeout=60)"
- ]
- }
- }
- },
"livenessProbe": {
"exec": {
"command": [
@@ -671,16 +664,16 @@
"value": "${HTTPS_PASSWORD}"
},
{
- "name": "HORNETQ_CLUSTER_PASSWORD",
- "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ "name": "MQ_CLUSTER_PASSWORD",
+ "value": "${MQ_CLUSTER_PASSWORD}"
},
{
- "name": "HORNETQ_QUEUES",
- "value": "${HORNETQ_QUEUES}"
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
},
{
- "name": "HORNETQ_TOPICS",
- "value": "${HORNETQ_TOPICS}"
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
},
{
"name": "JGROUPS_ENCRYPT_SECRET",
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap70-third-party-db-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap70-third-party-db-s2i.json
index 9e854d7ab..3ca69f6c7 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap70-third-party-db-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap70-third-party-db-s2i.json
@@ -3,17 +3,21 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "iconClass": "icon-jboss",
- "description": "Application template for EAP 7 DB applications built using S2I. Includes support for installing third-party DB drivers.",
- "tags": "eap,javaee,java,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss EAP 7.0 (with https, supporting third-party DB drivers)"
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 7.0 (with https, DB drivers)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 7 DB application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 7.0 based application, including a build configuration, application deployment configuration, using third-party DB drivers and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
},
"name": "eap70-third-party-db-s2i"
},
"labels": {
"template": "eap70-third-party-db-s2i",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
"message": "A new EAP 7 based application with SSL support has been created in your project. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets:\"${CONFIGURATION_NAME}\" containing the datasource configuration details required by the deployed application(s); \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
@@ -70,7 +74,7 @@
"displayName": "Drivers ImageStreamTag",
"description": "ImageStreamTag definition for the image containing the drivers and configuration, e.g. jboss-datavirt63-openshift:1.0-driver",
"name": "EXTENSIONS_IMAGE",
- "value": "jboss-datavirt63-driver-openshift:1.0",
+ "value": "jboss-datavirt63-driver-openshift:1.1",
"required": true
},
{
@@ -387,7 +391,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.5"
+ "name": "jboss-eap70-openshift:1.6"
}
}
},
@@ -498,17 +502,6 @@
"readOnly": true
}
],
- "lifecycle": {
- "preStop": {
- "exec": {
- "command": [
- "/opt/eap/bin/jboss-cli.sh",
- "-c",
- ":shutdown(timeout=60)"
- ]
- }
- }
- },
"livenessProbe": {
"exec": {
"command": [
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap71-amq-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap71-amq-persistent-s2i.json
index 4917dbe23..dbc1a8013 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap71-amq-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap71-amq-persistent-s2i.json
@@ -3,17 +3,21 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "description": "Application template for EAP 7 A-MQ applications with persistent storage built using S2I.",
- "iconClass": "icon-jboss",
- "tags": "eap,javaee,java,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss EAP 7.1 + A-MQ (Persistent with https)"
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 7.1 + A-MQ (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 7 A-MQ application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 7.1 based application, including a build configuration, application deployment configuration, using Red Hat JBoss A-MQ with persistence and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
},
"name": "eap71-amq-persistent-s2i"
},
"labels": {
"template": "eap71-amq-persistent-s2i",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
"message": "A new EAP 7 and A-MQ persistent based application with SSL support has been created in your project. The username/password for accessing the A-MQ service is ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
@@ -423,7 +427,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap71-openshift:1.0-TP"
+ "name": "jboss-eap71-openshift:TP"
}
}
},
@@ -700,7 +704,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.4"
+ "name": "jboss-amq-62:1.6"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap71-amq-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap71-amq-s2i.json
index 8344be836..6e330eae9 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap71-amq-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap71-amq-s2i.json
@@ -3,17 +3,21 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "description": "Application template for EAP 7 A-MQ applications built using S2I.",
- "iconClass": "icon-jboss",
- "tags": "eap,javaee,java,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss EAP 7.1 + A-MQ (with https)"
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,xpaas,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 7.1 + A-MQ (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 7 A-MQ application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 7.1 based application, including a build configuration, application deployment configuration, using Red Hat JBoss A-MQ and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
},
"name": "eap71-amq-s2i"
},
"labels": {
"template": "eap71-amq-s2i",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
"message": "A new EAP 7 and A-MQ based application with SSL support has been created in your project. The username/password for accessing the A-MQ service is ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
@@ -409,7 +413,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap71-openshift:1.0-TP"
+ "name": "jboss-eap71-openshift:TP"
}
}
},
@@ -683,7 +687,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.4"
+ "name": "jboss-amq-62:1.6"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap71-basic-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap71-basic-s2i.json
index 751bc5650..892ec468c 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap71-basic-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap71-basic-s2i.json
@@ -3,17 +3,21 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "iconClass": "icon-jboss",
- "description": "Application template for EAP 7 applications built using S2I.",
- "tags": "eap,javaee,java,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss EAP 7.1 (no https)"
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 7.1 (no https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 7 application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 7.1 based application, including a build configuration, application deployment configuration and insecure communication using http.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
},
"name": "eap71-basic-s2i"
},
"labels": {
"template": "eap71-basic-s2i",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
"message": "A new EAP 7 based application has been created in your project.",
"parameters": [
@@ -216,7 +220,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap71-openshift:1.0-TP"
+ "name": "jboss-eap71-openshift:TP"
}
}
},
@@ -299,17 +303,6 @@
"name": "${APPLICATION_NAME}",
"image": "${APPLICATION_NAME}",
"imagePullPolicy": "Always",
- "lifecycle": {
- "preStop": {
- "exec": {
- "command": [
- "/opt/eap/bin/jboss-cli.sh",
- "-c",
- ":shutdown(timeout=60)"
- ]
- }
- }
- },
"livenessProbe": {
"exec": {
"command": [
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap71-https-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap71-https-s2i.json
index 06ae63685..7426830ec 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap71-https-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap71-https-s2i.json
@@ -3,17 +3,21 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "iconClass": "icon-jboss",
- "description": "Application template for EAP 7 applications built using S2I.",
- "tags": "eap,javaee,java,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss EAP 7.1 (with https)"
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 7.1 (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 7 application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 7.1 based application, including a build configuration, application deployment configuration and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
},
"name": "eap71-https-s2i"
},
"labels": {
"template": "eap71-https-s2i",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
"message": "A new EAP 7 based application with SSL support has been created in your project. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
@@ -340,7 +344,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap71-openshift:1.0-TP"
+ "name": "jboss-eap71-openshift:TP"
}
}
},
@@ -436,17 +440,6 @@
"readOnly": true
}
],
- "lifecycle": {
- "preStop": {
- "exec": {
- "command": [
- "/opt/eap/bin/jboss-cli.sh",
- "-c",
- ":shutdown(timeout=60)"
- ]
- }
- }
- },
"livenessProbe": {
"exec": {
"command": [
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap71-mongodb-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap71-mongodb-persistent-s2i.json
index 8f10754ce..fb7f27acf 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap71-mongodb-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap71-mongodb-persistent-s2i.json
@@ -3,17 +3,21 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "description": "Application template for EAP 7 MongoDB applications with persistent storage built using S2I.",
- "iconClass": "icon-jboss",
- "tags": "eap,javaee,java,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss EAP 7.1 + MongoDB (Persistent with https)"
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 7.1 + MongoDB (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 7 application with a MongoDB database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 7.1 based application, including a build configuration, application deployment configuration, database deployment configuration for MongoDB using persistence and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
},
"name": "eap71-mongodb-persistent-s2i"
},
"labels": {
"template": "eap71-mongodb-persistent-s2i",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
"message": "A new EAP 7 and MongoDB persistent based application with SSL support has been created in your project. The username/password for accessing the MongoDB database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
@@ -454,7 +458,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap71-openshift:1.0-TP"
+ "name": "jboss-eap71-openshift:TP"
}
}
},
@@ -550,17 +554,6 @@
"readOnly": true
}
],
- "lifecycle": {
- "preStop": {
- "exec": {
- "command": [
- "/opt/eap/bin/jboss-cli.sh",
- "-c",
- ":shutdown(timeout=60)"
- ]
- }
- }
- },
"livenessProbe": {
"exec": {
"command": [
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap71-mongodb-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap71-mongodb-s2i.json
index a1d0ac4b4..915c9ba0a 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap71-mongodb-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap71-mongodb-s2i.json
@@ -3,17 +3,21 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "description": "Application template for EAP 7 MongoDB applications built using S2I.",
- "iconClass": "icon-jboss",
- "tags": "eap,javaee,java,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss EAP 7.1 + MongoDB (Ephemeral with https)"
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 7.1 + MongoDB (Ephemeral with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 7 application with a MongoDB database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 7.1 based application, including a build configuration, application deployment configuration, database deployment configuration for MongoDB using ephemeral (temporary) storage and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
},
"name": "eap71-mongodb-s2i"
},
"labels": {
"template": "eap71-mongodb-s2i",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
"message": "A new EAP 7 and MongoDB based application with SSL support has been created in your project. The username/password for accessing the MongoDB database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
@@ -447,7 +451,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap71-openshift:1.0-TP"
+ "name": "jboss-eap71-openshift:TP"
}
}
},
@@ -543,17 +547,6 @@
"readOnly": true
}
],
- "lifecycle": {
- "preStop": {
- "exec": {
- "command": [
- "/opt/eap/bin/jboss-cli.sh",
- "-c",
- ":shutdown(timeout=60)"
- ]
- }
- }
- },
"livenessProbe": {
"exec": {
"command": [
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap71-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap71-mysql-persistent-s2i.json
index 6faabd01e..6af9e5f50 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap71-mysql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap71-mysql-persistent-s2i.json
@@ -3,17 +3,21 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "description": "Application template for EAP 7 MySQL applications with persistent storage built using S2I.",
- "iconClass": "icon-jboss",
- "tags": "eap,javaee,java,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss EAP 7.1 + MySQL (Persistent with https)"
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 7.1 + MySQL (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 7 application with a MySQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 7.1 based application, including a build configuration, application deployment configuration, database deployment configuration for MySQL using persistence and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
},
"name": "eap71-mysql-persistent-s2i"
},
"labels": {
"template": "eap71-mysql-persistent-s2i",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
"message": "A new EAP 7 and MySQL persistent based application with SSL support has been created in your project. The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
@@ -458,7 +462,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap71-openshift:1.0-TP"
+ "name": "jboss-eap71-openshift:TP"
}
}
},
@@ -554,17 +558,6 @@
"readOnly": true
}
],
- "lifecycle": {
- "preStop": {
- "exec": {
- "command": [
- "/opt/eap/bin/jboss-cli.sh",
- "-c",
- ":shutdown(timeout=60)"
- ]
- }
- }
- },
"livenessProbe": {
"exec": {
"command": [
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap71-mysql-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap71-mysql-s2i.json
index 9f1c260b3..c7d14d3c7 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap71-mysql-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap71-mysql-s2i.json
@@ -3,17 +3,21 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "description": "Application template for EAP 7 MySQL applications built using S2I.",
- "iconClass": "icon-jboss",
- "tags": "eap,javaee,java,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss EAP 7.1 + MySQL (Ephemeral with https)"
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 7.1 + MySQL (Ephemeral with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 7 application with a MySQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 7.1 based application, including a build configuration, application deployment configuration, database deployment configuration for MySQL using ephemeral (temporary) storage and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
},
"name": "eap71-mysql-s2i"
},
"labels": {
"template": "eap71-mysql-s2i",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
"message": "A new EAP 7 and MySQL based application with SSL support has been created in your project. The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
@@ -451,7 +455,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap71-openshift:1.0-TP"
+ "name": "jboss-eap71-openshift:TP"
}
}
},
@@ -547,17 +551,6 @@
"readOnly": true
}
],
- "lifecycle": {
- "preStop": {
- "exec": {
- "command": [
- "/opt/eap/bin/jboss-cli.sh",
- "-c",
- ":shutdown(timeout=60)"
- ]
- }
- }
- },
"livenessProbe": {
"exec": {
"command": [
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap71-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap71-postgresql-persistent-s2i.json
index 2aff9d795..a8d77b0ab 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap71-postgresql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap71-postgresql-persistent-s2i.json
@@ -3,17 +3,21 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "description": "Application template for EAP 7 PostgreSQL applications with persistent storage built using S2I.",
- "iconClass": "icon-jboss",
- "tags": "eap,javaee,java,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss EAP 7.1 + PostgreSQL (Persistent with https)"
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 7.1 + PostgreSQL (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 7 application with a PostgreSQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 7.1 based application, including a build configuration, application deployment configuration, database deployment configuration for PostgreSQL using persistence and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
},
"name": "eap71-postgresql-persistent-s2i"
},
"labels": {
"template": "eap71-postgresql-persistent-s2i",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
"message": "A new EAP 7 and PostgreSQL persistent based application with SSL support has been created in your project. The username/password for accessing the PostgreSQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
@@ -440,7 +444,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap71-openshift:1.0-TP"
+ "name": "jboss-eap71-openshift:TP"
}
}
},
@@ -536,17 +540,6 @@
"readOnly": true
}
],
- "lifecycle": {
- "preStop": {
- "exec": {
- "command": [
- "/opt/eap/bin/jboss-cli.sh",
- "-c",
- ":shutdown(timeout=60)"
- ]
- }
- }
- },
"livenessProbe": {
"exec": {
"command": [
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap71-postgresql-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap71-postgresql-s2i.json
index 5bb6aaffb..d87f05ea8 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap71-postgresql-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap71-postgresql-s2i.json
@@ -3,17 +3,21 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "description": "Application template for EAP 7 PostgreSQL applications built using S2I.",
- "iconClass": "icon-jboss",
- "tags": "eap,javaee,java,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss EAP 7.1 + PostgreSQL (Ephemeral with https)"
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 7.1 + PostgreSQL (Ephemeral with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 7 application with a PostgreSQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 7.1 based application, including a build configuration, application deployment configuration, database deployment configuration for PostgreSQL using ephemeral (temporary) storage and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
},
"name": "eap71-postgresql-s2i"
},
"labels": {
"template": "eap71-postgresql-s2i",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
"message": "A new EAP 7 and PostgreSQL based application with SSL support has been created in your project. The username/password for accessing the PostgreSQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
@@ -433,7 +437,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap71-openshift:1.0-TP"
+ "name": "jboss-eap71-openshift:TP"
}
}
},
@@ -529,17 +533,6 @@
"readOnly": true
}
],
- "lifecycle": {
- "preStop": {
- "exec": {
- "command": [
- "/opt/eap/bin/jboss-cli.sh",
- "-c",
- ":shutdown(timeout=60)"
- ]
- }
- }
- },
"livenessProbe": {
"exec": {
"command": [
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap71-sso-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap71-sso-s2i.json
index a7a347338..96b3dffc9 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap71-sso-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap71-sso-s2i.json
@@ -3,17 +3,21 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "iconClass": "icon-jboss",
- "description": "Application template for EAP 6 applications built using S2I, enabled for SSO.",
- "tags": "eap,javaee,java,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss EAP 7.1 + Single Sign-On (with https)"
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 7.1 + Single Sign-On (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 7 Single Sign-On application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 7.1 based application, including a build configuration, application deployment configuration and integrated with Red Hat Single Sign-On.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
},
"name": "eap71-sso-s2i"
},
"labels": {
"template": "eap71-sso-s2i",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
"message": "A new EAP 7 based application with SSL and SSO support has been created in your project. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
@@ -458,7 +462,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap71-openshift:1.0-TP"
+ "name": "jboss-eap71-openshift:TP"
},
"env": [
{
@@ -578,17 +582,6 @@
"readOnly": true
}
],
- "lifecycle": {
- "preStop": {
- "exec": {
- "command": [
- "/opt/eap/bin/jboss-cli.sh",
- "-c",
- ":shutdown(timeout=60)"
- ]
- }
- }
- },
"livenessProbe": {
"exec": {
"command": [
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap71-third-party-db-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap71-third-party-db-s2i.json
index 6dc63c75f..a2a7264fb 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap71-third-party-db-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/eap71-third-party-db-s2i.json
@@ -3,17 +3,21 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "iconClass": "icon-jboss",
- "description": "Application template for EAP 7 DB applications built using S2I. Includes support for installing third-party DB drivers.",
- "tags": "eap,javaee,java,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss EAP 7.1 (with https, supporting third-party DB drivers)"
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 7.1 (with https, DB drivers)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 7 DB application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 7.1 based application, including a build configuration, application deployment configuration, using third-party DB drivers and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
},
"name": "eap71-third-party-db-s2i"
},
"labels": {
"template": "eap71-third-party-db-s2i",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
"message": "A new EAP 7 based application with SSL support has been created in your project. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets:\"${CONFIGURATION_NAME}\" containing the datasource configuration details required by the deployed application(s); \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
@@ -70,7 +74,7 @@
"displayName": "Drivers ImageStreamTag",
"description": "ImageStreamTag definition for the image containing the drivers and configuration, e.g. jboss-datavirt63-openshift:1.0-driver",
"name": "EXTENSIONS_IMAGE",
- "value": "jboss-datavirt63-driver-openshift:1.0",
+ "value": "jboss-datavirt63-driver-openshift:1.1",
"required": true
},
{
@@ -387,7 +391,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap71-openshift:1.0-TP"
+ "name": "jboss-eap71-openshift:TP"
}
}
},
@@ -498,17 +502,6 @@
"readOnly": true
}
],
- "lifecycle": {
- "preStop": {
- "exec": {
- "command": [
- "/opt/eap/bin/jboss-cli.sh",
- "-c",
- ":shutdown(timeout=60)"
- ]
- }
- }
- },
"livenessProbe": {
"exec": {
"command": [
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws30-tomcat7-basic-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws30-tomcat7-basic-s2i.json
deleted file mode 100644
index 4e42e0eca..000000000
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws30-tomcat7-basic-s2i.json
+++ /dev/null
@@ -1,319 +0,0 @@
-{
- "kind": "Template",
- "apiVersion": "v1",
- "metadata": {
- "annotations": {
- "iconClass": "icon-tomcat",
- "description": "Application template for JWS applications built using S2I.",
- "tags": "tomcat,tomcat7,java,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 7 (no https)"
- },
- "name": "jws30-tomcat7-basic-s2i"
- },
- "labels": {
- "template": "jws30-tomcat7-basic-s2i",
- "xpaas": "1.4.0"
- },
- "message": "A new JWS application for Tomcat 7 has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}.",
- "parameters": [
- {
- "displayName": "Application Name",
- "description": "The name for the application.",
- "name": "APPLICATION_NAME",
- "value": "jws-app",
- "required": true
- },
- {
- "displayName": "Custom http Route Hostname",
- "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
- "name": "HOSTNAME_HTTP",
- "value": "",
- "required": false
- },
- {
- "displayName": "Git Repository URL",
- "description": "Git source URI for application",
- "name": "SOURCE_REPOSITORY_URL",
- "value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
- "required": true
- },
- {
- "displayName": "Git Reference",
- "description": "Git branch/tag reference",
- "name": "SOURCE_REPOSITORY_REF",
- "value": "1.2",
- "required": false
- },
- {
- "displayName": "Context Directory",
- "description": "Path within Git project to build; empty for root project directory.",
- "name": "CONTEXT_DIR",
- "value": "tomcat-websocket-chat",
- "required": false
- },
- {
- "displayName": "JWS Admin Username",
- "description": "JWS Admin User",
- "name": "JWS_ADMIN_USERNAME",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "JWS Admin Password",
- "description": "JWS Admin Password",
- "name": "JWS_ADMIN_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Github Webhook Secret",
- "description": "GitHub trigger secret",
- "name": "GITHUB_WEBHOOK_SECRET",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Generic Webhook Secret",
- "description": "Generic build trigger secret",
- "name": "GENERIC_WEBHOOK_SECRET",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "ImageStream Namespace",
- "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
- "name": "IMAGE_STREAM_NAMESPACE",
- "value": "openshift",
- "required": true
- },
- {
- "displayName": "Maven mirror URL",
- "description": "Maven mirror to use for S2I builds",
- "name": "MAVEN_MIRROR_URL",
- "value": "",
- "required": false
- },
- {
- "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
- "name": "ARTIFACT_DIR",
- "value": "",
- "required": false
- }
- ],
- "objects": [
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 8080,
- "targetPort": 8080
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The web server's http port."
- }
- }
- },
- {
- "kind": "Route",
- "apiVersion": "v1",
- "id": "${APPLICATION_NAME}-http",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "Route for application's http service."
- }
- },
- "spec": {
- "host": "${HOSTNAME_HTTP}",
- "to": {
- "name": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "kind": "ImageStream",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "kind": "BuildConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "source": {
- "type": "Git",
- "git": {
- "uri": "${SOURCE_REPOSITORY_URL}",
- "ref": "${SOURCE_REPOSITORY_REF}"
- },
- "contextDir": "${CONTEXT_DIR}"
- },
- "strategy": {
- "type": "Source",
- "sourceStrategy": {
- "env": [
- {
- "name": "MAVEN_MIRROR_URL",
- "value": "${MAVEN_MIRROR_URL}"
- },
- {
- "name": "ARTIFACT_DIR",
- "value": "${ARTIFACT_DIR}"
- }
- ],
- "forcePull": true,
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat7-openshift:1.3"
- }
- }
- },
- "output": {
- "to": {
- "kind": "ImageStreamTag",
- "name": "${APPLICATION_NAME}:latest"
- }
- },
- "triggers": [
- {
- "type": "GitHub",
- "github": {
- "secret": "${GITHUB_WEBHOOK_SECRET}"
- }
- },
- {
- "type": "Generic",
- "generic": {
- "secret": "${GENERIC_WEBHOOK_SECRET}"
- }
- },
- {
- "type": "ImageChange",
- "imageChange": {}
- },
- {
- "type": "ConfigChange"
- }
- ]
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}"
- ],
- "from": {
- "kind": "ImageStreamTag",
- "name": "${APPLICATION_NAME}:latest"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}",
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "terminationGracePeriodSeconds": 60,
- "containers": [
- {
- "name": "${APPLICATION_NAME}",
- "image": "${APPLICATION_NAME}",
- "imagePullPolicy": "Always",
- "readinessProbe": {
- "exec": {
- "command": [
- "/bin/bash",
- "-c",
- "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
- ]
- }
- },
- "ports": [
- {
- "name": "jolokia",
- "containerPort": 8778,
- "protocol": "TCP"
- },
- {
- "name": "http",
- "containerPort": 8080,
- "protocol": "TCP"
- }
- ],
- "env": [
- {
- "name": "JWS_ADMIN_USERNAME",
- "value": "${JWS_ADMIN_USERNAME}"
- },
- {
- "name": "JWS_ADMIN_PASSWORD",
- "value": "${JWS_ADMIN_PASSWORD}"
- }
- ]
- }
- ]
- }
- }
- }
- }
- ]
-}
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws30-tomcat7-https-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws30-tomcat7-https-s2i.json
deleted file mode 100644
index f5fc2e581..000000000
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws30-tomcat7-https-s2i.json
+++ /dev/null
@@ -1,438 +0,0 @@
-{
- "kind": "Template",
- "apiVersion": "v1",
- "metadata": {
- "annotations": {
- "iconClass": "icon-tomcat",
- "description": "Application template for JWS applications built using S2I.",
- "tags": "tomcat,tomcat7,java,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 7 (with https)"
- },
- "name": "jws30-tomcat7-https-s2i"
- },
- "labels": {
- "template": "jws30-tomcat7-https-s2i",
- "xpaas": "1.4.0"
- },
- "message": "A new JWS application for Tomcat 7 has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
- "parameters": [
- {
- "displayName": "Application Name",
- "description": "The name for the application.",
- "name": "APPLICATION_NAME",
- "value": "jws-app",
- "required": true
- },
- {
- "displayName": "Custom http Route Hostname",
- "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
- "name": "HOSTNAME_HTTP",
- "value": "",
- "required": false
- },
- {
- "displayName": "Custom https Route Hostname",
- "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
- "name": "HOSTNAME_HTTPS",
- "value": "",
- "required": false
- },
- {
- "displayName": "Git Repository URL",
- "description": "Git source URI for application",
- "name": "SOURCE_REPOSITORY_URL",
- "value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
- "required": true
- },
- {
- "displayName": "Git Reference",
- "description": "Git branch/tag reference",
- "name": "SOURCE_REPOSITORY_REF",
- "value": "1.2",
- "required": false
- },
- {
- "displayName": "Context Directory",
- "description": "Path within Git project to build; empty for root project directory.",
- "name": "CONTEXT_DIR",
- "value": "tomcat-websocket-chat",
- "required": false
- },
- {
- "displayName": "Secret Name",
- "description": "The name of the secret containing the certificate files",
- "name": "JWS_HTTPS_SECRET",
- "value": "jws-app-secret",
- "required": true
- },
- {
- "displayName": "Certificate Name",
- "description": "The name of the certificate file within the secret",
- "name": "JWS_HTTPS_CERTIFICATE",
- "value": "server.crt",
- "required": false
- },
- {
- "displayName": "Certificate Key Name",
- "description": "The name of the certificate key file within the secret",
- "name": "JWS_HTTPS_CERTIFICATE_KEY",
- "value": "server.key",
- "required": false
- },
- {
- "displayName": "Certificate Password",
- "description": "The certificate password",
- "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
- "value": "",
- "required": false
- },
- {
- "displayName": "JWS Admin Username",
- "description": "JWS Admin User",
- "name": "JWS_ADMIN_USERNAME",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "JWS Admin Password",
- "description": "JWS Admin Password",
- "name": "JWS_ADMIN_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Github Webhook Secret",
- "description": "GitHub trigger secret",
- "name": "GITHUB_WEBHOOK_SECRET",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Generic Webhook Secret",
- "description": "Generic build trigger secret",
- "name": "GENERIC_WEBHOOK_SECRET",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "ImageStream Namespace",
- "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
- "name": "IMAGE_STREAM_NAMESPACE",
- "value": "openshift",
- "required": true
- },
- {
- "displayName": "Maven mirror URL",
- "description": "Maven mirror to use for S2I builds",
- "name": "MAVEN_MIRROR_URL",
- "value": "",
- "required": false
- },
- {
- "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
- "name": "ARTIFACT_DIR",
- "value": "",
- "required": false
- }
- ],
- "objects": [
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 8080,
- "targetPort": 8080
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The web server's http port."
- }
- }
- },
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 8443,
- "targetPort": 8443
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- }
- },
- "metadata": {
- "name": "secure-${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The web server's https port."
- }
- }
- },
- {
- "kind": "Route",
- "apiVersion": "v1",
- "id": "${APPLICATION_NAME}-http",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "Route for application's http service."
- }
- },
- "spec": {
- "host": "${HOSTNAME_HTTP}",
- "to": {
- "name": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "kind": "Route",
- "apiVersion": "v1",
- "id": "${APPLICATION_NAME}-https",
- "metadata": {
- "name": "secure-${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "Route for application's https service."
- }
- },
- "spec": {
- "host": "${HOSTNAME_HTTPS}",
- "to": {
- "name": "secure-${APPLICATION_NAME}"
- },
- "tls": {
- "termination": "passthrough"
- }
- }
- },
- {
- "kind": "ImageStream",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "kind": "BuildConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "source": {
- "type": "Git",
- "git": {
- "uri": "${SOURCE_REPOSITORY_URL}",
- "ref": "${SOURCE_REPOSITORY_REF}"
- },
- "contextDir": "${CONTEXT_DIR}"
- },
- "strategy": {
- "type": "Source",
- "sourceStrategy": {
- "env": [
- {
- "name": "MAVEN_MIRROR_URL",
- "value": "${MAVEN_MIRROR_URL}"
- },
- {
- "name": "ARTIFACT_DIR",
- "value": "${ARTIFACT_DIR}"
- }
- ],
- "forcePull": true,
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat7-openshift:1.3"
- }
- }
- },
- "output": {
- "to": {
- "kind": "ImageStreamTag",
- "name": "${APPLICATION_NAME}:latest"
- }
- },
- "triggers": [
- {
- "type": "GitHub",
- "github": {
- "secret": "${GITHUB_WEBHOOK_SECRET}"
- }
- },
- {
- "type": "Generic",
- "generic": {
- "secret": "${GENERIC_WEBHOOK_SECRET}"
- }
- },
- {
- "type": "ImageChange",
- "imageChange": {}
- },
- {
- "type": "ConfigChange"
- }
- ]
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}"
- ],
- "from": {
- "kind": "ImageStreamTag",
- "name": "${APPLICATION_NAME}:latest"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}",
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "serviceAccountName": "jws-service-account",
- "terminationGracePeriodSeconds": 60,
- "containers": [
- {
- "name": "${APPLICATION_NAME}",
- "image": "${APPLICATION_NAME}",
- "imagePullPolicy": "Always",
- "readinessProbe": {
- "exec": {
- "command": [
- "/bin/bash",
- "-c",
- "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
- ]
- }
- },
- "volumeMounts": [
- {
- "name": "jws-certificate-volume",
- "mountPath": "/etc/jws-secret-volume",
- "readOnly": true
- }
- ],
- "ports": [
- {
- "name": "jolokia",
- "containerPort": 8778,
- "protocol": "TCP"
- },
- {
- "name": "http",
- "containerPort": 8080,
- "protocol": "TCP"
- },
- {
- "name": "https",
- "containerPort": 8443,
- "protocol": "TCP"
- }
- ],
- "env": [
- {
- "name": "JWS_HTTPS_CERTIFICATE_DIR",
- "value": "/etc/jws-secret-volume"
- },
- {
- "name": "JWS_HTTPS_CERTIFICATE",
- "value": "${JWS_HTTPS_CERTIFICATE}"
- },
- {
- "name": "JWS_HTTPS_CERTIFICATE_KEY",
- "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
- },
- {
- "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
- "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
- },
- {
- "name": "JWS_ADMIN_USERNAME",
- "value": "${JWS_ADMIN_USERNAME}"
- },
- {
- "name": "JWS_ADMIN_PASSWORD",
- "value": "${JWS_ADMIN_PASSWORD}"
- }
- ]
- }
- ],
- "volumes": [
- {
- "name": "jws-certificate-volume",
- "secret": {
- "secretName": "${JWS_HTTPS_SECRET}"
- }
- }
- ]
- }
- }
- }
- }
- ]
-}
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws30-tomcat7-mongodb-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws30-tomcat7-mongodb-persistent-s2i.json
deleted file mode 100644
index 2a73a182c..000000000
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws30-tomcat7-mongodb-persistent-s2i.json
+++ /dev/null
@@ -1,715 +0,0 @@
-{
- "kind": "Template",
- "apiVersion": "v1",
- "metadata": {
- "annotations": {
- "iconClass": "icon-tomcat",
- "description": "Application template for JWS MongoDB applications with persistent storage built using S2I.",
- "tags": "tomcat,tomcat7,java,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 7 + MongoDB (Persistent with https)"
- },
- "name": "jws30-tomcat7-mongodb-persistent-s2i"
- },
- "labels": {
- "template": "jws30-tomcat7-mongodb-persistent-s2i",
- "xpaas": "1.4.0"
- },
- "message": "A new persistent JWS application for Tomcat 7 (using MongoDB) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MongoDB database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
- "parameters": [
- {
- "displayName": "Application Name",
- "description": "The name for the application.",
- "name": "APPLICATION_NAME",
- "value": "jws-app",
- "required": true
- },
- {
- "displayName": "Custom http Route Hostname",
- "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
- "name": "HOSTNAME_HTTP",
- "value": "",
- "required": false
- },
- {
- "displayName": "Custom https Route Hostname",
- "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
- "name": "HOSTNAME_HTTPS",
- "value": "",
- "required": false
- },
- {
- "displayName": "Git Repository URL",
- "description": "Git source URI for application",
- "name": "SOURCE_REPOSITORY_URL",
- "value": "https://github.com/jboss-openshift/openshift-quickstarts",
- "required": true
- },
- {
- "displayName": "Git Reference",
- "description": "Git branch/tag reference",
- "name": "SOURCE_REPOSITORY_REF",
- "value": "1.2",
- "required": false
- },
- {
- "displayName": "Context Directory",
- "description": "Path within Git project to build; empty for root project directory.",
- "name": "CONTEXT_DIR",
- "value": "todolist/todolist-mongodb",
- "required": false
- },
- {
- "displayName": "Database JNDI Name",
- "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
- "name": "DB_JNDI",
- "value": "",
- "required": false
- },
- {
- "displayName": "Database Name",
- "description": "Database name",
- "name": "DB_DATABASE",
- "value": "root",
- "required": true
- },
- {
- "displayName": "Database Volume Capacity",
- "description": "Size of persistent storage for database volume.",
- "name": "VOLUME_CAPACITY",
- "value": "512Mi",
- "required": true
- },
- {
- "displayName": "Secret Name",
- "description": "The name of the secret containing the certificate files",
- "name": "JWS_HTTPS_SECRET",
- "value": "jws-app-secret",
- "required": true
- },
- {
- "displayName": "Certificate Name",
- "description": "The name of the certificate file within the secret",
- "name": "JWS_HTTPS_CERTIFICATE",
- "value": "server.crt",
- "required": false
- },
- {
- "displayName": "Certificate Key Name",
- "description": "The name of the certificate key file within the secret",
- "name": "JWS_HTTPS_CERTIFICATE_KEY",
- "value": "server.key",
- "required": false
- },
- {
- "displayName": "Certificate Password",
- "description": "The certificate password",
- "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
- "value": "",
- "required": false
- },
- {
- "displayName": "Datasource Minimum Pool Size",
- "description": "Sets xa-pool/min-pool-size for the configured datasource.",
- "name": "DB_MIN_POOL_SIZE",
- "required": false
- },
- {
- "displayName": "Datasource Maximum Pool Size",
- "description": "Sets xa-pool/max-pool-size for the configured datasource.",
- "name": "DB_MAX_POOL_SIZE",
- "required": false
- },
- {
- "displayName": "Datasource Transaction Isolation",
- "description": "Sets transaction-isolation for the configured datasource.",
- "name": "DB_TX_ISOLATION",
- "required": false
- },
- {
- "displayName": "MongoDB No Preallocation",
- "description": "Disable data file preallocation.",
- "name": "MONGODB_NOPREALLOC",
- "required": false
- },
- {
- "displayName": "MongoDB Small Files",
- "description": "Set MongoDB to use a smaller default data file size.",
- "name": "MONGODB_SMALLFILES",
- "required": false
- },
- {
- "displayName": "MongoDB Quiet",
- "description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
- "name": "MONGODB_QUIET",
- "required": false
- },
- {
- "displayName": "Database Username",
- "description": "Database user name",
- "name": "DB_USERNAME",
- "from": "user[a-zA-Z0-9]{3}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Database Password",
- "description": "Database user password",
- "name": "DB_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Database admin password",
- "description": "Database admin password",
- "name": "DB_ADMIN_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "JWS Admin Username",
- "description": "JWS Admin User",
- "name": "JWS_ADMIN_USERNAME",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "JWS Admin Password",
- "description": "JWS Admin Password",
- "name": "JWS_ADMIN_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Github Webhook Secret",
- "description": "GitHub trigger secret",
- "name": "GITHUB_WEBHOOK_SECRET",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Generic Webhook Secret",
- "description": "Generic build trigger secret",
- "name": "GENERIC_WEBHOOK_SECRET",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "ImageStream Namespace",
- "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
- "name": "IMAGE_STREAM_NAMESPACE",
- "value": "openshift",
- "required": true
- },
- {
- "displayName": "Maven mirror URL",
- "description": "Maven mirror to use for S2I builds",
- "name": "MAVEN_MIRROR_URL",
- "value": "",
- "required": false
- },
- {
- "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
- "name": "ARTIFACT_DIR",
- "value": "",
- "required": false
- },
- {
- "displayName": "MongoDB Image Stream Tag",
- "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
- "name": "MONGODB_IMAGE_STREAM_TAG",
- "value": "3.2",
- "required": true
- }
- ],
- "objects": [
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 8080,
- "targetPort": 8080
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The web server's http port.",
- "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
- }
- }
- },
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 8443,
- "targetPort": 8443
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- }
- },
- "metadata": {
- "name": "secure-${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The web server's https port.",
- "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
- }
- }
- },
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 27017,
- "targetPort": 27017
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}-mongodb"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}-mongodb",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The database server's port."
- }
- }
- },
- {
- "kind": "Route",
- "apiVersion": "v1",
- "id": "${APPLICATION_NAME}-http",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "Route for application's http service."
- }
- },
- "spec": {
- "host": "${HOSTNAME_HTTP}",
- "to": {
- "name": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "kind": "Route",
- "apiVersion": "v1",
- "id": "${APPLICATION_NAME}-https",
- "metadata": {
- "name": "secure-${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "Route for application's https service."
- }
- },
- "spec": {
- "host": "${HOSTNAME_HTTPS}",
- "to": {
- "name": "secure-${APPLICATION_NAME}"
- },
- "tls": {
- "termination": "passthrough"
- }
- }
- },
- {
- "kind": "ImageStream",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "kind": "BuildConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "source": {
- "type": "Git",
- "git": {
- "uri": "${SOURCE_REPOSITORY_URL}",
- "ref": "${SOURCE_REPOSITORY_REF}"
- },
- "contextDir": "${CONTEXT_DIR}"
- },
- "strategy": {
- "type": "Source",
- "sourceStrategy": {
- "env": [
- {
- "name": "MAVEN_MIRROR_URL",
- "value": "${MAVEN_MIRROR_URL}"
- },
- {
- "name": "ARTIFACT_DIR",
- "value": "${ARTIFACT_DIR}"
- }
- ],
- "forcePull": true,
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat7-openshift:1.3"
- }
- }
- },
- "output": {
- "to": {
- "kind": "ImageStreamTag",
- "name": "${APPLICATION_NAME}:latest"
- }
- },
- "triggers": [
- {
- "type": "GitHub",
- "github": {
- "secret": "${GITHUB_WEBHOOK_SECRET}"
- }
- },
- {
- "type": "Generic",
- "generic": {
- "secret": "${GENERIC_WEBHOOK_SECRET}"
- }
- },
- {
- "type": "ImageChange",
- "imageChange": {}
- },
- {
- "type": "ConfigChange"
- }
- ]
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}"
- ],
- "from": {
- "kind": "ImageStreamTag",
- "name": "${APPLICATION_NAME}:latest"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}",
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "serviceAccountName": "jws-service-account",
- "terminationGracePeriodSeconds": 60,
- "containers": [
- {
- "name": "${APPLICATION_NAME}",
- "image": "${APPLICATION_NAME}",
- "imagePullPolicy": "Always",
- "readinessProbe": {
- "exec": {
- "command": [
- "/bin/bash",
- "-c",
- "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
- ]
- }
- },
- "volumeMounts": [
- {
- "name": "jws-certificate-volume",
- "mountPath": "/etc/jws-secret-volume",
- "readOnly": true
- }
- ],
- "ports": [
- {
- "name": "jolokia",
- "containerPort": 8778,
- "protocol": "TCP"
- },
- {
- "name": "http",
- "containerPort": 8080,
- "protocol": "TCP"
- },
- {
- "name": "https",
- "containerPort": 8443,
- "protocol": "TCP"
- }
- ],
- "env": [
- {
- "name": "DB_SERVICE_PREFIX_MAPPING",
- "value": "${APPLICATION_NAME}-mongodb=DB"
- },
- {
- "name": "DB_JNDI",
- "value": "${DB_JNDI}"
- },
- {
- "name": "DB_USERNAME",
- "value": "${DB_USERNAME}"
- },
- {
- "name": "DB_PASSWORD",
- "value": "${DB_PASSWORD}"
- },
- {
- "name": "DB_DATABASE",
- "value": "${DB_DATABASE}"
- },
- {
- "name": "DB_ADMIN_PASSWORD",
- "value": "${DB_ADMIN_PASSWORD}"
- },
- {
- "name": "DB_MIN_POOL_SIZE",
- "value": "${DB_MIN_POOL_SIZE}"
- },
- {
- "name": "DB_MAX_POOL_SIZE",
- "value": "${DB_MAX_POOL_SIZE}"
- },
- {
- "name": "DB_TX_ISOLATION",
- "value": "${DB_TX_ISOLATION}"
- },
- {
- "name": "JWS_HTTPS_CERTIFICATE_DIR",
- "value": "/etc/jws-secret-volume"
- },
- {
- "name": "JWS_HTTPS_CERTIFICATE",
- "value": "${JWS_HTTPS_CERTIFICATE}"
- },
- {
- "name": "JWS_HTTPS_CERTIFICATE_KEY",
- "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
- },
- {
- "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
- "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
- },
- {
- "name": "JWS_ADMIN_USERNAME",
- "value": "${JWS_ADMIN_USERNAME}"
- },
- {
- "name": "JWS_ADMIN_PASSWORD",
- "value": "${JWS_ADMIN_PASSWORD}"
- }
- ]
- }
- ],
- "volumes": [
- {
- "name": "jws-certificate-volume",
- "secret": {
- "secretName": "${JWS_HTTPS_SECRET}"
- }
- }
- ]
- }
- }
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}-mongodb",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}-mongodb"
- ],
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}-mongodb"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}-mongodb",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}-mongodb",
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "terminationGracePeriodSeconds": 60,
- "containers": [
- {
- "name": "${APPLICATION_NAME}-mongodb",
- "image": "mongodb",
- "imagePullPolicy": "Always",
- "ports": [
- {
- "containerPort": 27017,
- "protocol": "TCP"
- }
- ],
- "volumeMounts": [
- {
- "mountPath": "/var/lib/mongodb/data",
- "name": "${APPLICATION_NAME}-mongodb-pvol"
- }
- ],
- "env": [
- {
- "name": "MONGODB_USER",
- "value": "${DB_USERNAME}"
- },
- {
- "name": "MONGODB_PASSWORD",
- "value": "${DB_PASSWORD}"
- },
- {
- "name": "MONGODB_DATABASE",
- "value": "${DB_DATABASE}"
- },
- {
- "name": "MONGODB_ADMIN_PASSWORD",
- "value": "${DB_ADMIN_PASSWORD}"
- },
- {
- "name": "MONGODB_NOPREALLOC",
- "value": "${MONGODB_NOPREALLOC}"
- },
- {
- "name": "MONGODB_SMALLFILES",
- "value": "${MONGODB_SMALLFILES}"
- },
- {
- "name": "MONGODB_QUIET",
- "value": "${MONGODB_QUIET}"
- }
- ]
- }
- ],
- "volumes": [
- {
- "name": "${APPLICATION_NAME}-mongodb-pvol",
- "persistentVolumeClaim": {
- "claimName": "${APPLICATION_NAME}-mongodb-claim"
- }
- }
- ]
- }
- }
- }
- },
- {
- "apiVersion": "v1",
- "kind": "PersistentVolumeClaim",
- "metadata": {
- "name": "${APPLICATION_NAME}-mongodb-claim",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "accessModes": [
- "ReadWriteOnce"
- ],
- "resources": {
- "requests": {
- "storage": "${VOLUME_CAPACITY}"
- }
- }
- }
- }
- ]
-}
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws30-tomcat7-mongodb-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws30-tomcat7-mongodb-s2i.json
deleted file mode 100644
index a71dfa634..000000000
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws30-tomcat7-mongodb-s2i.json
+++ /dev/null
@@ -1,674 +0,0 @@
-{
- "kind": "Template",
- "apiVersion": "v1",
- "metadata": {
- "annotations": {
- "iconClass": "icon-tomcat",
- "description": "Application template for JWS MongoDB applications built using S2I.",
- "tags": "tomcat,tomcat7,java,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 7 + MongoDB (Ephemeral with https)"
- },
- "name": "jws30-tomcat7-mongodb-s2i"
- },
- "labels": {
- "template": "jws30-tomcat7-mongodb-s2i",
- "xpaas": "1.4.0"
- },
- "message": "A new JWS application for Tomcat 7 (using MongoDB) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MongoDB database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
- "parameters": [
- {
- "displayName": "Application Name",
- "description": "The name for the application.",
- "name": "APPLICATION_NAME",
- "value": "jws-app",
- "required": true
- },
- {
- "displayName": "Custom http Route Hostname",
- "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
- "name": "HOSTNAME_HTTP",
- "value": "",
- "required": false
- },
- {
- "displayName": "Custom https Route Hostname",
- "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
- "name": "HOSTNAME_HTTPS",
- "value": "",
- "required": false
- },
- {
- "displayName": "Git Repository URL",
- "description": "Git source URI for application",
- "name": "SOURCE_REPOSITORY_URL",
- "value": "https://github.com/jboss-openshift/openshift-quickstarts",
- "required": true
- },
- {
- "displayName": "Git Reference",
- "description": "Git branch/tag reference",
- "name": "SOURCE_REPOSITORY_REF",
- "value": "1.2",
- "required": false
- },
- {
- "displayName": "Context Directory",
- "description": "Path within Git project to build; empty for root project directory.",
- "name": "CONTEXT_DIR",
- "value": "todolist/todolist-mongodb",
- "required": false
- },
- {
- "displayName": "Database JNDI Name",
- "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
- "name": "DB_JNDI",
- "value": "",
- "required": false
- },
- {
- "displayName": "Database Name",
- "description": "Database name",
- "name": "DB_DATABASE",
- "value": "root",
- "required": true
- },
- {
- "displayName": "Secret Name",
- "description": "The name of the secret containing the certificate files",
- "name": "JWS_HTTPS_SECRET",
- "value": "jws-app-secret",
- "required": true
- },
- {
- "displayName": "Certificate Name",
- "description": "The name of the certificate file within the secret",
- "name": "JWS_HTTPS_CERTIFICATE",
- "value": "server.crt",
- "required": false
- },
- {
- "displayName": "Certificate Key Name",
- "description": "The name of the certificate key file within the secret",
- "name": "JWS_HTTPS_CERTIFICATE_KEY",
- "value": "server.key",
- "required": false
- },
- {
- "displayName": "Certificate Password",
- "description": "The certificate password",
- "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
- "value": "",
- "required": false
- },
- {
- "displayName": "Datasource Minimum Pool Size",
- "description": "Sets xa-pool/min-pool-size for the configured datasource.",
- "name": "DB_MIN_POOL_SIZE",
- "required": false
- },
- {
- "displayName": "Datasource Maximum Pool Size",
- "description": "Sets xa-pool/max-pool-size for the configured datasource.",
- "name": "DB_MAX_POOL_SIZE",
- "required": false
- },
- {
- "displayName": "Datasource Transaction Isolation",
- "description": "Sets transaction-isolation for the configured datasource.",
- "name": "DB_TX_ISOLATION",
- "required": false
- },
- {
- "displayName": "MongoDB No Preallocation",
- "description": "Disable data file preallocation.",
- "name": "MONGODB_NOPREALLOC",
- "required": false
- },
- {
- "displayName": "MongoDB Small Files",
- "description": "Set MongoDB to use a smaller default data file size.",
- "name": "MONGODB_SMALLFILES",
- "required": false
- },
- {
- "displayName": "MongoDB Quiet",
- "description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
- "name": "MONGODB_QUIET",
- "required": false
- },
- {
- "displayName": "Database Username",
- "description": "Database user name",
- "name": "DB_USERNAME",
- "from": "user[a-zA-Z0-9]{3}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Database Password",
- "description": "Database user password",
- "name": "DB_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Database admin password",
- "description": "Database admin password",
- "name": "DB_ADMIN_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "JWS Admin Username",
- "description": "JWS Admin User",
- "name": "JWS_ADMIN_USERNAME",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "JWS Admin Password",
- "description": "JWS Admin Password",
- "name": "JWS_ADMIN_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Github Webhook Secret",
- "description": "GitHub trigger secret",
- "name": "GITHUB_WEBHOOK_SECRET",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Generic Webhook Secret",
- "description": "Generic build trigger secret",
- "name": "GENERIC_WEBHOOK_SECRET",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "ImageStream Namespace",
- "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
- "name": "IMAGE_STREAM_NAMESPACE",
- "value": "openshift",
- "required": true
- },
- {
- "displayName": "Maven mirror URL",
- "description": "Maven mirror to use for S2I builds",
- "name": "MAVEN_MIRROR_URL",
- "value": "",
- "required": false
- },
- {
- "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
- "name": "ARTIFACT_DIR",
- "value": "",
- "required": false
- },
- {
- "displayName": "MongoDB Image Stream Tag",
- "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
- "name": "MONGODB_IMAGE_STREAM_TAG",
- "value": "3.2",
- "required": true
- }
- ],
- "objects": [
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 8080,
- "targetPort": 8080
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The web server's http port.",
- "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
- }
- }
- },
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 8443,
- "targetPort": 8443
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- }
- },
- "metadata": {
- "name": "secure-${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The web server's https port.",
- "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
- }
- }
- },
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 27017,
- "targetPort": 27017
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}-mongodb"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}-mongodb",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The database server's port."
- }
- }
- },
- {
- "kind": "Route",
- "apiVersion": "v1",
- "id": "${APPLICATION_NAME}-http",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "Route for application's http service."
- }
- },
- "spec": {
- "host": "${HOSTNAME_HTTP}",
- "to": {
- "name": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "kind": "Route",
- "apiVersion": "v1",
- "id": "${APPLICATION_NAME}-https",
- "metadata": {
- "name": "secure-${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "Route for application's https service."
- }
- },
- "spec": {
- "host": "${HOSTNAME_HTTPS}",
- "to": {
- "name": "secure-${APPLICATION_NAME}"
- },
- "tls": {
- "termination": "passthrough"
- }
- }
- },
- {
- "kind": "ImageStream",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "kind": "BuildConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "source": {
- "type": "Git",
- "git": {
- "uri": "${SOURCE_REPOSITORY_URL}",
- "ref": "${SOURCE_REPOSITORY_REF}"
- },
- "contextDir": "${CONTEXT_DIR}"
- },
- "strategy": {
- "type": "Source",
- "sourceStrategy": {
- "env": [
- {
- "name": "MAVEN_MIRROR_URL",
- "value": "${MAVEN_MIRROR_URL}"
- },
- {
- "name": "ARTIFACT_DIR",
- "value": "${ARTIFACT_DIR}"
- }
- ],
- "forcePull": true,
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat7-openshift:1.3"
- }
- }
- },
- "output": {
- "to": {
- "kind": "ImageStreamTag",
- "name": "${APPLICATION_NAME}:latest"
- }
- },
- "triggers": [
- {
- "type": "GitHub",
- "github": {
- "secret": "${GITHUB_WEBHOOK_SECRET}"
- }
- },
- {
- "type": "Generic",
- "generic": {
- "secret": "${GENERIC_WEBHOOK_SECRET}"
- }
- },
- {
- "type": "ImageChange",
- "imageChange": {}
- },
- {
- "type": "ConfigChange"
- }
- ]
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}"
- ],
- "from": {
- "kind": "ImageStreamTag",
- "name": "${APPLICATION_NAME}:latest"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}",
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "serviceAccountName": "jws-service-account",
- "terminationGracePeriodSeconds": 60,
- "containers": [
- {
- "name": "${APPLICATION_NAME}",
- "image": "${APPLICATION_NAME}",
- "imagePullPolicy": "Always",
- "readinessProbe": {
- "exec": {
- "command": [
- "/bin/bash",
- "-c",
- "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
- ]
- }
- },
- "volumeMounts": [
- {
- "name": "jws-certificate-volume",
- "mountPath": "/etc/jws-secret-volume",
- "readOnly": true
- }
- ],
- "ports": [
- {
- "name": "jolokia",
- "containerPort": 8778,
- "protocol": "TCP"
- },
- {
- "name": "http",
- "containerPort": 8080,
- "protocol": "TCP"
- },
- {
- "name": "https",
- "containerPort": 8443,
- "protocol": "TCP"
- }
- ],
- "env": [
- {
- "name": "DB_SERVICE_PREFIX_MAPPING",
- "value": "${APPLICATION_NAME}-mongodb=DB"
- },
- {
- "name": "DB_JNDI",
- "value": "${DB_JNDI}"
- },
- {
- "name": "DB_USERNAME",
- "value": "${DB_USERNAME}"
- },
- {
- "name": "DB_PASSWORD",
- "value": "${DB_PASSWORD}"
- },
- {
- "name": "DB_DATABASE",
- "value": "${DB_DATABASE}"
- },
- {
- "name": "DB_ADMIN_PASSWORD",
- "value": "${DB_ADMIN_PASSWORD}"
- },
- {
- "name": "DB_MIN_POOL_SIZE",
- "value": "${DB_MIN_POOL_SIZE}"
- },
- {
- "name": "DB_MAX_POOL_SIZE",
- "value": "${DB_MAX_POOL_SIZE}"
- },
- {
- "name": "DB_TX_ISOLATION",
- "value": "${DB_TX_ISOLATION}"
- },
- {
- "name": "JWS_HTTPS_CERTIFICATE_DIR",
- "value": "/etc/jws-secret-volume"
- },
- {
- "name": "JWS_HTTPS_CERTIFICATE",
- "value": "${JWS_HTTPS_CERTIFICATE}"
- },
- {
- "name": "JWS_HTTPS_CERTIFICATE_KEY",
- "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
- },
- {
- "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
- "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
- },
- {
- "name": "JWS_ADMIN_USERNAME",
- "value": "${JWS_ADMIN_USERNAME}"
- },
- {
- "name": "JWS_ADMIN_PASSWORD",
- "value": "${JWS_ADMIN_PASSWORD}"
- }
- ]
- }
- ],
- "volumes": [
- {
- "name": "jws-certificate-volume",
- "secret": {
- "secretName": "${JWS_HTTPS_SECRET}"
- }
- }
- ]
- }
- }
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}-mongodb",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}-mongodb"
- ],
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}-mongodb"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}-mongodb",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}-mongodb",
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "terminationGracePeriodSeconds": 60,
- "containers": [
- {
- "name": "${APPLICATION_NAME}-mongodb",
- "image": "mongodb",
- "imagePullPolicy": "Always",
- "ports": [
- {
- "containerPort": 27017,
- "protocol": "TCP"
- }
- ],
- "env": [
- {
- "name": "MONGODB_USER",
- "value": "${DB_USERNAME}"
- },
- {
- "name": "MONGODB_PASSWORD",
- "value": "${DB_PASSWORD}"
- },
- {
- "name": "MONGODB_DATABASE",
- "value": "${DB_DATABASE}"
- },
- {
- "name": "MONGODB_ADMIN_PASSWORD",
- "value": "${DB_ADMIN_PASSWORD}"
- },
- {
- "name": "MONGODB_NOPREALLOC",
- "value": "${MONGODB_NOPREALLOC}"
- },
- {
- "name": "MONGODB_SMALLFILES",
- "value": "${MONGODB_SMALLFILES}"
- },
- {
- "name": "MONGODB_QUIET",
- "value": "${MONGODB_QUIET}"
- }
- ]
- }
- ]
- }
- }
- }
- }
- ]
-}
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws30-tomcat7-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws30-tomcat7-mysql-persistent-s2i.json
deleted file mode 100644
index 9a05dcbd5..000000000
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws30-tomcat7-mysql-persistent-s2i.json
+++ /dev/null
@@ -1,718 +0,0 @@
-{
- "kind": "Template",
- "apiVersion": "v1",
- "metadata": {
- "annotations": {
- "iconClass": "icon-tomcat",
- "description": "Application template for JWS MySQL applications with persistent storage built using S2I.",
- "tags": "tomcat,tomcat7,java,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 7 + MySQL (Persistent with https)"
- },
- "name": "jws30-tomcat7-mysql-persistent-s2i"
- },
- "labels": {
- "template": "jws30-tomcat7-mysql-persistent-s2i",
- "xpaas": "1.4.0"
- },
- "message": "A new persistent JWS application for Tomcat 7 (using MySQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
- "parameters": [
- {
- "displayName": "Application Name",
- "description": "The name for the application.",
- "name": "APPLICATION_NAME",
- "value": "jws-app",
- "required": true
- },
- {
- "displayName": "Custom http Route Hostname",
- "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
- "name": "HOSTNAME_HTTP",
- "value": "",
- "required": false
- },
- {
- "displayName": "Custom https Route Hostname",
- "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
- "name": "HOSTNAME_HTTPS",
- "value": "",
- "required": false
- },
- {
- "displayName": "Git Repository URL",
- "description": "Git source URI for application",
- "name": "SOURCE_REPOSITORY_URL",
- "value": "https://github.com/jboss-openshift/openshift-quickstarts",
- "required": true
- },
- {
- "displayName": "Git Reference",
- "description": "Git branch/tag reference",
- "name": "SOURCE_REPOSITORY_REF",
- "value": "1.2",
- "required": false
- },
- {
- "displayName": "Context Directory",
- "description": "Path within Git project to build; empty for root project directory.",
- "name": "CONTEXT_DIR",
- "value": "todolist/todolist-jdbc",
- "required": false
- },
- {
- "displayName": "Database JNDI Name",
- "description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/mysqlDS",
- "name": "DB_JNDI",
- "value": "jboss/datasources/defaultDS",
- "required": false
- },
- {
- "displayName": "Database Name",
- "description": "Database name",
- "name": "DB_DATABASE",
- "value": "root",
- "required": true
- },
- {
- "displayName": "Database Volume Capacity",
- "description": "Size of persistent storage for database volume.",
- "name": "VOLUME_CAPACITY",
- "value": "512Mi",
- "required": true
- },
- {
- "displayName": "Secret Name",
- "description": "The name of the secret containing the certificate files",
- "name": "JWS_HTTPS_SECRET",
- "value": "jws-app-secret",
- "required": true
- },
- {
- "displayName": "Certificate Name",
- "description": "The name of the certificate file within the secret",
- "name": "JWS_HTTPS_CERTIFICATE",
- "value": "server.crt",
- "required": false
- },
- {
- "displayName": "Certificate Key Name",
- "description": "The name of the certificate key file within the secret",
- "name": "JWS_HTTPS_CERTIFICATE_KEY",
- "value": "server.key",
- "required": false
- },
- {
- "displayName": "Certificate Password",
- "description": "The certificate password",
- "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
- "value": "",
- "required": false
- },
- {
- "displayName": "Datasource Minimum Pool Size",
- "description": "Sets xa-pool/min-pool-size for the configured datasource.",
- "name": "DB_MIN_POOL_SIZE",
- "required": false
- },
- {
- "displayName": "Datasource Maximum Pool Size",
- "description": "Sets xa-pool/max-pool-size for the configured datasource.",
- "name": "DB_MAX_POOL_SIZE",
- "required": false
- },
- {
- "displayName": "Datasource Transaction Isolation",
- "description": "Sets transaction-isolation for the configured datasource.",
- "name": "DB_TX_ISOLATION",
- "required": false
- },
- {
- "displayName": "MySQL Lower Case Table Names",
- "description": "Sets how the table names are stored and compared.",
- "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
- "required": false
- },
- {
- "displayName": "MySQL Maximum number of connections",
- "description": "The maximum permitted number of simultaneous client connections.",
- "name": "MYSQL_MAX_CONNECTIONS",
- "required": false
- },
- {
- "displayName": "MySQL FullText Minimum Word Length",
- "description": "The minimum length of the word to be included in a FULLTEXT index.",
- "name": "MYSQL_FT_MIN_WORD_LEN",
- "required": false
- },
- {
- "displayName": "MySQL FullText Maximum Word Length",
- "description": "The maximum length of the word to be included in a FULLTEXT index.",
- "name": "MYSQL_FT_MAX_WORD_LEN",
- "required": false
- },
- {
- "displayName": "MySQL AIO",
- "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
- "name": "MYSQL_AIO",
- "required": false
- },
- {
- "displayName": "Database Username",
- "description": "Database user name",
- "name": "DB_USERNAME",
- "from": "user[a-zA-Z0-9]{3}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Database Password",
- "description": "Database user password",
- "name": "DB_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "JWS Admin Username",
- "description": "JWS Admin User",
- "name": "JWS_ADMIN_USERNAME",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "JWS Admin Password",
- "description": "JWS Admin Password",
- "name": "JWS_ADMIN_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Github Webhook Secret",
- "description": "GitHub trigger secret",
- "name": "GITHUB_WEBHOOK_SECRET",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Generic Webhook Secret",
- "description": "Generic build trigger secret",
- "name": "GENERIC_WEBHOOK_SECRET",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "ImageStream Namespace",
- "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
- "name": "IMAGE_STREAM_NAMESPACE",
- "value": "openshift",
- "required": true
- },
- {
- "displayName": "Maven mirror URL",
- "description": "Maven mirror to use for S2I builds",
- "name": "MAVEN_MIRROR_URL",
- "value": "",
- "required": false
- },
- {
- "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
- "name": "ARTIFACT_DIR",
- "value": "",
- "required": false
- },
- {
- "displayName": "MySQL Image Stream Tag",
- "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
- "name": "MYSQL_IMAGE_STREAM_TAG",
- "value": "5.7",
- "required": true
- }
- ],
- "objects": [
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 8080,
- "targetPort": 8080
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The web server's http port.",
- "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
- }
- }
- },
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 8443,
- "targetPort": 8443
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- }
- },
- "metadata": {
- "name": "secure-${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The web server's https port.",
- "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
- }
- }
- },
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 3306,
- "targetPort": 3306
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}-mysql"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}-mysql",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The database server's port."
- }
- }
- },
- {
- "kind": "Route",
- "apiVersion": "v1",
- "id": "${APPLICATION_NAME}-http",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "Route for application's http service."
- }
- },
- "spec": {
- "host": "${HOSTNAME_HTTP}",
- "to": {
- "name": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "kind": "Route",
- "apiVersion": "v1",
- "id": "${APPLICATION_NAME}-https",
- "metadata": {
- "name": "secure-${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "Route for application's https service."
- }
- },
- "spec": {
- "host": "${HOSTNAME_HTTPS}",
- "to": {
- "name": "secure-${APPLICATION_NAME}"
- },
- "tls": {
- "termination": "passthrough"
- }
- }
- },
- {
- "kind": "ImageStream",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "kind": "BuildConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "source": {
- "type": "Git",
- "git": {
- "uri": "${SOURCE_REPOSITORY_URL}",
- "ref": "${SOURCE_REPOSITORY_REF}"
- },
- "contextDir": "${CONTEXT_DIR}"
- },
- "strategy": {
- "type": "Source",
- "sourceStrategy": {
- "env": [
- {
- "name": "MAVEN_MIRROR_URL",
- "value": "${MAVEN_MIRROR_URL}"
- },
- {
- "name": "ARTIFACT_DIR",
- "value": "${ARTIFACT_DIR}"
- }
- ],
- "forcePull": true,
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat7-openshift:1.3"
- }
- }
- },
- "output": {
- "to": {
- "kind": "ImageStreamTag",
- "name": "${APPLICATION_NAME}:latest"
- }
- },
- "triggers": [
- {
- "type": "GitHub",
- "github": {
- "secret": "${GITHUB_WEBHOOK_SECRET}"
- }
- },
- {
- "type": "Generic",
- "generic": {
- "secret": "${GENERIC_WEBHOOK_SECRET}"
- }
- },
- {
- "type": "ImageChange",
- "imageChange": {}
- },
- {
- "type": "ConfigChange"
- }
- ]
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}"
- ],
- "from": {
- "kind": "ImageStreamTag",
- "name": "${APPLICATION_NAME}:latest"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}",
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "serviceAccountName": "jws-service-account",
- "terminationGracePeriodSeconds": 60,
- "containers": [
- {
- "name": "${APPLICATION_NAME}",
- "image": "${APPLICATION_NAME}",
- "imagePullPolicy": "Always",
- "readinessProbe": {
- "exec": {
- "command": [
- "/bin/bash",
- "-c",
- "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
- ]
- }
- },
- "volumeMounts": [
- {
- "name": "jws-certificate-volume",
- "mountPath": "/etc/jws-secret-volume",
- "readOnly": true
- }
- ],
- "ports": [
- {
- "name": "jolokia",
- "containerPort": 8778,
- "protocol": "TCP"
- },
- {
- "name": "http",
- "containerPort": 8080,
- "protocol": "TCP"
- },
- {
- "name": "https",
- "containerPort": 8443,
- "protocol": "TCP"
- }
- ],
- "env": [
- {
- "name": "DB_SERVICE_PREFIX_MAPPING",
- "value": "${APPLICATION_NAME}-mysql=DB"
- },
- {
- "name": "DB_JNDI",
- "value": "${DB_JNDI}"
- },
- {
- "name": "DB_USERNAME",
- "value": "${DB_USERNAME}"
- },
- {
- "name": "DB_PASSWORD",
- "value": "${DB_PASSWORD}"
- },
- {
- "name": "DB_DATABASE",
- "value": "${DB_DATABASE}"
- },
- {
- "name": "DB_MIN_POOL_SIZE",
- "value": "${DB_MIN_POOL_SIZE}"
- },
- {
- "name": "DB_MAX_POOL_SIZE",
- "value": "${DB_MAX_POOL_SIZE}"
- },
- {
- "name": "DB_TX_ISOLATION",
- "value": "${DB_TX_ISOLATION}"
- },
- {
- "name": "JWS_HTTPS_CERTIFICATE_DIR",
- "value": "/etc/jws-secret-volume"
- },
- {
- "name": "JWS_HTTPS_CERTIFICATE",
- "value": "${JWS_HTTPS_CERTIFICATE}"
- },
- {
- "name": "JWS_HTTPS_CERTIFICATE_KEY",
- "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
- },
- {
- "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
- "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
- },
- {
- "name": "JWS_ADMIN_USERNAME",
- "value": "${JWS_ADMIN_USERNAME}"
- },
- {
- "name": "JWS_ADMIN_PASSWORD",
- "value": "${JWS_ADMIN_PASSWORD}"
- }
- ]
- }
- ],
- "volumes": [
- {
- "name": "jws-certificate-volume",
- "secret": {
- "secretName": "${JWS_HTTPS_SECRET}"
- }
- }
- ]
- }
- }
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}-mysql",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}-mysql"
- ],
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}-mysql"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}-mysql",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}-mysql",
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "terminationGracePeriodSeconds": 60,
- "containers": [
- {
- "name": "${APPLICATION_NAME}-mysql",
- "image": "mysql",
- "ports": [
- {
- "containerPort": 3306,
- "protocol": "TCP"
- }
- ],
- "volumeMounts": [
- {
- "mountPath": "/var/lib/mysql/data",
- "name": "${APPLICATION_NAME}-mysql-pvol"
- }
- ],
- "env": [
- {
- "name": "MYSQL_USER",
- "value": "${DB_USERNAME}"
- },
- {
- "name": "MYSQL_PASSWORD",
- "value": "${DB_PASSWORD}"
- },
- {
- "name": "MYSQL_DATABASE",
- "value": "${DB_DATABASE}"
- },
- {
- "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
- "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
- },
- {
- "name": "MYSQL_MAX_CONNECTIONS",
- "value": "${MYSQL_MAX_CONNECTIONS}"
- },
- {
- "name": "MYSQL_FT_MIN_WORD_LEN",
- "value": "${MYSQL_FT_MIN_WORD_LEN}"
- },
- {
- "name": "MYSQL_FT_MAX_WORD_LEN",
- "value": "${MYSQL_FT_MAX_WORD_LEN}"
- },
- {
- "name": "MYSQL_AIO",
- "value": "${MYSQL_AIO}"
- }
- ]
- }
- ],
- "volumes": [
- {
- "name": "${APPLICATION_NAME}-mysql-pvol",
- "persistentVolumeClaim": {
- "claimName": "${APPLICATION_NAME}-mysql-claim"
- }
- }
- ]
- }
- }
- }
- },
- {
- "apiVersion": "v1",
- "kind": "PersistentVolumeClaim",
- "metadata": {
- "name": "${APPLICATION_NAME}-mysql-claim",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "accessModes": [
- "ReadWriteOnce"
- ],
- "resources": {
- "requests": {
- "storage": "${VOLUME_CAPACITY}"
- }
- }
- }
- }
- ]
-}
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws30-tomcat7-mysql-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws30-tomcat7-mysql-s2i.json
deleted file mode 100644
index 553a30a44..000000000
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws30-tomcat7-mysql-s2i.json
+++ /dev/null
@@ -1,677 +0,0 @@
-{
- "kind": "Template",
- "apiVersion": "v1",
- "metadata": {
- "annotations": {
- "iconClass": "icon-tomcat",
- "description": "Application template for JWS MySQL applications built using S2I.",
- "tags": "tomcat,tomcat7,java,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 7 + MySQL (Ephemeral with https)"
- },
- "name": "jws30-tomcat7-mysql-s2i"
- },
- "labels": {
- "template": "jws30-tomcat7-mysql-s2i",
- "xpaas": "1.4.0"
- },
- "message": "A new JWS application for Tomcat 7 (using MySQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
- "parameters": [
- {
- "displayName": "Application Name",
- "description": "The name for the application.",
- "name": "APPLICATION_NAME",
- "value": "jws-app",
- "required": true
- },
- {
- "displayName": "Custom http Route Hostname",
- "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
- "name": "HOSTNAME_HTTP",
- "value": "",
- "required": false
- },
- {
- "displayName": "Custom https Route Hostname",
- "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
- "name": "HOSTNAME_HTTPS",
- "value": "",
- "required": false
- },
- {
- "displayName": "Git Repository URL",
- "description": "Git source URI for application",
- "name": "SOURCE_REPOSITORY_URL",
- "value": "https://github.com/jboss-openshift/openshift-quickstarts",
- "required": true
- },
- {
- "displayName": "Git Reference",
- "description": "Git branch/tag reference",
- "name": "SOURCE_REPOSITORY_REF",
- "value": "1.2",
- "required": false
- },
- {
- "displayName": "Context Directory",
- "description": "Path within Git project to build; empty for root project directory.",
- "name": "CONTEXT_DIR",
- "value": "todolist/todolist-jdbc",
- "required": false
- },
- {
- "displayName": "Database JNDI Name",
- "description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/mysqlDS",
- "name": "DB_JNDI",
- "value": "jboss/datasources/defaultDS",
- "required": false
- },
- {
- "displayName": "Database Name",
- "description": "Database name",
- "name": "DB_DATABASE",
- "value": "root",
- "required": true
- },
- {
- "displayName": "Secret Name",
- "description": "The name of the secret containing the certificate files",
- "name": "JWS_HTTPS_SECRET",
- "value": "jws-app-secret",
- "required": true
- },
- {
- "displayName": "Certificate Name",
- "description": "The name of the certificate file within the secret",
- "name": "JWS_HTTPS_CERTIFICATE",
- "value": "server.crt",
- "required": false
- },
- {
- "displayName": "Certificate Key Name",
- "description": "The name of the certificate key file within the secret",
- "name": "JWS_HTTPS_CERTIFICATE_KEY",
- "value": "server.key",
- "required": false
- },
- {
- "displayName": "Certificate Password",
- "description": "The certificate password",
- "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
- "value": "",
- "required": false
- },
- {
- "displayName": "Datasource Minimum Pool Size",
- "description": "Sets xa-pool/min-pool-size for the configured datasource.",
- "name": "DB_MIN_POOL_SIZE",
- "required": false
- },
- {
- "displayName": "Datasource Maximum Pool Size",
- "description": "Sets xa-pool/max-pool-size for the configured datasource.",
- "name": "DB_MAX_POOL_SIZE",
- "required": false
- },
- {
- "displayName": "Datasource Transaction Isolation",
- "description": "Sets transaction-isolation for the configured datasource.",
- "name": "DB_TX_ISOLATION",
- "required": false
- },
- {
- "displayName": "MySQL Lower Case Table Names",
- "description": "Sets how the table names are stored and compared.",
- "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
- "required": false
- },
- {
- "displayName": "MySQL Maximum number of connections",
- "description": "The maximum permitted number of simultaneous client connections.",
- "name": "MYSQL_MAX_CONNECTIONS",
- "required": false
- },
- {
- "displayName": "MySQL FullText Minimum Word Length",
- "description": "The minimum length of the word to be included in a FULLTEXT index.",
- "name": "MYSQL_FT_MIN_WORD_LEN",
- "required": false
- },
- {
- "displayName": "MySQL FullText Maximum Word Length",
- "description": "The maximum length of the word to be included in a FULLTEXT index.",
- "name": "MYSQL_FT_MAX_WORD_LEN",
- "required": false
- },
- {
- "displayName": "MySQL AIO",
- "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
- "name": "MYSQL_AIO",
- "required": false
- },
- {
- "displayName": "Database Username",
- "description": "Database user name",
- "name": "DB_USERNAME",
- "from": "user[a-zA-Z0-9]{3}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Database Password",
- "description": "Database user password",
- "name": "DB_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "JWS Admin Username",
- "description": "JWS Admin User",
- "name": "JWS_ADMIN_USERNAME",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "JWS Admin Password",
- "description": "JWS Admin Password",
- "name": "JWS_ADMIN_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Github Webhook Secret",
- "description": "GitHub trigger secret",
- "name": "GITHUB_WEBHOOK_SECRET",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Generic Webhook Secret",
- "description": "Generic build trigger secret",
- "name": "GENERIC_WEBHOOK_SECRET",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "ImageStream Namespace",
- "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
- "name": "IMAGE_STREAM_NAMESPACE",
- "value": "openshift",
- "required": true
- },
- {
- "displayName": "Maven mirror URL",
- "description": "Maven mirror to use for S2I builds",
- "name": "MAVEN_MIRROR_URL",
- "value": "",
- "required": false
- },
- {
- "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
- "name": "ARTIFACT_DIR",
- "value": "",
- "required": false
- },
- {
- "displayName": "MySQL Image Stream Tag",
- "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
- "name": "MYSQL_IMAGE_STREAM_TAG",
- "value": "5.7",
- "required": true
- }
- ],
- "objects": [
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 8080,
- "targetPort": 8080
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The web server's http port.",
- "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
- }
- }
- },
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 8443,
- "targetPort": 8443
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- }
- },
- "metadata": {
- "name": "secure-${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The web server's https port.",
- "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
- }
- }
- },
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 3306,
- "targetPort": 3306
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}-mysql"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}-mysql",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The database server's port."
- }
- }
- },
- {
- "kind": "Route",
- "apiVersion": "v1",
- "id": "${APPLICATION_NAME}-http",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "Route for application's http service."
- }
- },
- "spec": {
- "host": "${HOSTNAME_HTTP}",
- "to": {
- "name": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "kind": "Route",
- "apiVersion": "v1",
- "id": "${APPLICATION_NAME}-https",
- "metadata": {
- "name": "secure-${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "Route for application's https service."
- }
- },
- "spec": {
- "host": "${HOSTNAME_HTTPS}",
- "to": {
- "name": "secure-${APPLICATION_NAME}"
- },
- "tls": {
- "termination": "passthrough"
- }
- }
- },
- {
- "kind": "ImageStream",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "kind": "BuildConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "source": {
- "type": "Git",
- "git": {
- "uri": "${SOURCE_REPOSITORY_URL}",
- "ref": "${SOURCE_REPOSITORY_REF}"
- },
- "contextDir": "${CONTEXT_DIR}"
- },
- "strategy": {
- "type": "Source",
- "sourceStrategy": {
- "env": [
- {
- "name": "MAVEN_MIRROR_URL",
- "value": "${MAVEN_MIRROR_URL}"
- },
- {
- "name": "ARTIFACT_DIR",
- "value": "${ARTIFACT_DIR}"
- }
- ],
- "forcePull": true,
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat7-openshift:1.3"
- }
- }
- },
- "output": {
- "to": {
- "kind": "ImageStreamTag",
- "name": "${APPLICATION_NAME}:latest"
- }
- },
- "triggers": [
- {
- "type": "GitHub",
- "github": {
- "secret": "${GITHUB_WEBHOOK_SECRET}"
- }
- },
- {
- "type": "Generic",
- "generic": {
- "secret": "${GENERIC_WEBHOOK_SECRET}"
- }
- },
- {
- "type": "ImageChange",
- "imageChange": {}
- },
- {
- "type": "ConfigChange"
- }
- ]
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}"
- ],
- "from": {
- "kind": "ImageStreamTag",
- "name": "${APPLICATION_NAME}:latest"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}",
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "serviceAccountName": "jws-service-account",
- "terminationGracePeriodSeconds": 60,
- "containers": [
- {
- "name": "${APPLICATION_NAME}",
- "image": "${APPLICATION_NAME}",
- "imagePullPolicy": "Always",
- "readinessProbe": {
- "exec": {
- "command": [
- "/bin/bash",
- "-c",
- "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
- ]
- }
- },
- "volumeMounts": [
- {
- "name": "jws-certificate-volume",
- "mountPath": "/etc/jws-secret-volume",
- "readOnly": true
- }
- ],
- "ports": [
- {
- "name": "jolokia",
- "containerPort": 8778,
- "protocol": "TCP"
- },
- {
- "name": "http",
- "containerPort": 8080,
- "protocol": "TCP"
- },
- {
- "name": "https",
- "containerPort": 8443,
- "protocol": "TCP"
- }
- ],
- "env": [
- {
- "name": "DB_SERVICE_PREFIX_MAPPING",
- "value": "${APPLICATION_NAME}-mysql=DB"
- },
- {
- "name": "DB_JNDI",
- "value": "${DB_JNDI}"
- },
- {
- "name": "DB_USERNAME",
- "value": "${DB_USERNAME}"
- },
- {
- "name": "DB_PASSWORD",
- "value": "${DB_PASSWORD}"
- },
- {
- "name": "DB_DATABASE",
- "value": "${DB_DATABASE}"
- },
- {
- "name": "DB_MIN_POOL_SIZE",
- "value": "${DB_MIN_POOL_SIZE}"
- },
- {
- "name": "DB_MAX_POOL_SIZE",
- "value": "${DB_MAX_POOL_SIZE}"
- },
- {
- "name": "DB_TX_ISOLATION",
- "value": "${DB_TX_ISOLATION}"
- },
- {
- "name": "JWS_HTTPS_CERTIFICATE_DIR",
- "value": "/etc/jws-secret-volume"
- },
- {
- "name": "JWS_HTTPS_CERTIFICATE",
- "value": "${JWS_HTTPS_CERTIFICATE}"
- },
- {
- "name": "JWS_HTTPS_CERTIFICATE_KEY",
- "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
- },
- {
- "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
- "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
- },
- {
- "name": "JWS_ADMIN_USERNAME",
- "value": "${JWS_ADMIN_USERNAME}"
- },
- {
- "name": "JWS_ADMIN_PASSWORD",
- "value": "${JWS_ADMIN_PASSWORD}"
- }
- ]
- }
- ],
- "volumes": [
- {
- "name": "jws-certificate-volume",
- "secret": {
- "secretName": "${JWS_HTTPS_SECRET}"
- }
- }
- ]
- }
- }
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}-mysql",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}-mysql"
- ],
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}-mysql"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}-mysql",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}-mysql",
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "terminationGracePeriodSeconds": 60,
- "containers": [
- {
- "name": "${APPLICATION_NAME}-mysql",
- "image": "mysql",
- "ports": [
- {
- "containerPort": 3306,
- "protocol": "TCP"
- }
- ],
- "env": [
- {
- "name": "MYSQL_USER",
- "value": "${DB_USERNAME}"
- },
- {
- "name": "MYSQL_PASSWORD",
- "value": "${DB_PASSWORD}"
- },
- {
- "name": "MYSQL_DATABASE",
- "value": "${DB_DATABASE}"
- },
- {
- "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
- "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
- },
- {
- "name": "MYSQL_MAX_CONNECTIONS",
- "value": "${MYSQL_MAX_CONNECTIONS}"
- },
- {
- "name": "MYSQL_FT_MIN_WORD_LEN",
- "value": "${MYSQL_FT_MIN_WORD_LEN}"
- },
- {
- "name": "MYSQL_FT_MAX_WORD_LEN",
- "value": "${MYSQL_FT_MAX_WORD_LEN}"
- },
- {
- "name": "MYSQL_AIO",
- "value": "${MYSQL_AIO}"
- }
- ]
- }
- ]
- }
- }
- }
- }
- ]
-}
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws30-tomcat7-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws30-tomcat7-postgresql-persistent-s2i.json
deleted file mode 100644
index a5c6c8a56..000000000
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws30-tomcat7-postgresql-persistent-s2i.json
+++ /dev/null
@@ -1,692 +0,0 @@
-{
- "kind": "Template",
- "apiVersion": "v1",
- "metadata": {
- "annotations": {
- "iconClass": "icon-tomcat",
- "description": "Application template for JWS PostgreSQL applications with persistent storage built using S2I.",
- "tags": "tomcat,tomcat7,java,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 7 + PostgreSQL (Persistent with https)"
- },
- "name": "jws30-tomcat7-postgresql-persistent-s2i"
- },
- "labels": {
- "template": "jws30-tomcat7-postgresql-persistent-s2i",
- "xpaas": "1.4.0"
- },
- "message": "A new persistent JWS application for Tomcat 7 (using PostgreSQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the PostgreSQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
- "parameters": [
- {
- "displayName": "Application Name",
- "description": "The name for the application.",
- "name": "APPLICATION_NAME",
- "value": "jws-app",
- "required": true
- },
- {
- "displayName": "Custom http Route Hostname",
- "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
- "name": "HOSTNAME_HTTP",
- "value": "",
- "required": false
- },
- {
- "displayName": "Custom https Route Hostname",
- "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
- "name": "HOSTNAME_HTTPS",
- "value": "",
- "required": false
- },
- {
- "displayName": "Git Repository URL",
- "description": "Git source URI for application",
- "name": "SOURCE_REPOSITORY_URL",
- "value": "https://github.com/jboss-openshift/openshift-quickstarts",
- "required": true
- },
- {
- "displayName": "Git Reference",
- "description": "Git branch/tag reference",
- "name": "SOURCE_REPOSITORY_REF",
- "value": "1.2",
- "required": false
- },
- {
- "displayName": "Context Directory",
- "description": "Path within Git project to build; empty for root project directory.",
- "name": "CONTEXT_DIR",
- "value": "todolist/todolist-jdbc",
- "required": false
- },
- {
- "displayName": "Database JNDI Name",
- "description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/postgresqlDS",
- "name": "DB_JNDI",
- "value": "jboss/datasources/defaultDS",
- "required": false
- },
- {
- "displayName": "Database Name",
- "description": "Database name",
- "name": "DB_DATABASE",
- "value": "root",
- "required": true
- },
- {
- "displayName": "Database Volume Capacity",
- "description": "Size of persistent storage for database volume.",
- "name": "VOLUME_CAPACITY",
- "value": "512Mi",
- "required": true
- },
- {
- "displayName": "Secret Name",
- "description": "The name of the secret containing the certificate files",
- "name": "JWS_HTTPS_SECRET",
- "value": "jws-app-secret",
- "required": true
- },
- {
- "displayName": "Certificate Name",
- "description": "The name of the certificate file within the secret",
- "name": "JWS_HTTPS_CERTIFICATE",
- "value": "server.crt",
- "required": false
- },
- {
- "displayName": "Certificate Key Name",
- "description": "The name of the certificate key file within the secret",
- "name": "JWS_HTTPS_CERTIFICATE_KEY",
- "value": "server.key",
- "required": false
- },
- {
- "displayName": "Certificate Password",
- "description": "The certificate password",
- "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
- "value": "",
- "required": false
- },
- {
- "displayName": "Datasource Minimum Pool Size",
- "description": "Sets xa-pool/min-pool-size for the configured datasource.",
- "name": "DB_MIN_POOL_SIZE",
- "required": false
- },
- {
- "displayName": "Datasource Maximum Pool Size",
- "description": "Sets xa-pool/max-pool-size for the configured datasource.",
- "name": "DB_MAX_POOL_SIZE",
- "required": false
- },
- {
- "displayName": "Datasource Transaction Isolation",
- "description": "Sets transaction-isolation for the configured datasource.",
- "name": "DB_TX_ISOLATION",
- "required": false
- },
- {
- "displayName": "PostgreSQL Maximum number of connections",
- "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
- "name": "POSTGRESQL_MAX_CONNECTIONS",
- "required": false
- },
- {
- "displayName": "PostgreSQL Shared Buffers",
- "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
- "name": "POSTGRESQL_SHARED_BUFFERS",
- "required": false
- },
- {
- "displayName": "Database Username",
- "description": "Database user name",
- "name": "DB_USERNAME",
- "from": "user[a-zA-Z0-9]{3}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Database Password",
- "description": "Database user password",
- "name": "DB_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "JWS Admin Username",
- "description": "JWS Admin User",
- "name": "JWS_ADMIN_USERNAME",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "JWS Admin Password",
- "description": "JWS Admin Password",
- "name": "JWS_ADMIN_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Github Webhook Secret",
- "description": "GitHub trigger secret",
- "name": "GITHUB_WEBHOOK_SECRET",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Generic Webhook Secret",
- "description": "Generic build trigger secret",
- "name": "GENERIC_WEBHOOK_SECRET",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "ImageStream Namespace",
- "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
- "name": "IMAGE_STREAM_NAMESPACE",
- "value": "openshift",
- "required": true
- },
- {
- "displayName": "Maven mirror URL",
- "description": "Maven mirror to use for S2I builds",
- "name": "MAVEN_MIRROR_URL",
- "value": "",
- "required": false
- },
- {
- "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
- "name": "ARTIFACT_DIR",
- "value": "",
- "required": false
- },
- {
- "displayName": "PostgreSQL Image Stream Tag",
- "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
- "name": "POSTGRESQL_IMAGE_STREAM_TAG",
- "value": "9.5",
- "required": true
- }
- ],
- "objects": [
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 8080,
- "targetPort": 8080
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The web server's http port.",
- "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
- }
- }
- },
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 8443,
- "targetPort": 8443
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- }
- },
- "metadata": {
- "name": "secure-${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The web server's https port.",
- "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
- }
- }
- },
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 5432,
- "targetPort": 5432
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}-postgresql"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}-postgresql",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The database server's port."
- }
- }
- },
- {
- "kind": "Route",
- "apiVersion": "v1",
- "id": "${APPLICATION_NAME}-http",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "Route for application's http service."
- }
- },
- "spec": {
- "host": "${HOSTNAME_HTTP}",
- "to": {
- "name": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "kind": "Route",
- "apiVersion": "v1",
- "id": "${APPLICATION_NAME}-https",
- "metadata": {
- "name": "secure-${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "Route for application's https service."
- }
- },
- "spec": {
- "host": "${HOSTNAME_HTTPS}",
- "to": {
- "name": "secure-${APPLICATION_NAME}"
- },
- "tls": {
- "termination": "passthrough"
- }
- }
- },
- {
- "kind": "ImageStream",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "kind": "BuildConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "source": {
- "type": "Git",
- "git": {
- "uri": "${SOURCE_REPOSITORY_URL}",
- "ref": "${SOURCE_REPOSITORY_REF}"
- },
- "contextDir": "${CONTEXT_DIR}"
- },
- "strategy": {
- "type": "Source",
- "sourceStrategy": {
- "env": [
- {
- "name": "MAVEN_MIRROR_URL",
- "value": "${MAVEN_MIRROR_URL}"
- },
- {
- "name": "ARTIFACT_DIR",
- "value": "${ARTIFACT_DIR}"
- }
- ],
- "forcePull": true,
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat7-openshift:1.3"
- }
- }
- },
- "output": {
- "to": {
- "kind": "ImageStreamTag",
- "name": "${APPLICATION_NAME}:latest"
- }
- },
- "triggers": [
- {
- "type": "GitHub",
- "github": {
- "secret": "${GITHUB_WEBHOOK_SECRET}"
- }
- },
- {
- "type": "Generic",
- "generic": {
- "secret": "${GENERIC_WEBHOOK_SECRET}"
- }
- },
- {
- "type": "ImageChange",
- "imageChange": {}
- },
- {
- "type": "ConfigChange"
- }
- ]
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}"
- ],
- "from": {
- "kind": "ImageStreamTag",
- "name": "${APPLICATION_NAME}:latest"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}",
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "serviceAccountName": "jws-service-account",
- "terminationGracePeriodSeconds": 60,
- "containers": [
- {
- "name": "${APPLICATION_NAME}",
- "image": "${APPLICATION_NAME}",
- "imagePullPolicy": "Always",
- "readinessProbe": {
- "exec": {
- "command": [
- "/bin/bash",
- "-c",
- "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
- ]
- }
- },
- "volumeMounts": [
- {
- "name": "jws-certificate-volume",
- "mountPath": "/etc/jws-secret-volume",
- "readOnly": true
- }
- ],
- "ports": [
- {
- "name": "jolokia",
- "containerPort": 8778,
- "protocol": "TCP"
- },
- {
- "name": "http",
- "containerPort": 8080,
- "protocol": "TCP"
- },
- {
- "name": "https",
- "containerPort": 8443,
- "protocol": "TCP"
- }
- ],
- "env": [
- {
- "name": "DB_SERVICE_PREFIX_MAPPING",
- "value": "${APPLICATION_NAME}-postgresql=DB"
- },
- {
- "name": "DB_JNDI",
- "value": "${DB_JNDI}"
- },
- {
- "name": "DB_USERNAME",
- "value": "${DB_USERNAME}"
- },
- {
- "name": "DB_PASSWORD",
- "value": "${DB_PASSWORD}"
- },
- {
- "name": "DB_DATABASE",
- "value": "${DB_DATABASE}"
- },
- {
- "name": "DB_MIN_POOL_SIZE",
- "value": "${DB_MIN_POOL_SIZE}"
- },
- {
- "name": "DB_MAX_POOL_SIZE",
- "value": "${DB_MAX_POOL_SIZE}"
- },
- {
- "name": "DB_TX_ISOLATION",
- "value": "${DB_TX_ISOLATION}"
- },
- {
- "name": "JWS_HTTPS_CERTIFICATE_DIR",
- "value": "/etc/jws-secret-volume"
- },
- {
- "name": "JWS_HTTPS_CERTIFICATE",
- "value": "${JWS_HTTPS_CERTIFICATE}"
- },
- {
- "name": "JWS_HTTPS_CERTIFICATE_KEY",
- "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
- },
- {
- "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
- "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
- },
- {
- "name": "JWS_ADMIN_USERNAME",
- "value": "${JWS_ADMIN_USERNAME}"
- },
- {
- "name": "JWS_ADMIN_PASSWORD",
- "value": "${JWS_ADMIN_PASSWORD}"
- }
- ]
- }
- ],
- "volumes": [
- {
- "name": "jws-certificate-volume",
- "secret": {
- "secretName": "${JWS_HTTPS_SECRET}"
- }
- }
- ]
- }
- }
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}-postgresql",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}-postgresql"
- ],
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}-postgresql"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}-postgresql",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}-postgresql",
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "terminationGracePeriodSeconds": 60,
- "containers": [
- {
- "name": "${APPLICATION_NAME}-postgresql",
- "image": "postgresql",
- "ports": [
- {
- "containerPort": 5432,
- "protocol": "TCP"
- }
- ],
- "volumeMounts": [
- {
- "mountPath": "/var/lib/pgsql/data",
- "name": "${APPLICATION_NAME}-postgresql-pvol"
- }
- ],
- "env": [
- {
- "name": "POSTGRESQL_USER",
- "value": "${DB_USERNAME}"
- },
- {
- "name": "POSTGRESQL_PASSWORD",
- "value": "${DB_PASSWORD}"
- },
- {
- "name": "POSTGRESQL_DATABASE",
- "value": "${DB_DATABASE}"
- },
- {
- "name": "POSTGRESQL_MAX_CONNECTIONS",
- "value": "${POSTGRESQL_MAX_CONNECTIONS}"
- },
- {
- "name": "POSTGRESQL_MAX_PREPARED_TRANSACTIONS",
- "value": "${POSTGRESQL_MAX_CONNECTIONS}"
- },
- {
- "name": "POSTGRESQL_SHARED_BUFFERS",
- "value": "${POSTGRESQL_SHARED_BUFFERS}"
- }
- ]
- }
- ],
- "volumes": [
- {
- "name": "${APPLICATION_NAME}-postgresql-pvol",
- "persistentVolumeClaim": {
- "claimName": "${APPLICATION_NAME}-postgresql-claim"
- }
- }
- ]
- }
- }
- }
- },
- {
- "apiVersion": "v1",
- "kind": "PersistentVolumeClaim",
- "metadata": {
- "name": "${APPLICATION_NAME}-postgresql-claim",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "accessModes": [
- "ReadWriteOnce"
- ],
- "resources": {
- "requests": {
- "storage": "${VOLUME_CAPACITY}"
- }
- }
- }
- }
- ]
-}
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws30-tomcat7-postgresql-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws30-tomcat7-postgresql-s2i.json
deleted file mode 100644
index 61a3208e4..000000000
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws30-tomcat7-postgresql-s2i.json
+++ /dev/null
@@ -1,651 +0,0 @@
-{
- "kind": "Template",
- "apiVersion": "v1",
- "metadata": {
- "annotations": {
- "iconClass": "icon-tomcat",
- "description": "Application template for JWS PostgreSQL applications built using S2I.",
- "tags": "tomcat,tomcat7,java,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 7 + PostgreSQL (Ephemeral with https)"
- },
- "name": "jws30-tomcat7-postgresql-s2i"
- },
- "labels": {
- "template": "jws30-tomcat7-postgresql-s2i",
- "xpaas": "1.4.0"
- },
- "message": "A new JWS application for Tomcat 7 (using PostgreSQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the PostgreSQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
- "parameters": [
- {
- "displayName": "Application Name",
- "description": "The name for the application.",
- "name": "APPLICATION_NAME",
- "value": "jws-app",
- "required": true
- },
- {
- "displayName": "Custom http Route Hostname",
- "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
- "name": "HOSTNAME_HTTP",
- "value": "",
- "required": false
- },
- {
- "displayName": "Custom https Route Hostname",
- "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
- "name": "HOSTNAME_HTTPS",
- "value": "",
- "required": false
- },
- {
- "displayName": "Git Repository URL",
- "description": "Git source URI for application",
- "name": "SOURCE_REPOSITORY_URL",
- "value": "https://github.com/jboss-openshift/openshift-quickstarts",
- "required": true
- },
- {
- "displayName": "Git Reference",
- "description": "Git branch/tag reference",
- "name": "SOURCE_REPOSITORY_REF",
- "value": "1.2",
- "required": false
- },
- {
- "displayName": "Context Directory",
- "description": "Path within Git project to build; empty for root project directory.",
- "name": "CONTEXT_DIR",
- "value": "todolist/todolist-jdbc",
- "required": false
- },
- {
- "displayName": "Database JNDI Name",
- "description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/postgresqlDS",
- "name": "DB_JNDI",
- "value": "jboss/datasources/defaultDS",
- "required": false
- },
- {
- "displayName": "Database Name",
- "description": "Database name",
- "name": "DB_DATABASE",
- "value": "root",
- "required": true
- },
- {
- "displayName": "Secret Name",
- "description": "The name of the secret containing the certificate files",
- "name": "JWS_HTTPS_SECRET",
- "value": "jws-app-secret",
- "required": true
- },
- {
- "displayName": "Certificate Name",
- "description": "The name of the certificate file within the secret",
- "name": "JWS_HTTPS_CERTIFICATE",
- "value": "server.crt",
- "required": false
- },
- {
- "displayName": "Certificate Key Name",
- "description": "The name of the certificate key file within the secret",
- "name": "JWS_HTTPS_CERTIFICATE_KEY",
- "value": "server.key",
- "required": false
- },
- {
- "displayName": "Certificate Password",
- "description": "The certificate password",
- "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
- "value": "",
- "required": false
- },
- {
- "displayName": "Datasource Minimum Pool Size",
- "description": "Sets xa-pool/min-pool-size for the configured datasource.",
- "name": "DB_MIN_POOL_SIZE",
- "required": false
- },
- {
- "displayName": "Datasource Maximum Pool Size",
- "description": "Sets xa-pool/max-pool-size for the configured datasource.",
- "name": "DB_MAX_POOL_SIZE",
- "required": false
- },
- {
- "displayName": "Datasource Transaction Isolation",
- "description": "Sets transaction-isolation for the configured datasource.",
- "name": "DB_TX_ISOLATION",
- "required": false
- },
- {
- "displayName": "PostgreSQL Maximum number of connections",
- "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
- "name": "POSTGRESQL_MAX_CONNECTIONS",
- "required": false
- },
- {
- "displayName": "PostgreSQL Shared Buffers",
- "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
- "name": "POSTGRESQL_SHARED_BUFFERS",
- "required": false
- },
- {
- "displayName": "Database Username",
- "description": "Database user name",
- "name": "DB_USERNAME",
- "from": "user[a-zA-Z0-9]{3}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Database Password",
- "description": "Database user password",
- "name": "DB_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "JWS Admin Username",
- "description": "JWS Admin User",
- "name": "JWS_ADMIN_USERNAME",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "JWS Admin Password",
- "description": "JWS Admin Password",
- "name": "JWS_ADMIN_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Github Webhook Secret",
- "description": "GitHub trigger secret",
- "name": "GITHUB_WEBHOOK_SECRET",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Generic Webhook Secret",
- "description": "Generic build trigger secret",
- "name": "GENERIC_WEBHOOK_SECRET",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "ImageStream Namespace",
- "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
- "name": "IMAGE_STREAM_NAMESPACE",
- "value": "openshift",
- "required": true
- },
- {
- "displayName": "Maven mirror URL",
- "description": "Maven mirror to use for S2I builds",
- "name": "MAVEN_MIRROR_URL",
- "value": "",
- "required": false
- },
- {
- "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
- "name": "ARTIFACT_DIR",
- "value": "",
- "required": false
- },
- {
- "displayName": "PostgreSQL Image Stream Tag",
- "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
- "name": "POSTGRESQL_IMAGE_STREAM_TAG",
- "value": "9.5",
- "required": true
- }
- ],
- "objects": [
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 8080,
- "targetPort": 8080
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The web server's http port.",
- "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
- }
- }
- },
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 8443,
- "targetPort": 8443
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- }
- },
- "metadata": {
- "name": "secure-${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The web server's https port.",
- "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
- }
- }
- },
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 5432,
- "targetPort": 5432
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}-postgresql"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}-postgresql",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The database server's port."
- }
- }
- },
- {
- "kind": "Route",
- "apiVersion": "v1",
- "id": "${APPLICATION_NAME}-http",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "Route for application's http service."
- }
- },
- "spec": {
- "host": "${HOSTNAME_HTTP}",
- "to": {
- "name": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "kind": "Route",
- "apiVersion": "v1",
- "id": "${APPLICATION_NAME}-https",
- "metadata": {
- "name": "secure-${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "Route for application's https service."
- }
- },
- "spec": {
- "host": "${HOSTNAME_HTTPS}",
- "to": {
- "name": "secure-${APPLICATION_NAME}"
- },
- "tls": {
- "termination": "passthrough"
- }
- }
- },
- {
- "kind": "ImageStream",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "kind": "BuildConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "source": {
- "type": "Git",
- "git": {
- "uri": "${SOURCE_REPOSITORY_URL}",
- "ref": "${SOURCE_REPOSITORY_REF}"
- },
- "contextDir": "${CONTEXT_DIR}"
- },
- "strategy": {
- "type": "Source",
- "sourceStrategy": {
- "env": [
- {
- "name": "MAVEN_MIRROR_URL",
- "value": "${MAVEN_MIRROR_URL}"
- },
- {
- "name": "ARTIFACT_DIR",
- "value": "${ARTIFACT_DIR}"
- }
- ],
- "forcePull": true,
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat7-openshift:1.3"
- }
- }
- },
- "output": {
- "to": {
- "kind": "ImageStreamTag",
- "name": "${APPLICATION_NAME}:latest"
- }
- },
- "triggers": [
- {
- "type": "GitHub",
- "github": {
- "secret": "${GITHUB_WEBHOOK_SECRET}"
- }
- },
- {
- "type": "Generic",
- "generic": {
- "secret": "${GENERIC_WEBHOOK_SECRET}"
- }
- },
- {
- "type": "ImageChange",
- "imageChange": {}
- },
- {
- "type": "ConfigChange"
- }
- ]
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}"
- ],
- "from": {
- "kind": "ImageStreamTag",
- "name": "${APPLICATION_NAME}:latest"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}",
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "serviceAccountName": "jws-service-account",
- "terminationGracePeriodSeconds": 60,
- "containers": [
- {
- "name": "${APPLICATION_NAME}",
- "image": "${APPLICATION_NAME}",
- "imagePullPolicy": "Always",
- "readinessProbe": {
- "exec": {
- "command": [
- "/bin/bash",
- "-c",
- "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
- ]
- }
- },
- "volumeMounts": [
- {
- "name": "jws-certificate-volume",
- "mountPath": "/etc/jws-secret-volume",
- "readOnly": true
- }
- ],
- "ports": [
- {
- "name": "jolokia",
- "containerPort": 8778,
- "protocol": "TCP"
- },
- {
- "name": "http",
- "containerPort": 8080,
- "protocol": "TCP"
- },
- {
- "name": "https",
- "containerPort": 8443,
- "protocol": "TCP"
- }
- ],
- "env": [
- {
- "name": "DB_SERVICE_PREFIX_MAPPING",
- "value": "${APPLICATION_NAME}-postgresql=DB"
- },
- {
- "name": "DB_JNDI",
- "value": "${DB_JNDI}"
- },
- {
- "name": "DB_USERNAME",
- "value": "${DB_USERNAME}"
- },
- {
- "name": "DB_PASSWORD",
- "value": "${DB_PASSWORD}"
- },
- {
- "name": "DB_DATABASE",
- "value": "${DB_DATABASE}"
- },
- {
- "name": "DB_MIN_POOL_SIZE",
- "value": "${DB_MIN_POOL_SIZE}"
- },
- {
- "name": "DB_MAX_POOL_SIZE",
- "value": "${DB_MAX_POOL_SIZE}"
- },
- {
- "name": "DB_TX_ISOLATION",
- "value": "${DB_TX_ISOLATION}"
- },
- {
- "name": "JWS_HTTPS_CERTIFICATE_DIR",
- "value": "/etc/jws-secret-volume"
- },
- {
- "name": "JWS_HTTPS_CERTIFICATE",
- "value": "${JWS_HTTPS_CERTIFICATE}"
- },
- {
- "name": "JWS_HTTPS_CERTIFICATE_KEY",
- "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
- },
- {
- "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
- "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
- },
- {
- "name": "JWS_ADMIN_USERNAME",
- "value": "${JWS_ADMIN_USERNAME}"
- },
- {
- "name": "JWS_ADMIN_PASSWORD",
- "value": "${JWS_ADMIN_PASSWORD}"
- }
- ]
- }
- ],
- "volumes": [
- {
- "name": "jws-certificate-volume",
- "secret": {
- "secretName": "${JWS_HTTPS_SECRET}"
- }
- }
- ]
- }
- }
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}-postgresql",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}-postgresql"
- ],
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}-postgresql"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}-postgresql",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}-postgresql",
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "terminationGracePeriodSeconds": 60,
- "containers": [
- {
- "name": "${APPLICATION_NAME}-postgresql",
- "image": "postgresql",
- "ports": [
- {
- "containerPort": 5432,
- "protocol": "TCP"
- }
- ],
- "env": [
- {
- "name": "POSTGRESQL_USER",
- "value": "${DB_USERNAME}"
- },
- {
- "name": "POSTGRESQL_PASSWORD",
- "value": "${DB_PASSWORD}"
- },
- {
- "name": "POSTGRESQL_DATABASE",
- "value": "${DB_DATABASE}"
- },
- {
- "name": "POSTGRESQL_MAX_CONNECTIONS",
- "value": "${POSTGRESQL_MAX_CONNECTIONS}"
- },
- {
- "name": "POSTGRESQL_MAX_PREPARED_TRANSACTIONS",
- "value": "${POSTGRESQL_MAX_CONNECTIONS}"
- },
- {
- "name": "POSTGRESQL_SHARED_BUFFERS",
- "value": "${POSTGRESQL_SHARED_BUFFERS}"
- }
- ]
- }
- ]
- }
- }
- }
- }
- ]
-}
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws30-tomcat8-basic-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws30-tomcat8-basic-s2i.json
deleted file mode 100644
index 75d08e99d..000000000
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws30-tomcat8-basic-s2i.json
+++ /dev/null
@@ -1,319 +0,0 @@
-{
- "kind": "Template",
- "apiVersion": "v1",
- "metadata": {
- "annotations": {
- "iconClass": "icon-tomcat",
- "description": "Application template for JWS applications built using S2I.",
- "tags": "tomcat,tomcat8,java,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 8 (no https)"
- },
- "name": "jws30-tomcat8-basic-s2i"
- },
- "labels": {
- "template": "jws30-tomcat8-basic-s2i",
- "xpaas": "1.4.0"
- },
- "message": "A new JWS application for Tomcat 8 has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}.",
- "parameters": [
- {
- "displayName": "Application Name",
- "description": "The name for the application.",
- "name": "APPLICATION_NAME",
- "value": "jws-app",
- "required": true
- },
- {
- "displayName": "Custom http Route Hostname",
- "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
- "name": "HOSTNAME_HTTP",
- "value": "",
- "required": false
- },
- {
- "displayName": "Git Repository URL",
- "description": "Git source URI for application",
- "name": "SOURCE_REPOSITORY_URL",
- "value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
- "required": true
- },
- {
- "displayName": "Git Reference",
- "description": "Git branch/tag reference",
- "name": "SOURCE_REPOSITORY_REF",
- "value": "1.2",
- "required": false
- },
- {
- "displayName": "Context Directory",
- "description": "Path within Git project to build; empty for root project directory.",
- "name": "CONTEXT_DIR",
- "value": "tomcat-websocket-chat",
- "required": false
- },
- {
- "displayName": "JWS Admin Username",
- "description": "JWS Admin User",
- "name": "JWS_ADMIN_USERNAME",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "JWS Admin Password",
- "description": "JWS Admin Password",
- "name": "JWS_ADMIN_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Github Webhook Secret",
- "description": "GitHub trigger secret",
- "name": "GITHUB_WEBHOOK_SECRET",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Generic Webhook Secret",
- "description": "Generic build trigger secret",
- "name": "GENERIC_WEBHOOK_SECRET",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "ImageStream Namespace",
- "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
- "name": "IMAGE_STREAM_NAMESPACE",
- "value": "openshift",
- "required": true
- },
- {
- "displayName": "Maven mirror URL",
- "description": "Maven mirror to use for S2I builds",
- "name": "MAVEN_MIRROR_URL",
- "value": "",
- "required": false
- },
- {
- "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
- "name": "ARTIFACT_DIR",
- "value": "",
- "required": false
- }
- ],
- "objects": [
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 8080,
- "targetPort": 8080
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The web server's http port."
- }
- }
- },
- {
- "kind": "Route",
- "apiVersion": "v1",
- "id": "${APPLICATION_NAME}-http",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "Route for application's http service."
- }
- },
- "spec": {
- "host": "${HOSTNAME_HTTP}",
- "to": {
- "name": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "kind": "ImageStream",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "kind": "BuildConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "source": {
- "type": "Git",
- "git": {
- "uri": "${SOURCE_REPOSITORY_URL}",
- "ref": "${SOURCE_REPOSITORY_REF}"
- },
- "contextDir": "${CONTEXT_DIR}"
- },
- "strategy": {
- "type": "Source",
- "sourceStrategy": {
- "env": [
- {
- "name": "MAVEN_MIRROR_URL",
- "value": "${MAVEN_MIRROR_URL}"
- },
- {
- "name": "ARTIFACT_DIR",
- "value": "${ARTIFACT_DIR}"
- }
- ],
- "forcePull": true,
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat8-openshift:1.3"
- }
- }
- },
- "output": {
- "to": {
- "kind": "ImageStreamTag",
- "name": "${APPLICATION_NAME}:latest"
- }
- },
- "triggers": [
- {
- "type": "GitHub",
- "github": {
- "secret": "${GITHUB_WEBHOOK_SECRET}"
- }
- },
- {
- "type": "Generic",
- "generic": {
- "secret": "${GENERIC_WEBHOOK_SECRET}"
- }
- },
- {
- "type": "ImageChange",
- "imageChange": {}
- },
- {
- "type": "ConfigChange"
- }
- ]
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}"
- ],
- "from": {
- "kind": "ImageStreamTag",
- "name": "${APPLICATION_NAME}:latest"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}",
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "terminationGracePeriodSeconds": 60,
- "containers": [
- {
- "name": "${APPLICATION_NAME}",
- "image": "${APPLICATION_NAME}",
- "imagePullPolicy": "Always",
- "readinessProbe": {
- "exec": {
- "command": [
- "/bin/bash",
- "-c",
- "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
- ]
- }
- },
- "ports": [
- {
- "name": "jolokia",
- "containerPort": 8778,
- "protocol": "TCP"
- },
- {
- "name": "http",
- "containerPort": 8080,
- "protocol": "TCP"
- }
- ],
- "env": [
- {
- "name": "JWS_ADMIN_USERNAME",
- "value": "${JWS_ADMIN_USERNAME}"
- },
- {
- "name": "JWS_ADMIN_PASSWORD",
- "value": "${JWS_ADMIN_PASSWORD}"
- }
- ]
- }
- ]
- }
- }
- }
- }
- ]
-}
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws30-tomcat8-https-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws30-tomcat8-https-s2i.json
deleted file mode 100644
index 71577bec4..000000000
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws30-tomcat8-https-s2i.json
+++ /dev/null
@@ -1,438 +0,0 @@
-{
- "kind": "Template",
- "apiVersion": "v1",
- "metadata": {
- "annotations": {
- "iconClass": "icon-tomcat",
- "description": "Application template for JWS applications built using S2I.",
- "tags": "tomcat,tomcat8,java,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 8 (with https)"
- },
- "name": "jws30-tomcat8-https-s2i"
- },
- "labels": {
- "template": "jws30-tomcat8-https-s2i",
- "xpaas": "1.4.0"
- },
- "message": "A new JWS application for Tomcat 8 has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
- "parameters": [
- {
- "displayName": "Application Name",
- "description": "The name for the application.",
- "name": "APPLICATION_NAME",
- "value": "jws-app",
- "required": true
- },
- {
- "displayName": "Custom http Route Hostname",
- "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
- "name": "HOSTNAME_HTTP",
- "value": "",
- "required": false
- },
- {
- "displayName": "Custom https Route Hostname",
- "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
- "name": "HOSTNAME_HTTPS",
- "value": "",
- "required": false
- },
- {
- "displayName": "Git Repository URL",
- "description": "Git source URI for application",
- "name": "SOURCE_REPOSITORY_URL",
- "value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
- "required": true
- },
- {
- "displayName": "Git Reference",
- "description": "Git branch/tag reference",
- "name": "SOURCE_REPOSITORY_REF",
- "value": "1.2",
- "required": false
- },
- {
- "displayName": "Context Directory",
- "description": "Path within Git project to build; empty for root project directory.",
- "name": "CONTEXT_DIR",
- "value": "tomcat-websocket-chat",
- "required": false
- },
- {
- "displayName": "Secret Name",
- "description": "The name of the secret containing the certificate files",
- "name": "JWS_HTTPS_SECRET",
- "value": "jws-app-secret",
- "required": true
- },
- {
- "displayName": "Certificate Name",
- "description": "The name of the certificate file within the secret",
- "name": "JWS_HTTPS_CERTIFICATE",
- "value": "server.crt",
- "required": false
- },
- {
- "displayName": "Certificate Key Name",
- "description": "The name of the certificate key file within the secret",
- "name": "JWS_HTTPS_CERTIFICATE_KEY",
- "value": "server.key",
- "required": false
- },
- {
- "displayName": "Certificate Password",
- "description": "The certificate password",
- "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
- "value": "",
- "required": false
- },
- {
- "displayName": "JWS Admin Username",
- "description": "JWS Admin User",
- "name": "JWS_ADMIN_USERNAME",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "JWS Admin Password",
- "description": "JWS Admin Password",
- "name": "JWS_ADMIN_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Github Webhook Secret",
- "description": "GitHub trigger secret",
- "name": "GITHUB_WEBHOOK_SECRET",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Generic Webhook Secret",
- "description": "Generic build trigger secret",
- "name": "GENERIC_WEBHOOK_SECRET",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "ImageStream Namespace",
- "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
- "name": "IMAGE_STREAM_NAMESPACE",
- "value": "openshift",
- "required": true
- },
- {
- "displayName": "Maven mirror URL",
- "description": "Maven mirror to use for S2I builds",
- "name": "MAVEN_MIRROR_URL",
- "value": "",
- "required": false
- },
- {
- "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
- "name": "ARTIFACT_DIR",
- "value": "",
- "required": false
- }
- ],
- "objects": [
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 8080,
- "targetPort": 8080
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The web server's http port."
- }
- }
- },
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 8443,
- "targetPort": 8443
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- }
- },
- "metadata": {
- "name": "secure-${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The web server's https port."
- }
- }
- },
- {
- "kind": "Route",
- "apiVersion": "v1",
- "id": "${APPLICATION_NAME}-http",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "Route for application's http service."
- }
- },
- "spec": {
- "host": "${HOSTNAME_HTTP}",
- "to": {
- "name": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "kind": "Route",
- "apiVersion": "v1",
- "id": "${APPLICATION_NAME}-https",
- "metadata": {
- "name": "secure-${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "Route for application's https service."
- }
- },
- "spec": {
- "host": "${HOSTNAME_HTTPS}",
- "to": {
- "name": "secure-${APPLICATION_NAME}"
- },
- "tls": {
- "termination": "passthrough"
- }
- }
- },
- {
- "kind": "ImageStream",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "kind": "BuildConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "source": {
- "type": "Git",
- "git": {
- "uri": "${SOURCE_REPOSITORY_URL}",
- "ref": "${SOURCE_REPOSITORY_REF}"
- },
- "contextDir": "${CONTEXT_DIR}"
- },
- "strategy": {
- "type": "Source",
- "sourceStrategy": {
- "env": [
- {
- "name": "MAVEN_MIRROR_URL",
- "value": "${MAVEN_MIRROR_URL}"
- },
- {
- "name": "ARTIFACT_DIR",
- "value": "${ARTIFACT_DIR}"
- }
- ],
- "forcePull": true,
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat8-openshift:1.3"
- }
- }
- },
- "output": {
- "to": {
- "kind": "ImageStreamTag",
- "name": "${APPLICATION_NAME}:latest"
- }
- },
- "triggers": [
- {
- "type": "GitHub",
- "github": {
- "secret": "${GITHUB_WEBHOOK_SECRET}"
- }
- },
- {
- "type": "Generic",
- "generic": {
- "secret": "${GENERIC_WEBHOOK_SECRET}"
- }
- },
- {
- "type": "ImageChange",
- "imageChange": {}
- },
- {
- "type": "ConfigChange"
- }
- ]
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}"
- ],
- "from": {
- "kind": "ImageStreamTag",
- "name": "${APPLICATION_NAME}:latest"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}",
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "serviceAccountName": "jws-service-account",
- "terminationGracePeriodSeconds": 60,
- "containers": [
- {
- "name": "${APPLICATION_NAME}",
- "image": "${APPLICATION_NAME}",
- "imagePullPolicy": "Always",
- "readinessProbe": {
- "exec": {
- "command": [
- "/bin/bash",
- "-c",
- "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
- ]
- }
- },
- "volumeMounts": [
- {
- "name": "jws-certificate-volume",
- "mountPath": "/etc/jws-secret-volume",
- "readOnly": true
- }
- ],
- "ports": [
- {
- "name": "jolokia",
- "containerPort": 8778,
- "protocol": "TCP"
- },
- {
- "name": "http",
- "containerPort": 8080,
- "protocol": "TCP"
- },
- {
- "name": "https",
- "containerPort": 8443,
- "protocol": "TCP"
- }
- ],
- "env": [
- {
- "name": "JWS_HTTPS_CERTIFICATE_DIR",
- "value": "/etc/jws-secret-volume"
- },
- {
- "name": "JWS_HTTPS_CERTIFICATE",
- "value": "${JWS_HTTPS_CERTIFICATE}"
- },
- {
- "name": "JWS_HTTPS_CERTIFICATE_KEY",
- "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
- },
- {
- "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
- "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
- },
- {
- "name": "JWS_ADMIN_USERNAME",
- "value": "${JWS_ADMIN_USERNAME}"
- },
- {
- "name": "JWS_ADMIN_PASSWORD",
- "value": "${JWS_ADMIN_PASSWORD}"
- }
- ]
- }
- ],
- "volumes": [
- {
- "name": "jws-certificate-volume",
- "secret": {
- "secretName": "${JWS_HTTPS_SECRET}"
- }
- }
- ]
- }
- }
- }
- }
- ]
-}
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws30-tomcat8-mongodb-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws30-tomcat8-mongodb-persistent-s2i.json
deleted file mode 100644
index de86dd83e..000000000
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws30-tomcat8-mongodb-persistent-s2i.json
+++ /dev/null
@@ -1,715 +0,0 @@
-{
- "kind": "Template",
- "apiVersion": "v1",
- "metadata": {
- "annotations": {
- "iconClass": "icon-tomcat",
- "description": "Application template for JWS MongoDB applications with persistent storage built using S2I.",
- "tags": "tomcat,tomcat8,java,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 8 + MongoDB (Persistent with https)"
- },
- "name": "jws30-tomcat8-mongodb-persistent-s2i"
- },
- "message": "A new persistent JWS application for Tomcat 8 (using MongoDB) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MongoDB database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
- "labels": {
- "template": "jws30-tomcat8-mongodb-persistent-s2i",
- "xpaas": "1.4.0"
- },
- "parameters": [
- {
- "displayName": "Application Name",
- "description": "The name for the application.",
- "name": "APPLICATION_NAME",
- "value": "jws-app",
- "required": true
- },
- {
- "displayName": "Custom http Route Hostname",
- "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
- "name": "HOSTNAME_HTTP",
- "value": "",
- "required": false
- },
- {
- "displayName": "Custom https Route Hostname",
- "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
- "name": "HOSTNAME_HTTPS",
- "value": "",
- "required": false
- },
- {
- "displayName": "Git Repository URL",
- "description": "Git source URI for application",
- "name": "SOURCE_REPOSITORY_URL",
- "value": "https://github.com/jboss-openshift/openshift-quickstarts",
- "required": true
- },
- {
- "displayName": "Git Reference",
- "description": "Git branch/tag reference",
- "name": "SOURCE_REPOSITORY_REF",
- "value": "1.2",
- "required": false
- },
- {
- "displayName": "Context Directory",
- "description": "Path within Git project to build; empty for root project directory.",
- "name": "CONTEXT_DIR",
- "value": "todolist/todolist-mongodb",
- "required": false
- },
- {
- "displayName": "Database JNDI Name",
- "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
- "name": "DB_JNDI",
- "value": "",
- "required": false
- },
- {
- "displayName": "Database Name",
- "description": "Database name",
- "name": "DB_DATABASE",
- "value": "root",
- "required": true
- },
- {
- "displayName": "Database Volume Capacity",
- "description": "Size of persistent storage for database volume.",
- "name": "VOLUME_CAPACITY",
- "value": "512Mi",
- "required": true
- },
- {
- "displayName": "Secret Name",
- "description": "The name of the secret containing the certificate files",
- "name": "JWS_HTTPS_SECRET",
- "value": "jws-app-secret",
- "required": true
- },
- {
- "displayName": "Certificate Name",
- "description": "The name of the certificate file within the secret",
- "name": "JWS_HTTPS_CERTIFICATE",
- "value": "server.crt",
- "required": false
- },
- {
- "displayName": "Certificate Key Name",
- "description": "The name of the certificate key file within the secret",
- "name": "JWS_HTTPS_CERTIFICATE_KEY",
- "value": "server.key",
- "required": false
- },
- {
- "displayName": "Certificate Password",
- "description": "The certificate password",
- "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
- "value": "",
- "required": false
- },
- {
- "displayName": "Datasource Minimum Pool Size",
- "description": "Sets xa-pool/min-pool-size for the configured datasource.",
- "name": "DB_MIN_POOL_SIZE",
- "required": false
- },
- {
- "displayName": "Datasource Maximum Pool Size",
- "description": "Sets xa-pool/max-pool-size for the configured datasource.",
- "name": "DB_MAX_POOL_SIZE",
- "required": false
- },
- {
- "displayName": "Datasource Transaction Isolation",
- "description": "Sets transaction-isolation for the configured datasource.",
- "name": "DB_TX_ISOLATION",
- "required": false
- },
- {
- "displayName": "MongoDB No Preallocation",
- "description": "Disable data file preallocation.",
- "name": "MONGODB_NOPREALLOC",
- "required": false
- },
- {
- "displayName": "MongoDB Small Files",
- "description": "Set MongoDB to use a smaller default data file size.",
- "name": "MONGODB_SMALLFILES",
- "required": false
- },
- {
- "displayName": "MongoDB Quiet",
- "description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
- "name": "MONGODB_QUIET",
- "required": false
- },
- {
- "displayName": "Database Username",
- "description": "Database user name",
- "name": "DB_USERNAME",
- "from": "user[a-zA-Z0-9]{3}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Database Password",
- "description": "Database user password",
- "name": "DB_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Database admin password",
- "description": "Database admin password",
- "name": "DB_ADMIN_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "JWS Admin Username",
- "description": "JWS Admin User",
- "name": "JWS_ADMIN_USERNAME",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "JWS Admin Password",
- "description": "JWS Admin Password",
- "name": "JWS_ADMIN_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Github Webhook Secret",
- "description": "GitHub trigger secret",
- "name": "GITHUB_WEBHOOK_SECRET",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Generic Webhook Secret",
- "description": "Generic build trigger secret",
- "name": "GENERIC_WEBHOOK_SECRET",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "ImageStream Namespace",
- "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
- "name": "IMAGE_STREAM_NAMESPACE",
- "value": "openshift",
- "required": true
- },
- {
- "displayName": "Maven mirror URL",
- "description": "Maven mirror to use for S2I builds",
- "name": "MAVEN_MIRROR_URL",
- "value": "",
- "required": false
- },
- {
- "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
- "name": "ARTIFACT_DIR",
- "value": "",
- "required": false
- },
- {
- "displayName": "MongoDB Image Stream Tag",
- "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
- "name": "MONGODB_IMAGE_STREAM_TAG",
- "value": "3.2",
- "required": true
- }
- ],
- "objects": [
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 8080,
- "targetPort": 8080
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The web server's http port.",
- "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
- }
- }
- },
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 8443,
- "targetPort": 8443
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- }
- },
- "metadata": {
- "name": "secure-${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The web server's https port.",
- "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
- }
- }
- },
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 27017,
- "targetPort": 27017
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}-mongodb"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}-mongodb",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The database server's port."
- }
- }
- },
- {
- "kind": "Route",
- "apiVersion": "v1",
- "id": "${APPLICATION_NAME}-http",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "Route for application's http service."
- }
- },
- "spec": {
- "host": "${HOSTNAME_HTTP}",
- "to": {
- "name": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "kind": "Route",
- "apiVersion": "v1",
- "id": "${APPLICATION_NAME}-https",
- "metadata": {
- "name": "secure-${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "Route for application's https service."
- }
- },
- "spec": {
- "host": "${HOSTNAME_HTTPS}",
- "to": {
- "name": "secure-${APPLICATION_NAME}"
- },
- "tls": {
- "termination": "passthrough"
- }
- }
- },
- {
- "kind": "ImageStream",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "kind": "BuildConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "source": {
- "type": "Git",
- "git": {
- "uri": "${SOURCE_REPOSITORY_URL}",
- "ref": "${SOURCE_REPOSITORY_REF}"
- },
- "contextDir": "${CONTEXT_DIR}"
- },
- "strategy": {
- "type": "Source",
- "sourceStrategy": {
- "env": [
- {
- "name": "MAVEN_MIRROR_URL",
- "value": "${MAVEN_MIRROR_URL}"
- },
- {
- "name": "ARTIFACT_DIR",
- "value": "${ARTIFACT_DIR}"
- }
- ],
- "forcePull": true,
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat8-openshift:1.3"
- }
- }
- },
- "output": {
- "to": {
- "kind": "ImageStreamTag",
- "name": "${APPLICATION_NAME}:latest"
- }
- },
- "triggers": [
- {
- "type": "GitHub",
- "github": {
- "secret": "${GITHUB_WEBHOOK_SECRET}"
- }
- },
- {
- "type": "Generic",
- "generic": {
- "secret": "${GENERIC_WEBHOOK_SECRET}"
- }
- },
- {
- "type": "ImageChange",
- "imageChange": {}
- },
- {
- "type": "ConfigChange"
- }
- ]
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}"
- ],
- "from": {
- "kind": "ImageStreamTag",
- "name": "${APPLICATION_NAME}:latest"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}",
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "serviceAccountName": "jws-service-account",
- "terminationGracePeriodSeconds": 60,
- "containers": [
- {
- "name": "${APPLICATION_NAME}",
- "image": "${APPLICATION_NAME}",
- "imagePullPolicy": "Always",
- "readinessProbe": {
- "exec": {
- "command": [
- "/bin/bash",
- "-c",
- "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
- ]
- }
- },
- "volumeMounts": [
- {
- "name": "jws-certificate-volume",
- "mountPath": "/etc/jws-secret-volume",
- "readOnly": true
- }
- ],
- "ports": [
- {
- "name": "jolokia",
- "containerPort": 8778,
- "protocol": "TCP"
- },
- {
- "name": "http",
- "containerPort": 8080,
- "protocol": "TCP"
- },
- {
- "name": "https",
- "containerPort": 8443,
- "protocol": "TCP"
- }
- ],
- "env": [
- {
- "name": "DB_SERVICE_PREFIX_MAPPING",
- "value": "${APPLICATION_NAME}-mongodb=DB"
- },
- {
- "name": "DB_JNDI",
- "value": "${DB_JNDI}"
- },
- {
- "name": "DB_USERNAME",
- "value": "${DB_USERNAME}"
- },
- {
- "name": "DB_PASSWORD",
- "value": "${DB_PASSWORD}"
- },
- {
- "name": "DB_DATABASE",
- "value": "${DB_DATABASE}"
- },
- {
- "name": "DB_ADMIN_PASSWORD",
- "value": "${DB_ADMIN_PASSWORD}"
- },
- {
- "name": "DB_MIN_POOL_SIZE",
- "value": "${DB_MIN_POOL_SIZE}"
- },
- {
- "name": "DB_MAX_POOL_SIZE",
- "value": "${DB_MAX_POOL_SIZE}"
- },
- {
- "name": "DB_TX_ISOLATION",
- "value": "${DB_TX_ISOLATION}"
- },
- {
- "name": "JWS_HTTPS_CERTIFICATE_DIR",
- "value": "/etc/jws-secret-volume"
- },
- {
- "name": "JWS_HTTPS_CERTIFICATE",
- "value": "${JWS_HTTPS_CERTIFICATE}"
- },
- {
- "name": "JWS_HTTPS_CERTIFICATE_KEY",
- "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
- },
- {
- "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
- "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
- },
- {
- "name": "JWS_ADMIN_USERNAME",
- "value": "${JWS_ADMIN_USERNAME}"
- },
- {
- "name": "JWS_ADMIN_PASSWORD",
- "value": "${JWS_ADMIN_PASSWORD}"
- }
- ]
- }
- ],
- "volumes": [
- {
- "name": "jws-certificate-volume",
- "secret": {
- "secretName": "${JWS_HTTPS_SECRET}"
- }
- }
- ]
- }
- }
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}-mongodb",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}-mongodb"
- ],
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}-mongodb"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}-mongodb",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}-mongodb",
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "terminationGracePeriodSeconds": 60,
- "containers": [
- {
- "name": "${APPLICATION_NAME}-mongodb",
- "image": "mongodb",
- "imagePullPolicy": "Always",
- "ports": [
- {
- "containerPort": 27017,
- "protocol": "TCP"
- }
- ],
- "volumeMounts": [
- {
- "mountPath": "/var/lib/mongodb/data",
- "name": "${APPLICATION_NAME}-mongodb-pvol"
- }
- ],
- "env": [
- {
- "name": "MONGODB_USER",
- "value": "${DB_USERNAME}"
- },
- {
- "name": "MONGODB_PASSWORD",
- "value": "${DB_PASSWORD}"
- },
- {
- "name": "MONGODB_DATABASE",
- "value": "${DB_DATABASE}"
- },
- {
- "name": "MONGODB_ADMIN_PASSWORD",
- "value": "${DB_ADMIN_PASSWORD}"
- },
- {
- "name": "MONGODB_NOPREALLOC",
- "value": "${MONGODB_NOPREALLOC}"
- },
- {
- "name": "MONGODB_SMALLFILES",
- "value": "${MONGODB_SMALLFILES}"
- },
- {
- "name": "MONGODB_QUIET",
- "value": "${MONGODB_QUIET}"
- }
- ]
- }
- ],
- "volumes": [
- {
- "name": "${APPLICATION_NAME}-mongodb-pvol",
- "persistentVolumeClaim": {
- "claimName": "${APPLICATION_NAME}-mongodb-claim"
- }
- }
- ]
- }
- }
- }
- },
- {
- "apiVersion": "v1",
- "kind": "PersistentVolumeClaim",
- "metadata": {
- "name": "${APPLICATION_NAME}-mongodb-claim",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "accessModes": [
- "ReadWriteOnce"
- ],
- "resources": {
- "requests": {
- "storage": "${VOLUME_CAPACITY}"
- }
- }
- }
- }
- ]
-}
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws30-tomcat8-mongodb-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws30-tomcat8-mongodb-s2i.json
deleted file mode 100644
index 6dc85e226..000000000
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws30-tomcat8-mongodb-s2i.json
+++ /dev/null
@@ -1,674 +0,0 @@
-{
- "kind": "Template",
- "apiVersion": "v1",
- "metadata": {
- "annotations": {
- "iconClass": "icon-tomcat",
- "description": "Application template for JWS MongoDB applications built using S2I.",
- "tags": "tomcat,tomcat8,java,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 8 + MongoDB (Ephemeral with https)"
- },
- "name": "jws30-tomcat8-mongodb-s2i"
- },
- "labels": {
- "template": "jws30-tomcat8-mongodb-s2i",
- "xpaas": "1.4.0"
- },
- "message": "A new JWS application for Tomcat 8 (using MongoDB) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MongoDB database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
- "parameters": [
- {
- "displayName": "Application Name",
- "description": "The name for the application.",
- "name": "APPLICATION_NAME",
- "value": "jws-app",
- "required": true
- },
- {
- "displayName": "Custom http Route Hostname",
- "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
- "name": "HOSTNAME_HTTP",
- "value": "",
- "required": false
- },
- {
- "displayName": "Custom https Route Hostname",
- "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
- "name": "HOSTNAME_HTTPS",
- "value": "",
- "required": false
- },
- {
- "displayName": "Git Repository URL",
- "description": "Git source URI for application",
- "name": "SOURCE_REPOSITORY_URL",
- "value": "https://github.com/jboss-openshift/openshift-quickstarts",
- "required": true
- },
- {
- "displayName": "Git Reference",
- "description": "Git branch/tag reference",
- "name": "SOURCE_REPOSITORY_REF",
- "value": "1.2",
- "required": false
- },
- {
- "displayName": "Context Directory",
- "description": "Path within Git project to build; empty for root project directory.",
- "name": "CONTEXT_DIR",
- "value": "todolist/todolist-mongodb",
- "required": false
- },
- {
- "displayName": "Database JNDI Name",
- "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
- "name": "DB_JNDI",
- "value": "",
- "required": false
- },
- {
- "displayName": "Database Name",
- "description": "Database name",
- "name": "DB_DATABASE",
- "value": "root",
- "required": true
- },
- {
- "displayName": "Secret Name",
- "description": "The name of the secret containing the certificate files",
- "name": "JWS_HTTPS_SECRET",
- "value": "jws-app-secret",
- "required": true
- },
- {
- "displayName": "Certificate Name",
- "description": "The name of the certificate file within the secret",
- "name": "JWS_HTTPS_CERTIFICATE",
- "value": "server.crt",
- "required": false
- },
- {
- "displayName": "Certificate Key Name",
- "description": "The name of the certificate key file within the secret",
- "name": "JWS_HTTPS_CERTIFICATE_KEY",
- "value": "server.key",
- "required": false
- },
- {
- "displayName": "Certificate Password",
- "description": "The certificate password",
- "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
- "value": "",
- "required": false
- },
- {
- "displayName": "Datasource Minimum Pool Size",
- "description": "Sets xa-pool/min-pool-size for the configured datasource.",
- "name": "DB_MIN_POOL_SIZE",
- "required": false
- },
- {
- "displayName": "Datasource Maximum Pool Size",
- "description": "Sets xa-pool/max-pool-size for the configured datasource.",
- "name": "DB_MAX_POOL_SIZE",
- "required": false
- },
- {
- "displayName": "Datasource Transaction Isolation",
- "description": "Sets transaction-isolation for the configured datasource.",
- "name": "DB_TX_ISOLATION",
- "required": false
- },
- {
- "displayName": "MongoDB No Preallocation",
- "description": "Disable data file preallocation.",
- "name": "MONGODB_NOPREALLOC",
- "required": false
- },
- {
- "displayName": "MongoDB Small Files",
- "description": "Set MongoDB to use a smaller default data file size.",
- "name": "MONGODB_SMALLFILES",
- "required": false
- },
- {
- "displayName": "MongoDB Quiet",
- "description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
- "name": "MONGODB_QUIET",
- "required": false
- },
- {
- "displayName": "Database Username",
- "description": "Database user name",
- "name": "DB_USERNAME",
- "from": "user[a-zA-Z0-9]{3}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Database Password",
- "description": "Database user password",
- "name": "DB_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Database admin password",
- "description": "Database admin password",
- "name": "DB_ADMIN_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "JWS Admin Username",
- "description": "JWS Admin User",
- "name": "JWS_ADMIN_USERNAME",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "JWS Admin Password",
- "description": "JWS Admin Password",
- "name": "JWS_ADMIN_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Github Webhook Secret",
- "description": "GitHub trigger secret",
- "name": "GITHUB_WEBHOOK_SECRET",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Generic Webhook Secret",
- "description": "Generic build trigger secret",
- "name": "GENERIC_WEBHOOK_SECRET",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "ImageStream Namespace",
- "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
- "name": "IMAGE_STREAM_NAMESPACE",
- "value": "openshift",
- "required": true
- },
- {
- "displayName": "Maven mirror URL",
- "description": "Maven mirror to use for S2I builds",
- "name": "MAVEN_MIRROR_URL",
- "value": "",
- "required": false
- },
- {
- "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
- "name": "ARTIFACT_DIR",
- "value": "",
- "required": false
- },
- {
- "displayName": "MongoDB Image Stream Tag",
- "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
- "name": "MONGODB_IMAGE_STREAM_TAG",
- "value": "3.2",
- "required": true
- }
- ],
- "objects": [
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 8080,
- "targetPort": 8080
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The web server's http port.",
- "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
- }
- }
- },
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 8443,
- "targetPort": 8443
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- }
- },
- "metadata": {
- "name": "secure-${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The web server's https port.",
- "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
- }
- }
- },
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 27017,
- "targetPort": 27017
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}-mongodb"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}-mongodb",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The database server's port."
- }
- }
- },
- {
- "kind": "Route",
- "apiVersion": "v1",
- "id": "${APPLICATION_NAME}-http",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "Route for application's http service."
- }
- },
- "spec": {
- "host": "${HOSTNAME_HTTP}",
- "to": {
- "name": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "kind": "Route",
- "apiVersion": "v1",
- "id": "${APPLICATION_NAME}-https",
- "metadata": {
- "name": "secure-${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "Route for application's https service."
- }
- },
- "spec": {
- "host": "${HOSTNAME_HTTPS}",
- "to": {
- "name": "secure-${APPLICATION_NAME}"
- },
- "tls": {
- "termination": "passthrough"
- }
- }
- },
- {
- "kind": "ImageStream",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "kind": "BuildConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "source": {
- "type": "Git",
- "git": {
- "uri": "${SOURCE_REPOSITORY_URL}",
- "ref": "${SOURCE_REPOSITORY_REF}"
- },
- "contextDir": "${CONTEXT_DIR}"
- },
- "strategy": {
- "type": "Source",
- "sourceStrategy": {
- "env": [
- {
- "name": "MAVEN_MIRROR_URL",
- "value": "${MAVEN_MIRROR_URL}"
- },
- {
- "name": "ARTIFACT_DIR",
- "value": "${ARTIFACT_DIR}"
- }
- ],
- "forcePull": true,
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat8-openshift:1.3"
- }
- }
- },
- "output": {
- "to": {
- "kind": "ImageStreamTag",
- "name": "${APPLICATION_NAME}:latest"
- }
- },
- "triggers": [
- {
- "type": "GitHub",
- "github": {
- "secret": "${GITHUB_WEBHOOK_SECRET}"
- }
- },
- {
- "type": "Generic",
- "generic": {
- "secret": "${GENERIC_WEBHOOK_SECRET}"
- }
- },
- {
- "type": "ImageChange",
- "imageChange": {}
- },
- {
- "type": "ConfigChange"
- }
- ]
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}"
- ],
- "from": {
- "kind": "ImageStreamTag",
- "name": "${APPLICATION_NAME}:latest"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}",
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "serviceAccountName": "jws-service-account",
- "terminationGracePeriodSeconds": 60,
- "containers": [
- {
- "name": "${APPLICATION_NAME}",
- "image": "${APPLICATION_NAME}",
- "imagePullPolicy": "Always",
- "readinessProbe": {
- "exec": {
- "command": [
- "/bin/bash",
- "-c",
- "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
- ]
- }
- },
- "volumeMounts": [
- {
- "name": "jws-certificate-volume",
- "mountPath": "/etc/jws-secret-volume",
- "readOnly": true
- }
- ],
- "ports": [
- {
- "name": "jolokia",
- "containerPort": 8778,
- "protocol": "TCP"
- },
- {
- "name": "http",
- "containerPort": 8080,
- "protocol": "TCP"
- },
- {
- "name": "https",
- "containerPort": 8443,
- "protocol": "TCP"
- }
- ],
- "env": [
- {
- "name": "DB_SERVICE_PREFIX_MAPPING",
- "value": "${APPLICATION_NAME}-mongodb=DB"
- },
- {
- "name": "DB_JNDI",
- "value": "${DB_JNDI}"
- },
- {
- "name": "DB_USERNAME",
- "value": "${DB_USERNAME}"
- },
- {
- "name": "DB_PASSWORD",
- "value": "${DB_PASSWORD}"
- },
- {
- "name": "DB_DATABASE",
- "value": "${DB_DATABASE}"
- },
- {
- "name": "DB_ADMIN_PASSWORD",
- "value": "${DB_ADMIN_PASSWORD}"
- },
- {
- "name": "DB_MIN_POOL_SIZE",
- "value": "${DB_MIN_POOL_SIZE}"
- },
- {
- "name": "DB_MAX_POOL_SIZE",
- "value": "${DB_MAX_POOL_SIZE}"
- },
- {
- "name": "DB_TX_ISOLATION",
- "value": "${DB_TX_ISOLATION}"
- },
- {
- "name": "JWS_HTTPS_CERTIFICATE_DIR",
- "value": "/etc/jws-secret-volume"
- },
- {
- "name": "JWS_HTTPS_CERTIFICATE",
- "value": "${JWS_HTTPS_CERTIFICATE}"
- },
- {
- "name": "JWS_HTTPS_CERTIFICATE_KEY",
- "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
- },
- {
- "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
- "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
- },
- {
- "name": "JWS_ADMIN_USERNAME",
- "value": "${JWS_ADMIN_USERNAME}"
- },
- {
- "name": "JWS_ADMIN_PASSWORD",
- "value": "${JWS_ADMIN_PASSWORD}"
- }
- ]
- }
- ],
- "volumes": [
- {
- "name": "jws-certificate-volume",
- "secret": {
- "secretName": "${JWS_HTTPS_SECRET}"
- }
- }
- ]
- }
- }
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}-mongodb",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}-mongodb"
- ],
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}-mongodb"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}-mongodb",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}-mongodb",
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "terminationGracePeriodSeconds": 60,
- "containers": [
- {
- "name": "${APPLICATION_NAME}-mongodb",
- "image": "mongodb",
- "imagePullPolicy": "Always",
- "ports": [
- {
- "containerPort": 27017,
- "protocol": "TCP"
- }
- ],
- "env": [
- {
- "name": "MONGODB_USER",
- "value": "${DB_USERNAME}"
- },
- {
- "name": "MONGODB_PASSWORD",
- "value": "${DB_PASSWORD}"
- },
- {
- "name": "MONGODB_DATABASE",
- "value": "${DB_DATABASE}"
- },
- {
- "name": "MONGODB_ADMIN_PASSWORD",
- "value": "${DB_ADMIN_PASSWORD}"
- },
- {
- "name": "MONGODB_NOPREALLOC",
- "value": "${MONGODB_NOPREALLOC}"
- },
- {
- "name": "MONGODB_SMALLFILES",
- "value": "${MONGODB_SMALLFILES}"
- },
- {
- "name": "MONGODB_QUIET",
- "value": "${MONGODB_QUIET}"
- }
- ]
- }
- ]
- }
- }
- }
- }
- ]
-}
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws30-tomcat8-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws30-tomcat8-mysql-persistent-s2i.json
deleted file mode 100644
index 0e96b58a9..000000000
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws30-tomcat8-mysql-persistent-s2i.json
+++ /dev/null
@@ -1,718 +0,0 @@
-{
- "kind": "Template",
- "apiVersion": "v1",
- "metadata": {
- "annotations": {
- "iconClass": "icon-tomcat",
- "description": "Application template for JWS MySQL applications with persistent storage built using S2I.",
- "tags": "tomcat,tomcat8,java,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 8 + MySQL (Persistent with https)"
- },
- "name": "jws30-tomcat8-mysql-persistent-s2i"
- },
- "labels": {
- "template": "jws30-tomcat8-mysql-persistent-s2i",
- "xpaas": "1.4.0"
- },
- "message": "A new persistent JWS application for Tomcat 8 (using MySQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
- "parameters": [
- {
- "displayName": "Application Name",
- "description": "The name for the application.",
- "name": "APPLICATION_NAME",
- "value": "jws-app",
- "required": true
- },
- {
- "displayName": "Custom http Route Hostname",
- "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
- "name": "HOSTNAME_HTTP",
- "value": "",
- "required": false
- },
- {
- "displayName": "Custom https Route Hostname",
- "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
- "name": "HOSTNAME_HTTPS",
- "value": "",
- "required": false
- },
- {
- "displayName": "Git Repository URL",
- "description": "Git source URI for application",
- "name": "SOURCE_REPOSITORY_URL",
- "value": "https://github.com/jboss-openshift/openshift-quickstarts",
- "required": true
- },
- {
- "displayName": "Git Reference",
- "description": "Git branch/tag reference",
- "name": "SOURCE_REPOSITORY_REF",
- "value": "1.2",
- "required": false
- },
- {
- "displayName": "Context Directory",
- "description": "Path within Git project to build; empty for root project directory.",
- "name": "CONTEXT_DIR",
- "value": "todolist/todolist-jdbc",
- "required": false
- },
- {
- "displayName": "Database JNDI Name",
- "description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/mysqlDS",
- "name": "DB_JNDI",
- "value": "jboss/datasources/defaultDS",
- "required": false
- },
- {
- "displayName": "Database Name",
- "description": "Database name",
- "name": "DB_DATABASE",
- "value": "root",
- "required": true
- },
- {
- "displayName": "Database Volume Capacity",
- "description": "Size of persistent storage for database volume.",
- "name": "VOLUME_CAPACITY",
- "value": "512Mi",
- "required": true
- },
- {
- "displayName": "Secret Name",
- "description": "The name of the secret containing the certificate files",
- "name": "JWS_HTTPS_SECRET",
- "value": "jws-app-secret",
- "required": true
- },
- {
- "displayName": "Certificate Name",
- "description": "The name of the certificate file within the secret",
- "name": "JWS_HTTPS_CERTIFICATE",
- "value": "server.crt",
- "required": false
- },
- {
- "displayName": "Certificate Key Name",
- "description": "The name of the certificate key file within the secret",
- "name": "JWS_HTTPS_CERTIFICATE_KEY",
- "value": "server.key",
- "required": false
- },
- {
- "displayName": "Certificate Password",
- "description": "The certificate password",
- "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
- "value": "",
- "required": false
- },
- {
- "displayName": "Datasource Minimum Pool Size",
- "description": "Sets xa-pool/min-pool-size for the configured datasource.",
- "name": "DB_MIN_POOL_SIZE",
- "required": false
- },
- {
- "displayName": "Datasource Maximum Pool Size",
- "description": "Sets xa-pool/max-pool-size for the configured datasource.",
- "name": "DB_MAX_POOL_SIZE",
- "required": false
- },
- {
- "displayName": "Datasource Transaction Isolation",
- "description": "Sets transaction-isolation for the configured datasource.",
- "name": "DB_TX_ISOLATION",
- "required": false
- },
- {
- "displayName": "MySQL Lower Case Table Names",
- "description": "Sets how the table names are stored and compared.",
- "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
- "required": false
- },
- {
- "displayName": "MySQL Maximum number of connections",
- "description": "The maximum permitted number of simultaneous client connections.",
- "name": "MYSQL_MAX_CONNECTIONS",
- "required": false
- },
- {
- "displayName": "MySQL FullText Minimum Word Length",
- "description": "The minimum length of the word to be included in a FULLTEXT index.",
- "name": "MYSQL_FT_MIN_WORD_LEN",
- "required": false
- },
- {
- "displayName": "MySQL FullText Maximum Word Length",
- "description": "The maximum length of the word to be included in a FULLTEXT index.",
- "name": "MYSQL_FT_MAX_WORD_LEN",
- "required": false
- },
- {
- "displayName": "MySQL AIO",
- "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
- "name": "MYSQL_AIO",
- "required": false
- },
- {
- "displayName": "Database Username",
- "description": "Database user name",
- "name": "DB_USERNAME",
- "from": "user[a-zA-Z0-9]{3}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Database Password",
- "description": "Database user password",
- "name": "DB_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "JWS Admin Username",
- "description": "JWS Admin User",
- "name": "JWS_ADMIN_USERNAME",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "JWS Admin Password",
- "description": "JWS Admin Password",
- "name": "JWS_ADMIN_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Github Webhook Secret",
- "description": "GitHub trigger secret",
- "name": "GITHUB_WEBHOOK_SECRET",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Generic Webhook Secret",
- "description": "Generic build trigger secret",
- "name": "GENERIC_WEBHOOK_SECRET",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "ImageStream Namespace",
- "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
- "name": "IMAGE_STREAM_NAMESPACE",
- "value": "openshift",
- "required": true
- },
- {
- "displayName": "Maven mirror URL",
- "description": "Maven mirror to use for S2I builds",
- "name": "MAVEN_MIRROR_URL",
- "value": "",
- "required": false
- },
- {
- "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
- "name": "ARTIFACT_DIR",
- "value": "",
- "required": false
- },
- {
- "displayName": "MySQL Image Stream Tag",
- "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
- "name": "MYSQL_IMAGE_STREAM_TAG",
- "value": "5.7",
- "required": true
- }
- ],
- "objects": [
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 8080,
- "targetPort": 8080
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The web server's http port.",
- "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
- }
- }
- },
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 8443,
- "targetPort": 8443
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- }
- },
- "metadata": {
- "name": "secure-${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The web server's https port.",
- "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
- }
- }
- },
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 3306,
- "targetPort": 3306
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}-mysql"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}-mysql",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The database server's port."
- }
- }
- },
- {
- "kind": "Route",
- "apiVersion": "v1",
- "id": "${APPLICATION_NAME}-http",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "Route for application's http service."
- }
- },
- "spec": {
- "host": "${HOSTNAME_HTTP}",
- "to": {
- "name": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "kind": "Route",
- "apiVersion": "v1",
- "id": "${APPLICATION_NAME}-https",
- "metadata": {
- "name": "secure-${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "Route for application's https service."
- }
- },
- "spec": {
- "host": "${HOSTNAME_HTTPS}",
- "to": {
- "name": "secure-${APPLICATION_NAME}"
- },
- "tls": {
- "termination": "passthrough"
- }
- }
- },
- {
- "kind": "ImageStream",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "kind": "BuildConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "source": {
- "type": "Git",
- "git": {
- "uri": "${SOURCE_REPOSITORY_URL}",
- "ref": "${SOURCE_REPOSITORY_REF}"
- },
- "contextDir": "${CONTEXT_DIR}"
- },
- "strategy": {
- "type": "Source",
- "sourceStrategy": {
- "env": [
- {
- "name": "MAVEN_MIRROR_URL",
- "value": "${MAVEN_MIRROR_URL}"
- },
- {
- "name": "ARTIFACT_DIR",
- "value": "${ARTIFACT_DIR}"
- }
- ],
- "forcePull": true,
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat8-openshift:1.3"
- }
- }
- },
- "output": {
- "to": {
- "kind": "ImageStreamTag",
- "name": "${APPLICATION_NAME}:latest"
- }
- },
- "triggers": [
- {
- "type": "GitHub",
- "github": {
- "secret": "${GITHUB_WEBHOOK_SECRET}"
- }
- },
- {
- "type": "Generic",
- "generic": {
- "secret": "${GENERIC_WEBHOOK_SECRET}"
- }
- },
- {
- "type": "ImageChange",
- "imageChange": {}
- },
- {
- "type": "ConfigChange"
- }
- ]
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}"
- ],
- "from": {
- "kind": "ImageStreamTag",
- "name": "${APPLICATION_NAME}:latest"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}",
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "serviceAccountName": "jws-service-account",
- "terminationGracePeriodSeconds": 60,
- "containers": [
- {
- "name": "${APPLICATION_NAME}",
- "image": "${APPLICATION_NAME}",
- "imagePullPolicy": "Always",
- "readinessProbe": {
- "exec": {
- "command": [
- "/bin/bash",
- "-c",
- "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
- ]
- }
- },
- "volumeMounts": [
- {
- "name": "jws-certificate-volume",
- "mountPath": "/etc/jws-secret-volume",
- "readOnly": true
- }
- ],
- "ports": [
- {
- "name": "jolokia",
- "containerPort": 8778,
- "protocol": "TCP"
- },
- {
- "name": "http",
- "containerPort": 8080,
- "protocol": "TCP"
- },
- {
- "name": "https",
- "containerPort": 8443,
- "protocol": "TCP"
- }
- ],
- "env": [
- {
- "name": "DB_SERVICE_PREFIX_MAPPING",
- "value": "${APPLICATION_NAME}-mysql=DB"
- },
- {
- "name": "DB_JNDI",
- "value": "${DB_JNDI}"
- },
- {
- "name": "DB_USERNAME",
- "value": "${DB_USERNAME}"
- },
- {
- "name": "DB_PASSWORD",
- "value": "${DB_PASSWORD}"
- },
- {
- "name": "DB_DATABASE",
- "value": "${DB_DATABASE}"
- },
- {
- "name": "DB_MIN_POOL_SIZE",
- "value": "${DB_MIN_POOL_SIZE}"
- },
- {
- "name": "DB_MAX_POOL_SIZE",
- "value": "${DB_MAX_POOL_SIZE}"
- },
- {
- "name": "DB_TX_ISOLATION",
- "value": "${DB_TX_ISOLATION}"
- },
- {
- "name": "JWS_HTTPS_CERTIFICATE_DIR",
- "value": "/etc/jws-secret-volume"
- },
- {
- "name": "JWS_HTTPS_CERTIFICATE",
- "value": "${JWS_HTTPS_CERTIFICATE}"
- },
- {
- "name": "JWS_HTTPS_CERTIFICATE_KEY",
- "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
- },
- {
- "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
- "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
- },
- {
- "name": "JWS_ADMIN_USERNAME",
- "value": "${JWS_ADMIN_USERNAME}"
- },
- {
- "name": "JWS_ADMIN_PASSWORD",
- "value": "${JWS_ADMIN_PASSWORD}"
- }
- ]
- }
- ],
- "volumes": [
- {
- "name": "jws-certificate-volume",
- "secret": {
- "secretName": "${JWS_HTTPS_SECRET}"
- }
- }
- ]
- }
- }
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}-mysql",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}-mysql"
- ],
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}-mysql"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}-mysql",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}-mysql",
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "terminationGracePeriodSeconds": 60,
- "containers": [
- {
- "name": "${APPLICATION_NAME}-mysql",
- "image": "mysql",
- "ports": [
- {
- "containerPort": 3306,
- "protocol": "TCP"
- }
- ],
- "volumeMounts": [
- {
- "mountPath": "/var/lib/mysql/data",
- "name": "${APPLICATION_NAME}-mysql-pvol"
- }
- ],
- "env": [
- {
- "name": "MYSQL_USER",
- "value": "${DB_USERNAME}"
- },
- {
- "name": "MYSQL_PASSWORD",
- "value": "${DB_PASSWORD}"
- },
- {
- "name": "MYSQL_DATABASE",
- "value": "${DB_DATABASE}"
- },
- {
- "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
- "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
- },
- {
- "name": "MYSQL_MAX_CONNECTIONS",
- "value": "${MYSQL_MAX_CONNECTIONS}"
- },
- {
- "name": "MYSQL_FT_MIN_WORD_LEN",
- "value": "${MYSQL_FT_MIN_WORD_LEN}"
- },
- {
- "name": "MYSQL_FT_MAX_WORD_LEN",
- "value": "${MYSQL_FT_MAX_WORD_LEN}"
- },
- {
- "name": "MYSQL_AIO",
- "value": "${MYSQL_AIO}"
- }
- ]
- }
- ],
- "volumes": [
- {
- "name": "${APPLICATION_NAME}-mysql-pvol",
- "persistentVolumeClaim": {
- "claimName": "${APPLICATION_NAME}-mysql-claim"
- }
- }
- ]
- }
- }
- }
- },
- {
- "apiVersion": "v1",
- "kind": "PersistentVolumeClaim",
- "metadata": {
- "name": "${APPLICATION_NAME}-mysql-claim",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "accessModes": [
- "ReadWriteOnce"
- ],
- "resources": {
- "requests": {
- "storage": "${VOLUME_CAPACITY}"
- }
- }
- }
- }
- ]
-}
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws30-tomcat8-mysql-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws30-tomcat8-mysql-s2i.json
deleted file mode 100644
index 08b040863..000000000
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws30-tomcat8-mysql-s2i.json
+++ /dev/null
@@ -1,677 +0,0 @@
-{
- "kind": "Template",
- "apiVersion": "v1",
- "metadata": {
- "annotations": {
- "iconClass": "icon-tomcat",
- "description": "Application template for JWS MySQL applications built using S2I.",
- "tags": "tomcat,tomcat8,java,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 8 + MySQL (Ephemeral with https)"
- },
- "name": "jws30-tomcat8-mysql-s2i"
- },
- "labels": {
- "template": "jws30-tomcat8-mysql-s2i",
- "xpaas": "1.4.0"
- },
- "message": "A new JWS application for Tomcat 8 (using MySQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
- "parameters": [
- {
- "displayName": "Application Name",
- "description": "The name for the application.",
- "name": "APPLICATION_NAME",
- "value": "jws-app",
- "required": true
- },
- {
- "displayName": "Custom http Route Hostname",
- "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
- "name": "HOSTNAME_HTTP",
- "value": "",
- "required": false
- },
- {
- "displayName": "Custom https Route Hostname",
- "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
- "name": "HOSTNAME_HTTPS",
- "value": "",
- "required": false
- },
- {
- "displayName": "Git Repository URL",
- "description": "Git source URI for application",
- "name": "SOURCE_REPOSITORY_URL",
- "value": "https://github.com/jboss-openshift/openshift-quickstarts",
- "required": true
- },
- {
- "displayName": "Git Reference",
- "description": "Git branch/tag reference",
- "name": "SOURCE_REPOSITORY_REF",
- "value": "1.2",
- "required": false
- },
- {
- "displayName": "Context Directory",
- "description": "Path within Git project to build; empty for root project directory.",
- "name": "CONTEXT_DIR",
- "value": "todolist/todolist-jdbc",
- "required": false
- },
- {
- "displayName": "Database JNDI Name",
- "description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/mysqlDS",
- "name": "DB_JNDI",
- "value": "jboss/datasources/defaultDS",
- "required": false
- },
- {
- "displayName": "Database Name",
- "description": "Database name",
- "name": "DB_DATABASE",
- "value": "root",
- "required": true
- },
- {
- "displayName": "Secret Name",
- "description": "The name of the secret containing the certificate files",
- "name": "JWS_HTTPS_SECRET",
- "value": "jws-app-secret",
- "required": true
- },
- {
- "displayName": "Certificate Name",
- "description": "The name of the certificate file within the secret",
- "name": "JWS_HTTPS_CERTIFICATE",
- "value": "server.crt",
- "required": false
- },
- {
- "displayName": "Certificate Key Name",
- "description": "The name of the certificate key file within the secret",
- "name": "JWS_HTTPS_CERTIFICATE_KEY",
- "value": "server.key",
- "required": false
- },
- {
- "displayName": "Certificate Password",
- "description": "The certificate password",
- "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
- "value": "",
- "required": false
- },
- {
- "displayName": "Datasource Minimum Pool Size",
- "description": "Sets xa-pool/min-pool-size for the configured datasource.",
- "name": "DB_MIN_POOL_SIZE",
- "required": false
- },
- {
- "displayName": "Datasource Maximum Pool Size",
- "description": "Sets xa-pool/max-pool-size for the configured datasource.",
- "name": "DB_MAX_POOL_SIZE",
- "required": false
- },
- {
- "displayName": "Datasource Transaction Isolation",
- "description": "Sets transaction-isolation for the configured datasource.",
- "name": "DB_TX_ISOLATION",
- "required": false
- },
- {
- "displayName": "MySQL Lower Case Table Names",
- "description": "Sets how the table names are stored and compared.",
- "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
- "required": false
- },
- {
- "displayName": "MySQL Maximum number of connections",
- "description": "The maximum permitted number of simultaneous client connections.",
- "name": "MYSQL_MAX_CONNECTIONS",
- "required": false
- },
- {
- "displayName": "MySQL FullText Minimum Word Length",
- "description": "The minimum length of the word to be included in a FULLTEXT index.",
- "name": "MYSQL_FT_MIN_WORD_LEN",
- "required": false
- },
- {
- "displayName": "MySQL FullText Maximum Word Length",
- "description": "The maximum length of the word to be included in a FULLTEXT index.",
- "name": "MYSQL_FT_MAX_WORD_LEN",
- "required": false
- },
- {
- "displayName": "MySQL AIO",
- "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
- "name": "MYSQL_AIO",
- "required": false
- },
- {
- "displayName": "Database Username",
- "description": "Database user name",
- "name": "DB_USERNAME",
- "from": "user[a-zA-Z0-9]{3}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Database Password",
- "description": "Database user password",
- "name": "DB_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "JWS Admin Username",
- "description": "JWS Admin User",
- "name": "JWS_ADMIN_USERNAME",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "JWS Admin Password",
- "description": "JWS Admin Password",
- "name": "JWS_ADMIN_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Github Webhook Secret",
- "description": "GitHub trigger secret",
- "name": "GITHUB_WEBHOOK_SECRET",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Generic Webhook Secret",
- "description": "Generic build trigger secret",
- "name": "GENERIC_WEBHOOK_SECRET",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "ImageStream Namespace",
- "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
- "name": "IMAGE_STREAM_NAMESPACE",
- "value": "openshift",
- "required": true
- },
- {
- "displayName": "Maven mirror URL",
- "description": "Maven mirror to use for S2I builds",
- "name": "MAVEN_MIRROR_URL",
- "value": "",
- "required": false
- },
- {
- "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
- "name": "ARTIFACT_DIR",
- "value": "",
- "required": false
- },
- {
- "displayName": "MySQL Image Stream Tag",
- "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
- "name": "MYSQL_IMAGE_STREAM_TAG",
- "value": "5.7",
- "required": true
- }
- ],
- "objects": [
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 8080,
- "targetPort": 8080
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The web server's http port.",
- "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
- }
- }
- },
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 8443,
- "targetPort": 8443
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- }
- },
- "metadata": {
- "name": "secure-${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The web server's https port.",
- "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
- }
- }
- },
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 3306,
- "targetPort": 3306
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}-mysql"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}-mysql",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The database server's port."
- }
- }
- },
- {
- "kind": "Route",
- "apiVersion": "v1",
- "id": "${APPLICATION_NAME}-http",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "Route for application's http service."
- }
- },
- "spec": {
- "host": "${HOSTNAME_HTTP}",
- "to": {
- "name": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "kind": "Route",
- "apiVersion": "v1",
- "id": "${APPLICATION_NAME}-https",
- "metadata": {
- "name": "secure-${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "Route for application's https service."
- }
- },
- "spec": {
- "host": "${HOSTNAME_HTTPS}",
- "to": {
- "name": "secure-${APPLICATION_NAME}"
- },
- "tls": {
- "termination": "passthrough"
- }
- }
- },
- {
- "kind": "ImageStream",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "kind": "BuildConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "source": {
- "type": "Git",
- "git": {
- "uri": "${SOURCE_REPOSITORY_URL}",
- "ref": "${SOURCE_REPOSITORY_REF}"
- },
- "contextDir": "${CONTEXT_DIR}"
- },
- "strategy": {
- "type": "Source",
- "sourceStrategy": {
- "env": [
- {
- "name": "MAVEN_MIRROR_URL",
- "value": "${MAVEN_MIRROR_URL}"
- },
- {
- "name": "ARTIFACT_DIR",
- "value": "${ARTIFACT_DIR}"
- }
- ],
- "forcePull": true,
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat8-openshift:1.3"
- }
- }
- },
- "output": {
- "to": {
- "kind": "ImageStreamTag",
- "name": "${APPLICATION_NAME}:latest"
- }
- },
- "triggers": [
- {
- "type": "GitHub",
- "github": {
- "secret": "${GITHUB_WEBHOOK_SECRET}"
- }
- },
- {
- "type": "Generic",
- "generic": {
- "secret": "${GENERIC_WEBHOOK_SECRET}"
- }
- },
- {
- "type": "ImageChange",
- "imageChange": {}
- },
- {
- "type": "ConfigChange"
- }
- ]
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}"
- ],
- "from": {
- "kind": "ImageStreamTag",
- "name": "${APPLICATION_NAME}:latest"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}",
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "serviceAccountName": "jws-service-account",
- "terminationGracePeriodSeconds": 60,
- "containers": [
- {
- "name": "${APPLICATION_NAME}",
- "image": "${APPLICATION_NAME}",
- "imagePullPolicy": "Always",
- "readinessProbe": {
- "exec": {
- "command": [
- "/bin/bash",
- "-c",
- "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
- ]
- }
- },
- "volumeMounts": [
- {
- "name": "jws-certificate-volume",
- "mountPath": "/etc/jws-secret-volume",
- "readOnly": true
- }
- ],
- "ports": [
- {
- "name": "jolokia",
- "containerPort": 8778,
- "protocol": "TCP"
- },
- {
- "name": "http",
- "containerPort": 8080,
- "protocol": "TCP"
- },
- {
- "name": "https",
- "containerPort": 8443,
- "protocol": "TCP"
- }
- ],
- "env": [
- {
- "name": "DB_SERVICE_PREFIX_MAPPING",
- "value": "${APPLICATION_NAME}-mysql=DB"
- },
- {
- "name": "DB_JNDI",
- "value": "${DB_JNDI}"
- },
- {
- "name": "DB_USERNAME",
- "value": "${DB_USERNAME}"
- },
- {
- "name": "DB_PASSWORD",
- "value": "${DB_PASSWORD}"
- },
- {
- "name": "DB_DATABASE",
- "value": "${DB_DATABASE}"
- },
- {
- "name": "DB_MIN_POOL_SIZE",
- "value": "${DB_MIN_POOL_SIZE}"
- },
- {
- "name": "DB_MAX_POOL_SIZE",
- "value": "${DB_MAX_POOL_SIZE}"
- },
- {
- "name": "DB_TX_ISOLATION",
- "value": "${DB_TX_ISOLATION}"
- },
- {
- "name": "JWS_HTTPS_CERTIFICATE_DIR",
- "value": "/etc/jws-secret-volume"
- },
- {
- "name": "JWS_HTTPS_CERTIFICATE",
- "value": "${JWS_HTTPS_CERTIFICATE}"
- },
- {
- "name": "JWS_HTTPS_CERTIFICATE_KEY",
- "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
- },
- {
- "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
- "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
- },
- {
- "name": "JWS_ADMIN_USERNAME",
- "value": "${JWS_ADMIN_USERNAME}"
- },
- {
- "name": "JWS_ADMIN_PASSWORD",
- "value": "${JWS_ADMIN_PASSWORD}"
- }
- ]
- }
- ],
- "volumes": [
- {
- "name": "jws-certificate-volume",
- "secret": {
- "secretName": "${JWS_HTTPS_SECRET}"
- }
- }
- ]
- }
- }
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}-mysql",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}-mysql"
- ],
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}-mysql"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}-mysql",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}-mysql",
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "terminationGracePeriodSeconds": 60,
- "containers": [
- {
- "name": "${APPLICATION_NAME}-mysql",
- "image": "mysql",
- "ports": [
- {
- "containerPort": 3306,
- "protocol": "TCP"
- }
- ],
- "env": [
- {
- "name": "MYSQL_USER",
- "value": "${DB_USERNAME}"
- },
- {
- "name": "MYSQL_PASSWORD",
- "value": "${DB_PASSWORD}"
- },
- {
- "name": "MYSQL_DATABASE",
- "value": "${DB_DATABASE}"
- },
- {
- "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
- "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
- },
- {
- "name": "MYSQL_MAX_CONNECTIONS",
- "value": "${MYSQL_MAX_CONNECTIONS}"
- },
- {
- "name": "MYSQL_FT_MIN_WORD_LEN",
- "value": "${MYSQL_FT_MIN_WORD_LEN}"
- },
- {
- "name": "MYSQL_FT_MAX_WORD_LEN",
- "value": "${MYSQL_FT_MAX_WORD_LEN}"
- },
- {
- "name": "MYSQL_AIO",
- "value": "${MYSQL_AIO}"
- }
- ]
- }
- ]
- }
- }
- }
- }
- ]
-}
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws30-tomcat8-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws30-tomcat8-postgresql-persistent-s2i.json
deleted file mode 100644
index f117e6624..000000000
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws30-tomcat8-postgresql-persistent-s2i.json
+++ /dev/null
@@ -1,692 +0,0 @@
-{
- "kind": "Template",
- "apiVersion": "v1",
- "metadata": {
- "annotations": {
- "iconClass": "icon-tomcat",
- "description": "Application template for JWS PostgreSQL applications with persistent storage built using S2I.",
- "tags": "tomcat,tomcat8,java,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 8 + PostgreSQL (Persistent with https)"
- },
- "name": "jws30-tomcat8-postgresql-persistent-s2i"
- },
- "labels": {
- "template": "jws30-tomcat8-postgresql-persistent-s2i",
- "xpaas": "1.4.0"
- },
- "message": "A new persistent JWS application for Tomcat 8 (using PostgreSQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the PostgreSQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
- "parameters": [
- {
- "displayName": "Application Name",
- "description": "The name for the application.",
- "name": "APPLICATION_NAME",
- "value": "jws-app",
- "required": true
- },
- {
- "displayName": "Custom http Route Hostname",
- "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
- "name": "HOSTNAME_HTTP",
- "value": "",
- "required": false
- },
- {
- "displayName": "Custom https Route Hostname",
- "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
- "name": "HOSTNAME_HTTPS",
- "value": "",
- "required": false
- },
- {
- "displayName": "Git Repository URL",
- "description": "Git source URI for application",
- "name": "SOURCE_REPOSITORY_URL",
- "value": "https://github.com/jboss-openshift/openshift-quickstarts",
- "required": true
- },
- {
- "displayName": "Git Reference",
- "description": "Git branch/tag reference",
- "name": "SOURCE_REPOSITORY_REF",
- "value": "1.2",
- "required": false
- },
- {
- "displayName": "Context Directory",
- "description": "Path within Git project to build; empty for root project directory.",
- "name": "CONTEXT_DIR",
- "value": "todolist/todolist-jdbc",
- "required": false
- },
- {
- "displayName": "Database JNDI Name",
- "description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/postgresqlDS",
- "name": "DB_JNDI",
- "value": "jboss/datasources/defaultDS",
- "required": false
- },
- {
- "displayName": "Database Name",
- "description": "Database name",
- "name": "DB_DATABASE",
- "value": "root",
- "required": true
- },
- {
- "displayName": "Database Volume Capacity",
- "description": "Size of persistent storage for database volume.",
- "name": "VOLUME_CAPACITY",
- "value": "512Mi",
- "required": true
- },
- {
- "displayName": "Secret Name",
- "description": "The name of the secret containing the certificate files",
- "name": "JWS_HTTPS_SECRET",
- "value": "jws-app-secret",
- "required": true
- },
- {
- "displayName": "Certificate Name",
- "description": "The name of the certificate file within the secret",
- "name": "JWS_HTTPS_CERTIFICATE",
- "value": "server.crt",
- "required": false
- },
- {
- "displayName": "Certificate Key Name",
- "description": "The name of the certificate key file within the secret",
- "name": "JWS_HTTPS_CERTIFICATE_KEY",
- "value": "server.key",
- "required": false
- },
- {
- "displayName": "Certificate Password",
- "description": "The certificate password",
- "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
- "value": "",
- "required": false
- },
- {
- "displayName": "Datasource Minimum Pool Size",
- "description": "Sets xa-pool/min-pool-size for the configured datasource.",
- "name": "DB_MIN_POOL_SIZE",
- "required": false
- },
- {
- "displayName": "Datasource Maximum Pool Size",
- "description": "Sets xa-pool/max-pool-size for the configured datasource.",
- "name": "DB_MAX_POOL_SIZE",
- "required": false
- },
- {
- "displayName": "Datasource Transaction Isolation",
- "description": "Sets transaction-isolation for the configured datasource.",
- "name": "DB_TX_ISOLATION",
- "required": false
- },
- {
- "displayName": "PostgreSQL Maximum number of connections",
- "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
- "name": "POSTGRESQL_MAX_CONNECTIONS",
- "required": false
- },
- {
- "displayName": "PostgreSQL Shared Buffers",
- "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
- "name": "POSTGRESQL_SHARED_BUFFERS",
- "required": false
- },
- {
- "displayName": "Database Username",
- "description": "Database user name",
- "name": "DB_USERNAME",
- "from": "user[a-zA-Z0-9]{3}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Database Password",
- "description": "Database user password",
- "name": "DB_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "JWS Admin Username",
- "description": "JWS Admin User",
- "name": "JWS_ADMIN_USERNAME",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "JWS Admin Password",
- "description": "JWS Admin Password",
- "name": "JWS_ADMIN_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Github Webhook Secret",
- "description": "GitHub trigger secret",
- "name": "GITHUB_WEBHOOK_SECRET",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Generic Webhook Secret",
- "description": "Generic build trigger secret",
- "name": "GENERIC_WEBHOOK_SECRET",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "ImageStream Namespace",
- "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
- "name": "IMAGE_STREAM_NAMESPACE",
- "value": "openshift",
- "required": true
- },
- {
- "displayName": "Maven mirror URL",
- "description": "Maven mirror to use for S2I builds",
- "name": "MAVEN_MIRROR_URL",
- "value": "",
- "required": false
- },
- {
- "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
- "name": "ARTIFACT_DIR",
- "value": "",
- "required": false
- },
- {
- "displayName": "PostgreSQL Image Stream Tag",
- "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
- "name": "POSTGRESQL_IMAGE_STREAM_TAG",
- "value": "9.5",
- "required": true
- }
- ],
- "objects": [
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 8080,
- "targetPort": 8080
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The web server's http port.",
- "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
- }
- }
- },
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 8443,
- "targetPort": 8443
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- }
- },
- "metadata": {
- "name": "secure-${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The web server's https port.",
- "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
- }
- }
- },
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 5432,
- "targetPort": 5432
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}-postgresql"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}-postgresql",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The database server's port."
- }
- }
- },
- {
- "kind": "Route",
- "apiVersion": "v1",
- "id": "${APPLICATION_NAME}-http",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "Route for application's http service."
- }
- },
- "spec": {
- "host": "${HOSTNAME_HTTP}",
- "to": {
- "name": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "kind": "Route",
- "apiVersion": "v1",
- "id": "${APPLICATION_NAME}-https",
- "metadata": {
- "name": "secure-${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "Route for application's https service."
- }
- },
- "spec": {
- "host": "${HOSTNAME_HTTPS}",
- "to": {
- "name": "secure-${APPLICATION_NAME}"
- },
- "tls": {
- "termination": "passthrough"
- }
- }
- },
- {
- "kind": "ImageStream",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "kind": "BuildConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "source": {
- "type": "Git",
- "git": {
- "uri": "${SOURCE_REPOSITORY_URL}",
- "ref": "${SOURCE_REPOSITORY_REF}"
- },
- "contextDir": "${CONTEXT_DIR}"
- },
- "strategy": {
- "type": "Source",
- "sourceStrategy": {
- "env": [
- {
- "name": "MAVEN_MIRROR_URL",
- "value": "${MAVEN_MIRROR_URL}"
- },
- {
- "name": "ARTIFACT_DIR",
- "value": "${ARTIFACT_DIR}"
- }
- ],
- "forcePull": true,
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat8-openshift:1.3"
- }
- }
- },
- "output": {
- "to": {
- "kind": "ImageStreamTag",
- "name": "${APPLICATION_NAME}:latest"
- }
- },
- "triggers": [
- {
- "type": "GitHub",
- "github": {
- "secret": "${GITHUB_WEBHOOK_SECRET}"
- }
- },
- {
- "type": "Generic",
- "generic": {
- "secret": "${GENERIC_WEBHOOK_SECRET}"
- }
- },
- {
- "type": "ImageChange",
- "imageChange": {}
- },
- {
- "type": "ConfigChange"
- }
- ]
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}"
- ],
- "from": {
- "kind": "ImageStreamTag",
- "name": "${APPLICATION_NAME}:latest"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}",
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "serviceAccountName": "jws-service-account",
- "terminationGracePeriodSeconds": 60,
- "containers": [
- {
- "name": "${APPLICATION_NAME}",
- "image": "${APPLICATION_NAME}",
- "imagePullPolicy": "Always",
- "readinessProbe": {
- "exec": {
- "command": [
- "/bin/bash",
- "-c",
- "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
- ]
- }
- },
- "volumeMounts": [
- {
- "name": "jws-certificate-volume",
- "mountPath": "/etc/jws-secret-volume",
- "readOnly": true
- }
- ],
- "ports": [
- {
- "name": "jolokia",
- "containerPort": 8778,
- "protocol": "TCP"
- },
- {
- "name": "http",
- "containerPort": 8080,
- "protocol": "TCP"
- },
- {
- "name": "https",
- "containerPort": 8443,
- "protocol": "TCP"
- }
- ],
- "env": [
- {
- "name": "DB_SERVICE_PREFIX_MAPPING",
- "value": "${APPLICATION_NAME}-postgresql=DB"
- },
- {
- "name": "DB_JNDI",
- "value": "${DB_JNDI}"
- },
- {
- "name": "DB_USERNAME",
- "value": "${DB_USERNAME}"
- },
- {
- "name": "DB_PASSWORD",
- "value": "${DB_PASSWORD}"
- },
- {
- "name": "DB_DATABASE",
- "value": "${DB_DATABASE}"
- },
- {
- "name": "DB_MIN_POOL_SIZE",
- "value": "${DB_MIN_POOL_SIZE}"
- },
- {
- "name": "DB_MAX_POOL_SIZE",
- "value": "${DB_MAX_POOL_SIZE}"
- },
- {
- "name": "DB_TX_ISOLATION",
- "value": "${DB_TX_ISOLATION}"
- },
- {
- "name": "JWS_HTTPS_CERTIFICATE_DIR",
- "value": "/etc/jws-secret-volume"
- },
- {
- "name": "JWS_HTTPS_CERTIFICATE",
- "value": "${JWS_HTTPS_CERTIFICATE}"
- },
- {
- "name": "JWS_HTTPS_CERTIFICATE_KEY",
- "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
- },
- {
- "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
- "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
- },
- {
- "name": "JWS_ADMIN_USERNAME",
- "value": "${JWS_ADMIN_USERNAME}"
- },
- {
- "name": "JWS_ADMIN_PASSWORD",
- "value": "${JWS_ADMIN_PASSWORD}"
- }
- ]
- }
- ],
- "volumes": [
- {
- "name": "jws-certificate-volume",
- "secret": {
- "secretName": "${JWS_HTTPS_SECRET}"
- }
- }
- ]
- }
- }
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}-postgresql",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}-postgresql"
- ],
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}-postgresql"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}-postgresql",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}-postgresql",
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "terminationGracePeriodSeconds": 60,
- "containers": [
- {
- "name": "${APPLICATION_NAME}-postgresql",
- "image": "postgresql",
- "ports": [
- {
- "containerPort": 5432,
- "protocol": "TCP"
- }
- ],
- "volumeMounts": [
- {
- "mountPath": "/var/lib/pgsql/data",
- "name": "${APPLICATION_NAME}-postgresql-pvol"
- }
- ],
- "env": [
- {
- "name": "POSTGRESQL_USER",
- "value": "${DB_USERNAME}"
- },
- {
- "name": "POSTGRESQL_PASSWORD",
- "value": "${DB_PASSWORD}"
- },
- {
- "name": "POSTGRESQL_DATABASE",
- "value": "${DB_DATABASE}"
- },
- {
- "name": "POSTGRESQL_MAX_CONNECTIONS",
- "value": "${POSTGRESQL_MAX_CONNECTIONS}"
- },
- {
- "name": "POSTGRESQL_MAX_PREPARED_TRANSACTIONS",
- "value": "${POSTGRESQL_MAX_CONNECTIONS}"
- },
- {
- "name": "POSTGRESQL_SHARED_BUFFERS",
- "value": "${POSTGRESQL_SHARED_BUFFERS}"
- }
- ]
- }
- ],
- "volumes": [
- {
- "name": "${APPLICATION_NAME}-postgresql-pvol",
- "persistentVolumeClaim": {
- "claimName": "${APPLICATION_NAME}-postgresql-claim"
- }
- }
- ]
- }
- }
- }
- },
- {
- "apiVersion": "v1",
- "kind": "PersistentVolumeClaim",
- "metadata": {
- "name": "${APPLICATION_NAME}-postgresql-claim",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "accessModes": [
- "ReadWriteOnce"
- ],
- "resources": {
- "requests": {
- "storage": "${VOLUME_CAPACITY}"
- }
- }
- }
- }
- ]
-}
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws30-tomcat8-postgresql-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws30-tomcat8-postgresql-s2i.json
deleted file mode 100644
index faece1269..000000000
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws30-tomcat8-postgresql-s2i.json
+++ /dev/null
@@ -1,649 +0,0 @@
-{
- "kind": "Template",
- "apiVersion": "v1",
- "metadata": {
- "annotations": {
- "iconClass": "icon-tomcat",
- "description": "Application template for JWS PostgreSQL applications built using S2I.",
- "tags": "tomcat,tomcat8,java,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 8 + (PostgreSQL with https)"
- },
- "name": "jws30-tomcat8-postgresql-s2i"
- },
- "labels": {
- "template": "jws30-tomcat8-postgresql-s2i",
- "xpaas": "1.4.0"
- },
- "message": "A new JWS application for Tomcat 8 (using PostgreSQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the PostgreSQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
- "parameters": [
- {
- "displayName": "Application Name",
- "description": "The name for the application.",
- "name": "APPLICATION_NAME",
- "value": "jws-app",
- "required": true
- },
- {
- "displayName": "Custom http Route Hostname",
- "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
- "name": "HOSTNAME_HTTP",
- "value": "",
- "required": false
- },
- {
- "displayName": "Custom https Route Hostname",
- "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
- "name": "HOSTNAME_HTTPS",
- "value": "",
- "required": false
- },
- {
- "displayName": "Git Repository URL",
- "description": "Git source URI for application",
- "name": "SOURCE_REPOSITORY_URL",
- "value": "https://github.com/jboss-openshift/openshift-quickstarts",
- "required": true
- },
- {
- "displayName": "Git Reference",
- "description": "Git branch/tag reference",
- "name": "SOURCE_REPOSITORY_REF",
- "value": "1.2",
- "required": false
- },
- {
- "displayName": "Context Directory",
- "description": "Path within Git project to build; empty for root project directory.",
- "name": "CONTEXT_DIR",
- "value": "todolist/todolist-jdbc",
- "required": false
- },
- {
- "displayName": "Database JNDI Name",
- "description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/postgresqlDS",
- "name": "DB_JNDI",
- "value": "jboss/datasources/defaultDS",
- "required": false
- },
- {
- "displayName": "Database Name",
- "description": "Database name",
- "name": "DB_DATABASE",
- "value": "root",
- "required": true
- },
- {
- "displayName": "Secret Name",
- "description": "The name of the secret containing the certificate files",
- "name": "JWS_HTTPS_SECRET",
- "value": "jws-app-secret",
- "required": true
- },
- {
- "displayName": "Certificate Name",
- "description": "The name of the certificate file within the secret",
- "name": "JWS_HTTPS_CERTIFICATE",
- "value": "server.crt",
- "required": false
- },
- {
- "displayName": "Certificate Key Name",
- "description": "The name of the certificate key file within the secret",
- "name": "JWS_HTTPS_CERTIFICATE_KEY",
- "value": "server.key",
- "required": false
- },
- {
- "displayName": "Certificate Password",
- "description": "The certificate password",
- "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
- "value": "",
- "required": false
- },
- {
- "displayName": "Datasource Minimum Pool Size",
- "description": "Sets xa-pool/min-pool-size for the configured datasource.",
- "name": "DB_MIN_POOL_SIZE",
- "required": false
- },
- {
- "displayName": "Datasource Maximum Pool Size",
- "description": "Sets xa-pool/max-pool-size for the configured datasource.",
- "name": "DB_MAX_POOL_SIZE",
- "required": false
- },
- {
- "displayName": "Datasource Transaction Isolation",
- "description": "Sets transaction-isolation for the configured datasource.",
- "name": "DB_TX_ISOLATION",
- "required": false
- },
- {
- "displayName": "PostgreSQL Maximum number of connections",
- "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
- "name": "POSTGRESQL_MAX_CONNECTIONS",
- "required": false
- },
- {
- "displayName": "PostgreSQL Shared Buffers",
- "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
- "name": "POSTGRESQL_SHARED_BUFFERS",
- "required": false
- },
- {
- "displayName": "Database Username",
- "description": "Database user name",
- "name": "DB_USERNAME",
- "from": "user[a-zA-Z0-9]{3}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Database Password",
- "description": "Database user password",
- "name": "DB_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "JWS Admin Username",
- "description": "JWS Admin User",
- "name": "JWS_ADMIN_USERNAME",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "JWS Admin Password",
- "description": "JWS Admin Password",
- "name": "JWS_ADMIN_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Github Webhook Secret",
- "description": "GitHub trigger secret",
- "name": "GITHUB_WEBHOOK_SECRET",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Generic Webhook Secret",
- "description": "Generic build trigger secret",
- "name": "GENERIC_WEBHOOK_SECRET",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "ImageStream Namespace",
- "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
- "name": "IMAGE_STREAM_NAMESPACE",
- "value": "openshift",
- "required": true
- },
- {
- "displayName": "Maven mirror URL",
- "description": "Maven mirror to use for S2I builds",
- "name": "MAVEN_MIRROR_URL",
- "value": "",
- "required": false
- },
- {
- "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
- "name": "ARTIFACT_DIR",
- "value": "",
- "required": false
- },
- {
- "displayName": "PostgreSQL Image Stream Tag",
- "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
- "name": "POSTGRESQL_IMAGE_STREAM_TAG",
- "value": "9.5",
- "required": true
- }
- ],
- "objects": [
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 8080,
- "targetPort": 8080
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The web server's http port.",
- "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
- }
- }
- },
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 8443,
- "targetPort": 8443
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- }
- },
- "metadata": {
- "name": "secure-${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The web server's https port.",
- "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
- }
- }
- },
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 5432,
- "targetPort": 5432
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}-postgresql"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}-postgresql",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The database server's port."
- }
- }
- },
- {
- "kind": "Route",
- "apiVersion": "v1",
- "id": "${APPLICATION_NAME}-http",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "Route for application's http service."
- }
- },
- "spec": {
- "host": "${HOSTNAME_HTTP}",
- "to": {
- "name": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "kind": "Route",
- "apiVersion": "v1",
- "id": "${APPLICATION_NAME}-https",
- "metadata": {
- "name": "secure-${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "Route for application's https service."
- }
- },
- "spec": {
- "host": "${HOSTNAME_HTTPS}",
- "to": {
- "name": "secure-${APPLICATION_NAME}"
- },
- "tls": {
- "termination": "passthrough"
- }
- }
- },
- {
- "kind": "ImageStream",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "kind": "BuildConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "source": {
- "type": "Git",
- "git": {
- "uri": "${SOURCE_REPOSITORY_URL}",
- "ref": "${SOURCE_REPOSITORY_REF}"
- },
- "contextDir": "${CONTEXT_DIR}"
- },
- "strategy": {
- "type": "Source",
- "sourceStrategy": {
- "env": [
- {
- "name": "MAVEN_MIRROR_URL",
- "value": "${MAVEN_MIRROR_URL}"
- },
- {
- "name": "ARTIFACT_DIR",
- "value": "${ARTIFACT_DIR}"
- }
- ],
- "forcePull": true,
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat8-openshift:1.3"
- }
- }
- },
- "output": {
- "to": {
- "kind": "ImageStreamTag",
- "name": "${APPLICATION_NAME}:latest"
- }
- },
- "triggers": [
- {
- "type": "GitHub",
- "github": {
- "secret": "${GITHUB_WEBHOOK_SECRET}"
- }
- },
- {
- "type": "Generic",
- "generic": {
- "secret": "${GENERIC_WEBHOOK_SECRET}"
- }
- },
- {
- "type": "ImageChange",
- "imageChange": {}
- },
- {
- "type": "ConfigChange"
- }
- ]
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}"
- ],
- "from": {
- "kind": "ImageStreamTag",
- "name": "${APPLICATION_NAME}:latest"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}",
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "serviceAccountName": "jws-service-account",
- "containers": [
- {
- "name": "${APPLICATION_NAME}",
- "image": "${APPLICATION_NAME}",
- "imagePullPolicy": "Always",
- "readinessProbe": {
- "exec": {
- "command": [
- "/bin/bash",
- "-c",
- "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
- ]
- }
- },
- "volumeMounts": [
- {
- "name": "jws-certificate-volume",
- "mountPath": "/etc/jws-secret-volume",
- "readOnly": true
- }
- ],
- "ports": [
- {
- "name": "jolokia",
- "containerPort": 8778,
- "protocol": "TCP"
- },
- {
- "name": "http",
- "containerPort": 8080,
- "protocol": "TCP"
- },
- {
- "name": "https",
- "containerPort": 8443,
- "protocol": "TCP"
- }
- ],
- "env": [
- {
- "name": "DB_SERVICE_PREFIX_MAPPING",
- "value": "${APPLICATION_NAME}-postgresql=DB"
- },
- {
- "name": "DB_JNDI",
- "value": "${DB_JNDI}"
- },
- {
- "name": "DB_USERNAME",
- "value": "${DB_USERNAME}"
- },
- {
- "name": "DB_PASSWORD",
- "value": "${DB_PASSWORD}"
- },
- {
- "name": "DB_DATABASE",
- "value": "${DB_DATABASE}"
- },
- {
- "name": "DB_MIN_POOL_SIZE",
- "value": "${DB_MIN_POOL_SIZE}"
- },
- {
- "name": "DB_MAX_POOL_SIZE",
- "value": "${DB_MAX_POOL_SIZE}"
- },
- {
- "name": "DB_TX_ISOLATION",
- "value": "${DB_TX_ISOLATION}"
- },
- {
- "name": "JWS_HTTPS_CERTIFICATE_DIR",
- "value": "/etc/jws-secret-volume"
- },
- {
- "name": "JWS_HTTPS_CERTIFICATE",
- "value": "${JWS_HTTPS_CERTIFICATE}"
- },
- {
- "name": "JWS_HTTPS_CERTIFICATE_KEY",
- "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
- },
- {
- "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
- "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
- },
- {
- "name": "JWS_ADMIN_USERNAME",
- "value": "${JWS_ADMIN_USERNAME}"
- },
- {
- "name": "JWS_ADMIN_PASSWORD",
- "value": "${JWS_ADMIN_PASSWORD}"
- }
- ]
- }
- ],
- "volumes": [
- {
- "name": "jws-certificate-volume",
- "secret": {
- "secretName": "${JWS_HTTPS_SECRET}"
- }
- }
- ]
- }
- }
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}-postgresql",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}-postgresql"
- ],
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}-postgresql"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}-postgresql",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}-postgresql",
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "containers": [
- {
- "name": "${APPLICATION_NAME}-postgresql",
- "image": "postgresql",
- "ports": [
- {
- "containerPort": 5432,
- "protocol": "TCP"
- }
- ],
- "env": [
- {
- "name": "POSTGRESQL_USER",
- "value": "${DB_USERNAME}"
- },
- {
- "name": "POSTGRESQL_PASSWORD",
- "value": "${DB_PASSWORD}"
- },
- {
- "name": "POSTGRESQL_DATABASE",
- "value": "${DB_DATABASE}"
- },
- {
- "name": "POSTGRESQL_MAX_CONNECTIONS",
- "value": "${POSTGRESQL_MAX_CONNECTIONS}"
- },
- {
- "name": "POSTGRESQL_MAX_PREPARED_TRANSACTIONS",
- "value": "${POSTGRESQL_MAX_CONNECTIONS}"
- },
- {
- "name": "POSTGRESQL_SHARED_BUFFERS",
- "value": "${POSTGRESQL_SHARED_BUFFERS}"
- }
- ]
- }
- ]
- }
- }
- }
- }
- ]
-}
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws31-tomcat7-basic-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws31-tomcat7-basic-s2i.json
index 6db6e8cc6..42e352538 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws31-tomcat7-basic-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws31-tomcat7-basic-s2i.json
@@ -3,19 +3,20 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "iconClass": "icon-tomcat",
+ "iconClass": "icon-rh-tomcat",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
"description": "Application template for JWS applications built using S2I.",
- "tags": "tomcat,tomcat7,java,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 7 (no https)"
+ "tags": "tomcat,tomcat7,java,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Web Server 3.1 Apache Tomcat 7 (no https)"
},
"name": "jws31-tomcat7-basic-s2i"
},
"labels": {
"template": "jws31-tomcat7-basic-s2i",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
- "message": "A new JWS application for Tomcat 7 has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}.",
+ "message": "A new JWS application for Apache Tomcat 7 has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}.",
"parameters": [
{
"displayName": "Application Name",
@@ -195,7 +196,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver31-tomcat7-openshift:1.0"
+ "name": "jboss-webserver31-tomcat7-openshift:1.1"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws31-tomcat7-https-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws31-tomcat7-https-s2i.json
index fd5fca316..b0a81d9c3 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws31-tomcat7-https-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws31-tomcat7-https-s2i.json
@@ -3,19 +3,24 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "iconClass": "icon-tomcat",
- "description": "Application template for JWS applications built using S2I.",
- "tags": "tomcat,tomcat7,java,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 7 (with https)"
+ "iconClass": "icon-rh-tomcat",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example JBoss Web Server application configured for use with https. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "tags": "tomcat,tomcat7,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Web Server 3.1 Apache Tomcat 7 (with https)",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat JBoss Web Server 3.1 Apache Tomcat 7 based application, including a build configuration, and application deployment configuration. This also illustrations how to connect to the web applicaiton using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-web-server/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+
},
"name": "jws31-tomcat7-https-s2i"
},
"labels": {
"template": "jws31-tomcat7-https-s2i",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
- "message": "A new JWS application for Tomcat 7 has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "message": "A new JWS application for Apache Tomcat 7 has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
"displayName": "Application Name",
@@ -277,7 +282,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver31-tomcat7-openshift:1.0"
+ "name": "jboss-webserver31-tomcat7-openshift:1.1"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws31-tomcat7-mongodb-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws31-tomcat7-mongodb-persistent-s2i.json
index 6bbea8ab8..565f97822 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws31-tomcat7-mongodb-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws31-tomcat7-mongodb-persistent-s2i.json
@@ -3,19 +3,23 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "iconClass": "icon-tomcat",
- "description": "Application template for JWS MongoDB applications with persistent storage built using S2I.",
- "tags": "tomcat,tomcat7,java,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 7 + MongoDB (Persistent with https)"
+ "iconClass": "icon-rh-tomcat",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "tags": "tomcat,tomcat7,java,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Web Server 3.1 Apache Tomcat 7 + MongoDB (with https)",
+ "description": "An example JBoss Web Server application with a MongoDB database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat JBoss Web Server 3.1 Apache Tomcat 7 based application, including a build configuration, application deployment configuration, database deployment configuration for MongoDB using persistence and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-web-server/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
},
"name": "jws31-tomcat7-mongodb-persistent-s2i"
},
"labels": {
"template": "jws31-tomcat7-mongodb-persistent-s2i",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
- "message": "A new persistent JWS application for Tomcat 7 (using MongoDB) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MongoDB database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "message": "A new persistent JWS application for Apache Tomcat 7 (using MongoDB) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MongoDB database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
"displayName": "Application Name",
@@ -391,7 +395,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver31-tomcat7-openshift:1.0"
+ "name": "jboss-webserver31-tomcat7-openshift:1.1"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws31-tomcat7-mongodb-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws31-tomcat7-mongodb-s2i.json
index a565ee4c0..fc473f5c3 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws31-tomcat7-mongodb-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws31-tomcat7-mongodb-s2i.json
@@ -3,19 +3,20 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "iconClass": "icon-tomcat",
+ "iconClass": "icon-rh-tomcat",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
"description": "Application template for JWS MongoDB applications built using S2I.",
- "tags": "tomcat,tomcat7,java,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 7 + MongoDB (Ephemeral with https)"
+ "tags": "tomcat,tomcat7,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Web Server 3.1 Apache Tomcat 7 + MongoDB (Ephemeral with https)"
},
"name": "jws31-tomcat7-mongodb-s2i"
},
"labels": {
"template": "jws31-tomcat7-mongodb-s2i",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
- "message": "A new JWS application for Tomcat 7 (using MongoDB) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MongoDB database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "message": "A new JWS application for Apache Tomcat 7 (using MongoDB) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MongoDB database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
"displayName": "Application Name",
@@ -384,7 +385,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver31-tomcat7-openshift:1.0"
+ "name": "jboss-webserver31-tomcat7-openshift:1.1"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws31-tomcat7-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws31-tomcat7-mysql-persistent-s2i.json
index be6899958..1223acd0f 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws31-tomcat7-mysql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws31-tomcat7-mysql-persistent-s2i.json
@@ -3,19 +3,24 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "iconClass": "icon-tomcat",
- "description": "Application template for JWS MySQL applications with persistent storage built using S2I.",
- "tags": "tomcat,tomcat7,java,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 7 + MySQL (Persistent with https)"
+ "iconClass": "icon-rh-tomcat",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "tags": "tomcat,tomcat7,java,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Apache Tomcat 7 + MySQL (with https)",
+ "description": "An example JBoss Web Server application with a MySQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat JBoss Web Server 3.1 Apache Tomcat 7 based application, including a build configuration, application deployment configuration, database deployment configuration for MySQL using persistence and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-web-server/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+
},
"name": "jws31-tomcat7-mysql-persistent-s2i"
},
"labels": {
"template": "jws31-tomcat7-mysql-persistent-s2i",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
- "message": "A new persistent JWS application for Tomcat 7 (using MySQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "message": "A new persistent JWS application for Apache Tomcat 7 (using MySQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
"displayName": "Application Name",
@@ -395,7 +400,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver31-tomcat7-openshift:1.0"
+ "name": "jboss-webserver31-tomcat7-openshift:1.1"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws31-tomcat7-mysql-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws31-tomcat7-mysql-s2i.json
index 2983cc905..39becd41e 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws31-tomcat7-mysql-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws31-tomcat7-mysql-s2i.json
@@ -3,19 +3,20 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "iconClass": "icon-tomcat",
+ "iconClass": "icon-rh-tomcat",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
"description": "Application template for JWS MySQL applications built using S2I.",
- "tags": "tomcat,tomcat7,java,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 7 + MySQL (Ephemeral with https)"
+ "tags": "tomcat,tomcat7,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Web Server 3.1 Apache Tomcat 7 + MySQL (Ephemeral with https)"
},
"name": "jws31-tomcat7-mysql-s2i"
},
"labels": {
"template": "jws31-tomcat7-mysql-s2i",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
- "message": "A new JWS application for Tomcat 7 (using MySQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "message": "A new JWS application for Apache Tomcat 7 (using MySQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
"displayName": "Application Name",
@@ -388,7 +389,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver31-tomcat7-openshift:1.0"
+ "name": "jboss-webserver31-tomcat7-openshift:1.1"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws31-tomcat7-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws31-tomcat7-postgresql-persistent-s2i.json
index cc5ea452c..77f4f8c9f 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws31-tomcat7-postgresql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws31-tomcat7-postgresql-persistent-s2i.json
@@ -3,19 +3,23 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "iconClass": "icon-tomcat",
- "description": "Application template for JWS PostgreSQL applications with persistent storage built using S2I.",
- "tags": "tomcat,tomcat7,java,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 7 + PostgreSQL (Persistent with https)"
+ "iconClass": "icon-rh-tomcat",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "tags": "tomcat,tomcat7,java,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Web Server 3.1 Apache Tomcat 7 + PostgreSQL (with https)",
+ "description": "An example JBoss Web Server application with a PostgreSQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat JBoss Web Server 3.1 Apache Tomcat 8 based application, including a build configuration, application deployment configuration, database deployment configuration for PostgreSQL using persistence and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-web-server/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
},
"name": "jws31-tomcat7-postgresql-persistent-s2i"
},
"labels": {
"template": "jws31-tomcat7-postgresql-persistent-s2i",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
- "message": "A new persistent JWS application for Tomcat 7 (using PostgreSQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the PostgreSQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "message": "A new persistent JWS application for Apache Tomcat 7 (using PostgreSQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the PostgreSQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
"displayName": "Application Name",
@@ -377,7 +381,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver31-tomcat7-openshift:1.0"
+ "name": "jboss-webserver31-tomcat7-openshift:1.1"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws31-tomcat7-postgresql-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws31-tomcat7-postgresql-s2i.json
index bd23e1558..6d1d7aef7 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws31-tomcat7-postgresql-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws31-tomcat7-postgresql-s2i.json
@@ -3,19 +3,20 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "iconClass": "icon-tomcat",
+ "iconClass": "icon-rh-tomcat",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
"description": "Application template for JWS PostgreSQL applications built using S2I.",
- "tags": "tomcat,tomcat7,java,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 7 + PostgreSQL (Ephemeral with https)"
+ "tags": "tomcat,tomcat7,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Web Server 3.1 Apache Tomcat 7 + PostgreSQL (Ephemeral with https)"
},
"name": "jws31-tomcat7-postgresql-s2i"
},
"labels": {
"template": "jws31-tomcat7-postgresql-s2i",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
- "message": "A new JWS application for Tomcat 7 (using PostgreSQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the PostgreSQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "message": "A new JWS application for Apache Tomcat 7 (using PostgreSQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the PostgreSQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
"displayName": "Application Name",
@@ -370,7 +371,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver31-tomcat7-openshift:1.0"
+ "name": "jboss-webserver31-tomcat7-openshift:1.1"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws31-tomcat8-basic-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws31-tomcat8-basic-s2i.json
index f3a5786f6..9e7dc3488 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws31-tomcat8-basic-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws31-tomcat8-basic-s2i.json
@@ -3,19 +3,23 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "iconClass": "icon-tomcat",
- "description": "Application template for JWS applications built using S2I.",
- "tags": "tomcat,tomcat8,java,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 8 (no https)"
+ "iconClass": "icon-rh-tomcat",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "tags": "tomcat,tomcat8,java,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Web Server 3.1 Apache Tomcat 8 (no https)",
+ "description": "An example JBoss Web Server application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat JBoss Web Server 3.1 Apache Tomcat 8 based application, including a build configuration, and an application deployment configuration.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-web-server/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
},
"name": "jws31-tomcat8-basic-s2i"
},
"labels": {
"template": "jws31-tomcat8-basic-s2i",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
- "message": "A new JWS application for Tomcat 8 has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}.",
+ "message": "A new JWS application for Apache Tomcat 8 has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}.",
"parameters": [
{
"displayName": "Application Name",
@@ -195,7 +199,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver31-tomcat8-openshift:1.0"
+ "name": "jboss-webserver31-tomcat8-openshift:1.1"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws31-tomcat8-https-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws31-tomcat8-https-s2i.json
index 634948a80..8fd5d9fab 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws31-tomcat8-https-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws31-tomcat8-https-s2i.json
@@ -3,19 +3,24 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "iconClass": "icon-tomcat",
- "description": "Application template for JWS applications built using S2I.",
- "tags": "tomcat,tomcat8,java,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 8 (with https)"
+ "iconClass": "icon-rh-tomcat",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "tags": "tomcat,tomcat8,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Web Server 3.1 Apache Tomcat 8 (with https)",
+ "description": "An example JBoss Web Server application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat JBoss Web Server 3.1 Apache Tomcat 8 based application, including a build configuration, application deployment configuration, and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-web-server/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+
},
"name": "jws31-tomcat8-https-s2i"
},
"labels": {
"template": "jws31-tomcat8-https-s2i",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
- "message": "A new JWS application for Tomcat 8 has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "message": "A new JWS application for Apache Tomcat 8 has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
"displayName": "Application Name",
@@ -277,7 +282,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver31-tomcat8-openshift:1.0"
+ "name": "jboss-webserver31-tomcat8-openshift:1.1"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws31-tomcat8-mongodb-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws31-tomcat8-mongodb-persistent-s2i.json
index 1ad60d8cc..f4b11ccfa 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws31-tomcat8-mongodb-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws31-tomcat8-mongodb-persistent-s2i.json
@@ -3,18 +3,23 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "iconClass": "icon-tomcat",
- "description": "Application template for JWS MongoDB applications with persistent storage built using S2I.",
- "tags": "tomcat,tomcat8,java,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 8 + MongoDB (Persistent with https)"
+ "tags": "tomcat,tomcat8,java,jboss",
+ "version": "1.4.7",
+ "iconClass": "icon-rh-tomcat",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "openshift.io/display-name": "JBoss Web Server 3.1 Apache Tomcat 8 + MongoDB (with https)",
+ "description": "An example JBoss Web Server application with a MongoDB database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat JBoss Web Server 3.1 Apache Tomcat 8 based application, including a build configuration, application deployment configuration, database deployment configuration for MongoDB using persistence and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-web-server/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+
},
"name": "jws31-tomcat8-mongodb-persistent-s2i"
},
- "message": "A new persistent JWS application for Tomcat 8 (using MongoDB) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MongoDB database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "message": "A new persistent JWS application for Apache Tomcat 8 (using MongoDB) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MongoDB database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"labels": {
"template": "jws31-tomcat8-mongodb-persistent-s2i",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
"parameters": [
{
@@ -391,7 +396,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver31-tomcat8-openshift:1.0"
+ "name": "jboss-webserver31-tomcat8-openshift:1.1"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws31-tomcat8-mongodb-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws31-tomcat8-mongodb-s2i.json
index f3e918afc..e2f69f157 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws31-tomcat8-mongodb-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws31-tomcat8-mongodb-s2i.json
@@ -3,19 +3,20 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "iconClass": "icon-tomcat",
+ "iconClass": "icon-rh-tomcat",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
"description": "Application template for JWS MongoDB applications built using S2I.",
- "tags": "tomcat,tomcat8,java,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 8 + MongoDB (Ephemeral with https)"
+ "tags": "tomcat,tomcat8,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Web Server 3.1 Apache Tomcat 8 + MongoDB (Ephemeral with https)"
},
"name": "jws31-tomcat8-mongodb-s2i"
},
"labels": {
"template": "jws31-tomcat8-mongodb-s2i",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
- "message": "A new JWS application for Tomcat 8 (using MongoDB) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MongoDB database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "message": "A new JWS application for Apache Tomcat 8 (using MongoDB) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MongoDB database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
"displayName": "Application Name",
@@ -384,7 +385,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver31-tomcat8-openshift:1.0"
+ "name": "jboss-webserver31-tomcat8-openshift:1.1"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws31-tomcat8-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws31-tomcat8-mysql-persistent-s2i.json
index 08b456440..579071cb1 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws31-tomcat8-mysql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws31-tomcat8-mysql-persistent-s2i.json
@@ -3,19 +3,23 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "iconClass": "icon-tomcat",
- "description": "Application template for JWS MySQL applications with persistent storage built using S2I.",
- "tags": "tomcat,tomcat8,java,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 8 + MySQL (Persistent with https)"
+ "iconClass": "icon-rh-tomcat",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "tags": "tomcat,tomcat8,java,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Web Server 3.1 Apache Tomcat 8 + MySQL (with https)",
+ "description": "An example JBoss Web Server application with a MySQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat JBoss Web Server 3.1 Apache Tomcat 8 based application, including a build configuration, application deployment configuration, database deployment configuration for MySQL using persistence and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-web-server/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
},
"name": "jws31-tomcat8-mysql-persistent-s2i"
},
"labels": {
"template": "jws31-tomcat8-mysql-persistent-s2i",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
- "message": "A new persistent JWS application for Tomcat 8 (using MySQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "message": "A new persistent JWS application for Apache Tomcat 8 (using MySQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
"displayName": "Application Name",
@@ -395,7 +399,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver31-tomcat8-openshift:1.0"
+ "name": "jboss-webserver31-tomcat8-openshift:1.1"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws31-tomcat8-mysql-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws31-tomcat8-mysql-s2i.json
index 260515b73..e84d61608 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws31-tomcat8-mysql-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws31-tomcat8-mysql-s2i.json
@@ -3,19 +3,20 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "iconClass": "icon-tomcat",
+ "iconClass": "icon-rh-tomcat",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
"description": "Application template for JWS MySQL applications built using S2I.",
- "tags": "tomcat,tomcat8,java,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 8 + MySQL (Ephemeral with https)"
+ "tags": "tomcat,tomcat8,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Web Server 3.1 Apache Tomcat 8 + MySQL (Ephemeral with https)"
},
"name": "jws31-tomcat8-mysql-s2i"
},
"labels": {
"template": "jws31-tomcat8-mysql-s2i",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
- "message": "A new JWS application for Tomcat 8 (using MySQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "message": "A new JWS application for Apache Tomcat 8 (using MySQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
"displayName": "Application Name",
@@ -388,7 +389,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver31-tomcat8-openshift:1.0"
+ "name": "jboss-webserver31-tomcat8-openshift:1.1"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws31-tomcat8-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws31-tomcat8-postgresql-persistent-s2i.json
index eef5b6939..83a6ca19b 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws31-tomcat8-postgresql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws31-tomcat8-postgresql-persistent-s2i.json
@@ -3,19 +3,20 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "iconClass": "icon-tomcat",
+ "iconClass": "icon-rh-tomcat",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
"description": "Application template for JWS PostgreSQL applications with persistent storage built using S2I.",
- "tags": "tomcat,tomcat8,java,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 8 + PostgreSQL (Persistent with https)"
+ "tags": "tomcat,tomcat8,java,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Web Server 3.1 Apache Tomcat 8 + PostgreSQL (with https)"
},
"name": "jws31-tomcat8-postgresql-persistent-s2i"
},
"labels": {
"template": "jws31-tomcat8-postgresql-persistent-s2i",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
- "message": "A new persistent JWS application for Tomcat 8 (using PostgreSQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the PostgreSQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "message": "A new persistent JWS application for Apache Tomcat 8 (using PostgreSQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the PostgreSQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
"displayName": "Application Name",
@@ -377,7 +378,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver31-tomcat8-openshift:1.0"
+ "name": "jboss-webserver31-tomcat8-openshift:1.1"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws31-tomcat8-postgresql-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws31-tomcat8-postgresql-s2i.json
index 07ef7218a..e28cf8a04 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws31-tomcat8-postgresql-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/jws31-tomcat8-postgresql-s2i.json
@@ -3,19 +3,20 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "iconClass": "icon-tomcat",
+ "iconClass": "icon-rh-tomcat",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
"description": "Application template for JWS PostgreSQL applications built using S2I.",
- "tags": "tomcat,tomcat8,java,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 8 + (PostgreSQL with https)"
+ "tags": "tomcat,tomcat8,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Web Server 3.0 Apache Tomcat 8 + PostgreSQL (Ephemeral with https)"
},
"name": "jws31-tomcat8-postgresql-s2i"
},
"labels": {
"template": "jws31-tomcat8-postgresql-s2i",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
- "message": "A new JWS application for Tomcat 8 (using PostgreSQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the PostgreSQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "message": "A new JWS application for Apache Tomcat 8 (using PostgreSQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the PostgreSQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
"displayName": "Application Name",
@@ -370,7 +371,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver31-tomcat8-openshift:1.0"
+ "name": "jboss-webserver31-tomcat8-openshift:1.1"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/openjdk18-web-basic-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/openjdk18-web-basic-s2i.json
index a48e204ae..6336f0398 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/openjdk18-web-basic-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/openjdk18-web-basic-s2i.json
@@ -3,17 +3,21 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "iconClass": "icon-jboss",
- "description": "Application template for Java applications built using S2I.",
- "tags": "java,xpaas",
- "version": "1.1.0",
- "openshift.io/display-name": "Red Hat OpenJDK 8"
+ "iconClass": "icon-rh-openjdk",
+ "tags": "java",
+ "version": "1.4.7",
+ "openshift.io/display-name": "OpenJDK 8",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example Java application using OpenJDK 8. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat OpenJDK Java 8 based application.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
},
"name": "openjdk18-web-basic-s2i"
},
"labels": {
"template": "openjdk18-web-basic-s2i",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
"message": "A new java application has been created in your project.",
"parameters": [
@@ -156,7 +160,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "redhat-openjdk18-openshift:1.1"
+ "name": "redhat-openjdk18-openshift:1.2"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver63-amq-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver63-amq-mysql-persistent-s2i.json
deleted file mode 100644
index d1705c88c..000000000
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver63-amq-mysql-persistent-s2i.json
+++ /dev/null
@@ -1,1156 +0,0 @@
-{
- "kind": "Template",
- "apiVersion": "v1",
- "metadata": {
- "annotations": {
- "description": "Application template for Red Hat JBoss BPM Suite 6.3 intelligent process server AMQ and MySQL applications with persistent storage built using S2I.",
- "iconClass": "icon-jboss",
- "tags": "processserver,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server + A-MQ + MySQL (Persistent with https)"
- },
- "name": "processserver63-amq-mysql-persistent-s2i"
- },
- "labels": {
- "template": "processserver63-amq-mysql-persistent-s2i",
- "xpaas": "1.4.0"
- },
- "message": "A new persistent BPMS application (using MySQL and A-MQ) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. And for the A-MQ service use the credentials ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
- "parameters": [
- {
- "displayName": "KIE Container Deployment",
- "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
- "name": "KIE_CONTAINER_DEPLOYMENT",
- "value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
- "required": false
- },
- {
- "displayName": "KIE Server Protocol",
- "description": "The protocol to access the KIE Server REST interface.",
- "name": "KIE_SERVER_PROTOCOL",
- "value": "https",
- "required": false
- },
- {
- "displayName": "KIE Server Port",
- "description": "The port to access the KIE Server REST interface.",
- "name": "KIE_SERVER_PORT",
- "value": "8443",
- "required": false
- },
- {
- "displayName": "KIE Server Username",
- "description": "The user name to access the KIE Server REST or JMS interface.",
- "name": "KIE_SERVER_USER",
- "value": "kieserver",
- "required": false
- },
- {
- "displayName": "KIE Server Password",
- "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
- "name": "KIE_SERVER_PASSWORD",
- "from": "[a-zA-Z]{6}[0-9]{1}!",
- "generate": "expression",
- "required": false
- },
- {
- "displayName": "KIE Server Domain",
- "description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
- "name": "KIE_SERVER_DOMAIN",
- "value": "other",
- "required": false
- },
- {
- "displayName": "KIE Server JMS Queues Request",
- "description": "JNDI name of request queue for JMS.",
- "name": "KIE_SERVER_JMS_QUEUES_REQUEST",
- "value": "queue/KIE.SERVER.REQUEST",
- "required": false
- },
- {
- "displayName": "KIE Server JMS Queues Response",
- "description": "JNDI name of response queue for JMS.",
- "name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
- "value": "queue/KIE.SERVER.RESPONSE",
- "required": false
- },
- {
- "displayName": "KIE Server Executor JMS Queue",
- "description": "JNDI name of executor queue for JMS.",
- "name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
- "value": "queue/KIE.SERVER.EXECUTOR",
- "required": false
- },
- {
- "displayName": "KIE Server Persistence Dialect",
- "description": "Hibernate persistence dialect.",
- "name": "KIE_SERVER_PERSISTENCE_DIALECT",
- "value": "org.hibernate.dialect.MySQL5Dialect",
- "required": false
- },
- {
- "displayName": "Application Name",
- "description": "The name for the application.",
- "name": "APPLICATION_NAME",
- "value": "kie-app",
- "required": true
- },
- {
- "displayName": "Custom http Route Hostname",
- "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
- "name": "HOSTNAME_HTTP",
- "value": "",
- "required": false
- },
- {
- "displayName": "Custom https Route Hostname",
- "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
- "name": "HOSTNAME_HTTPS",
- "value": "",
- "required": false
- },
- {
- "displayName": "Git Repository URL",
- "description": "Git source URI for application",
- "name": "SOURCE_REPOSITORY_URL",
- "value": "https://github.com/jboss-openshift/openshift-quickstarts",
- "required": true
- },
- {
- "displayName": "Git Reference",
- "description": "Git branch/tag reference",
- "name": "SOURCE_REPOSITORY_REF",
- "value": "1.3",
- "required": false
- },
- {
- "displayName": "Context Directory",
- "description": "Path within Git project to build; empty for root project directory.",
- "name": "CONTEXT_DIR",
- "value": "processserver/library",
- "required": false
- },
- {
- "displayName": "Database JNDI Name",
- "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
- "name": "DB_JNDI",
- "value": "java:jboss/datasources/ExampleDS",
- "required": false
- },
- {
- "displayName": "Database Name",
- "description": "Database name",
- "name": "DB_DATABASE",
- "value": "root",
- "required": true
- },
- {
- "displayName": "Database Volume Capacity",
- "description": "Size of persistent storage for database volume.",
- "name": "VOLUME_CAPACITY",
- "value": "512Mi",
- "required": true
- },
- {
- "displayName": "JMS Connection Factory JNDI Name",
- "description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/JmsXA",
- "name": "MQ_JNDI",
- "value": "java:/JmsXA",
- "required": false
- },
- {
- "displayName": "Split Data?",
- "description": "Split the data directory for each node in a mesh.",
- "name": "AMQ_SPLIT",
- "value": "false",
- "required": false
- },
- {
- "displayName": "A-MQ Protocols",
- "description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
- "name": "MQ_PROTOCOL",
- "value": "openwire",
- "required": false
- },
- {
- "displayName": "Queues",
- "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
- "name": "MQ_QUEUES",
- "value": "KIE.SERVER.REQUEST,KIE.SERVER.RESPONSE,KIE.SERVER.EXECUTOR",
- "required": false
- },
- {
- "displayName": "Topics",
- "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
- "name": "MQ_TOPICS",
- "value": "",
- "required": false
- },
- {
- "displayName": "Server Keystore Secret Name",
- "description": "The name of the secret containing the keystore file",
- "name": "HTTPS_SECRET",
- "value": "processserver-app-secret",
- "required": false
- },
- {
- "displayName": "Server Keystore Filename",
- "description": "The name of the keystore file within the secret",
- "name": "HTTPS_KEYSTORE",
- "value": "keystore.jks",
- "required": false
- },
- {
- "displayName": "Server Certificate Name",
- "description": "The name associated with the server certificate",
- "name": "HTTPS_NAME",
- "value": "jboss",
- "required": false
- },
- {
- "displayName": "Server Keystore Password",
- "description": "The password for the keystore and certificate",
- "name": "HTTPS_PASSWORD",
- "value": "mykeystorepass",
- "required": false
- },
- {
- "displayName": "Database Username",
- "description": "Database user name",
- "name": "DB_USERNAME",
- "from": "user[a-zA-Z0-9]{3}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Database Password",
- "description": "Database user password",
- "name": "DB_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Datasource Minimum Pool Size",
- "description": "Sets xa-pool/min-pool-size for the configured datasource.",
- "name": "DB_MIN_POOL_SIZE",
- "required": false
- },
- {
- "displayName": "Datasource Maximum Pool Size",
- "description": "Sets xa-pool/max-pool-size for the configured datasource.",
- "name": "DB_MAX_POOL_SIZE",
- "required": false
- },
- {
- "displayName": "Datasource Transaction Isolation",
- "description": "Sets transaction-isolation for the configured datasource.",
- "name": "DB_TX_ISOLATION",
- "required": false
- },
- {
- "displayName": "MySQL Lower Case Table Names",
- "description": "Sets how the table names are stored and compared.",
- "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
- "required": false
- },
- {
- "displayName": "MySQL Maximum number of connections",
- "description": "The maximum permitted number of simultaneous client connections.",
- "name": "MYSQL_MAX_CONNECTIONS",
- "required": false
- },
- {
- "displayName": "MySQL FullText Minimum Word Length",
- "description": "The minimum length of the word to be included in a FULLTEXT index.",
- "name": "MYSQL_FT_MIN_WORD_LEN",
- "required": false
- },
- {
- "displayName": "MySQL FullText Maximum Word Length",
- "description": "The maximum length of the word to be included in a FULLTEXT index.",
- "name": "MYSQL_FT_MAX_WORD_LEN",
- "required": false
- },
- {
- "displayName": "MySQL AIO",
- "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
- "name": "MYSQL_AIO",
- "required": false
- },
- {
- "displayName": "A-MQ Username",
- "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
- "name": "MQ_USERNAME",
- "from": "user[a-zA-Z0-9]{3}",
- "generate": "expression",
- "required": false
- },
- {
- "displayName": "A-MQ Password",
- "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
- "name": "MQ_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": false
- },
- {
- "displayName": "A-MQ Mesh Discovery Type",
- "description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
- "name": "AMQ_MESH_DISCOVERY_TYPE",
- "value": "kube",
- "required": false
- },
- {
- "displayName": "A-MQ Storage Limit",
- "description": "The A-MQ storage usage limit",
- "name": "AMQ_STORAGE_USAGE_LIMIT",
- "value": "100 gb",
- "required": false
- },
- {
- "displayName": "Github Webhook Secret",
- "description": "GitHub trigger secret",
- "name": "GITHUB_WEBHOOK_SECRET",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Generic Webhook Secret",
- "description": "Generic build trigger secret",
- "name": "GENERIC_WEBHOOK_SECRET",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "ImageStream Namespace",
- "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
- "name": "IMAGE_STREAM_NAMESPACE",
- "value": "openshift",
- "required": true
- },
- {
- "displayName": "Maven mirror URL",
- "description": "Maven mirror to use for S2I builds",
- "name": "MAVEN_MIRROR_URL",
- "value": "",
- "required": false
- },
- {
- "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
- "name": "ARTIFACT_DIR",
- "value": "",
- "required": false
- },
- {
- "displayName": "MySQL Image Stream Tag",
- "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
- "name": "MYSQL_IMAGE_STREAM_TAG",
- "value": "5.7",
- "required": true
- }
- ],
- "objects": [
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 8080,
- "targetPort": 8080
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The web server's http port.",
- "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
- }
- }
- },
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 8443,
- "targetPort": 8443
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- }
- },
- "metadata": {
- "name": "secure-${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The web server's https port.",
- "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
- }
- }
- },
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 3306,
- "targetPort": 3306
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}-mysql"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}-mysql",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The database server's port."
- }
- }
- },
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 61616,
- "targetPort": 61616
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}-amq"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}-amq-tcp",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The broker's OpenWire port."
- }
- }
- },
- {
- "kind": "Route",
- "apiVersion": "v1",
- "id": "${APPLICATION_NAME}-http",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "Route for application's http service."
- }
- },
- "spec": {
- "host": "${HOSTNAME_HTTP}",
- "to": {
- "name": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "kind": "Route",
- "apiVersion": "v1",
- "id": "${APPLICATION_NAME}-https",
- "metadata": {
- "name": "secure-${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "Route for application's https service."
- }
- },
- "spec": {
- "host": "${HOSTNAME_HTTPS}",
- "to": {
- "name": "secure-${APPLICATION_NAME}"
- },
- "tls": {
- "termination": "passthrough"
- }
- }
- },
- {
- "kind": "ImageStream",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "kind": "BuildConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "source": {
- "type": "Git",
- "git": {
- "uri": "${SOURCE_REPOSITORY_URL}",
- "ref": "${SOURCE_REPOSITORY_REF}"
- },
- "contextDir": "${CONTEXT_DIR}"
- },
- "strategy": {
- "type": "Source",
- "sourceStrategy": {
- "env": [
- {
- "name": "KIE_CONTAINER_DEPLOYMENT",
- "value": "${KIE_CONTAINER_DEPLOYMENT}"
- },
- {
- "name": "MAVEN_MIRROR_URL",
- "value": "${MAVEN_MIRROR_URL}"
- },
- {
- "name": "ARTIFACT_DIR",
- "value": "${ARTIFACT_DIR}"
- }
- ],
- "forcePull": true,
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver63-openshift:1.4"
- }
- }
- },
- "output": {
- "to": {
- "kind": "ImageStreamTag",
- "name": "${APPLICATION_NAME}:latest"
- }
- },
- "triggers": [
- {
- "type": "GitHub",
- "github": {
- "secret": "${GITHUB_WEBHOOK_SECRET}"
- }
- },
- {
- "type": "Generic",
- "generic": {
- "secret": "${GENERIC_WEBHOOK_SECRET}"
- }
- },
- {
- "type": "ImageChange",
- "imageChange": {}
- },
- {
- "type": "ConfigChange"
- }
- ]
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}"
- ],
- "from": {
- "kind": "ImageStream",
- "name": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}",
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "serviceAccountName": "processserver-service-account",
- "terminationGracePeriodSeconds": 60,
- "containers": [
- {
- "name": "${APPLICATION_NAME}",
- "image": "${APPLICATION_NAME}",
- "imagePullPolicy": "Always",
- "volumeMounts": [
- {
- "name": "processserver-keystore-volume",
- "mountPath": "/etc/processserver-secret-volume",
- "readOnly": true
- }
- ],
- "livenessProbe": {
- "exec": {
- "command": [
- "/bin/bash",
- "-c",
- "/opt/eap/bin/livenessProbe.sh"
- ]
- }
- },
- "readinessProbe": {
- "exec": {
- "command": [
- "/bin/bash",
- "-c",
- "/opt/eap/bin/readinessProbe.sh"
- ]
- }
- },
- "ports": [
- {
- "name": "jolokia",
- "containerPort": 8778,
- "protocol": "TCP"
- },
- {
- "name": "http",
- "containerPort": 8080,
- "protocol": "TCP"
- },
- {
- "name": "https",
- "containerPort": 8443,
- "protocol": "TCP"
- }
- ],
- "env": [
- {
- "name": "KIE_CONTAINER_DEPLOYMENT",
- "value": "${KIE_CONTAINER_DEPLOYMENT}"
- },
- {
- "name": "KIE_SERVER_PROTOCOL",
- "value": "${KIE_SERVER_PROTOCOL}"
- },
- {
- "name": "KIE_SERVER_PORT",
- "value": "${KIE_SERVER_PORT}"
- },
- {
- "name": "KIE_SERVER_USER",
- "value": "${KIE_SERVER_USER}"
- },
- {
- "name": "KIE_SERVER_PASSWORD",
- "value": "${KIE_SERVER_PASSWORD}"
- },
- {
- "name": "KIE_SERVER_DOMAIN",
- "value": "${KIE_SERVER_DOMAIN}"
- },
- {
- "name": "KIE_SERVER_JMS_QUEUES_REQUEST",
- "value": "${KIE_SERVER_JMS_QUEUES_REQUEST}"
- },
- {
- "name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
- "value": "${KIE_SERVER_JMS_QUEUES_RESPONSE}"
- },
- {
- "name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
- "value": "${KIE_SERVER_EXECUTOR_JMS_QUEUE}"
- },
- {
- "name": "MQ_SERVICE_PREFIX_MAPPING",
- "value": "${APPLICATION_NAME}-amq=MQ"
- },
- {
- "name": "MQ_JNDI",
- "value": "${MQ_JNDI}"
- },
- {
- "name": "MQ_USERNAME",
- "value": "${MQ_USERNAME}"
- },
- {
- "name": "MQ_PASSWORD",
- "value": "${MQ_PASSWORD}"
- },
- {
- "name": "MQ_PROTOCOL",
- "value": "tcp"
- },
- {
- "name": "MQ_QUEUES",
- "value": "${MQ_QUEUES}"
- },
- {
- "name": "MQ_TOPICS",
- "value": "${MQ_TOPICS}"
- },
- {
- "name": "KIE_SERVER_PERSISTENCE_DIALECT",
- "value": "${KIE_SERVER_PERSISTENCE_DIALECT}"
- },
- {
- "name": "DB_SERVICE_PREFIX_MAPPING",
- "value": "${APPLICATION_NAME}-mysql=DB,${APPLICATION_NAME}-mysql=QUARTZ"
- },
- {
- "name": "TX_DATABASE_PREFIX_MAPPING",
- "value": "${APPLICATION_NAME}-mysql=DB"
- },
- {
- "name": "DB_JNDI",
- "value": "${DB_JNDI}"
- },
- {
- "name": "DB_USERNAME",
- "value": "${DB_USERNAME}"
- },
- {
- "name": "DB_PASSWORD",
- "value": "${DB_PASSWORD}"
- },
- {
- "name": "DB_DATABASE",
- "value": "${DB_DATABASE}"
- },
- {
- "name": "DB_MIN_POOL_SIZE",
- "value": "${DB_MIN_POOL_SIZE}"
- },
- {
- "name": "DB_MAX_POOL_SIZE",
- "value": "${DB_MAX_POOL_SIZE}"
- },
- {
- "name": "DB_TX_ISOLATION",
- "value": "${DB_TX_ISOLATION}"
- },
- {
- "name": "QUARTZ_JNDI",
- "value": "${DB_JNDI}NotManaged"
- },
- {
- "name": "QUARTZ_USERNAME",
- "value": "${DB_USERNAME}"
- },
- {
- "name": "QUARTZ_PASSWORD",
- "value": "${DB_PASSWORD}"
- },
- {
- "name": "QUARTZ_DATABASE",
- "value": "${DB_DATABASE}"
- },
- {
- "name": "QUARTZ_MIN_POOL_SIZE",
- "value": "${DB_MIN_POOL_SIZE}"
- },
- {
- "name": "QUARTZ_MAX_POOL_SIZE",
- "value": "${DB_MAX_POOL_SIZE}"
- },
- {
- "name": "QUARTZ_TX_ISOLATION",
- "value": "${DB_TX_ISOLATION}"
- },
- {
- "name": "QUARTZ_JTA",
- "value": "false"
- },
- {
- "name": "QUARTZ_NONXA",
- "value": "true"
- },
- {
- "name": "HTTPS_KEYSTORE_DIR",
- "value": "/etc/processserver-secret-volume"
- },
- {
- "name": "HTTPS_KEYSTORE",
- "value": "${HTTPS_KEYSTORE}"
- },
- {
- "name": "HTTPS_NAME",
- "value": "${HTTPS_NAME}"
- },
- {
- "name": "HTTPS_PASSWORD",
- "value": "${HTTPS_PASSWORD}"
- }
- ]
- }
- ],
- "volumes": [
- {
- "name": "processserver-keystore-volume",
- "secret": {
- "secretName": "${HTTPS_SECRET}"
- }
- }
- ]
- }
- }
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}-mysql",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}-mysql"
- ],
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}-mysql"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}-mysql",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}-mysql",
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "terminationGracePeriodSeconds": 60,
- "containers": [
- {
- "name": "${APPLICATION_NAME}-mysql",
- "image": "mysql",
- "imagePullPolicy": "Always",
- "ports": [
- {
- "containerPort": 3306,
- "protocol": "TCP"
- }
- ],
- "volumeMounts": [
- {
- "mountPath": "/var/lib/mysql/data",
- "name": "${APPLICATION_NAME}-mysql-pvol"
- }
- ],
- "env": [
- {
- "name": "MYSQL_USER",
- "value": "${DB_USERNAME}"
- },
- {
- "name": "MYSQL_PASSWORD",
- "value": "${DB_PASSWORD}"
- },
- {
- "name": "MYSQL_DATABASE",
- "value": "${DB_DATABASE}"
- },
- {
- "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
- "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
- },
- {
- "name": "MYSQL_MAX_CONNECTIONS",
- "value": "${MYSQL_MAX_CONNECTIONS}"
- },
- {
- "name": "MYSQL_FT_MIN_WORD_LEN",
- "value": "${MYSQL_FT_MIN_WORD_LEN}"
- },
- {
- "name": "MYSQL_FT_MAX_WORD_LEN",
- "value": "${MYSQL_FT_MAX_WORD_LEN}"
- },
- {
- "name": "MYSQL_AIO",
- "value": "${MYSQL_AIO}"
- }
- ]
- }
- ],
- "volumes": [
- {
- "name": "${APPLICATION_NAME}-mysql-pvol",
- "persistentVolumeClaim": {
- "claimName": "${APPLICATION_NAME}-mysql-claim"
- }
- }
- ]
- }
- }
- }
- },
- {
- "apiVersion": "v1",
- "kind": "PersistentVolumeClaim",
- "metadata": {
- "name": "${APPLICATION_NAME}-mysql-claim",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "accessModes": [
- "ReadWriteOnce"
- ],
- "resources": {
- "requests": {
- "storage": "${VOLUME_CAPACITY}"
- }
- }
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}-amq",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}-amq"
- ],
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.4"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}-amq"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}-amq",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}-amq",
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "terminationGracePeriodSeconds": 60,
- "containers": [
- {
- "name": "${APPLICATION_NAME}-amq",
- "image": "jboss-amq-62",
- "imagePullPolicy": "Always",
- "volumeMounts": [
- {
- "mountPath": "/opt/amq/data",
- "name": "${APPLICATION_NAME}-amq-pvol"
- }
- ],
- "readinessProbe": {
- "exec": {
- "command": [
- "/bin/bash",
- "-c",
- "/opt/amq/bin/readinessProbe.sh"
- ]
- }
- },
- "ports": [
- {
- "name": "jolokia",
- "containerPort": 8778,
- "protocol": "TCP"
- },
- {
- "name": "amqp",
- "containerPort": 5672,
- "protocol": "TCP"
- },
- {
- "name": "amqp-ssl",
- "containerPort": 5671,
- "protocol": "TCP"
- },
- {
- "name": "mqtt",
- "containerPort": 1883,
- "protocol": "TCP"
- },
- {
- "name": "stomp",
- "containerPort": 61613,
- "protocol": "TCP"
- },
- {
- "name": "stomp-ssl",
- "containerPort": 61612,
- "protocol": "TCP"
- },
- {
- "name": "tcp",
- "containerPort": 61616,
- "protocol": "TCP"
- },
- {
- "name": "tcp-ssl",
- "containerPort": 61617,
- "protocol": "TCP"
- }
- ],
- "env": [
- {
- "name": "AMQ_USER",
- "value": "${MQ_USERNAME}"
- },
- {
- "name": "AMQ_PASSWORD",
- "value": "${MQ_PASSWORD}"
- },
- {
- "name": "AMQ_TRANSPORTS",
- "value": "${MQ_PROTOCOL}"
- },
- {
- "name": "AMQ_SPLIT",
- "value": "${AMQ_SPLIT}"
- },
- {
- "name": "AMQ_MESH_DISCOVERY_TYPE",
- "value": "${AMQ_MESH_DISCOVERY_TYPE}"
- },
- {
- "name": "AMQ_MESH_SERVICE_NAME",
- "value": "${APPLICATION_NAME}-amq-tcp"
- },
- {
- "name": "AMQ_MESH_SERVICE_NAMESPACE",
- "valueFrom": {
- "fieldRef": {
- "fieldPath": "metadata.namespace"
- }
- }
- },
- {
- "name": "AMQ_STORAGE_USAGE_LIMIT",
- "value": "${AMQ_STORAGE_USAGE_LIMIT}"
- }
- ]
- }
- ],
- "volumes": [
- {
- "name": "${APPLICATION_NAME}-amq-pvol",
- "persistentVolumeClaim": {
- "claimName": "${APPLICATION_NAME}-amq-claim"
- }
- }
- ]
- }
- }
- }
- },
- {
- "apiVersion": "v1",
- "kind": "PersistentVolumeClaim",
- "metadata": {
- "name": "${APPLICATION_NAME}-amq-claim",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "accessModes": [
- "ReadWriteMany"
- ],
- "resources": {
- "requests": {
- "storage": "${VOLUME_CAPACITY}"
- }
- }
- }
- }
- ]
-}
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver63-amq-mysql-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver63-amq-mysql-s2i.json
deleted file mode 100644
index 665cb76a3..000000000
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver63-amq-mysql-s2i.json
+++ /dev/null
@@ -1,1034 +0,0 @@
-{
- "kind": "Template",
- "apiVersion": "v1",
- "metadata": {
- "annotations": {
- "description": "Application template for Red Hat JBoss BPM Suite 6.3 intelligent process server AMQ and MySQL applications built using S2I.",
- "iconClass": "icon-jboss",
- "tags": "processserver,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server + A-MQ + MySQL (Ephemeral with https)"
- },
- "name": "processserver63-amq-mysql-s2i"
- },
- "labels": {
- "template": "processserver63-amq-mysql-s2i",
- "xpaas": "1.4.0"
- },
- "message": "A new BPMS application (using MySQL and A-MQ) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. And for the A-MQ service use the credentials ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
- "parameters": [
- {
- "displayName": "KIE Container Deployment",
- "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
- "name": "KIE_CONTAINER_DEPLOYMENT",
- "value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
- "required": false
- },
- {
- "displayName": "KIE Server Protocol",
- "description": "The protocol to access the KIE Server REST interface.",
- "name": "KIE_SERVER_PROTOCOL",
- "value": "https",
- "required": false
- },
- {
- "displayName": "KIE Server Port",
- "description": "The port to access the KIE Server REST interface.",
- "name": "KIE_SERVER_PORT",
- "value": "8443",
- "required": false
- },
- {
- "displayName": "KIE Server Username",
- "description": "The user name to access the KIE Server REST or JMS interface.",
- "name": "KIE_SERVER_USER",
- "value": "kieserver",
- "required": false
- },
- {
- "displayName": "KIE Server Password",
- "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
- "name": "KIE_SERVER_PASSWORD",
- "from": "[a-zA-Z]{6}[0-9]{1}!",
- "generate": "expression",
- "required": false
- },
- {
- "displayName": "KIE Server Domain",
- "description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
- "name": "KIE_SERVER_DOMAIN",
- "value": "other",
- "required": false
- },
- {
- "displayName": "KIE Server JMS Queues Request",
- "description": "JNDI name of request queue for JMS.",
- "name": "KIE_SERVER_JMS_QUEUES_REQUEST",
- "value": "queue/KIE.SERVER.REQUEST",
- "required": false
- },
- {
- "displayName": "KIE Server JMS Queues Response",
- "description": "JNDI name of response queue for JMS.",
- "name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
- "value": "queue/KIE.SERVER.RESPONSE",
- "required": false
- },
- {
- "displayName": "KIE Server Executor JMS Queue",
- "description": "JNDI name of executor queue for JMS.",
- "name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
- "value": "queue/KIE.SERVER.EXECUTOR",
- "required": false
- },
- {
- "displayName": "KIE Server Persistence Dialect",
- "description": "Hibernate persistence dialect.",
- "name": "KIE_SERVER_PERSISTENCE_DIALECT",
- "value": "org.hibernate.dialect.MySQL5Dialect",
- "required": false
- },
- {
- "displayName": "Application Name",
- "description": "The name for the application.",
- "name": "APPLICATION_NAME",
- "value": "kie-app",
- "required": true
- },
- {
- "displayName": "Custom http Route Hostname",
- "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
- "name": "HOSTNAME_HTTP",
- "value": "",
- "required": false
- },
- {
- "displayName": "Custom https Route Hostname",
- "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
- "name": "HOSTNAME_HTTPS",
- "value": "",
- "required": false
- },
- {
- "displayName": "Git Repository URL",
- "description": "Git source URI for application",
- "name": "SOURCE_REPOSITORY_URL",
- "value": "https://github.com/jboss-openshift/openshift-quickstarts",
- "required": true
- },
- {
- "displayName": "Git Reference",
- "description": "Git branch/tag reference",
- "name": "SOURCE_REPOSITORY_REF",
- "value": "1.3",
- "required": false
- },
- {
- "displayName": "Context Directory",
- "description": "Path within Git project to build; empty for root project directory.",
- "name": "CONTEXT_DIR",
- "value": "processserver/library",
- "required": false
- },
- {
- "displayName": "Database JNDI Name",
- "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
- "name": "DB_JNDI",
- "value": "java:jboss/datasources/ExampleDS",
- "required": false
- },
- {
- "displayName": "Database Name",
- "description": "Database name",
- "name": "DB_DATABASE",
- "value": "root",
- "required": true
- },
- {
- "displayName": "JMS Connection Factory JNDI Name",
- "description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/JmsXA",
- "name": "MQ_JNDI",
- "value": "java:/JmsXA",
- "required": false
- },
- {
- "displayName": "A-MQ Protocols",
- "description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
- "name": "MQ_PROTOCOL",
- "value": "openwire",
- "required": false
- },
- {
- "displayName": "Queues",
- "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
- "name": "MQ_QUEUES",
- "value": "KIE.SERVER.REQUEST,KIE.SERVER.RESPONSE,KIE.SERVER.EXECUTOR",
- "required": false
- },
- {
- "displayName": "Topics",
- "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
- "name": "MQ_TOPICS",
- "value": "",
- "required": false
- },
- {
- "displayName": "Server Keystore Secret Name",
- "description": "The name of the secret containing the keystore file",
- "name": "HTTPS_SECRET",
- "value": "processserver-app-secret",
- "required": false
- },
- {
- "displayName": "Server Keystore Filename",
- "description": "The name of the keystore file within the secret",
- "name": "HTTPS_KEYSTORE",
- "value": "keystore.jks",
- "required": false
- },
- {
- "displayName": "Server Certificate Name",
- "description": "The name associated with the server certificate",
- "name": "HTTPS_NAME",
- "value": "jboss",
- "required": false
- },
- {
- "displayName": "Server Keystore Password",
- "description": "The password for the keystore and certificate",
- "name": "HTTPS_PASSWORD",
- "value": "mykeystorepass",
- "required": false
- },
- {
- "displayName": "Database Username",
- "description": "Database user name",
- "name": "DB_USERNAME",
- "from": "user[a-zA-Z0-9]{3}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Database Password",
- "description": "Database user password",
- "name": "DB_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Datasource Minimum Pool Size",
- "description": "Sets xa-pool/min-pool-size for the configured datasource.",
- "name": "DB_MIN_POOL_SIZE",
- "required": false
- },
- {
- "displayName": "Datasource Maximum Pool Size",
- "description": "Sets xa-pool/max-pool-size for the configured datasource.",
- "name": "DB_MAX_POOL_SIZE",
- "required": false
- },
- {
- "displayName": "Datasource Transaction Isolation",
- "description": "Sets transaction-isolation for the configured datasource.",
- "name": "DB_TX_ISOLATION",
- "required": false
- },
- {
- "displayName": "MySQL Lower Case Table Names",
- "description": "Sets how the table names are stored and compared.",
- "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
- "required": false
- },
- {
- "displayName": "MySQL Maximum number of connections",
- "description": "The maximum permitted number of simultaneous client connections.",
- "name": "MYSQL_MAX_CONNECTIONS",
- "required": false
- },
- {
- "displayName": "MySQL FullText Minimum Word Length",
- "description": "The minimum length of the word to be included in a FULLTEXT index.",
- "name": "MYSQL_FT_MIN_WORD_LEN",
- "required": false
- },
- {
- "displayName": "MySQL FullText Maximum Word Length",
- "description": "The maximum length of the word to be included in a FULLTEXT index.",
- "name": "MYSQL_FT_MAX_WORD_LEN",
- "required": false
- },
- {
- "displayName": "MySQL AIO",
- "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
- "name": "MYSQL_AIO",
- "required": false
- },
- {
- "displayName": "A-MQ Username",
- "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
- "name": "MQ_USERNAME",
- "from": "user[a-zA-Z0-9]{3}",
- "generate": "expression",
- "required": false
- },
- {
- "displayName": "A-MQ Password",
- "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
- "name": "MQ_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": false
- },
- {
- "displayName": "A-MQ Mesh Discovery Type",
- "description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
- "name": "AMQ_MESH_DISCOVERY_TYPE",
- "value": "kube",
- "required": false
- },
- {
- "displayName": "A-MQ Storage Limit",
- "description": "The A-MQ storage usage limit",
- "name": "AMQ_STORAGE_USAGE_LIMIT",
- "value": "100 gb",
- "required": false
- },
- {
- "displayName": "Github Webhook Secret",
- "description": "GitHub trigger secret",
- "name": "GITHUB_WEBHOOK_SECRET",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Generic Webhook Secret",
- "description": "Generic build trigger secret",
- "name": "GENERIC_WEBHOOK_SECRET",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "ImageStream Namespace",
- "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
- "name": "IMAGE_STREAM_NAMESPACE",
- "value": "openshift",
- "required": true
- },
- {
- "displayName": "Maven mirror URL",
- "description": "Maven mirror to use for S2I builds",
- "name": "MAVEN_MIRROR_URL",
- "value": "",
- "required": false
- },
- {
- "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
- "name": "ARTIFACT_DIR",
- "value": "",
- "required": false
- },
- {
- "displayName": "MySQL Image Stream Tag",
- "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
- "name": "MYSQL_IMAGE_STREAM_TAG",
- "value": "5.7",
- "required": true
- }
- ],
- "objects": [
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 8080,
- "targetPort": 8080
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The web server's http port.",
- "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
- }
- }
- },
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 8443,
- "targetPort": 8443
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- }
- },
- "metadata": {
- "name": "secure-${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The web server's https port.",
- "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
- }
- }
- },
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 3306,
- "targetPort": 3306
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}-mysql"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}-mysql",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The database server's port."
- }
- }
- },
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 61616,
- "targetPort": 61616
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}-amq"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}-amq-tcp",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The broker's OpenWire port."
- }
- }
- },
- {
- "kind": "Route",
- "apiVersion": "v1",
- "id": "${APPLICATION_NAME}-http",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "Route for application's http service."
- }
- },
- "spec": {
- "host": "${HOSTNAME_HTTP}",
- "to": {
- "name": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "kind": "Route",
- "apiVersion": "v1",
- "id": "${APPLICATION_NAME}-https",
- "metadata": {
- "name": "secure-${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "Route for application's https service."
- }
- },
- "spec": {
- "host": "${HOSTNAME_HTTPS}",
- "to": {
- "name": "secure-${APPLICATION_NAME}"
- },
- "tls": {
- "termination": "passthrough"
- }
- }
- },
- {
- "kind": "ImageStream",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "kind": "BuildConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "source": {
- "type": "Git",
- "git": {
- "uri": "${SOURCE_REPOSITORY_URL}",
- "ref": "${SOURCE_REPOSITORY_REF}"
- },
- "contextDir": "${CONTEXT_DIR}"
- },
- "strategy": {
- "type": "Source",
- "sourceStrategy": {
- "env": [
- {
- "name": "KIE_CONTAINER_DEPLOYMENT",
- "value": "${KIE_CONTAINER_DEPLOYMENT}"
- },
- {
- "name": "MAVEN_MIRROR_URL",
- "value": "${MAVEN_MIRROR_URL}"
- },
- {
- "name": "ARTIFACT_DIR",
- "value": "${ARTIFACT_DIR}"
- }
- ],
- "forcePull": true,
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver63-openshift:1.4"
- }
- }
- },
- "output": {
- "to": {
- "kind": "ImageStreamTag",
- "name": "${APPLICATION_NAME}:latest"
- }
- },
- "triggers": [
- {
- "type": "GitHub",
- "github": {
- "secret": "${GITHUB_WEBHOOK_SECRET}"
- }
- },
- {
- "type": "Generic",
- "generic": {
- "secret": "${GENERIC_WEBHOOK_SECRET}"
- }
- },
- {
- "type": "ImageChange",
- "imageChange": {}
- },
- {
- "type": "ConfigChange"
- }
- ]
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}"
- ],
- "from": {
- "kind": "ImageStream",
- "name": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}",
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "serviceAccountName": "processserver-service-account",
- "terminationGracePeriodSeconds": 60,
- "containers": [
- {
- "name": "${APPLICATION_NAME}",
- "image": "${APPLICATION_NAME}",
- "imagePullPolicy": "Always",
- "volumeMounts": [
- {
- "name": "processserver-keystore-volume",
- "mountPath": "/etc/processserver-secret-volume",
- "readOnly": true
- }
- ],
- "livenessProbe": {
- "exec": {
- "command": [
- "/bin/bash",
- "-c",
- "/opt/eap/bin/livenessProbe.sh"
- ]
- }
- },
- "readinessProbe": {
- "exec": {
- "command": [
- "/bin/bash",
- "-c",
- "/opt/eap/bin/readinessProbe.sh"
- ]
- }
- },
- "ports": [
- {
- "name": "jolokia",
- "containerPort": 8778,
- "protocol": "TCP"
- },
- {
- "name": "http",
- "containerPort": 8080,
- "protocol": "TCP"
- },
- {
- "name": "https",
- "containerPort": 8443,
- "protocol": "TCP"
- }
- ],
- "env": [
- {
- "name": "KIE_CONTAINER_DEPLOYMENT",
- "value": "${KIE_CONTAINER_DEPLOYMENT}"
- },
- {
- "name": "KIE_SERVER_PROTOCOL",
- "value": "${KIE_SERVER_PROTOCOL}"
- },
- {
- "name": "KIE_SERVER_PORT",
- "value": "${KIE_SERVER_PORT}"
- },
- {
- "name": "KIE_SERVER_USER",
- "value": "${KIE_SERVER_USER}"
- },
- {
- "name": "KIE_SERVER_PASSWORD",
- "value": "${KIE_SERVER_PASSWORD}"
- },
- {
- "name": "KIE_SERVER_DOMAIN",
- "value": "${KIE_SERVER_DOMAIN}"
- },
- {
- "name": "KIE_SERVER_JMS_QUEUES_REQUEST",
- "value": "${KIE_SERVER_JMS_QUEUES_REQUEST}"
- },
- {
- "name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
- "value": "${KIE_SERVER_JMS_QUEUES_RESPONSE}"
- },
- {
- "name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
- "value": "${KIE_SERVER_EXECUTOR_JMS_QUEUE}"
- },
- {
- "name": "MQ_SERVICE_PREFIX_MAPPING",
- "value": "${APPLICATION_NAME}-amq=MQ"
- },
- {
- "name": "MQ_JNDI",
- "value": "${MQ_JNDI}"
- },
- {
- "name": "MQ_USERNAME",
- "value": "${MQ_USERNAME}"
- },
- {
- "name": "MQ_PASSWORD",
- "value": "${MQ_PASSWORD}"
- },
- {
- "name": "MQ_PROTOCOL",
- "value": "tcp"
- },
- {
- "name": "MQ_QUEUES",
- "value": "${MQ_QUEUES}"
- },
- {
- "name": "MQ_TOPICS",
- "value": "${MQ_TOPICS}"
- },
- {
- "name": "KIE_SERVER_PERSISTENCE_DIALECT",
- "value": "${KIE_SERVER_PERSISTENCE_DIALECT}"
- },
- {
- "name": "DB_SERVICE_PREFIX_MAPPING",
- "value": "${APPLICATION_NAME}-mysql=DB"
- },
- {
- "name": "DB_JNDI",
- "value": "${DB_JNDI}"
- },
- {
- "name": "DB_USERNAME",
- "value": "${DB_USERNAME}"
- },
- {
- "name": "DB_PASSWORD",
- "value": "${DB_PASSWORD}"
- },
- {
- "name": "DB_DATABASE",
- "value": "${DB_DATABASE}"
- },
- {
- "name": "TX_DATABASE_PREFIX_MAPPING",
- "value": "${APPLICATION_NAME}-mysql=DB"
- },
- {
- "name": "DB_MIN_POOL_SIZE",
- "value": "${DB_MIN_POOL_SIZE}"
- },
- {
- "name": "DB_MAX_POOL_SIZE",
- "value": "${DB_MAX_POOL_SIZE}"
- },
- {
- "name": "DB_TX_ISOLATION",
- "value": "${DB_TX_ISOLATION}"
- },
- {
- "name": "HTTPS_KEYSTORE_DIR",
- "value": "/etc/processserver-secret-volume"
- },
- {
- "name": "HTTPS_KEYSTORE",
- "value": "${HTTPS_KEYSTORE}"
- },
- {
- "name": "HTTPS_NAME",
- "value": "${HTTPS_NAME}"
- },
- {
- "name": "HTTPS_PASSWORD",
- "value": "${HTTPS_PASSWORD}"
- }
- ]
- }
- ],
- "volumes": [
- {
- "name": "processserver-keystore-volume",
- "secret": {
- "secretName": "${HTTPS_SECRET}"
- }
- }
- ]
- }
- }
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}-mysql",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}-mysql"
- ],
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}-mysql"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}-mysql",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}-mysql",
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "terminationGracePeriodSeconds": 60,
- "containers": [
- {
- "name": "${APPLICATION_NAME}-mysql",
- "image": "mysql",
- "imagePullPolicy": "Always",
- "ports": [
- {
- "containerPort": 3306,
- "protocol": "TCP"
- }
- ],
- "env": [
- {
- "name": "MYSQL_USER",
- "value": "${DB_USERNAME}"
- },
- {
- "name": "MYSQL_PASSWORD",
- "value": "${DB_PASSWORD}"
- },
- {
- "name": "MYSQL_DATABASE",
- "value": "${DB_DATABASE}"
- },
- {
- "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
- "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
- },
- {
- "name": "MYSQL_MAX_CONNECTIONS",
- "value": "${MYSQL_MAX_CONNECTIONS}"
- },
- {
- "name": "MYSQL_FT_MIN_WORD_LEN",
- "value": "${MYSQL_FT_MIN_WORD_LEN}"
- },
- {
- "name": "MYSQL_FT_MAX_WORD_LEN",
- "value": "${MYSQL_FT_MAX_WORD_LEN}"
- },
- {
- "name": "MYSQL_AIO",
- "value": "${MYSQL_AIO}"
- }
- ]
- }
- ]
- }
- }
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}-amq",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}-amq"
- ],
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.4"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}-amq"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}-amq",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}-amq",
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "terminationGracePeriodSeconds": 60,
- "containers": [
- {
- "name": "${APPLICATION_NAME}-amq",
- "image": "jboss-amq-62",
- "imagePullPolicy": "Always",
- "readinessProbe": {
- "exec": {
- "command": [
- "/bin/bash",
- "-c",
- "/opt/amq/bin/readinessProbe.sh"
- ]
- }
- },
- "ports": [
- {
- "name": "jolokia",
- "containerPort": 8778,
- "protocol": "TCP"
- },
- {
- "name": "amqp",
- "containerPort": 5672,
- "protocol": "TCP"
- },
- {
- "name": "amqp-ssl",
- "containerPort": 5671,
- "protocol": "TCP"
- },
- {
- "name": "mqtt",
- "containerPort": 1883,
- "protocol": "TCP"
- },
- {
- "name": "stomp",
- "containerPort": 61613,
- "protocol": "TCP"
- },
- {
- "name": "stomp-ssl",
- "containerPort": 61612,
- "protocol": "TCP"
- },
- {
- "name": "tcp",
- "containerPort": 61616,
- "protocol": "TCP"
- },
- {
- "name": "tcp-ssl",
- "containerPort": 61617,
- "protocol": "TCP"
- }
- ],
- "env": [
- {
- "name": "AMQ_USER",
- "value": "${MQ_USERNAME}"
- },
- {
- "name": "AMQ_PASSWORD",
- "value": "${MQ_PASSWORD}"
- },
- {
- "name": "AMQ_TRANSPORTS",
- "value": "${MQ_PROTOCOL}"
- },
- {
- "name": "AMQ_MESH_DISCOVERY_TYPE",
- "value": "${AMQ_MESH_DISCOVERY_TYPE}"
- },
- {
- "name": "AMQ_MESH_SERVICE_NAME",
- "value": "${APPLICATION_NAME}-amq-tcp"
- },
- {
- "name": "AMQ_MESH_SERVICE_NAMESPACE",
- "valueFrom": {
- "fieldRef": {
- "fieldPath": "metadata.namespace"
- }
- }
- },
- {
- "name": "AMQ_STORAGE_USAGE_LIMIT",
- "value": "${AMQ_STORAGE_USAGE_LIMIT}"
- }
- ]
- }
- ]
- }
- }
- }
- }
- ]
-}
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver63-amq-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver63-amq-postgresql-persistent-s2i.json
deleted file mode 100644
index 5a395a0f3..000000000
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver63-amq-postgresql-persistent-s2i.json
+++ /dev/null
@@ -1,1126 +0,0 @@
-{
- "kind": "Template",
- "apiVersion": "v1",
- "metadata": {
- "annotations": {
- "description": "Application template for Red Hat JBoss BPM Suite 6.3 intelligent process server AMQ and PostgreSQL applications with persistent storage built using S2I.",
- "iconClass": "icon-jboss",
- "tags": "processserver,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server + A-MQ + PostgreSQL (Persistent with https)"
- },
- "name": "processserver63-amq-postgresql-persistent-s2i"
- },
- "labels": {
- "template": "processserver63-amq-postgresql-persistent-s2i",
- "xpaas": "1.4.0"
- },
- "message": "A new persistent BPMS application (using PostgreSQL and A-MQ) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. And for the A-MQ service use the credentials ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
- "parameters": [
- {
- "displayName": "KIE Container Deployment",
- "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
- "name": "KIE_CONTAINER_DEPLOYMENT",
- "value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
- "required": false
- },
- {
- "displayName": "KIE Server Protocol",
- "description": "The protocol to access the KIE Server REST interface.",
- "name": "KIE_SERVER_PROTOCOL",
- "value": "https",
- "required": false
- },
- {
- "displayName": "KIE Server Port",
- "description": "The port to access the KIE Server REST interface.",
- "name": "KIE_SERVER_PORT",
- "value": "8443",
- "required": false
- },
- {
- "displayName": "KIE Server Username",
- "description": "The user name to access the KIE Server REST or JMS interface.",
- "name": "KIE_SERVER_USER",
- "value": "kieserver",
- "required": false
- },
- {
- "displayName": "KIE Server Password",
- "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
- "name": "KIE_SERVER_PASSWORD",
- "from": "[a-zA-Z]{6}[0-9]{1}!",
- "generate": "expression",
- "required": false
- },
- {
- "displayName": "KIE Server Domain",
- "description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
- "name": "KIE_SERVER_DOMAIN",
- "value": "other",
- "required": false
- },
- {
- "displayName": "KIE Server JMS Queues Request",
- "description": "JNDI name of request queue for JMS.",
- "name": "KIE_SERVER_JMS_QUEUES_REQUEST",
- "value": "queue/KIE.SERVER.REQUEST",
- "required": false
- },
- {
- "displayName": "KIE Server JMS Queues Response",
- "description": "JNDI name of response queue for JMS.",
- "name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
- "value": "queue/KIE.SERVER.RESPONSE",
- "required": false
- },
- {
- "displayName": "KIE Server Executor JMS Queue",
- "description": "JNDI name of executor queue for JMS.",
- "name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
- "value": "queue/KIE.SERVER.EXECUTOR",
- "required": false
- },
- {
- "displayName": "KIE Server Persistence Dialect",
- "description": "Hibernate persistence dialect.",
- "name": "KIE_SERVER_PERSISTENCE_DIALECT",
- "value": "org.hibernate.dialect.PostgreSQL82Dialect",
- "required": false
- },
- {
- "displayName": "Application Name",
- "description": "The name for the application.",
- "name": "APPLICATION_NAME",
- "value": "kie-app",
- "required": true
- },
- {
- "displayName": "Custom http Route Hostname",
- "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
- "name": "HOSTNAME_HTTP",
- "value": "",
- "required": false
- },
- {
- "displayName": "Custom https Route Hostname",
- "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
- "name": "HOSTNAME_HTTPS",
- "value": "",
- "required": false
- },
- {
- "displayName": "Git Repository URL",
- "description": "Git source URI for application",
- "name": "SOURCE_REPOSITORY_URL",
- "value": "https://github.com/jboss-openshift/openshift-quickstarts",
- "required": true
- },
- {
- "displayName": "Git Reference",
- "description": "Git branch/tag reference",
- "name": "SOURCE_REPOSITORY_REF",
- "value": "1.3",
- "required": false
- },
- {
- "displayName": "Context Directory",
- "description": "Path within Git project to build; empty for root project directory.",
- "name": "CONTEXT_DIR",
- "value": "processserver/library",
- "required": false
- },
- {
- "displayName": "Database JNDI Name",
- "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
- "name": "DB_JNDI",
- "value": "java:jboss/datasources/ExampleDS",
- "required": false
- },
- {
- "displayName": "Database Name",
- "description": "Database name",
- "name": "DB_DATABASE",
- "value": "root",
- "required": true
- },
- {
- "displayName": "Database Volume Capacity",
- "description": "Size of persistent storage for database volume.",
- "name": "VOLUME_CAPACITY",
- "value": "512Mi",
- "required": true
- },
- {
- "displayName": "JMS Connection Factory JNDI Name",
- "description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/JmsXA",
- "name": "MQ_JNDI",
- "value": "java:/JmsXA",
- "required": false
- },
- {
- "displayName": "Split Data?",
- "description": "Split the data directory for each node in a mesh.",
- "name": "AMQ_SPLIT",
- "value": "false",
- "required": false
- },
- {
- "displayName": "A-MQ Protocols",
- "description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
- "name": "MQ_PROTOCOL",
- "value": "openwire",
- "required": false
- },
- {
- "displayName": "Queues",
- "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
- "name": "MQ_QUEUES",
- "value": "KIE.SERVER.REQUEST,KIE.SERVER.RESPONSE,KIE.SERVER.EXECUTOR",
- "required": false
- },
- {
- "displayName": "Topics",
- "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
- "name": "MQ_TOPICS",
- "value": "",
- "required": false
- },
- {
- "displayName": "Server Keystore Secret Name",
- "description": "The name of the secret containing the keystore file",
- "name": "HTTPS_SECRET",
- "value": "processserver-app-secret",
- "required": false
- },
- {
- "displayName": "Server Keystore Filename",
- "description": "The name of the keystore file within the secret",
- "name": "HTTPS_KEYSTORE",
- "value": "keystore.jks",
- "required": false
- },
- {
- "displayName": "Server Certificate Name",
- "description": "The name associated with the server certificate",
- "name": "HTTPS_NAME",
- "value": "jboss",
- "required": false
- },
- {
- "displayName": "Server Keystore Password",
- "description": "The password for the keystore and certificate",
- "name": "HTTPS_PASSWORD",
- "value": "mykeystorepass",
- "required": false
- },
- {
- "displayName": "Database Username",
- "description": "Database user name",
- "name": "DB_USERNAME",
- "from": "user[a-zA-Z0-9]{3}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Database Password",
- "description": "Database user password",
- "name": "DB_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Datasource Minimum Pool Size",
- "description": "Sets xa-pool/min-pool-size for the configured datasource.",
- "name": "DB_MIN_POOL_SIZE",
- "required": false
- },
- {
- "displayName": "Datasource Maximum Pool Size",
- "description": "Sets xa-pool/max-pool-size for the configured datasource.",
- "name": "DB_MAX_POOL_SIZE",
- "required": false
- },
- {
- "displayName": "Datasource Transaction Isolation",
- "description": "Sets transaction-isolation for the configured datasource.",
- "name": "DB_TX_ISOLATION",
- "required": false
- },
- {
- "displayName": "PostgreSQL Maximum number of connections",
- "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
- "name": "POSTGRESQL_MAX_CONNECTIONS",
- "required": false
- },
- {
- "displayName": "PostgreSQL Shared Buffers",
- "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
- "name": "POSTGRESQL_SHARED_BUFFERS",
- "required": false
- },
- {
- "displayName": "A-MQ Username",
- "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
- "name": "MQ_USERNAME",
- "from": "user[a-zA-Z0-9]{3}",
- "generate": "expression",
- "required": false
- },
- {
- "displayName": "A-MQ Password",
- "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
- "name": "MQ_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": false
- },
- {
- "displayName": "A-MQ Mesh Discovery Type",
- "description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
- "name": "AMQ_MESH_DISCOVERY_TYPE",
- "value": "kube",
- "required": false
- },
- {
- "displayName": "A-MQ Storage Limit",
- "description": "The A-MQ storage usage limit",
- "name": "AMQ_STORAGE_USAGE_LIMIT",
- "value": "100 gb",
- "required": false
- },
- {
- "displayName": "Github Webhook Secret",
- "description": "GitHub trigger secret",
- "name": "GITHUB_WEBHOOK_SECRET",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Generic Webhook Secret",
- "description": "Generic build trigger secret",
- "name": "GENERIC_WEBHOOK_SECRET",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "ImageStream Namespace",
- "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
- "name": "IMAGE_STREAM_NAMESPACE",
- "value": "openshift",
- "required": true
- },
- {
- "displayName": "Maven mirror URL",
- "description": "Maven mirror to use for S2I builds",
- "name": "MAVEN_MIRROR_URL",
- "value": "",
- "required": false
- },
- {
- "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
- "name": "ARTIFACT_DIR",
- "value": "",
- "required": false
- },
- {
- "displayName": "PostgreSQL Image Stream Tag",
- "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
- "name": "POSTGRESQL_IMAGE_STREAM_TAG",
- "value": "9.5",
- "required": true
- }
- ],
- "objects": [
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 8080,
- "targetPort": 8080
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The web server's http port.",
- "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
- }
- }
- },
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 8443,
- "targetPort": 8443
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- }
- },
- "metadata": {
- "name": "secure-${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The web server's https port.",
- "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
- }
- }
- },
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 5432,
- "targetPort": 5432
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}-postgresql"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}-postgresql",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The database server's port."
- }
- }
- },
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 61616,
- "targetPort": 61616
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}-amq"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}-amq-tcp",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The broker's OpenWire port."
- }
- }
- },
- {
- "kind": "Route",
- "apiVersion": "v1",
- "id": "${APPLICATION_NAME}-http",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "Route for application's http service."
- }
- },
- "spec": {
- "host": "${HOSTNAME_HTTP}",
- "to": {
- "name": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "kind": "Route",
- "apiVersion": "v1",
- "id": "${APPLICATION_NAME}-https",
- "metadata": {
- "name": "secure-${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "Route for application's https service."
- }
- },
- "spec": {
- "host": "${HOSTNAME_HTTPS}",
- "to": {
- "name": "secure-${APPLICATION_NAME}"
- },
- "tls": {
- "termination": "passthrough"
- }
- }
- },
- {
- "kind": "ImageStream",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "kind": "BuildConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "source": {
- "type": "Git",
- "git": {
- "uri": "${SOURCE_REPOSITORY_URL}",
- "ref": "${SOURCE_REPOSITORY_REF}"
- },
- "contextDir": "${CONTEXT_DIR}"
- },
- "strategy": {
- "type": "Source",
- "sourceStrategy": {
- "env": [
- {
- "name": "KIE_CONTAINER_DEPLOYMENT",
- "value": "${KIE_CONTAINER_DEPLOYMENT}"
- },
- {
- "name": "MAVEN_MIRROR_URL",
- "value": "${MAVEN_MIRROR_URL}"
- },
- {
- "name": "ARTIFACT_DIR",
- "value": "${ARTIFACT_DIR}"
- }
- ],
- "forcePull": true,
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver63-openshift:1.4"
- }
- }
- },
- "output": {
- "to": {
- "kind": "ImageStreamTag",
- "name": "${APPLICATION_NAME}:latest"
- }
- },
- "triggers": [
- {
- "type": "GitHub",
- "github": {
- "secret": "${GITHUB_WEBHOOK_SECRET}"
- }
- },
- {
- "type": "Generic",
- "generic": {
- "secret": "${GENERIC_WEBHOOK_SECRET}"
- }
- },
- {
- "type": "ImageChange",
- "imageChange": {}
- },
- {
- "type": "ConfigChange"
- }
- ]
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}"
- ],
- "from": {
- "kind": "ImageStream",
- "name": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}",
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "serviceAccountName": "processserver-service-account",
- "terminationGracePeriodSeconds": 60,
- "containers": [
- {
- "name": "${APPLICATION_NAME}",
- "image": "${APPLICATION_NAME}",
- "imagePullPolicy": "Always",
- "volumeMounts": [
- {
- "name": "processserver-keystore-volume",
- "mountPath": "/etc/processserver-secret-volume",
- "readOnly": true
- }
- ],
- "livenessProbe": {
- "exec": {
- "command": [
- "/bin/bash",
- "-c",
- "/opt/eap/bin/livenessProbe.sh"
- ]
- }
- },
- "readinessProbe": {
- "exec": {
- "command": [
- "/bin/bash",
- "-c",
- "/opt/eap/bin/readinessProbe.sh"
- ]
- }
- },
- "ports": [
- {
- "name": "jolokia",
- "containerPort": 8778,
- "protocol": "TCP"
- },
- {
- "name": "http",
- "containerPort": 8080,
- "protocol": "TCP"
- },
- {
- "name": "https",
- "containerPort": 8443,
- "protocol": "TCP"
- }
- ],
- "env": [
- {
- "name": "KIE_CONTAINER_DEPLOYMENT",
- "value": "${KIE_CONTAINER_DEPLOYMENT}"
- },
- {
- "name": "KIE_SERVER_PROTOCOL",
- "value": "${KIE_SERVER_PROTOCOL}"
- },
- {
- "name": "KIE_SERVER_PORT",
- "value": "${KIE_SERVER_PORT}"
- },
- {
- "name": "KIE_SERVER_USER",
- "value": "${KIE_SERVER_USER}"
- },
- {
- "name": "KIE_SERVER_PASSWORD",
- "value": "${KIE_SERVER_PASSWORD}"
- },
- {
- "name": "KIE_SERVER_DOMAIN",
- "value": "${KIE_SERVER_DOMAIN}"
- },
- {
- "name": "KIE_SERVER_JMS_QUEUES_REQUEST",
- "value": "${KIE_SERVER_JMS_QUEUES_REQUEST}"
- },
- {
- "name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
- "value": "${KIE_SERVER_JMS_QUEUES_RESPONSE}"
- },
- {
- "name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
- "value": "${KIE_SERVER_EXECUTOR_JMS_QUEUE}"
- },
- {
- "name": "MQ_SERVICE_PREFIX_MAPPING",
- "value": "${APPLICATION_NAME}-amq=MQ"
- },
- {
- "name": "MQ_JNDI",
- "value": "${MQ_JNDI}"
- },
- {
- "name": "MQ_USERNAME",
- "value": "${MQ_USERNAME}"
- },
- {
- "name": "MQ_PASSWORD",
- "value": "${MQ_PASSWORD}"
- },
- {
- "name": "MQ_PROTOCOL",
- "value": "tcp"
- },
- {
- "name": "MQ_QUEUES",
- "value": "${MQ_QUEUES}"
- },
- {
- "name": "MQ_TOPICS",
- "value": "${MQ_TOPICS}"
- },
- {
- "name": "KIE_SERVER_PERSISTENCE_DIALECT",
- "value": "${KIE_SERVER_PERSISTENCE_DIALECT}"
- },
- {
- "name": "DB_SERVICE_PREFIX_MAPPING",
- "value": "${APPLICATION_NAME}-postgresql=DB,${APPLICATION_NAME}-postgresql=QUARTZ"
- },
- {
- "name": "TX_DATABASE_PREFIX_MAPPING",
- "value": "${APPLICATION_NAME}-postgresql=DB"
- },
- {
- "name": "DB_JNDI",
- "value": "${DB_JNDI}"
- },
- {
- "name": "DB_USERNAME",
- "value": "${DB_USERNAME}"
- },
- {
- "name": "DB_PASSWORD",
- "value": "${DB_PASSWORD}"
- },
- {
- "name": "DB_DATABASE",
- "value": "${DB_DATABASE}"
- },
- {
- "name": "DB_MIN_POOL_SIZE",
- "value": "${DB_MIN_POOL_SIZE}"
- },
- {
- "name": "DB_MAX_POOL_SIZE",
- "value": "${DB_MAX_POOL_SIZE}"
- },
- {
- "name": "DB_TX_ISOLATION",
- "value": "${DB_TX_ISOLATION}"
- },
- {
- "name": "QUARTZ_JNDI",
- "value": "${DB_JNDI}NotManaged"
- },
- {
- "name": "QUARTZ_USERNAME",
- "value": "${DB_USERNAME}"
- },
- {
- "name": "QUARTZ_PASSWORD",
- "value": "${DB_PASSWORD}"
- },
- {
- "name": "QUARTZ_DATABASE",
- "value": "${DB_DATABASE}"
- },
- {
- "name": "QUARTZ_MIN_POOL_SIZE",
- "value": "${DB_MIN_POOL_SIZE}"
- },
- {
- "name": "QUARTZ_MAX_POOL_SIZE",
- "value": "${DB_MAX_POOL_SIZE}"
- },
- {
- "name": "QUARTZ_TX_ISOLATION",
- "value": "${DB_TX_ISOLATION}"
- },
- {
- "name": "QUARTZ_JTA",
- "value": "false"
- },
- {
- "name": "QUARTZ_NONXA",
- "value": "true"
- },
- {
- "name": "HTTPS_KEYSTORE_DIR",
- "value": "/etc/processserver-secret-volume"
- },
- {
- "name": "HTTPS_KEYSTORE",
- "value": "${HTTPS_KEYSTORE}"
- },
- {
- "name": "HTTPS_NAME",
- "value": "${HTTPS_NAME}"
- },
- {
- "name": "HTTPS_PASSWORD",
- "value": "${HTTPS_PASSWORD}"
- }
- ]
- }
- ],
- "volumes": [
- {
- "name": "processserver-keystore-volume",
- "secret": {
- "secretName": "${HTTPS_SECRET}"
- }
- }
- ]
- }
- }
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}-postgresql",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}-postgresql"
- ],
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}-postgresql"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}-postgresql",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}-postgresql",
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "terminationGracePeriodSeconds": 60,
- "containers": [
- {
- "name": "${APPLICATION_NAME}-postgresql",
- "image": "postgresql",
- "imagePullPolicy": "Always",
- "ports": [
- {
- "containerPort": 5432,
- "protocol": "TCP"
- }
- ],
- "volumeMounts": [
- {
- "mountPath": "/var/lib/pgsql/data",
- "name": "${APPLICATION_NAME}-postgresql-pvol"
- }
- ],
- "env": [
- {
- "name": "POSTGRESQL_USER",
- "value": "${DB_USERNAME}"
- },
- {
- "name": "POSTGRESQL_PASSWORD",
- "value": "${DB_PASSWORD}"
- },
- {
- "name": "POSTGRESQL_DATABASE",
- "value": "${DB_DATABASE}"
- },
- {
- "name": "POSTGRESQL_MAX_CONNECTIONS",
- "value": "${POSTGRESQL_MAX_CONNECTIONS}"
- },
- {
- "name": "POSTGRESQL_SHARED_BUFFERS",
- "value": "${POSTGRESQL_SHARED_BUFFERS}"
- }
- ]
- }
- ],
- "volumes": [
- {
- "name": "${APPLICATION_NAME}-postgresql-pvol",
- "persistentVolumeClaim": {
- "claimName": "${APPLICATION_NAME}-postgresql-claim"
- }
- }
- ]
- }
- }
- }
- },
- {
- "apiVersion": "v1",
- "kind": "PersistentVolumeClaim",
- "metadata": {
- "name": "${APPLICATION_NAME}-postgresql-claim",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "accessModes": [
- "ReadWriteOnce"
- ],
- "resources": {
- "requests": {
- "storage": "${VOLUME_CAPACITY}"
- }
- }
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}-amq",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}-amq"
- ],
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.4"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}-amq"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}-amq",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}-amq",
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "terminationGracePeriodSeconds": 60,
- "containers": [
- {
- "name": "${APPLICATION_NAME}-amq",
- "image": "jboss-amq-62",
- "imagePullPolicy": "Always",
- "volumeMounts": [
- {
- "mountPath": "/opt/amq/data",
- "name": "${APPLICATION_NAME}-amq-pvol"
- }
- ],
- "readinessProbe": {
- "exec": {
- "command": [
- "/bin/bash",
- "-c",
- "/opt/amq/bin/readinessProbe.sh"
- ]
- }
- },
- "ports": [
- {
- "name": "jolokia",
- "containerPort": 8778,
- "protocol": "TCP"
- },
- {
- "name": "amqp",
- "containerPort": 5672,
- "protocol": "TCP"
- },
- {
- "name": "amqp-ssl",
- "containerPort": 5671,
- "protocol": "TCP"
- },
- {
- "name": "mqtt",
- "containerPort": 1883,
- "protocol": "TCP"
- },
- {
- "name": "stomp",
- "containerPort": 61613,
- "protocol": "TCP"
- },
- {
- "name": "stomp-ssl",
- "containerPort": 61612,
- "protocol": "TCP"
- },
- {
- "name": "tcp",
- "containerPort": 61616,
- "protocol": "TCP"
- },
- {
- "name": "tcp-ssl",
- "containerPort": 61617,
- "protocol": "TCP"
- }
- ],
- "env": [
- {
- "name": "AMQ_USER",
- "value": "${MQ_USERNAME}"
- },
- {
- "name": "AMQ_PASSWORD",
- "value": "${MQ_PASSWORD}"
- },
- {
- "name": "AMQ_TRANSPORTS",
- "value": "${MQ_PROTOCOL}"
- },
- {
- "name": "AMQ_SPLIT",
- "value": "${AMQ_SPLIT}"
- },
- {
- "name": "AMQ_MESH_DISCOVERY_TYPE",
- "value": "${AMQ_MESH_DISCOVERY_TYPE}"
- },
- {
- "name": "AMQ_MESH_SERVICE_NAME",
- "value": "${APPLICATION_NAME}-amq-tcp"
- },
- {
- "name": "AMQ_MESH_SERVICE_NAMESPACE",
- "valueFrom": {
- "fieldRef": {
- "fieldPath": "metadata.namespace"
- }
- }
- },
- {
- "name": "AMQ_STORAGE_USAGE_LIMIT",
- "value": "${AMQ_STORAGE_USAGE_LIMIT}"
- }
- ]
- }
- ],
- "volumes": [
- {
- "name": "${APPLICATION_NAME}-amq-pvol",
- "persistentVolumeClaim": {
- "claimName": "${APPLICATION_NAME}-amq-claim"
- }
- }
- ]
- }
- }
- }
- },
- {
- "apiVersion": "v1",
- "kind": "PersistentVolumeClaim",
- "metadata": {
- "name": "${APPLICATION_NAME}-amq-claim",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "accessModes": [
- "ReadWriteMany"
- ],
- "resources": {
- "requests": {
- "storage": "${VOLUME_CAPACITY}"
- }
- }
- }
- }
- ]
-}
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver63-amq-postgresql-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver63-amq-postgresql-s2i.json
deleted file mode 100644
index e7c5efdc9..000000000
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver63-amq-postgresql-s2i.json
+++ /dev/null
@@ -1,1004 +0,0 @@
-{
- "kind": "Template",
- "apiVersion": "v1",
- "metadata": {
- "annotations": {
- "description": "Application template for Red Hat JBoss BPM Suite 6.3 intelligent process server AMQ and PostgreSQL applications built using S2I.",
- "iconClass": "icon-jboss",
- "tags": "processserver,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server + A-MQ + PostgreSQL (Ephemeral with https)"
- },
- "name": "processserver63-amq-postgresql-s2i"
- },
- "labels": {
- "template": "processserver63-amq-postgresql-s2i",
- "xpaas": "1.4.0"
- },
- "message": "A new BPMS application (using PostgreSQL and A-MQ) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. And for the A-MQ service use the credentials ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
- "parameters": [
- {
- "displayName": "KIE Container Deployment",
- "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
- "name": "KIE_CONTAINER_DEPLOYMENT",
- "value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
- "required": false
- },
- {
- "displayName": "KIE Server Protocol",
- "description": "The protocol to access the KIE Server REST interface.",
- "name": "KIE_SERVER_PROTOCOL",
- "value": "https",
- "required": false
- },
- {
- "displayName": "KIE Server Port",
- "description": "The port to access the KIE Server REST interface.",
- "name": "KIE_SERVER_PORT",
- "value": "8443",
- "required": false
- },
- {
- "displayName": "KIE Server Username",
- "description": "The user name to access the KIE Server REST or JMS interface.",
- "name": "KIE_SERVER_USER",
- "value": "kieserver",
- "required": false
- },
- {
- "displayName": "KIE Server Password",
- "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
- "name": "KIE_SERVER_PASSWORD",
- "from": "[a-zA-Z]{6}[0-9]{1}!",
- "generate": "expression",
- "required": false
- },
- {
- "displayName": "KIE Server Domain",
- "description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
- "name": "KIE_SERVER_DOMAIN",
- "value": "other",
- "required": false
- },
- {
- "displayName": "KIE Server JMS Queues Request",
- "description": "JNDI name of request queue for JMS.",
- "name": "KIE_SERVER_JMS_QUEUES_REQUEST",
- "value": "queue/KIE.SERVER.REQUEST",
- "required": false
- },
- {
- "displayName": "KIE Server JMS Queues Response",
- "description": "JNDI name of response queue for JMS.",
- "name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
- "value": "queue/KIE.SERVER.RESPONSE",
- "required": false
- },
- {
- "displayName": "KIE Server Executor JMS Queue",
- "description": "JNDI name of executor queue for JMS.",
- "name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
- "value": "queue/KIE.SERVER.EXECUTOR",
- "required": false
- },
- {
- "displayName": "KIE Server Persistence Dialect",
- "description": "Hibernate persistence dialect.",
- "name": "KIE_SERVER_PERSISTENCE_DIALECT",
- "value": "org.hibernate.dialect.PostgreSQL82Dialect",
- "required": false
- },
- {
- "displayName": "Application Name",
- "description": "The name for the application.",
- "name": "APPLICATION_NAME",
- "value": "kie-app",
- "required": true
- },
- {
- "displayName": "Custom http Route Hostname",
- "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
- "name": "HOSTNAME_HTTP",
- "value": "",
- "required": false
- },
- {
- "displayName": "Custom https Route Hostname",
- "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
- "name": "HOSTNAME_HTTPS",
- "value": "",
- "required": false
- },
- {
- "displayName": "Git Repository URL",
- "description": "Git source URI for application",
- "name": "SOURCE_REPOSITORY_URL",
- "value": "https://github.com/jboss-openshift/openshift-quickstarts",
- "required": true
- },
- {
- "displayName": "Git Reference",
- "description": "Git branch/tag reference",
- "name": "SOURCE_REPOSITORY_REF",
- "value": "1.3",
- "required": false
- },
- {
- "displayName": "Context Directory",
- "description": "Path within Git project to build; empty for root project directory.",
- "name": "CONTEXT_DIR",
- "value": "processserver/library",
- "required": false
- },
- {
- "displayName": "Database JNDI Name",
- "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
- "name": "DB_JNDI",
- "value": "java:jboss/datasources/ExampleDS",
- "required": false
- },
- {
- "displayName": "Database Name",
- "description": "Database name",
- "name": "DB_DATABASE",
- "value": "root",
- "required": true
- },
- {
- "displayName": "JMS Connection Factory JNDI Name",
- "description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/JmsXA",
- "name": "MQ_JNDI",
- "value": "java:/JmsXA",
- "required": false
- },
- {
- "displayName": "A-MQ Protocols",
- "description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
- "name": "MQ_PROTOCOL",
- "value": "openwire",
- "required": false
- },
- {
- "displayName": "Queues",
- "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
- "name": "MQ_QUEUES",
- "value": "KIE.SERVER.REQUEST,KIE.SERVER.RESPONSE,KIE.SERVER.EXECUTOR",
- "required": false
- },
- {
- "displayName": "Topics",
- "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
- "name": "MQ_TOPICS",
- "value": "",
- "required": false
- },
- {
- "displayName": "Server Keystore Secret Name",
- "description": "The name of the secret containing the keystore file",
- "name": "HTTPS_SECRET",
- "value": "processserver-app-secret",
- "required": false
- },
- {
- "displayName": "Server Keystore Filename",
- "description": "The name of the keystore file within the secret",
- "name": "HTTPS_KEYSTORE",
- "value": "keystore.jks",
- "required": false
- },
- {
- "displayName": "Server Certificate Name",
- "description": "The name associated with the server certificate",
- "name": "HTTPS_NAME",
- "value": "jboss",
- "required": false
- },
- {
- "displayName": "Server Keystore Password",
- "description": "The password for the keystore and certificate",
- "name": "HTTPS_PASSWORD",
- "value": "mykeystorepass",
- "required": false
- },
- {
- "displayName": "Database Username",
- "description": "Database user name",
- "name": "DB_USERNAME",
- "from": "user[a-zA-Z0-9]{3}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Database Password",
- "description": "Database user password",
- "name": "DB_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Datasource Minimum Pool Size",
- "description": "Sets xa-pool/min-pool-size for the configured datasource.",
- "name": "DB_MIN_POOL_SIZE",
- "required": false
- },
- {
- "displayName": "Datasource Maximum Pool Size",
- "description": "Sets xa-pool/max-pool-size for the configured datasource.",
- "name": "DB_MAX_POOL_SIZE",
- "required": false
- },
- {
- "displayName": "Datasource Transaction Isolation",
- "description": "Sets transaction-isolation for the configured datasource.",
- "name": "DB_TX_ISOLATION",
- "required": false
- },
- {
- "displayName": "PostgreSQL Maximum number of connections",
- "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
- "name": "POSTGRESQL_MAX_CONNECTIONS",
- "required": false
- },
- {
- "displayName": "PostgreSQL Shared Buffers",
- "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
- "name": "POSTGRESQL_SHARED_BUFFERS",
- "required": false
- },
- {
- "displayName": "A-MQ Username",
- "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
- "name": "MQ_USERNAME",
- "from": "user[a-zA-Z0-9]{3}",
- "generate": "expression",
- "required": false
- },
- {
- "displayName": "A-MQ Password",
- "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
- "name": "MQ_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": false
- },
- {
- "displayName": "A-MQ Mesh Discovery Type",
- "description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
- "name": "AMQ_MESH_DISCOVERY_TYPE",
- "value": "kube",
- "required": false
- },
- {
- "displayName": "A-MQ Storage Limit",
- "description": "The A-MQ storage usage limit",
- "name": "AMQ_STORAGE_USAGE_LIMIT",
- "value": "100 gb",
- "required": false
- },
- {
- "displayName": "Github Webhook Secret",
- "description": "GitHub trigger secret",
- "name": "GITHUB_WEBHOOK_SECRET",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Generic Webhook Secret",
- "description": "Generic build trigger secret",
- "name": "GENERIC_WEBHOOK_SECRET",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "ImageStream Namespace",
- "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
- "name": "IMAGE_STREAM_NAMESPACE",
- "value": "openshift",
- "required": true
- },
- {
- "displayName": "Maven mirror URL",
- "description": "Maven mirror to use for S2I builds",
- "name": "MAVEN_MIRROR_URL",
- "value": "",
- "required": false
- },
- {
- "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
- "name": "ARTIFACT_DIR",
- "value": "",
- "required": false
- },
- {
- "displayName": "PostgreSQL Image Stream Tag",
- "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
- "name": "POSTGRESQL_IMAGE_STREAM_TAG",
- "value": "9.5",
- "required": true
- }
- ],
- "objects": [
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 8080,
- "targetPort": 8080
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The web server's http port.",
- "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
- }
- }
- },
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 8443,
- "targetPort": 8443
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- }
- },
- "metadata": {
- "name": "secure-${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The web server's https port.",
- "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
- }
- }
- },
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 5432,
- "targetPort": 5432
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}-postgresql"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}-postgresql",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The database server's port."
- }
- }
- },
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 61616,
- "targetPort": 61616
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}-amq"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}-amq-tcp",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The broker's OpenWire port."
- }
- }
- },
- {
- "kind": "Route",
- "apiVersion": "v1",
- "id": "${APPLICATION_NAME}-http",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "Route for application's http service."
- }
- },
- "spec": {
- "host": "${HOSTNAME_HTTP}",
- "to": {
- "name": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "kind": "Route",
- "apiVersion": "v1",
- "id": "${APPLICATION_NAME}-https",
- "metadata": {
- "name": "secure-${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "Route for application's https service."
- }
- },
- "spec": {
- "host": "${HOSTNAME_HTTPS}",
- "to": {
- "name": "secure-${APPLICATION_NAME}"
- },
- "tls": {
- "termination": "passthrough"
- }
- }
- },
- {
- "kind": "ImageStream",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "kind": "BuildConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "source": {
- "type": "Git",
- "git": {
- "uri": "${SOURCE_REPOSITORY_URL}",
- "ref": "${SOURCE_REPOSITORY_REF}"
- },
- "contextDir": "${CONTEXT_DIR}"
- },
- "strategy": {
- "type": "Source",
- "sourceStrategy": {
- "env": [
- {
- "name": "KIE_CONTAINER_DEPLOYMENT",
- "value": "${KIE_CONTAINER_DEPLOYMENT}"
- },
- {
- "name": "MAVEN_MIRROR_URL",
- "value": "${MAVEN_MIRROR_URL}"
- },
- {
- "name": "ARTIFACT_DIR",
- "value": "${ARTIFACT_DIR}"
- }
- ],
- "forcePull": true,
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver63-openshift:1.4"
- }
- }
- },
- "output": {
- "to": {
- "kind": "ImageStreamTag",
- "name": "${APPLICATION_NAME}:latest"
- }
- },
- "triggers": [
- {
- "type": "GitHub",
- "github": {
- "secret": "${GITHUB_WEBHOOK_SECRET}"
- }
- },
- {
- "type": "Generic",
- "generic": {
- "secret": "${GENERIC_WEBHOOK_SECRET}"
- }
- },
- {
- "type": "ImageChange",
- "imageChange": {}
- },
- {
- "type": "ConfigChange"
- }
- ]
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}"
- ],
- "from": {
- "kind": "ImageStream",
- "name": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}",
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "serviceAccountName": "processserver-service-account",
- "terminationGracePeriodSeconds": 60,
- "containers": [
- {
- "name": "${APPLICATION_NAME}",
- "image": "${APPLICATION_NAME}",
- "imagePullPolicy": "Always",
- "volumeMounts": [
- {
- "name": "processserver-keystore-volume",
- "mountPath": "/etc/processserver-secret-volume",
- "readOnly": true
- }
- ],
- "livenessProbe": {
- "exec": {
- "command": [
- "/bin/bash",
- "-c",
- "/opt/eap/bin/livenessProbe.sh"
- ]
- }
- },
- "readinessProbe": {
- "exec": {
- "command": [
- "/bin/bash",
- "-c",
- "/opt/eap/bin/readinessProbe.sh"
- ]
- }
- },
- "ports": [
- {
- "name": "jolokia",
- "containerPort": 8778,
- "protocol": "TCP"
- },
- {
- "name": "http",
- "containerPort": 8080,
- "protocol": "TCP"
- },
- {
- "name": "https",
- "containerPort": 8443,
- "protocol": "TCP"
- }
- ],
- "env": [
- {
- "name": "KIE_CONTAINER_DEPLOYMENT",
- "value": "${KIE_CONTAINER_DEPLOYMENT}"
- },
- {
- "name": "KIE_SERVER_PROTOCOL",
- "value": "${KIE_SERVER_PROTOCOL}"
- },
- {
- "name": "KIE_SERVER_PORT",
- "value": "${KIE_SERVER_PORT}"
- },
- {
- "name": "KIE_SERVER_USER",
- "value": "${KIE_SERVER_USER}"
- },
- {
- "name": "KIE_SERVER_PASSWORD",
- "value": "${KIE_SERVER_PASSWORD}"
- },
- {
- "name": "KIE_SERVER_DOMAIN",
- "value": "${KIE_SERVER_DOMAIN}"
- },
- {
- "name": "KIE_SERVER_JMS_QUEUES_REQUEST",
- "value": "${KIE_SERVER_JMS_QUEUES_REQUEST}"
- },
- {
- "name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
- "value": "${KIE_SERVER_JMS_QUEUES_RESPONSE}"
- },
- {
- "name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
- "value": "${KIE_SERVER_EXECUTOR_JMS_QUEUE}"
- },
- {
- "name": "MQ_SERVICE_PREFIX_MAPPING",
- "value": "${APPLICATION_NAME}-amq=MQ"
- },
- {
- "name": "MQ_JNDI",
- "value": "${MQ_JNDI}"
- },
- {
- "name": "MQ_USERNAME",
- "value": "${MQ_USERNAME}"
- },
- {
- "name": "MQ_PASSWORD",
- "value": "${MQ_PASSWORD}"
- },
- {
- "name": "MQ_PROTOCOL",
- "value": "tcp"
- },
- {
- "name": "MQ_QUEUES",
- "value": "${MQ_QUEUES}"
- },
- {
- "name": "MQ_TOPICS",
- "value": "${MQ_TOPICS}"
- },
- {
- "name": "KIE_SERVER_PERSISTENCE_DIALECT",
- "value": "${KIE_SERVER_PERSISTENCE_DIALECT}"
- },
- {
- "name": "DB_SERVICE_PREFIX_MAPPING",
- "value": "${APPLICATION_NAME}-postgresql=DB"
- },
- {
- "name": "DB_JNDI",
- "value": "${DB_JNDI}"
- },
- {
- "name": "DB_USERNAME",
- "value": "${DB_USERNAME}"
- },
- {
- "name": "DB_PASSWORD",
- "value": "${DB_PASSWORD}"
- },
- {
- "name": "DB_DATABASE",
- "value": "${DB_DATABASE}"
- },
- {
- "name": "TX_DATABASE_PREFIX_MAPPING",
- "value": "${APPLICATION_NAME}-postgresql=DB"
- },
- {
- "name": "DB_MIN_POOL_SIZE",
- "value": "${DB_MIN_POOL_SIZE}"
- },
- {
- "name": "DB_MAX_POOL_SIZE",
- "value": "${DB_MAX_POOL_SIZE}"
- },
- {
- "name": "DB_TX_ISOLATION",
- "value": "${DB_TX_ISOLATION}"
- },
- {
- "name": "HTTPS_KEYSTORE_DIR",
- "value": "/etc/processserver-secret-volume"
- },
- {
- "name": "HTTPS_KEYSTORE",
- "value": "${HTTPS_KEYSTORE}"
- },
- {
- "name": "HTTPS_NAME",
- "value": "${HTTPS_NAME}"
- },
- {
- "name": "HTTPS_PASSWORD",
- "value": "${HTTPS_PASSWORD}"
- }
- ]
- }
- ],
- "volumes": [
- {
- "name": "processserver-keystore-volume",
- "secret": {
- "secretName": "${HTTPS_SECRET}"
- }
- }
- ]
- }
- }
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}-postgresql",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}-postgresql"
- ],
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}-postgresql"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}-postgresql",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}-postgresql",
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "terminationGracePeriodSeconds": 60,
- "containers": [
- {
- "name": "${APPLICATION_NAME}-postgresql",
- "image": "postgresql",
- "imagePullPolicy": "Always",
- "ports": [
- {
- "containerPort": 5432,
- "protocol": "TCP"
- }
- ],
- "env": [
- {
- "name": "POSTGRESQL_USER",
- "value": "${DB_USERNAME}"
- },
- {
- "name": "POSTGRESQL_PASSWORD",
- "value": "${DB_PASSWORD}"
- },
- {
- "name": "POSTGRESQL_DATABASE",
- "value": "${DB_DATABASE}"
- },
- {
- "name": "POSTGRESQL_MAX_CONNECTIONS",
- "value": "${POSTGRESQL_MAX_CONNECTIONS}"
- },
- {
- "name": "POSTGRESQL_SHARED_BUFFERS",
- "value": "${POSTGRESQL_SHARED_BUFFERS}"
- }
- ]
- }
- ]
- }
- }
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}-amq",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}-amq"
- ],
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.4"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}-amq"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}-amq",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}-amq",
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "terminationGracePeriodSeconds": 60,
- "containers": [
- {
- "name": "${APPLICATION_NAME}-amq",
- "image": "jboss-amq-62",
- "imagePullPolicy": "Always",
- "readinessProbe": {
- "exec": {
- "command": [
- "/bin/bash",
- "-c",
- "/opt/amq/bin/readinessProbe.sh"
- ]
- }
- },
- "ports": [
- {
- "name": "jolokia",
- "containerPort": 8778,
- "protocol": "TCP"
- },
- {
- "name": "amqp",
- "containerPort": 5672,
- "protocol": "TCP"
- },
- {
- "name": "amqp-ssl",
- "containerPort": 5671,
- "protocol": "TCP"
- },
- {
- "name": "mqtt",
- "containerPort": 1883,
- "protocol": "TCP"
- },
- {
- "name": "stomp",
- "containerPort": 61613,
- "protocol": "TCP"
- },
- {
- "name": "stomp-ssl",
- "containerPort": 61612,
- "protocol": "TCP"
- },
- {
- "name": "tcp",
- "containerPort": 61616,
- "protocol": "TCP"
- },
- {
- "name": "tcp-ssl",
- "containerPort": 61617,
- "protocol": "TCP"
- }
- ],
- "env": [
- {
- "name": "AMQ_USER",
- "value": "${MQ_USERNAME}"
- },
- {
- "name": "AMQ_PASSWORD",
- "value": "${MQ_PASSWORD}"
- },
- {
- "name": "AMQ_TRANSPORTS",
- "value": "${MQ_PROTOCOL}"
- },
- {
- "name": "AMQ_MESH_DISCOVERY_TYPE",
- "value": "${AMQ_MESH_DISCOVERY_TYPE}"
- },
- {
- "name": "AMQ_MESH_SERVICE_NAME",
- "value": "${APPLICATION_NAME}-amq-tcp"
- },
- {
- "name": "AMQ_MESH_SERVICE_NAMESPACE",
- "valueFrom": {
- "fieldRef": {
- "fieldPath": "metadata.namespace"
- }
- }
- },
- {
- "name": "AMQ_STORAGE_USAGE_LIMIT",
- "value": "${AMQ_STORAGE_USAGE_LIMIT}"
- }
- ]
- }
- ]
- }
- }
- }
- }
- ]
-}
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver63-basic-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver63-basic-s2i.json
deleted file mode 100644
index e70d20a6e..000000000
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver63-basic-s2i.json
+++ /dev/null
@@ -1,383 +0,0 @@
-{
- "kind": "Template",
- "apiVersion": "v1",
- "metadata": {
- "annotations": {
- "description": "Application template for Red Hat JBoss BPM Suite 6.3 intelligent process server applications built using S2I.",
- "iconClass": "icon-jboss",
- "tags": "processserver,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server (no https)"
- },
- "name": "processserver63-basic-s2i"
- },
- "labels": {
- "template": "processserver63-basic-s2i",
- "xpaas": "1.4.0"
- },
- "message": "A new BPMS application has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}.",
- "parameters": [
- {
- "displayName": "KIE Container Deployment",
- "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
- "name": "KIE_CONTAINER_DEPLOYMENT",
- "value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
- "required": false
- },
- {
- "displayName": "KIE Server Username",
- "description": "The user name to access the KIE Server REST or JMS interface.",
- "name": "KIE_SERVER_USER",
- "value": "kieserver",
- "required": false
- },
- {
- "displayName": "KIE Server Password",
- "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
- "name": "KIE_SERVER_PASSWORD",
- "from": "[a-zA-Z]{6}[0-9]{1}!",
- "generate": "expression",
- "required": false
- },
- {
- "displayName": "KIE Server Persistence Dialect",
- "description": "Hibernate persistence dialect.",
- "name": "KIE_SERVER_PERSISTENCE_DIALECT",
- "value": "org.hibernate.dialect.H2Dialect",
- "required": false
- },
- {
- "displayName": "Application Name",
- "description": "The name for the application.",
- "name": "APPLICATION_NAME",
- "value": "kie-app",
- "required": true
- },
- {
- "displayName": "Custom http Route Hostname",
- "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
- "name": "HOSTNAME_HTTP",
- "value": "",
- "required": false
- },
- {
- "displayName": "Git Repository URL",
- "description": "Git source URI for application",
- "name": "SOURCE_REPOSITORY_URL",
- "value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
- "required": true
- },
- {
- "displayName": "Git Reference",
- "description": "Git branch/tag reference",
- "name": "SOURCE_REPOSITORY_REF",
- "value": "1.3",
- "required": false
- },
- {
- "displayName": "Context Directory",
- "description": "Path within Git project to build; empty for root project directory.",
- "name": "CONTEXT_DIR",
- "value": "processserver/library",
- "required": false
- },
- {
- "displayName": "Queues",
- "description": "Queue names",
- "name": "HORNETQ_QUEUES",
- "value": "",
- "required": false
- },
- {
- "displayName": "Topics",
- "description": "Topic names",
- "name": "HORNETQ_TOPICS",
- "value": "",
- "required": false
- },
- {
- "displayName": "HornetQ Password",
- "description": "HornetQ cluster admin password",
- "name": "HORNETQ_CLUSTER_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Github Webhook Secret",
- "description": "GitHub trigger secret",
- "name": "GITHUB_WEBHOOK_SECRET",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Generic Webhook Secret",
- "description": "Generic build trigger secret",
- "name": "GENERIC_WEBHOOK_SECRET",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "ImageStream Namespace",
- "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
- "name": "IMAGE_STREAM_NAMESPACE",
- "value": "openshift",
- "required": true
- },
- {
- "displayName": "Maven mirror URL",
- "description": "Maven mirror to use for S2I builds",
- "name": "MAVEN_MIRROR_URL",
- "value": "",
- "required": false
- },
- {
- "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
- "name": "ARTIFACT_DIR",
- "value": "",
- "required": false
- }
- ],
- "objects": [
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 8080,
- "targetPort": 8080
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The web server's http port."
- }
- }
- },
- {
- "kind": "Route",
- "apiVersion": "v1",
- "id": "${APPLICATION_NAME}-http",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "Route for application's http service."
- }
- },
- "spec": {
- "host": "${HOSTNAME_HTTP}",
- "to": {
- "name": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "kind": "ImageStream",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "kind": "BuildConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "source": {
- "type": "Git",
- "git": {
- "uri": "${SOURCE_REPOSITORY_URL}",
- "ref": "${SOURCE_REPOSITORY_REF}"
- },
- "contextDir": "${CONTEXT_DIR}"
- },
- "strategy": {
- "type": "Source",
- "sourceStrategy": {
- "env": [
- {
- "name": "KIE_CONTAINER_DEPLOYMENT",
- "value": "${KIE_CONTAINER_DEPLOYMENT}"
- },
- {
- "name": "MAVEN_MIRROR_URL",
- "value": "${MAVEN_MIRROR_URL}"
- },
- {
- "name": "ARTIFACT_DIR",
- "value": "${ARTIFACT_DIR}"
- }
- ],
- "forcePull": true,
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver63-openshift:1.4"
- }
- }
- },
- "output": {
- "to": {
- "kind": "ImageStreamTag",
- "name": "${APPLICATION_NAME}:latest"
- }
- },
- "triggers": [
- {
- "type": "GitHub",
- "github": {
- "secret": "${GITHUB_WEBHOOK_SECRET}"
- }
- },
- {
- "type": "Generic",
- "generic": {
- "secret": "${GENERIC_WEBHOOK_SECRET}"
- }
- },
- {
- "type": "ImageChange",
- "imageChange": {}
- },
- {
- "type": "ConfigChange"
- }
- ]
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}"
- ],
- "from": {
- "kind": "ImageStream",
- "name": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}",
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "terminationGracePeriodSeconds": 60,
- "containers": [
- {
- "name": "${APPLICATION_NAME}",
- "image": "${APPLICATION_NAME}",
- "imagePullPolicy": "Always",
- "livenessProbe": {
- "exec": {
- "command": [
- "/bin/bash",
- "-c",
- "/opt/eap/bin/livenessProbe.sh"
- ]
- }
- },
- "readinessProbe": {
- "exec": {
- "command": [
- "/bin/bash",
- "-c",
- "/opt/eap/bin/readinessProbe.sh"
- ]
- }
- },
- "ports": [
- {
- "name": "jolokia",
- "containerPort": 8778,
- "protocol": "TCP"
- },
- {
- "name": "http",
- "containerPort": 8080,
- "protocol": "TCP"
- }
- ],
- "env": [
- {
- "name": "KIE_CONTAINER_DEPLOYMENT",
- "value": "${KIE_CONTAINER_DEPLOYMENT}"
- },
- {
- "name": "KIE_SERVER_USER",
- "value": "${KIE_SERVER_USER}"
- },
- {
- "name": "KIE_SERVER_PASSWORD",
- "value": "${KIE_SERVER_PASSWORD}"
- },
- {
- "name": "HORNETQ_CLUSTER_PASSWORD",
- "value": "${HORNETQ_CLUSTER_PASSWORD}"
- },
- {
- "name": "HORNETQ_QUEUES",
- "value": "${HORNETQ_QUEUES}"
- },
- {
- "name": "HORNETQ_TOPICS",
- "value": "${HORNETQ_TOPICS}"
- }
- ]
- }
- ]
- }
- }
- }
- }
- ]
-}
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver63-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver63-mysql-persistent-s2i.json
deleted file mode 100644
index f76b07b0b..000000000
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver63-mysql-persistent-s2i.json
+++ /dev/null
@@ -1,860 +0,0 @@
-{
- "kind": "Template",
- "apiVersion": "v1",
- "metadata": {
- "annotations": {
- "description": "Application template for Red Hat JBoss BPM Suite 6.3 intelligent process server MySQL applications with persistent storage built using S2I.",
- "iconClass": "icon-jboss",
- "tags": "processserver,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server + MySQL (Persistent with https)"
- },
- "name": "processserver63-mysql-persistent-s2i"
- },
- "labels": {
- "template": "processserver63-mysql-persistent-s2i",
- "xpaas": "1.4.0"
- },
- "message": "A new persistent BPMS application (using MySQL) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
- "parameters": [
- {
- "displayName": "KIE Container Deployment",
- "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
- "name": "KIE_CONTAINER_DEPLOYMENT",
- "value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
- "required": false
- },
- {
- "displayName": "KIE Server Protocol",
- "description": "The protocol to access the KIE Server REST interface.",
- "name": "KIE_SERVER_PROTOCOL",
- "value": "https",
- "required": false
- },
- {
- "displayName": "KIE Server Port",
- "description": "The port to access the KIE Server REST interface.",
- "name": "KIE_SERVER_PORT",
- "value": "8443",
- "required": false
- },
- {
- "displayName": "KIE Server Username",
- "description": "The user name to access the KIE Server REST or JMS interface.",
- "name": "KIE_SERVER_USER",
- "value": "kieserver",
- "required": false
- },
- {
- "displayName": "KIE Server Password",
- "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
- "name": "KIE_SERVER_PASSWORD",
- "from": "[a-zA-Z]{6}[0-9]{1}!",
- "generate": "expression",
- "required": false
- },
- {
- "displayName": "KIE Server Domain",
- "description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
- "name": "KIE_SERVER_DOMAIN",
- "value": "other",
- "required": false
- },
- {
- "displayName": "KIE Server Persistence Dialect",
- "description": "Hibernate persistence dialect.",
- "name": "KIE_SERVER_PERSISTENCE_DIALECT",
- "value": "org.hibernate.dialect.MySQL5Dialect",
- "required": false
- },
- {
- "displayName": "Application Name",
- "description": "The name for the application.",
- "name": "APPLICATION_NAME",
- "value": "kie-app",
- "required": true
- },
- {
- "displayName": "Custom http Route Hostname",
- "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
- "name": "HOSTNAME_HTTP",
- "value": "",
- "required": false
- },
- {
- "displayName": "Custom https Route Hostname",
- "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
- "name": "HOSTNAME_HTTPS",
- "value": "",
- "required": false
- },
- {
- "displayName": "Git Repository URL",
- "description": "Git source URI for application",
- "name": "SOURCE_REPOSITORY_URL",
- "value": "https://github.com/jboss-openshift/openshift-quickstarts",
- "required": true
- },
- {
- "displayName": "Git Reference",
- "description": "Git branch/tag reference",
- "name": "SOURCE_REPOSITORY_REF",
- "value": "1.3",
- "required": false
- },
- {
- "displayName": "Context Directory",
- "description": "Path within Git project to build; empty for root project directory.",
- "name": "CONTEXT_DIR",
- "value": "processserver/library",
- "required": false
- },
- {
- "displayName": "Database JNDI Name",
- "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
- "name": "DB_JNDI",
- "value": "java:jboss/datasources/ExampleDS",
- "required": false
- },
- {
- "displayName": "Database Name",
- "description": "Database name",
- "name": "DB_DATABASE",
- "value": "root",
- "required": true
- },
- {
- "displayName": "Database Volume Capacity",
- "description": "Size of persistent storage for database volume.",
- "name": "VOLUME_CAPACITY",
- "value": "512Mi",
- "required": true
- },
- {
- "displayName": "Queues",
- "description": "Queue names",
- "name": "HORNETQ_QUEUES",
- "value": "",
- "required": false
- },
- {
- "displayName": "Topics",
- "description": "Topic names",
- "name": "HORNETQ_TOPICS",
- "value": "",
- "required": false
- },
- {
- "displayName": "Server Keystore Secret Name",
- "description": "The name of the secret containing the keystore file",
- "name": "HTTPS_SECRET",
- "value": "processserver-app-secret",
- "required": false
- },
- {
- "displayName": "Server Keystore Filename",
- "description": "The name of the keystore file within the secret",
- "name": "HTTPS_KEYSTORE",
- "value": "keystore.jks",
- "required": false
- },
- {
- "displayName": "Server Certificate Name",
- "description": "The name associated with the server certificate",
- "name": "HTTPS_NAME",
- "value": "jboss",
- "required": false
- },
- {
- "displayName": "Server Keystore Password",
- "description": "The password for the keystore and certificate",
- "name": "HTTPS_PASSWORD",
- "value": "mykeystorepass",
- "required": false
- },
- {
- "displayName": "Database Username",
- "description": "Database user name",
- "name": "DB_USERNAME",
- "from": "user[a-zA-Z0-9]{3}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Database Password",
- "description": "Database user password",
- "name": "DB_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Datasource Minimum Pool Size",
- "description": "Sets xa-pool/min-pool-size for the configured datasource.",
- "name": "DB_MIN_POOL_SIZE",
- "required": false
- },
- {
- "displayName": "Datasource Maximum Pool Size",
- "description": "Sets xa-pool/max-pool-size for the configured datasource.",
- "name": "DB_MAX_POOL_SIZE",
- "required": false
- },
- {
- "displayName": "Datasource Transaction Isolation",
- "description": "Sets transaction-isolation for the configured datasource.",
- "name": "DB_TX_ISOLATION",
- "required": false
- },
- {
- "displayName": "MySQL Lower Case Table Names",
- "description": "Sets how the table names are stored and compared.",
- "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
- "required": false
- },
- {
- "displayName": "MySQL Maximum number of connections",
- "description": "The maximum permitted number of simultaneous client connections.",
- "name": "MYSQL_MAX_CONNECTIONS",
- "required": false
- },
- {
- "displayName": "MySQL FullText Minimum Word Length",
- "description": "The minimum length of the word to be included in a FULLTEXT index.",
- "name": "MYSQL_FT_MIN_WORD_LEN",
- "required": false
- },
- {
- "displayName": "MySQL FullText Maximum Word Length",
- "description": "The maximum length of the word to be included in a FULLTEXT index.",
- "name": "MYSQL_FT_MAX_WORD_LEN",
- "required": false
- },
- {
- "displayName": "MySQL AIO",
- "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
- "name": "MYSQL_AIO",
- "required": false
- },
- {
- "displayName": "HornetQ Password",
- "description": "HornetQ cluster admin password",
- "name": "HORNETQ_CLUSTER_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Github Webhook Secret",
- "description": "GitHub trigger secret",
- "name": "GITHUB_WEBHOOK_SECRET",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Generic Webhook Secret",
- "description": "Generic build trigger secret",
- "name": "GENERIC_WEBHOOK_SECRET",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "ImageStream Namespace",
- "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
- "name": "IMAGE_STREAM_NAMESPACE",
- "value": "openshift",
- "required": true
- },
- {
- "displayName": "Maven mirror URL",
- "description": "Maven mirror to use for S2I builds",
- "name": "MAVEN_MIRROR_URL",
- "value": "",
- "required": false
- },
- {
- "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
- "name": "ARTIFACT_DIR",
- "value": "",
- "required": false
- },
- {
- "displayName": "MySQL Image Stream Tag",
- "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
- "name": "MYSQL_IMAGE_STREAM_TAG",
- "value": "5.7",
- "required": true
- }
- ],
- "objects": [
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 8080,
- "targetPort": 8080
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The web server's http port.",
- "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
- }
- }
- },
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 8443,
- "targetPort": 8443
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- }
- },
- "metadata": {
- "name": "secure-${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The web server's https port.",
- "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
- }
- }
- },
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 3306,
- "targetPort": 3306
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}-mysql"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}-mysql",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The database server's port."
- }
- }
- },
- {
- "kind": "Route",
- "apiVersion": "v1",
- "id": "${APPLICATION_NAME}-http",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "Route for application's http service."
- }
- },
- "spec": {
- "host": "${HOSTNAME_HTTP}",
- "to": {
- "name": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "kind": "Route",
- "apiVersion": "v1",
- "id": "${APPLICATION_NAME}-https",
- "metadata": {
- "name": "secure-${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "Route for application's https service."
- }
- },
- "spec": {
- "host": "${HOSTNAME_HTTPS}",
- "to": {
- "name": "secure-${APPLICATION_NAME}"
- },
- "tls": {
- "termination": "passthrough"
- }
- }
- },
- {
- "kind": "ImageStream",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "kind": "BuildConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "source": {
- "type": "Git",
- "git": {
- "uri": "${SOURCE_REPOSITORY_URL}",
- "ref": "${SOURCE_REPOSITORY_REF}"
- },
- "contextDir": "${CONTEXT_DIR}"
- },
- "strategy": {
- "type": "Source",
- "sourceStrategy": {
- "env": [
- {
- "name": "KIE_CONTAINER_DEPLOYMENT",
- "value": "${KIE_CONTAINER_DEPLOYMENT}"
- },
- {
- "name": "MAVEN_MIRROR_URL",
- "value": "${MAVEN_MIRROR_URL}"
- },
- {
- "name": "ARTIFACT_DIR",
- "value": "${ARTIFACT_DIR}"
- }
- ],
- "forcePull": true,
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver63-openshift:1.4"
- }
- }
- },
- "output": {
- "to": {
- "kind": "ImageStreamTag",
- "name": "${APPLICATION_NAME}:latest"
- }
- },
- "triggers": [
- {
- "type": "GitHub",
- "github": {
- "secret": "${GITHUB_WEBHOOK_SECRET}"
- }
- },
- {
- "type": "Generic",
- "generic": {
- "secret": "${GENERIC_WEBHOOK_SECRET}"
- }
- },
- {
- "type": "ImageChange",
- "imageChange": {}
- },
- {
- "type": "ConfigChange"
- }
- ]
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}"
- ],
- "from": {
- "kind": "ImageStream",
- "name": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}",
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "serviceAccountName": "processserver-service-account",
- "terminationGracePeriodSeconds": 60,
- "containers": [
- {
- "name": "${APPLICATION_NAME}",
- "image": "${APPLICATION_NAME}",
- "imagePullPolicy": "Always",
- "volumeMounts": [
- {
- "name": "processserver-keystore-volume",
- "mountPath": "/etc/processserver-secret-volume",
- "readOnly": true
- }
- ],
- "livenessProbe": {
- "exec": {
- "command": [
- "/bin/bash",
- "-c",
- "/opt/eap/bin/livenessProbe.sh"
- ]
- }
- },
- "readinessProbe": {
- "exec": {
- "command": [
- "/bin/bash",
- "-c",
- "/opt/eap/bin/readinessProbe.sh"
- ]
- }
- },
- "ports": [
- {
- "name": "jolokia",
- "containerPort": 8778,
- "protocol": "TCP"
- },
- {
- "name": "http",
- "containerPort": 8080,
- "protocol": "TCP"
- },
- {
- "name": "https",
- "containerPort": 8443,
- "protocol": "TCP"
- }
- ],
- "env": [
- {
- "name": "KIE_CONTAINER_DEPLOYMENT",
- "value": "${KIE_CONTAINER_DEPLOYMENT}"
- },
- {
- "name": "KIE_SERVER_PROTOCOL",
- "value": "${KIE_SERVER_PROTOCOL}"
- },
- {
- "name": "KIE_SERVER_PORT",
- "value": "${KIE_SERVER_PORT}"
- },
- {
- "name": "KIE_SERVER_USER",
- "value": "${KIE_SERVER_USER}"
- },
- {
- "name": "KIE_SERVER_PASSWORD",
- "value": "${KIE_SERVER_PASSWORD}"
- },
- {
- "name": "KIE_SERVER_DOMAIN",
- "value": "${KIE_SERVER_DOMAIN}"
- },
- {
- "name": "KIE_SERVER_PERSISTENCE_DIALECT",
- "value": "${KIE_SERVER_PERSISTENCE_DIALECT}"
- },
- {
- "name": "DB_SERVICE_PREFIX_MAPPING",
- "value": "${APPLICATION_NAME}-mysql=DB,${APPLICATION_NAME}-mysql=QUARTZ"
- },
- {
- "name": "TX_DATABASE_PREFIX_MAPPING",
- "value": "${APPLICATION_NAME}-mysql=DB"
- },
- {
- "name": "DB_JNDI",
- "value": "${DB_JNDI}"
- },
- {
- "name": "DB_USERNAME",
- "value": "${DB_USERNAME}"
- },
- {
- "name": "DB_PASSWORD",
- "value": "${DB_PASSWORD}"
- },
- {
- "name": "DB_DATABASE",
- "value": "${DB_DATABASE}"
- },
- {
- "name": "DB_MIN_POOL_SIZE",
- "value": "${DB_MIN_POOL_SIZE}"
- },
- {
- "name": "DB_MAX_POOL_SIZE",
- "value": "${DB_MAX_POOL_SIZE}"
- },
- {
- "name": "DB_TX_ISOLATION",
- "value": "${DB_TX_ISOLATION}"
- },
- {
- "name": "QUARTZ_JNDI",
- "value": "${DB_JNDI}NotManaged"
- },
- {
- "name": "QUARTZ_USERNAME",
- "value": "${DB_USERNAME}"
- },
- {
- "name": "QUARTZ_PASSWORD",
- "value": "${DB_PASSWORD}"
- },
- {
- "name": "QUARTZ_DATABASE",
- "value": "${DB_DATABASE}"
- },
- {
- "name": "QUARTZ_MIN_POOL_SIZE",
- "value": "${DB_MIN_POOL_SIZE}"
- },
- {
- "name": "QUARTZ_MAX_POOL_SIZE",
- "value": "${DB_MAX_POOL_SIZE}"
- },
- {
- "name": "QUARTZ_TX_ISOLATION",
- "value": "${DB_TX_ISOLATION}"
- },
- {
- "name": "QUARTZ_JTA",
- "value": "false"
- },
- {
- "name": "QUARTZ_NONXA",
- "value": "true"
- },
- {
- "name": "HTTPS_KEYSTORE_DIR",
- "value": "/etc/processserver-secret-volume"
- },
- {
- "name": "HTTPS_KEYSTORE",
- "value": "${HTTPS_KEYSTORE}"
- },
- {
- "name": "HTTPS_NAME",
- "value": "${HTTPS_NAME}"
- },
- {
- "name": "HTTPS_PASSWORD",
- "value": "${HTTPS_PASSWORD}"
- },
- {
- "name": "HORNETQ_CLUSTER_PASSWORD",
- "value": "${HORNETQ_CLUSTER_PASSWORD}"
- },
- {
- "name": "HORNETQ_QUEUES",
- "value": "${HORNETQ_QUEUES}"
- },
- {
- "name": "HORNETQ_TOPICS",
- "value": "${HORNETQ_TOPICS}"
- }
- ]
- }
- ],
- "volumes": [
- {
- "name": "processserver-keystore-volume",
- "secret": {
- "secretName": "${HTTPS_SECRET}"
- }
- }
- ]
- }
- }
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}-mysql",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}-mysql"
- ],
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}-mysql"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}-mysql",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}-mysql",
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "terminationGracePeriodSeconds": 60,
- "containers": [
- {
- "name": "${APPLICATION_NAME}-mysql",
- "image": "mysql",
- "imagePullPolicy": "Always",
- "ports": [
- {
- "containerPort": 3306,
- "protocol": "TCP"
- }
- ],
- "volumeMounts": [
- {
- "mountPath": "/var/lib/mysql/data",
- "name": "${APPLICATION_NAME}-mysql-pvol"
- }
- ],
- "env": [
- {
- "name": "MYSQL_USER",
- "value": "${DB_USERNAME}"
- },
- {
- "name": "MYSQL_PASSWORD",
- "value": "${DB_PASSWORD}"
- },
- {
- "name": "MYSQL_DATABASE",
- "value": "${DB_DATABASE}"
- },
- {
- "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
- "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
- },
- {
- "name": "MYSQL_MAX_CONNECTIONS",
- "value": "${MYSQL_MAX_CONNECTIONS}"
- },
- {
- "name": "MYSQL_FT_MIN_WORD_LEN",
- "value": "${MYSQL_FT_MIN_WORD_LEN}"
- },
- {
- "name": "MYSQL_FT_MAX_WORD_LEN",
- "value": "${MYSQL_FT_MAX_WORD_LEN}"
- },
- {
- "name": "MYSQL_AIO",
- "value": "${MYSQL_AIO}"
- }
- ]
- }
- ],
- "volumes": [
- {
- "name": "${APPLICATION_NAME}-mysql-pvol",
- "persistentVolumeClaim": {
- "claimName": "${APPLICATION_NAME}-mysql-claim"
- }
- }
- ]
- }
- }
- }
- },
- {
- "apiVersion": "v1",
- "kind": "PersistentVolumeClaim",
- "metadata": {
- "name": "${APPLICATION_NAME}-mysql-claim",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "accessModes": [
- "ReadWriteOnce"
- ],
- "resources": {
- "requests": {
- "storage": "${VOLUME_CAPACITY}"
- }
- }
- }
- }
- ]
-}
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver63-mysql-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver63-mysql-s2i.json
deleted file mode 100644
index a3be02eab..000000000
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver63-mysql-s2i.json
+++ /dev/null
@@ -1,783 +0,0 @@
-{
- "kind": "Template",
- "apiVersion": "v1",
- "metadata": {
- "annotations": {
- "description": "Application template for Red Hat JBoss BPM Suite 6.3 intelligent process server MySQL applications built using S2I.",
- "iconClass": "icon-jboss",
- "tags": "processserver,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server + MySQL (Ephemeral with https)"
- },
- "name": "processserver63-mysql-s2i"
- },
- "labels": {
- "template": "processserver63-mysql-s2i",
- "xpaas": "1.4.0"
- },
- "message": "A new BPMS application (using MySQL) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
- "parameters": [
- {
- "displayName": "KIE Container Deployment",
- "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
- "name": "KIE_CONTAINER_DEPLOYMENT",
- "value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
- "required": false
- },
- {
- "displayName": "KIE Server Protocol",
- "description": "The protocol to access the KIE Server REST interface.",
- "name": "KIE_SERVER_PROTOCOL",
- "value": "https",
- "required": false
- },
- {
- "displayName": "KIE Server Port",
- "description": "The port to access the KIE Server REST interface.",
- "name": "KIE_SERVER_PORT",
- "value": "8443",
- "required": false
- },
- {
- "displayName": "KIE Server Username",
- "description": "The user name to access the KIE Server REST or JMS interface.",
- "name": "KIE_SERVER_USER",
- "value": "kieserver",
- "required": false
- },
- {
- "displayName": "KIE Server Password",
- "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
- "name": "KIE_SERVER_PASSWORD",
- "from": "[a-zA-Z]{6}[0-9]{1}!",
- "generate": "expression",
- "required": false
- },
- {
- "displayName": "KIE Server Domain",
- "description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
- "name": "KIE_SERVER_DOMAIN",
- "value": "other",
- "required": false
- },
- {
- "displayName": "KIE Server Persistence Dialect",
- "description": "Hibernate persistence dialect.",
- "name": "KIE_SERVER_PERSISTENCE_DIALECT",
- "value": "org.hibernate.dialect.MySQL5Dialect",
- "required": false
- },
- {
- "displayName": "Application Name",
- "description": "The name for the application.",
- "name": "APPLICATION_NAME",
- "value": "kie-app",
- "required": true
- },
- {
- "displayName": "Custom http Route Hostname",
- "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
- "name": "HOSTNAME_HTTP",
- "value": "",
- "required": false
- },
- {
- "displayName": "Custom https Route Hostname",
- "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
- "name": "HOSTNAME_HTTPS",
- "value": "",
- "required": false
- },
- {
- "displayName": "Git Repository URL",
- "description": "Git source URI for application",
- "name": "SOURCE_REPOSITORY_URL",
- "value": "https://github.com/jboss-openshift/openshift-quickstarts",
- "required": true
- },
- {
- "displayName": "Git Reference",
- "description": "Git branch/tag reference",
- "name": "SOURCE_REPOSITORY_REF",
- "value": "1.3",
- "required": false
- },
- {
- "displayName": "Context Directory",
- "description": "Path within Git project to build; empty for root project directory.",
- "name": "CONTEXT_DIR",
- "value": "processserver/library",
- "required": false
- },
- {
- "displayName": "Database JNDI Name",
- "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
- "name": "DB_JNDI",
- "value": "java:jboss/datasources/ExampleDS",
- "required": false
- },
- {
- "displayName": "Database Name",
- "description": "Database name",
- "name": "DB_DATABASE",
- "value": "root",
- "required": true
- },
- {
- "displayName": "Queues",
- "description": "Queue names",
- "name": "HORNETQ_QUEUES",
- "value": "",
- "required": false
- },
- {
- "displayName": "Topics",
- "description": "Topic names",
- "name": "HORNETQ_TOPICS",
- "value": "",
- "required": false
- },
- {
- "displayName": "Server Keystore Secret Name",
- "description": "The name of the secret containing the keystore file",
- "name": "HTTPS_SECRET",
- "value": "processserver-app-secret",
- "required": false
- },
- {
- "displayName": "Server Keystore Filename",
- "description": "The name of the keystore file within the secret",
- "name": "HTTPS_KEYSTORE",
- "value": "keystore.jks",
- "required": false
- },
- {
- "displayName": "Server Certificate Name",
- "description": "The name associated with the server certificate",
- "name": "HTTPS_NAME",
- "value": "jboss",
- "required": false
- },
- {
- "displayName": "Server Keystore Password",
- "description": "The password for the keystore and certificate",
- "name": "HTTPS_PASSWORD",
- "value": "mykeystorepass",
- "required": false
- },
- {
- "displayName": "Database Username",
- "description": "Database user name",
- "name": "DB_USERNAME",
- "from": "user[a-zA-Z0-9]{3}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Database Password",
- "description": "Database user password",
- "name": "DB_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Datasource Minimum Pool Size",
- "description": "Sets xa-pool/min-pool-size for the configured datasource.",
- "name": "DB_MIN_POOL_SIZE",
- "required": false
- },
- {
- "displayName": "Datasource Maximum Pool Size",
- "description": "Sets xa-pool/max-pool-size for the configured datasource.",
- "name": "DB_MAX_POOL_SIZE",
- "required": false
- },
- {
- "displayName": "Datasource Transaction Isolation",
- "description": "Sets transaction-isolation for the configured datasource.",
- "name": "DB_TX_ISOLATION",
- "required": false
- },
- {
- "displayName": "MySQL Lower Case Table Names",
- "description": "Sets how the table names are stored and compared.",
- "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
- "required": false
- },
- {
- "displayName": "MySQL Maximum number of connections",
- "description": "The maximum permitted number of simultaneous client connections.",
- "name": "MYSQL_MAX_CONNECTIONS",
- "required": false
- },
- {
- "displayName": "MySQL FullText Minimum Word Length",
- "description": "The minimum length of the word to be included in a FULLTEXT index.",
- "name": "MYSQL_FT_MIN_WORD_LEN",
- "required": false
- },
- {
- "displayName": "MySQL FullText Maximum Word Length",
- "description": "The maximum length of the word to be included in a FULLTEXT index.",
- "name": "MYSQL_FT_MAX_WORD_LEN",
- "required": false
- },
- {
- "displayName": "MySQL AIO",
- "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
- "name": "MYSQL_AIO",
- "required": false
- },
- {
- "displayName": "HornetQ Password",
- "description": "HornetQ cluster admin password",
- "name": "HORNETQ_CLUSTER_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Github Webhook Secret",
- "description": "GitHub trigger secret",
- "name": "GITHUB_WEBHOOK_SECRET",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Generic Webhook Secret",
- "description": "Generic build trigger secret",
- "name": "GENERIC_WEBHOOK_SECRET",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "ImageStream Namespace",
- "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
- "name": "IMAGE_STREAM_NAMESPACE",
- "value": "openshift",
- "required": true
- },
- {
- "displayName": "Maven mirror URL",
- "description": "Maven mirror to use for S2I builds",
- "name": "MAVEN_MIRROR_URL",
- "value": "",
- "required": false
- },
- {
- "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
- "name": "ARTIFACT_DIR",
- "value": "",
- "required": false
- },
- {
- "displayName": "MySQL Image Stream Tag",
- "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
- "name": "MYSQL_IMAGE_STREAM_TAG",
- "value": "5.7",
- "required": true
- }
- ],
- "objects": [
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 8080,
- "targetPort": 8080
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The web server's http port.",
- "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
- }
- }
- },
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 8443,
- "targetPort": 8443
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- }
- },
- "metadata": {
- "name": "secure-${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The web server's https port.",
- "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
- }
- }
- },
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 3306,
- "targetPort": 3306
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}-mysql"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}-mysql",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The database server's port."
- }
- }
- },
- {
- "kind": "Route",
- "apiVersion": "v1",
- "id": "${APPLICATION_NAME}-http",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "Route for application's http service."
- }
- },
- "spec": {
- "host": "${HOSTNAME_HTTP}",
- "to": {
- "name": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "kind": "Route",
- "apiVersion": "v1",
- "id": "${APPLICATION_NAME}-https",
- "metadata": {
- "name": "secure-${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "Route for application's https service."
- }
- },
- "spec": {
- "host": "${HOSTNAME_HTTPS}",
- "to": {
- "name": "secure-${APPLICATION_NAME}"
- },
- "tls": {
- "termination": "passthrough"
- }
- }
- },
- {
- "kind": "ImageStream",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "kind": "BuildConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "source": {
- "type": "Git",
- "git": {
- "uri": "${SOURCE_REPOSITORY_URL}",
- "ref": "${SOURCE_REPOSITORY_REF}"
- },
- "contextDir": "${CONTEXT_DIR}"
- },
- "strategy": {
- "type": "Source",
- "sourceStrategy": {
- "env": [
- {
- "name": "KIE_CONTAINER_DEPLOYMENT",
- "value": "${KIE_CONTAINER_DEPLOYMENT}"
- },
- {
- "name": "MAVEN_MIRROR_URL",
- "value": "${MAVEN_MIRROR_URL}"
- },
- {
- "name": "ARTIFACT_DIR",
- "value": "${ARTIFACT_DIR}"
- }
- ],
- "forcePull": true,
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver63-openshift:1.4"
- }
- }
- },
- "output": {
- "to": {
- "kind": "ImageStreamTag",
- "name": "${APPLICATION_NAME}:latest"
- }
- },
- "triggers": [
- {
- "type": "GitHub",
- "github": {
- "secret": "${GITHUB_WEBHOOK_SECRET}"
- }
- },
- {
- "type": "Generic",
- "generic": {
- "secret": "${GENERIC_WEBHOOK_SECRET}"
- }
- },
- {
- "type": "ImageChange",
- "imageChange": {}
- },
- {
- "type": "ConfigChange"
- }
- ]
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}"
- ],
- "from": {
- "kind": "ImageStream",
- "name": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}",
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "serviceAccountName": "processserver-service-account",
- "terminationGracePeriodSeconds": 60,
- "containers": [
- {
- "name": "${APPLICATION_NAME}",
- "image": "${APPLICATION_NAME}",
- "imagePullPolicy": "Always",
- "volumeMounts": [
- {
- "name": "processserver-keystore-volume",
- "mountPath": "/etc/processserver-secret-volume",
- "readOnly": true
- }
- ],
- "livenessProbe": {
- "exec": {
- "command": [
- "/bin/bash",
- "-c",
- "/opt/eap/bin/livenessProbe.sh"
- ]
- }
- },
- "readinessProbe": {
- "exec": {
- "command": [
- "/bin/bash",
- "-c",
- "/opt/eap/bin/readinessProbe.sh"
- ]
- }
- },
- "ports": [
- {
- "name": "jolokia",
- "containerPort": 8778,
- "protocol": "TCP"
- },
- {
- "name": "http",
- "containerPort": 8080,
- "protocol": "TCP"
- },
- {
- "name": "https",
- "containerPort": 8443,
- "protocol": "TCP"
- }
- ],
- "env": [
- {
- "name": "KIE_CONTAINER_DEPLOYMENT",
- "value": "${KIE_CONTAINER_DEPLOYMENT}"
- },
- {
- "name": "KIE_SERVER_PROTOCOL",
- "value": "${KIE_SERVER_PROTOCOL}"
- },
- {
- "name": "KIE_SERVER_PORT",
- "value": "${KIE_SERVER_PORT}"
- },
- {
- "name": "KIE_SERVER_USER",
- "value": "${KIE_SERVER_USER}"
- },
- {
- "name": "KIE_SERVER_PASSWORD",
- "value": "${KIE_SERVER_PASSWORD}"
- },
- {
- "name": "KIE_SERVER_DOMAIN",
- "value": "${KIE_SERVER_DOMAIN}"
- },
- {
- "name": "KIE_SERVER_PERSISTENCE_DIALECT",
- "value": "${KIE_SERVER_PERSISTENCE_DIALECT}"
- },
- {
- "name": "DB_SERVICE_PREFIX_MAPPING",
- "value": "${APPLICATION_NAME}-mysql=DB"
- },
- {
- "name": "DB_JNDI",
- "value": "${DB_JNDI}"
- },
- {
- "name": "DB_USERNAME",
- "value": "${DB_USERNAME}"
- },
- {
- "name": "DB_PASSWORD",
- "value": "${DB_PASSWORD}"
- },
- {
- "name": "DB_DATABASE",
- "value": "${DB_DATABASE}"
- },
- {
- "name": "TX_DATABASE_PREFIX_MAPPING",
- "value": "${APPLICATION_NAME}-mysql=DB"
- },
- {
- "name": "DB_MIN_POOL_SIZE",
- "value": "${DB_MIN_POOL_SIZE}"
- },
- {
- "name": "DB_MAX_POOL_SIZE",
- "value": "${DB_MAX_POOL_SIZE}"
- },
- {
- "name": "DB_TX_ISOLATION",
- "value": "${DB_TX_ISOLATION}"
- },
- {
- "name": "HTTPS_KEYSTORE_DIR",
- "value": "/etc/processserver-secret-volume"
- },
- {
- "name": "HTTPS_KEYSTORE",
- "value": "${HTTPS_KEYSTORE}"
- },
- {
- "name": "HTTPS_NAME",
- "value": "${HTTPS_NAME}"
- },
- {
- "name": "HTTPS_PASSWORD",
- "value": "${HTTPS_PASSWORD}"
- },
- {
- "name": "HORNETQ_CLUSTER_PASSWORD",
- "value": "${HORNETQ_CLUSTER_PASSWORD}"
- },
- {
- "name": "HORNETQ_QUEUES",
- "value": "${HORNETQ_QUEUES}"
- },
- {
- "name": "HORNETQ_TOPICS",
- "value": "${HORNETQ_TOPICS}"
- }
- ]
- }
- ],
- "volumes": [
- {
- "name": "processserver-keystore-volume",
- "secret": {
- "secretName": "${HTTPS_SECRET}"
- }
- }
- ]
- }
- }
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}-mysql",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}-mysql"
- ],
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}-mysql"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}-mysql",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}-mysql",
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "terminationGracePeriodSeconds": 60,
- "containers": [
- {
- "name": "${APPLICATION_NAME}-mysql",
- "image": "mysql",
- "imagePullPolicy": "Always",
- "ports": [
- {
- "containerPort": 3306,
- "protocol": "TCP"
- }
- ],
- "env": [
- {
- "name": "MYSQL_USER",
- "value": "${DB_USERNAME}"
- },
- {
- "name": "MYSQL_PASSWORD",
- "value": "${DB_PASSWORD}"
- },
- {
- "name": "MYSQL_DATABASE",
- "value": "${DB_DATABASE}"
- },
- {
- "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
- "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
- },
- {
- "name": "MYSQL_MAX_CONNECTIONS",
- "value": "${MYSQL_MAX_CONNECTIONS}"
- },
- {
- "name": "MYSQL_FT_MIN_WORD_LEN",
- "value": "${MYSQL_FT_MIN_WORD_LEN}"
- },
- {
- "name": "MYSQL_FT_MAX_WORD_LEN",
- "value": "${MYSQL_FT_MAX_WORD_LEN}"
- },
- {
- "name": "MYSQL_AIO",
- "value": "${MYSQL_AIO}"
- }
- ]
- }
- ]
- }
- }
- }
- }
- ]
-}
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver63-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver63-postgresql-persistent-s2i.json
deleted file mode 100644
index 361b177f9..000000000
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver63-postgresql-persistent-s2i.json
+++ /dev/null
@@ -1,830 +0,0 @@
-{
- "kind": "Template",
- "apiVersion": "v1",
- "metadata": {
- "annotations": {
- "description": "Application template for Red Hat JBoss BPM Suite 6.3 intelligent process server PostgreSQL applications with persistent storage built using S2I.",
- "iconClass": "icon-jboss",
- "tags": "processserver,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server + PostgreSQL (Persistent with https)"
- },
- "name": "processserver63-postgresql-persistent-s2i"
- },
- "labels": {
- "template": "processserver63-postgresql-persistent-s2i",
- "xpaas": "1.4.0"
- },
- "message": "A new persistent BPMS application (using PostgreSQL) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
- "parameters": [
- {
- "displayName": "KIE Container Deployment",
- "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
- "name": "KIE_CONTAINER_DEPLOYMENT",
- "value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
- "required": false
- },
- {
- "displayName": "KIE Server Protocol",
- "description": "The protocol to access the KIE Server REST interface.",
- "name": "KIE_SERVER_PROTOCOL",
- "value": "https",
- "required": false
- },
- {
- "displayName": "KIE Server Port",
- "description": "The port to access the KIE Server REST interface.",
- "name": "KIE_SERVER_PORT",
- "value": "8443",
- "required": false
- },
- {
- "displayName": "KIE Server Username",
- "description": "The user name to access the KIE Server REST or JMS interface.",
- "name": "KIE_SERVER_USER",
- "value": "kieserver",
- "required": false
- },
- {
- "displayName": "KIE Server Password",
- "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
- "name": "KIE_SERVER_PASSWORD",
- "from": "[a-zA-Z]{6}[0-9]{1}!",
- "generate": "expression",
- "required": false
- },
- {
- "displayName": "KIE Server Domain",
- "description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
- "name": "KIE_SERVER_DOMAIN",
- "value": "other",
- "required": false
- },
- {
- "displayName": "KIE Server Persistence Dialect",
- "description": "Hibernate persistence dialect.",
- "name": "KIE_SERVER_PERSISTENCE_DIALECT",
- "value": "org.hibernate.dialect.PostgreSQL82Dialect",
- "required": false
- },
- {
- "displayName": "Application Name",
- "description": "The name for the application.",
- "name": "APPLICATION_NAME",
- "value": "kie-app",
- "required": true
- },
- {
- "displayName": "Custom http Route Hostname",
- "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
- "name": "HOSTNAME_HTTP",
- "value": "",
- "required": false
- },
- {
- "displayName": "Custom https Route Hostname",
- "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
- "name": "HOSTNAME_HTTPS",
- "value": "",
- "required": false
- },
- {
- "displayName": "Git Repository URL",
- "description": "Git source URI for application",
- "name": "SOURCE_REPOSITORY_URL",
- "value": "https://github.com/jboss-openshift/openshift-quickstarts",
- "required": true
- },
- {
- "displayName": "Git Reference",
- "description": "Git branch/tag reference",
- "name": "SOURCE_REPOSITORY_REF",
- "value": "1.3",
- "required": false
- },
- {
- "displayName": "Context Directory",
- "description": "Path within Git project to build; empty for root project directory.",
- "name": "CONTEXT_DIR",
- "value": "processserver/library",
- "required": false
- },
- {
- "displayName": "Database JNDI Name",
- "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
- "name": "DB_JNDI",
- "value": "java:jboss/datasources/ExampleDS",
- "required": false
- },
- {
- "displayName": "Database Name",
- "description": "Database name",
- "name": "DB_DATABASE",
- "value": "root",
- "required": true
- },
- {
- "displayName": "Database Volume Capacity",
- "description": "Size of persistent storage for database volume.",
- "name": "VOLUME_CAPACITY",
- "value": "512Mi",
- "required": true
- },
- {
- "displayName": "Queues",
- "description": "Queue names",
- "name": "HORNETQ_QUEUES",
- "value": "",
- "required": false
- },
- {
- "displayName": "Topics",
- "description": "Topic names",
- "name": "HORNETQ_TOPICS",
- "value": "",
- "required": false
- },
- {
- "displayName": "Server Keystore Secret Name",
- "description": "The name of the secret containing the keystore file",
- "name": "HTTPS_SECRET",
- "value": "processserver-app-secret",
- "required": false
- },
- {
- "displayName": "Server Keystore Filename",
- "description": "The name of the keystore file within the secret",
- "name": "HTTPS_KEYSTORE",
- "value": "keystore.jks",
- "required": false
- },
- {
- "displayName": "Server Certificate Name",
- "description": "The name associated with the server certificate",
- "name": "HTTPS_NAME",
- "value": "jboss",
- "required": false
- },
- {
- "displayName": "Server Keystore Password",
- "description": "The password for the keystore and certificate",
- "name": "HTTPS_PASSWORD",
- "value": "mykeystorepass",
- "required": false
- },
- {
- "displayName": "Database Username",
- "description": "Database user name",
- "name": "DB_USERNAME",
- "from": "user[a-zA-Z0-9]{3}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Database Password",
- "description": "Database user password",
- "name": "DB_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Datasource Minimum Pool Size",
- "description": "Sets xa-pool/min-pool-size for the configured datasource.",
- "name": "DB_MIN_POOL_SIZE",
- "required": false
- },
- {
- "displayName": "Datasource Maximum Pool Size",
- "description": "Sets xa-pool/max-pool-size for the configured datasource.",
- "name": "DB_MAX_POOL_SIZE",
- "required": false
- },
- {
- "displayName": "Datasource Transaction Isolation",
- "description": "Sets transaction-isolation for the configured datasource.",
- "name": "DB_TX_ISOLATION",
- "required": false
- },
- {
- "displayName": "PostgreSQL Maximum number of connections",
- "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
- "name": "POSTGRESQL_MAX_CONNECTIONS",
- "required": false
- },
- {
- "displayName": "PostgreSQL Shared Buffers",
- "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
- "name": "POSTGRESQL_SHARED_BUFFERS",
- "required": false
- },
- {
- "displayName": "HornetQ Password",
- "description": "HornetQ cluster admin password",
- "name": "HORNETQ_CLUSTER_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Github Webhook Secret",
- "description": "GitHub trigger secret",
- "name": "GITHUB_WEBHOOK_SECRET",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Generic Webhook Secret",
- "description": "Generic build trigger secret",
- "name": "GENERIC_WEBHOOK_SECRET",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "ImageStream Namespace",
- "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
- "name": "IMAGE_STREAM_NAMESPACE",
- "value": "openshift",
- "required": true
- },
- {
- "displayName": "Maven mirror URL",
- "description": "Maven mirror to use for S2I builds",
- "name": "MAVEN_MIRROR_URL",
- "value": "",
- "required": false
- },
- {
- "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
- "name": "ARTIFACT_DIR",
- "value": "",
- "required": false
- },
- {
- "displayName": "PostgreSQL Image Stream Tag",
- "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
- "name": "POSTGRESQL_IMAGE_STREAM_TAG",
- "value": "9.5",
- "required": true
- }
- ],
- "objects": [
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 8080,
- "targetPort": 8080
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The web server's http port.",
- "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
- }
- }
- },
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 8443,
- "targetPort": 8443
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- }
- },
- "metadata": {
- "name": "secure-${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The web server's https port.",
- "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
- }
- }
- },
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 5432,
- "targetPort": 5432
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}-postgresql"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}-postgresql",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The database server's port."
- }
- }
- },
- {
- "kind": "Route",
- "apiVersion": "v1",
- "id": "${APPLICATION_NAME}-http",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "Route for application's http service."
- }
- },
- "spec": {
- "host": "${HOSTNAME_HTTP}",
- "to": {
- "name": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "kind": "Route",
- "apiVersion": "v1",
- "id": "${APPLICATION_NAME}-https",
- "metadata": {
- "name": "secure-${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "Route for application's https service."
- }
- },
- "spec": {
- "host": "${HOSTNAME_HTTPS}",
- "to": {
- "name": "secure-${APPLICATION_NAME}"
- },
- "tls": {
- "termination": "passthrough"
- }
- }
- },
- {
- "kind": "ImageStream",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "kind": "BuildConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "source": {
- "type": "Git",
- "git": {
- "uri": "${SOURCE_REPOSITORY_URL}",
- "ref": "${SOURCE_REPOSITORY_REF}"
- },
- "contextDir": "${CONTEXT_DIR}"
- },
- "strategy": {
- "type": "Source",
- "sourceStrategy": {
- "env": [
- {
- "name": "KIE_CONTAINER_DEPLOYMENT",
- "value": "${KIE_CONTAINER_DEPLOYMENT}"
- },
- {
- "name": "MAVEN_MIRROR_URL",
- "value": "${MAVEN_MIRROR_URL}"
- },
- {
- "name": "ARTIFACT_DIR",
- "value": "${ARTIFACT_DIR}"
- }
- ],
- "forcePull": true,
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver63-openshift:1.4"
- }
- }
- },
- "output": {
- "to": {
- "kind": "ImageStreamTag",
- "name": "${APPLICATION_NAME}:latest"
- }
- },
- "triggers": [
- {
- "type": "GitHub",
- "github": {
- "secret": "${GITHUB_WEBHOOK_SECRET}"
- }
- },
- {
- "type": "Generic",
- "generic": {
- "secret": "${GENERIC_WEBHOOK_SECRET}"
- }
- },
- {
- "type": "ImageChange",
- "imageChange": {}
- },
- {
- "type": "ConfigChange"
- }
- ]
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}"
- ],
- "from": {
- "kind": "ImageStream",
- "name": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}",
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "serviceAccountName": "processserver-service-account",
- "terminationGracePeriodSeconds": 60,
- "containers": [
- {
- "name": "${APPLICATION_NAME}",
- "image": "${APPLICATION_NAME}",
- "imagePullPolicy": "Always",
- "volumeMounts": [
- {
- "name": "processserver-keystore-volume",
- "mountPath": "/etc/processserver-secret-volume",
- "readOnly": true
- }
- ],
- "livenessProbe": {
- "exec": {
- "command": [
- "/bin/bash",
- "-c",
- "/opt/eap/bin/livenessProbe.sh"
- ]
- }
- },
- "readinessProbe": {
- "exec": {
- "command": [
- "/bin/bash",
- "-c",
- "/opt/eap/bin/readinessProbe.sh"
- ]
- }
- },
- "ports": [
- {
- "name": "jolokia",
- "containerPort": 8778,
- "protocol": "TCP"
- },
- {
- "name": "http",
- "containerPort": 8080,
- "protocol": "TCP"
- },
- {
- "name": "https",
- "containerPort": 8443,
- "protocol": "TCP"
- }
- ],
- "env": [
- {
- "name": "KIE_CONTAINER_DEPLOYMENT",
- "value": "${KIE_CONTAINER_DEPLOYMENT}"
- },
- {
- "name": "KIE_SERVER_PROTOCOL",
- "value": "${KIE_SERVER_PROTOCOL}"
- },
- {
- "name": "KIE_SERVER_PORT",
- "value": "${KIE_SERVER_PORT}"
- },
- {
- "name": "KIE_SERVER_USER",
- "value": "${KIE_SERVER_USER}"
- },
- {
- "name": "KIE_SERVER_PASSWORD",
- "value": "${KIE_SERVER_PASSWORD}"
- },
- {
- "name": "KIE_SERVER_DOMAIN",
- "value": "${KIE_SERVER_DOMAIN}"
- },
- {
- "name": "KIE_SERVER_PERSISTENCE_DIALECT",
- "value": "${KIE_SERVER_PERSISTENCE_DIALECT}"
- },
- {
- "name": "DB_SERVICE_PREFIX_MAPPING",
- "value": "${APPLICATION_NAME}-postgresql=DB,${APPLICATION_NAME}-postgresql=QUARTZ"
- },
- {
- "name": "TX_DATABASE_PREFIX_MAPPING",
- "value": "${APPLICATION_NAME}-postgresql=DB"
- },
- {
- "name": "DB_JNDI",
- "value": "${DB_JNDI}"
- },
- {
- "name": "DB_USERNAME",
- "value": "${DB_USERNAME}"
- },
- {
- "name": "DB_PASSWORD",
- "value": "${DB_PASSWORD}"
- },
- {
- "name": "DB_DATABASE",
- "value": "${DB_DATABASE}"
- },
- {
- "name": "DB_MIN_POOL_SIZE",
- "value": "${DB_MIN_POOL_SIZE}"
- },
- {
- "name": "DB_MAX_POOL_SIZE",
- "value": "${DB_MAX_POOL_SIZE}"
- },
- {
- "name": "DB_TX_ISOLATION",
- "value": "${DB_TX_ISOLATION}"
- },
- {
- "name": "QUARTZ_JNDI",
- "value": "${DB_JNDI}NotManaged"
- },
- {
- "name": "QUARTZ_USERNAME",
- "value": "${DB_USERNAME}"
- },
- {
- "name": "QUARTZ_PASSWORD",
- "value": "${DB_PASSWORD}"
- },
- {
- "name": "QUARTZ_DATABASE",
- "value": "${DB_DATABASE}"
- },
- {
- "name": "QUARTZ_MIN_POOL_SIZE",
- "value": "${DB_MIN_POOL_SIZE}"
- },
- {
- "name": "QUARTZ_MAX_POOL_SIZE",
- "value": "${DB_MAX_POOL_SIZE}"
- },
- {
- "name": "QUARTZ_TX_ISOLATION",
- "value": "${DB_TX_ISOLATION}"
- },
- {
- "name": "QUARTZ_JTA",
- "value": "false"
- },
- {
- "name": "QUARTZ_NONXA",
- "value": "true"
- },
- {
- "name": "HTTPS_KEYSTORE_DIR",
- "value": "/etc/processserver-secret-volume"
- },
- {
- "name": "HTTPS_KEYSTORE",
- "value": "${HTTPS_KEYSTORE}"
- },
- {
- "name": "HTTPS_NAME",
- "value": "${HTTPS_NAME}"
- },
- {
- "name": "HTTPS_PASSWORD",
- "value": "${HTTPS_PASSWORD}"
- },
- {
- "name": "HORNETQ_CLUSTER_PASSWORD",
- "value": "${HORNETQ_CLUSTER_PASSWORD}"
- },
- {
- "name": "HORNETQ_QUEUES",
- "value": "${HORNETQ_QUEUES}"
- },
- {
- "name": "HORNETQ_TOPICS",
- "value": "${HORNETQ_TOPICS}"
- }
- ]
- }
- ],
- "volumes": [
- {
- "name": "processserver-keystore-volume",
- "secret": {
- "secretName": "${HTTPS_SECRET}"
- }
- }
- ]
- }
- }
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}-postgresql",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}-postgresql"
- ],
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}-postgresql"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}-postgresql",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}-postgresql",
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "terminationGracePeriodSeconds": 60,
- "containers": [
- {
- "name": "${APPLICATION_NAME}-postgresql",
- "image": "postgresql",
- "imagePullPolicy": "Always",
- "ports": [
- {
- "containerPort": 5432,
- "protocol": "TCP"
- }
- ],
- "volumeMounts": [
- {
- "mountPath": "/var/lib/pgsql/data",
- "name": "${APPLICATION_NAME}-postgresql-pvol"
- }
- ],
- "env": [
- {
- "name": "POSTGRESQL_USER",
- "value": "${DB_USERNAME}"
- },
- {
- "name": "POSTGRESQL_PASSWORD",
- "value": "${DB_PASSWORD}"
- },
- {
- "name": "POSTGRESQL_DATABASE",
- "value": "${DB_DATABASE}"
- },
- {
- "name": "POSTGRESQL_MAX_CONNECTIONS",
- "value": "${POSTGRESQL_MAX_CONNECTIONS}"
- },
- {
- "name": "POSTGRESQL_SHARED_BUFFERS",
- "value": "${POSTGRESQL_SHARED_BUFFERS}"
- }
- ]
- }
- ],
- "volumes": [
- {
- "name": "${APPLICATION_NAME}-postgresql-pvol",
- "persistentVolumeClaim": {
- "claimName": "${APPLICATION_NAME}-postgresql-claim"
- }
- }
- ]
- }
- }
- }
- },
- {
- "apiVersion": "v1",
- "kind": "PersistentVolumeClaim",
- "metadata": {
- "name": "${APPLICATION_NAME}-postgresql-claim",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "accessModes": [
- "ReadWriteOnce"
- ],
- "resources": {
- "requests": {
- "storage": "${VOLUME_CAPACITY}"
- }
- }
- }
- }
- ]
-}
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver63-postgresql-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver63-postgresql-s2i.json
deleted file mode 100644
index 451915a1d..000000000
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver63-postgresql-s2i.json
+++ /dev/null
@@ -1,753 +0,0 @@
-{
- "kind": "Template",
- "apiVersion": "v1",
- "metadata": {
- "annotations": {
- "description": "Application template for Red Hat JBoss BPM Suite 6.3 intelligent process server PostgreSQL applications built using S2I.",
- "iconClass": "icon-jboss",
- "tags": "processserver,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server + PostgreSQL (Ephemeral with https)"
- },
- "name": "processserver63-postgresql-s2i"
- },
- "labels": {
- "template": "processserver63-postgresql-s2i",
- "xpaas": "1.4.0"
- },
- "message": "A new BPMS application (using PostgreSQL) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
- "parameters": [
- {
- "displayName": "KIE Container Deployment",
- "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
- "name": "KIE_CONTAINER_DEPLOYMENT",
- "value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
- "required": false
- },
- {
- "displayName": "KIE Server Protocol",
- "description": "The protocol to access the KIE Server REST interface.",
- "name": "KIE_SERVER_PROTOCOL",
- "value": "https",
- "required": false
- },
- {
- "displayName": "KIE Server Port",
- "description": "The port to access the KIE Server REST interface.",
- "name": "KIE_SERVER_PORT",
- "value": "8443",
- "required": false
- },
- {
- "displayName": "KIE Server Username",
- "description": "The user name to access the KIE Server REST or JMS interface.",
- "name": "KIE_SERVER_USER",
- "value": "kieserver",
- "required": false
- },
- {
- "displayName": "KIE Server Password",
- "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
- "name": "KIE_SERVER_PASSWORD",
- "from": "[a-zA-Z]{6}[0-9]{1}!",
- "generate": "expression",
- "required": false
- },
- {
- "displayName": "KIE Server Domain",
- "description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
- "name": "KIE_SERVER_DOMAIN",
- "value": "other",
- "required": false
- },
- {
- "displayName": "KIE Server Persistence Dialect",
- "description": "Hibernate persistence dialect.",
- "name": "KIE_SERVER_PERSISTENCE_DIALECT",
- "value": "org.hibernate.dialect.PostgreSQL82Dialect",
- "required": false
- },
- {
- "displayName": "Application Name",
- "description": "The name for the application.",
- "name": "APPLICATION_NAME",
- "value": "kie-app",
- "required": true
- },
- {
- "displayName": "Custom http Route Hostname",
- "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
- "name": "HOSTNAME_HTTP",
- "value": "",
- "required": false
- },
- {
- "displayName": "Custom https Route Hostname",
- "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
- "name": "HOSTNAME_HTTPS",
- "value": "",
- "required": false
- },
- {
- "displayName": "Git Repository URL",
- "description": "Git source URI for application",
- "name": "SOURCE_REPOSITORY_URL",
- "value": "https://github.com/jboss-openshift/openshift-quickstarts",
- "required": true
- },
- {
- "displayName": "Git Reference",
- "description": "Git branch/tag reference",
- "name": "SOURCE_REPOSITORY_REF",
- "value": "1.3",
- "required": false
- },
- {
- "displayName": "Context Directory",
- "description": "Path within Git project to build; empty for root project directory.",
- "name": "CONTEXT_DIR",
- "value": "processserver/library",
- "required": false
- },
- {
- "displayName": "Database JNDI Name",
- "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
- "name": "DB_JNDI",
- "value": "java:jboss/datasources/ExampleDS",
- "required": false
- },
- {
- "displayName": "Database Name",
- "description": "Database name",
- "name": "DB_DATABASE",
- "value": "root",
- "required": true
- },
- {
- "displayName": "Queues",
- "description": "Queue names",
- "name": "HORNETQ_QUEUES",
- "value": "",
- "required": false
- },
- {
- "displayName": "Topics",
- "description": "Topic names",
- "name": "HORNETQ_TOPICS",
- "value": "",
- "required": false
- },
- {
- "displayName": "Server Keystore Secret Name",
- "description": "The name of the secret containing the keystore file",
- "name": "HTTPS_SECRET",
- "value": "processserver-app-secret",
- "required": false
- },
- {
- "displayName": "Server Keystore Filename",
- "description": "The name of the keystore file within the secret",
- "name": "HTTPS_KEYSTORE",
- "value": "keystore.jks",
- "required": false
- },
- {
- "displayName": "Server Certificate Name",
- "description": "The name associated with the server certificate",
- "name": "HTTPS_NAME",
- "value": "jboss",
- "required": false
- },
- {
- "displayName": "Server Keystore Password",
- "description": "The password for the keystore and certificate",
- "name": "HTTPS_PASSWORD",
- "value": "mykeystorepass",
- "required": false
- },
- {
- "displayName": "Database Username",
- "description": "Database user name",
- "name": "DB_USERNAME",
- "from": "user[a-zA-Z0-9]{3}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Database Password",
- "description": "Database user password",
- "name": "DB_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Datasource Minimum Pool Size",
- "description": "Sets xa-pool/min-pool-size for the configured datasource.",
- "name": "DB_MIN_POOL_SIZE",
- "required": false
- },
- {
- "displayName": "Datasource Maximum Pool Size",
- "description": "Sets xa-pool/max-pool-size for the configured datasource.",
- "name": "DB_MAX_POOL_SIZE",
- "required": false
- },
- {
- "displayName": "Datasource Transaction Isolation",
- "description": "Sets transaction-isolation for the configured datasource.",
- "name": "DB_TX_ISOLATION",
- "required": false
- },
- {
- "displayName": "PostgreSQL Maximum number of connections",
- "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
- "name": "POSTGRESQL_MAX_CONNECTIONS",
- "required": false
- },
- {
- "displayName": "PostgreSQL Shared Buffers",
- "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
- "name": "POSTGRESQL_SHARED_BUFFERS",
- "required": false
- },
- {
- "displayName": "HornetQ Password",
- "description": "HornetQ cluster admin password",
- "name": "HORNETQ_CLUSTER_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Github Webhook Secret",
- "description": "GitHub trigger secret",
- "name": "GITHUB_WEBHOOK_SECRET",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Generic Webhook Secret",
- "description": "Generic build trigger secret",
- "name": "GENERIC_WEBHOOK_SECRET",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "ImageStream Namespace",
- "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
- "name": "IMAGE_STREAM_NAMESPACE",
- "value": "openshift",
- "required": true
- },
- {
- "displayName": "Maven mirror URL",
- "description": "Maven mirror to use for S2I builds",
- "name": "MAVEN_MIRROR_URL",
- "value": "",
- "required": false
- },
- {
- "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
- "name": "ARTIFACT_DIR",
- "value": "",
- "required": false
- },
- {
- "displayName": "PostgreSQL Image Stream Tag",
- "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
- "name": "POSTGRESQL_IMAGE_STREAM_TAG",
- "value": "9.5",
- "required": true
- }
- ],
- "objects": [
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 8080,
- "targetPort": 8080
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The web server's http port.",
- "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
- }
- }
- },
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 8443,
- "targetPort": 8443
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- }
- },
- "metadata": {
- "name": "secure-${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The web server's https port.",
- "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
- }
- }
- },
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 5432,
- "targetPort": 5432
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}-postgresql"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}-postgresql",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The database server's port."
- }
- }
- },
- {
- "kind": "Route",
- "apiVersion": "v1",
- "id": "${APPLICATION_NAME}-http",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "Route for application's http service."
- }
- },
- "spec": {
- "host": "${HOSTNAME_HTTP}",
- "to": {
- "name": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "kind": "Route",
- "apiVersion": "v1",
- "id": "${APPLICATION_NAME}-https",
- "metadata": {
- "name": "secure-${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "Route for application's https service."
- }
- },
- "spec": {
- "host": "${HOSTNAME_HTTPS}",
- "to": {
- "name": "secure-${APPLICATION_NAME}"
- },
- "tls": {
- "termination": "passthrough"
- }
- }
- },
- {
- "kind": "ImageStream",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "kind": "BuildConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "source": {
- "type": "Git",
- "git": {
- "uri": "${SOURCE_REPOSITORY_URL}",
- "ref": "${SOURCE_REPOSITORY_REF}"
- },
- "contextDir": "${CONTEXT_DIR}"
- },
- "strategy": {
- "type": "Source",
- "sourceStrategy": {
- "env": [
- {
- "name": "KIE_CONTAINER_DEPLOYMENT",
- "value": "${KIE_CONTAINER_DEPLOYMENT}"
- },
- {
- "name": "MAVEN_MIRROR_URL",
- "value": "${MAVEN_MIRROR_URL}"
- },
- {
- "name": "ARTIFACT_DIR",
- "value": "${ARTIFACT_DIR}"
- }
- ],
- "forcePull": true,
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver63-openshift:1.4"
- }
- }
- },
- "output": {
- "to": {
- "kind": "ImageStreamTag",
- "name": "${APPLICATION_NAME}:latest"
- }
- },
- "triggers": [
- {
- "type": "GitHub",
- "github": {
- "secret": "${GITHUB_WEBHOOK_SECRET}"
- }
- },
- {
- "type": "Generic",
- "generic": {
- "secret": "${GENERIC_WEBHOOK_SECRET}"
- }
- },
- {
- "type": "ImageChange",
- "imageChange": {}
- },
- {
- "type": "ConfigChange"
- }
- ]
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}"
- ],
- "from": {
- "kind": "ImageStream",
- "name": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}",
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "serviceAccountName": "processserver-service-account",
- "terminationGracePeriodSeconds": 60,
- "containers": [
- {
- "name": "${APPLICATION_NAME}",
- "image": "${APPLICATION_NAME}",
- "imagePullPolicy": "Always",
- "volumeMounts": [
- {
- "name": "processserver-keystore-volume",
- "mountPath": "/etc/processserver-secret-volume",
- "readOnly": true
- }
- ],
- "livenessProbe": {
- "exec": {
- "command": [
- "/bin/bash",
- "-c",
- "/opt/eap/bin/livenessProbe.sh"
- ]
- }
- },
- "readinessProbe": {
- "exec": {
- "command": [
- "/bin/bash",
- "-c",
- "/opt/eap/bin/readinessProbe.sh"
- ]
- }
- },
- "ports": [
- {
- "name": "jolokia",
- "containerPort": 8778,
- "protocol": "TCP"
- },
- {
- "name": "http",
- "containerPort": 8080,
- "protocol": "TCP"
- },
- {
- "name": "https",
- "containerPort": 8443,
- "protocol": "TCP"
- }
- ],
- "env": [
- {
- "name": "KIE_CONTAINER_DEPLOYMENT",
- "value": "${KIE_CONTAINER_DEPLOYMENT}"
- },
- {
- "name": "KIE_SERVER_PROTOCOL",
- "value": "${KIE_SERVER_PROTOCOL}"
- },
- {
- "name": "KIE_SERVER_PORT",
- "value": "${KIE_SERVER_PORT}"
- },
- {
- "name": "KIE_SERVER_USER",
- "value": "${KIE_SERVER_USER}"
- },
- {
- "name": "KIE_SERVER_PASSWORD",
- "value": "${KIE_SERVER_PASSWORD}"
- },
- {
- "name": "KIE_SERVER_DOMAIN",
- "value": "${KIE_SERVER_DOMAIN}"
- },
- {
- "name": "KIE_SERVER_PERSISTENCE_DIALECT",
- "value": "${KIE_SERVER_PERSISTENCE_DIALECT}"
- },
- {
- "name": "DB_SERVICE_PREFIX_MAPPING",
- "value": "${APPLICATION_NAME}-postgresql=DB"
- },
- {
- "name": "DB_JNDI",
- "value": "${DB_JNDI}"
- },
- {
- "name": "DB_USERNAME",
- "value": "${DB_USERNAME}"
- },
- {
- "name": "DB_PASSWORD",
- "value": "${DB_PASSWORD}"
- },
- {
- "name": "DB_DATABASE",
- "value": "${DB_DATABASE}"
- },
- {
- "name": "TX_DATABASE_PREFIX_MAPPING",
- "value": "${APPLICATION_NAME}-postgresql=DB"
- },
- {
- "name": "DB_MIN_POOL_SIZE",
- "value": "${DB_MIN_POOL_SIZE}"
- },
- {
- "name": "DB_MAX_POOL_SIZE",
- "value": "${DB_MAX_POOL_SIZE}"
- },
- {
- "name": "DB_TX_ISOLATION",
- "value": "${DB_TX_ISOLATION}"
- },
- {
- "name": "HTTPS_KEYSTORE_DIR",
- "value": "/etc/processserver-secret-volume"
- },
- {
- "name": "HTTPS_KEYSTORE",
- "value": "${HTTPS_KEYSTORE}"
- },
- {
- "name": "HTTPS_NAME",
- "value": "${HTTPS_NAME}"
- },
- {
- "name": "HTTPS_PASSWORD",
- "value": "${HTTPS_PASSWORD}"
- },
- {
- "name": "HORNETQ_CLUSTER_PASSWORD",
- "value": "${HORNETQ_CLUSTER_PASSWORD}"
- },
- {
- "name": "HORNETQ_QUEUES",
- "value": "${HORNETQ_QUEUES}"
- },
- {
- "name": "HORNETQ_TOPICS",
- "value": "${HORNETQ_TOPICS}"
- }
- ]
- }
- ],
- "volumes": [
- {
- "name": "processserver-keystore-volume",
- "secret": {
- "secretName": "${HTTPS_SECRET}"
- }
- }
- ]
- }
- }
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}-postgresql",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}-postgresql"
- ],
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}-postgresql"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}-postgresql",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}-postgresql",
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "terminationGracePeriodSeconds": 60,
- "containers": [
- {
- "name": "${APPLICATION_NAME}-postgresql",
- "image": "postgresql",
- "imagePullPolicy": "Always",
- "ports": [
- {
- "containerPort": 5432,
- "protocol": "TCP"
- }
- ],
- "env": [
- {
- "name": "POSTGRESQL_USER",
- "value": "${DB_USERNAME}"
- },
- {
- "name": "POSTGRESQL_PASSWORD",
- "value": "${DB_PASSWORD}"
- },
- {
- "name": "POSTGRESQL_DATABASE",
- "value": "${DB_DATABASE}"
- },
- {
- "name": "POSTGRESQL_MAX_CONNECTIONS",
- "value": "${POSTGRESQL_MAX_CONNECTIONS}"
- },
- {
- "name": "POSTGRESQL_SHARED_BUFFERS",
- "value": "${POSTGRESQL_SHARED_BUFFERS}"
- }
- ]
- }
- ]
- }
- }
- }
- }
- ]
-}
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver64-amq-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver64-amq-mysql-persistent-s2i.json
index 293d04d63..9ef04ae71 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver64-amq-mysql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver64-amq-mysql-persistent-s2i.json
@@ -3,17 +3,21 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "description": "Application template for Red Hat JBoss BPM Suite 6.4 intelligent process server AMQ and MySQL applications with persistent storage built using S2I.",
- "iconClass": "icon-jboss",
- "tags": "processserver,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.4 intelligent process server + A-MQ + MySQL (Persistent with https)"
+ "iconClass": "icon-processserver",
+ "tags": "processserver,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss BPM Suite 6.4 intelligent process server + A-MQ + MySQL (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example BPM Suite application with A-MQ and a MySQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Business Process Suite intelligent process server 6.4 based application, including a build configuration, application deployment configuration, Red Hat A-MQ for messaging broker, database deployment configuration for MySQL using persistence and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-bpm-suite/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
},
"name": "processserver64-amq-mysql-persistent-s2i"
},
"labels": {
"template": "processserver64-amq-mysql-persistent-s2i",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
"message": "A new persistent BPMS application (using MySQL and A-MQ) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. And for the A-MQ service use the credentials ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
@@ -543,7 +547,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver64-openshift:1.0"
+ "name": "jboss-processserver64-openshift:1.1"
}
}
},
@@ -996,7 +1000,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-63:1.0"
+ "name": "jboss-amq-63:1.2"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver64-amq-mysql-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver64-amq-mysql-s2i.json
index 760940b36..4cb45db42 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver64-amq-mysql-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver64-amq-mysql-s2i.json
@@ -3,17 +3,21 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "description": "Application template for Red Hat JBoss BPM Suite 6.4 intelligent process server AMQ and MySQL applications built using S2I.",
- "iconClass": "icon-jboss",
- "tags": "processserver,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.4 intelligent process server + A-MQ + MySQL (Ephemeral with https)"
+ "iconClass": "icon-processserver",
+ "tags": "processserver,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss BPM Suite 6.4 intelligent process server + A-MQ + MySQL (Ephemeral with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example BPM Suite application with A-MQ and a MySQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Business Process Suite intelligent process server 6.4 based application, including a build configuration, application deployment configuration, Red Hat A-MQ for messaging broker, database deployment configuration for MySQL using ephemeral (temporary) storage and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-bpm-suite/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
},
"name": "processserver64-amq-mysql-s2i"
},
"labels": {
"template": "processserver64-amq-mysql-s2i",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
"message": "A new BPMS application (using MySQL and A-MQ) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. And for the A-MQ service use the credentials ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
@@ -529,7 +533,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver64-openshift:1.0"
+ "name": "jboss-processserver64-openshift:1.1"
}
}
},
@@ -912,7 +916,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-63:1.0"
+ "name": "jboss-amq-63:1.2"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver64-amq-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver64-amq-postgresql-persistent-s2i.json
index 1603bccff..56fefcc0a 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver64-amq-postgresql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver64-amq-postgresql-persistent-s2i.json
@@ -3,17 +3,21 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "description": "Application template for Red Hat JBoss BPM Suite 6.4 intelligent process server AMQ and PostgreSQL applications with persistent storage built using S2I.",
- "iconClass": "icon-jboss",
- "tags": "processserver,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.4 intelligent process server + A-MQ + PostgreSQL (Persistent with https)"
+ "iconClass": "icon-processserver",
+ "tags": "processserver,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss BPM Suite 6.4 intelligent process server + A-MQ + PostgreSQL (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example BPM Suite application with A-MQ and a PostgreSQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Business Process Suite intelligent process server 6.4 based application, including a build configuration, application deployment configuration, Red Hat A-MQ for messaging broker, database deployment configuration for PostgreSQL using persistence and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-bpm-suite/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
},
"name": "processserver64-amq-postgresql-persistent-s2i"
},
"labels": {
"template": "processserver64-amq-postgresql-persistent-s2i",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
"message": "A new persistent BPMS application (using PostgreSQL and A-MQ) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. And for the A-MQ service use the credentials ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
@@ -525,7 +529,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver64-openshift:1.0"
+ "name": "jboss-processserver64-openshift:1.1"
}
}
},
@@ -966,7 +970,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-63:1.0"
+ "name": "jboss-amq-63:1.2"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver64-amq-postgresql-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver64-amq-postgresql-s2i.json
index 422f51c11..bb8d2df28 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver64-amq-postgresql-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver64-amq-postgresql-s2i.json
@@ -4,16 +4,21 @@
"metadata": {
"annotations": {
"description": "Application template for Red Hat JBoss BPM Suite 6.4 intelligent process server AMQ and PostgreSQL applications built using S2I.",
- "iconClass": "icon-jboss",
- "tags": "processserver,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.4 intelligent process server + A-MQ + PostgreSQL (Ephemeral with https)"
+ "iconClass": "icon-processserver",
+ "tags": "processserver,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss BPM Suite 6.4 intelligent process server + A-MQ + PostgreSQL (Ephemeral with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example BPM Suite application with A-MQ and a PostgreSQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Business Process Suite intelligent process server 6.4 based application, including a build configuration, application deployment configuration, Red Hat A-MQ for messaging broker, database deployment configuration for PostgreSQL using ephemeral (temporary) storage and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-bpm-suite/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
},
"name": "processserver64-amq-postgresql-s2i"
},
"labels": {
"template": "processserver64-amq-postgresql-s2i",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
"message": "A new BPMS application (using PostgreSQL and A-MQ) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. And for the A-MQ service use the credentials ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
@@ -511,7 +516,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver64-openshift:1.0"
+ "name": "jboss-processserver64-openshift:1.1"
}
}
},
@@ -882,7 +887,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-63:1.0"
+ "name": "jboss-amq-63:1.2"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver64-basic-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver64-basic-s2i.json
index 2bf15ff25..1b7cc8cf1 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver64-basic-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver64-basic-s2i.json
@@ -3,17 +3,21 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "description": "Application template for Red Hat JBoss BPM Suite 6.4 intelligent process server applications built using S2I.",
- "iconClass": "icon-jboss",
- "tags": "processserver,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.4 intelligent process server (no https)"
+ "iconClass": "icon-processserver",
+ "tags": "processserver,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss BPM Suite 6.4 intelligent process server (no https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example BPM Suite application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Business Process Suite intelligent process server 6.4 based application, including a build configuration, application deployment configuration and insecure communication using http.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-bpm-suite/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
},
"name": "processserver64-basic-s2i"
},
"labels": {
"template": "processserver64-basic-s2i",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
"message": "A new BPMS application has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}.",
"parameters": [
@@ -234,7 +238,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver64-openshift:1.0"
+ "name": "jboss-processserver64-openshift:1.1"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver64-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver64-mysql-persistent-s2i.json
index 4673dfb0d..1a4d0887c 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver64-mysql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver64-mysql-persistent-s2i.json
@@ -4,16 +4,21 @@
"metadata": {
"annotations": {
"description": "Application template for Red Hat JBoss BPM Suite 6.4 intelligent process server MySQL applications with persistent storage built using S2I.",
- "iconClass": "icon-jboss",
- "tags": "processserver,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.4 intelligent process server + MySQL (Persistent with https)"
+ "iconClass": "icon-processserver",
+ "tags": "processserver,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss BPM Suite 6.4 intelligent process server + MySQL (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example BPM Suite application with a MySQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Business Process Suite intelligent process server 6.4 based application, including a build configuration, application deployment configuration, database deployment configuration for MySQL using persistence and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-bpm-suite/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
},
"name": "processserver64-mysql-persistent-s2i"
},
"labels": {
"template": "processserver64-mysql-persistent-s2i",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
"message": "A new persistent BPMS application (using MySQL) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
@@ -455,7 +460,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver64-openshift:1.0"
+ "name": "jboss-processserver64-openshift:1.1"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver64-mysql-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver64-mysql-s2i.json
index 9078f20b8..7c491d832 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver64-mysql-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver64-mysql-s2i.json
@@ -3,17 +3,21 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "description": "Application template for Red Hat JBoss BPM Suite 6.4 intelligent process server MySQL applications built using S2I.",
- "iconClass": "icon-jboss",
- "tags": "processserver,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.4 intelligent process server + MySQL (Ephemeral with https)"
+ "iconClass": "icon-processserver",
+ "tags": "processserver,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss BPM Suite 6.4 intelligent process server + MySQL (Ephemeral with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example BPM Suite application with a MySQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Business Process Suite intelligent process server 6.4 based application, including a build configuration, application deployment configuration, database deployment configuration for MySQL using ephemeral (temporary) storage and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-bpm-suite/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
},
"name": "processserver64-mysql-s2i"
},
"labels": {
"template": "processserver64-mysql-s2i",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
"message": "A new BPMS application (using MySQL) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
@@ -448,7 +452,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver64-openshift:1.0"
+ "name": "jboss-processserver64-openshift:1.1"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver64-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver64-postgresql-persistent-s2i.json
index 75b6d310e..8965ea41f 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver64-postgresql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver64-postgresql-persistent-s2i.json
@@ -3,17 +3,21 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "description": "Application template for Red Hat JBoss BPM Suite 6.4 intelligent process server PostgreSQL applications with persistent storage built using S2I.",
- "iconClass": "icon-jboss",
- "tags": "processserver,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.4 intelligent process server + PostgreSQL (Persistent with https)"
+ "iconClass": "icon-processserver",
+ "tags": "processserver,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss BPM Suite 6.4 intelligent process server + PostgreSQL (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example BPM Suite application with a PostgreSQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Business Process Suite intelligent process server 6.4 based application, including a build configuration, application deployment configuration, database deployment configuration for PostgreSQL using persistence and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-bpm-suite/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
},
"name": "processserver64-postgresql-persistent-s2i"
},
"labels": {
"template": "processserver64-postgresql-persistent-s2i",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
"message": "A new persistent BPMS application (using PostgreSQL) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
@@ -437,7 +441,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver64-openshift:1.0"
+ "name": "jboss-processserver64-openshift:1.1"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver64-postgresql-s2i.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver64-postgresql-s2i.json
index 51923c0ad..e21f0ce4e 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver64-postgresql-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/processserver64-postgresql-s2i.json
@@ -3,17 +3,21 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "description": "Application template for Red Hat JBoss BPM Suite 6.4 intelligent process server PostgreSQL applications built using S2I.",
- "iconClass": "icon-jboss",
- "tags": "processserver,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.4 intelligent process server + PostgreSQL (Ephemeral with https)"
+ "iconClass": "icon-processserver",
+ "tags": "processserver,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss BPM Suite 6.4 intelligent process server + PostgreSQL (Ephemeral with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example BPM Suite application with a PostgreSQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Business Process Suite intelligent process server 6.4 based application, including a build configuration, application deployment configuration, database deployment configuration for PostgreSQL using ephemeral (temporary) storage and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-bpm-suite/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
},
"name": "processserver64-postgresql-s2i"
},
"labels": {
"template": "processserver64-postgresql-s2i",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
"message": "A new BPMS application (using PostgreSQL) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
@@ -430,7 +434,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver64-openshift:1.0"
+ "name": "jboss-processserver64-openshift:1.1"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/sso70-https.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/sso70-https.json
deleted file mode 100644
index 5e956f449..000000000
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/sso70-https.json
+++ /dev/null
@@ -1,544 +0,0 @@
-{
- "kind": "Template",
- "apiVersion": "v1",
- "metadata": {
- "annotations": {
- "description": "Application template for SSO 7.0",
- "iconClass" : "icon-jboss",
- "tags" : "sso,keycloak,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat Single Sign-On 7.0"
- },
- "name": "sso70-https"
- },
- "labels": {
- "template": "sso70-https",
- "xpaas": "1.4.0"
- },
- "message": "A new SSO service has been created in your project. The admin username/password for accessing the master realm via the SSO console is ${SSO_ADMIN_USERNAME}/${SSO_ADMIN_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications; \"${SSO_TRUSTSTORE_SECRET}\" containing the ${SSO_TRUSTSTORE} file used for securing SSO requests.",
- "parameters": [
- {
- "displayName": "Application Name",
- "description": "The name for the application.",
- "name": "APPLICATION_NAME",
- "value": "sso",
- "required": true
- },
- {
- "displayName": "Custom http Route Hostname",
- "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
- "name": "HOSTNAME_HTTP",
- "value": "",
- "required": false
- },
- {
- "displayName": "Custom https Route Hostname",
- "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
- "name": "HOSTNAME_HTTPS",
- "value": "",
- "required": false
- },
- {
- "displayName": "Service Account Name",
- "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
- "name": "SERVICE_ACCOUNT_NAME",
- "value": "sso-service-account",
- "required": true
- },
- {
- "displayName": "Server Keystore Secret Name",
- "description": "The name of the secret containing the keystore file",
- "name": "HTTPS_SECRET",
- "value": "sso-app-secret",
- "required": false
- },
- {
- "displayName": "Server Keystore Filename",
- "description": "The name of the keystore file within the secret",
- "name": "HTTPS_KEYSTORE",
- "value": "keystore.jks",
- "required": false
- },
- {
- "displayName": "Server Keystore Type",
- "description": "The type of the keystore file (JKS or JCEKS)",
- "name": "HTTPS_KEYSTORE_TYPE",
- "value": "",
- "required": false
- },
- {
- "displayName": "Server Certificate Name",
- "description": "The name associated with the server certificate (e.g. jboss)",
- "name": "HTTPS_NAME",
- "value": "",
- "required": false
- },
- {
- "displayName": "Server Keystore Password",
- "description": "The password for the keystore and certificate (e.g. mykeystorepass)",
- "name": "HTTPS_PASSWORD",
- "value": "",
- "required": false
- },
- {
- "displayName": "Datasource Minimum Pool Size",
- "description": "Sets xa-pool/min-pool-size for the configured datasource.",
- "name": "DB_MIN_POOL_SIZE",
- "required": false
- },
- {
- "displayName": "Datasource Maximum Pool Size",
- "description": "Sets xa-pool/max-pool-size for the configured datasource.",
- "name": "DB_MAX_POOL_SIZE",
- "required": false
- },
- {
- "displayName": "Datasource Transaction Isolation",
- "description": "Sets transaction-isolation for the configured datasource.",
- "name": "DB_TX_ISOLATION",
- "required": false
- },
- {
- "displayName": "JGroups Secret Name",
- "description": "The name of the secret containing the keystore file",
- "name": "JGROUPS_ENCRYPT_SECRET",
- "value": "sso-app-secret",
- "required": false
- },
- {
- "displayName": "JGroups Keystore Filename",
- "description": "The name of the keystore file within the secret",
- "name": "JGROUPS_ENCRYPT_KEYSTORE",
- "value": "jgroups.jceks",
- "required": false
- },
- {
- "displayName": "JGroups Certificate Name",
- "description": "The name associated with the server certificate (e.g. secret-key)",
- "name": "JGROUPS_ENCRYPT_NAME",
- "value": "",
- "required": false
- },
- {
- "displayName": "JGroups Keystore Password",
- "description": "The password for the keystore and certificate (e.g. password)",
- "name": "JGROUPS_ENCRYPT_PASSWORD",
- "value": "",
- "required": false
- },
- {
- "displayName": "JGroups Cluster Password",
- "description": "JGroups cluster password",
- "name": "JGROUPS_CLUSTER_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "ImageStream Namespace",
- "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
- "name": "IMAGE_STREAM_NAMESPACE",
- "value": "openshift",
- "required": true
- },
- {
- "displayName": "SSO Admin Username",
- "description": "SSO Server admin username",
- "name": "SSO_ADMIN_USERNAME",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "SSO Admin Password",
- "description": "SSO Server admin password",
- "name": "SSO_ADMIN_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "SSO Realm",
- "description": "Realm to be created in the SSO server (e.g. demo).",
- "name": "SSO_REALM",
- "value": "",
- "required": false
- },
- {
- "displayName": "SSO Service Username",
- "description": "The username used to access the SSO service. This is used by clients to create the appliction client(s) within the specified SSO realm.",
- "name": "SSO_SERVICE_USERNAME",
- "value": "",
- "required": false
- },
- {
- "displayName": "SSO Service Password",
- "description": "The password for the SSO service user.",
- "name": "SSO_SERVICE_PASSWORD",
- "value": "",
- "required": false
- },
- {
- "displayName": "SSO Trust Store",
- "description": "The name of the truststore file within the secret (e.g. truststore.jks)",
- "name": "SSO_TRUSTSTORE",
- "value": "",
- "required": false
- },
- {
- "displayName": "SSO Trust Store Password",
- "description": "The password for the truststore and certificate (e.g. mykeystorepass)",
- "name": "SSO_TRUSTSTORE_PASSWORD",
- "value": "",
- "required": false
- },
- {
- "displayName": "SSO Trust Store Secret",
- "description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
- "name": "SSO_TRUSTSTORE_SECRET",
- "value": "sso-app-secret",
- "required": false
- }
- ],
- "objects": [
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 8080,
- "targetPort": 8080
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The web server's http port."
- }
- }
- },
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 8443,
- "targetPort": 8443
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- }
- },
- "metadata": {
- "name": "secure-${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The web server's https port."
- }
- }
- },
- {
- "kind": "Route",
- "apiVersion": "v1",
- "id": "${APPLICATION_NAME}-http",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "Route for application's http service."
- }
- },
- "spec": {
- "host": "${HOSTNAME_HTTP}",
- "to": {
- "name": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "kind": "Route",
- "apiVersion": "v1",
- "id": "${APPLICATION_NAME}-https",
- "metadata": {
- "name": "secure-${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "Route for application's https service."
- }
- },
- "spec": {
- "host": "${HOSTNAME_HTTPS}",
- "to": {
- "name": "secure-${APPLICATION_NAME}"
- },
- "tls": {
- "termination": "passthrough"
- }
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}"
- ],
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "redhat-sso70-openshift:1.4"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}",
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
- "terminationGracePeriodSeconds": 75,
- "containers": [
- {
- "name": "${APPLICATION_NAME}",
- "image": "${APPLICATION_NAME}",
- "imagePullPolicy": "Always",
- "volumeMounts": [
- {
- "name": "eap-keystore-volume",
- "mountPath": "/etc/eap-secret-volume",
- "readOnly": true
- },
- {
- "name": "eap-jgroups-keystore-volume",
- "mountPath": "/etc/jgroups-encrypt-secret-volume",
- "readOnly": true
- },
- {
- "name": "sso-truststore-volume",
- "mountPath": "/etc/sso-secret-volume",
- "readOnly": true
- }
- ],
- "lifecycle": {
- "preStop": {
- "exec": {
- "command": [
- "/opt/eap/bin/jboss-cli.sh",
- "-c",
- ":shutdown(timeout=60)"
- ]
- }
- }
- },
- "livenessProbe": {
- "exec": {
- "command": [
- "/bin/bash",
- "-c",
- "/opt/eap/bin/livenessProbe.sh"
- ]
- }
- },
- "readinessProbe": {
- "exec": {
- "command": [
- "/bin/bash",
- "-c",
- "/opt/eap/bin/readinessProbe.sh"
- ]
- }
- },
- "ports": [
- {
- "name": "jolokia",
- "containerPort": 8778,
- "protocol": "TCP"
- },
- {
- "name": "http",
- "containerPort": 8080,
- "protocol": "TCP"
- },
- {
- "name": "https",
- "containerPort": 8443,
- "protocol": "TCP"
- },
- {
- "name": "ping",
- "containerPort": 8888,
- "protocol": "TCP"
- }
- ],
- "env": [
- {
- "name": "DB_MIN_POOL_SIZE",
- "value": "${DB_MIN_POOL_SIZE}"
- },
- {
- "name": "DB_MAX_POOL_SIZE",
- "value": "${DB_MAX_POOL_SIZE}"
- },
- {
- "name": "DB_TX_ISOLATION",
- "value": "${DB_TX_ISOLATION}"
- },
- {
- "name": "OPENSHIFT_KUBE_PING_LABELS",
- "value": "application=${APPLICATION_NAME}"
- },
- {
- "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
- "valueFrom": {
- "fieldRef": {
- "fieldPath": "metadata.namespace"
- }
- }
- },
- {
- "name": "HTTPS_KEYSTORE_DIR",
- "value": "/etc/eap-secret-volume"
- },
- {
- "name": "HTTPS_KEYSTORE",
- "value": "${HTTPS_KEYSTORE}"
- },
- {
- "name": "HTTPS_KEYSTORE_TYPE",
- "value": "${HTTPS_KEYSTORE_TYPE}"
- },
- {
- "name": "HTTPS_NAME",
- "value": "${HTTPS_NAME}"
- },
- {
- "name": "HTTPS_PASSWORD",
- "value": "${HTTPS_PASSWORD}"
- },
- {
- "name": "JGROUPS_ENCRYPT_SECRET",
- "value": "${JGROUPS_ENCRYPT_SECRET}"
- },
- {
- "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
- "value": "/etc/jgroups-encrypt-secret-volume"
- },
- {
- "name": "JGROUPS_ENCRYPT_KEYSTORE",
- "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
- },
- {
- "name": "JGROUPS_ENCRYPT_NAME",
- "value": "${JGROUPS_ENCRYPT_NAME}"
- },
- {
- "name": "JGROUPS_ENCRYPT_PASSWORD",
- "value": "${JGROUPS_ENCRYPT_PASSWORD}"
- },
- {
- "name": "JGROUPS_CLUSTER_PASSWORD",
- "value": "${JGROUPS_CLUSTER_PASSWORD}"
- },
- {
- "name": "SSO_ADMIN_USERNAME",
- "value": "${SSO_ADMIN_USERNAME}"
- },
- {
- "name": "SSO_ADMIN_PASSWORD",
- "value": "${SSO_ADMIN_PASSWORD}"
- },
- {
- "name": "SSO_REALM",
- "value": "${SSO_REALM}"
- },
- {
- "name": "SSO_SERVICE_USERNAME",
- "value": "${SSO_SERVICE_USERNAME}"
- },
- {
- "name": "SSO_SERVICE_PASSWORD",
- "value": "${SSO_SERVICE_PASSWORD}"
- },
- {
- "name": "SSO_TRUSTSTORE",
- "value": "${SSO_TRUSTSTORE}"
- },
- {
- "name": "SSO_TRUSTSTORE_DIR",
- "value": "/etc/sso-secret-volume"
- },
- {
- "name": "SSO_TRUSTSTORE_PASSWORD",
- "value": "${SSO_TRUSTSTORE_PASSWORD}"
- }
- ]
- }
- ],
- "volumes": [
- {
- "name": "eap-keystore-volume",
- "secret": {
- "secretName": "${HTTPS_SECRET}"
- }
- },
- {
- "name": "eap-jgroups-keystore-volume",
- "secret": {
- "secretName": "${JGROUPS_ENCRYPT_SECRET}"
- }
- },
- {
- "name": "sso-truststore-volume",
- "secret": {
- "secretName": "${SSO_TRUSTSTORE_SECRET}"
- }
- }
- ]
- }
- }
- }
- }
- ]
-}
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/sso70-mysql-persistent.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/sso70-mysql-persistent.json
deleted file mode 100644
index 0fb2703c7..000000000
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/sso70-mysql-persistent.json
+++ /dev/null
@@ -1,799 +0,0 @@
-{
- "kind": "Template",
- "apiVersion": "v1",
- "metadata": {
- "annotations": {
- "description": "Application template for SSO 7.0 MySQL applications with persistent storage",
- "iconClass" : "icon-jboss",
- "tags" : "sso,keycloak,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat Single Sign-On 7.0 + MySQL (Persistent)"
- },
- "name": "sso70-mysql-persistent"
- },
- "labels": {
- "template": "sso70-mysql-persistent",
- "xpaas": "1.4.0"
- },
- "message": "A new persistent SSO service (using MySQL) has been created in your project. The admin username/password for accessing the master realm via the SSO console is ${SSO_ADMIN_USERNAME}/${SSO_ADMIN_PASSWORD}. The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications; \"${SSO_TRUSTSTORE_SECRET}\" containing the ${SSO_TRUSTSTORE} file used for securing SSO requests.",
- "parameters": [
- {
- "displayName": "Application Name",
- "description": "The name for the application.",
- "name": "APPLICATION_NAME",
- "value": "sso",
- "required": true
- },
- {
- "displayName": "Custom http Route Hostname",
- "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
- "name": "HOSTNAME_HTTP",
- "value": "",
- "required": false
- },
- {
- "displayName": "Custom https Route Hostname",
- "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
- "name": "HOSTNAME_HTTPS",
- "value": "",
- "required": false
- },
- {
- "displayName": "Database JNDI Name",
- "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
- "name": "DB_JNDI",
- "value": "java:jboss/datasources/KeycloakDS",
- "required": false
- },
- {
- "displayName": "Database Name",
- "description": "Database name",
- "name": "DB_DATABASE",
- "value": "root",
- "required": true
- },
- {
- "displayName": "Service Account Name",
- "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
- "name": "SERVICE_ACCOUNT_NAME",
- "value": "sso-service-account",
- "required": true
- },
- {
- "displayName": "Server Keystore Secret Name",
- "description": "The name of the secret containing the keystore file",
- "name": "HTTPS_SECRET",
- "value": "sso-app-secret",
- "required": false
- },
- {
- "displayName": "Server Keystore Filename",
- "description": "The name of the keystore file within the secret",
- "name": "HTTPS_KEYSTORE",
- "value": "keystore.jks",
- "required": false
- },
- {
- "displayName": "Server Keystore Type",
- "description": "The type of the keystore file (JKS or JCEKS)",
- "name": "HTTPS_KEYSTORE_TYPE",
- "value": "",
- "required": false
- },
- {
- "displayName": "Server Certificate Name",
- "description": "The name associated with the server certificate (e.g. jboss)",
- "name": "HTTPS_NAME",
- "value": "",
- "required": false
- },
- {
- "displayName": "Server Keystore Password",
- "description": "The password for the keystore and certificate (e.g. mykeystorepass)",
- "name": "HTTPS_PASSWORD",
- "value": "",
- "required": false
- },
- {
- "displayName": "Datasource Minimum Pool Size",
- "description": "Sets xa-pool/min-pool-size for the configured datasource.",
- "name": "DB_MIN_POOL_SIZE",
- "required": false
- },
- {
- "displayName": "Datasource Maximum Pool Size",
- "description": "Sets xa-pool/max-pool-size for the configured datasource.",
- "name": "DB_MAX_POOL_SIZE",
- "required": false
- },
- {
- "displayName": "Datasource Transaction Isolation",
- "description": "Sets transaction-isolation for the configured datasource.",
- "name": "DB_TX_ISOLATION",
- "required": false
- },
- {
- "displayName": "MySQL Lower Case Table Names",
- "description": "Sets how the table names are stored and compared.",
- "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
- "required": false
- },
- {
- "displayName": "MySQL Maximum number of connections",
- "description": "The maximum permitted number of simultaneous client connections.",
- "name": "MYSQL_MAX_CONNECTIONS",
- "required": false
- },
- {
- "displayName": "MySQL FullText Minimum Word Length",
- "description": "The minimum length of the word to be included in a FULLTEXT index.",
- "name": "MYSQL_FT_MIN_WORD_LEN",
- "required": false
- },
- {
- "displayName": "MySQL FullText Maximum Word Length",
- "description": "The maximum length of the word to be included in a FULLTEXT index.",
- "name": "MYSQL_FT_MAX_WORD_LEN",
- "required": false
- },
- {
- "displayName": "MySQL AIO",
- "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
- "name": "MYSQL_AIO",
- "required": false
- },
- {
- "displayName": "Database Username",
- "description": "Database user name",
- "name": "DB_USERNAME",
- "from": "user[a-zA-Z0-9]{3}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Database Password",
- "description": "Database user password",
- "name": "DB_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Database Volume Capacity",
- "description": "Size of persistent storage for database volume.",
- "name": "VOLUME_CAPACITY",
- "value": "512Mi",
- "required": true
- },
- {
- "displayName": "JGroups Secret Name",
- "description": "The name of the secret containing the keystore file",
- "name": "JGROUPS_ENCRYPT_SECRET",
- "value": "sso-app-secret",
- "required": false
- },
- {
- "displayName": "JGroups Keystore Filename",
- "description": "The name of the keystore file within the secret",
- "name": "JGROUPS_ENCRYPT_KEYSTORE",
- "value": "jgroups.jceks",
- "required": false
- },
- {
- "displayName": "JGroups Certificate Name",
- "description": "The name associated with the server certificate (e.g. secret-key)",
- "name": "JGROUPS_ENCRYPT_NAME",
- "value": "",
- "required": false
- },
- {
- "displayName": "JGroups Keystore Password",
- "description": "The password for the keystore and certificate (e.g. password)",
- "name": "JGROUPS_ENCRYPT_PASSWORD",
- "value": "",
- "required": false
- },
- {
- "displayName": "JGroups Cluster Password",
- "description": "JGroups cluster password",
- "name": "JGROUPS_CLUSTER_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "ImageStream Namespace",
- "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
- "name": "IMAGE_STREAM_NAMESPACE",
- "value": "openshift",
- "required": true
- },
- {
- "displayName": "SSO Admin Username",
- "description": "SSO Server admin username",
- "name": "SSO_ADMIN_USERNAME",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "SSO Admin Password",
- "description": "SSO Server admin password",
- "name": "SSO_ADMIN_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "SSO Realm",
- "description": "Realm to be created in the SSO server (e.g. demo).",
- "name": "SSO_REALM",
- "value": "",
- "required": false
- },
- {
- "displayName": "SSO Service Username",
- "description": "The username used to access the SSO service. This is used by clients to create the appliction client(s) within the specified SSO realm.",
- "name": "SSO_SERVICE_USERNAME",
- "value": "",
- "required": false
- },
- {
- "displayName": "SSO Service Password",
- "description": "The password for the SSO service user.",
- "name": "SSO_SERVICE_PASSWORD",
- "value": "",
- "required": false
- },
- {
- "displayName": "SSO Trust Store",
- "description": "The name of the truststore file within the secret (e.g. truststore.jks)",
- "name": "SSO_TRUSTSTORE",
- "value": "",
- "required": false
- },
- {
- "displayName": "SSO Trust Store Password",
- "description": "The password for the truststore and certificate (e.g. mykeystorepass)",
- "name": "SSO_TRUSTSTORE_PASSWORD",
- "value": "",
- "required": false
- },
- {
- "displayName": "SSO Trust Store Secret",
- "description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
- "name": "SSO_TRUSTSTORE_SECRET",
- "value": "sso-app-secret",
- "required": false
- },
- {
- "displayName": "MySQL Image Stream Tag",
- "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
- "name": "MYSQL_IMAGE_STREAM_TAG",
- "value": "5.7",
- "required": true
- }
- ],
- "objects": [
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 8080,
- "targetPort": 8080
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The web server's http port.",
- "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
- }
- }
- },
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 8443,
- "targetPort": 8443
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- }
- },
- "metadata": {
- "name": "secure-${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The web server's https port.",
- "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
- }
- }
- },
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 3306,
- "targetPort": 3306
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}-mysql"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}-mysql",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The database server's port."
- }
- }
- },
- {
- "kind": "Route",
- "apiVersion": "v1",
- "id": "${APPLICATION_NAME}-http",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "Route for application's http service."
- }
- },
- "spec": {
- "host": "${HOSTNAME_HTTP}",
- "to": {
- "name": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "kind": "Route",
- "apiVersion": "v1",
- "id": "${APPLICATION_NAME}-https",
- "metadata": {
- "name": "secure-${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "Route for application's https service."
- }
- },
- "spec": {
- "host": "${HOSTNAME_HTTPS}",
- "to": {
- "name": "secure-${APPLICATION_NAME}"
- },
- "tls": {
- "termination": "passthrough"
- }
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}"
- ],
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "redhat-sso70-openshift:1.4"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}",
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
- "terminationGracePeriodSeconds": 75,
- "containers": [
- {
- "name": "${APPLICATION_NAME}",
- "image": "${APPLICATION_NAME}",
- "imagePullPolicy": "Always",
- "volumeMounts": [
- {
- "name": "eap-keystore-volume",
- "mountPath": "/etc/eap-secret-volume",
- "readOnly": true
- },
- {
- "name": "eap-jgroups-keystore-volume",
- "mountPath": "/etc/jgroups-encrypt-secret-volume",
- "readOnly": true
- },
- {
- "name": "sso-truststore-volume",
- "mountPath": "/etc/sso-secret-volume",
- "readOnly": true
- }
- ],
- "lifecycle": {
- "preStop": {
- "exec": {
- "command": [
- "/opt/eap/bin/jboss-cli.sh",
- "-c",
- ":shutdown(timeout=60)"
- ]
- }
- }
- },
- "livenessProbe": {
- "exec": {
- "command": [
- "/bin/bash",
- "-c",
- "/opt/eap/bin/livenessProbe.sh"
- ]
- }
- },
- "readinessProbe": {
- "exec": {
- "command": [
- "/bin/bash",
- "-c",
- "/opt/eap/bin/readinessProbe.sh"
- ]
- }
- },
- "ports": [
- {
- "name": "jolokia",
- "containerPort": 8778,
- "protocol": "TCP"
- },
- {
- "name": "http",
- "containerPort": 8080,
- "protocol": "TCP"
- },
- {
- "name": "https",
- "containerPort": 8443,
- "protocol": "TCP"
- },
- {
- "name": "ping",
- "containerPort": 8888,
- "protocol": "TCP"
- }
- ],
- "env": [
- {
- "name": "DB_SERVICE_PREFIX_MAPPING",
- "value": "${APPLICATION_NAME}-mysql=DB"
- },
- {
- "name": "DB_JNDI",
- "value": "${DB_JNDI}"
- },
- {
- "name": "DB_USERNAME",
- "value": "${DB_USERNAME}"
- },
- {
- "name": "DB_PASSWORD",
- "value": "${DB_PASSWORD}"
- },
- {
- "name": "DB_DATABASE",
- "value": "${DB_DATABASE}"
- },
- {
- "name": "TX_DATABASE_PREFIX_MAPPING",
- "value": "${APPLICATION_NAME}-mysql=DB"
- },
- {
- "name": "DB_MIN_POOL_SIZE",
- "value": "${DB_MIN_POOL_SIZE}"
- },
- {
- "name": "DB_MAX_POOL_SIZE",
- "value": "${DB_MAX_POOL_SIZE}"
- },
- {
- "name": "DB_TX_ISOLATION",
- "value": "${DB_TX_ISOLATION}"
- },
- {
- "name": "OPENSHIFT_KUBE_PING_LABELS",
- "value": "application=${APPLICATION_NAME}"
- },
- {
- "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
- "valueFrom": {
- "fieldRef": {
- "fieldPath": "metadata.namespace"
- }
- }
- },
- {
- "name": "HTTPS_KEYSTORE_DIR",
- "value": "/etc/eap-secret-volume"
- },
- {
- "name": "HTTPS_KEYSTORE",
- "value": "${HTTPS_KEYSTORE}"
- },
- {
- "name": "HTTPS_KEYSTORE_TYPE",
- "value": "${HTTPS_KEYSTORE_TYPE}"
- },
- {
- "name": "HTTPS_NAME",
- "value": "${HTTPS_NAME}"
- },
- {
- "name": "HTTPS_PASSWORD",
- "value": "${HTTPS_PASSWORD}"
- },
- {
- "name": "JGROUPS_ENCRYPT_SECRET",
- "value": "${JGROUPS_ENCRYPT_SECRET}"
- },
- {
- "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
- "value": "/etc/jgroups-encrypt-secret-volume"
- },
- {
- "name": "JGROUPS_ENCRYPT_KEYSTORE",
- "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
- },
- {
- "name": "JGROUPS_ENCRYPT_NAME",
- "value": "${JGROUPS_ENCRYPT_NAME}"
- },
- {
- "name": "JGROUPS_ENCRYPT_PASSWORD",
- "value": "${JGROUPS_ENCRYPT_PASSWORD}"
- },
- {
- "name": "JGROUPS_CLUSTER_PASSWORD",
- "value": "${JGROUPS_CLUSTER_PASSWORD}"
- },
- {
- "name": "SSO_ADMIN_USERNAME",
- "value": "${SSO_ADMIN_USERNAME}"
- },
- {
- "name": "SSO_ADMIN_PASSWORD",
- "value": "${SSO_ADMIN_PASSWORD}"
- },
- {
- "name": "SSO_REALM",
- "value": "${SSO_REALM}"
- },
- {
- "name": "SSO_SERVICE_USERNAME",
- "value": "${SSO_SERVICE_USERNAME}"
- },
- {
- "name": "SSO_SERVICE_PASSWORD",
- "value": "${SSO_SERVICE_PASSWORD}"
- },
- {
- "name": "SSO_TRUSTSTORE",
- "value": "${SSO_TRUSTSTORE}"
- },
- {
- "name": "SSO_TRUSTSTORE_DIR",
- "value": "/etc/sso-secret-volume"
- },
- {
- "name": "SSO_TRUSTSTORE_PASSWORD",
- "value": "${SSO_TRUSTSTORE_PASSWORD}"
- }
- ]
- }
- ],
- "volumes": [
- {
- "name": "eap-keystore-volume",
- "secret": {
- "secretName": "${HTTPS_SECRET}"
- }
- },
- {
- "name": "eap-jgroups-keystore-volume",
- "secret": {
- "secretName": "${JGROUPS_ENCRYPT_SECRET}"
- }
- },
- {
- "name": "sso-truststore-volume",
- "secret": {
- "secretName": "${SSO_TRUSTSTORE_SECRET}"
- }
- }
- ]
- }
- }
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}-mysql",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}-mysql"
- ],
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}-mysql"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}-mysql",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}-mysql",
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "terminationGracePeriodSeconds": 60,
- "containers": [
- {
- "name": "${APPLICATION_NAME}-mysql",
- "image": "mysql",
- "imagePullPolicy": "Always",
- "ports": [
- {
- "containerPort": 3306,
- "protocol": "TCP"
- }
- ],
- "volumeMounts": [
- {
- "mountPath": "/var/lib/mysql/data",
- "name": "${APPLICATION_NAME}-mysql-pvol"
- }
- ],
- "env": [
- {
- "name": "MYSQL_USER",
- "value": "${DB_USERNAME}"
- },
- {
- "name": "MYSQL_PASSWORD",
- "value": "${DB_PASSWORD}"
- },
- {
- "name": "MYSQL_DATABASE",
- "value": "${DB_DATABASE}"
- },
- {
- "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
- "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
- },
- {
- "name": "MYSQL_MAX_CONNECTIONS",
- "value": "${MYSQL_MAX_CONNECTIONS}"
- },
- {
- "name": "MYSQL_FT_MIN_WORD_LEN",
- "value": "${MYSQL_FT_MIN_WORD_LEN}"
- },
- {
- "name": "MYSQL_FT_MAX_WORD_LEN",
- "value": "${MYSQL_FT_MAX_WORD_LEN}"
- },
- {
- "name": "MYSQL_AIO",
- "value": "${MYSQL_AIO}"
- }
- ]
- }
- ],
- "volumes": [
- {
- "name": "${APPLICATION_NAME}-mysql-pvol",
- "persistentVolumeClaim": {
- "claimName": "${APPLICATION_NAME}-mysql-claim"
- }
- }
- ]
- }
- }
- }
- },
- {
- "apiVersion": "v1",
- "kind": "PersistentVolumeClaim",
- "metadata": {
- "name": "${APPLICATION_NAME}-mysql-claim",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "accessModes": [
- "ReadWriteOnce"
- ],
- "resources": {
- "requests": {
- "storage": "${VOLUME_CAPACITY}"
- }
- }
- }
- }
- ]
-}
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/sso70-mysql.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/sso70-mysql.json
deleted file mode 100644
index 9beae806b..000000000
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/sso70-mysql.json
+++ /dev/null
@@ -1,767 +0,0 @@
-{
- "kind": "Template",
- "apiVersion": "v1",
- "metadata": {
- "annotations": {
- "description": "Application template for SSO 7.0 MySQL applications",
- "iconClass" : "icon-jboss",
- "tags" : "sso,keycloak,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat Single Sign-On 7.0 + MySQL (Ephemeral)"
- },
- "name": "sso70-mysql"
- },
- "labels": {
- "template": "sso70-mysql",
- "xpaas": "1.4.0"
- },
- "message": "A new SSO service (using MySQL) has been created in your project. The admin username/password for accessing the master realm via the SSO console is ${SSO_ADMIN_USERNAME}/${SSO_ADMIN_PASSWORD}. The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications; \"${SSO_TRUSTSTORE_SECRET}\" containing the ${SSO_TRUSTSTORE} file used for securing SSO requests.",
- "parameters": [
- {
- "displayName": "Application Name",
- "description": "The name for the application.",
- "name": "APPLICATION_NAME",
- "value": "sso",
- "required": true
- },
- {
- "displayName": "Custom http Route Hostname",
- "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
- "name": "HOSTNAME_HTTP",
- "value": "",
- "required": false
- },
- {
- "displayName": "Custom https Route Hostname",
- "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
- "name": "HOSTNAME_HTTPS",
- "value": "",
- "required": false
- },
- {
- "displayName": "Database JNDI Name",
- "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
- "name": "DB_JNDI",
- "value": "java:jboss/datasources/KeycloakDS",
- "required": false
- },
- {
- "displayName": "Database Name",
- "description": "Database name",
- "name": "DB_DATABASE",
- "value": "root",
- "required": true
- },
- {
- "displayName": "Service Account Name",
- "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
- "name": "SERVICE_ACCOUNT_NAME",
- "value": "sso-service-account",
- "required": true
- },
- {
- "displayName": "Server Keystore Secret Name",
- "description": "The name of the secret containing the keystore file",
- "name": "HTTPS_SECRET",
- "value": "sso-app-secret",
- "required": false
- },
- {
- "displayName": "Server Keystore Filename",
- "description": "The name of the keystore file within the secret",
- "name": "HTTPS_KEYSTORE",
- "value": "keystore.jks",
- "required": false
- },
- {
- "displayName": "Server Keystore Type",
- "description": "The type of the keystore file (JKS or JCEKS)",
- "name": "HTTPS_KEYSTORE_TYPE",
- "value": "",
- "required": false
- },
- {
- "displayName": "Server Certificate Name",
- "description": "The name associated with the server certificate (e.g. jboss)",
- "name": "HTTPS_NAME",
- "value": "",
- "required": false
- },
- {
- "displayName": "Server Keystore Password",
- "description": "The password for the keystore and certificate (e.g. mykeystorepass)",
- "name": "HTTPS_PASSWORD",
- "value": "",
- "required": false
- },
- {
- "displayName": "Datasource Minimum Pool Size",
- "description": "Sets xa-pool/min-pool-size for the configured datasource.",
- "name": "DB_MIN_POOL_SIZE",
- "required": false
- },
- {
- "displayName": "Datasource Maximum Pool Size",
- "description": "Sets xa-pool/max-pool-size for the configured datasource.",
- "name": "DB_MAX_POOL_SIZE",
- "required": false
- },
- {
- "displayName": "Datasource Transaction Isolation",
- "description": "Sets transaction-isolation for the configured datasource.",
- "name": "DB_TX_ISOLATION",
- "required": false
- },
- {
- "displayName": "MySQL Lower Case Table Names",
- "description": "Sets how the table names are stored and compared.",
- "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
- "required": false
- },
- {
- "displayName": "MySQL Maximum number of connections",
- "description": "The maximum permitted number of simultaneous client connections.",
- "name": "MYSQL_MAX_CONNECTIONS",
- "required": false
- },
- {
- "displayName": "MySQL FullText Minimum Word Length",
- "description": "The minimum length of the word to be included in a FULLTEXT index.",
- "name": "MYSQL_FT_MIN_WORD_LEN",
- "required": false
- },
- {
- "displayName": "MySQL FullText Maximum Word Length",
- "description": "The maximum length of the word to be included in a FULLTEXT index.",
- "name": "MYSQL_FT_MAX_WORD_LEN",
- "required": false
- },
- {
- "displayName": "MySQL AIO",
- "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
- "name": "MYSQL_AIO",
- "required": false
- },
- {
- "displayName": "Database Username",
- "description": "Database user name",
- "name": "DB_USERNAME",
- "from": "user[a-zA-Z0-9]{3}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Database Password",
- "description": "Database user password",
- "name": "DB_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "JGroups Secret Name",
- "description": "The name of the secret containing the keystore file",
- "name": "JGROUPS_ENCRYPT_SECRET",
- "value": "sso-app-secret",
- "required": false
- },
- {
- "displayName": "JGroups Keystore Filename",
- "description": "The name of the keystore file within the secret",
- "name": "JGROUPS_ENCRYPT_KEYSTORE",
- "value": "jgroups.jceks",
- "required": false
- },
- {
- "displayName": "JGroups Certificate Name",
- "description": "The name associated with the server certificate (e.g. secret-key)",
- "name": "JGROUPS_ENCRYPT_NAME",
- "value": "",
- "required": false
- },
- {
- "displayName": "JGroups Keystore Password",
- "description": "The password for the keystore and certificate (e.g. password)",
- "name": "JGROUPS_ENCRYPT_PASSWORD",
- "value": "",
- "required": false
- },
- {
- "displayName": "JGroups Cluster Password",
- "description": "JGroups cluster password",
- "name": "JGROUPS_CLUSTER_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "ImageStream Namespace",
- "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
- "name": "IMAGE_STREAM_NAMESPACE",
- "value": "openshift",
- "required": true
- },
- {
- "displayName": "SSO Admin Username",
- "description": "SSO Server admin username",
- "name": "SSO_ADMIN_USERNAME",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "SSO Admin Password",
- "description": "SSO Server admin password",
- "name": "SSO_ADMIN_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "SSO Realm",
- "description": "Realm to be created in the SSO server (e.g. demo).",
- "name": "SSO_REALM",
- "value": "",
- "required": false
- },
- {
- "displayName": "SSO Service Username",
- "description": "The username used to access the SSO service. This is used by clients to create the appliction client(s) within the specified SSO realm.",
- "name": "SSO_SERVICE_USERNAME",
- "value": "",
- "required": false
- },
- {
- "displayName": "SSO Service Password",
- "description": "The password for the SSO service user.",
- "name": "SSO_SERVICE_PASSWORD",
- "value": "",
- "required": false
- },
- {
- "displayName": "SSO Trust Store",
- "description": "The name of the truststore file within the secret (e.g. truststore.jks)",
- "name": "SSO_TRUSTSTORE",
- "value": "",
- "required": false
- },
- {
- "displayName": "SSO Trust Store Password",
- "description": "The password for the truststore and certificate (e.g. mykeystorepass)",
- "name": "SSO_TRUSTSTORE_PASSWORD",
- "value": "",
- "required": false
- },
- {
- "displayName": "SSO Trust Store Secret",
- "description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
- "name": "SSO_TRUSTSTORE_SECRET",
- "value": "sso-app-secret",
- "required": false
- },
- {
- "displayName": "MySQL Image Stream Tag",
- "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
- "name": "MYSQL_IMAGE_STREAM_TAG",
- "value": "5.7",
- "required": true
- }
- ],
- "objects": [
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 8080,
- "targetPort": 8080
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}",
- "component": "server"
- },
- "annotations": {
- "description": "The web server's http port.",
- "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
- }
- }
- },
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 8443,
- "targetPort": 8443
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- }
- },
- "metadata": {
- "name": "secure-${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}",
- "component": "server"
- },
- "annotations": {
- "description": "The web server's https port.",
- "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
- }
- }
- },
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 3306,
- "targetPort": 3306
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}-mysql"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}-mysql",
- "labels": {
- "application": "${APPLICATION_NAME}",
- "component": "database"
- },
- "annotations": {
- "description": "The database server's port."
- }
- }
- },
- {
- "kind": "Route",
- "apiVersion": "v1",
- "id": "${APPLICATION_NAME}-http",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}",
- "component": "server"
- },
- "annotations": {
- "description": "Route for application's http service."
- }
- },
- "spec": {
- "host": "${HOSTNAME_HTTP}",
- "to": {
- "name": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "kind": "Route",
- "apiVersion": "v1",
- "id": "${APPLICATION_NAME}-https",
- "metadata": {
- "name": "secure-${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}",
- "component": "server"
- },
- "annotations": {
- "description": "Route for application's https service."
- }
- },
- "spec": {
- "host": "${HOSTNAME_HTTPS}",
- "to": {
- "name": "secure-${APPLICATION_NAME}"
- },
- "tls": {
- "termination": "passthrough"
- }
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}",
- "component": "server"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}"
- ],
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "redhat-sso70-openshift:1.4"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}",
- "application": "${APPLICATION_NAME}",
- "component": "server"
- }
- },
- "spec": {
- "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
- "terminationGracePeriodSeconds": 75,
- "containers": [
- {
- "name": "${APPLICATION_NAME}",
- "image": "${APPLICATION_NAME}",
- "imagePullPolicy": "Always",
- "volumeMounts": [
- {
- "name": "eap-keystore-volume",
- "mountPath": "/etc/eap-secret-volume",
- "readOnly": true
- },
- {
- "name": "eap-jgroups-keystore-volume",
- "mountPath": "/etc/jgroups-encrypt-secret-volume",
- "readOnly": true
- },
- {
- "name": "sso-truststore-volume",
- "mountPath": "/etc/sso-secret-volume",
- "readOnly": true
- }
- ],
- "lifecycle": {
- "preStop": {
- "exec": {
- "command": [
- "/opt/eap/bin/jboss-cli.sh",
- "-c",
- ":shutdown(timeout=60)"
- ]
- }
- }
- },
- "livenessProbe": {
- "exec": {
- "command": [
- "/bin/bash",
- "-c",
- "/opt/eap/bin/livenessProbe.sh"
- ]
- }
- },
- "readinessProbe": {
- "exec": {
- "command": [
- "/bin/bash",
- "-c",
- "/opt/eap/bin/readinessProbe.sh"
- ]
- }
- },
- "ports": [
- {
- "name": "jolokia",
- "containerPort": 8778,
- "protocol": "TCP"
- },
- {
- "name": "http",
- "containerPort": 8080,
- "protocol": "TCP"
- },
- {
- "name": "https",
- "containerPort": 8443,
- "protocol": "TCP"
- },
- {
- "name": "ping",
- "containerPort": 8888,
- "protocol": "TCP"
- }
- ],
- "env": [
- {
- "name": "DB_SERVICE_PREFIX_MAPPING",
- "value": "${APPLICATION_NAME}-mysql=DB"
- },
- {
- "name": "DB_JNDI",
- "value": "${DB_JNDI}"
- },
- {
- "name": "DB_USERNAME",
- "value": "${DB_USERNAME}"
- },
- {
- "name": "DB_PASSWORD",
- "value": "${DB_PASSWORD}"
- },
- {
- "name": "DB_DATABASE",
- "value": "${DB_DATABASE}"
- },
- {
- "name": "TX_DATABASE_PREFIX_MAPPING",
- "value": "${APPLICATION_NAME}-mysql=DB"
- },
- {
- "name": "DB_MIN_POOL_SIZE",
- "value": "${DB_MIN_POOL_SIZE}"
- },
- {
- "name": "DB_MAX_POOL_SIZE",
- "value": "${DB_MAX_POOL_SIZE}"
- },
- {
- "name": "DB_TX_ISOLATION",
- "value": "${DB_TX_ISOLATION}"
- },
- {
- "name": "OPENSHIFT_KUBE_PING_LABELS",
- "value": "application=${APPLICATION_NAME}"
- },
- {
- "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
- "valueFrom": {
- "fieldRef": {
- "fieldPath": "metadata.namespace"
- }
- }
- },
- {
- "name": "HTTPS_KEYSTORE_DIR",
- "value": "/etc/eap-secret-volume"
- },
- {
- "name": "HTTPS_KEYSTORE",
- "value": "${HTTPS_KEYSTORE}"
- },
- {
- "name": "HTTPS_KEYSTORE_TYPE",
- "value": "${HTTPS_KEYSTORE_TYPE}"
- },
- {
- "name": "HTTPS_NAME",
- "value": "${HTTPS_NAME}"
- },
- {
- "name": "HTTPS_PASSWORD",
- "value": "${HTTPS_PASSWORD}"
- },
- {
- "name": "JGROUPS_ENCRYPT_SECRET",
- "value": "${JGROUPS_ENCRYPT_SECRET}"
- },
- {
- "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
- "value": "/etc/jgroups-encrypt-secret-volume"
- },
- {
- "name": "JGROUPS_ENCRYPT_KEYSTORE",
- "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
- },
- {
- "name": "JGROUPS_ENCRYPT_NAME",
- "value": "${JGROUPS_ENCRYPT_NAME}"
- },
- {
- "name": "JGROUPS_ENCRYPT_PASSWORD",
- "value": "${JGROUPS_ENCRYPT_PASSWORD}"
- },
- {
- "name": "JGROUPS_CLUSTER_PASSWORD",
- "value": "${JGROUPS_CLUSTER_PASSWORD}"
- },
- {
- "name": "SSO_ADMIN_USERNAME",
- "value": "${SSO_ADMIN_USERNAME}"
- },
- {
- "name": "SSO_ADMIN_PASSWORD",
- "value": "${SSO_ADMIN_PASSWORD}"
- },
- {
- "name": "SSO_REALM",
- "value": "${SSO_REALM}"
- },
- {
- "name": "SSO_SERVICE_USERNAME",
- "value": "${SSO_SERVICE_USERNAME}"
- },
- {
- "name": "SSO_SERVICE_PASSWORD",
- "value": "${SSO_SERVICE_PASSWORD}"
- },
- {
- "name": "SSO_TRUSTSTORE",
- "value": "${SSO_TRUSTSTORE}"
- },
- {
- "name": "SSO_TRUSTSTORE_DIR",
- "value": "/etc/sso-secret-volume"
- },
- {
- "name": "SSO_TRUSTSTORE_PASSWORD",
- "value": "${SSO_TRUSTSTORE_PASSWORD}"
- }
- ]
- }
- ],
- "volumes": [
- {
- "name": "eap-keystore-volume",
- "secret": {
- "secretName": "${HTTPS_SECRET}"
- }
- },
- {
- "name": "eap-jgroups-keystore-volume",
- "secret": {
- "secretName": "${JGROUPS_ENCRYPT_SECRET}"
- }
- },
- {
- "name": "sso-truststore-volume",
- "secret": {
- "secretName": "${SSO_TRUSTSTORE_SECRET}"
- }
- }
- ]
- }
- }
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}-mysql",
- "labels": {
- "application": "${APPLICATION_NAME}",
- "component": "database"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}-mysql"
- ],
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}-mysql"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}-mysql",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}-mysql",
- "application": "${APPLICATION_NAME}",
- "component": "database"
- }
- },
- "spec": {
- "terminationGracePeriodSeconds": 60,
- "containers": [
- {
- "name": "${APPLICATION_NAME}-mysql",
- "image": "mysql",
- "imagePullPolicy": "Always",
- "ports": [
- {
- "containerPort": 3306,
- "protocol": "TCP"
- }
- ],
- "env": [
- {
- "name": "MYSQL_USER",
- "value": "${DB_USERNAME}"
- },
- {
- "name": "MYSQL_PASSWORD",
- "value": "${DB_PASSWORD}"
- },
- {
- "name": "MYSQL_DATABASE",
- "value": "${DB_DATABASE}"
- },
- {
- "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
- "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
- },
- {
- "name": "MYSQL_MAX_CONNECTIONS",
- "value": "${MYSQL_MAX_CONNECTIONS}"
- },
- {
- "name": "MYSQL_FT_MIN_WORD_LEN",
- "value": "${MYSQL_FT_MIN_WORD_LEN}"
- },
- {
- "name": "MYSQL_FT_MAX_WORD_LEN",
- "value": "${MYSQL_FT_MAX_WORD_LEN}"
- },
- {
- "name": "MYSQL_AIO",
- "value": "${MYSQL_AIO}"
- }
- ]
- }
- ]
- }
- }
- }
- }
- ]
-}
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/sso70-postgresql-persistent.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/sso70-postgresql-persistent.json
deleted file mode 100644
index e22399351..000000000
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/sso70-postgresql-persistent.json
+++ /dev/null
@@ -1,773 +0,0 @@
-{
- "kind": "Template",
- "apiVersion": "v1",
- "metadata": {
- "annotations": {
- "description": "Application template for SSO 7.0 PostgreSQL applications with persistent storage",
- "iconClass" : "icon-jboss",
- "tags" : "sso,keycloak,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat Single Sign-On 7.0 + PostgreSQL (Persistent)"
- },
- "name": "sso70-postgresql-persistent"
- },
- "labels": {
- "template": "sso70-postgresql-persistent",
- "xpaas": "1.4.0"
- },
- "message": "A new persistent SSO service (using PostgreSQL) has been created in your project. The admin username/password for accessing the master realm via the SSO console is ${SSO_ADMIN_USERNAME}/${SSO_ADMIN_PASSWORD}. The username/password for accessing the PostgreSQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications; \"${SSO_TRUSTSTORE_SECRET}\" containing the ${SSO_TRUSTSTORE} file used for securing SSO requests.",
- "parameters": [
- {
- "displayName": "Application Name",
- "description": "The name for the application.",
- "name": "APPLICATION_NAME",
- "value": "sso",
- "required": true
- },
- {
- "displayName": "Custom http Route Hostname",
- "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
- "name": "HOSTNAME_HTTP",
- "value": "",
- "required": false
- },
- {
- "displayName": "Custom https Route Hostname",
- "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
- "name": "HOSTNAME_HTTPS",
- "value": "",
- "required": false
- },
- {
- "displayName": "Database JNDI Name",
- "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
- "name": "DB_JNDI",
- "value": "java:jboss/datasources/KeycloakDS",
- "required": false
- },
- {
- "displayName": "Database Name",
- "description": "Database name",
- "name": "DB_DATABASE",
- "value": "root",
- "required": true
- },
- {
- "displayName": "Service Account Name",
- "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
- "name": "SERVICE_ACCOUNT_NAME",
- "value": "sso-service-account",
- "required": true
- },
- {
- "displayName": "Server Keystore Secret Name",
- "description": "The name of the secret containing the keystore file",
- "name": "HTTPS_SECRET",
- "value": "sso-app-secret",
- "required": false
- },
- {
- "displayName": "Server Keystore Filename",
- "description": "The name of the keystore file within the secret",
- "name": "HTTPS_KEYSTORE",
- "value": "keystore.jks",
- "required": false
- },
- {
- "displayName": "Server Keystore Type",
- "description": "The type of the keystore file (JKS or JCEKS)",
- "name": "HTTPS_KEYSTORE_TYPE",
- "value": "",
- "required": false
- },
- {
- "displayName": "Server Certificate Name",
- "description": "The name associated with the server certificate (e.g. jboss)",
- "name": "HTTPS_NAME",
- "value": "",
- "required": false
- },
- {
- "displayName": "Server Keystore Password",
- "description": "The password for the keystore and certificate (e.g. mykeystorepass)",
- "name": "HTTPS_PASSWORD",
- "value": "",
- "required": false
- },
- {
- "displayName": "Datasource Minimum Pool Size",
- "description": "Sets xa-pool/min-pool-size for the configured datasource.",
- "name": "DB_MIN_POOL_SIZE",
- "required": false
- },
- {
- "displayName": "Datasource Maximum Pool Size",
- "description": "Sets xa-pool/max-pool-size for the configured datasource.",
- "name": "DB_MAX_POOL_SIZE",
- "required": false
- },
- {
- "displayName": "Datasource Transaction Isolation",
- "description": "Sets transaction-isolation for the configured datasource.",
- "name": "DB_TX_ISOLATION",
- "required": false
- },
- {
- "displayName": "PostgreSQL Maximum number of connections",
- "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
- "name": "POSTGRESQL_MAX_CONNECTIONS",
- "required": false
- },
- {
- "displayName": "PostgreSQL Shared Buffers",
- "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
- "name": "POSTGRESQL_SHARED_BUFFERS",
- "required": false
- },
- {
- "displayName": "Database Username",
- "description": "Database user name",
- "name": "DB_USERNAME",
- "from": "user[a-zA-Z0-9]{3}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Database Password",
- "description": "Database user password",
- "name": "DB_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Database Volume Capacity",
- "description": "Size of persistent storage for database volume.",
- "name": "VOLUME_CAPACITY",
- "value": "512Mi",
- "required": true
- },
- {
- "displayName": "JGroups Secret Name",
- "description": "The name of the secret containing the keystore file",
- "name": "JGROUPS_ENCRYPT_SECRET",
- "value": "sso-app-secret",
- "required": false
- },
- {
- "displayName": "JGroups Keystore Filename",
- "description": "The name of the keystore file within the secret",
- "name": "JGROUPS_ENCRYPT_KEYSTORE",
- "value": "jgroups.jceks",
- "required": false
- },
- {
- "displayName": "JGroups Certificate Name",
- "description": "The name associated with the server certificate (e.g. secret-key)",
- "name": "JGROUPS_ENCRYPT_NAME",
- "value": "",
- "required": false
- },
- {
- "displayName": "JGroups Keystore Password",
- "description": "The password for the keystore and certificate (e.g. password)",
- "name": "JGROUPS_ENCRYPT_PASSWORD",
- "value": "",
- "required": false
- },
- {
- "displayName": "JGroups Cluster Password",
- "description": "JGroups cluster password",
- "name": "JGROUPS_CLUSTER_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "ImageStream Namespace",
- "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
- "name": "IMAGE_STREAM_NAMESPACE",
- "value": "openshift",
- "required": true
- },
- {
- "displayName": "SSO Admin Username",
- "description": "SSO Server admin username",
- "name": "SSO_ADMIN_USERNAME",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "SSO Admin Password",
- "description": "SSO Server admin password",
- "name": "SSO_ADMIN_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "SSO Realm",
- "description": "Realm to be created in the SSO server (e.g. demo).",
- "name": "SSO_REALM",
- "value": "",
- "required": false
- },
- {
- "displayName": "SSO Service Username",
- "description": "The username used to access the SSO service. This is used by clients to create the appliction client(s) within the specified SSO realm.",
- "name": "SSO_SERVICE_USERNAME",
- "value": "",
- "required": false
- },
- {
- "displayName": "SSO Service Password",
- "description": "The password for the SSO service user.",
- "name": "SSO_SERVICE_PASSWORD",
- "value": "",
- "required": false
- },
- {
- "displayName": "SSO Trust Store",
- "description": "The name of the truststore file within the secret (e.g. truststore.jks)",
- "name": "SSO_TRUSTSTORE",
- "value": "",
- "required": false
- },
- {
- "displayName": "SSO Trust Store Password",
- "description": "The password for the truststore and certificate (e.g. mykeystorepass)",
- "name": "SSO_TRUSTSTORE_PASSWORD",
- "value": "",
- "required": false
- },
- {
- "displayName": "SSO Trust Store Secret",
- "description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
- "name": "SSO_TRUSTSTORE_SECRET",
- "value": "sso-app-secret",
- "required": false
- },
- {
- "displayName": "PostgreSQL Image Stream Tag",
- "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
- "name": "POSTGRESQL_IMAGE_STREAM_TAG",
- "value": "9.5",
- "required": true
- }
- ],
- "objects": [
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 8080,
- "targetPort": 8080
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The web server's http port.",
- "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
- }
- }
- },
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 8443,
- "targetPort": 8443
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- }
- },
- "metadata": {
- "name": "secure-${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The web server's https port.",
- "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
- }
- }
- },
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 5432,
- "targetPort": 5432
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}-postgresql"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}-postgresql",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The database server's port."
- }
- }
- },
- {
- "kind": "Route",
- "apiVersion": "v1",
- "id": "${APPLICATION_NAME}-http",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "Route for application's http service."
- }
- },
- "spec": {
- "host": "${HOSTNAME_HTTP}",
- "to": {
- "name": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "kind": "Route",
- "apiVersion": "v1",
- "id": "${APPLICATION_NAME}-https",
- "metadata": {
- "name": "secure-${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "Route for application's https service."
- }
- },
- "spec": {
- "host": "${HOSTNAME_HTTPS}",
- "to": {
- "name": "secure-${APPLICATION_NAME}"
- },
- "tls": {
- "termination": "passthrough"
- }
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}"
- ],
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "redhat-sso70-openshift:1.4"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}",
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
- "terminationGracePeriodSeconds": 75,
- "containers": [
- {
- "name": "${APPLICATION_NAME}",
- "image": "${APPLICATION_NAME}",
- "imagePullPolicy": "Always",
- "volumeMounts": [
- {
- "name": "eap-keystore-volume",
- "mountPath": "/etc/eap-secret-volume",
- "readOnly": true
- },
- {
- "name": "eap-jgroups-keystore-volume",
- "mountPath": "/etc/jgroups-encrypt-secret-volume",
- "readOnly": true
- },
- {
- "name": "sso-truststore-volume",
- "mountPath": "/etc/sso-secret-volume",
- "readOnly": true
- }
- ],
- "lifecycle": {
- "preStop": {
- "exec": {
- "command": [
- "/opt/eap/bin/jboss-cli.sh",
- "-c",
- ":shutdown(timeout=60)"
- ]
- }
- }
- },
- "livenessProbe": {
- "exec": {
- "command": [
- "/bin/bash",
- "-c",
- "/opt/eap/bin/livenessProbe.sh"
- ]
- }
- },
- "readinessProbe": {
- "exec": {
- "command": [
- "/bin/bash",
- "-c",
- "/opt/eap/bin/readinessProbe.sh"
- ]
- }
- },
- "ports": [
- {
- "name": "jolokia",
- "containerPort": 8778,
- "protocol": "TCP"
- },
- {
- "name": "http",
- "containerPort": 8080,
- "protocol": "TCP"
- },
- {
- "name": "https",
- "containerPort": 8443,
- "protocol": "TCP"
- },
- {
- "name": "ping",
- "containerPort": 8888,
- "protocol": "TCP"
- }
- ],
- "env": [
- {
- "name": "DB_SERVICE_PREFIX_MAPPING",
- "value": "${APPLICATION_NAME}-postgresql=DB"
- },
- {
- "name": "DB_JNDI",
- "value": "${DB_JNDI}"
- },
- {
- "name": "DB_USERNAME",
- "value": "${DB_USERNAME}"
- },
- {
- "name": "DB_PASSWORD",
- "value": "${DB_PASSWORD}"
- },
- {
- "name": "DB_DATABASE",
- "value": "${DB_DATABASE}"
- },
- {
- "name": "TX_DATABASE_PREFIX_MAPPING",
- "value": "${APPLICATION_NAME}-postgresql=DB"
- },
- {
- "name": "DB_MIN_POOL_SIZE",
- "value": "${DB_MIN_POOL_SIZE}"
- },
- {
- "name": "DB_MAX_POOL_SIZE",
- "value": "${DB_MAX_POOL_SIZE}"
- },
- {
- "name": "DB_TX_ISOLATION",
- "value": "${DB_TX_ISOLATION}"
- },
- {
- "name": "OPENSHIFT_KUBE_PING_LABELS",
- "value": "application=${APPLICATION_NAME}"
- },
- {
- "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
- "valueFrom": {
- "fieldRef": {
- "fieldPath": "metadata.namespace"
- }
- }
- },
- {
- "name": "HTTPS_KEYSTORE_DIR",
- "value": "/etc/eap-secret-volume"
- },
- {
- "name": "HTTPS_KEYSTORE",
- "value": "${HTTPS_KEYSTORE}"
- },
- {
- "name": "HTTPS_KEYSTORE_TYPE",
- "value": "${HTTPS_KEYSTORE_TYPE}"
- },
- {
- "name": "HTTPS_NAME",
- "value": "${HTTPS_NAME}"
- },
- {
- "name": "HTTPS_PASSWORD",
- "value": "${HTTPS_PASSWORD}"
- },
- {
- "name": "JGROUPS_ENCRYPT_SECRET",
- "value": "${JGROUPS_ENCRYPT_SECRET}"
- },
- {
- "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
- "value": "/etc/jgroups-encrypt-secret-volume"
- },
- {
- "name": "JGROUPS_ENCRYPT_KEYSTORE",
- "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
- },
- {
- "name": "JGROUPS_ENCRYPT_NAME",
- "value": "${JGROUPS_ENCRYPT_NAME}"
- },
- {
- "name": "JGROUPS_ENCRYPT_PASSWORD",
- "value": "${JGROUPS_ENCRYPT_PASSWORD}"
- },
- {
- "name": "JGROUPS_CLUSTER_PASSWORD",
- "value": "${JGROUPS_CLUSTER_PASSWORD}"
- },
- {
- "name": "SSO_ADMIN_USERNAME",
- "value": "${SSO_ADMIN_USERNAME}"
- },
- {
- "name": "SSO_ADMIN_PASSWORD",
- "value": "${SSO_ADMIN_PASSWORD}"
- },
- {
- "name": "SSO_REALM",
- "value": "${SSO_REALM}"
- },
- {
- "name": "SSO_SERVICE_USERNAME",
- "value": "${SSO_SERVICE_USERNAME}"
- },
- {
- "name": "SSO_SERVICE_PASSWORD",
- "value": "${SSO_SERVICE_PASSWORD}"
- },
- {
- "name": "SSO_TRUSTSTORE",
- "value": "${SSO_TRUSTSTORE}"
- },
- {
- "name": "SSO_TRUSTSTORE_DIR",
- "value": "/etc/sso-secret-volume"
- },
- {
- "name": "SSO_TRUSTSTORE_PASSWORD",
- "value": "${SSO_TRUSTSTORE_PASSWORD}"
- }
- ]
- }
- ],
- "volumes": [
- {
- "name": "eap-keystore-volume",
- "secret": {
- "secretName": "${HTTPS_SECRET}"
- }
- },
- {
- "name": "eap-jgroups-keystore-volume",
- "secret": {
- "secretName": "${JGROUPS_ENCRYPT_SECRET}"
- }
- },
- {
- "name": "sso-truststore-volume",
- "secret": {
- "secretName": "${SSO_TRUSTSTORE_SECRET}"
- }
- }
- ]
- }
- }
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}-postgresql",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}-postgresql"
- ],
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}-postgresql"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}-postgresql",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}-postgresql",
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "terminationGracePeriodSeconds": 60,
- "containers": [
- {
- "name": "${APPLICATION_NAME}-postgresql",
- "image": "postgresql",
- "imagePullPolicy": "Always",
- "ports": [
- {
- "containerPort": 5432,
- "protocol": "TCP"
- }
- ],
- "volumeMounts": [
- {
- "mountPath": "/var/lib/pgsql/data",
- "name": "${APPLICATION_NAME}-postgresql-pvol"
- }
- ],
- "env": [
- {
- "name": "POSTGRESQL_USER",
- "value": "${DB_USERNAME}"
- },
- {
- "name": "POSTGRESQL_PASSWORD",
- "value": "${DB_PASSWORD}"
- },
- {
- "name": "POSTGRESQL_DATABASE",
- "value": "${DB_DATABASE}"
- },
- {
- "name": "POSTGRESQL_MAX_CONNECTIONS",
- "value": "${POSTGRESQL_MAX_CONNECTIONS}"
- },
- {
- "name": "POSTGRESQL_MAX_PREPARED_TRANSACTIONS",
- "value": "${POSTGRESQL_MAX_CONNECTIONS}"
- },
- {
- "name": "POSTGRESQL_SHARED_BUFFERS",
- "value": "${POSTGRESQL_SHARED_BUFFERS}"
- }
- ]
- }
- ],
- "volumes": [
- {
- "name": "${APPLICATION_NAME}-postgresql-pvol",
- "persistentVolumeClaim": {
- "claimName": "${APPLICATION_NAME}-postgresql-claim"
- }
- }
- ]
- }
- }
- }
- },
- {
- "apiVersion": "v1",
- "kind": "PersistentVolumeClaim",
- "metadata": {
- "name": "${APPLICATION_NAME}-postgresql-claim",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "accessModes": [
- "ReadWriteOnce"
- ],
- "resources": {
- "requests": {
- "storage": "${VOLUME_CAPACITY}"
- }
- }
- }
- }
- ]
-}
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/sso70-postgresql.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/sso70-postgresql.json
deleted file mode 100644
index aa8ebaa8e..000000000
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/sso70-postgresql.json
+++ /dev/null
@@ -1,741 +0,0 @@
-{
- "kind": "Template",
- "apiVersion": "v1",
- "metadata": {
- "annotations": {
- "description": "Application template for SSO 7.0 PostgreSQL applications",
- "iconClass" : "icon-jboss",
- "tags" : "sso,keycloak,jboss,xpaas",
- "version": "1.4.0",
- "openshift.io/display-name": "Red Hat Single Sign-On 7.0 + PostgreSQL (Ephemeral)"
- },
- "name": "sso70-postgresql"
- },
- "labels": {
- "template": "sso70-postgresql",
- "xpaas": "1.4.0"
- },
- "message": "A new SSO service (using PostgreSQL) has been created in your project. The admin username/password for accessing the master realm via the SSO console is ${SSO_ADMIN_USERNAME}/${SSO_ADMIN_PASSWORD}. The username/password for accessing the PostgreSQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications; \"${SSO_TRUSTSTORE_SECRET}\" containing the ${SSO_TRUSTSTORE} file used for securing SSO requests.",
- "parameters": [
- {
- "displayName": "Application Name",
- "description": "The name for the application.",
- "name": "APPLICATION_NAME",
- "value": "sso",
- "required": true
- },
- {
- "displayName": "Custom http Route Hostname",
- "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
- "name": "HOSTNAME_HTTP",
- "value": "",
- "required": false
- },
- {
- "displayName": "Custom https Route Hostname",
- "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
- "name": "HOSTNAME_HTTPS",
- "value": "",
- "required": false
- },
- {
- "displayName": "Database JNDI Name",
- "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
- "name": "DB_JNDI",
- "value": "java:jboss/datasources/KeycloakDS",
- "required": false
- },
- {
- "displayName": "Database Name",
- "description": "Database name",
- "name": "DB_DATABASE",
- "value": "root",
- "required": true
- },
- {
- "displayName": "Service Account Name",
- "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
- "name": "SERVICE_ACCOUNT_NAME",
- "value": "sso-service-account",
- "required": true
- },
- {
- "displayName": "Server Keystore Secret Name",
- "description": "The name of the secret containing the keystore file",
- "name": "HTTPS_SECRET",
- "value": "sso-app-secret",
- "required": false
- },
- {
- "displayName": "Server Keystore Filename",
- "description": "The name of the keystore file within the secret",
- "name": "HTTPS_KEYSTORE",
- "value": "keystore.jks",
- "required": false
- },
- {
- "displayName": "Server Keystore Type",
- "description": "The type of the keystore file (JKS or JCEKS)",
- "name": "HTTPS_KEYSTORE_TYPE",
- "value": "",
- "required": false
- },
- {
- "displayName": "Server Certificate Name",
- "description": "The name associated with the server certificate (e.g. jboss)",
- "name": "HTTPS_NAME",
- "value": "",
- "required": false
- },
- {
- "displayName": "Server Keystore Password",
- "description": "The password for the keystore and certificate (e.g. mykeystorepass)",
- "name": "HTTPS_PASSWORD",
- "value": "",
- "required": false
- },
- {
- "displayName": "Datasource Minimum Pool Size",
- "description": "Sets xa-pool/min-pool-size for the configured datasource.",
- "name": "DB_MIN_POOL_SIZE",
- "required": false
- },
- {
- "displayName": "Datasource Maximum Pool Size",
- "description": "Sets xa-pool/max-pool-size for the configured datasource.",
- "name": "DB_MAX_POOL_SIZE",
- "required": false
- },
- {
- "displayName": "Datasource Transaction Isolation",
- "description": "Sets transaction-isolation for the configured datasource.",
- "name": "DB_TX_ISOLATION",
- "required": false
- },
- {
- "displayName": "PostgreSQL Maximum number of connections",
- "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
- "name": "POSTGRESQL_MAX_CONNECTIONS",
- "required": false
- },
- {
- "displayName": "PostgreSQL Shared Buffers",
- "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
- "name": "POSTGRESQL_SHARED_BUFFERS",
- "required": false
- },
- {
- "displayName": "Database Username",
- "description": "Database user name",
- "name": "DB_USERNAME",
- "from": "user[a-zA-Z0-9]{3}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "Database Password",
- "description": "Database user password",
- "name": "DB_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "JGroups Secret Name",
- "description": "The name of the secret containing the keystore file",
- "name": "JGROUPS_ENCRYPT_SECRET",
- "value": "sso-app-secret",
- "required": false
- },
- {
- "displayName": "JGroups Keystore Filename",
- "description": "The name of the keystore file within the secret",
- "name": "JGROUPS_ENCRYPT_KEYSTORE",
- "value": "jgroups.jceks",
- "required": false
- },
- {
- "displayName": "JGroups Certificate Name",
- "description": "The name associated with the server certificate (e.g. secret-key)",
- "name": "JGROUPS_ENCRYPT_NAME",
- "value": "",
- "required": false
- },
- {
- "displayName": "JGroups Keystore Password",
- "description": "The password for the keystore and certificate (e.g. password)",
- "name": "JGROUPS_ENCRYPT_PASSWORD",
- "value": "",
- "required": false
- },
- {
- "displayName": "JGroups Cluster Password",
- "description": "JGroups cluster password",
- "name": "JGROUPS_CLUSTER_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "ImageStream Namespace",
- "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
- "name": "IMAGE_STREAM_NAMESPACE",
- "value": "openshift",
- "required": true
- },
- {
- "displayName": "SSO Admin Username",
- "description": "SSO Server admin username",
- "name": "SSO_ADMIN_USERNAME",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "SSO Admin Password",
- "description": "SSO Server admin password",
- "name": "SSO_ADMIN_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "displayName": "SSO Realm",
- "description": "Realm to be created in the SSO server (e.g. demo).",
- "name": "SSO_REALM",
- "value": "",
- "required": false
- },
- {
- "displayName": "SSO Service Username",
- "description": "The username used to access the SSO service. This is used by clients to create the appliction client(s) within the specified SSO realm.",
- "name": "SSO_SERVICE_USERNAME",
- "value": "",
- "required": false
- },
- {
- "displayName": "SSO Service Password",
- "description": "The password for the SSO service user.",
- "name": "SSO_SERVICE_PASSWORD",
- "value": "",
- "required": false
- },
- {
- "displayName": "SSO Trust Store",
- "description": "The name of the truststore file within the secret (e.g. truststore.jks)",
- "name": "SSO_TRUSTSTORE",
- "value": "",
- "required": false
- },
- {
- "displayName": "SSO Trust Store Password",
- "description": "The password for the truststore and certificate (e.g. mykeystorepass)",
- "name": "SSO_TRUSTSTORE_PASSWORD",
- "value": "",
- "required": false
- },
- {
- "displayName": "SSO Trust Store Secret",
- "description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
- "name": "SSO_TRUSTSTORE_SECRET",
- "value": "sso-app-secret",
- "required": false
- },
- {
- "displayName": "PostgreSQL Image Stream Tag",
- "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
- "name": "POSTGRESQL_IMAGE_STREAM_TAG",
- "value": "9.5",
- "required": true
- }
- ],
- "objects": [
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 8080,
- "targetPort": 8080
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}",
- "component": "server"
- },
- "annotations": {
- "description": "The web server's http port.",
- "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
- }
- }
- },
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 8443,
- "targetPort": 8443
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- }
- },
- "metadata": {
- "name": "secure-${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}",
- "component": "server"
- },
- "annotations": {
- "description": "The web server's https port.",
- "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
- }
- }
- },
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 5432,
- "targetPort": 5432
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}-postgresql"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}-postgresql",
- "labels": {
- "application": "${APPLICATION_NAME}",
- "component": "database"
- },
- "annotations": {
- "description": "The database server's port."
- }
- }
- },
- {
- "kind": "Route",
- "apiVersion": "v1",
- "id": "${APPLICATION_NAME}-http",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}",
- "component": "server"
- },
- "annotations": {
- "description": "Route for application's http service."
- }
- },
- "spec": {
- "host": "${HOSTNAME_HTTP}",
- "to": {
- "name": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "kind": "Route",
- "apiVersion": "v1",
- "id": "${APPLICATION_NAME}-https",
- "metadata": {
- "name": "secure-${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}",
- "component": "server"
- },
- "annotations": {
- "description": "Route for application's https service."
- }
- },
- "spec": {
- "host": "${HOSTNAME_HTTPS}",
- "to": {
- "name": "secure-${APPLICATION_NAME}"
- },
- "tls": {
- "termination": "passthrough"
- }
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}",
- "component": "server"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}"
- ],
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "redhat-sso70-openshift:1.4"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}",
- "application": "${APPLICATION_NAME}",
- "component": "server"
- }
- },
- "spec": {
- "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
- "terminationGracePeriodSeconds": 75,
- "containers": [
- {
- "name": "${APPLICATION_NAME}",
- "image": "${APPLICATION_NAME}",
- "imagePullPolicy": "Always",
- "volumeMounts": [
- {
- "name": "eap-keystore-volume",
- "mountPath": "/etc/eap-secret-volume",
- "readOnly": true
- },
- {
- "name": "eap-jgroups-keystore-volume",
- "mountPath": "/etc/jgroups-encrypt-secret-volume",
- "readOnly": true
- },
- {
- "name": "sso-truststore-volume",
- "mountPath": "/etc/sso-secret-volume",
- "readOnly": true
- }
- ],
- "lifecycle": {
- "preStop": {
- "exec": {
- "command": [
- "/opt/eap/bin/jboss-cli.sh",
- "-c",
- ":shutdown(timeout=60)"
- ]
- }
- }
- },
- "livenessProbe": {
- "exec": {
- "command": [
- "/bin/bash",
- "-c",
- "/opt/eap/bin/livenessProbe.sh"
- ]
- }
- },
- "readinessProbe": {
- "exec": {
- "command": [
- "/bin/bash",
- "-c",
- "/opt/eap/bin/readinessProbe.sh"
- ]
- }
- },
- "ports": [
- {
- "name": "jolokia",
- "containerPort": 8778,
- "protocol": "TCP"
- },
- {
- "name": "http",
- "containerPort": 8080,
- "protocol": "TCP"
- },
- {
- "name": "https",
- "containerPort": 8443,
- "protocol": "TCP"
- },
- {
- "name": "ping",
- "containerPort": 8888,
- "protocol": "TCP"
- }
- ],
- "env": [
- {
- "name": "DB_SERVICE_PREFIX_MAPPING",
- "value": "${APPLICATION_NAME}-postgresql=DB"
- },
- {
- "name": "DB_JNDI",
- "value": "${DB_JNDI}"
- },
- {
- "name": "DB_USERNAME",
- "value": "${DB_USERNAME}"
- },
- {
- "name": "DB_PASSWORD",
- "value": "${DB_PASSWORD}"
- },
- {
- "name": "DB_DATABASE",
- "value": "${DB_DATABASE}"
- },
- {
- "name": "TX_DATABASE_PREFIX_MAPPING",
- "value": "${APPLICATION_NAME}-postgresql=DB"
- },
- {
- "name": "DB_MIN_POOL_SIZE",
- "value": "${DB_MIN_POOL_SIZE}"
- },
- {
- "name": "DB_MAX_POOL_SIZE",
- "value": "${DB_MAX_POOL_SIZE}"
- },
- {
- "name": "DB_TX_ISOLATION",
- "value": "${DB_TX_ISOLATION}"
- },
- {
- "name": "OPENSHIFT_KUBE_PING_LABELS",
- "value": "application=${APPLICATION_NAME}"
- },
- {
- "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
- "valueFrom": {
- "fieldRef": {
- "fieldPath": "metadata.namespace"
- }
- }
- },
- {
- "name": "HTTPS_KEYSTORE_DIR",
- "value": "/etc/eap-secret-volume"
- },
- {
- "name": "HTTPS_KEYSTORE",
- "value": "${HTTPS_KEYSTORE}"
- },
- {
- "name": "HTTPS_KEYSTORE_TYPE",
- "value": "${HTTPS_KEYSTORE_TYPE}"
- },
- {
- "name": "HTTPS_NAME",
- "value": "${HTTPS_NAME}"
- },
- {
- "name": "HTTPS_PASSWORD",
- "value": "${HTTPS_PASSWORD}"
- },
- {
- "name": "JGROUPS_ENCRYPT_SECRET",
- "value": "${JGROUPS_ENCRYPT_SECRET}"
- },
- {
- "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
- "value": "/etc/jgroups-encrypt-secret-volume"
- },
- {
- "name": "JGROUPS_ENCRYPT_KEYSTORE",
- "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
- },
- {
- "name": "JGROUPS_ENCRYPT_NAME",
- "value": "${JGROUPS_ENCRYPT_NAME}"
- },
- {
- "name": "JGROUPS_ENCRYPT_PASSWORD",
- "value": "${JGROUPS_ENCRYPT_PASSWORD}"
- },
- {
- "name": "JGROUPS_CLUSTER_PASSWORD",
- "value": "${JGROUPS_CLUSTER_PASSWORD}"
- },
- {
- "name": "SSO_ADMIN_USERNAME",
- "value": "${SSO_ADMIN_USERNAME}"
- },
- {
- "name": "SSO_ADMIN_PASSWORD",
- "value": "${SSO_ADMIN_PASSWORD}"
- },
- {
- "name": "SSO_REALM",
- "value": "${SSO_REALM}"
- },
- {
- "name": "SSO_SERVICE_USERNAME",
- "value": "${SSO_SERVICE_USERNAME}"
- },
- {
- "name": "SSO_SERVICE_PASSWORD",
- "value": "${SSO_SERVICE_PASSWORD}"
- },
- {
- "name": "SSO_TRUSTSTORE",
- "value": "${SSO_TRUSTSTORE}"
- },
- {
- "name": "SSO_TRUSTSTORE_DIR",
- "value": "/etc/sso-secret-volume"
- },
- {
- "name": "SSO_TRUSTSTORE_PASSWORD",
- "value": "${SSO_TRUSTSTORE_PASSWORD}"
- }
- ]
- }
- ],
- "volumes": [
- {
- "name": "eap-keystore-volume",
- "secret": {
- "secretName": "${HTTPS_SECRET}"
- }
- },
- {
- "name": "eap-jgroups-keystore-volume",
- "secret": {
- "secretName": "${JGROUPS_ENCRYPT_SECRET}"
- }
- },
- {
- "name": "sso-truststore-volume",
- "secret": {
- "secretName": "${SSO_TRUSTSTORE_SECRET}"
- }
- }
- ]
- }
- }
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}-postgresql",
- "labels": {
- "application": "${APPLICATION_NAME}",
- "component": "database"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}-postgresql"
- ],
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}-postgresql"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}-postgresql",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}-postgresql",
- "application": "${APPLICATION_NAME}",
- "component": "database"
- }
- },
- "spec": {
- "terminationGracePeriodSeconds": 60,
- "containers": [
- {
- "name": "${APPLICATION_NAME}-postgresql",
- "image": "postgresql",
- "imagePullPolicy": "Always",
- "ports": [
- {
- "containerPort": 5432,
- "protocol": "TCP"
- }
- ],
- "env": [
- {
- "name": "POSTGRESQL_USER",
- "value": "${DB_USERNAME}"
- },
- {
- "name": "POSTGRESQL_PASSWORD",
- "value": "${DB_PASSWORD}"
- },
- {
- "name": "POSTGRESQL_DATABASE",
- "value": "${DB_DATABASE}"
- },
- {
- "name": "POSTGRESQL_MAX_CONNECTIONS",
- "value": "${POSTGRESQL_MAX_CONNECTIONS}"
- },
- {
- "name": "POSTGRESQL_MAX_PREPARED_TRANSACTIONS",
- "value": "${POSTGRESQL_MAX_CONNECTIONS}"
- },
- {
- "name": "POSTGRESQL_SHARED_BUFFERS",
- "value": "${POSTGRESQL_SHARED_BUFFERS}"
- }
- ]
- }
- ]
- }
- }
- }
- }
- ]
-}
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/sso71-https.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/sso71-https.json
index bee86d7c4..26dd26624 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/sso71-https.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/sso71-https.json
@@ -3,17 +3,21 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "description": "Application template for SSO 7.1",
- "iconClass" : "icon-jboss",
- "tags" : "sso,keycloak,jboss,xpaas",
- "version": "1.0.0",
- "openshift.io/display-name": "Red Hat Single Sign-On 7.1"
+ "iconClass" : "icon-sso",
+ "tags" : "sso,keycloak,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "Single Sign-On 7.1",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example SSO 7 application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Single Sign-On 7.1 server based deployment.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-single-sign-on/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
},
"name": "sso71-https"
},
"labels": {
"template": "sso71-https",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
"message": "A new SSO service has been created in your project. The admin username/password for accessing the master realm via the SSO console is ${SSO_ADMIN_USERNAME}/${SSO_ADMIN_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications; \"${SSO_TRUSTSTORE_SECRET}\" containing the ${SSO_TRUSTSTORE} file used for securing SSO requests.",
"parameters": [
@@ -316,7 +320,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "redhat-sso71-openshift:1.1"
+ "name": "redhat-sso71-openshift:1.2"
}
}
},
@@ -379,7 +383,8 @@
"-c",
"/opt/eap/bin/livenessProbe.sh"
]
- }
+ },
+ "initialDelaySeconds": 10
},
"readinessProbe": {
"exec": {
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/sso71-mysql-persistent.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/sso71-mysql-persistent.json
index 49b37f348..7092bb65e 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/sso71-mysql-persistent.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/sso71-mysql-persistent.json
@@ -3,17 +3,21 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "description": "Application template for SSO 7.1 MySQL applications with persistent storage",
- "iconClass" : "icon-jboss",
- "tags" : "sso,keycloak,jboss,xpaas",
- "version": "1.0.0",
- "openshift.io/display-name": "Red Hat Single Sign-On 7.1 + MySQL (Persistent)"
+ "iconClass" : "icon-sso",
+ "tags" : "sso,keycloak,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "Single Sign-On 7.1 + MySQL",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example SSO 7 application with a MySQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Single Sign-On 7.1 server based deployment and deployment configuration for MySQL using persistence.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-single-sign-on/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
},
"name": "sso71-mysql-persistent"
},
"labels": {
"template": "sso71-mysql-persistent",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
"message": "A new persistent SSO service (using MySQL) has been created in your project. The admin username/password for accessing the master realm via the SSO console is ${SSO_ADMIN_USERNAME}/${SSO_ADMIN_PASSWORD}. The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications; \"${SSO_TRUSTSTORE_SECRET}\" containing the ${SSO_TRUSTSTORE} file used for securing SSO requests.",
"parameters": [
@@ -416,7 +420,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "redhat-sso71-openshift:1.1"
+ "name": "redhat-sso71-openshift:1.2"
}
}
},
@@ -479,7 +483,8 @@
"-c",
"/opt/eap/bin/livenessProbe.sh"
]
- }
+ },
+ "initialDelaySeconds": 10
},
"readinessProbe": {
"exec": {
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/sso71-mysql.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/sso71-mysql.json
index 634a75bab..d90f0a0cc 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/sso71-mysql.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/sso71-mysql.json
@@ -3,17 +3,21 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "description": "Application template for SSO 7.1 MySQL applications",
- "iconClass" : "icon-jboss",
- "tags" : "sso,keycloak,jboss,xpaas",
- "version": "1.0.0",
- "openshift.io/display-name": "Red Hat Single Sign-On 7.1 + MySQL (Ephemeral)"
+ "iconClass" : "icon-sso",
+ "tags" : "sso,keycloak,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "Single Sign-On 7.1 + MySQL (Ephemeral)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example SSO 7 application with a MySQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Single Sign-On 7.1 server based deployment and deployment configuration for MySQL using ephemeral (temporary) storage.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-single-sign-on/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
},
"name": "sso71-mysql"
},
"labels": {
"template": "sso71-mysql",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
"message": "A new SSO service (using MySQL) has been created in your project. The admin username/password for accessing the master realm via the SSO console is ${SSO_ADMIN_USERNAME}/${SSO_ADMIN_PASSWORD}. The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications; \"${SSO_TRUSTSTORE_SECRET}\" containing the ${SSO_TRUSTSTORE} file used for securing SSO requests.",
"parameters": [
@@ -415,7 +419,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "redhat-sso71-openshift:1.1"
+ "name": "redhat-sso71-openshift:1.2"
}
}
},
@@ -479,7 +483,8 @@
"-c",
"/opt/eap/bin/livenessProbe.sh"
]
- }
+ },
+ "initialDelaySeconds": 10
},
"readinessProbe": {
"exec": {
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/sso71-postgresql-persistent.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/sso71-postgresql-persistent.json
index c53bb9d5b..b1077db91 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/sso71-postgresql-persistent.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/sso71-postgresql-persistent.json
@@ -3,17 +3,21 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "description": "Application template for SSO 7.1 PostgreSQL applications with persistent storage",
- "iconClass" : "icon-jboss",
- "tags" : "sso,keycloak,jboss,xpaas",
- "version": "1.0.0",
- "openshift.io/display-name": "Red Hat Single Sign-On 7.1 + PostgreSQL (Persistent)"
+ "iconClass" : "icon-sso",
+ "tags" : "sso,keycloak,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "Single Sign-On 7.1 + PostgreSQL",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example SSO 7 application with a PostgreSQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Single Sign-On 7.1 server based deployment and deployment configuration for PostgreSQL using persistence.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-single-sign-on/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
},
"name": "sso71-postgresql-persistent"
},
"labels": {
"template": "sso71-postgresql-persistent",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
"message": "A new persistent SSO service (using PostgreSQL) has been created in your project. The admin username/password for accessing the master realm via the SSO console is ${SSO_ADMIN_USERNAME}/${SSO_ADMIN_PASSWORD}. The username/password for accessing the PostgreSQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications; \"${SSO_TRUSTSTORE_SECRET}\" containing the ${SSO_TRUSTSTORE} file used for securing SSO requests.",
"parameters": [
@@ -398,7 +402,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "redhat-sso71-openshift:1.1"
+ "name": "redhat-sso71-openshift:1.2"
}
}
},
@@ -461,7 +465,8 @@
"-c",
"/opt/eap/bin/livenessProbe.sh"
]
- }
+ },
+ "initialDelaySeconds": 10
},
"readinessProbe": {
"exec": {
diff --git a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/sso71-postgresql.json b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/sso71-postgresql.json
index c1fc41eda..0955d712a 100644
--- a/roles/openshift_examples/files/examples/v3.7/xpaas-templates/sso71-postgresql.json
+++ b/roles/openshift_examples/files/examples/v3.7/xpaas-templates/sso71-postgresql.json
@@ -3,17 +3,21 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "description": "Application template for SSO 7.1 PostgreSQL applications",
- "iconClass" : "icon-jboss",
- "tags" : "sso,keycloak,jboss,xpaas",
- "version": "1.0.0",
- "openshift.io/display-name": "Red Hat Single Sign-On 7.1 + PostgreSQL (Ephemeral)"
+ "iconClass" : "icon-sso",
+ "tags" : "sso,keycloak,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "Single Sign-On 7.1 + PostgreSQL (Ephemeral)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example SSO 7 application with a PostgreSQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Single Sign-On 7.1 server based deployment and deployment configuration for PostgreSQL using ephemeral (temporary) storage.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-single-sign-on/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
},
"name": "sso71-postgresql"
},
"labels": {
"template": "sso71-postgresql",
- "xpaas": "1.4.0"
+ "xpaas": "1.4.7"
},
"message": "A new SSO service (using PostgreSQL) has been created in your project. The admin username/password for accessing the master realm via the SSO console is ${SSO_ADMIN_USERNAME}/${SSO_ADMIN_PASSWORD}. The username/password for accessing the PostgreSQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications; \"${SSO_TRUSTSTORE_SECRET}\" containing the ${SSO_TRUSTSTORE} file used for securing SSO requests.",
"parameters": [
@@ -397,7 +401,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "redhat-sso71-openshift:1.1"
+ "name": "redhat-sso71-openshift:1.2"
}
}
},
@@ -461,7 +465,8 @@
"-c",
"/opt/eap/bin/livenessProbe.sh"
]
- }
+ },
+ "initialDelaySeconds": 10
},
"readinessProbe": {
"exec": {
diff --git a/roles/openshift_examples/files/examples/v3.8/cfme-templates/cfme-pv-db-example.yaml b/roles/openshift_examples/files/examples/v3.8/cfme-templates/cfme-pv-db-example.yaml
new file mode 100644
index 000000000..250a99b8d
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/cfme-templates/cfme-pv-db-example.yaml
@@ -0,0 +1,13 @@
+apiVersion: v1
+kind: PersistentVolume
+metadata:
+ name: cfme-pv01
+spec:
+ capacity:
+ storage: 15Gi
+ accessModes:
+ - ReadWriteOnce
+ nfs:
+ path: /exports/cfme-pv01
+ server: <your-nfs-host-here>
+ persistentVolumeReclaimPolicy: Retain
diff --git a/roles/openshift_examples/files/examples/v3.8/cfme-templates/cfme-pv-region-example.yaml b/roles/openshift_examples/files/examples/v3.8/cfme-templates/cfme-pv-region-example.yaml
new file mode 100644
index 000000000..cba9bbe35
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/cfme-templates/cfme-pv-region-example.yaml
@@ -0,0 +1,13 @@
+apiVersion: v1
+kind: PersistentVolume
+metadata:
+ name: cfme-pv02
+spec:
+ capacity:
+ storage: 5Gi
+ accessModes:
+ - ReadWriteOnce
+ nfs:
+ path: /exports/cfme-pv02
+ server: <your-nfs-host-here>
+ persistentVolumeReclaimPolicy: Retain
diff --git a/roles/openshift_examples/files/examples/v3.8/cfme-templates/cfme-pv-server-example.yaml b/roles/openshift_examples/files/examples/v3.8/cfme-templates/cfme-pv-server-example.yaml
new file mode 100644
index 000000000..c08c21265
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/cfme-templates/cfme-pv-server-example.yaml
@@ -0,0 +1,13 @@
+apiVersion: v1
+kind: PersistentVolume
+metadata:
+ name: cfme-pv03
+spec:
+ capacity:
+ storage: 5Gi
+ accessModes:
+ - ReadWriteOnce
+ nfs:
+ path: /exports/cfme-pv03
+ server: <your-nfs-host-here>
+ persistentVolumeReclaimPolicy: Retain
diff --git a/roles/openshift_examples/files/examples/v3.8/cfme-templates/cfme-template.yaml b/roles/openshift_examples/files/examples/v3.8/cfme-templates/cfme-template.yaml
new file mode 100644
index 000000000..3bc6c5813
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/cfme-templates/cfme-template.yaml
@@ -0,0 +1,545 @@
+apiVersion: v1
+kind: Template
+labels:
+ template: cloudforms
+metadata:
+ name: cloudforms
+ annotations:
+ description: "CloudForms appliance with persistent storage"
+ tags: "instant-app,cloudforms,cfme"
+ iconClass: "icon-rails"
+objects:
+- apiVersion: v1
+ kind: Service
+ metadata:
+ annotations:
+ description: "Exposes and load balances CloudForms pods"
+ service.alpha.openshift.io/dependencies: '[{"name":"${DATABASE_SERVICE_NAME}","namespace":"","kind":"Service"},{"name":"${MEMCACHED_SERVICE_NAME}","namespace":"","kind":"Service"}]'
+ name: ${NAME}
+ spec:
+ clusterIP: None
+ ports:
+ - name: http
+ port: 80
+ protocol: TCP
+ targetPort: 80
+ - name: https
+ port: 443
+ protocol: TCP
+ targetPort: 443
+ selector:
+ name: ${NAME}
+- apiVersion: v1
+ kind: Route
+ metadata:
+ name: ${NAME}
+ spec:
+ host: ${APPLICATION_DOMAIN}
+ port:
+ targetPort: https
+ tls:
+ termination: passthrough
+ to:
+ kind: Service
+ name: ${NAME}
+- apiVersion: v1
+ kind: ImageStream
+ metadata:
+ name: cfme-openshift-app
+ annotations:
+ description: "Keeps track of changes in the CloudForms app image"
+ spec:
+ dockerImageRepository: "${APPLICATION_IMG_NAME}"
+- apiVersion: v1
+ kind: ImageStream
+ metadata:
+ name: cfme-openshift-postgresql
+ annotations:
+ description: "Keeps track of changes in the CloudForms postgresql image"
+ spec:
+ dockerImageRepository: "${POSTGRESQL_IMG_NAME}"
+- apiVersion: v1
+ kind: ImageStream
+ metadata:
+ name: cfme-openshift-memcached
+ annotations:
+ description: "Keeps track of changes in the CloudForms memcached image"
+ spec:
+ dockerImageRepository: "${MEMCACHED_IMG_NAME}"
+- apiVersion: v1
+ kind: PersistentVolumeClaim
+ metadata:
+ name: "${NAME}-${DATABASE_SERVICE_NAME}"
+ spec:
+ accessModes:
+ - ReadWriteOnce
+ resources:
+ requests:
+ storage: ${DATABASE_VOLUME_CAPACITY}
+- apiVersion: v1
+ kind: PersistentVolumeClaim
+ metadata:
+ name: "${NAME}-region"
+ spec:
+ accessModes:
+ - ReadWriteOnce
+ resources:
+ requests:
+ storage: ${APPLICATION_REGION_VOLUME_CAPACITY}
+- apiVersion: apps/v1beta1
+ kind: "StatefulSet"
+ metadata:
+ name: ${NAME}
+ annotations:
+ description: "Defines how to deploy the CloudForms appliance"
+ spec:
+ serviceName: "${NAME}"
+ replicas: 1
+ template:
+ metadata:
+ labels:
+ name: ${NAME}
+ name: ${NAME}
+ spec:
+ containers:
+ - name: cloudforms
+ image: "${APPLICATION_IMG_NAME}:${APPLICATION_IMG_TAG}"
+ livenessProbe:
+ tcpSocket:
+ port: 443
+ initialDelaySeconds: 480
+ timeoutSeconds: 3
+ readinessProbe:
+ httpGet:
+ path: /
+ port: 443
+ scheme: HTTPS
+ initialDelaySeconds: 200
+ timeoutSeconds: 3
+ ports:
+ - containerPort: 80
+ protocol: TCP
+ - containerPort: 443
+ protocol: TCP
+ securityContext:
+ privileged: true
+ volumeMounts:
+ -
+ name: "${NAME}-server"
+ mountPath: "/persistent"
+ -
+ name: "${NAME}-region"
+ mountPath: "/persistent-region"
+ env:
+ -
+ name: "APPLICATION_INIT_DELAY"
+ value: "${APPLICATION_INIT_DELAY}"
+ -
+ name: "DATABASE_SERVICE_NAME"
+ value: "${DATABASE_SERVICE_NAME}"
+ -
+ name: "DATABASE_REGION"
+ value: "${DATABASE_REGION}"
+ -
+ name: "MEMCACHED_SERVICE_NAME"
+ value: "${MEMCACHED_SERVICE_NAME}"
+ -
+ name: "POSTGRESQL_USER"
+ value: "${DATABASE_USER}"
+ -
+ name: "POSTGRESQL_PASSWORD"
+ value: "${DATABASE_PASSWORD}"
+ -
+ name: "POSTGRESQL_DATABASE"
+ value: "${DATABASE_NAME}"
+ -
+ name: "POSTGRESQL_MAX_CONNECTIONS"
+ value: "${POSTGRESQL_MAX_CONNECTIONS}"
+ -
+ name: "POSTGRESQL_SHARED_BUFFERS"
+ value: "${POSTGRESQL_SHARED_BUFFERS}"
+ resources:
+ requests:
+ memory: "${APPLICATION_MEM_REQ}"
+ cpu: "${APPLICATION_CPU_REQ}"
+ limits:
+ memory: "${APPLICATION_MEM_LIMIT}"
+ lifecycle:
+ preStop:
+ exec:
+ command:
+ - /opt/rh/cfme-container-scripts/sync-pv-data
+ volumes:
+ -
+ name: "${NAME}-region"
+ persistentVolumeClaim:
+ claimName: ${NAME}-region
+ volumeClaimTemplates:
+ - metadata:
+ name: "${NAME}-server"
+ annotations:
+ # Uncomment this if using dynamic volume provisioning.
+ # https://docs.openshift.org/latest/install_config/persistent_storage/dynamically_provisioning_pvs.html
+ # volume.alpha.kubernetes.io/storage-class: anything
+ spec:
+ accessModes: [ ReadWriteOnce ]
+ resources:
+ requests:
+ storage: "${APPLICATION_VOLUME_CAPACITY}"
+- apiVersion: v1
+ kind: "Service"
+ metadata:
+ name: "${MEMCACHED_SERVICE_NAME}"
+ annotations:
+ description: "Exposes the memcached server"
+ spec:
+ ports:
+ -
+ name: "memcached"
+ port: 11211
+ targetPort: 11211
+ selector:
+ name: "${MEMCACHED_SERVICE_NAME}"
+- apiVersion: v1
+ kind: "DeploymentConfig"
+ metadata:
+ name: "${MEMCACHED_SERVICE_NAME}"
+ annotations:
+ description: "Defines how to deploy memcached"
+ spec:
+ strategy:
+ type: "Recreate"
+ triggers:
+ -
+ type: "ImageChange"
+ imageChangeParams:
+ automatic: true
+ containerNames:
+ - "memcached"
+ from:
+ kind: "ImageStreamTag"
+ name: "cfme-openshift-memcached:${MEMCACHED_IMG_TAG}"
+ -
+ type: "ConfigChange"
+ replicas: 1
+ selector:
+ name: "${MEMCACHED_SERVICE_NAME}"
+ template:
+ metadata:
+ name: "${MEMCACHED_SERVICE_NAME}"
+ labels:
+ name: "${MEMCACHED_SERVICE_NAME}"
+ spec:
+ volumes: []
+ containers:
+ -
+ name: "memcached"
+ image: "${MEMCACHED_IMG_NAME}:${MEMCACHED_IMG_TAG}"
+ ports:
+ -
+ containerPort: 11211
+ readinessProbe:
+ timeoutSeconds: 1
+ initialDelaySeconds: 5
+ tcpSocket:
+ port: 11211
+ livenessProbe:
+ timeoutSeconds: 1
+ initialDelaySeconds: 30
+ tcpSocket:
+ port: 11211
+ volumeMounts: []
+ env:
+ -
+ name: "MEMCACHED_MAX_MEMORY"
+ value: "${MEMCACHED_MAX_MEMORY}"
+ -
+ name: "MEMCACHED_MAX_CONNECTIONS"
+ value: "${MEMCACHED_MAX_CONNECTIONS}"
+ -
+ name: "MEMCACHED_SLAB_PAGE_SIZE"
+ value: "${MEMCACHED_SLAB_PAGE_SIZE}"
+ resources:
+ requests:
+ memory: "${MEMCACHED_MEM_REQ}"
+ cpu: "${MEMCACHED_CPU_REQ}"
+ limits:
+ memory: "${MEMCACHED_MEM_LIMIT}"
+- apiVersion: v1
+ kind: "Service"
+ metadata:
+ name: "${DATABASE_SERVICE_NAME}"
+ annotations:
+ description: "Exposes the database server"
+ spec:
+ ports:
+ -
+ name: "postgresql"
+ port: 5432
+ targetPort: 5432
+ selector:
+ name: "${DATABASE_SERVICE_NAME}"
+- apiVersion: v1
+ kind: "DeploymentConfig"
+ metadata:
+ name: "${DATABASE_SERVICE_NAME}"
+ annotations:
+ description: "Defines how to deploy the database"
+ spec:
+ strategy:
+ type: "Recreate"
+ triggers:
+ -
+ type: "ImageChange"
+ imageChangeParams:
+ automatic: true
+ containerNames:
+ - "postgresql"
+ from:
+ kind: "ImageStreamTag"
+ name: "cfme-openshift-postgresql:${POSTGRESQL_IMG_TAG}"
+ -
+ type: "ConfigChange"
+ replicas: 1
+ selector:
+ name: "${DATABASE_SERVICE_NAME}"
+ template:
+ metadata:
+ name: "${DATABASE_SERVICE_NAME}"
+ labels:
+ name: "${DATABASE_SERVICE_NAME}"
+ spec:
+ volumes:
+ -
+ name: "cfme-pgdb-volume"
+ persistentVolumeClaim:
+ claimName: "${NAME}-${DATABASE_SERVICE_NAME}"
+ containers:
+ -
+ name: "postgresql"
+ image: "${POSTGRESQL_IMG_NAME}:${POSTGRESQL_IMG_TAG}"
+ ports:
+ -
+ containerPort: 5432
+ readinessProbe:
+ timeoutSeconds: 1
+ initialDelaySeconds: 15
+ exec:
+ command:
+ - "/bin/sh"
+ - "-i"
+ - "-c"
+ - "psql -h 127.0.0.1 -U ${POSTGRESQL_USER} -q -d ${POSTGRESQL_DATABASE} -c 'SELECT 1'"
+ livenessProbe:
+ timeoutSeconds: 1
+ initialDelaySeconds: 60
+ tcpSocket:
+ port: 5432
+ volumeMounts:
+ -
+ name: "cfme-pgdb-volume"
+ mountPath: "/var/lib/pgsql/data"
+ env:
+ -
+ name: "POSTGRESQL_USER"
+ value: "${DATABASE_USER}"
+ -
+ name: "POSTGRESQL_PASSWORD"
+ value: "${DATABASE_PASSWORD}"
+ -
+ name: "POSTGRESQL_DATABASE"
+ value: "${DATABASE_NAME}"
+ -
+ name: "POSTGRESQL_MAX_CONNECTIONS"
+ value: "${POSTGRESQL_MAX_CONNECTIONS}"
+ -
+ name: "POSTGRESQL_SHARED_BUFFERS"
+ value: "${POSTGRESQL_SHARED_BUFFERS}"
+ resources:
+ requests:
+ memory: "${POSTGRESQL_MEM_REQ}"
+ cpu: "${POSTGRESQL_CPU_REQ}"
+ limits:
+ memory: "${POSTGRESQL_MEM_LIMIT}"
+
+parameters:
+ -
+ name: "NAME"
+ displayName: Name
+ required: true
+ description: "The name assigned to all of the frontend objects defined in this template."
+ value: cloudforms
+ -
+ name: "DATABASE_SERVICE_NAME"
+ displayName: "PostgreSQL Service Name"
+ required: true
+ description: "The name of the OpenShift Service exposed for the PostgreSQL container."
+ value: "postgresql"
+ -
+ name: "DATABASE_USER"
+ displayName: "PostgreSQL User"
+ required: true
+ description: "PostgreSQL user that will access the database."
+ value: "root"
+ -
+ name: "DATABASE_PASSWORD"
+ displayName: "PostgreSQL Password"
+ required: true
+ description: "Password for the PostgreSQL user."
+ value: "smartvm"
+ -
+ name: "DATABASE_NAME"
+ required: true
+ displayName: "PostgreSQL Database Name"
+ description: "Name of the PostgreSQL database accessed."
+ value: "vmdb_production"
+ -
+ name: "DATABASE_REGION"
+ required: true
+ displayName: "Application Database Region"
+ description: "Database region that will be used for application."
+ value: "0"
+ -
+ name: "MEMCACHED_SERVICE_NAME"
+ required: true
+ displayName: "Memcached Service Name"
+ description: "The name of the OpenShift Service exposed for the Memcached container."
+ value: "memcached"
+ -
+ name: "MEMCACHED_MAX_MEMORY"
+ displayName: "Memcached Max Memory"
+ description: "Memcached maximum memory for memcached object storage in MB."
+ value: "64"
+ -
+ name: "MEMCACHED_MAX_CONNECTIONS"
+ displayName: "Memcached Max Connections"
+ description: "Memcached maximum number of connections allowed."
+ value: "1024"
+ -
+ name: "MEMCACHED_SLAB_PAGE_SIZE"
+ displayName: "Memcached Slab Page Size"
+ description: "Memcached size of each slab page."
+ value: "1m"
+ -
+ name: "POSTGRESQL_MAX_CONNECTIONS"
+ displayName: "PostgreSQL Max Connections"
+ description: "PostgreSQL maximum number of database connections allowed."
+ value: "100"
+ -
+ name: "POSTGRESQL_SHARED_BUFFERS"
+ displayName: "PostgreSQL Shared Buffer Amount"
+ description: "Amount of memory dedicated for PostgreSQL shared memory buffers."
+ value: "256MB"
+ -
+ name: "APPLICATION_CPU_REQ"
+ displayName: "Application Min CPU Requested"
+ required: true
+ description: "Minimum amount of CPU time the Application container will need (expressed in millicores)."
+ value: "1000m"
+ -
+ name: "POSTGRESQL_CPU_REQ"
+ displayName: "PostgreSQL Min CPU Requested"
+ required: true
+ description: "Minimum amount of CPU time the PostgreSQL container will need (expressed in millicores)."
+ value: "500m"
+ -
+ name: "MEMCACHED_CPU_REQ"
+ displayName: "Memcached Min CPU Requested"
+ required: true
+ description: "Minimum amount of CPU time the Memcached container will need (expressed in millicores)."
+ value: "200m"
+ -
+ name: "APPLICATION_MEM_REQ"
+ displayName: "Application Min RAM Requested"
+ required: true
+ description: "Minimum amount of memory the Application container will need."
+ value: "6144Mi"
+ -
+ name: "POSTGRESQL_MEM_REQ"
+ displayName: "PostgreSQL Min RAM Requested"
+ required: true
+ description: "Minimum amount of memory the PostgreSQL container will need."
+ value: "1024Mi"
+ -
+ name: "MEMCACHED_MEM_REQ"
+ displayName: "Memcached Min RAM Requested"
+ required: true
+ description: "Minimum amount of memory the Memcached container will need."
+ value: "64Mi"
+ -
+ name: "APPLICATION_MEM_LIMIT"
+ displayName: "Application Max RAM Limit"
+ required: true
+ description: "Maximum amount of memory the Application container can consume."
+ value: "16384Mi"
+ -
+ name: "POSTGRESQL_MEM_LIMIT"
+ displayName: "PostgreSQL Max RAM Limit"
+ required: true
+ description: "Maximum amount of memory the PostgreSQL container can consume."
+ value: "8192Mi"
+ -
+ name: "MEMCACHED_MEM_LIMIT"
+ displayName: "Memcached Max RAM Limit"
+ required: true
+ description: "Maximum amount of memory the Memcached container can consume."
+ value: "256Mi"
+ -
+ name: "POSTGRESQL_IMG_NAME"
+ displayName: "PostgreSQL Image Name"
+ description: "This is the PostgreSQL image name requested to deploy."
+ value: "registry.access.redhat.com/cloudforms45/cfme-openshift-postgresql"
+ -
+ name: "POSTGRESQL_IMG_TAG"
+ displayName: "PostgreSQL Image Tag"
+ description: "This is the PostgreSQL image tag/version requested to deploy."
+ value: "latest"
+ -
+ name: "MEMCACHED_IMG_NAME"
+ displayName: "Memcached Image Name"
+ description: "This is the Memcached image name requested to deploy."
+ value: "registry.access.redhat.com/cloudforms45/cfme-openshift-memcached"
+ -
+ name: "MEMCACHED_IMG_TAG"
+ displayName: "Memcached Image Tag"
+ description: "This is the Memcached image tag/version requested to deploy."
+ value: "latest"
+ -
+ name: "APPLICATION_IMG_NAME"
+ displayName: "Application Image Name"
+ description: "This is the Application image name requested to deploy."
+ value: "registry.access.redhat.com/cloudforms45/cfme-openshift-app"
+ -
+ name: "APPLICATION_IMG_TAG"
+ displayName: "Application Image Tag"
+ description: "This is the Application image tag/version requested to deploy."
+ value: "latest"
+ -
+ name: "APPLICATION_DOMAIN"
+ displayName: "Application Hostname"
+ description: "The exposed hostname that will route to the application service, if left blank a value will be defaulted."
+ value: ""
+ -
+ name: "APPLICATION_INIT_DELAY"
+ displayName: "Application Init Delay"
+ required: true
+ description: "Delay in seconds before we attempt to initialize the application."
+ value: "15"
+ -
+ name: "APPLICATION_VOLUME_CAPACITY"
+ displayName: "Application Volume Capacity"
+ required: true
+ description: "Volume space available for application data."
+ value: "5Gi"
+ -
+ name: "APPLICATION_REGION_VOLUME_CAPACITY"
+ displayName: "Application Region Volume Capacity"
+ required: true
+ description: "Volume space available for region application data."
+ value: "5Gi"
+ -
+ name: "DATABASE_VOLUME_CAPACITY"
+ displayName: "Database Volume Capacity"
+ required: true
+ description: "Volume space available for database."
+ value: "15Gi"
diff --git a/roles/openshift_examples/files/examples/v3.8/cfme-templates/jboss-middleware-manager-pv-example.yaml b/roles/openshift_examples/files/examples/v3.8/cfme-templates/jboss-middleware-manager-pv-example.yaml
new file mode 100644
index 000000000..240f6cbdf
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/cfme-templates/jboss-middleware-manager-pv-example.yaml
@@ -0,0 +1,58 @@
+#
+# Copyright 2016-2017 Red Hat, Inc. and/or its affiliates
+# and other contributors as indicated by the @author tags.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+apiVersion: v1
+kind: Template
+parameters:
+- name: HAWKULAR_SERVICES_DATA_LIMIT
+ description: Maximum amount data used by hawkular-services container (mostly logging)
+ displayName: Hawkular Services Container Data Limit
+ value: 1Gi
+- name: CASSANDRA_DATA_LIMIT
+ description: Maximum amount data used by Cassandra container
+ displayName: Cassandra Container Data Limit
+ value: 2Gi
+
+objects:
+- apiVersion: v1
+ kind: PersistentVolume
+ metadata:
+ name: h-services-pv
+ labels:
+ type: h-services
+ spec:
+ capacity:
+ storage: ${HAWKULAR_SERVICES_DATA_LIMIT}
+ accessModes:
+ - ReadWriteOnce
+ persistentVolumeReclaimPolicy: Retain
+ hostPath:
+ path: /tmp/pv-services
+- apiVersion: v1
+ kind: PersistentVolume
+ metadata:
+ name: cassandra-pv
+ labels:
+ type: cassandra
+ spec:
+ capacity:
+ storage: ${CASSANDRA_DATA_LIMIT}
+ accessModes:
+ - ReadWriteOnce
+ persistentVolumeReclaimPolicy: Retain
+ hostPath:
+ path: /tmp/pv-cassandra
diff --git a/roles/openshift_examples/files/examples/v3.8/cfme-templates/jboss-middleware-manager-template.yaml b/roles/openshift_examples/files/examples/v3.8/cfme-templates/jboss-middleware-manager-template.yaml
new file mode 100644
index 000000000..bbc0c7044
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/cfme-templates/jboss-middleware-manager-template.yaml
@@ -0,0 +1,254 @@
+#
+# Copyright 2016-2017 Red Hat, Inc. and/or its affiliates
+# and other contributors as indicated by the @author tags.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+apiVersion: v1
+kind: Template
+metadata:
+ name: hawkular-services
+ annotations:
+ openshift.io/display-name: Hawkular Services
+ description: Hawkular-Services all-in-one (including Hawkular Metrics, Hawkular Alerts and Hawkular Inventory).
+ iconClass: icon-wildfly
+ tags: hawkular,hawkular-services,metrics,alerts,manageiq,cassandra
+
+parameters:
+- name: HAWKULAR_SERVICES_IMAGE
+ description: What docker image should be used for hawkular-services.
+ displayName: Hawkular Services Docker Image
+ value: registry.access.redhat.com/jboss-mm-7-tech-preview/middleware-manager:latest
+- name: CASSANDRA_IMAGE
+ description: What docker image should be used for cassandra node.
+ displayName: Cassandra Docker Image
+ value: registry.access.redhat.com/openshift3/metrics-cassandra:3.5.0
+- name: CASSANDRA_MEMORY_LIMIT
+ description: Maximum amount of memory for Cassandra container.
+ displayName: Cassandra Memory Limit
+ value: 2Gi
+- name: CASSANDRA_DATA_LIMIT
+ description: Maximum amount data used by Cassandra container.
+ displayName: Cassandra Container Data Limit
+ value: 2Gi
+- name: HAWKULAR_SERVICES_DATA_LIMIT
+ description: Maximum amount data used by hawkular-services container (mostly logging).
+ displayName: Hawkular Services Container Data Limit
+ value: 1Gi
+- name: ROUTE_NAME
+ description: Public route with this name will be created.
+ displayName: Route Name
+ value: hawkular-services
+- name: ROUTE_HOSTNAME
+ description: Under this hostname the Hawkular Services will be accessible, if left blank a value will be defaulted.
+ displayName: Hostname
+- name: HAWKULAR_USER
+ description: Username that is used for accessing the Hawkular Services, if left blank a value will be generated.
+ displayName: Hawkular User
+ from: '[a-zA-Z0-9]{16}'
+ generate: expression
+- name: HAWKULAR_PASSWORD
+ description: Password that is used for accessing the Hawkular Services, if left blank a value will be generated.
+ displayName: Hawkular Password
+ from: '[a-zA-Z0-9]{16}'
+ generate: expression
+labels:
+ template: hawkular-services
+message: Credentials for hawkular-services are ${HAWKULAR_USER}:${HAWKULAR_PASSWORD}
+
+objects:
+- apiVersion: v1
+ kind: Service
+ metadata:
+ annotations:
+ description: Exposes and load balances the application pods
+ service.alpha.openshift.io/dependencies: '[{"name":"hawkular-cassandra","namespace":"","kind":"Service"}]'
+ name: hawkular-services
+ spec:
+ ports:
+ - name: http-8080-tcp
+ port: 8080
+ protocol: TCP
+ targetPort: 8080
+ - name: admin-9990-tcp
+ port: 9990
+ protocol: TCP
+ targetPort: 9990
+ selector:
+ name: hawkular-services
+ type: ClusterIP
+- apiVersion: v1
+ kind: Service
+ metadata:
+ annotations:
+ description: Cassandra Service
+ name: hawkular-cassandra
+ spec:
+ ports:
+ - name: cql-9042-tcp
+ port: 9042
+ protocol: TCP
+ targetPort: 9042
+ selector:
+ name: hawkular-cassandra
+- apiVersion: v1
+ kind: Route
+ metadata:
+ name: ${ROUTE_NAME}
+ spec:
+ host: ${ROUTE_HOSTNAME}
+ to:
+ kind: Service
+ name: hawkular-services
+ port:
+ targetPort: http-8080-tcp
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ annotations:
+ description: Defines how to deploy the application server
+ name: hawkular-services
+ spec:
+ replicas: 1
+ selector:
+ name: hawkular-services
+ strategy:
+ type: Rolling
+ template:
+ metadata:
+ labels:
+ name: hawkular-services
+ spec:
+ containers:
+ - image: ${HAWKULAR_SERVICES_IMAGE}
+ env:
+ - name: HAWKULAR_BACKEND
+ value: remote
+ - name: CASSANDRA_NODES
+ value: hawkular-cassandra
+ - name: HAWKULAR_USER
+ value: ${HAWKULAR_USER}
+ - name: HAWKULAR_PASSWORD
+ value: ${HAWKULAR_PASSWORD}
+ imagePullPolicy: IfNotPresent
+ name: hawkular-services
+ volumeMounts:
+ - name: h-services-data
+ mountPath: /var/opt/hawkular
+ ports:
+ - containerPort: 8080
+ - containerPort: 9990
+ livenessProbe:
+ exec:
+ command:
+ - /opt/hawkular/bin/ready.sh
+ initialDelaySeconds: 180
+ timeoutSeconds: 3
+ readinessProbe:
+ exec:
+ command:
+ - /opt/hawkular/bin/ready.sh
+ initialDelaySeconds: 120
+ timeoutSeconds: 3
+ periodSeconds: 5
+ successThreshold: 1
+ failureThreshold: 12
+ resources:
+ requests:
+ memory: 1024Mi
+ cpu: 2000m
+ dnsPolicy: ClusterFirst
+ restartPolicy: Always
+ volumes:
+ - name: h-services-data
+ persistentVolumeClaim:
+ claimName: h-services-pvc
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ annotations:
+ description: Defines how to deploy the cassandra
+ name: hawkular-cassandra
+ spec:
+ replicas: 1
+ selector:
+ name: hawkular-cassandra
+ strategy:
+ type: Recreate
+ rollingParams:
+ timeoutSeconds: 300
+ template:
+ metadata:
+ labels:
+ name: hawkular-cassandra
+ spec:
+ containers:
+ - image: ${CASSANDRA_IMAGE}
+ imagePullPolicy: Always
+ name: hawkular-cassandra
+ env:
+ - name: DATA_VOLUME
+ value: /var/lib/cassandra
+ volumeMounts:
+ - name: cassandra-data
+ mountPath: /var/lib/cassandra
+ ports:
+ - containerPort: 9042
+ - containerPort: 9160
+ readinessProbe:
+ exec:
+ command: ['nodetool', 'status']
+ initialDelaySeconds: 30
+ timeoutSeconds: 10
+ periodSeconds: 15
+ successThreshold: 1
+ failureThreshold: 3
+ livenessProbe:
+ exec:
+ command: ['nodetool', 'status']
+ initialDelaySeconds: 300
+ timeoutSeconds: 10
+ periodSeconds: 15
+ successThreshold: 1
+ failureThreshold: 3
+ resources:
+ limits:
+ memory: ${CASSANDRA_MEMORY_LIMIT}
+ volumes:
+ - name: cassandra-data
+ persistentVolumeClaim:
+ claimName: cassandra-pvc
+
+- apiVersion: v1
+ kind: PersistentVolumeClaim
+ metadata:
+ name: h-services-pvc
+ spec:
+ accessModes:
+ - ReadWriteOnce
+ resources:
+ requests:
+ storage: 1Gi
+- apiVersion: v1
+ kind: PersistentVolumeClaim
+ metadata:
+ name: cassandra-pvc
+ spec:
+ accessModes:
+ - ReadWriteOnce
+ resources:
+ requests:
+ storage: 1Gi
diff --git a/roles/openshift_examples/files/examples/v3.8/db-templates/OWNERS b/roles/openshift_examples/files/examples/v3.8/db-templates/OWNERS
new file mode 100644
index 000000000..cbdc20f41
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/db-templates/OWNERS
@@ -0,0 +1,12 @@
+reviewers:
+ - bparees
+ - gabemontero
+ - mfojtik
+ - dinhxuanvu
+ - jim-minter
+ - spadgett
+approvers:
+ - bparees
+ - mfojtik
+ - spadgett
+ - jupierce
diff --git a/roles/openshift_examples/files/examples/v3.8/db-templates/README.md b/roles/openshift_examples/files/examples/v3.8/db-templates/README.md
new file mode 100644
index 000000000..a36d7ba7d
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/db-templates/README.md
@@ -0,0 +1,76 @@
+OpenShift 3 Database Examples
+=============================
+
+This directory contains example JSON templates to deploy databases in OpenShift.
+They can be used to immediately instantiate a database and expose it as a
+service in the current project, or to add a template that can be later used from
+the Web Console or the CLI.
+
+The examples can also be tweaked to create new templates.
+
+
+## Ephemeral vs. Persistent
+
+For each supported database, there are two template files.
+
+Files named `*-ephemeral-template.json` use
+"[emptyDir](https://docs.openshift.org/latest/dev_guide/volumes.html)" volumes
+for data storage, which means that data is lost after a pod restart.
+This is tolerable for experimenting, but not suitable for production use.
+
+The other templates, named `*-persistent-template.json`, use [persistent volume
+claims](https://docs.openshift.org/latest/architecture/additional_concepts/storage.html#persistent-volume-claims)
+to request persistent storage provided by [persistent
+volumes](https://docs.openshift.org/latest/architecture/additional_concepts/storage.html#persistent-volumes),
+that must have been created upfront.
+
+
+## Usage
+
+### Instantiating a new database service
+
+Use these instructions if you want to quickly deploy a new database service in
+your current project. Instantiate a new database service with this command:
+
+ $ oc new-app /path/to/template.json
+
+Replace `/path/to/template.json` with an appropriate path, that can be either a
+local path or an URL. Example:
+
+ $ oc new-app https://raw.githubusercontent.com/openshift/origin/master/examples/db-templates/mongodb-ephemeral-template.json
+
+The parameters listed in the output above can be tweaked by specifying values in
+the command line with the `-p` option:
+
+ $ oc new-app examples/db-templates/mongodb-ephemeral-template.json -p DATABASE_SERVICE_NAME=mydb -p MONGODB_USER=default
+
+Note that the persistent template requires an existing persistent volume,
+otherwise the deployment won't ever succeed.
+
+
+### Adding a database as a template
+
+Use these instructions if, instead of instantiating a service right away, you
+want to load the template into an OpenShift project so that it can be used
+later. Create the template with this command:
+
+ $ oc create -f /path/to/template.json
+
+Replace `/path/to/template.json` with an appropriate path, that can be either a
+local path or an URL. Example:
+
+ $ oc create -f https://raw.githubusercontent.com/openshift/origin/master/examples/db-templates/mongodb-ephemeral-template.json
+ template "mongodb-ephemeral" created
+
+The new template is now available to use in the Web Console or with `oc
+new-app`.
+
+
+## More information
+
+The usage of each supported database image is further documented in the links
+below:
+
+- [MySQL](https://docs.openshift.org/latest/using_images/db_images/mysql.html)
+- [PostgreSQL](https://docs.openshift.org/latest/using_images/db_images/postgresql.html)
+- [MongoDB](https://docs.openshift.org/latest/using_images/db_images/mongodb.html)
diff --git a/roles/openshift_examples/files/examples/v3.8/db-templates/mariadb-ephemeral-template.json b/roles/openshift_examples/files/examples/v3.8/db-templates/mariadb-ephemeral-template.json
new file mode 100644
index 000000000..5e7585eeb
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/db-templates/mariadb-ephemeral-template.json
@@ -0,0 +1,247 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "mariadb-ephemeral",
+ "annotations": {
+ "openshift.io/display-name": "MariaDB (Ephemeral)",
+ "description": "MariaDB database service, without persistent storage. For more information about using this template, including OpenShift considerations, see https://github.com/sclorg/mariadb-container/blob/master/10.1/README.md.\n\nWARNING: Any data stored will be lost upon pod destruction. Only use this template for testing",
+ "iconClass": "icon-mariadb",
+ "tags": "database,mariadb",
+ "openshift.io/long-description": "This template provides a standalone MariaDB server with a database created. The database is not stored on persistent storage, so any restart of the service will result in all data being lost. The database name, username, and password are chosen via parameters when provisioning this service.",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "openshift.io/documentation-url": "https://github.com/sclorg/mariadb-container/blob/master/10.1/README.md",
+ "openshift.io/support-url": "https://access.redhat.com"
+ }
+ },
+ "message": "The following service(s) have been created in your project: ${DATABASE_SERVICE_NAME}.\n\n Username: ${MYSQL_USER}\n Password: ${MYSQL_PASSWORD}\n Database Name: ${MYSQL_DATABASE}\n Connection URL: mysql://${DATABASE_SERVICE_NAME}:3306/\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/sclorg/mariadb-container/blob/master/10.1/README.md.",
+ "labels": {
+ "template": "mariadb-persistent-template"
+ },
+ "objects": [
+ {
+ "kind": "Secret",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-username": "{.data['database-user']}",
+ "template.openshift.io/expose-password": "{.data['database-password']}",
+ "template.openshift.io/expose-root_password": "{.data['database-root-password']}",
+ "template.openshift.io/expose-database_name": "{.data['database-name']}"
+ }
+ },
+ "stringData" : {
+ "database-user" : "${MYSQL_USER}",
+ "database-password" : "${MYSQL_PASSWORD}",
+ "database-root-password" : "${MYSQL_ROOT_PASSWORD}",
+ "database-name" : "${MYSQL_DATABASE}"
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "mysql://{.spec.clusterIP}:{.spec.ports[?(.name==\"mariadb\")].port}"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "mariadb",
+ "port": 3306
+ }
+ ],
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "mariadb"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "mariadb:10.1",
+ "namespace": "${NAMESPACE}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "labels": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "mariadb",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 3306
+ }
+ ],
+ "readinessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 5,
+ "exec": {
+ "command": [ "/bin/sh", "-i", "-c",
+ "MYSQL_PWD=\"$MYSQL_PASSWORD\" mysql -h 127.0.0.1 -u $MYSQL_USER -D $MYSQL_DATABASE -e 'SELECT 1'"]
+ }
+ },
+ "livenessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 30,
+ "tcpSocket": {
+ "port": 3306
+ }
+ },
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${DATABASE_SERVICE_NAME}",
+ "key" : "database-user"
+ }
+ }
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${DATABASE_SERVICE_NAME}",
+ "key" : "database-password"
+ }
+ }
+ },
+ {
+ "name": "MYSQL_ROOT_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${DATABASE_SERVICE_NAME}",
+ "key" : "database-root-password"
+ }
+ }
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${DATABASE_SERVICE_NAME}",
+ "key" : "database-name"
+ }
+ }
+ }
+ ],
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_LIMIT}"
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "${DATABASE_SERVICE_NAME}-data",
+ "mountPath": "/var/lib/mysql/data"
+ }
+ ],
+ "imagePullPolicy": "IfNotPresent"
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${DATABASE_SERVICE_NAME}-data",
+ "emptyDir": {
+ "medium": ""
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ],
+ "parameters": [
+ {
+ "name": "MEMORY_LIMIT",
+ "displayName": "Memory Limit",
+ "description": "Maximum amount of memory the container can use.",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "name": "NAMESPACE",
+ "displayName": "Namespace",
+ "description": "The OpenShift Namespace where the ImageStream resides.",
+ "value": "openshift"
+ },
+ {
+ "name": "DATABASE_SERVICE_NAME",
+ "displayName": "Database Service Name",
+ "description": "The name of the OpenShift Service exposed for the database.",
+ "value": "mariadb",
+ "required": true
+ },
+ {
+ "name": "MYSQL_USER",
+ "displayName": "MariaDB Connection Username",
+ "description": "Username for MariaDB user that will be used for accessing the database.",
+ "generate": "expression",
+ "from": "user[A-Z0-9]{3}",
+ "required": true
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "displayName": "MariaDB Connection Password",
+ "description": "Password for the MariaDB connection user.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{16}",
+ "required": true
+ },
+ {
+ "name": "MYSQL_ROOT_PASSWORD",
+ "displayName": "MariaDB root Password",
+ "description": "Password for the MariaDB root user.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{16}",
+ "required": true
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "displayName": "MariaDB Database Name",
+ "description": "Name of the MariaDB database accessed.",
+ "value": "sampledb",
+ "required": true
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/db-templates/mariadb-persistent-template.json b/roles/openshift_examples/files/examples/v3.8/db-templates/mariadb-persistent-template.json
new file mode 100644
index 000000000..92be8f42e
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/db-templates/mariadb-persistent-template.json
@@ -0,0 +1,271 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "mariadb-persistent",
+ "annotations": {
+ "openshift.io/display-name": "MariaDB",
+ "description": "MariaDB database service, with persistent storage. For more information about using this template, including OpenShift considerations, see https://github.com/sclorg/mariadb-container/blob/master/10.1/README.md.\n\nNOTE: Scaling to more than one replica is not supported. You must have persistent volumes available in your cluster to use this template.",
+ "iconClass": "icon-mariadb",
+ "tags": "database,mariadb",
+ "openshift.io/long-description": "This template provides a standalone MariaDB server with a database created. The database is stored on persistent storage. The database name, username, and password are chosen via parameters when provisioning this service.",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "openshift.io/documentation-url": "https://github.com/sclorg/mariadb-container/blob/master/10.1/README.md",
+ "openshift.io/support-url": "https://access.redhat.com"
+ }
+ },
+ "message": "The following service(s) have been created in your project: ${DATABASE_SERVICE_NAME}.\n\n Username: ${MYSQL_USER}\n Password: ${MYSQL_PASSWORD}\n Database Name: ${MYSQL_DATABASE}\n Connection URL: mysql://${DATABASE_SERVICE_NAME}:3306/\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/sclorg/mariadb-container/blob/master/10.1/README.md.",
+ "labels": {
+ "template": "mariadb-persistent-template"
+ },
+ "objects": [
+ {
+ "kind": "Secret",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-username": "{.data['database-user']}",
+ "template.openshift.io/expose-password": "{.data['database-password']}",
+ "template.openshift.io/expose-root_password": "{.data['database-root-password']}",
+ "template.openshift.io/expose-database_name": "{.data['database-name']}"
+ }
+ },
+ "stringData" : {
+ "database-user" : "${MYSQL_USER}",
+ "database-password" : "${MYSQL_PASSWORD}",
+ "database-root-password" : "${MYSQL_ROOT_PASSWORD}",
+ "database-name" : "${MYSQL_DATABASE}"
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "mysql://{.spec.clusterIP}:{.spec.ports[?(.name==\"mariadb\")].port}"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "mariadb",
+ "port": 3306
+ }
+ ],
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "PersistentVolumeClaim",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "mariadb"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "mariadb:10.1",
+ "namespace": "${NAMESPACE}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "labels": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "mariadb",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 3306
+ }
+ ],
+ "readinessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 5,
+ "exec": {
+ "command": [ "/bin/sh", "-i", "-c",
+ "MYSQL_PWD=\"$MYSQL_PASSWORD\" mysql -h 127.0.0.1 -u $MYSQL_USER -D $MYSQL_DATABASE -e 'SELECT 1'"]
+ }
+ },
+ "livenessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 30,
+ "tcpSocket": {
+ "port": 3306
+ }
+ },
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${DATABASE_SERVICE_NAME}",
+ "key" : "database-user"
+ }
+ }
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${DATABASE_SERVICE_NAME}",
+ "key" : "database-password"
+ }
+ }
+ },
+ {
+ "name": "MYSQL_ROOT_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${DATABASE_SERVICE_NAME}",
+ "key" : "database-root-password"
+ }
+ }
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${DATABASE_SERVICE_NAME}",
+ "key" : "database-name"
+ }
+ }
+ }
+ ],
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_LIMIT}"
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "${DATABASE_SERVICE_NAME}-data",
+ "mountPath": "/var/lib/mysql/data"
+ }
+ ],
+ "imagePullPolicy": "IfNotPresent"
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${DATABASE_SERVICE_NAME}-data",
+ "persistentVolumeClaim": {
+ "claimName": "${DATABASE_SERVICE_NAME}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ],
+ "parameters": [
+ {
+ "name": "MEMORY_LIMIT",
+ "displayName": "Memory Limit",
+ "description": "Maximum amount of memory the container can use.",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "name": "NAMESPACE",
+ "displayName": "Namespace",
+ "description": "The OpenShift Namespace where the ImageStream resides.",
+ "value": "openshift"
+ },
+ {
+ "name": "DATABASE_SERVICE_NAME",
+ "displayName": "Database Service Name",
+ "description": "The name of the OpenShift Service exposed for the database.",
+ "value": "mariadb",
+ "required": true
+ },
+ {
+ "name": "MYSQL_USER",
+ "displayName": "MariaDB Connection Username",
+ "description": "Username for MariaDB user that will be used for accessing the database.",
+ "generate": "expression",
+ "from": "user[A-Z0-9]{3}",
+ "required": true
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "displayName": "MariaDB Connection Password",
+ "description": "Password for the MariaDB connection user.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{16}",
+ "required": true
+ },
+ {
+ "name": "MYSQL_ROOT_PASSWORD",
+ "displayName": "MariaDB root Password",
+ "description": "Password for the MariaDB root user.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{16}",
+ "required": true
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "displayName": "MariaDB Database Name",
+ "description": "Name of the MariaDB database accessed.",
+ "value": "sampledb",
+ "required": true
+ },
+ {
+ "name": "VOLUME_CAPACITY",
+ "displayName": "Volume Capacity",
+ "description": "Volume space available for data, e.g. 512Mi, 2Gi.",
+ "value": "1Gi",
+ "required": true
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/db-templates/mongodb-ephemeral-template.json b/roles/openshift_examples/files/examples/v3.8/db-templates/mongodb-ephemeral-template.json
new file mode 100644
index 000000000..10f202c59
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/db-templates/mongodb-ephemeral-template.json
@@ -0,0 +1,272 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "mongodb-ephemeral",
+ "annotations": {
+ "openshift.io/display-name": "MongoDB (Ephemeral)",
+ "description": "MongoDB database service, without persistent storage. For more information about using this template, including OpenShift considerations, see https://github.com/sclorg/mongodb-container/blob/master/3.2/README.md.\n\nWARNING: Any data stored will be lost upon pod destruction. Only use this template for testing",
+ "iconClass": "icon-mongodb",
+ "tags": "database,mongodb",
+ "openshift.io/long-description": "This template provides a standalone MongoDB server with a database created. The database is not stored on persistent storage, so any restart of the service will result in all data being lost. The database name, username, and password are chosen via parameters when provisioning this service.",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "openshift.io/documentation-url": "https://docs.openshift.org/latest/using_images/db_images/mongodb.html",
+ "openshift.io/support-url": "https://access.redhat.com"
+ }
+ },
+ "message": "The following service(s) have been created in your project: ${DATABASE_SERVICE_NAME}.\n\n Username: ${MONGODB_USER}\n Password: ${MONGODB_PASSWORD}\n Database Name: ${MONGODB_DATABASE}\n Connection URL: mongodb://${MONGODB_USER}:${MONGODB_PASSWORD}@${DATABASE_SERVICE_NAME}/${MONGODB_DATABASE}\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/sclorg/mongodb-container/blob/master/3.2/README.md.",
+ "labels": {
+ "template": "mongodb-ephemeral-template"
+ },
+ "objects": [
+ {
+ "kind": "Secret",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-username": "{.data['database-user']}",
+ "template.openshift.io/expose-password": "{.data['database-password']}",
+ "template.openshift.io/expose-admin_password": "{.data['database-admin-password']}",
+ "template.openshift.io/expose-database_name": "{.data['database-name']}"
+ }
+ },
+ "stringData" : {
+ "database-user" : "${MONGODB_USER}",
+ "database-password" : "${MONGODB_PASSWORD}",
+ "database-admin-password" : "${MONGODB_ADMIN_PASSWORD}",
+ "database-name" : "${MONGODB_DATABASE}"
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "mongodb://{.spec.clusterIP}:{.spec.ports[?(.name==\"mongo\")].port}"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "mongo",
+ "protocol": "TCP",
+ "port": 27017,
+ "targetPort": 27017,
+ "nodePort": 0
+ }
+ ],
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "type": "ClusterIP",
+ "sessionAffinity": "None"
+ },
+ "status": {
+ "loadBalancer": {}
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "mongodb"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "mongodb:${MONGODB_VERSION}",
+ "namespace": "${NAMESPACE}"
+ },
+ "lastTriggeredImage": ""
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "labels": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "mongodb",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 27017,
+ "protocol": "TCP"
+ }
+ ],
+ "readinessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 3,
+ "exec": {
+ "command": [ "/bin/sh", "-i", "-c", "mongo 127.0.0.1:27017/$MONGODB_DATABASE -u $MONGODB_USER -p $MONGODB_PASSWORD --eval=\"quit()\""]
+ }
+ },
+ "livenessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 30,
+ "tcpSocket": {
+ "port": 27017
+ }
+ },
+ "env": [
+ {
+ "name": "MONGODB_USER",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${DATABASE_SERVICE_NAME}",
+ "key" : "database-user"
+ }
+ }
+ },
+ {
+ "name": "MONGODB_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${DATABASE_SERVICE_NAME}",
+ "key" : "database-password"
+ }
+ }
+ },
+ {
+ "name": "MONGODB_ADMIN_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${DATABASE_SERVICE_NAME}",
+ "key" : "database-admin-password"
+ }
+ }
+ },
+ {
+ "name": "MONGODB_DATABASE",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${DATABASE_SERVICE_NAME}",
+ "key" : "database-name"
+ }
+ }
+ }
+ ],
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_LIMIT}"
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "${DATABASE_SERVICE_NAME}-data",
+ "mountPath": "/var/lib/mongodb/data"
+ }
+ ],
+ "terminationMessagePath": "/dev/termination-log",
+ "imagePullPolicy": "IfNotPresent",
+ "capabilities": {},
+ "securityContext": {
+ "capabilities": {},
+ "privileged": false
+ }
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${DATABASE_SERVICE_NAME}-data",
+ "emptyDir": {
+ "medium": ""
+ }
+ }
+ ],
+ "restartPolicy": "Always",
+ "dnsPolicy": "ClusterFirst"
+ }
+ }
+ },
+ "status": {}
+ }
+ ],
+ "parameters": [
+ {
+ "name": "MEMORY_LIMIT",
+ "displayName": "Memory Limit",
+ "description": "Maximum amount of memory the container can use.",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "name": "NAMESPACE",
+ "displayName": "Namespace",
+ "description": "The OpenShift Namespace where the ImageStream resides.",
+ "value": "openshift"
+ },
+ {
+ "name": "DATABASE_SERVICE_NAME",
+ "displayName": "Database Service Name",
+ "description": "The name of the OpenShift Service exposed for the database.",
+ "value": "mongodb",
+ "required": true
+ },
+ {
+ "name": "MONGODB_USER",
+ "displayName": "MongoDB Connection Username",
+ "description": "Username for MongoDB user that will be used for accessing the database.",
+ "generate": "expression",
+ "from": "user[A-Z0-9]{3}",
+ "required": true
+ },
+ {
+ "name": "MONGODB_PASSWORD",
+ "displayName": "MongoDB Connection Password",
+ "description": "Password for the MongoDB connection user.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{16}",
+ "required": true
+ },
+ {
+ "name": "MONGODB_DATABASE",
+ "displayName": "MongoDB Database Name",
+ "description": "Name of the MongoDB database accessed.",
+ "value": "sampledb",
+ "required": true
+ },
+ {
+ "name": "MONGODB_ADMIN_PASSWORD",
+ "displayName": "MongoDB Admin Password",
+ "description": "Password for the database admin user.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{16}",
+ "required": true
+ },
+ {
+ "name": "MONGODB_VERSION",
+ "displayName": "Version of MongoDB Image",
+ "description": "Version of MongoDB image to be used (2.4, 2.6, 3.2 or latest).",
+ "value": "3.2",
+ "required": true
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/db-templates/mongodb-persistent-template.json b/roles/openshift_examples/files/examples/v3.8/db-templates/mongodb-persistent-template.json
new file mode 100644
index 000000000..4e3e64d48
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/db-templates/mongodb-persistent-template.json
@@ -0,0 +1,296 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "mongodb-persistent",
+ "annotations": {
+ "openshift.io/display-name": "MongoDB",
+ "description": "MongoDB database service, with persistent storage. For more information about using this template, including OpenShift considerations, see https://github.com/sclorg/mongodb-container/blob/master/3.2/README.md.\n\nNOTE: Scaling to more than one replica is not supported. You must have persistent volumes available in your cluster to use this template.",
+ "iconClass": "icon-mongodb",
+ "tags": "database,mongodb",
+ "openshift.io/long-description": "This template provides a standalone MongoDB server with a database created. The database is stored on persistent storage. The database name, username, and password are chosen via parameters when provisioning this service.",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "openshift.io/documentation-url": "https://docs.openshift.org/latest/using_images/db_images/mongodb.html",
+ "openshift.io/support-url": "https://access.redhat.com"
+ }
+ },
+ "message": "The following service(s) have been created in your project: ${DATABASE_SERVICE_NAME}.\n\n Username: ${MONGODB_USER}\n Password: ${MONGODB_PASSWORD}\n Database Name: ${MONGODB_DATABASE}\n Connection URL: mongodb://${MONGODB_USER}:${MONGODB_PASSWORD}@${DATABASE_SERVICE_NAME}/${MONGODB_DATABASE}\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/sclorg/mongodb-container/blob/master/3.2/README.md.",
+ "labels": {
+ "template": "mongodb-persistent-template"
+ },
+ "objects": [
+ {
+ "kind": "Secret",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-username": "{.data['database-user']}",
+ "template.openshift.io/expose-password": "{.data['database-password']}",
+ "template.openshift.io/expose-admin_password": "{.data['database-admin-password']}",
+ "template.openshift.io/expose-database_name": "{.data['database-name']}"
+ }
+ },
+ "stringData" : {
+ "database-user" : "${MONGODB_USER}",
+ "database-password" : "${MONGODB_PASSWORD}",
+ "database-admin-password" : "${MONGODB_ADMIN_PASSWORD}",
+ "database-name" : "${MONGODB_DATABASE}"
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "mongodb://{.spec.clusterIP}:{.spec.ports[?(.name==\"mongo\")].port}"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "mongo",
+ "protocol": "TCP",
+ "port": 27017,
+ "targetPort": 27017,
+ "nodePort": 0
+ }
+ ],
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "type": "ClusterIP",
+ "sessionAffinity": "None"
+ },
+ "status": {
+ "loadBalancer": {}
+ }
+ },
+ {
+ "kind": "PersistentVolumeClaim",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "mongodb"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "mongodb:${MONGODB_VERSION}",
+ "namespace": "${NAMESPACE}"
+ },
+ "lastTriggeredImage": ""
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "labels": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "mongodb",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 27017,
+ "protocol": "TCP"
+ }
+ ],
+ "readinessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 3,
+ "exec": {
+ "command": [ "/bin/sh", "-i", "-c", "mongo 127.0.0.1:27017/$MONGODB_DATABASE -u $MONGODB_USER -p $MONGODB_PASSWORD --eval=\"quit()\""]
+ }
+ },
+ "livenessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 30,
+ "tcpSocket": {
+ "port": 27017
+ }
+ },
+ "env": [
+ {
+ "name": "MONGODB_USER",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${DATABASE_SERVICE_NAME}",
+ "key" : "database-user"
+ }
+ }
+ },
+ {
+ "name": "MONGODB_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${DATABASE_SERVICE_NAME}",
+ "key" : "database-password"
+ }
+ }
+ },
+ {
+ "name": "MONGODB_ADMIN_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${DATABASE_SERVICE_NAME}",
+ "key" : "database-admin-password"
+ }
+ }
+ },
+ {
+ "name": "MONGODB_DATABASE",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${DATABASE_SERVICE_NAME}",
+ "key" : "database-name"
+ }
+ }
+ }
+ ],
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_LIMIT}"
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "${DATABASE_SERVICE_NAME}-data",
+ "mountPath": "/var/lib/mongodb/data"
+ }
+ ],
+ "terminationMessagePath": "/dev/termination-log",
+ "imagePullPolicy": "IfNotPresent",
+ "capabilities": {},
+ "securityContext": {
+ "capabilities": {},
+ "privileged": false
+ }
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${DATABASE_SERVICE_NAME}-data",
+ "persistentVolumeClaim": {
+ "claimName": "${DATABASE_SERVICE_NAME}"
+ }
+ }
+ ],
+ "restartPolicy": "Always",
+ "dnsPolicy": "ClusterFirst"
+ }
+ }
+ },
+ "status": {}
+ }
+ ],
+ "parameters": [
+ {
+ "name": "MEMORY_LIMIT",
+ "displayName": "Memory Limit",
+ "description": "Maximum amount of memory the container can use.",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "name": "NAMESPACE",
+ "displayName": "Namespace",
+ "description": "The OpenShift Namespace where the ImageStream resides.",
+ "value": "openshift"
+ },
+ {
+ "name": "DATABASE_SERVICE_NAME",
+ "displayName": "Database Service Name",
+ "description": "The name of the OpenShift Service exposed for the database.",
+ "value": "mongodb",
+ "required": true
+ },
+ {
+ "name": "MONGODB_USER",
+ "displayName": "MongoDB Connection Username",
+ "description": "Username for MongoDB user that will be used for accessing the database.",
+ "generate": "expression",
+ "from": "user[A-Z0-9]{3}",
+ "required": true
+ },
+ {
+ "name": "MONGODB_PASSWORD",
+ "displayName": "MongoDB Connection Password",
+ "description": "Password for the MongoDB connection user.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{16}",
+ "required": true
+ },
+ {
+ "name": "MONGODB_DATABASE",
+ "displayName": "MongoDB Database Name",
+ "description": "Name of the MongoDB database accessed.",
+ "value": "sampledb",
+ "required": true
+ },
+ {
+ "name": "MONGODB_ADMIN_PASSWORD",
+ "displayName": "MongoDB Admin Password",
+ "description": "Password for the database admin user.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{16}",
+ "required": true
+ },
+ {
+ "name": "VOLUME_CAPACITY",
+ "displayName": "Volume Capacity",
+ "description": "Volume space available for data, e.g. 512Mi, 2Gi.",
+ "value": "1Gi",
+ "required": true
+ },
+ {
+ "name": "MONGODB_VERSION",
+ "displayName": "Version of MongoDB Image",
+ "description": "Version of MongoDB image to be used (2.4, 2.6, 3.2 or latest).",
+ "value": "3.2",
+ "required": true
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/db-templates/mysql-ephemeral-template.json b/roles/openshift_examples/files/examples/v3.8/db-templates/mysql-ephemeral-template.json
new file mode 100644
index 000000000..c0946416d
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/db-templates/mysql-ephemeral-template.json
@@ -0,0 +1,273 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "mysql-ephemeral",
+ "annotations": {
+ "openshift.io/display-name": "MySQL (Ephemeral)",
+ "description": "MySQL database service, without persistent storage. For more information about using this template, including OpenShift considerations, see https://github.com/sclorg/mysql-container/blob/master/5.7/README.md.\n\nWARNING: Any data stored will be lost upon pod destruction. Only use this template for testing",
+ "iconClass": "icon-mysql-database",
+ "tags": "database,mysql",
+ "openshift.io/long-description": "This template provides a standalone MySQL server with a database created. The database is not stored on persistent storage, so any restart of the service will result in all data being lost. The database name, username, and password are chosen via parameters when provisioning this service.",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "openshift.io/documentation-url": "https://docs.openshift.org/latest/using_images/db_images/mysql.html",
+ "openshift.io/support-url": "https://access.redhat.com"
+ }
+ },
+ "message": "The following service(s) have been created in your project: ${DATABASE_SERVICE_NAME}.\n\n Username: ${MYSQL_USER}\n Password: ${MYSQL_PASSWORD}\n Database Name: ${MYSQL_DATABASE}\n Connection URL: mysql://${DATABASE_SERVICE_NAME}:3306/\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/sclorg/mysql-container/blob/master/5.7/README.md.",
+ "labels": {
+ "template": "mysql-ephemeral-template"
+ },
+ "objects": [
+ {
+ "kind": "Secret",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-username": "{.data['database-user']}",
+ "template.openshift.io/expose-password": "{.data['database-password']}",
+ "template.openshift.io/expose-root_password": "{.data['database-root-password']}",
+ "template.openshift.io/expose-database_name": "{.data['database-name']}"
+ }
+ },
+ "stringData" : {
+ "database-user" : "${MYSQL_USER}",
+ "database-password" : "${MYSQL_PASSWORD}",
+ "database-root-password" : "${MYSQL_ROOT_PASSWORD}",
+ "database-name" : "${MYSQL_DATABASE}"
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "mysql://{.spec.clusterIP}:{.spec.ports[?(.name==\"mysql\")].port}"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "mysql",
+ "protocol": "TCP",
+ "port": 3306,
+ "targetPort": 3306,
+ "nodePort": 0
+ }
+ ],
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "type": "ClusterIP",
+ "sessionAffinity": "None"
+ },
+ "status": {
+ "loadBalancer": {}
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "mysql:${MYSQL_VERSION}",
+ "namespace": "${NAMESPACE}"
+ },
+ "lastTriggeredImage": ""
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "labels": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "mysql",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "readinessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 5,
+ "exec": {
+ "command": [ "/bin/sh", "-i", "-c",
+ "MYSQL_PWD=\"$MYSQL_PASSWORD\" mysql -h 127.0.0.1 -u $MYSQL_USER -D $MYSQL_DATABASE -e 'SELECT 1'"]
+ }
+ },
+ "livenessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 30,
+ "tcpSocket": {
+ "port": 3306
+ }
+ },
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${DATABASE_SERVICE_NAME}",
+ "key" : "database-user"
+ }
+ }
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${DATABASE_SERVICE_NAME}",
+ "key" : "database-password"
+ }
+ }
+ },
+ {
+ "name": "MYSQL_ROOT_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${DATABASE_SERVICE_NAME}",
+ "key" : "database-root-password"
+ }
+ }
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${DATABASE_SERVICE_NAME}",
+ "key" : "database-name"
+ }
+ }
+ }
+ ],
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_LIMIT}"
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "${DATABASE_SERVICE_NAME}-data",
+ "mountPath": "/var/lib/mysql/data"
+ }
+ ],
+ "terminationMessagePath": "/dev/termination-log",
+ "imagePullPolicy": "IfNotPresent",
+ "capabilities": {},
+ "securityContext": {
+ "capabilities": {},
+ "privileged": false
+ }
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${DATABASE_SERVICE_NAME}-data",
+ "emptyDir": {
+ "medium": ""
+ }
+ }
+ ],
+ "restartPolicy": "Always",
+ "dnsPolicy": "ClusterFirst"
+ }
+ }
+ },
+ "status": {}
+ }
+ ],
+ "parameters": [
+ {
+ "name": "MEMORY_LIMIT",
+ "displayName": "Memory Limit",
+ "description": "Maximum amount of memory the container can use.",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "name": "NAMESPACE",
+ "displayName": "Namespace",
+ "description": "The OpenShift Namespace where the ImageStream resides.",
+ "value": "openshift"
+ },
+ {
+ "name": "DATABASE_SERVICE_NAME",
+ "displayName": "Database Service Name",
+ "description": "The name of the OpenShift Service exposed for the database.",
+ "value": "mysql",
+ "required": true
+ },
+ {
+ "name": "MYSQL_USER",
+ "displayName": "MySQL Connection Username",
+ "description": "Username for MySQL user that will be used for accessing the database.",
+ "generate": "expression",
+ "from": "user[A-Z0-9]{3}",
+ "required": true
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "displayName": "MySQL Connection Password",
+ "description": "Password for the MySQL connection user.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{16}",
+ "required": true
+ },
+ {
+ "name": "MYSQL_ROOT_PASSWORD",
+ "displayName": "MySQL root user Password",
+ "description": "Password for the MySQL root user.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{16}",
+ "required": true
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "displayName": "MySQL Database Name",
+ "description": "Name of the MySQL database accessed.",
+ "value": "sampledb",
+ "required": true
+ },
+ {
+ "name": "MYSQL_VERSION",
+ "displayName": "Version of MySQL Image",
+ "description": "Version of MySQL image to be used (5.5, 5.6, 5.7, or latest).",
+ "value": "5.7",
+ "required": true
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/db-templates/mysql-persistent-template.json b/roles/openshift_examples/files/examples/v3.8/db-templates/mysql-persistent-template.json
new file mode 100644
index 000000000..6ac80f3a0
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/db-templates/mysql-persistent-template.json
@@ -0,0 +1,278 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "mysql-persistent",
+ "annotations": {
+ "openshift.io/display-name": "MySQL",
+ "description": "MySQL database service, with persistent storage. For more information about using this template, including OpenShift considerations, see https://github.com/sclorg/mysql-container/blob/master/5.7/README.md.\n\nNOTE: Scaling to more than one replica is not supported. You must have persistent volumes available in your cluster to use this template.",
+ "iconClass": "icon-mysql-database",
+ "tags": "database,mysql",
+ "openshift.io/long-description": "This template provides a standalone MySQL server with a database created. The database is stored on persistent storage. The database name, username, and password are chosen via parameters when provisioning this service.",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "openshift.io/documentation-url": "https://docs.openshift.org/latest/using_images/db_images/mysql.html",
+ "openshift.io/support-url": "https://access.redhat.com"
+ }
+ },
+ "message": "The following service(s) have been created in your project: ${DATABASE_SERVICE_NAME}.\n\n Username: ${MYSQL_USER}\n Password: ${MYSQL_PASSWORD}\n Database Name: ${MYSQL_DATABASE}\n Connection URL: mysql://${DATABASE_SERVICE_NAME}:3306/\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/sclorg/mysql-container/blob/master/5.7/README.md.",
+ "labels": {
+ "template": "mysql-persistent-template"
+ },
+ "objects": [
+ {
+ "kind": "Secret",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-username": "{.data['database-user']}",
+ "template.openshift.io/expose-password": "{.data['database-password']}",
+ "template.openshift.io/expose-root_password": "{.data['database-root-password']}",
+ "template.openshift.io/expose-database_name": "{.data['database-name']}"
+ }
+ },
+ "stringData" : {
+ "database-user" : "${MYSQL_USER}",
+ "database-password" : "${MYSQL_PASSWORD}",
+ "database-root-password" : "${MYSQL_ROOT_PASSWORD}",
+ "database-name" : "${MYSQL_DATABASE}"
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "mysql://{.spec.clusterIP}:{.spec.ports[?(.name==\"mysql\")].port}"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "mysql",
+ "port": 3306
+ }
+ ],
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "PersistentVolumeClaim",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "mysql:${MYSQL_VERSION}",
+ "namespace": "${NAMESPACE}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "labels": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "mysql",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 3306
+ }
+ ],
+ "readinessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 5,
+ "exec": {
+ "command": [ "/bin/sh", "-i", "-c",
+ "MYSQL_PWD=\"$MYSQL_PASSWORD\" mysql -h 127.0.0.1 -u $MYSQL_USER -D $MYSQL_DATABASE -e 'SELECT 1'"]
+ }
+ },
+ "livenessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 30,
+ "tcpSocket": {
+ "port": 3306
+ }
+ },
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${DATABASE_SERVICE_NAME}",
+ "key" : "database-user"
+ }
+ }
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${DATABASE_SERVICE_NAME}",
+ "key" : "database-password"
+ }
+ }
+ },
+ {
+ "name": "MYSQL_ROOT_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${DATABASE_SERVICE_NAME}",
+ "key" : "database-root-password"
+ }
+ }
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${DATABASE_SERVICE_NAME}",
+ "key" : "database-name"
+ }
+ }
+ }
+ ],
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_LIMIT}"
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "${DATABASE_SERVICE_NAME}-data",
+ "mountPath": "/var/lib/mysql/data"
+ }
+ ],
+ "imagePullPolicy": "IfNotPresent"
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${DATABASE_SERVICE_NAME}-data",
+ "persistentVolumeClaim": {
+ "claimName": "${DATABASE_SERVICE_NAME}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ],
+ "parameters": [
+ {
+ "name": "MEMORY_LIMIT",
+ "displayName": "Memory Limit",
+ "description": "Maximum amount of memory the container can use.",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "name": "NAMESPACE",
+ "displayName": "Namespace",
+ "description": "The OpenShift Namespace where the ImageStream resides.",
+ "value": "openshift"
+ },
+ {
+ "name": "DATABASE_SERVICE_NAME",
+ "displayName": "Database Service Name",
+ "description": "The name of the OpenShift Service exposed for the database.",
+ "value": "mysql",
+ "required": true
+ },
+ {
+ "name": "MYSQL_USER",
+ "displayName": "MySQL Connection Username",
+ "description": "Username for MySQL user that will be used for accessing the database.",
+ "generate": "expression",
+ "from": "user[A-Z0-9]{3}",
+ "required": true
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "displayName": "MySQL Connection Password",
+ "description": "Password for the MySQL connection user.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{16}",
+ "required": true
+ },
+ {
+ "name": "MYSQL_ROOT_PASSWORD",
+ "displayName": "MySQL root user Password",
+ "description": "Password for the MySQL root user.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{16}",
+ "required": true
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "displayName": "MySQL Database Name",
+ "description": "Name of the MySQL database accessed.",
+ "value": "sampledb",
+ "required": true
+ },
+ {
+ "name": "VOLUME_CAPACITY",
+ "displayName": "Volume Capacity",
+ "description": "Volume space available for data, e.g. 512Mi, 2Gi.",
+ "value": "1Gi",
+ "required": true
+ },
+ {
+ "name": "MYSQL_VERSION",
+ "displayName": "Version of MySQL Image",
+ "description": "Version of MySQL image to be used (5.5, 5.6, 5.7, or latest).",
+ "value": "5.7",
+ "required": true
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/db-templates/postgresql-ephemeral-template.json b/roles/openshift_examples/files/examples/v3.8/db-templates/postgresql-ephemeral-template.json
new file mode 100644
index 000000000..7c419f1ae
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/db-templates/postgresql-ephemeral-template.json
@@ -0,0 +1,253 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "postgresql-ephemeral",
+ "annotations": {
+ "openshift.io/display-name": "PostgreSQL (Ephemeral)",
+ "description": "PostgreSQL database service, without persistent storage. For more information about using this template, including OpenShift considerations, see https://github.com/sclorg/postgresql-container/blob/master/9.5.\n\nWARNING: Any data stored will be lost upon pod destruction. Only use this template for testing",
+ "iconClass": "icon-postgresql",
+ "tags": "database,postgresql",
+ "openshift.io/long-description": "This template provides a standalone PostgreSQL server with a database created. The database is not stored on persistent storage, so any restart of the service will result in all data being lost. The database name, username, and password are chosen via parameters when provisioning this service.",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "openshift.io/documentation-url": "https://docs.openshift.org/latest/using_images/db_images/postgresql.html",
+ "openshift.io/support-url": "https://access.redhat.com"
+ }
+ },
+ "message": "The following service(s) have been created in your project: ${DATABASE_SERVICE_NAME}.\n\n Username: ${POSTGRESQL_USER}\n Password: ${POSTGRESQL_PASSWORD}\n Database Name: ${POSTGRESQL_DATABASE}\n Connection URL: postgresql://${DATABASE_SERVICE_NAME}:5432/\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/sclorg/postgresql-container/blob/master/9.5.",
+ "labels": {
+ "template": "postgresql-ephemeral-template"
+ },
+ "objects": [
+ {
+ "kind": "Secret",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-username": "{.data['database-user']}",
+ "template.openshift.io/expose-password": "{.data['database-password']}",
+ "template.openshift.io/expose-database_name": "{.data['database-name']}"
+ }
+ },
+ "stringData" : {
+ "database-user" : "${POSTGRESQL_USER}",
+ "database-password" : "${POSTGRESQL_PASSWORD}",
+ "database-name" : "${POSTGRESQL_DATABASE}"
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "postgres://{.spec.clusterIP}:{.spec.ports[?(.name==\"postgresql\")].port}"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "postgresql",
+ "protocol": "TCP",
+ "port": 5432,
+ "targetPort": 5432,
+ "nodePort": 0
+ }
+ ],
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "type": "ClusterIP",
+ "sessionAffinity": "None"
+ },
+ "status": {
+ "loadBalancer": {}
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "postgresql:${POSTGRESQL_VERSION}",
+ "namespace": "${NAMESPACE}"
+ },
+ "lastTriggeredImage": ""
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "labels": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "postgresql",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "readinessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 5,
+ "exec": {
+ "command": [ "/bin/sh", "-i", "-c", "psql -h 127.0.0.1 -U $POSTGRESQL_USER -q -d $POSTGRESQL_DATABASE -c 'SELECT 1'"]
+ }
+ },
+ "livenessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 30,
+ "tcpSocket": {
+ "port": 5432
+ }
+ },
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${DATABASE_SERVICE_NAME}",
+ "key" : "database-user"
+ }
+ }
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${DATABASE_SERVICE_NAME}",
+ "key" : "database-password"
+ }
+ }
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${DATABASE_SERVICE_NAME}",
+ "key" : "database-name"
+ }
+ }
+ }
+ ],
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_LIMIT}"
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "${DATABASE_SERVICE_NAME}-data",
+ "mountPath": "/var/lib/pgsql/data"
+ }
+ ],
+ "terminationMessagePath": "/dev/termination-log",
+ "imagePullPolicy": "IfNotPresent",
+ "capabilities": {},
+ "securityContext": {
+ "capabilities": {},
+ "privileged": false
+ }
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${DATABASE_SERVICE_NAME}-data",
+ "emptyDir": {
+ "medium": ""
+ }
+ }
+ ],
+ "restartPolicy": "Always",
+ "dnsPolicy": "ClusterFirst"
+ }
+ }
+ },
+ "status": {}
+ }
+ ],
+ "parameters": [
+ {
+ "name": "MEMORY_LIMIT",
+ "displayName": "Memory Limit",
+ "description": "Maximum amount of memory the container can use.",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "name": "NAMESPACE",
+ "displayName": "Namespace",
+ "description": "The OpenShift Namespace where the ImageStream resides.",
+ "value": "openshift"
+ },
+ {
+ "name": "DATABASE_SERVICE_NAME",
+ "displayName": "Database Service Name",
+ "description": "The name of the OpenShift Service exposed for the database.",
+ "value": "postgresql",
+ "required": true
+ },
+ {
+ "name": "POSTGRESQL_USER",
+ "displayName": "PostgreSQL Connection Username",
+ "description": "Username for PostgreSQL user that will be used for accessing the database.",
+ "generate": "expression",
+ "from": "user[A-Z0-9]{3}",
+ "required": true
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "displayName": "PostgreSQL Connection Password",
+ "description": "Password for the PostgreSQL connection user.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{16}",
+ "required": true
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "displayName": "PostgreSQL Database Name",
+ "description": "Name of the PostgreSQL database accessed.",
+ "value": "sampledb",
+ "required": true
+ },
+ {
+ "name": "POSTGRESQL_VERSION",
+ "displayName": "Version of PostgreSQL Image",
+ "description": "Version of PostgreSQL image to be used (9.2, 9.4, 9.5 or latest).",
+ "value": "9.5",
+ "required": true
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/db-templates/postgresql-persistent-template.json b/roles/openshift_examples/files/examples/v3.8/db-templates/postgresql-persistent-template.json
new file mode 100644
index 000000000..190509112
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/db-templates/postgresql-persistent-template.json
@@ -0,0 +1,277 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "postgresql-persistent",
+ "annotations": {
+ "openshift.io/display-name": "PostgreSQL",
+ "description": "PostgreSQL database service, with persistent storage. For more information about using this template, including OpenShift considerations, see https://github.com/sclorg/postgresql-container/blob/master/9.5.\n\nNOTE: Scaling to more than one replica is not supported. You must have persistent volumes available in your cluster to use this template.",
+ "iconClass": "icon-postgresql",
+ "tags": "database,postgresql",
+ "openshift.io/long-description": "This template provides a standalone PostgreSQL server with a database created. The database is stored on persistent storage. The database name, username, and password are chosen via parameters when provisioning this service.",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "openshift.io/documentation-url": "https://docs.openshift.org/latest/using_images/db_images/postgresql.html",
+ "openshift.io/support-url": "https://access.redhat.com"
+ }
+ },
+ "message": "The following service(s) have been created in your project: ${DATABASE_SERVICE_NAME}.\n\n Username: ${POSTGRESQL_USER}\n Password: ${POSTGRESQL_PASSWORD}\n Database Name: ${POSTGRESQL_DATABASE}\n Connection URL: postgresql://${DATABASE_SERVICE_NAME}:5432/\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/sclorg/postgresql-container/blob/master/9.5.",
+ "labels": {
+ "template": "postgresql-persistent-template"
+ },
+ "objects": [
+ {
+ "kind": "Secret",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-username": "{.data['database-user']}",
+ "template.openshift.io/expose-password": "{.data['database-password']}",
+ "template.openshift.io/expose-database_name": "{.data['database-name']}"
+ }
+ },
+ "stringData" : {
+ "database-user" : "${POSTGRESQL_USER}",
+ "database-password" : "${POSTGRESQL_PASSWORD}",
+ "database-name" : "${POSTGRESQL_DATABASE}"
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "postgres://{.spec.clusterIP}:{.spec.ports[?(.name==\"postgresql\")].port}"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "postgresql",
+ "protocol": "TCP",
+ "port": 5432,
+ "targetPort": 5432,
+ "nodePort": 0
+ }
+ ],
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "type": "ClusterIP",
+ "sessionAffinity": "None"
+ },
+ "status": {
+ "loadBalancer": {}
+ }
+ },
+ {
+ "kind": "PersistentVolumeClaim",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "postgresql:${POSTGRESQL_VERSION}",
+ "namespace": "${NAMESPACE}"
+ },
+ "lastTriggeredImage": ""
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "labels": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "postgresql",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "readinessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 5,
+ "exec": {
+ "command": [ "/bin/sh", "-i", "-c", "psql -h 127.0.0.1 -U $POSTGRESQL_USER -q -d $POSTGRESQL_DATABASE -c 'SELECT 1'"]
+ }
+ },
+ "livenessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 30,
+ "tcpSocket": {
+ "port": 5432
+ }
+ },
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${DATABASE_SERVICE_NAME}",
+ "key" : "database-user"
+ }
+ }
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${DATABASE_SERVICE_NAME}",
+ "key" : "database-password"
+ }
+ }
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${DATABASE_SERVICE_NAME}",
+ "key" : "database-name"
+ }
+ }
+ }
+ ],
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_LIMIT}"
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "${DATABASE_SERVICE_NAME}-data",
+ "mountPath": "/var/lib/pgsql/data"
+ }
+ ],
+ "terminationMessagePath": "/dev/termination-log",
+ "imagePullPolicy": "IfNotPresent",
+ "capabilities": {},
+ "securityContext": {
+ "capabilities": {},
+ "privileged": false
+ }
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${DATABASE_SERVICE_NAME}-data",
+ "persistentVolumeClaim": {
+ "claimName": "${DATABASE_SERVICE_NAME}"
+ }
+ }
+ ],
+ "restartPolicy": "Always",
+ "dnsPolicy": "ClusterFirst"
+ }
+ }
+ },
+ "status": {}
+ }
+ ],
+ "parameters": [
+ {
+ "name": "MEMORY_LIMIT",
+ "displayName": "Memory Limit",
+ "description": "Maximum amount of memory the container can use.",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "name": "NAMESPACE",
+ "displayName": "Namespace",
+ "description": "The OpenShift Namespace where the ImageStream resides.",
+ "value": "openshift"
+ },
+ {
+ "name": "DATABASE_SERVICE_NAME",
+ "displayName": "Database Service Name",
+ "description": "The name of the OpenShift Service exposed for the database.",
+ "value": "postgresql",
+ "required": true
+ },
+ {
+ "name": "POSTGRESQL_USER",
+ "displayName": "PostgreSQL Connection Username",
+ "description": "Username for PostgreSQL user that will be used for accessing the database.",
+ "generate": "expression",
+ "from": "user[A-Z0-9]{3}",
+ "required": true
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "displayName": "PostgreSQL Connection Password",
+ "description": "Password for the PostgreSQL connection user.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{16}",
+ "required": true
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "displayName": "PostgreSQL Database Name",
+ "description": "Name of the PostgreSQL database accessed.",
+ "value": "sampledb",
+ "required": true
+ },
+ {
+ "name": "VOLUME_CAPACITY",
+ "displayName": "Volume Capacity",
+ "description": "Volume space available for data, e.g. 512Mi, 2Gi.",
+ "value": "1Gi",
+ "required": true
+ },
+ {
+ "name": "POSTGRESQL_VERSION",
+ "displayName": "Version of PostgreSQL Image",
+ "description": "Version of PostgreSQL image to be used (9.2, 9.4, 9.5 or latest).",
+ "value": "9.5",
+ "required": true
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/db-templates/redis-ephemeral-template.json b/roles/openshift_examples/files/examples/v3.8/db-templates/redis-ephemeral-template.json
new file mode 100644
index 000000000..ee60af9db
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/db-templates/redis-ephemeral-template.json
@@ -0,0 +1,216 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "redis-ephemeral",
+ "annotations": {
+ "openshift.io/display-name": "Redis (Ephemeral)",
+ "description": "Redis in-memory data structure store, without persistent storage. For more information about using this template, including OpenShift considerations, see https://github.com/sclorg/redis-container/blob/master/3.2.\n\nWARNING: Any data stored will be lost upon pod destruction. Only use this template for testing",
+ "iconClass": "icon-redis",
+ "tags": "database,redis",
+ "openshift.io/long-description": "This template provides a standalone Redis server. The data is not stored on persistent storage, so any restart of the service will result in all data being lost.",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "openshift.io/documentation-url": "https://github.com/sclorg/redis-container/tree/master/3.2",
+ "openshift.io/support-url": "https://access.redhat.com"
+ }
+ },
+ "message": "The following service(s) have been created in your project: ${DATABASE_SERVICE_NAME}.\n\n Password: ${REDIS_PASSWORD}\n Connection URL: redis://${DATABASE_SERVICE_NAME}:6379/\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/sclorg/redis-container/blob/master/3.2.",
+ "labels": {
+ "template": "redis-ephemeral-template"
+ },
+ "objects": [
+ {
+ "kind": "Secret",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-password": "{.data['database-password']}"
+ }
+ },
+ "stringData" : {
+ "database-password" : "${REDIS_PASSWORD}"
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "redis://{.spec.clusterIP}:{.spec.ports[?(.name==\"redis\")].port}"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "redis",
+ "protocol": "TCP",
+ "port": 6379,
+ "targetPort": 6379,
+ "nodePort": 0
+ }
+ ],
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "type": "ClusterIP",
+ "sessionAffinity": "None"
+ },
+ "status": {
+ "loadBalancer": {}
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "redis"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "redis:${REDIS_VERSION}",
+ "namespace": "${NAMESPACE}"
+ },
+ "lastTriggeredImage": ""
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "labels": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "redis",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 6379,
+ "protocol": "TCP"
+ }
+ ],
+ "readinessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 5,
+ "exec": {
+ "command": [ "/bin/sh", "-i", "-c", "test \"$(redis-cli -h 127.0.0.1 -a $REDIS_PASSWORD ping)\" == \"PONG\""]
+ }
+ },
+ "livenessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 30,
+ "tcpSocket": {
+ "port": 6379
+ }
+ },
+ "env": [
+ {
+ "name": "REDIS_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${DATABASE_SERVICE_NAME}",
+ "key" : "database-password"
+ }
+ }
+ }
+ ],
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_LIMIT}"
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "${DATABASE_SERVICE_NAME}-data",
+ "mountPath": "/var/lib/redis/data"
+ }
+ ],
+ "terminationMessagePath": "/dev/termination-log",
+ "imagePullPolicy": "IfNotPresent",
+ "capabilities": {},
+ "securityContext": {
+ "capabilities": {},
+ "privileged": false
+ }
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${DATABASE_SERVICE_NAME}-data",
+ "emptyDir": {
+ "medium": ""
+ }
+ }
+ ],
+ "restartPolicy": "Always",
+ "dnsPolicy": "ClusterFirst"
+ }
+ }
+ },
+ "status": {}
+ }
+ ],
+ "parameters": [
+ {
+ "name": "MEMORY_LIMIT",
+ "displayName": "Memory Limit",
+ "description": "Maximum amount of memory the container can use.",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "name": "NAMESPACE",
+ "displayName": "Namespace",
+ "description": "The OpenShift Namespace where the ImageStream resides.",
+ "value": "openshift"
+ },
+ {
+ "name": "DATABASE_SERVICE_NAME",
+ "displayName": "Database Service Name",
+ "description": "The name of the OpenShift Service exposed for the database.",
+ "value": "redis",
+ "required": true
+ },
+ {
+ "name": "REDIS_PASSWORD",
+ "displayName": "Redis Connection Password",
+ "description": "Password for the Redis connection user.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{16}",
+ "required": true
+ },
+ {
+ "name": "REDIS_VERSION",
+ "displayName": "Version of Redis Image",
+ "description": "Version of Redis image to be used (3.2 or latest).",
+ "value": "3.2",
+ "required": true
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/db-templates/redis-persistent-template.json b/roles/openshift_examples/files/examples/v3.8/db-templates/redis-persistent-template.json
new file mode 100644
index 000000000..d1103d3af
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/db-templates/redis-persistent-template.json
@@ -0,0 +1,240 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "redis-persistent",
+ "annotations": {
+ "openshift.io/display-name": "Redis",
+ "description": "Redis in-memory data structure store, with persistent storage. For more information about using this template, including OpenShift considerations, see https://github.com/sclorg/redis-container/blob/master/3.2.\n\nNOTE: You must have persistent volumes available in your cluster to use this template.",
+ "iconClass": "icon-redis",
+ "tags": "database,redis",
+ "openshift.io/long-description": "This template provides a standalone Redis server. The data is stored on persistent storage.",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "openshift.io/documentation-url": "https://github.com/sclorg/redis-container/tree/master/3.2",
+ "openshift.io/support-url": "https://access.redhat.com"
+ }
+ },
+ "message": "The following service(s) have been created in your project: ${DATABASE_SERVICE_NAME}.\n\n Password: ${REDIS_PASSWORD}\n Connection URL: redis://${DATABASE_SERVICE_NAME}:6379/\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/sclorg/redis-container/blob/master/3.2.",
+ "labels": {
+ "template": "redis-persistent-template"
+ },
+ "objects": [
+ {
+ "kind": "Secret",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-password": "{.data['database-password']}"
+ }
+ },
+ "stringData" : {
+ "database-password" : "${REDIS_PASSWORD}"
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "redis://{.spec.clusterIP}:{.spec.ports[?(.name==\"redis\")].port}"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "redis",
+ "protocol": "TCP",
+ "port": 6379,
+ "targetPort": 6379,
+ "nodePort": 0
+ }
+ ],
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "type": "ClusterIP",
+ "sessionAffinity": "None"
+ },
+ "status": {
+ "loadBalancer": {}
+ }
+ },
+ {
+ "kind": "PersistentVolumeClaim",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "redis"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "redis:${REDIS_VERSION}",
+ "namespace": "${NAMESPACE}"
+ },
+ "lastTriggeredImage": ""
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "labels": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "redis",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 6379,
+ "protocol": "TCP"
+ }
+ ],
+ "readinessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 5,
+ "exec": {
+ "command": [ "/bin/sh", "-i", "-c", "test \"$(redis-cli -h 127.0.0.1 -a $REDIS_PASSWORD ping)\" == \"PONG\""]
+ }
+ },
+ "livenessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 30,
+ "tcpSocket": {
+ "port": 6379
+ }
+ },
+ "env": [
+ {
+ "name": "REDIS_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${DATABASE_SERVICE_NAME}",
+ "key" : "database-password"
+ }
+ }
+ }
+ ],
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_LIMIT}"
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "${DATABASE_SERVICE_NAME}-data",
+ "mountPath": "/var/lib/redis/data"
+ }
+ ],
+ "terminationMessagePath": "/dev/termination-log",
+ "imagePullPolicy": "IfNotPresent",
+ "capabilities": {},
+ "securityContext": {
+ "capabilities": {},
+ "privileged": false
+ }
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${DATABASE_SERVICE_NAME}-data",
+ "persistentVolumeClaim": {
+ "claimName": "${DATABASE_SERVICE_NAME}"
+ }
+ }
+ ],
+ "restartPolicy": "Always",
+ "dnsPolicy": "ClusterFirst"
+ }
+ }
+ },
+ "status": {}
+ }
+ ],
+ "parameters": [
+ {
+ "name": "MEMORY_LIMIT",
+ "displayName": "Memory Limit",
+ "description": "Maximum amount of memory the container can use.",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "name": "NAMESPACE",
+ "displayName": "Namespace",
+ "description": "The OpenShift Namespace where the ImageStream resides.",
+ "value": "openshift"
+ },
+ {
+ "name": "DATABASE_SERVICE_NAME",
+ "displayName": "Database Service Name",
+ "description": "The name of the OpenShift Service exposed for the database.",
+ "value": "redis",
+ "required": true
+ },
+ {
+ "name": "REDIS_PASSWORD",
+ "displayName": "Redis Connection Password",
+ "description": "Password for the Redis connection user.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{16}",
+ "required": true
+ },
+ {
+ "name": "VOLUME_CAPACITY",
+ "displayName": "Volume Capacity",
+ "description": "Volume space available for data, e.g. 512Mi, 2Gi.",
+ "value": "1Gi",
+ "required": true
+ },
+ {
+ "name": "REDIS_VERSION",
+ "displayName": "Version of Redis Image",
+ "description": "Version of Redis image to be used (3.2 or latest).",
+ "value": "3.2",
+ "required": true
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/image-streams/OWNERS b/roles/openshift_examples/files/examples/v3.8/image-streams/OWNERS
new file mode 100644
index 000000000..6ddf77f12
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/image-streams/OWNERS
@@ -0,0 +1,14 @@
+reviewers:
+ - bparees
+ - sspeiche
+ - mfojtik
+ - liggitt
+ - jcantrill
+ - hhorak
+ - csrwng
+approvers:
+ - bparees
+ - mfojtik
+ - liggitt
+ - jcantrill
+ - csrwng
diff --git a/roles/openshift_examples/files/examples/v3.8/image-streams/dotnet_imagestreams.json b/roles/openshift_examples/files/examples/v3.8/image-streams/dotnet_imagestreams.json
new file mode 100644
index 000000000..ee753966f
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/image-streams/dotnet_imagestreams.json
@@ -0,0 +1,140 @@
+{
+ "kind": "ImageStreamList",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "dotnet-image-streams",
+ "annotations": {
+ "description": "ImageStream definitions for .NET Core on RHEL"
+ }
+ },
+ "items": [
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "dotnet",
+ "annotations": {
+ "openshift.io/display-name": ".NET Core Builder Images"
+ }
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "latest",
+ "annotations": {
+ "openshift.io/display-name": ".NET Core (Latest)",
+ "description": "Build and run .NET Core applications on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/redhat-developer/s2i-dotnetcore/tree/master/2.0/build/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of .NET Core available on OpenShift, including major versions updates.",
+ "iconClass": "icon-dotnet",
+ "tags": "builder,.net,dotnet,dotnetcore",
+ "supports":"dotnet",
+ "sampleRepo": "https://github.com/redhat-developer/s2i-dotnetcore-ex.git",
+ "sampleContextDir": "app",
+ "sampleRef": "dotnetcore-2.0"
+ },
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "2.0"
+ }
+ },
+ {
+ "name": "2.0",
+ "annotations": {
+ "openshift.io/display-name": ".NET Core 2.0",
+ "description": "Build and run .NET Core 2.0 applications on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/redhat-developer/s2i-dotnetcore/tree/master/2.0/build/README.md.",
+ "iconClass": "icon-dotnet",
+ "tags": "builder,.net,dotnet,dotnetcore,rh-dotnet20",
+ "supports":"dotnet:2.0,dotnet",
+ "sampleRepo": "https://github.com/redhat-developer/s2i-dotnetcore-ex.git",
+ "sampleContextDir": "app",
+ "sampleRef": "dotnetcore-2.0",
+ "version": "2.0"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/dotnet/dotnet-20-rhel7:2.0"
+ }
+ },
+ {
+ "name": "1.1",
+ "annotations": {
+ "openshift.io/display-name": ".NET Core 1.1",
+ "description": "Build and run .NET Core 1.1 applications on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/redhat-developer/s2i-dotnetcore/tree/master/1.1/README.md.",
+ "iconClass": "icon-dotnet",
+ "tags": "builder,.net,dotnet,dotnetcore,rh-dotnetcore11",
+ "supports":"dotnet:1.1,dotnet",
+ "sampleRepo": "https://github.com/redhat-developer/s2i-dotnetcore-ex.git",
+ "sampleContextDir": "app",
+ "sampleRef": "dotnetcore-1.1",
+ "version": "1.1"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/dotnet/dotnetcore-11-rhel7:1.1"
+ }
+ },
+ {
+ "name": "1.0",
+ "annotations": {
+ "openshift.io/display-name": ".NET Core 1.0",
+ "description": "Build and run .NET Core 1.0 applications on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/redhat-developer/s2i-dotnetcore/tree/master/1.0/README.md.",
+ "iconClass": "icon-dotnet",
+ "tags": "builder,.net,dotnet,dotnetcore,rh-dotnetcore10",
+ "supports":"dotnet:1.0,dotnet",
+ "sampleRepo": "https://github.com/redhat-developer/s2i-dotnetcore-ex.git",
+ "sampleContextDir": "app",
+ "sampleRef": "dotnetcore-1.0",
+ "version": "1.0"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/dotnet/dotnetcore-10-rhel7:1.0"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "dotnet-runtime",
+ "annotations": {
+ "openshift.io/display-name": ".NET Core Runtime Images"
+ }
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "latest",
+ "annotations": {
+ "openshift.io/display-name": ".NET Core Runtime (Latest)",
+ "description": "Run .NET Core applications on RHEL 7. For more information about using this image, including OpenShift considerations, see https://github.com/redhat-developer/s2i-dotnetcore/tree/master/2.0/runtime/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of .NET Core Runtime available on OpenShift, including major versions updates.",
+ "iconClass": "icon-dotnet",
+ "tags": "runtime,.net-runtime,dotnet-runtime,dotnetcore-runtime",
+ "supports":"dotnet-runtime"
+ },
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "2.0"
+ }
+ },
+ {
+ "name": "2.0",
+ "annotations": {
+ "openshift.io/display-name": ".NET Core 2.0 Runtime",
+ "description": "Run .NET Core applications on RHEL 7. For more information about using this image, including OpenShift considerations, see https://github.com/redhat-developer/s2i-dotnetcore/tree/master/2.0/runtime/README.md.",
+ "iconClass": "icon-dotnet",
+ "tags": "runtime,.net-runtime,dotnet-runtime,dotnetcore-runtime",
+ "supports":"dotnet-runtime",
+ "version": "2.0"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/dotnet/dotnet-20-runtime-rhel7:2.0"
+ }
+ }
+ ]
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/image-streams/dotnet_imagestreams_centos.json b/roles/openshift_examples/files/examples/v3.8/image-streams/dotnet_imagestreams_centos.json
new file mode 100644
index 000000000..79afc355b
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/image-streams/dotnet_imagestreams_centos.json
@@ -0,0 +1,104 @@
+{
+ "kind": "ImageStreamList",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "dotnet-image-streams",
+ "annotations": {
+ "description": "ImageStream definitions for .NET Core on CentOS"
+ }
+ },
+ "items": [
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "dotnet",
+ "annotations": {
+ "openshift.io/display-name": ".NET Core Builder Images"
+ }
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "latest",
+ "annotations": {
+ "openshift.io/display-name": ".NET Core (Latest)",
+ "description": "Build and run .NET Core applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/redhat-developer/s2i-dotnetcore/tree/master/2.0/build/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of .NET Core available on OpenShift, including major versions updates.",
+ "iconClass": "icon-dotnet",
+ "tags": "builder,.net,dotnet,dotnetcore",
+ "supports":"dotnet",
+ "sampleRepo": "https://github.com/redhat-developer/s2i-dotnetcore-ex.git",
+ "sampleContextDir": "app",
+ "sampleRef": "dotnetcore-2.0"
+ },
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "2.0"
+ }
+ },
+ {
+ "name": "2.0",
+ "annotations": {
+ "openshift.io/display-name": ".NET Core 2.0",
+ "description": "Build and run .NET Core 2.0 applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/redhat-developer/s2i-dotnetcore/tree/master/2.0/build/README.md.",
+ "iconClass": "icon-dotnet",
+ "tags": "builder,.net,dotnet,dotnetcore,rh-dotnet20",
+ "supports":"dotnet:2.0,dotnet",
+ "sampleRepo": "https://github.com/redhat-developer/s2i-dotnetcore-ex.git",
+ "sampleContextDir": "app",
+ "sampleRef": "dotnetcore-2.0",
+ "version": "2.0"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.centos.org/dotnet/dotnet-20-centos7:latest"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "dotnet-runtime",
+ "annotations": {
+ "openshift.io/display-name": ".NET Core Runtime Images"
+ }
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "latest",
+ "annotations": {
+ "openshift.io/display-name": ".NET Core Runtime (Latest)",
+ "description": "Run .NET Core applications on CentOS 7. For more information about using this image, including OpenShift considerations, see https://github.com/redhat-developer/s2i-dotnetcore/tree/master/2.0/runtime/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of .NET Core Runtime available on OpenShift, including major versions updates.",
+ "iconClass": "icon-dotnet",
+ "tags": "runtime,.net-runtime,dotnet-runtime,dotnetcore-runtime",
+ "supports":"dotnet-runtime"
+ },
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "2.0"
+ }
+ },
+ {
+ "name": "2.0",
+ "annotations": {
+ "openshift.io/display-name": ".NET Core 2.0 Runtime",
+ "description": "Run .NET Core applications on CentOS 7. For more information about using this image, including OpenShift considerations, see https://github.com/redhat-developer/s2i-dotnetcore/tree/master/2.0/runtime/README.md.",
+ "iconClass": "icon-dotnet",
+ "tags": "runtime,.net-runtime,dotnet-runtime,dotnetcore-runtime",
+ "supports":"dotnet-runtime",
+ "version": "2.0"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.centos.org/dotnet/dotnet-20-runtime-centos7:latest"
+ }
+ }
+ ]
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/image-streams/image-streams-centos7.json b/roles/openshift_examples/files/examples/v3.8/image-streams/image-streams-centos7.json
new file mode 100644
index 000000000..0aa586061
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/image-streams/image-streams-centos7.json
@@ -0,0 +1,971 @@
+{
+ "kind": "ImageStreamList",
+ "apiVersion": "v1",
+ "metadata": {},
+ "items": [
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "httpd",
+ "annotations": {
+ "openshift.io/display-name": "Apache HTTP Server (httpd)"
+ }
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "latest",
+ "annotations": {
+ "openshift.io/display-name": "Apache HTTP Server (Latest)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and serve static content via Apache HTTP Server (httpd) on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/httpd-container/blob/master/2.4/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of Httpd available on OpenShift, including major versions updates.",
+ "iconClass": "icon-apache",
+ "tags": "builder,httpd",
+ "supports":"httpd",
+ "sampleRepo": "https://github.com/openshift/httpd-ex.git"
+ },
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "2.4"
+ }
+ },
+ {
+ "name": "2.4",
+ "annotations": {
+ "openshift.io/display-name": "Apache HTTP Server 2.4",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and serve static content via Apache HTTP Server (httpd) 2.4 on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/httpd-container/blob/master/2.4/README.md.",
+ "iconClass": "icon-apache",
+ "tags": "builder,httpd",
+ "supports":"httpd",
+ "version": "2.4",
+ "sampleRepo": "https://github.com/openshift/httpd-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "centos/httpd-24-centos7:latest"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "ruby",
+ "annotations": {
+ "openshift.io/display-name": "Ruby"
+ }
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "latest",
+ "annotations": {
+ "openshift.io/display-name": "Ruby (Latest)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run Ruby applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-ruby-container/tree/master/2.3/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of Ruby available on OpenShift, including major versions updates.",
+ "iconClass": "icon-ruby",
+ "tags": "builder,ruby",
+ "supports": "ruby",
+ "sampleRepo": "https://github.com/openshift/ruby-ex.git"
+ },
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "2.4"
+ }
+ },
+ {
+ "name": "2.0",
+ "annotations": {
+ "openshift.io/display-name": "Ruby 2.0",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run Ruby 2.0 applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-ruby-container/tree/master/2.0/README.md.",
+ "iconClass": "icon-ruby",
+ "tags": "hidden,builder,ruby",
+ "supports": "ruby:2.0,ruby",
+ "version": "2.0",
+ "sampleRepo": "https://github.com/openshift/ruby-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "openshift/ruby-20-centos7:latest"
+ }
+ },
+ {
+ "name": "2.2",
+ "annotations": {
+ "openshift.io/display-name": "Ruby 2.2",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run Ruby 2.2 applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-ruby-container/tree/master/2.2/README.md.",
+ "iconClass": "icon-ruby",
+ "tags": "builder,ruby",
+ "supports": "ruby:2.2,ruby",
+ "version": "2.2",
+ "sampleRepo": "https://github.com/openshift/ruby-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "centos/ruby-22-centos7:latest"
+ }
+ },
+ {
+ "name": "2.3",
+ "annotations": {
+ "openshift.io/display-name": "Ruby 2.3",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run Ruby 2.3 applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-ruby-container/blob/master/2.3/README.md.",
+ "iconClass": "icon-ruby",
+ "tags": "builder,ruby",
+ "supports": "ruby:2.3,ruby",
+ "version": "2.3",
+ "sampleRepo": "https://github.com/openshift/ruby-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "centos/ruby-23-centos7:latest"
+ }
+ },
+ {
+ "name": "2.4",
+ "annotations": {
+ "openshift.io/display-name": "Ruby 2.4",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run Ruby 2.4 applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-ruby-container/blob/master/2.4/README.md.",
+ "iconClass": "icon-ruby",
+ "tags": "builder,ruby",
+ "supports": "ruby:2.4,ruby",
+ "version": "2.4",
+ "sampleRepo": "https://github.com/openshift/ruby-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "centos/ruby-24-centos7:latest"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "nodejs",
+ "annotations": {
+ "openshift.io/display-name": "Node.js"
+ }
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "latest",
+ "annotations": {
+ "openshift.io/display-name": "Node.js (Latest)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run Node.js applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-nodejs-container/blob/master/4/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of Node.js available on OpenShift, including major versions updates.",
+ "iconClass": "icon-nodejs",
+ "tags": "builder,nodejs",
+ "supports":"nodejs",
+ "sampleRepo": "https://github.com/openshift/nodejs-ex.git"
+ },
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "6"
+ }
+ },
+ {
+ "name": "0.10",
+ "annotations": {
+ "openshift.io/display-name": "Node.js 0.10",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "DEPRECATED: Build and run Node.js 0.10 applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-nodejs-container/blob/master/0.10/README.md.",
+ "iconClass": "icon-nodejs",
+ "tags": "hidden,nodejs",
+ "supports":"nodejs:0.10,nodejs:0.1,nodejs",
+ "version": "0.10",
+ "sampleRepo": "https://github.com/openshift/nodejs-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "openshift/nodejs-010-centos7:latest"
+ }
+ },
+ {
+ "name": "4",
+ "annotations": {
+ "openshift.io/display-name": "Node.js 4",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run Node.js 4 applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-nodejs-container/blob/master/4/README.md.",
+ "iconClass": "icon-nodejs",
+ "tags": "builder,nodejs",
+ "supports":"nodejs:4,nodejs",
+ "version": "4",
+ "sampleRepo": "https://github.com/openshift/nodejs-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "centos/nodejs-4-centos7:latest"
+ }
+ },
+ {
+ "name": "6",
+ "annotations": {
+ "openshift.io/display-name": "Node.js 6",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run Node.js 6 applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-nodejs-container/blob/master/6/README.md.",
+ "iconClass": "icon-nodejs",
+ "tags": "builder,nodejs",
+ "supports":"nodejs:6,nodejs",
+ "version": "6",
+ "sampleRepo": "https://github.com/openshift/nodejs-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "centos/nodejs-6-centos7:latest"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "perl",
+ "annotations": {
+ "openshift.io/display-name": "Perl"
+ }
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "latest",
+ "annotations": {
+ "openshift.io/display-name": "Perl (Latest)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run Perl applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-perl-container/blob/master/5.20/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of Perl available on OpenShift, including major versions updates.",
+ "iconClass": "icon-perl",
+ "tags": "builder,perl",
+ "supports":"perl",
+ "sampleRepo": "https://github.com/openshift/dancer-ex.git"
+ },
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "5.24"
+ }
+ },
+ {
+ "name": "5.16",
+ "annotations": {
+ "openshift.io/display-name": "Perl 5.16",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run Perl 5.16 applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-perl-container/blob/master/5.16/README.md.",
+ "iconClass": "icon-perl",
+ "tags": "hidden,builder,perl",
+ "supports":"perl:5.16,perl",
+ "version": "5.16",
+ "sampleRepo": "https://github.com/openshift/dancer-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "openshift/perl-516-centos7:latest"
+ }
+ },
+ {
+ "name": "5.20",
+ "annotations": {
+ "openshift.io/display-name": "Perl 5.20",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run Perl 5.20 applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-perl-container/blob/master/5.20/README.md.",
+ "iconClass": "icon-perl",
+ "tags": "builder,perl",
+ "supports":"perl:5.20,perl",
+ "version": "5.20",
+ "sampleRepo": "https://github.com/openshift/dancer-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "centos/perl-520-centos7:latest"
+ }
+ },
+ {
+ "name": "5.24",
+ "annotations": {
+ "openshift.io/display-name": "Perl 5.24",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run Perl 5.24 applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-perl-container/blob/master/5.24/README.md.",
+ "iconClass": "icon-perl",
+ "tags": "builder,perl",
+ "supports":"perl:5.24,perl",
+ "version": "5.24",
+ "sampleRepo": "https://github.com/openshift/dancer-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "centos/perl-524-centos7:latest"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "php",
+ "annotations": {
+ "openshift.io/display-name": "PHP"
+ }
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "latest",
+ "annotations": {
+ "openshift.io/display-name": "PHP (Latest)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run PHP applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-php-container/blob/master/5.6/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of PHP available on OpenShift, including major versions updates.",
+ "iconClass": "icon-php",
+ "tags": "builder,php",
+ "supports":"php",
+ "sampleRepo": "https://github.com/openshift/cakephp-ex.git"
+ },
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "7.0"
+ }
+ },
+ {
+ "name": "5.5",
+ "annotations": {
+ "openshift.io/display-name": "PHP 5.5",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run PHP 5.5 applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-php-container/blob/master/5.5/README.md.",
+ "iconClass": "icon-php",
+ "tags": "hidden,builder,php",
+ "supports":"php:5.5,php",
+ "version": "5.5",
+ "sampleRepo": "https://github.com/openshift/cakephp-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "openshift/php-55-centos7:latest"
+ }
+ },
+ {
+ "name": "5.6",
+ "annotations": {
+ "openshift.io/display-name": "PHP 5.6",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run PHP 5.6 applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-php-container/blob/master/5.6/README.md.",
+ "iconClass": "icon-php",
+ "tags": "builder,php",
+ "supports":"php:5.6,php",
+ "version": "5.6",
+ "sampleRepo": "https://github.com/openshift/cakephp-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "centos/php-56-centos7:latest"
+ }
+ },
+ {
+ "name": "7.0",
+ "annotations": {
+ "openshift.io/display-name": "PHP 7.0",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run PHP 7.0 applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-php-container/blob/master/7.0/README.md.",
+ "iconClass": "icon-php",
+ "tags": "builder,php",
+ "supports":"php:7.0,php",
+ "version": "7.0",
+ "sampleRepo": "https://github.com/openshift/cakephp-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "centos/php-70-centos7:latest"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "python",
+ "annotations": {
+ "openshift.io/display-name": "Python"
+ }
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "latest",
+ "annotations": {
+ "openshift.io/display-name": "Python (Latest)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run Python applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-python-container/blob/master/3.6/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of Python available on OpenShift, including major versions updates.",
+ "iconClass": "icon-python",
+ "tags": "builder,python",
+ "supports":"python",
+ "sampleRepo": "https://github.com/openshift/django-ex.git"
+ },
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "3.6"
+ }
+ },
+ {
+ "name": "3.3",
+ "annotations": {
+ "openshift.io/display-name": "Python 3.3",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run Python 3.3 applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-python-container/blob/master/3.3/README.md.",
+ "iconClass": "icon-python",
+ "tags": "hidden,builder,python",
+ "supports":"python:3.3,python",
+ "version": "3.3",
+ "sampleRepo": "https://github.com/openshift/django-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "openshift/python-33-centos7:latest"
+ }
+ },
+ {
+ "name": "2.7",
+ "annotations": {
+ "openshift.io/display-name": "Python 2.7",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run Python 2.7 applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-python-container/blob/master/2.7/README.md.",
+ "iconClass": "icon-python",
+ "tags": "builder,python",
+ "supports":"python:2.7,python",
+ "version": "2.7",
+ "sampleRepo": "https://github.com/openshift/django-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "centos/python-27-centos7:latest"
+ }
+ },
+ {
+ "name": "3.4",
+ "annotations": {
+ "openshift.io/display-name": "Python 3.4",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run Python 3.4 applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-python-container/blob/master/3.4/README.md.",
+ "iconClass": "icon-python",
+ "tags": "builder,python",
+ "supports":"python:3.4,python",
+ "version": "3.4",
+ "sampleRepo": "https://github.com/openshift/django-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "centos/python-34-centos7:latest"
+ }
+ },
+ {
+ "name": "3.5",
+ "annotations": {
+ "openshift.io/display-name": "Python 3.5",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run Python 3.5 applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-python-container/blob/master/3.5/README.md.",
+ "iconClass": "icon-python",
+ "tags": "builder,python",
+ "supports":"python:3.5,python",
+ "version": "3.5",
+ "sampleRepo": "https://github.com/openshift/django-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "centos/python-35-centos7:latest"
+ }
+ },
+ {
+ "name": "3.6",
+ "annotations": {
+ "openshift.io/display-name": "Python 3.6",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run Python 3.6 applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-python-container/blob/master/3.6/README.md.",
+ "iconClass": "icon-python",
+ "tags": "builder,python",
+ "supports":"python:3.6,python",
+ "version": "3.6",
+ "sampleRepo": "https://github.com/openshift/django-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "centos/python-36-centos7:latest"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "wildfly",
+ "annotations": {
+ "openshift.io/display-name": "WildFly"
+ }
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "latest",
+ "annotations": {
+ "openshift.io/display-name": "WildFly (Latest)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run WildFly applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/openshift-s2i/s2i-wildfly/blob/master/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of WildFly available on OpenShift, including major versions updates.",
+ "iconClass": "icon-wildfly",
+ "tags": "builder,wildfly,java",
+ "supports":"jee,java",
+ "sampleRepo": "https://github.com/openshift/openshift-jee-sample.git"
+ },
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "10.1"
+ }
+ },
+ {
+ "name": "8.1",
+ "annotations": {
+ "openshift.io/display-name": "WildFly 8.1",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run WildFly 8.1 applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/openshift-s2i/s2i-wildfly/blob/master/README.md.",
+ "iconClass": "icon-wildfly",
+ "tags": "builder,wildfly,java",
+ "supports":"wildfly:8.1,jee,java",
+ "version": "8.1",
+ "sampleRepo": "https://github.com/openshift/openshift-jee-sample.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "openshift/wildfly-81-centos7:latest"
+ }
+ },
+ {
+ "name": "9.0",
+ "annotations": {
+ "openshift.io/display-name": "WildFly 9.0",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run WildFly 9.0 applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/openshift-s2i/s2i-wildfly/blob/master/README.md.",
+ "iconClass": "icon-wildfly",
+ "tags": "builder,wildfly,java",
+ "supports":"wildfly:9.0,jee,java",
+ "version": "9.0",
+ "sampleRepo": "https://github.com/openshift/openshift-jee-sample.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "openshift/wildfly-90-centos7:latest"
+ }
+ },
+ {
+ "name": "10.0",
+ "annotations": {
+ "openshift.io/display-name": "WildFly 10.0",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run WildFly 10.0 applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/openshift-s2i/s2i-wildfly/blob/master/README.md.",
+ "iconClass": "icon-wildfly",
+ "tags": "builder,wildfly,java",
+ "supports":"wildfly:10.0,jee,java",
+ "version": "10.0",
+ "sampleRepo": "https://github.com/openshift/openshift-jee-sample.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "openshift/wildfly-100-centos7:latest"
+ }
+ },
+ {
+ "name": "10.1",
+ "annotations": {
+ "openshift.io/display-name": "WildFly 10.1",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run WildFly 10.1 applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/openshift-s2i/s2i-wildfly/blob/master/README.md.",
+ "iconClass": "icon-wildfly",
+ "tags": "builder,wildfly,java",
+ "supports":"wildfly:10.1,jee,java",
+ "version": "10.1",
+ "sampleRepo": "https://github.com/openshift/openshift-jee-sample.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "openshift/wildfly-101-centos7:latest"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "mysql",
+ "annotations": {
+ "openshift.io/display-name": "MySQL"
+ }
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "latest",
+ "annotations": {
+ "openshift.io/display-name": "MySQL (Latest)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Provides a MySQL database on CentOS 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/mysql-container/tree/master/5.6/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of MySQL available on OpenShift, including major versions updates.",
+ "iconClass": "icon-mysql-database",
+ "tags": "mysql"
+ },
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "5.7"
+ }
+ },
+ {
+ "name": "5.5",
+ "annotations": {
+ "openshift.io/display-name": "MySQL 5.5",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Provides a MySQL 5.5 database on CentOS 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/mysql-container/tree/master/5.5/README.md.",
+ "iconClass": "icon-mysql-database",
+ "tags": "hidden,mysql",
+ "version": "5.5"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "openshift/mysql-55-centos7:latest"
+ }
+ },
+ {
+ "name": "5.6",
+ "annotations": {
+ "openshift.io/display-name": "MySQL 5.6",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Provides a MySQL 5.6 database on CentOS 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/mysql-container/tree/master/5.6/README.md.",
+ "iconClass": "icon-mysql-database",
+ "tags": "mysql",
+ "version": "5.6"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "centos/mysql-56-centos7:latest"
+ }
+ },
+ {
+ "name": "5.7",
+ "annotations": {
+ "openshift.io/display-name": "MySQL 5.7",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Provides a MySQL 5.7 database on CentOS 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/mysql-container/tree/master/5.7/README.md.",
+ "iconClass": "icon-mysql-database",
+ "tags": "mysql",
+ "version": "5.7"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "centos/mysql-57-centos7:latest"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "mariadb",
+ "annotations": {
+ "openshift.io/display-name": "MariaDB"
+ }
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "latest",
+ "annotations": {
+ "openshift.io/display-name": "MariaDB (Latest)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Provides a MariaDB database on CentOS 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/mariadb-container/tree/master/10.1/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of MariaDB available on OpenShift, including major versions updates.",
+ "iconClass": "icon-mariadb",
+ "tags": "mariadb"
+ },
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "10.1"
+ }
+ },
+ {
+ "name": "10.1",
+ "annotations": {
+ "openshift.io/display-name": "MariaDB 10.1",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Provides a MariaDB 10.1 database on CentOS 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/mariadb-container/tree/master/10.1/README.md.",
+ "iconClass": "icon-mariadb",
+ "tags": "mariadb",
+ "version": "10.1"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "centos/mariadb-101-centos7:latest"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "postgresql",
+ "annotations": {
+ "openshift.io/display-name": "PostgreSQL"
+ }
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "latest",
+ "annotations": {
+ "openshift.io/display-name": "PostgreSQL (Latest)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Provides a PostgreSQL database on CentOS 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/postgresql-container/tree/master/9.5.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of PostgreSQL available on OpenShift, including major versions updates.",
+ "iconClass": "icon-postgresql",
+ "tags": "postgresql"
+ },
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "9.5"
+ }
+ },
+ {
+ "name": "9.2",
+ "annotations": {
+ "openshift.io/display-name": "PostgreSQL 9.2",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Provides a PostgreSQL 9.2 database on CentOS 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/postgresql-container/tree/master/9.2.",
+ "iconClass": "icon-postgresql",
+ "tags": "hidden,postgresql",
+ "version": "9.2"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "openshift/postgresql-92-centos7:latest"
+ }
+ },
+ {
+ "name": "9.4",
+ "annotations": {
+ "openshift.io/display-name": "PostgreSQL 9.4",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Provides a PostgreSQL 9.4 database on CentOS 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/postgresql-container/tree/master/9.4.",
+ "iconClass": "icon-postgresql",
+ "tags": "postgresql",
+ "version": "9.4"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "centos/postgresql-94-centos7:latest"
+ }
+ },
+ {
+ "name": "9.5",
+ "annotations": {
+ "openshift.io/display-name": "PostgreSQL 9.5",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Provides a PostgreSQL 9.5 database on CentOS 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/postgresql-container/tree/master/9.5.",
+ "iconClass": "icon-postgresql",
+ "tags": "postgresql",
+ "version": "9.5"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "centos/postgresql-95-centos7:latest"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "mongodb",
+ "annotations": {
+ "openshift.io/display-name": "MongoDB"
+ }
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "latest",
+ "annotations": {
+ "openshift.io/display-name": "MongoDB (Latest)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Provides a MongoDB database on CentOS 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/mongodb-container/tree/master/3.2/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of MongoDB available on OpenShift, including major versions updates.",
+ "iconClass": "icon-mongodb",
+ "tags": "mongodb"
+ },
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "3.2"
+ }
+ },
+ {
+ "name": "2.4",
+ "annotations": {
+ "openshift.io/display-name": "MongoDB 2.4",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Provides a MongoDB 2.4 database on CentOS 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/mongodb-container/tree/master/2.4/README.md.",
+ "iconClass": "icon-mongodb",
+ "tags": "hidden,mongodb",
+ "version": "2.4"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "openshift/mongodb-24-centos7:latest"
+ }
+ },
+ {
+ "name": "2.6",
+ "annotations": {
+ "openshift.io/display-name": "MongoDB 2.6",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Provides a MongoDB 2.6 database on CentOS 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/mongodb-container/tree/master/2.6/README.md.",
+ "iconClass": "icon-mongodb",
+ "tags": "mongodb",
+ "version": "2.6"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "centos/mongodb-26-centos7:latest"
+ }
+ },
+ {
+ "name": "3.2",
+ "annotations": {
+ "openshift.io/display-name": "MongoDB 3.2",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Provides a MongoDB 3.2 database on CentOS 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/mongodb-container/tree/master/3.2/README.md.",
+ "iconClass": "icon-mongodb",
+ "tags": "mongodb",
+ "version": "3.2"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "centos/mongodb-32-centos7:latest"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "redis",
+ "annotations": {
+ "openshift.io/display-name": "Redis"
+ }
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "latest",
+ "annotations": {
+ "openshift.io/display-name": "Redis (Latest)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Provides a Redis database on CentOS 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/redis-container/tree/master/3.2/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of Redis available on OpenShift, including major versions updates.",
+ "iconClass": "icon-redis",
+ "tags": "redis"
+ },
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "3.2"
+ }
+ },
+ {
+ "name": "3.2",
+ "annotations": {
+ "openshift.io/display-name": "Redis 3.2",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Provides a Redis 3.2 database on CentOS 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/redis-container/tree/master/3.2/README.md.",
+ "iconClass": "icon-redis",
+ "tags": "redis",
+ "version": "3.2"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "centos/redis-32-centos7:latest"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jenkins",
+ "annotations": {
+ "openshift.io/display-name": "Jenkins"
+ }
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "latest",
+ "annotations": {
+ "openshift.io/display-name": "Jenkins (Latest)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Provides a Jenkins server on CentOS 7. For more information about using this container image, including OpenShift considerations, see https://github.com/openshift/jenkins/blob/master/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of Jenkins available on OpenShift, including major versions updates.",
+ "iconClass": "icon-jenkins",
+ "tags": "jenkins"
+ },
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "2"
+ }
+ },
+ {
+ "name": "1",
+ "annotations": {
+ "openshift.io/display-name": "Jenkins 1.X",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Provides a Jenkins 1.X server on CentOS 7. For more information about using this container image, including OpenShift considerations, see https://github.com/openshift/jenkins/blob/master/README.md.",
+ "iconClass": "icon-jenkins",
+ "tags": "hidden,jenkins",
+ "version": "1.x"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "openshift/jenkins-1-centos7:latest"
+ }
+ },
+ {
+ "name": "2",
+ "annotations": {
+ "openshift.io/display-name": "Jenkins 2.X",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Provides a Jenkins v2.x server on CentOS 7. For more information about using this container image, including OpenShift considerations, see https://github.com/openshift/jenkins/blob/master/README.md.",
+ "iconClass": "icon-jenkins",
+ "tags": "jenkins",
+ "version": "2.x"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "openshift/jenkins-2-centos7:latest"
+ }
+ }
+ ]
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/image-streams/image-streams-rhel7.json b/roles/openshift_examples/files/examples/v3.8/image-streams/image-streams-rhel7.json
new file mode 100644
index 000000000..7ab9f4e59
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/image-streams/image-streams-rhel7.json
@@ -0,0 +1,873 @@
+{
+ "kind": "ImageStreamList",
+ "apiVersion": "v1",
+ "metadata": {},
+ "items": [
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "httpd",
+ "annotations": {
+ "openshift.io/display-name": "Apache HTTP Server (httpd)"
+ }
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "latest",
+ "annotations": {
+ "openshift.io/display-name": "Apache HTTP Server (Latest)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and serve static content via Apache HTTP Server (httpd) on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/httpd-container/blob/master/2.4/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of Httpd available on OpenShift, including major versions updates.",
+ "iconClass": "icon-apache",
+ "tags": "builder,httpd",
+ "supports":"httpd",
+ "sampleRepo": "https://github.com/openshift/httpd-ex.git"
+ },
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "2.4"
+ }
+ },
+ {
+ "name": "2.4",
+ "annotations": {
+ "openshift.io/display-name": "Apache HTTP Server 2.4",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and serve static content via Apache HTTP Server (httpd) 2.4 on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/httpd-container/blob/master/2.4/README.md.",
+ "iconClass": "icon-apache",
+ "tags": "builder,httpd",
+ "supports":"httpd",
+ "version": "2.4",
+ "sampleRepo": "https://github.com/openshift/httpd-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/rhscl/httpd-24-rhel7"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "ruby",
+ "annotations": {
+ "openshift.io/display-name": "Ruby"
+ }
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "latest",
+ "annotations": {
+ "openshift.io/display-name": "Ruby (Latest)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run Ruby applications on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-ruby-container/tree/master/2.3/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of Ruby available on OpenShift, including major versions updates.",
+ "iconClass": "icon-ruby",
+ "tags": "builder,ruby",
+ "supports": "ruby",
+ "sampleRepo": "https://github.com/openshift/ruby-ex.git"
+ },
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "2.4"
+ }
+ },
+ {
+ "name": "2.0",
+ "annotations": {
+ "openshift.io/display-name": "Ruby 2.0",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run Ruby 2.0 applications on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-ruby-container/tree/master/2.0/README.md.",
+ "iconClass": "icon-ruby",
+ "tags": "hidden,builder,ruby",
+ "supports": "ruby:2.0,ruby",
+ "version": "2.0",
+ "sampleRepo": "https://github.com/openshift/ruby-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/openshift3/ruby-20-rhel7:latest"
+ }
+ },
+ {
+ "name": "2.2",
+ "annotations": {
+ "openshift.io/display-name": "Ruby 2.2",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run Ruby 2.2 applications on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-ruby-container/tree/master/2.2/README.md.",
+ "iconClass": "icon-ruby",
+ "tags": "builder,ruby",
+ "supports": "ruby:2.2,ruby",
+ "version": "2.2",
+ "sampleRepo": "https://github.com/openshift/ruby-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/rhscl/ruby-22-rhel7:latest"
+ }
+ },
+ {
+ "name": "2.3",
+ "annotations": {
+ "openshift.io/display-name": "Ruby 2.3",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run Ruby 2.3 applications on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-ruby-container/blob/master/2.3/README.md.",
+ "iconClass": "icon-ruby",
+ "tags": "builder,ruby",
+ "supports": "ruby:2.3,ruby",
+ "version": "2.3",
+ "sampleRepo": "https://github.com/openshift/ruby-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/rhscl/ruby-23-rhel7:latest"
+ }
+ },
+ {
+ "name": "2.4",
+ "annotations": {
+ "openshift.io/display-name": "Ruby 2.4",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run Ruby 2.4 applications on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-ruby-container/blob/master/2.4/README.md.",
+ "iconClass": "icon-ruby",
+ "tags": "builder,ruby",
+ "supports": "ruby:2.4,ruby",
+ "version": "2.4",
+ "sampleRepo": "https://github.com/openshift/ruby-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/rhscl/ruby-24-rhel7:latest"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "nodejs",
+ "annotations": {
+ "openshift.io/display-name": "Node.js"
+ }
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "latest",
+ "annotations": {
+ "openshift.io/display-name": "Node.js (Latest)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run Node.js applications on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-nodejs-container/blob/master/4/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of Node.js available on OpenShift, including major versions updates.",
+ "iconClass": "icon-nodejs",
+ "tags": "builder,nodejs",
+ "supports":"nodejs",
+ "sampleRepo": "https://github.com/openshift/nodejs-ex.git"
+ },
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "6"
+ }
+ },
+ {
+ "name": "0.10",
+ "annotations": {
+ "openshift.io/display-name": "Node.js 0.10",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "DEPRECATED: Build and run Node.js 0.10 applications on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-nodejs-container/blob/master/0.10/README.md.",
+ "iconClass": "icon-nodejs",
+ "tags": "hidden,nodejs",
+ "supports":"nodejs:0.10,nodejs:0.1,nodejs",
+ "version": "0.10",
+ "sampleRepo": "https://github.com/openshift/nodejs-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/openshift3/nodejs-010-rhel7:latest"
+ }
+ },
+ {
+ "name": "4",
+ "annotations": {
+ "openshift.io/display-name": "Node.js 4",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run Node.js 4 applications on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-nodejs-container/blob/master/4/README.md.",
+ "iconClass": "icon-nodejs",
+ "tags": "builder,nodejs",
+ "supports":"nodejs:4,nodejs",
+ "version": "4",
+ "sampleRepo": "https://github.com/openshift/nodejs-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/rhscl/nodejs-4-rhel7:latest"
+ }
+ },
+ {
+ "name": "6",
+ "annotations": {
+ "openshift.io/display-name": "Node.js 6",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run Node.js 6 applications on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-nodejs-container.",
+ "iconClass": "icon-nodejs",
+ "tags": "builder,nodejs",
+ "supports":"nodejs:6,nodejs",
+ "version": "6",
+ "sampleRepo": "https://github.com/openshift/nodejs-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/rhscl/nodejs-6-rhel7:latest"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "perl",
+ "annotations": {
+ "openshift.io/display-name": "Perl"
+ }
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "latest",
+ "annotations": {
+ "openshift.io/display-name": "Perl (Latest)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run Perl applications on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-perl-container/blob/master/5.20/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of Perl available on OpenShift, including major versions updates.",
+ "iconClass": "icon-perl",
+ "tags": "builder,perl",
+ "supports":"perl",
+ "sampleRepo": "https://github.com/openshift/dancer-ex.git"
+ },
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "5.24"
+ }
+ },
+ {
+ "name": "5.16",
+ "annotations": {
+ "openshift.io/display-name": "Perl 5.16",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run Perl 5.16 applications on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-perl-container/blob/master/5.16/README.md.",
+ "iconClass": "icon-perl",
+ "tags": "hidden,builder,perl",
+ "supports":"perl:5.16,perl",
+ "version": "5.16",
+ "sampleRepo": "https://github.com/openshift/dancer-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/openshift3/perl-516-rhel7:latest"
+ }
+ },
+ {
+ "name": "5.20",
+ "annotations": {
+ "openshift.io/display-name": "Perl 5.20",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run Perl 5.20 applications on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-perl-container/blob/master/5.20/README.md.",
+ "iconClass": "icon-perl",
+ "tags": "builder,perl",
+ "supports":"perl:5.20,perl",
+ "version": "5.20",
+ "sampleRepo": "https://github.com/openshift/dancer-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/rhscl/perl-520-rhel7:latest"
+ }
+ },
+ {
+ "name": "5.24",
+ "annotations": {
+ "openshift.io/display-name": "Perl 5.24",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run Perl 5.24 applications on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-perl-container/blob/master/5.24/README.md.",
+ "iconClass": "icon-perl",
+ "tags": "builder,perl",
+ "supports":"perl:5.24,perl",
+ "version": "5.24",
+ "sampleRepo": "https://github.com/openshift/dancer-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/rhscl/perl-524-rhel7:latest"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "php",
+ "annotations": {
+ "openshift.io/display-name": "PHP"
+ }
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "latest",
+ "annotations": {
+ "openshift.io/display-name": "PHP (Latest)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run PHP applications on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-php-container/blob/master/5.6/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of PHP available on OpenShift, including major versions updates.",
+ "iconClass": "icon-php",
+ "tags": "builder,php",
+ "supports":"php",
+ "sampleRepo": "https://github.com/openshift/cakephp-ex.git"
+ },
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "7.0"
+ }
+ },
+ {
+ "name": "5.5",
+ "annotations": {
+ "openshift.io/display-name": "PHP 5.5",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run PHP 5.5 applications on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-php-container/blob/master/5.5/README.md.",
+ "iconClass": "icon-php",
+ "tags": "hidden,builder,php",
+ "supports":"php:5.5,php",
+ "version": "5.5",
+ "sampleRepo": "https://github.com/openshift/cakephp-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/openshift3/php-55-rhel7:latest"
+ }
+ },
+ {
+ "name": "5.6",
+ "annotations": {
+ "openshift.io/display-name": "PHP 5.6",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run PHP 5.6 applications on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-php-container/blob/master/5.6/README.md.",
+ "iconClass": "icon-php",
+ "tags": "builder,php",
+ "supports":"php:5.6,php",
+ "version": "5.6",
+ "sampleRepo": "https://github.com/openshift/cakephp-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/rhscl/php-56-rhel7:latest"
+ }
+ },
+ {
+ "name": "7.0",
+ "annotations": {
+ "openshift.io/display-name": "PHP 7.0",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run PHP 7.0 applications on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-php-container/blob/master/7.0/README.md.",
+ "iconClass": "icon-php",
+ "tags": "builder,php",
+ "supports":"php:7.0,php",
+ "version": "7.0",
+ "sampleRepo": "https://github.com/openshift/cakephp-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/rhscl/php-70-rhel7:latest"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "python",
+ "annotations": {
+ "openshift.io/display-name": "Python"
+ }
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "latest",
+ "annotations": {
+ "openshift.io/display-name": "Python (Latest)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run Python applications on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-python-container/blob/master/3.6/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of Python available on OpenShift, including major versions updates.",
+ "iconClass": "icon-python",
+ "tags": "builder,python",
+ "supports":"python",
+ "sampleRepo": "https://github.com/openshift/django-ex.git"
+ },
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "3.6"
+ }
+ },
+ {
+ "name": "3.3",
+ "annotations": {
+ "openshift.io/display-name": "Python 3.3",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run Python 3.3 applications on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-python-container/blob/master/3.3/README.md.",
+ "iconClass": "icon-python",
+ "tags": "hidden,builder,python",
+ "supports":"python:3.3,python",
+ "version": "3.3",
+ "sampleRepo": "https://github.com/openshift/django-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/openshift3/python-33-rhel7:latest"
+ }
+ },
+ {
+ "name": "2.7",
+ "annotations": {
+ "openshift.io/display-name": "Python 2.7",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run Python 2.7 applications on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-python-container/blob/master/2.7/README.md.",
+ "iconClass": "icon-python",
+ "tags": "builder,python",
+ "supports":"python:2.7,python",
+ "version": "2.7",
+ "sampleRepo": "https://github.com/openshift/django-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/rhscl/python-27-rhel7:latest"
+ }
+ },
+ {
+ "name": "3.4",
+ "annotations": {
+ "openshift.io/display-name": "Python 3.4",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run Python 3.4 applications on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-python-container/blob/master/3.4/README.md.",
+ "iconClass": "icon-python",
+ "tags": "builder,python",
+ "supports":"python:3.4,python",
+ "version": "3.4",
+ "sampleRepo": "https://github.com/openshift/django-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/rhscl/python-34-rhel7:latest"
+ }
+ },
+ {
+ "name": "3.5",
+ "annotations": {
+ "openshift.io/display-name": "Python 3.5",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run Python 3.5 applications on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-python-container/blob/master/3.5/README.md.",
+ "iconClass": "icon-python",
+ "tags": "builder,python",
+ "supports":"python:3.5,python",
+ "version": "3.5",
+ "sampleRepo": "https://github.com/openshift/django-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/rhscl/python-35-rhel7:latest"
+ }
+ },
+ {
+ "name": "3.6",
+ "annotations": {
+ "openshift.io/display-name": "Python 3.6",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run Python 3.6 applications on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-python-container/blob/master/3.6/README.md.",
+ "iconClass": "icon-python",
+ "tags": "builder,python",
+ "supports":"python:3.6,python",
+ "version": "3.6",
+ "sampleRepo": "https://github.com/openshift/django-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/rhscl/python-36-rhel7:latest"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "mysql",
+ "annotations": {
+ "openshift.io/display-name": "MySQL"
+ }
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "latest",
+ "annotations": {
+ "openshift.io/display-name": "MySQL (Latest)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Provides a MySQL database on RHEL 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/mysql-container/tree/master/5.6/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of MySQL available on OpenShift, including major versions updates.",
+ "iconClass": "icon-mysql-database",
+ "tags": "mysql"
+ },
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "5.7"
+ }
+ },
+ {
+ "name": "5.5",
+ "annotations": {
+ "openshift.io/display-name": "MySQL 5.5",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Provides a MySQL 5.5 database on RHEL 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/mysql-container/tree/master/5.5/README.md.",
+ "iconClass": "icon-mysql-database",
+ "tags": "hidden,mysql",
+ "version": "5.5"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/openshift3/mysql-55-rhel7:latest"
+ }
+ },
+ {
+ "name": "5.6",
+ "annotations": {
+ "openshift.io/display-name": "MySQL 5.6",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Provides a MySQL 5.6 database on RHEL 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/mysql-container/tree/master/5.6/README.md.",
+ "iconClass": "icon-mysql-database",
+ "tags": "mysql",
+ "version": "5.6"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/rhscl/mysql-56-rhel7:latest"
+ }
+ },
+ {
+ "name": "5.7",
+ "annotations": {
+ "openshift.io/display-name": "MySQL 5.7",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Provides a MySQL 5.7 database on RHEL 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/mysql-container/tree/master/5.7/README.md.",
+ "iconClass": "icon-mysql-database",
+ "tags": "mysql",
+ "version": "5.7"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/rhscl/mysql-57-rhel7:latest"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "mariadb",
+ "annotations": {
+ "openshift.io/display-name": "MariaDB"
+ }
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "latest",
+ "annotations": {
+ "openshift.io/display-name": "MariaDB (Latest)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Provides a MariaDB database on RHEL 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/mariadb-container/tree/master/10.1/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of MariaDB available on OpenShift, including major versions updates.",
+ "iconClass": "icon-mariadb",
+ "tags": "mariadb"
+ },
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "10.1"
+ }
+ },
+ {
+ "name": "10.1",
+ "annotations": {
+ "openshift.io/display-name": "MariaDB 10.1",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Provides a MariaDB 10.1 database on RHEL 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/mariadb-container/tree/master/10.1/README.md.",
+ "iconClass": "icon-mariadb",
+ "tags": "mariadb",
+ "version": "10.1"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/rhscl/mariadb-101-rhel7:latest"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "postgresql",
+ "annotations": {
+ "openshift.io/display-name": "PostgreSQL"
+ }
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "latest",
+ "annotations": {
+ "openshift.io/display-name": "PostgreSQL (Latest)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Provides a PostgreSQL database on RHEL 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/postgresql-container/tree/master/9.5.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of PostgreSQL available on OpenShift, including major versions updates.",
+ "iconClass": "icon-postgresql",
+ "tags": "postgresql"
+ },
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "9.5"
+ }
+ },
+ {
+ "name": "9.2",
+ "annotations": {
+ "openshift.io/display-name": "PostgreSQL 9.2",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Provides a PostgreSQL 9.2 database on RHEL 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/postgresql-container/tree/master/9.2.",
+ "iconClass": "icon-postgresql",
+ "tags": "hidden,postgresql",
+ "version": "9.2"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/openshift3/postgresql-92-rhel7:latest"
+ }
+ },
+ {
+ "name": "9.4",
+ "annotations": {
+ "openshift.io/display-name": "PostgreSQL 9.4",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Provides a PostgreSQL 9.4 database on RHEL 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/postgresql-container/tree/master/9.4.",
+ "iconClass": "icon-postgresql",
+ "tags": "postgresql",
+ "version": "9.4"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/rhscl/postgresql-94-rhel7:latest"
+ }
+ },
+ {
+ "name": "9.5",
+ "annotations": {
+ "openshift.io/display-name": "PostgreSQL 9.5",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Provides a PostgreSQL 9.5 database on RHEL 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/postgresql-container/tree/master/9.5.",
+ "iconClass": "icon-postgresql",
+ "tags": "postgresql",
+ "version": "9.5"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/rhscl/postgresql-95-rhel7:latest"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "mongodb",
+ "annotations": {
+ "openshift.io/display-name": "MongoDB"
+ }
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "latest",
+ "annotations": {
+ "openshift.io/display-name": "MongoDB (Latest)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Provides a MongoDB database on RHEL 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/mongodb-container/tree/master/3.2/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of MongoDB available on OpenShift, including major versions updates.",
+ "iconClass": "icon-mongodb",
+ "tags": "mongodb"
+ },
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "3.2"
+ }
+ },
+ {
+ "name": "2.4",
+ "annotations": {
+ "openshift.io/display-name": "MongoDB 2.4",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Provides a MongoDB 2.4 database on RHEL 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/mongodb-container/tree/master/2.4/README.md.",
+ "iconClass": "icon-mongodb",
+ "tags": "hidden,mongodb",
+ "version": "2.4"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/openshift3/mongodb-24-rhel7:latest"
+ }
+ },
+ {
+ "name": "2.6",
+ "annotations": {
+ "openshift.io/display-name": "MongoDB 2.6",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Provides a MongoDB 2.6 database on RHEL 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/mongodb-container/tree/master/2.6/README.md.",
+ "iconClass": "icon-mongodb",
+ "tags": "mongodb",
+ "version": "2.6"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/rhscl/mongodb-26-rhel7:latest"
+ }
+ },
+ {
+ "name": "3.2",
+ "annotations": {
+ "openshift.io/display-name": "MongoDB 3.2",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Provides a MongoDB 3.2 database on RHEL 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/mongodb-container/tree/master/3.2/README.md.",
+ "iconClass": "icon-mongodb",
+ "tags": "mongodb",
+ "version": "3.2"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/rhscl/mongodb-32-rhel7:latest"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "redis",
+ "annotations": {
+ "openshift.io/display-name": "Redis"
+ }
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "latest",
+ "annotations": {
+ "openshift.io/display-name": "Redis (Latest)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Provides a Redis database on RHEL 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/redis-container/tree/master/3.2/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of Redis available on OpenShift, including major versions updates.",
+ "iconClass": "icon-redis",
+ "tags": "redis"
+ },
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "3.2"
+ }
+ },
+ {
+ "name": "3.2",
+ "annotations": {
+ "openshift.io/display-name": "Redis 3.2",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Provides a Redis 3.2 database on RHEL 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/redis-container/tree/master/3.2/README.md.",
+ "iconClass": "icon-redis",
+ "tags": "redis",
+ "version": "3.2"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/rhscl/redis-32-rhel7:latest"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jenkins",
+ "annotations": {
+ "openshift.io/display-name": "Jenkins"
+ }
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "latest",
+ "annotations": {
+ "openshift.io/display-name": "Jenkins (Latest)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Provides a Jenkins server on RHEL 7. For more information about using this container image, including OpenShift considerations, see https://github.com/openshift/jenkins/blob/master/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of Jenkins available on OpenShift, including major versions updates.",
+ "iconClass": "icon-jenkins",
+ "tags": "jenkins"
+ },
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "2"
+ }
+ },
+ {
+ "name": "1",
+ "annotations": {
+ "openshift.io/display-name": "Jenkins 1.X",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Provides a Jenkins 1.X server on RHEL 7. For more information about using this container image, including OpenShift considerations, see https://github.com/openshift/jenkins/blob/master/README.md.",
+ "iconClass": "icon-jenkins",
+ "tags": "hidden,jenkins",
+ "version": "1.x"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/openshift3/jenkins-1-rhel7:latest"
+ }
+ },
+ {
+ "name": "2",
+ "annotations": {
+ "openshift.io/display-name": "Jenkins 2.X",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Provides a Jenkins 2.X server on RHEL 7. For more information about using this container image, including OpenShift considerations, see https://github.com/openshift/jenkins/blob/master/README.md.",
+ "iconClass": "icon-jenkins",
+ "tags": "jenkins",
+ "version": "2.x"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/openshift3/jenkins-2-rhel7:latest"
+ }
+ }
+ ]
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/quickstart-templates/OWNERS b/roles/openshift_examples/files/examples/v3.8/quickstart-templates/OWNERS
new file mode 100644
index 000000000..a26e484d6
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/quickstart-templates/OWNERS
@@ -0,0 +1,12 @@
+reviewers:
+ - bparees
+ - gabemontero
+ - coreydaley
+ - dinhxuanvu
+ - sspeiche
+ - mfojtik
+ - jupierce
+approvers:
+ - bparees
+ - mfojtik
+ - jupierce
diff --git a/roles/openshift_examples/files/examples/v3.8/quickstart-templates/README.md b/roles/openshift_examples/files/examples/v3.8/quickstart-templates/README.md
new file mode 100644
index 000000000..6d2ccbf7f
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/quickstart-templates/README.md
@@ -0,0 +1,28 @@
+QuickStarts
+===========
+
+QuickStarts provide the basic skeleton of an application. Generally they
+reference a repository containing very simple source code that implements a
+trivial application using a particular framework. In addition they define any
+components needed for the application including a Build configuration,
+supporting services such as Databases, etc.
+
+You can instantiate these templates as is, or fork the source repository they
+reference and supply your forked repository as the source-repository when
+instantiating them.
+
+* [CakePHP](https://raw.githubusercontent.com/openshift/cakephp-ex/master/openshift/templates/cakephp-mysql.json) - Provides a basic CakePHP application with a MySQL database. For more information see the [source repository](https://github.com/openshift/cakephp-ex).
+* [CakePHP persistent](https://raw.githubusercontent.com/openshift/cakephp-ex/master/openshift/templates/cakephp-mysql-persistent.json) - Provides a basic CakePHP application with a persistent MySQL database. Note: requires available persistent volumes. For more information see the [source repository](https://github.com/openshift/cakephp-ex).
+* [Dancer](https://raw.githubusercontent.com/openshift/dancer-ex/master/openshift/templates/dancer-mysql.json) - Provides a basic Dancer (Perl) application with a MySQL database. For more information see the [source repository](https://github.com/openshift/dancer-ex).
+* [Dancer persistent](https://raw.githubusercontent.com/openshift/dancer-ex/master/openshift/templates/dancer-mysql-persistent.json) - Provides a basic Dancer (Perl) application with a persistent MySQL database. Note: requires available persistent volumes. For more information see the [source repository](https://github.com/openshift/dancer-ex).
+* [Django](https://raw.githubusercontent.com/openshift/django-ex/master/openshift/templates/django-postgresql.json) - Provides a basic Django (Python) application with a PostgreSQL database. For more information see the [source repository](https://github.com/openshift/django-ex).
+* [Django persistent](https://raw.githubusercontent.com/openshift/django-ex/master/openshift/templates/django-postgresql-persistent.json) - Provides a basic Django (Python) application with a persistent PostgreSQL database. Note: requires available persistent volumes. For more information see the [source repository](https://github.com/openshift/django-ex).
+* [Httpd](https://raw.githubusercontent.com/openshift/httpd-ex/master/openshift/templates/httpd.json) - Provides a basic Httpd static content application. For more information see the [source repository](https://github.com/openshift/httpd-ex).
+* [NodeJS](https://raw.githubusercontent.com/openshift/nodejs-ex/master/openshift/templates/nodejs-mongodb.json) - Provides a basic NodeJS application with a MongoDB database. For more information see the [source repository](https://github.com/openshift/nodejs-ex).
+* [NodeJS persistent](https://raw.githubusercontent.com/openshift/nodejs-ex/master/openshift/templates/nodejs-mongodb-persistent.json) - Provides a basic NodeJS application with a persistent MongoDB database. Note: requires available persistent volumes. For more information see the [source repository](https://github.com/openshift/nodejs-ex).
+* [Rails](https://raw.githubusercontent.com/openshift/rails-ex/master/openshift/templates/rails-postgresql.json) - Provides a basic Rails (Ruby) application with a PostgreSQL database. For more information see the [source repository](https://github.com/openshift/rails-ex).
+* [Rails persistent](https://raw.githubusercontent.com/openshift/rails-ex/master/openshift/templates/rails-postgresql-persistent.json) - Provides a basic Rails (Ruby) application with a persistent PostgreSQL database. Note: requires available persistent volumes. For more information see the [source repository](https://github.com/openshift/rails-ex).
+
+Note: This file is processed by `hack/update-external-examples.sh`. New examples
+must follow the exact syntax of the existing entries. Files in this directory
+are automatically pulled down, do not modify/add files to this directory.
diff --git a/roles/openshift_examples/files/examples/v3.8/quickstart-templates/amp.yml b/roles/openshift_examples/files/examples/v3.8/quickstart-templates/amp.yml
new file mode 100644
index 000000000..4e469f6e8
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/quickstart-templates/amp.yml
@@ -0,0 +1,1261 @@
+base_env: &base_env
+- name: RAILS_ENV
+ value: "production"
+- name: DATABASE_URL
+ value: "mysql2://root:${MYSQL_ROOT_PASSWORD}@system-mysql/${MYSQL_DATABASE}"
+- name: FORCE_SSL
+ value: "true"
+- name: THREESCALE_SUPERDOMAIN
+ value: "${WILDCARD_DOMAIN}"
+- name: TENANT_NAME
+ value: "${TENANT_NAME}"
+- name: APICAST_ACCESS_TOKEN
+ value: "${APICAST_ACCESS_TOKEN}"
+- name: ADMIN_ACCESS_TOKEN
+ value: "${ADMIN_ACCESS_TOKEN}"
+- name: PROVIDER_PLAN
+ value: 'enterprise'
+- name: USER_LOGIN
+ value: "${ADMIN_USERNAME}"
+- name: USER_PASSWORD
+ value: "${ADMIN_PASSWORD}"
+- name: RAILS_LOG_TO_STDOUT
+ value: "true"
+- name: RAILS_LOG_LEVEL
+ value: "info"
+- name: THINKING_SPHINX_ADDRESS
+ value: "system-sphinx"
+- name: THINKING_SPHINX_PORT
+ value: "9306"
+- name: THINKING_SPHINX_CONFIGURATION_FILE
+ value: "/tmp/sphinx.conf"
+- name: EVENTS_SHARED_SECRET
+ value: "${SYSTEM_BACKEND_SHARED_SECRET}"
+- name: THREESCALE_SANDBOX_PROXY_OPENSSL_VERIFY_MODE
+ value: "VERIFY_NONE"
+- name: APICAST_BACKEND_ROOT_ENDPOINT
+ value: "https://backend-${TENANT_NAME}.${WILDCARD_DOMAIN}"
+- name: CONFIG_INTERNAL_API_USER
+ value: "${SYSTEM_BACKEND_USERNAME}"
+- name: CONFIG_INTERNAL_API_PASSWORD
+ value: "${SYSTEM_BACKEND_PASSWORD}"
+- name: SECRET_KEY_BASE
+ value: "${SYSTEM_APP_SECRET_KEY_BASE}"
+- name: AMP_RELEASE
+ value: "${AMP_RELEASE}"
+- name: SMTP_ADDRESS
+ valueFrom:
+ configMapKeyRef:
+ name: smtp
+ key: address
+- name: SMTP_USER_NAME
+ valueFrom:
+ configMapKeyRef:
+ name: smtp
+ key: username
+- name: SMTP_PASSWORD
+ valueFrom:
+ configMapKeyRef:
+ name: smtp
+ key: password
+- name: SMTP_DOMAIN
+ valueFrom:
+ configMapKeyRef:
+ name: smtp
+ key: domain
+- name: SMTP_PORT
+ valueFrom:
+ configMapKeyRef:
+ name: smtp
+ key: port
+- name: SMTP_AUTHENTICATION
+ valueFrom:
+ configMapKeyRef:
+ name: smtp
+ key: authentication
+- name: SMTP_OPENSSL_VERIFY_MODE
+ valueFrom:
+ configMapKeyRef:
+ name: smtp
+ key: openssl.verify.mode
+- name: BACKEND_ROUTE
+ value: "https://backend-${TENANT_NAME}.${WILDCARD_DOMAIN}"
+
+apiVersion: v1
+kind: Template
+metadata:
+ name: "system"
+message: "Login on https://${TENANT_NAME}-admin.${WILDCARD_DOMAIN} as ${ADMIN_USERNAME}/${ADMIN_PASSWORD}"
+objects:
+
+- apiVersion: "v1"
+ kind: "PersistentVolumeClaim"
+ metadata:
+ name: "system-storage"
+ spec:
+ accessModes:
+ - "ReadWriteMany"
+ resources:
+ requests:
+ storage: "100Mi"
+
+- apiVersion: "v1"
+ kind: "PersistentVolumeClaim"
+ metadata:
+ name: "mysql-storage"
+ spec:
+ accessModes:
+ - "ReadWriteOnce"
+ resources:
+ requests:
+ storage: "1Gi"
+
+- apiVersion: "v1"
+ kind: "PersistentVolumeClaim"
+ metadata:
+ name: "system-redis-storage"
+ spec:
+ accessModes:
+ - "ReadWriteOnce"
+ resources:
+ requests:
+ storage: "1Gi"
+
+- apiVersion: "v1"
+ kind: "PersistentVolumeClaim"
+ metadata:
+ name: "backend-redis-storage"
+ spec:
+ accessModes:
+ - "ReadWriteOnce"
+ resources:
+ requests:
+ storage: "1Gi"
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: backend-cron
+ spec:
+ replicas: 1
+ selector:
+ name: backend-cron
+ strategy:
+ rollingParams:
+ intervalSeconds: 1
+ maxSurge: 25%
+ maxUnavailable: 25%
+ timeoutSeconds: 600
+ updatePeriodSeconds: 1
+ type: Rolling
+ template:
+ metadata:
+ labels:
+ name: backend-cron
+ spec:
+ containers:
+ - args:
+ - backend-cron
+ env:
+ - name: CONFIG_REDIS_PROXY
+ value: "backend-redis:6379"
+ - name: CONFIG_QUEUES_MASTER_NAME
+ value: "backend-redis:6379/1"
+ - name: RACK_ENV
+ value: "production"
+ image: 3scale-amp20/backend:1.0-2
+ imagePullPolicy: IfNotPresent
+ name: backend-cron
+ triggers:
+ - type: ConfigChange
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: backend-redis
+ spec:
+ replicas: 1
+ selector:
+ name: backend-redis
+ strategy:
+ type: Recreate
+ template:
+ metadata:
+ labels:
+ name: backend-redis
+ spec:
+ containers:
+ - image: ${REDIS_IMAGE}
+ imagePullPolicy: IfNotPresent
+ name: backend-redis
+ readinessProbe:
+ exec:
+ command:
+ - "container-entrypoint"
+ - "bash"
+ - "-c"
+ - "redis-cli set liveness-probe \"`date`\" | grep OK"
+ initialDelaySeconds: 10
+ periodSeconds: 30
+ timeoutSeconds: 1
+ livenessProbe:
+ tcpSocket:
+ port: 6379
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ volumeMounts:
+ - name: backend-redis-storage
+ mountPath: "/var/lib/redis/data"
+ - name: redis-config
+ mountPath: /etc/redis.conf
+ subPath: redis.conf
+ volumes:
+ - name: backend-redis-storage
+ persistentVolumeClaim:
+ claimName: backend-redis-storage
+ - name: redis-config
+ configMap:
+ name: redis-config
+ items:
+ - key: redis.conf
+ path: redis.conf
+ triggers:
+ - type: ConfigChange
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: backend-listener
+ spec:
+ replicas: 1
+ selector:
+ name: backend-listener
+ strategy:
+ rollingParams:
+ intervalSeconds: 1
+ maxSurge: 25%
+ maxUnavailable: 25%
+ timeoutSeconds: 600
+ updatePeriodSeconds: 1
+ type: Rolling
+ template:
+ metadata:
+ labels:
+ name: backend-listener
+ spec:
+ containers:
+ - args:
+ - 3scale_backend
+ - start
+ - "-e"
+ - production
+ - "-p"
+ - '3000'
+ - "-x"
+ - "/dev/stdout"
+ env:
+ - name: CONFIG_REDIS_PROXY
+ value: "backend-redis:6379"
+ - name: CONFIG_QUEUES_MASTER_NAME
+ value: "backend-redis:6379/1"
+ - name: RACK_ENV
+ value: "production"
+ - name: CONFIG_INTERNAL_API_USER
+ value: "${SYSTEM_BACKEND_USERNAME}"
+ - name: CONFIG_INTERNAL_API_PASSWORD
+ value: "${SYSTEM_BACKEND_PASSWORD}"
+ image: 3scale-amp20/backend:1.0-2
+ imagePullPolicy: IfNotPresent
+ name: backend-listener
+ livenessProbe:
+ initialDelaySeconds: 30
+ periodSeconds: 10
+ tcpSocket:
+ port: 3000
+ readinessProbe:
+ httpGet:
+ path: "/status"
+ port: 3000
+ initialDelaySeconds: 30
+ timeoutSeconds: 5
+ ports:
+ - containerPort: 3000
+ protocol: TCP
+ triggers:
+ - type: ConfigChange
+
+- apiVersion: v1
+ kind: Service
+ metadata:
+ name: backend-redis
+ spec:
+ ports:
+ - port: 6379
+ protocol: TCP
+ targetPort: 6379
+ selector:
+ name: backend-redis
+
+- apiVersion: v1
+ kind: Service
+ metadata:
+ name: backend-listener
+ spec:
+ ports:
+ - port: 3000
+ protocol: TCP
+ targetPort: 3000
+ name: http
+ selector:
+ name: backend-listener
+
+- apiVersion: v1
+ kind: Service
+ metadata:
+ name: system-provider
+ spec:
+ ports:
+ - port: 3000
+ protocol: TCP
+ targetPort: provider
+ name: http
+ selector:
+ name: system-app
+
+- apiVersion: v1
+ kind: Service
+ metadata:
+ name: system-developer
+ spec:
+ ports:
+ - port: 3000
+ protocol: TCP
+ targetPort: developer
+ name: http
+ selector:
+ name: system-app
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: backend-worker
+ spec:
+ replicas: 1
+ selector:
+ name: backend-worker
+ strategy:
+ rollingParams:
+ intervalSeconds: 1
+ maxSurge: 25%
+ maxUnavailable: 25%
+ timeoutSeconds: 600
+ updatePeriodSeconds: 1
+ type: Rolling
+ template:
+ metadata:
+ labels:
+ name: backend-worker
+ spec:
+ containers:
+ - args:
+ - 3scale_backend_worker
+ - run
+ env:
+ - name: CONFIG_REDIS_PROXY
+ value: "backend-redis:6379"
+ - name: CONFIG_QUEUES_MASTER_NAME
+ value: "backend-redis:6379/1"
+ - name: RACK_ENV
+ value: "production"
+ - name: CONFIG_EVENTS_HOOK
+ value: http://system-provider:3000/master/events/import
+ - name: CONFIG_EVENTS_HOOK_SHARED_SECRET
+ value: ${SYSTEM_BACKEND_SHARED_SECRET}
+ image: 3scale-amp20/backend:1.0-2
+ imagePullPolicy: IfNotPresent
+ name: backend-worker
+ triggers:
+ - type: ConfigChange
+
+- kind: Service
+ apiVersion: v1
+ metadata:
+ name: 'system-mysql'
+ spec:
+ ports:
+ - name: system-mysql
+ protocol: TCP
+ port: 3306
+ targetPort: 3306
+ nodePort: 0
+ selector:
+ name: 'system-mysql'
+- apiVersion: v1
+ kind: Service
+ metadata:
+ name: system-redis
+ spec:
+ ports:
+ - port: 6379
+ protocol: TCP
+ targetPort: 6379
+ name: redis
+ selector:
+ name: system-redis
+
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: system-redis
+ spec:
+ replicas: 1
+ selector:
+ name: system-redis
+ strategy:
+ type: Recreate
+ template:
+ metadata:
+ labels:
+ name: system-redis
+ spec:
+ containers:
+ - args:
+ image: ${REDIS_IMAGE}
+ imagePullPolicy: IfNotPresent
+ name: system-redis
+ terminationMessagePath: /dev/termination-log
+ volumeMounts:
+ - name: system-redis-storage
+ mountPath: "/var/lib/redis/data"
+ - name: redis-config
+ mountPath: /etc/redis.conf
+ subPath: redis.conf
+ readinessProbe:
+ exec:
+ command:
+ - "container-entrypoint"
+ - "bash"
+ - "-c"
+ - "redis-cli set liveness-probe \"`date`\" | grep OK"
+ initialDelaySeconds: 30
+ periodSeconds: 10
+ timeoutSeconds: 5
+ livenessProbe:
+ tcpSocket:
+ port: 6379
+ initialDelaySeconds: 10
+ periodSeconds: 5
+ volumes:
+ - name: system-redis-storage
+ persistentVolumeClaim:
+ claimName: system-redis-storage
+ - name: redis-config
+ configMap:
+ name: redis-config
+ items:
+ - key: redis.conf
+ path: redis.conf
+ triggers:
+ - type: ConfigChange
+
+- apiVersion: v1
+ kind: Service
+ metadata:
+ name: system-sphinx
+ spec:
+ ports:
+ - port: 9306
+ protocol: TCP
+ targetPort: 9306
+ name: sphinx
+ selector:
+ name: system-sphinx
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: system-sphinx
+ spec:
+ replicas: 1
+ selector:
+ name: system-sphinx
+ strategy:
+ rollingParams:
+ intervalSeconds: 1
+ maxSurge: 25%
+ maxUnavailable: 25%
+ timeoutSeconds: 600
+ updatePeriodSeconds: 1
+ type: Rolling
+ template:
+ metadata:
+ labels:
+ name: system-sphinx
+ spec:
+ volumes:
+ - name: system-sphinx-database
+ emptyDir: {}
+ containers:
+ - args:
+ - rake
+ - 'openshift:thinking_sphinx:start'
+ volumeMounts:
+ - name: system-sphinx-database
+ mountPath: "/opt/system/db/sphinx"
+ env:
+ - name: RAILS_ENV
+ value: production
+ - name: DATABASE_URL
+ value: "mysql2://root:${MYSQL_ROOT_PASSWORD}@system-mysql/${MYSQL_DATABASE}"
+ - name: THINKING_SPHINX_ADDRESS
+ value: 0.0.0.0
+ - name: THINKING_SPHINX_CONFIGURATION_FILE
+ value: "db/sphinx/production.conf"
+ - name: THINKING_SPHINX_PID_FILE
+ value: db/sphinx/searchd.pid
+ - name: DELTA_INDEX_INTERVAL
+ value: '5'
+ - name: FULL_REINDEX_INTERVAL
+ value: '60'
+ image: 3scale-amp20/system:1.0-2
+ imagePullPolicy: IfNotPresent
+ name: system-sphinx
+ livenessProbe:
+ tcpSocket:
+ port: 9306
+ initialDelaySeconds: 60
+ periodSeconds: 10
+ triggers:
+ - type: ConfigChange
+
+- apiVersion: v1
+ kind: Service
+ metadata:
+ name: system-memcache
+ spec:
+ ports:
+ - port: 11211
+ protocol: TCP
+ targetPort: 11211
+ name: memcache
+ selector:
+ name: system-memcache
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: system-memcache
+ spec:
+ replicas: 1
+ selector:
+ name: system-memcache
+ strategy:
+ rollingParams:
+ intervalSeconds: 1
+ maxSurge: 25%
+ maxUnavailable: 25%
+ timeoutSeconds: 600
+ updatePeriodSeconds: 1
+ type: Rolling
+ template:
+ metadata:
+ labels:
+ name: system-memcache
+ spec:
+ containers:
+ - args:
+ env:
+ image: 3scale-amp20/memcached:1.4.15-7
+ imagePullPolicy: IfNotPresent
+ name: memcache
+ readinessProbe:
+ exec:
+ command:
+ - "sh"
+ - "-c"
+ - "echo version | nc $HOSTNAME 11211 | grep VERSION"
+ initialDelaySeconds: 10
+ periodSeconds: 30
+ timeoutSeconds: 5
+ livenessProbe:
+ tcpSocket:
+ port: 11211
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ command:
+ - "memcached"
+ - "-m"
+ - "64"
+ ports:
+ - containerPort: 6379
+ protocol: TCP
+ triggers:
+ - type: ConfigChange
+
+- apiVersion: v1
+ kind: Route
+ metadata:
+ name: system-provider-admin-route
+ labels:
+ app: system-route
+ spec:
+ host: ${TENANT_NAME}-admin.${WILDCARD_DOMAIN}
+ to:
+ kind: Service
+ name: system-provider
+ port:
+ targetPort: http
+ tls:
+ termination: edge
+ insecureEdgeTerminationPolicy: Allow
+
+- apiVersion: v1
+ kind: Route
+ metadata:
+ name: backend-route
+ labels:
+ app: system-route
+ spec:
+ host: backend-${TENANT_NAME}.${WILDCARD_DOMAIN}
+ to:
+ kind: Service
+ name: backend-listener
+ port:
+ targetPort: http
+ tls:
+ termination: edge
+ insecureEdgeTerminationPolicy: Allow
+
+- apiVersion: v1
+ kind: Route
+ metadata:
+ name: system-developer-route
+ labels:
+ app: system-route
+ spec:
+ host: ${TENANT_NAME}.${WILDCARD_DOMAIN}
+ to:
+ kind: Service
+ name: system-developer
+ port:
+ targetPort: http
+ tls:
+ termination: edge
+ insecureEdgeTerminationPolicy: Allow
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: apicast-staging
+ spec:
+ replicas: 1
+ selector:
+ deploymentconfig: apicast-staging
+ strategy:
+ rollingParams:
+ intervalSeconds: 1
+ maxSurge: 25%
+ maxUnavailable: 25%
+ timeoutSeconds: 1800
+ updatePeriodSeconds: 1
+ type: Rolling
+ template:
+ metadata:
+ labels:
+ deploymentconfig: apicast-staging
+ spec:
+ containers:
+ - env:
+ - name: THREESCALE_PORTAL_ENDPOINT
+ value: http://${APICAST_ACCESS_TOKEN}@system-provider:3000
+ - name: APICAST_CONFIGURATION_LOADER
+ value: "lazy"
+ - name: APICAST_CONFIGURATION_CACHE
+ value: "0"
+ - name: THREESCALE_DEPLOYMENT_ENV
+ value: "sandbox"
+ - name: APICAST_MANAGEMENT_API
+ value: "${APICAST_MANAGEMENT_API}"
+ - name: BACKEND_ENDPOINT_OVERRIDE
+ value: http://backend-listener:3000
+ - name: OPENSSL_VERIFY
+ value: '${APICAST_OPENSSL_VERIFY}'
+ - name: APICAST_RESPONSE_CODES
+ value: '${APICAST_RESPONSE_CODES}'
+ - name: REDIS_URL
+ value: "redis://system-redis:6379/2"
+ image: 3scale-amp20/apicast-gateway:1.0-3
+ imagePullPolicy: IfNotPresent
+ name: apicast-staging
+ livenessProbe:
+ httpGet:
+ path: /status/live
+ port: 8090
+ initialDelaySeconds: 10
+ timeoutSeconds: 5
+ periodSeconds: 10
+ readinessProbe:
+ httpGet:
+ path: /status/ready
+ port: 8090
+ initialDelaySeconds: 15
+ timeoutSeconds: 5
+ periodSeconds: 30
+ ports:
+ - containerPort: 8080
+ protocol: TCP
+ - containerPort: 8090
+ protocol: TCP
+ triggers:
+ - type: ConfigChange
+
+- apiVersion: v1
+ kind: Service
+ metadata:
+ name: apicast-staging
+ spec:
+ ports:
+ - name: gateway
+ port: 8080
+ protocol: TCP
+ targetPort: 8080
+ - name: management
+ port: 8090
+ protocol: TCP
+ targetPort: 8090
+ selector:
+ deploymentconfig: apicast-staging
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: apicast-production
+ spec:
+ replicas: 1
+ selector:
+ deploymentconfig: apicast-production
+ strategy:
+ rollingParams:
+ intervalSeconds: 1
+ maxSurge: 25%
+ maxUnavailable: 25%
+ timeoutSeconds: 1800
+ updatePeriodSeconds: 1
+ type: Rolling
+ template:
+ metadata:
+ labels:
+ deploymentconfig: apicast-production
+ spec:
+ containers:
+ - env:
+ - name: THREESCALE_PORTAL_ENDPOINT
+ value: "http://${APICAST_ACCESS_TOKEN}@system-provider:3000"
+ - name: APICAST_CONFIGURATION_LOADER
+ value: "boot"
+ - name: APICAST_CONFIGURATION_CACHE
+ value: "300"
+ - name: THREESCALE_DEPLOYMENT_ENV
+ value: "production"
+ - name: APICAST_MANAGEMENT_API
+ value: "${APICAST_MANAGEMENT_API}"
+ - name: BACKEND_ENDPOINT_OVERRIDE
+ value: http://backend-listener:3000
+ - name: OPENSSL_VERIFY
+ value: '${APICAST_OPENSSL_VERIFY}'
+ - name: APICAST_RESPONSE_CODES
+ value: '${APICAST_RESPONSE_CODES}'
+ - name: REDIS_URL
+ value: "redis://system-redis:6379/1"
+ image: 3scale-amp20/apicast-gateway:1.0-3
+ imagePullPolicy: IfNotPresent
+ name: apicast-production
+ livenessProbe:
+ httpGet:
+ path: /status/live
+ port: 8090
+ initialDelaySeconds: 10
+ timeoutSeconds: 5
+ periodSeconds: 10
+ readinessProbe:
+ httpGet:
+ path: /status/ready
+ port: 8090
+ initialDelaySeconds: 15
+ timeoutSeconds: 5
+ periodSeconds: 30
+ ports:
+ - containerPort: 8080
+ protocol: TCP
+ - containerPort: 8090
+ protocol: TCP
+ triggers:
+ - type: ConfigChange
+
+- apiVersion: v1
+ kind: Service
+ metadata:
+ name: apicast-production
+ spec:
+ ports:
+ - name: gateway
+ port: 8080
+ protocol: TCP
+ targetPort: 8080
+ - name: management
+ port: 8090
+ protocol: TCP
+ targetPort: 8090
+ selector:
+ deploymentconfig: apicast-production
+
+- apiVersion: v1
+ kind: Route
+ metadata:
+ name: api-apicast-staging-route
+ labels:
+ app: apicast-staging
+ spec:
+ host: api-${TENANT_NAME}-apicast-staging.${WILDCARD_DOMAIN}
+ to:
+ kind: Service
+ name: apicast-staging
+ port:
+ targetPort: gateway
+ tls:
+ termination: edge
+ insecureEdgeTerminationPolicy: Allow
+
+- apiVersion: v1
+ kind: Route
+ metadata:
+ name: api-apicast-production-route
+ labels:
+ app: apicast-production
+ spec:
+ host: api-${TENANT_NAME}-apicast-production.${WILDCARD_DOMAIN}
+ to:
+ kind: Service
+ name: apicast-production
+ port:
+ targetPort: gateway
+ tls:
+ termination: edge
+ insecureEdgeTerminationPolicy: Allow
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: system-app
+ spec:
+ replicas: 1
+ selector:
+ name: system-app
+ strategy:
+ rollingParams:
+ intervalSeconds: 1
+ maxSurge: 25%
+ maxUnavailable: 25%
+ timeoutSeconds: 600
+ updatePeriodSeconds: 1
+ pre:
+ failurePolicy: Retry
+ execNewPod:
+ containerName: system-provider
+ command:
+ - bash
+ - -c
+ - bundle exec rake boot openshift:deploy
+ env: *base_env
+ volumes:
+ - system-storage
+ post:
+ failurePolicy: Abort
+ execNewPod:
+ containerName: system-provider
+ command:
+ - bash
+ - -c
+ - bundle exec rake boot openshift:post_deploy
+ type: Rolling
+ template:
+ metadata:
+ labels:
+ name: system-app
+ spec:
+ containers:
+ - args:
+ env: *base_env
+ image: 3scale-amp20/system:1.0-2
+ imagePullPolicy: IfNotPresent
+ command: ['env', 'TENANT_MODE=provider', 'PORT=3000', 'container-entrypoint', 'bundle', 'exec', 'unicorn', '-c', 'config/unicorn.rb']
+ name: system-provider
+ livenessProbe:
+ timeoutSeconds: 10
+ initialDelaySeconds: 20
+ tcpSocket:
+ port: provider
+ periodSeconds: 10
+ readinessProbe:
+ httpGet:
+ path: /check.txt
+ port: provider
+ scheme: HTTP
+ httpHeaders:
+ - name: X-Forwarded-Proto
+ value: https
+ initialDelaySeconds: 30
+ timeoutSeconds: 10
+ periodSeconds: 30
+ ports:
+ - containerPort: 3000
+ protocol: TCP
+ name: provider
+ volumeMounts:
+ - name: system-storage
+ mountPath: /opt/system/public/system
+ - args:
+ env: *base_env
+ image: 3scale-amp20/system:1.0-2
+ command: ['env', 'TENANT_MODE=developer', 'PORT=3001', 'container-entrypoint', 'bundle', 'exec', 'unicorn', '-c', 'config/unicorn.rb']
+ imagePullPolicy: IfNotPresent
+ name: system-developer
+ livenessProbe:
+ timeoutSeconds: 10
+ initialDelaySeconds: 20
+ tcpSocket:
+ port: developer
+ periodSeconds: 10
+ readinessProbe:
+ httpGet:
+ path: /check.txt
+ port: developer
+ scheme: HTTP
+ httpHeaders:
+ - name: X-Forwarded-Proto
+ value: https
+ initialDelaySeconds: 30
+ timeoutSeconds: 10
+ periodSeconds: 30
+ ports:
+ - containerPort: 3001
+ protocol: TCP
+ name: developer
+ volumeMounts:
+ - name: system-storage
+ mountPath: /opt/system/public/system
+ readOnly: true
+ volumes:
+ - name: system-storage
+ persistentVolumeClaim:
+ claimName: system-storage
+ triggers:
+ - type: ConfigChange
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: system-resque
+ spec:
+ replicas: 1
+ selector:
+ name: system-resque
+ strategy:
+ rollingParams:
+ intervalSeconds: 1
+ maxSurge: 25%
+ maxUnavailable: 25%
+ timeoutSeconds: 600
+ updatePeriodSeconds: 1
+ type: Rolling
+ template:
+ metadata:
+ labels:
+ name: system-resque
+ spec:
+ containers:
+ - args:
+ - 'rake'
+ - 'resque:work'
+ - 'QUEUE=*'
+ env: *base_env
+ image: 3scale-amp20/system:1.0-2
+ imagePullPolicy: IfNotPresent
+ name: system-resque
+ volumeMounts:
+ - name: system-storage
+ mountPath: /opt/system/public/system
+ - args:
+ - 'rake'
+ - 'resque:scheduler'
+ - 'QUEUE=*'
+ env: *base_env
+ image: 3scale-amp20/system:1.0-2
+ imagePullPolicy: IfNotPresent
+ name: system-scheduler
+ volumes:
+ - name: system-storage
+ persistentVolumeClaim:
+ claimName: system-storage
+ triggers:
+ - type: ConfigChange
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: system-sidekiq
+ spec:
+ replicas: 1
+ selector:
+ name: system-sidekiq
+ strategy:
+ rollingParams:
+ intervalSeconds: 1
+ maxSurge: 25%
+ maxUnavailable: 25%
+ timeoutSeconds: 600
+ updatePeriodSeconds: 1
+ type: Rolling
+ template:
+ metadata:
+ labels:
+ name: system-sidekiq
+ spec:
+ containers:
+ - args:
+ - rake
+ - sidekiq:worker
+ env: *base_env
+ image: 3scale-amp20/system:1.0-2
+ imagePullPolicy: IfNotPresent
+ name: system-sidekiq
+ volumeMounts:
+ - name: system-storage
+ mountPath: /opt/system/public/system
+ volumes:
+ - name: system-storage
+ persistentVolumeClaim:
+ claimName: system-storage
+ triggers:
+ - type: ConfigChange
+
+
+- kind: DeploymentConfig
+ apiVersion: v1
+ metadata:
+ name: 'system-mysql'
+ spec:
+ strategy:
+ type: Recreate
+ triggers:
+ - type: ConfigChange
+ replicas: 1
+ selector:
+ name: 'system-mysql'
+ template:
+ metadata:
+ labels:
+ name: 'system-mysql'
+ spec:
+ containers:
+ - name: system-mysql
+ image: ${MYSQL_IMAGE}
+ ports:
+ - containerPort: 3306
+ protocol: TCP
+ resources:
+ limits:
+ memory: 2Gi
+ requests:
+ cpu: '1'
+ memory: 1Gi
+ readinessProbe:
+ timeoutSeconds: 5
+ initialDelaySeconds: 10
+ periodSeconds: 30
+ exec:
+ command:
+ - /bin/sh
+ - '-i'
+ - '-c'
+ - MYSQL_PWD="$MYSQL_PASSWORD" mysql -h 127.0.0.1 -u $MYSQL_USER -D $MYSQL_DATABASE -e 'SELECT 1'
+ livenessProbe:
+ initialDelaySeconds: 30
+ periodSeconds: 10
+ tcpSocket:
+ port: 3306
+ env:
+ - name: MYSQL_USER
+ value: ${MYSQL_USER}
+ - name: MYSQL_PASSWORD
+ value: ${MYSQL_PASSWORD}
+ - name: MYSQL_DATABASE
+ value: ${MYSQL_DATABASE}
+ - name: MYSQL_ROOT_PASSWORD
+ value: ${MYSQL_ROOT_PASSWORD}
+ - name: MYSQL_LOWER_CASE_TABLE_NAMES
+ value: "1"
+ volumeMounts:
+ - name: 'mysql-storage'
+ mountPath: /var/lib/mysql/data
+ imagePullPolicy: IfNotPresent
+ volumes:
+ - name: 'mysql-storage'
+ persistentVolumeClaim:
+ claimName: 'mysql-storage'
+- kind: ConfigMap
+ apiVersion: v1
+ metadata:
+ name: redis-config
+ data:
+ redis.conf: |
+ protected-mode no
+
+ port 6379
+
+ timeout 0
+ tcp-keepalive 300
+
+ daemonize no
+ supervised no
+
+ loglevel notice
+
+ databases 16
+
+ save 900 1
+ save 300 10
+ save 60 10000
+
+ stop-writes-on-bgsave-error yes
+
+ rdbcompression yes
+ rdbchecksum yes
+
+ dbfilename dump.rdb
+
+ slave-serve-stale-data yes
+ slave-read-only yes
+
+ repl-diskless-sync no
+ repl-disable-tcp-nodelay no
+
+ appendonly yes
+ appendfilename "appendonly.aof"
+ appendfsync everysec
+ no-appendfsync-on-rewrite no
+ auto-aof-rewrite-percentage 100
+ auto-aof-rewrite-min-size 64mb
+ aof-load-truncated yes
+
+ lua-time-limit 5000
+
+ activerehashing no
+
+ aof-rewrite-incremental-fsync yes
+ dir /var/lib/redis/data
+
+- kind: ConfigMap
+
+ apiVersion: v1
+ metadata:
+ name: smtp
+ data:
+ address: ""
+ username: ""
+ password: ""
+ domain: ""
+ port: ""
+ authentication: ""
+ openssl.verify.mode: ""
+
+parameters:
+- name: AMP_RELEASE
+ description: "AMP release tag."
+ value: 2.0.0-CR2-redhat-1
+ required: true
+- name: ADMIN_PASSWORD
+ required: true
+ generate: expression
+ from: "[a-z0-9]{8}"
+- name: ADMIN_USERNAME
+ value: admin
+ required: true
+- name: APICAST_ACCESS_TOKEN
+ required: true
+ generate: expression
+ from: "[a-z0-9]{8}"
+ description: "Read Only Access Token that is APIcast going to use to download its configuration."
+- name: ADMIN_ACCESS_TOKEN
+ required: false
+ generate: expression
+ from: "[a-z0-9]{16}"
+ description: "Admin Access Token with all scopes and write permissions for API access."
+- name: WILDCARD_DOMAIN
+ description: Root domain for the wildcard routes. Eg. example.com will generate 3scale-admin.example.com.
+ required: true
+- name: TENANT_NAME
+ description: "Tenant name under the root that Admin UI will be available with -admin suffix."
+ required: true
+ value: "3scale"
+- name: MYSQL_USER
+ displayName: MySQL User
+ description: Username for MySQL user that will be used for accessing the database.
+ value: "mysql"
+ required: true
+- name: MYSQL_PASSWORD
+ displayName: MySQL Password
+ description: Password for the MySQL user.
+ generate: expression
+ from: "[a-z0-9]{8}"
+ required: true
+- name: MYSQL_DATABASE
+ displayName: MySQL Database Name
+ description: Name of the MySQL database accessed.
+ value: "system"
+ required: true
+- name: MYSQL_ROOT_PASSWORD
+ displayName: MySQL Root password.
+ description: Password for Root user.
+ generate: expression
+ from: "[a-z0-9]{8}"
+ required: true
+- name: SYSTEM_BACKEND_USERNAME
+ description: Internal 3scale API username for internal 3scale api auth.
+ value: "3scale_api_user"
+ required: true
+- name: SYSTEM_BACKEND_PASSWORD
+ description: Internal 3scale API password for internal 3scale api auth.
+ generate: expression
+ from: "[a-z0-9]{8}"
+ required: true
+- name: REDIS_IMAGE
+ description: Redis image to use
+ required: true
+ value: rhscl/redis-32-rhel7:3.2-5.7
+- name: MYSQL_IMAGE
+ description: Mysql image to use
+ required: true
+ value: rhscl/mysql-56-rhel7:5.6-13.14
+- name: SYSTEM_BACKEND_SHARED_SECRET
+ description: Shared secret to import events from backend to system.
+ generate: expression
+ from: "[a-z0-9]{8}"
+ required: true
+- name: SYSTEM_APP_SECRET_KEY_BASE
+ description: System application secret key base
+ generate: expression
+ from: "[a-f0-9]{128}"
+ required: true
+- name: APICAST_MANAGEMENT_API
+ description: "Scope of the APIcast Management API. Can be disabled, status or debug. At least status required for health checks."
+ required: false
+ value: "status"
+- name: APICAST_OPENSSL_VERIFY
+ description: "Turn on/off the OpenSSL peer verification when downloading the configuration. Can be set to true/false."
+ required: false
+ value: "false"
+- name: APICAST_RESPONSE_CODES
+ description: "Enable logging response codes in APIcast."
+ value: "true"
+ required: false
diff --git a/roles/openshift_examples/files/examples/v3.8/quickstart-templates/apicast-gateway-template.yml b/roles/openshift_examples/files/examples/v3.8/quickstart-templates/apicast-gateway-template.yml
new file mode 100644
index 000000000..e69de29bb
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/quickstart-templates/apicast-gateway-template.yml
diff --git a/roles/openshift_examples/files/examples/v3.8/quickstart-templates/apicast.yml b/roles/openshift_examples/files/examples/v3.8/quickstart-templates/apicast.yml
new file mode 100644
index 000000000..8e8051c0b
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/quickstart-templates/apicast.yml
@@ -0,0 +1,157 @@
+apiVersion: v1
+kind: Template
+metadata:
+ name: 3scale-gateway
+ annotations:
+ description: "3scale API Gateway"
+ iconClass: "icon-load-balancer"
+ tags: "api,gateway,3scale"
+objects:
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: "${APICAST_NAME}"
+ spec:
+ replicas: 2
+ selector:
+ deploymentconfig: "${APICAST_NAME}"
+ strategy:
+ type: Rolling
+ template:
+ metadata:
+ labels:
+ deploymentconfig: "${APICAST_NAME}"
+ spec:
+ containers:
+ - env:
+ - name: THREESCALE_PORTAL_ENDPOINT
+ valueFrom:
+ secretKeyRef:
+ name: "${CONFIGURATION_URL_SECRET}"
+ key: password
+ - name: THREESCALE_CONFIG_FILE
+ value: "${CONFIGURATION_FILE_PATH}"
+ - name: THREESCALE_DEPLOYMENT_ENV
+ value: "${DEPLOYMENT_ENVIRONMENT}"
+ - name: RESOLVER
+ value: "${RESOLVER}"
+ - name: APICAST_SERVICES
+ value: "${SERVICES_LIST}"
+ - name: APICAST_CONFIGURATION_LOADER
+ value: "${CONFIGURATION_LOADER}"
+ - name: APICAST_LOG_LEVEL
+ value: "${LOG_LEVEL}"
+ - name: APICAST_PATH_ROUTING_ENABLED
+ value: "${PATH_ROUTING}"
+ - name: APICAST_RESPONSE_CODES
+ value: "${RESPONSE_CODES}"
+ - name: APICAST_CONFIGURATION_CACHE
+ value: "${CONFIGURATION_CACHE}"
+ - name: REDIS_URL
+ value: "${REDIS_URL}"
+ - name: APICAST_MANAGEMENT_API
+ value: "${MANAGEMENT_API}"
+ - name: OPENSSL_VERIFY
+ value: "${OPENSSL_VERIFY}"
+ image: 3scale-amp20/apicast-gateway:1.0-3
+ imagePullPolicy: IfNotPresent
+ name: "${APICAST_NAME}"
+ livenessProbe:
+ httpGet:
+ path: /status/live
+ port: management
+ initialDelaySeconds: 10
+ timeoutSeconds: 1
+ readinessProbe:
+ httpGet:
+ path: /status/ready
+ port: management
+ initialDelaySeconds: 15
+ timeoutSeconds: 1
+ ports:
+ - name: proxy
+ containerPort: 8080
+ protocol: TCP
+ - name: management
+ containerPort: 8090
+ protocol: TCP
+ triggers:
+ - type: ConfigChange
+
+- apiVersion: v1
+ kind: Service
+ metadata:
+ name: "${APICAST_NAME}"
+ spec:
+ ports:
+ - name: proxy
+ port: 8080
+ protocol: TCP
+ targetPort: 8080
+ - name: management
+ port: 8090
+ protocol: TCP
+ targetPort: 8090
+ selector:
+ deploymentconfig: "${APICAST_NAME}"
+
+parameters:
+- name: AMP_RELEASE
+ description: "AMP release tag."
+ value: 2.0.0-CR2-redhat-1
+ required: true
+- description: "Name of the secret containing the THREESCALE_PORTAL_ENDPOINT with the access-token or provider key"
+ value: apicast-configuration-url-secret
+ name: CONFIGURATION_URL_SECRET
+ required: true
+- description: "Path to saved JSON file with configuration for the gateway. Has to be injected to the docker image as read only volume."
+ value:
+ name: CONFIGURATION_FILE_PATH
+ required: false
+- description: "Deployment environment. Can be sandbox or production."
+ value: production
+ name: DEPLOYMENT_ENVIRONMENT
+ required: true
+- description: "Name for the 3scale API Gateway"
+ value: apicast
+ name: APICAST_NAME
+ required: true
+- description: "DNS Resolver for openresty, if empty it will be autodiscovered"
+ value:
+ name: RESOLVER
+ required: false
+- description: "Subset of services to run. Use comma separated list of service ids (eg. 42,1337)"
+ value:
+ name: SERVICES_LIST
+ required: false
+- name: CONFIGURATION_LOADER
+ description: "When to load configuration. If on gateway start or incoming request. Allowed values are: lazy, boot."
+ value: boot
+ required: false
+- description: "Log level. One of the following: debug, info, notice, warn, error, crit, alert, or emerg."
+ name: LOG_LEVEL
+ required: false
+- description: "Enable path routing. Experimental feature."
+ name: PATH_ROUTING
+ required: false
+ value: "false"
+- description: "Enable logging response codes to 3scale."
+ value: "false"
+ name: RESPONSE_CODES
+ required: false
+- name: CONFIGURATION_CACHE
+ description: "For how long to cache the downloaded configuration in seconds. Can be left empty, 0 or greater than 60."
+ value: ""
+ required: false
+- description: "Redis URL. Required for OAuth2 integration. ex: redis://PASSWORD@127.0.0.1:6379/0"
+ name: REDIS_URL
+ required: false
+- name: MANAGEMENT_API
+ description: "Scope of the Management API. Can be disabled, status or debug. At least status required for health checks."
+ required: false
+ value: "status"
+- name: OPENSSL_VERIFY
+ description: "Turn on/off the OpenSSL peer verification. Can be set to true/false."
+ required: true
+ value: "false"
diff --git a/roles/openshift_examples/files/examples/v3.8/quickstart-templates/cakephp-mysql-persistent.json b/roles/openshift_examples/files/examples/v3.8/quickstart-templates/cakephp-mysql-persistent.json
new file mode 100644
index 000000000..40b4eaa81
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/quickstart-templates/cakephp-mysql-persistent.json
@@ -0,0 +1,587 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "cakephp-mysql-persistent",
+ "annotations": {
+ "openshift.io/display-name": "CakePHP + MySQL",
+ "description": "An example CakePHP application with a MySQL database. For more information about using this template, including OpenShift considerations, see https://github.com/openshift/cakephp-ex/blob/master/README.md.",
+ "tags": "quickstart,php,cakephp",
+ "iconClass": "icon-php",
+ "openshift.io/long-description": "This template defines resources needed to develop a CakePHP application, including a build configuration, application deployment configuration, and database deployment configuration.",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "openshift.io/documentation-url": "https://github.com/openshift/cakephp-ex",
+ "openshift.io/support-url": "https://access.redhat.com",
+ "template.openshift.io/bindable": "false"
+ }
+ },
+ "message": "The following service(s) have been created in your project: ${NAME}, ${DATABASE_SERVICE_NAME}.\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/openshift/cake-ex/blob/master/README.md.",
+ "labels": {
+ "template": "cakephp-mysql-persistent",
+ "app": "cakephp-mysql-persistent"
+ },
+ "objects": [
+ {
+ "kind": "Secret",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}"
+ },
+ "stringData" : {
+ "database-user" : "${DATABASE_USER}",
+ "database-password" : "${DATABASE_PASSWORD}",
+ "cakephp-secret-token" : "${CAKEPHP_SECRET_TOKEN}",
+ "cakephp-security-salt" : "${CAKEPHP_SECURITY_SALT}",
+ "cakephp-security-cipher-seed" : "${CAKEPHP_SECURITY_CIPHER_SEED}"
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Exposes and load balances the application pods",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${DATABASE_SERVICE_NAME}\", \"kind\": \"Service\"}]"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "web",
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "name": "${NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}"
+ },
+ "spec": {
+ "host": "${APPLICATION_DOMAIN}",
+ "to": {
+ "kind": "Service",
+ "name": "${NAME}"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Keeps track of changes in the application image"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Defines how to build the application",
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${NAMESPACE}",
+ "name": "php:7.0"
+ },
+ "env": [
+ {
+ "name": "COMPOSER_MIRROR",
+ "value": "${COMPOSER_MIRROR}"
+ }
+ ]
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange"
+ },
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ }
+ ],
+ "postCommit": {
+ "script": "./lib/Cake/Console/cake test app AllTests"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Defines how to deploy the application server",
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate",
+ "recreateParams": {
+ "pre": {
+ "failurePolicy": "Retry",
+ "execNewPod": {
+ "command": [
+ "./migrate-database.sh"
+ ],
+ "containerName": "cakephp-mysql-persistent"
+ }
+ }
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "cakephp-mysql-persistent"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${NAME}",
+ "labels": {
+ "name": "${NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "cakephp-mysql-persistent",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 8080
+ }
+ ],
+ "readinessProbe": {
+ "timeoutSeconds": 3,
+ "initialDelaySeconds": 3,
+ "httpGet": {
+ "path": "/health.php",
+ "port": 8080
+ }
+ },
+ "livenessProbe": {
+ "timeoutSeconds": 3,
+ "initialDelaySeconds": 30,
+ "httpGet": {
+ "path": "/health.php",
+ "port": 8080
+ }
+ },
+ "env": [
+ {
+ "name": "DATABASE_SERVICE_NAME",
+ "value": "${DATABASE_SERVICE_NAME}"
+ },
+ {
+ "name": "DATABASE_ENGINE",
+ "value": "${DATABASE_ENGINE}"
+ },
+ {
+ "name": "DATABASE_NAME",
+ "value": "${DATABASE_NAME}"
+ },
+ {
+ "name": "DATABASE_USER",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-user"
+ }
+ }
+ },
+ {
+ "name": "DATABASE_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-password"
+ }
+ }
+ },
+ {
+ "name": "CAKEPHP_SECRET_TOKEN",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "cakephp-secret-token"
+ }
+ }
+ },
+ {
+ "name": "CAKEPHP_SECURITY_SALT",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "cakephp-security-salt"
+ }
+ }
+ },
+ {
+ "name": "CAKEPHP_SECURITY_CIPHER_SEED",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "cakephp-security-cipher-seed"
+ }
+ }
+ },
+ {
+ "name": "OPCACHE_REVALIDATE_FREQ",
+ "value": "${OPCACHE_REVALIDATE_FREQ}"
+ }
+ ],
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_LIMIT}"
+ }
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "PersistentVolumeClaim",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "description": "Exposes the database server"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "mysql",
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "description": "Defines how to deploy the database",
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${NAMESPACE}",
+ "name": "mysql:5.7"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "labels": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ }
+ },
+ "spec": {
+ "volumes": [
+ {
+ "name": "${DATABASE_SERVICE_NAME}-data",
+ "persistentVolumeClaim": {
+ "claimName": "${DATABASE_SERVICE_NAME}"
+ }
+ }
+ ],
+ "containers": [
+ {
+ "name": "mysql",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 3306
+ }
+ ],
+ "volumeMounts": [
+ {
+ "name": "${DATABASE_SERVICE_NAME}-data",
+ "mountPath": "/var/lib/mysql/data"
+ }
+ ],
+ "readinessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 5,
+ "exec": {
+ "command": [ "/bin/sh", "-i", "-c", "MYSQL_PWD='${DATABASE_PASSWORD}' mysql -h 127.0.0.1 -u ${DATABASE_USER} -D ${DATABASE_NAME} -e 'SELECT 1'" ]
+ }
+ },
+ "livenessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 30,
+ "tcpSocket": {
+ "port": 3306
+ }
+ },
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-user"
+ }
+ }
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-password"
+ }
+ }
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DATABASE_NAME}"
+ }
+ ],
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_MYSQL_LIMIT}"
+ }
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ],
+ "parameters": [
+ {
+ "name": "NAME",
+ "displayName": "Name",
+ "description": "The name assigned to all of the frontend objects defined in this template.",
+ "required": true,
+ "value": "cakephp-mysql-persistent"
+ },
+ {
+ "name": "NAMESPACE",
+ "displayName": "Namespace",
+ "description": "The OpenShift Namespace where the ImageStream resides.",
+ "required": true,
+ "value": "openshift"
+ },
+ {
+ "name": "MEMORY_LIMIT",
+ "displayName": "Memory Limit",
+ "description": "Maximum amount of memory the CakePHP container can use.",
+ "required": true,
+ "value": "512Mi"
+ },
+ {
+ "name": "MEMORY_MYSQL_LIMIT",
+ "displayName": "Memory Limit (MySQL)",
+ "description": "Maximum amount of memory the MySQL container can use.",
+ "required": true,
+ "value": "512Mi"
+ },
+ {
+ "name": "VOLUME_CAPACITY",
+ "displayName": "Volume Capacity",
+ "description": "Volume space available for data, e.g. 512Mi, 2Gi",
+ "value": "1Gi",
+ "required": true
+ },
+ {
+ "name": "SOURCE_REPOSITORY_URL",
+ "displayName": "Git Repository URL",
+ "description": "The URL of the repository with your application source code.",
+ "required": true,
+ "value": "https://github.com/openshift/cakephp-ex.git"
+ },
+ {
+ "name": "SOURCE_REPOSITORY_REF",
+ "displayName": "Git Reference",
+ "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch."
+ },
+ {
+ "name": "CONTEXT_DIR",
+ "displayName": "Context Directory",
+ "description": "Set this to the relative path to your project if it is not in the root of your repository."
+ },
+ {
+ "name": "APPLICATION_DOMAIN",
+ "displayName": "Application Hostname",
+ "description": "The exposed hostname that will route to the CakePHP service, if left blank a value will be defaulted.",
+ "value": ""
+ },
+ {
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "displayName": "GitHub Webhook Secret",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{40}"
+ },
+ {
+ "name": "DATABASE_SERVICE_NAME",
+ "displayName": "Database Service Name",
+ "required": true,
+ "value": "mysql"
+ },
+ {
+ "name": "DATABASE_ENGINE",
+ "displayName": "Database Engine",
+ "description": "Database engine: postgresql, mysql or sqlite (default).",
+ "required": true,
+ "value": "mysql"
+ },
+ {
+ "name": "DATABASE_NAME",
+ "displayName": "Database Name",
+ "required": true,
+ "value": "default"
+ },
+ {
+ "name": "DATABASE_USER",
+ "displayName": "Database User",
+ "required": true,
+ "value": "cakephp"
+ },
+ {
+ "name": "DATABASE_PASSWORD",
+ "displayName": "Database Password",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{16}"
+ },
+ {
+ "name": "CAKEPHP_SECRET_TOKEN",
+ "displayName": "CakePHP secret token",
+ "description": "Set this to a long random string.",
+ "generate": "expression",
+ "from": "[\\w]{50}"
+ },
+ {
+ "name": "CAKEPHP_SECURITY_SALT",
+ "displayName": "CakePHP Security Salt",
+ "description": "Security salt for session hash.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{40}"
+ },
+ {
+ "name": "CAKEPHP_SECURITY_CIPHER_SEED",
+ "displayName": "CakePHP Security Cipher Seed",
+ "description": "Security cipher seed for session hash.",
+ "generate": "expression",
+ "from": "[0-9]{30}"
+ },
+ {
+ "name": "OPCACHE_REVALIDATE_FREQ",
+ "displayName": "OPcache Revalidation Frequency",
+ "description": "How often to check script timestamps for updates, in seconds. 0 will result in OPcache checking for updates on every request.",
+ "value": "2"
+ },
+ {
+ "name": "COMPOSER_MIRROR",
+ "displayName": "Custom Composer Mirror URL",
+ "description": "The custom Composer mirror URL",
+ "value": ""
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/quickstart-templates/cakephp-mysql.json b/roles/openshift_examples/files/examples/v3.8/quickstart-templates/cakephp-mysql.json
new file mode 100644
index 000000000..ecd90e495
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/quickstart-templates/cakephp-mysql.json
@@ -0,0 +1,561 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "cakephp-mysql-example",
+ "annotations": {
+ "openshift.io/display-name": "CakePHP + MySQL (Ephemeral)",
+ "description": "An example CakePHP application with a MySQL database. For more information about using this template, including OpenShift considerations, see https://github.com/openshift/cakephp-ex/blob/master/README.md.\n\nWARNING: Any data stored will be lost upon pod destruction. Only use this template for testing.",
+ "tags": "quickstart,php,cakephp",
+ "iconClass": "icon-php",
+ "openshift.io/long-description": "This template defines resources needed to develop a CakePHP application, including a build configuration, application deployment configuration, and database deployment configuration. The database is stored in non-persistent storage, so this configuration should be used for experimental purposes only.",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "openshift.io/documentation-url": "https://github.com/openshift/cakephp-ex",
+ "openshift.io/support-url": "https://access.redhat.com",
+ "template.openshift.io/bindable": "false"
+ }
+ },
+ "message": "The following service(s) have been created in your project: ${NAME}, ${DATABASE_SERVICE_NAME}.\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/openshift/cake-ex/blob/master/README.md.",
+ "labels": {
+ "template": "cakephp-mysql-example",
+ "app": "cakephp-mysql-example"
+ },
+ "objects": [
+ {
+ "kind": "Secret",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}"
+ },
+ "stringData" : {
+ "database-user" : "${DATABASE_USER}",
+ "database-password" : "${DATABASE_PASSWORD}",
+ "cakephp-secret-token" : "${CAKEPHP_SECRET_TOKEN}",
+ "cakephp-security-salt" : "${CAKEPHP_SECURITY_SALT}",
+ "cakephp-security-cipher-seed" : "${CAKEPHP_SECURITY_CIPHER_SEED}"
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Exposes and load balances the application pods",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${DATABASE_SERVICE_NAME}\", \"kind\": \"Service\"}]"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "web",
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "name": "${NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}"
+ },
+ "spec": {
+ "host": "${APPLICATION_DOMAIN}",
+ "to": {
+ "kind": "Service",
+ "name": "${NAME}"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Keeps track of changes in the application image"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Defines how to build the application",
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${NAMESPACE}",
+ "name": "php:7.0"
+ },
+ "env": [
+ {
+ "name": "COMPOSER_MIRROR",
+ "value": "${COMPOSER_MIRROR}"
+ }
+ ]
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange"
+ },
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ }
+ ],
+ "postCommit": {
+ "script": "./lib/Cake/Console/cake test app AllTests"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Defines how to deploy the application server",
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate",
+ "recreateParams": {
+ "pre": {
+ "failurePolicy": "Retry",
+ "execNewPod": {
+ "command": [
+ "./migrate-database.sh"
+ ],
+ "containerName": "cakephp-mysql-example"
+ }
+ }
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "cakephp-mysql-example"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${NAME}",
+ "labels": {
+ "name": "${NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "cakephp-mysql-example",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 8080
+ }
+ ],
+ "readinessProbe": {
+ "timeoutSeconds": 3,
+ "initialDelaySeconds": 3,
+ "httpGet": {
+ "path": "/health.php",
+ "port": 8080
+ }
+ },
+ "livenessProbe": {
+ "timeoutSeconds": 3,
+ "initialDelaySeconds": 30,
+ "httpGet": {
+ "path": "/health.php",
+ "port": 8080
+ }
+ },
+ "env": [
+ {
+ "name": "DATABASE_SERVICE_NAME",
+ "value": "${DATABASE_SERVICE_NAME}"
+ },
+ {
+ "name": "DATABASE_ENGINE",
+ "value": "${DATABASE_ENGINE}"
+ },
+ {
+ "name": "DATABASE_NAME",
+ "value": "${DATABASE_NAME}"
+ },
+ {
+ "name": "DATABASE_USER",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-user"
+ }
+ }
+ },
+ {
+ "name": "DATABASE_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-password"
+ }
+ }
+ },
+ {
+ "name": "CAKEPHP_SECRET_TOKEN",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "cakephp-secret-token"
+ }
+ }
+ },
+ {
+ "name": "CAKEPHP_SECURITY_SALT",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "cakephp-security-salt"
+ }
+ }
+ },
+ {
+ "name": "CAKEPHP_SECURITY_CIPHER_SEED",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "cakephp-security-cipher-seed"
+ }
+ }
+ },
+ {
+ "name": "OPCACHE_REVALIDATE_FREQ",
+ "value": "${OPCACHE_REVALIDATE_FREQ}"
+ }
+ ],
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_LIMIT}"
+ }
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "description": "Exposes the database server"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "mysql",
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "description": "Defines how to deploy the database",
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${NAMESPACE}",
+ "name": "mysql:5.7"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "labels": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ }
+ },
+ "spec": {
+ "volumes": [
+ {
+ "name": "data",
+ "emptyDir": {}
+ }
+ ],
+ "containers": [
+ {
+ "name": "mysql",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 3306
+ }
+ ],
+ "volumeMounts": [
+ {
+ "name": "data",
+ "mountPath": "/var/lib/mysql/data"
+ }
+ ],
+ "readinessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 5,
+ "exec": {
+ "command": [ "/bin/sh", "-i", "-c", "MYSQL_PWD='${DATABASE_PASSWORD}' mysql -h 127.0.0.1 -u ${DATABASE_USER} -D ${DATABASE_NAME} -e 'SELECT 1'" ]
+ }
+ },
+ "livenessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 30,
+ "tcpSocket": {
+ "port": 3306
+ }
+ },
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-user"
+ }
+ }
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-password"
+ }
+ }
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DATABASE_NAME}"
+ }
+ ],
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_MYSQL_LIMIT}"
+ }
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ],
+ "parameters": [
+ {
+ "name": "NAME",
+ "displayName": "Name",
+ "description": "The name assigned to all of the frontend objects defined in this template.",
+ "required": true,
+ "value": "cakephp-mysql-example"
+ },
+ {
+ "name": "NAMESPACE",
+ "displayName": "Namespace",
+ "description": "The OpenShift Namespace where the ImageStream resides.",
+ "required": true,
+ "value": "openshift"
+ },
+ {
+ "name": "MEMORY_LIMIT",
+ "displayName": "Memory Limit",
+ "description": "Maximum amount of memory the CakePHP container can use.",
+ "required": true,
+ "value": "512Mi"
+ },
+ {
+ "name": "MEMORY_MYSQL_LIMIT",
+ "displayName": "Memory Limit (MySQL)",
+ "description": "Maximum amount of memory the MySQL container can use.",
+ "required": true,
+ "value": "512Mi"
+ },
+ {
+ "name": "SOURCE_REPOSITORY_URL",
+ "displayName": "Git Repository URL",
+ "description": "The URL of the repository with your application source code.",
+ "required": true,
+ "value": "https://github.com/openshift/cakephp-ex.git"
+ },
+ {
+ "name": "SOURCE_REPOSITORY_REF",
+ "displayName": "Git Reference",
+ "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch."
+ },
+ {
+ "name": "CONTEXT_DIR",
+ "displayName": "Context Directory",
+ "description": "Set this to the relative path to your project if it is not in the root of your repository."
+ },
+ {
+ "name": "APPLICATION_DOMAIN",
+ "displayName": "Application Hostname",
+ "description": "The exposed hostname that will route to the CakePHP service, if left blank a value will be defaulted.",
+ "value": ""
+ },
+ {
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "displayName": "GitHub Webhook Secret",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{40}"
+ },
+ {
+ "name": "DATABASE_SERVICE_NAME",
+ "displayName": "Database Service Name",
+ "required": true,
+ "value": "mysql"
+ },
+ {
+ "name": "DATABASE_ENGINE",
+ "displayName": "Database Engine",
+ "description": "Database engine: postgresql, mysql or sqlite (default).",
+ "required": true,
+ "value": "mysql"
+ },
+ {
+ "name": "DATABASE_NAME",
+ "displayName": "Database Name",
+ "required": true,
+ "value": "default"
+ },
+ {
+ "name": "DATABASE_USER",
+ "displayName": "Database User",
+ "required": true,
+ "value": "cakephp"
+ },
+ {
+ "name": "DATABASE_PASSWORD",
+ "displayName": "Database Password",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{16}"
+ },
+ {
+ "name": "CAKEPHP_SECRET_TOKEN",
+ "displayName": "CakePHP secret token",
+ "description": "Set this to a long random string.",
+ "generate": "expression",
+ "from": "[\\w]{50}"
+ },
+ {
+ "name": "CAKEPHP_SECURITY_SALT",
+ "displayName": "CakePHP Security Salt",
+ "description": "Security salt for session hash.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{40}"
+ },
+ {
+ "name": "CAKEPHP_SECURITY_CIPHER_SEED",
+ "displayName": "CakePHP Security Cipher Seed",
+ "description": "Security cipher seed for session hash.",
+ "generate": "expression",
+ "from": "[0-9]{30}"
+ },
+ {
+ "name": "OPCACHE_REVALIDATE_FREQ",
+ "displayName": "OPcache Revalidation Frequency",
+ "description": "How often to check script timestamps for updates, in seconds. 0 will result in OPcache checking for updates on every request.",
+ "value": "2"
+ },
+ {
+ "name": "COMPOSER_MIRROR",
+ "displayName": "Custom Composer Mirror URL",
+ "description": "The custom Composer mirror URL",
+ "value": ""
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/quickstart-templates/dancer-mysql-persistent.json b/roles/openshift_examples/files/examples/v3.8/quickstart-templates/dancer-mysql-persistent.json
new file mode 100644
index 000000000..17a155600
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/quickstart-templates/dancer-mysql-persistent.json
@@ -0,0 +1,531 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "dancer-mysql-persistent",
+ "annotations": {
+ "openshift.io/display-name": "Dancer + MySQL",
+ "description": "An example Dancer application with a MySQL database. For more information about using this template, including OpenShift considerations, see https://github.com/openshift/dancer-ex/blob/master/README.md.",
+ "tags": "quickstart,perl,dancer",
+ "iconClass": "icon-perl",
+ "openshift.io/long-description": "This template defines resources needed to develop a Dancer based application, including a build configuration, application deployment configuration, and database deployment configuration.",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "openshift.io/documentation-url": "https://github.com/openshift/dancer-ex",
+ "openshift.io/support-url": "https://access.redhat.com",
+ "template.openshift.io/bindable": "false"
+ }
+ },
+ "message": "The following service(s) have been created in your project: ${NAME}, ${DATABASE_SERVICE_NAME}.\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/openshift/dancer-ex/blob/master/README.md.",
+ "labels": {
+ "template": "dancer-mysql-persistent",
+ "app": "dancer-mysql-persistent"
+ },
+ "objects": [
+ {
+ "kind": "Secret",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}"
+ },
+ "stringData" : {
+ "database-user" : "${DATABASE_USER}",
+ "database-password" : "${DATABASE_PASSWORD}",
+ "keybase" : "${SECRET_KEY_BASE}"
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Exposes and load balances the application pods",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${DATABASE_SERVICE_NAME}\", \"kind\": \"Service\"}]"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "web",
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "name": "${NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}"
+ },
+ "spec": {
+ "host": "${APPLICATION_DOMAIN}",
+ "to": {
+ "kind": "Service",
+ "name": "${NAME}"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Keeps track of changes in the application image"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Defines how to build the application",
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${NAMESPACE}",
+ "name": "perl:5.24"
+ },
+ "env": [
+ {
+ "name": "CPAN_MIRROR",
+ "value": "${CPAN_MIRROR}"
+ }
+ ]
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange"
+ },
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ }
+ ],
+ "postCommit": {
+ "script": "perl -I extlib/lib/perl5 -I lib t/*"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Defines how to deploy the application server",
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "dancer-mysql-persistent"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${NAME}",
+ "labels": {
+ "name": "${NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "dancer-mysql-persistent",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 8080
+ }
+ ],
+ "readinessProbe": {
+ "timeoutSeconds": 3,
+ "initialDelaySeconds": 3,
+ "httpGet": {
+ "path": "/health",
+ "port": 8080
+ }
+ },
+ "livenessProbe": {
+ "timeoutSeconds": 3,
+ "initialDelaySeconds": 30,
+ "httpGet": {
+ "path": "/health",
+ "port": 8080
+ }
+ },
+ "env": [
+ {
+ "name": "DATABASE_SERVICE_NAME",
+ "value": "${DATABASE_SERVICE_NAME}"
+ },
+ {
+ "name": "MYSQL_USER",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-user"
+ }
+ }
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-password"
+ }
+ }
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DATABASE_NAME}"
+ },
+ {
+ "name": "SECRET_KEY_BASE",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "keybase"
+ }
+ }
+ },
+ {
+ "name": "PERL_APACHE2_RELOAD",
+ "value": "${PERL_APACHE2_RELOAD}"
+ }
+ ],
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_LIMIT}"
+ }
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "PersistentVolumeClaim",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "description": "Exposes the database server"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "mysql",
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "description": "Defines how to deploy the database",
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${NAMESPACE}",
+ "name": "mysql:5.7"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "labels": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ }
+ },
+ "spec": {
+ "volumes": [
+ {
+ "name": "${DATABASE_SERVICE_NAME}-data",
+ "persistentVolumeClaim": {
+ "claimName": "${DATABASE_SERVICE_NAME}"
+ }
+ }
+ ],
+ "containers": [
+ {
+ "name": "mysql",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 3306
+ }
+ ],
+ "volumeMounts": [
+ {
+ "name": "${DATABASE_SERVICE_NAME}-data",
+ "mountPath": "/var/lib/mysql/data"
+ }
+ ],
+ "readinessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 5,
+ "exec": {
+ "command": [ "/bin/sh", "-i", "-c", "MYSQL_PWD='${DATABASE_PASSWORD}' mysql -h 127.0.0.1 -u ${DATABASE_USER} -D ${DATABASE_NAME} -e 'SELECT 1'" ]
+ }
+ },
+ "livenessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 30,
+ "tcpSocket": {
+ "port": 3306
+ }
+ },
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-user"
+ }
+ }
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-password"
+ }
+ }
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DATABASE_NAME}"
+ }
+ ],
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_MYSQL_LIMIT}"
+ }
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ],
+ "parameters": [
+ {
+ "name": "NAME",
+ "displayName": "Name",
+ "description": "The name assigned to all of the frontend objects defined in this template.",
+ "required": true,
+ "value": "dancer-mysql-persistent"
+ },
+ {
+ "name": "NAMESPACE",
+ "displayName": "Namespace",
+ "description": "The OpenShift Namespace where the ImageStream resides.",
+ "required": true,
+ "value": "openshift"
+ },
+ {
+ "name": "MEMORY_LIMIT",
+ "displayName": "Memory Limit",
+ "description": "Maximum amount of memory the Perl Dancer container can use.",
+ "required": true,
+ "value": "512Mi"
+ },
+ {
+ "name": "MEMORY_MYSQL_LIMIT",
+ "displayName": "Memory Limit (MySQL)",
+ "description": "Maximum amount of memory the MySQL container can use.",
+ "required": true,
+ "value": "512Mi"
+ },
+ {
+ "name": "VOLUME_CAPACITY",
+ "displayName": "Volume Capacity",
+ "description": "Volume space available for data, e.g. 512Mi, 2Gi",
+ "value": "1Gi",
+ "required": true
+ },
+ {
+ "name": "SOURCE_REPOSITORY_URL",
+ "displayName": "Git Repository URL",
+ "description": "The URL of the repository with your application source code.",
+ "required": true,
+ "value": "https://github.com/openshift/dancer-ex.git"
+ },
+ {
+ "name": "SOURCE_REPOSITORY_REF",
+ "displayName": "Git Reference",
+ "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch."
+ },
+ {
+ "name": "CONTEXT_DIR",
+ "displayName": "Context Directory",
+ "description": "Set this to the relative path to your project if it is not in the root of your repository."
+ },
+ {
+ "name": "APPLICATION_DOMAIN",
+ "displayName": "Application Hostname",
+ "description": "The exposed hostname that will route to the Dancer service, if left blank a value will be defaulted.",
+ "value": ""
+ },
+ {
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "displayName": "GitHub Webhook Secret",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{40}"
+ },
+ {
+ "name": "DATABASE_SERVICE_NAME",
+ "displayName": "Database Service Name",
+ "required": true,
+ "value": "database"
+ },
+ {
+ "name": "DATABASE_USER",
+ "displayName": "Database Username",
+ "generate": "expression",
+ "from": "user[A-Z0-9]{3}"
+ },
+ {
+ "name": "DATABASE_PASSWORD",
+ "displayName": "Database Password",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{8}"
+ },
+ {
+ "name": "DATABASE_NAME",
+ "displayName": "Database Name",
+ "required": true,
+ "value": "sampledb"
+ },
+ {
+ "name": "PERL_APACHE2_RELOAD",
+ "displayName": "Perl Module Reload",
+ "description": "Set this to \"true\" to enable automatic reloading of modified Perl modules.",
+ "value": ""
+ },
+ {
+ "name": "SECRET_KEY_BASE",
+ "displayName": "Secret Key",
+ "description": "Your secret key for verifying the integrity of signed cookies.",
+ "generate": "expression",
+ "from": "[a-z0-9]{127}"
+ },
+ {
+ "name": "CPAN_MIRROR",
+ "displayName": "Custom CPAN Mirror URL",
+ "description": "The custom CPAN mirror URL",
+ "value": ""
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/quickstart-templates/dancer-mysql.json b/roles/openshift_examples/files/examples/v3.8/quickstart-templates/dancer-mysql.json
new file mode 100644
index 000000000..abf711535
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/quickstart-templates/dancer-mysql.json
@@ -0,0 +1,505 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "dancer-mysql-example",
+ "annotations": {
+ "openshift.io/display-name": "Dancer + MySQL (Ephemeral)",
+ "description": "An example Dancer application with a MySQL database. For more information about using this template, including OpenShift considerations, see https://github.com/openshift/dancer-ex/blob/master/README.md.\n\nWARNING: Any data stored will be lost upon pod destruction. Only use this template for testing.",
+ "tags": "quickstart,perl,dancer",
+ "iconClass": "icon-perl",
+ "openshift.io/long-description": "This template defines resources needed to develop a Dancer based application, including a build configuration, application deployment configuration, and database deployment configuration. The database is stored in non-persistent storage, so this configuration should be used for experimental purposes only.",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "openshift.io/documentation-url": "https://github.com/openshift/dancer-ex",
+ "openshift.io/support-url": "https://access.redhat.com",
+ "template.openshift.io/bindable": "false"
+ }
+ },
+ "message": "The following service(s) have been created in your project: ${NAME}, ${DATABASE_SERVICE_NAME}.\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/openshift/dancer-ex/blob/master/README.md.",
+ "labels": {
+ "template": "dancer-mysql-example",
+ "app": "dancer-mysql-example"
+ },
+ "objects": [
+ {
+ "kind": "Secret",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}"
+ },
+ "stringData" : {
+ "database-user" : "${DATABASE_USER}",
+ "database-password" : "${DATABASE_PASSWORD}",
+ "keybase" : "${SECRET_KEY_BASE}"
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Exposes and load balances the application pods",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${DATABASE_SERVICE_NAME}\", \"kind\": \"Service\"}]"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "web",
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "name": "${NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}"
+ },
+ "spec": {
+ "host": "${APPLICATION_DOMAIN}",
+ "to": {
+ "kind": "Service",
+ "name": "${NAME}"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Keeps track of changes in the application image"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Defines how to build the application",
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${NAMESPACE}",
+ "name": "perl:5.24"
+ },
+ "env": [
+ {
+ "name": "CPAN_MIRROR",
+ "value": "${CPAN_MIRROR}"
+ }
+ ]
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange"
+ },
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ }
+ ],
+ "postCommit": {
+ "script": "perl -I extlib/lib/perl5 -I lib t/*"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Defines how to deploy the application server",
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "dancer-mysql-example"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${NAME}",
+ "labels": {
+ "name": "${NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "dancer-mysql-example",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 8080
+ }
+ ],
+ "readinessProbe": {
+ "timeoutSeconds": 3,
+ "initialDelaySeconds": 3,
+ "httpGet": {
+ "path": "/health",
+ "port": 8080
+ }
+ },
+ "livenessProbe": {
+ "timeoutSeconds": 3,
+ "initialDelaySeconds": 30,
+ "httpGet": {
+ "path": "/health",
+ "port": 8080
+ }
+ },
+ "env": [
+ {
+ "name": "DATABASE_SERVICE_NAME",
+ "value": "${DATABASE_SERVICE_NAME}"
+ },
+ {
+ "name": "MYSQL_USER",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-user"
+ }
+ }
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-password"
+ }
+ }
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DATABASE_NAME}"
+ },
+ {
+ "name": "SECRET_KEY_BASE",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "keybase"
+ }
+ }
+ },
+ {
+ "name": "PERL_APACHE2_RELOAD",
+ "value": "${PERL_APACHE2_RELOAD}"
+ }
+ ],
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_LIMIT}"
+ }
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "description": "Exposes the database server"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "mysql",
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "description": "Defines how to deploy the database",
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${NAMESPACE}",
+ "name": "mysql:5.7"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "labels": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ }
+ },
+ "spec": {
+ "volumes": [
+ {
+ "name": "data",
+ "emptyDir": {}
+ }
+ ],
+ "containers": [
+ {
+ "name": "mysql",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 3306
+ }
+ ],
+ "volumeMounts": [
+ {
+ "name": "data",
+ "mountPath": "/var/lib/mysql/data"
+ }
+ ],
+ "readinessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 5,
+ "exec": {
+ "command": [ "/bin/sh", "-i", "-c", "MYSQL_PWD='${DATABASE_PASSWORD}' mysql -h 127.0.0.1 -u ${DATABASE_USER} -D ${DATABASE_NAME} -e 'SELECT 1'" ]
+ }
+ },
+ "livenessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 30,
+ "tcpSocket": {
+ "port": 3306
+ }
+ },
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-user"
+ }
+ }
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-password"
+ }
+ }
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DATABASE_NAME}"
+ }
+ ],
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_MYSQL_LIMIT}"
+ }
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ],
+ "parameters": [
+ {
+ "name": "NAME",
+ "displayName": "Name",
+ "description": "The name assigned to all of the frontend objects defined in this template.",
+ "required": true,
+ "value": "dancer-mysql-example"
+ },
+ {
+ "name": "NAMESPACE",
+ "displayName": "Namespace",
+ "description": "The OpenShift Namespace where the ImageStream resides.",
+ "required": true,
+ "value": "openshift"
+ },
+ {
+ "name": "MEMORY_LIMIT",
+ "displayName": "Memory Limit",
+ "description": "Maximum amount of memory the Perl Dancer container can use.",
+ "required": true,
+ "value": "512Mi"
+ },
+ {
+ "name": "MEMORY_MYSQL_LIMIT",
+ "displayName": "Memory Limit (MySQL)",
+ "description": "Maximum amount of memory the MySQL container can use.",
+ "required": true,
+ "value": "512Mi"
+ },
+ {
+ "name": "SOURCE_REPOSITORY_URL",
+ "displayName": "Git Repository URL",
+ "description": "The URL of the repository with your application source code.",
+ "required": true,
+ "value": "https://github.com/openshift/dancer-ex.git"
+ },
+ {
+ "name": "SOURCE_REPOSITORY_REF",
+ "displayName": "Git Reference",
+ "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch."
+ },
+ {
+ "name": "CONTEXT_DIR",
+ "displayName": "Context Directory",
+ "description": "Set this to the relative path to your project if it is not in the root of your repository."
+ },
+ {
+ "name": "APPLICATION_DOMAIN",
+ "displayName": "Application Hostname",
+ "description": "The exposed hostname that will route to the Dancer service, if left blank a value will be defaulted.",
+ "value": ""
+ },
+ {
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "displayName": "GitHub Webhook Secret",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{40}"
+ },
+ {
+ "name": "DATABASE_SERVICE_NAME",
+ "displayName": "Database Service Name",
+ "required": true,
+ "value": "database"
+ },
+ {
+ "name": "DATABASE_USER",
+ "displayName": "Database Username",
+ "generate": "expression",
+ "from": "user[A-Z0-9]{3}"
+ },
+ {
+ "name": "DATABASE_PASSWORD",
+ "displayName": "Database Password",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{8}"
+ },
+ {
+ "name": "DATABASE_NAME",
+ "displayName": "Database Name",
+ "required": true,
+ "value": "sampledb"
+ },
+ {
+ "name": "PERL_APACHE2_RELOAD",
+ "displayName": "Perl Module Reload",
+ "description": "Set this to \"true\" to enable automatic reloading of modified Perl modules.",
+ "value": ""
+ },
+ {
+ "name": "SECRET_KEY_BASE",
+ "displayName": "Secret Key",
+ "description": "Your secret key for verifying the integrity of signed cookies.",
+ "generate": "expression",
+ "from": "[a-z0-9]{127}"
+ },
+ {
+ "name": "CPAN_MIRROR",
+ "displayName": "Custom CPAN Mirror URL",
+ "description": "The custom CPAN mirror URL",
+ "value": ""
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/quickstart-templates/django-postgresql-persistent.json b/roles/openshift_examples/files/examples/v3.8/quickstart-templates/django-postgresql-persistent.json
new file mode 100644
index 000000000..c8dab0b53
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/quickstart-templates/django-postgresql-persistent.json
@@ -0,0 +1,541 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "django-psql-persistent",
+ "annotations": {
+ "openshift.io/display-name": "Django + PostgreSQL",
+ "description": "An example Django application with a PostgreSQL database. For more information about using this template, including OpenShift considerations, see https://github.com/openshift/django-ex/blob/master/README.md.",
+ "tags": "quickstart,python,django",
+ "iconClass": "icon-python",
+ "openshift.io/long-description": "This template defines resources needed to develop a Django based application, including a build configuration, application deployment configuration, and database deployment configuration.",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "openshift.io/documentation-url": "https://github.com/openshift/django-ex",
+ "openshift.io/support-url": "https://access.redhat.com",
+ "template.openshift.io/bindable": "false"
+ }
+ },
+ "message": "The following service(s) have been created in your project: ${NAME}, ${DATABASE_SERVICE_NAME}.\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/openshift/django-ex/blob/master/README.md.",
+ "labels": {
+ "template": "django-psql-persistent",
+ "app": "django-psql-persistent"
+ },
+ "objects": [
+ {
+ "kind": "Secret",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}"
+ },
+ "stringData" : {
+ "database-user" : "${DATABASE_USER}",
+ "database-password" : "${DATABASE_PASSWORD}",
+ "django-secret-key" : "${DJANGO_SECRET_KEY}"
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Exposes and load balances the application pods",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${DATABASE_SERVICE_NAME}\", \"kind\": \"Service\"}]"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "web",
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "name": "${NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}"
+ },
+ "spec": {
+ "host": "${APPLICATION_DOMAIN}",
+ "to": {
+ "kind": "Service",
+ "name": "${NAME}"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Keeps track of changes in the application image"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Defines how to build the application",
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${NAMESPACE}",
+ "name": "python:3.5"
+ },
+ "env": [
+ {
+ "name": "PIP_INDEX_URL",
+ "value": "${PIP_INDEX_URL}"
+ }
+ ]
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange"
+ },
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ }
+ ],
+ "postCommit": {
+ "script": "./manage.py test"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Defines how to deploy the application server",
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "django-psql-persistent"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${NAME}",
+ "labels": {
+ "name": "${NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "django-psql-persistent",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 8080
+ }
+ ],
+ "readinessProbe": {
+ "timeoutSeconds": 3,
+ "initialDelaySeconds": 3,
+ "httpGet": {
+ "path": "/health",
+ "port": 8080
+ }
+ },
+ "livenessProbe": {
+ "timeoutSeconds": 3,
+ "initialDelaySeconds": 30,
+ "httpGet": {
+ "path": "/health",
+ "port": 8080
+ }
+ },
+ "env": [
+ {
+ "name": "DATABASE_SERVICE_NAME",
+ "value": "${DATABASE_SERVICE_NAME}"
+ },
+ {
+ "name": "DATABASE_ENGINE",
+ "value": "${DATABASE_ENGINE}"
+ },
+ {
+ "name": "DATABASE_NAME",
+ "value": "${DATABASE_NAME}"
+ },
+ {
+ "name": "DATABASE_USER",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-user"
+ }
+ }
+ },
+ {
+ "name": "DATABASE_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-password"
+ }
+ }
+ },
+ {
+ "name": "APP_CONFIG",
+ "value": "${APP_CONFIG}"
+ },
+ {
+ "name": "DJANGO_SECRET_KEY",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "django-secret-key"
+ }
+ }
+ }
+ ],
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_LIMIT}"
+ }
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "PersistentVolumeClaim",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "description": "Exposes the database server"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "postgresql",
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "description": "Defines how to deploy the database",
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${NAMESPACE}",
+ "name": "postgresql:9.5"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "labels": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ }
+ },
+ "spec": {
+ "volumes": [
+ {
+ "name": "${DATABASE_SERVICE_NAME}-data",
+ "persistentVolumeClaim": {
+ "claimName": "${DATABASE_SERVICE_NAME}"
+ }
+ }
+ ],
+ "containers": [
+ {
+ "name": "postgresql",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 5432
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-user"
+ }
+ }
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-password"
+ }
+ }
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DATABASE_NAME}"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "name": "${DATABASE_SERVICE_NAME}-data",
+ "mountPath": "/var/lib/pgsql/data"
+ }
+ ],
+ "readinessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 5,
+ "exec": {
+ "command": [ "/bin/sh", "-i", "-c", "psql -h 127.0.0.1 -U ${POSTGRESQL_USER} -q -d ${POSTGRESQL_DATABASE} -c 'SELECT 1'"]
+ }
+ },
+ "livenessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 30,
+ "tcpSocket": {
+ "port": 5432
+ }
+ },
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_POSTGRESQL_LIMIT}"
+ }
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ],
+ "parameters": [
+ {
+ "name": "NAME",
+ "displayName": "Name",
+ "description": "The name assigned to all of the frontend objects defined in this template.",
+ "required": true,
+ "value": "django-psql-persistent"
+ },
+ {
+ "name": "NAMESPACE",
+ "displayName": "Namespace",
+ "required": true,
+ "description": "The OpenShift Namespace where the ImageStream resides.",
+ "value": "openshift"
+ },
+ {
+ "name": "MEMORY_LIMIT",
+ "displayName": "Memory Limit",
+ "required": true,
+ "description": "Maximum amount of memory the Django container can use.",
+ "value": "512Mi"
+ },
+ {
+ "name": "MEMORY_POSTGRESQL_LIMIT",
+ "displayName": "Memory Limit (PostgreSQL)",
+ "required": true,
+ "description": "Maximum amount of memory the PostgreSQL container can use.",
+ "value": "512Mi"
+ },
+ {
+ "name": "VOLUME_CAPACITY",
+ "displayName": "Volume Capacity",
+ "description": "Volume space available for data, e.g. 512Mi, 2Gi",
+ "value": "1Gi",
+ "required": true
+ },
+ {
+ "name": "SOURCE_REPOSITORY_URL",
+ "displayName": "Git Repository URL",
+ "required": true,
+ "description": "The URL of the repository with your application source code.",
+ "value": "https://github.com/openshift/django-ex.git"
+ },
+ {
+ "name": "SOURCE_REPOSITORY_REF",
+ "displayName": "Git Reference",
+ "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch."
+ },
+ {
+ "name": "CONTEXT_DIR",
+ "displayName": "Context Directory",
+ "description": "Set this to the relative path to your project if it is not in the root of your repository."
+ },
+ {
+ "name": "APPLICATION_DOMAIN",
+ "displayName": "Application Hostname",
+ "description": "The exposed hostname that will route to the Django service, if left blank a value will be defaulted.",
+ "value": ""
+ },
+ {
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "displayName": "GitHub Webhook Secret",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{40}"
+ },
+ {
+ "name": "DATABASE_SERVICE_NAME",
+ "displayName": "Database Service Name",
+ "required": true,
+ "value": "postgresql"
+ },
+ {
+ "name": "DATABASE_ENGINE",
+ "displayName": "Database Engine",
+ "required": true,
+ "description": "Database engine: postgresql, mysql or sqlite (default).",
+ "value": "postgresql"
+ },
+ {
+ "name": "DATABASE_NAME",
+ "displayName": "Database Name",
+ "required": true,
+ "value": "default"
+ },
+ {
+ "name": "DATABASE_USER",
+ "displayName": "Database Username",
+ "required": true,
+ "value": "django"
+ },
+ {
+ "name": "DATABASE_PASSWORD",
+ "displayName": "Database User Password",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{16}"
+ },
+ {
+ "name": "APP_CONFIG",
+ "displayName": "Application Configuration File Path",
+ "description": "Relative path to Gunicorn configuration file (optional)."
+ },
+ {
+ "name": "DJANGO_SECRET_KEY",
+ "displayName": "Django Secret Key",
+ "description": "Set this to a long random string.",
+ "generate": "expression",
+ "from": "[\\w]{50}"
+ },
+ {
+ "name": "PIP_INDEX_URL",
+ "displayName": "Custom PyPi Index URL",
+ "description": "The custom PyPi index URL",
+ "value": ""
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/quickstart-templates/django-postgresql.json b/roles/openshift_examples/files/examples/v3.8/quickstart-templates/django-postgresql.json
new file mode 100644
index 000000000..6395defda
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/quickstart-templates/django-postgresql.json
@@ -0,0 +1,515 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "django-psql-example",
+ "annotations": {
+ "openshift.io/display-name": "Django + PostgreSQL (Ephemeral)",
+ "description": "An example Django application with a PostgreSQL database. For more information about using this template, including OpenShift considerations, see https://github.com/openshift/django-ex/blob/master/README.md.\n\nWARNING: Any data stored will be lost upon pod destruction. Only use this template for testing.",
+ "tags": "quickstart,python,django",
+ "iconClass": "icon-python",
+ "openshift.io/long-description": "This template defines resources needed to develop a Django based application, including a build configuration, application deployment configuration, and database deployment configuration. The database is stored in non-persistent storage, so this configuration should be used for experimental purposes only.",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "openshift.io/documentation-url": "https://github.com/openshift/django-ex",
+ "openshift.io/support-url": "https://access.redhat.com",
+ "template.openshift.io/bindable": "false"
+ }
+ },
+ "message": "The following service(s) have been created in your project: ${NAME}, ${DATABASE_SERVICE_NAME}.\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/openshift/django-ex/blob/master/README.md.",
+ "labels": {
+ "template": "django-psql-example",
+ "app": "django-psql-example"
+ },
+ "objects": [
+ {
+ "kind": "Secret",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}"
+ },
+ "stringData" : {
+ "database-user" : "${DATABASE_USER}",
+ "database-password" : "${DATABASE_PASSWORD}",
+ "django-secret-key" : "${DJANGO_SECRET_KEY}"
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Exposes and load balances the application pods",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${DATABASE_SERVICE_NAME}\", \"kind\": \"Service\"}]"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "web",
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "name": "${NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}"
+ },
+ "spec": {
+ "host": "${APPLICATION_DOMAIN}",
+ "to": {
+ "kind": "Service",
+ "name": "${NAME}"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Keeps track of changes in the application image"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Defines how to build the application",
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${NAMESPACE}",
+ "name": "python:3.5"
+ },
+ "env": [
+ {
+ "name": "PIP_INDEX_URL",
+ "value": "${PIP_INDEX_URL}"
+ }
+ ]
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange"
+ },
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ }
+ ],
+ "postCommit": {
+ "script": "./manage.py test"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Defines how to deploy the application server",
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "django-psql-example"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${NAME}",
+ "labels": {
+ "name": "${NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "django-psql-example",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 8080
+ }
+ ],
+ "readinessProbe": {
+ "timeoutSeconds": 3,
+ "initialDelaySeconds": 3,
+ "httpGet": {
+ "path": "/health",
+ "port": 8080
+ }
+ },
+ "livenessProbe": {
+ "timeoutSeconds": 3,
+ "initialDelaySeconds": 30,
+ "httpGet": {
+ "path": "/health",
+ "port": 8080
+ }
+ },
+ "env": [
+ {
+ "name": "DATABASE_SERVICE_NAME",
+ "value": "${DATABASE_SERVICE_NAME}"
+ },
+ {
+ "name": "DATABASE_ENGINE",
+ "value": "${DATABASE_ENGINE}"
+ },
+ {
+ "name": "DATABASE_NAME",
+ "value": "${DATABASE_NAME}"
+ },
+ {
+ "name": "DATABASE_USER",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-user"
+ }
+ }
+ },
+ {
+ "name": "DATABASE_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-password"
+ }
+ }
+ },
+ {
+ "name": "APP_CONFIG",
+ "value": "${APP_CONFIG}"
+ },
+ {
+ "name": "DJANGO_SECRET_KEY",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "django-secret-key"
+ }
+ }
+ }
+ ],
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_LIMIT}"
+ }
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "description": "Exposes the database server"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "postgresql",
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "description": "Defines how to deploy the database",
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${NAMESPACE}",
+ "name": "postgresql:9.5"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "labels": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ }
+ },
+ "spec": {
+ "volumes": [
+ {
+ "name": "data",
+ "emptyDir": {}
+ }
+ ],
+ "containers": [
+ {
+ "name": "postgresql",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 5432
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-user"
+ }
+ }
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-password"
+ }
+ }
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DATABASE_NAME}"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "name": "data",
+ "mountPath": "/var/lib/pgsql/data"
+ }
+ ],
+ "readinessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 5,
+ "exec": {
+ "command": [ "/bin/sh", "-i", "-c", "psql -h 127.0.0.1 -U ${POSTGRESQL_USER} -q -d ${POSTGRESQL_DATABASE} -c 'SELECT 1'"]
+ }
+ },
+ "livenessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 30,
+ "tcpSocket": {
+ "port": 5432
+ }
+ },
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_POSTGRESQL_LIMIT}"
+ }
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ],
+ "parameters": [
+ {
+ "name": "NAME",
+ "displayName": "Name",
+ "description": "The name assigned to all of the frontend objects defined in this template.",
+ "required": true,
+ "value": "django-psql-example"
+ },
+ {
+ "name": "NAMESPACE",
+ "displayName": "Namespace",
+ "required": true,
+ "description": "The OpenShift Namespace where the ImageStream resides.",
+ "value": "openshift"
+ },
+ {
+ "name": "MEMORY_LIMIT",
+ "displayName": "Memory Limit",
+ "required": true,
+ "description": "Maximum amount of memory the Django container can use.",
+ "value": "512Mi"
+ },
+ {
+ "name": "MEMORY_POSTGRESQL_LIMIT",
+ "displayName": "Memory Limit (PostgreSQL)",
+ "required": true,
+ "description": "Maximum amount of memory the PostgreSQL container can use.",
+ "value": "512Mi"
+ },
+ {
+ "name": "SOURCE_REPOSITORY_URL",
+ "displayName": "Git Repository URL",
+ "required": true,
+ "description": "The URL of the repository with your application source code.",
+ "value": "https://github.com/openshift/django-ex.git"
+ },
+ {
+ "name": "SOURCE_REPOSITORY_REF",
+ "displayName": "Git Reference",
+ "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch."
+ },
+ {
+ "name": "CONTEXT_DIR",
+ "displayName": "Context Directory",
+ "description": "Set this to the relative path to your project if it is not in the root of your repository."
+ },
+ {
+ "name": "APPLICATION_DOMAIN",
+ "displayName": "Application Hostname",
+ "description": "The exposed hostname that will route to the Django service, if left blank a value will be defaulted.",
+ "value": ""
+ },
+ {
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "displayName": "GitHub Webhook Secret",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{40}"
+ },
+ {
+ "name": "DATABASE_SERVICE_NAME",
+ "displayName": "Database Service Name",
+ "required": true,
+ "value": "postgresql"
+ },
+ {
+ "name": "DATABASE_ENGINE",
+ "displayName": "Database Engine",
+ "required": true,
+ "description": "Database engine: postgresql, mysql or sqlite (default).",
+ "value": "postgresql"
+ },
+ {
+ "name": "DATABASE_NAME",
+ "displayName": "Database Name",
+ "required": true,
+ "value": "default"
+ },
+ {
+ "name": "DATABASE_USER",
+ "displayName": "Database Username",
+ "required": true,
+ "value": "django"
+ },
+ {
+ "name": "DATABASE_PASSWORD",
+ "displayName": "Database User Password",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{16}"
+ },
+ {
+ "name": "APP_CONFIG",
+ "displayName": "Application Configuration File Path",
+ "description": "Relative path to Gunicorn configuration file (optional)."
+ },
+ {
+ "name": "DJANGO_SECRET_KEY",
+ "displayName": "Django Secret Key",
+ "description": "Set this to a long random string.",
+ "generate": "expression",
+ "from": "[\\w]{50}"
+ },
+ {
+ "name": "PIP_INDEX_URL",
+ "displayName": "Custom PyPi Index URL",
+ "description": "The custom PyPi index URL",
+ "value": ""
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/quickstart-templates/dotnet-example.json b/roles/openshift_examples/files/examples/v3.8/quickstart-templates/dotnet-example.json
new file mode 100644
index 000000000..f1fef3093
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/quickstart-templates/dotnet-example.json
@@ -0,0 +1,333 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "dotnet-example",
+ "annotations": {
+ "openshift.io/display-name": ".NET Core Example",
+ "description": "An example .NET Core application.",
+ "tags": "quickstart,dotnet,.net",
+ "iconClass": "icon-dotnet",
+ "template.openshift.io/provider-display-name": "Red Hat, Inc.",
+ "template.openshift.io/documentation-url": "https://github.com/redhat-developer/s2i-dotnetcore",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ }
+ },
+ "objects": [
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}"
+ },
+ "spec": {
+ "host": "${APPLICATION_DOMAIN}",
+ "to": {
+ "kind": "Service",
+ "name": "${NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Exposes and load balances the application pods"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "web",
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "name": "${NAME}"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Keeps track of changes in the application image"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Defines how to build the application"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${NAMESPACE}",
+ "name": "${DOTNET_IMAGE_STREAM_TAG}"
+ },
+ "env": [
+ {
+ "name": "DOTNET_STARTUP_PROJECT",
+ "value": "${DOTNET_STARTUP_PROJECT}"
+ },
+ {
+ "name": "DOTNET_ASSEMBLY_NAME",
+ "value": "${DOTNET_ASSEMBLY_NAME}"
+ },
+ {
+ "name": "DOTNET_NPM_TOOLS",
+ "value": "${DOTNET_NPM_TOOLS}"
+ },
+ {
+ "name": "DOTNET_TEST_PROJECTS",
+ "value": "${DOTNET_TEST_PROJECTS}"
+ },
+ {
+ "name": "DOTNET_CONFIGURATION",
+ "value": "${DOTNET_CONFIGURATION}"
+ },
+ {
+ "name": "DOTNET_PUBLISH",
+ "value": "true"
+ },
+ {
+ "name": "DOTNET_RESTORE_SOURCES",
+ "value": "${DOTNET_RESTORE_SOURCES}"
+ }
+ ]
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange"
+ },
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Defines how to deploy the application server"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Rolling"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "dotnet-app"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${NAME}",
+ "labels": {
+ "name": "${NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "dotnet-app",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 8080
+ }
+ ],
+ "livenessProbe": {
+ "httpGet": {
+ "path": "/",
+ "port": 8080,
+ "scheme": "HTTP"
+ },
+ "initialDelaySeconds": 40,
+ "timeoutSeconds": 15
+ },
+ "readinessProbe": {
+ "httpGet": {
+ "path": "/",
+ "port": 8080,
+ "scheme": "HTTP"
+ },
+ "initialDelaySeconds": 10,
+ "timeoutSeconds": 30
+ },
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_LIMIT}"
+ }
+ },
+ "env": []
+ }
+ ]
+ }
+ }
+ }
+ }
+ ],
+ "parameters": [
+ {
+ "name": "NAME",
+ "displayName": "Name",
+ "description": "The name assigned to all of the frontend objects defined in this template.",
+ "required": true,
+ "value": "dotnet-example"
+ },
+ {
+ "name": "MEMORY_LIMIT",
+ "displayName": "Memory Limit",
+ "description": "Maximum amount of memory the container can use.",
+ "required": true,
+ "value": "512Mi"
+ },
+ {
+ "name": "DOTNET_IMAGE_STREAM_TAG",
+ "displayName": ".NET builder",
+ "required": true,
+ "description": "The image stream tag which is used to build the code.",
+ "value": "dotnet:2.0"
+ },
+ {
+ "name": "NAMESPACE",
+ "displayName": "Namespace",
+ "description": "The OpenShift Namespace where the ImageStream resides.",
+ "required": true,
+ "value": "openshift"
+ },
+ {
+ "name": "SOURCE_REPOSITORY_URL",
+ "displayName": "Git Repository URL",
+ "description": "The URL of the repository with your application source code.",
+ "required": true,
+ "value": "https://github.com/redhat-developer/s2i-dotnetcore-ex.git"
+ },
+ {
+ "name": "SOURCE_REPOSITORY_REF",
+ "displayName": "Git Reference",
+ "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch.",
+ "value": "dotnetcore-2.0"
+ },
+ {
+ "name": "CONTEXT_DIR",
+ "displayName": "Context Directory",
+ "description": "Set this to use a subdirectory of the source code repository"
+ },
+ {
+ "name": "APPLICATION_DOMAIN",
+ "displayName": "Application Hostname",
+ "description": "The exposed hostname that will route to the .NET Core service, if left blank a value will be defaulted.",
+ "value": ""
+ },
+ {
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "displayName": "GitHub Webhook Secret",
+ "description": "A secret string used to configure the GitHub webhook.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{40}"
+ },
+ {
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "displayName": "Generic Webhook Secret",
+ "description": "A secret string used to configure the Generic webhook.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{40}"
+ },
+ {
+ "name": "DOTNET_STARTUP_PROJECT",
+ "displayName": "Startup Project",
+ "description": "Set this to a project file (e.g. csproj) or a folder containing a single project file.",
+ "value": "app"
+ },
+ {
+ "name": "DOTNET_ASSEMBLY_NAME",
+ "displayName": "Startup Assembly",
+ "description": "Set this when the assembly name is overridden in the project file."
+ },
+ {
+ "name": "DOTNET_NPM_TOOLS",
+ "displayName": "Npm Tools",
+ "description": "Set this to a space separated list of npm tools needed to publish.",
+ "value": "bower gulp"
+ },
+ {
+ "name": "DOTNET_TEST_PROJECTS",
+ "displayName": "Test projects",
+ "description": "Set this to a space separated list of test projects to run before publishing."
+ },
+ {
+ "name": "DOTNET_CONFIGURATION",
+ "displayName": "Configuration",
+ "description": "Set this to configuration (Release/Debug).",
+ "value": "Release"
+ },
+ {
+ "name": "DOTNET_RESTORE_SOURCES",
+ "displayName": "NuGet package sources",
+ "description": "Set this to override the NuGet.config sources."
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/quickstart-templates/dotnet-pgsql-persistent.json b/roles/openshift_examples/files/examples/v3.8/quickstart-templates/dotnet-pgsql-persistent.json
new file mode 100644
index 000000000..c83132152
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/quickstart-templates/dotnet-pgsql-persistent.json
@@ -0,0 +1,565 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "dotnet-pgsql-persistent",
+ "annotations": {
+ "openshift.io/display-name": ".NET Core + PostgreSQL (Persistent)",
+ "description": "An example .NET Core application with a PostgreSQL database. For more information about using this template, including OpenShift considerations, see https://github.com/redhat-developer/s2i-dotnetcore.",
+ "tags": "quickstart,dotnet",
+ "iconClass": "icon-dotnet",
+ "template.openshift.io/provider-display-name": "Red Hat, Inc.",
+ "template.openshift.io/documentation-url": "https://github.com/redhat-developer/s2i-dotnetcore",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ }
+ },
+ "message": "The following service(s) have been created in your project: ${NAME}, ${DATABASE_SERVICE_NAME}.\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/redhat-developer/s2i-dotnetcore.",
+ "labels": {
+ "template": "dotnet-pgsql-persistent"
+ },
+ "objects": [
+ {
+ "kind": "Secret",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}"
+ },
+ "stringData": {
+ "database-password": "${DATABASE_PASSWORD}",
+ "connect-string": "Host=${DATABASE_SERVICE_NAME};Database=${DATABASE_NAME};Username=${DATABASE_USER};Password=${DATABASE_PASSWORD}"
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Exposes and load balances the application pods",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${DATABASE_SERVICE_NAME}\", \"kind\": \"Service\"}]"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "web",
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "name": "${NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}"
+ },
+ "spec": {
+ "host": "${APPLICATION_DOMAIN}",
+ "to": {
+ "kind": "Service",
+ "name": "${NAME}"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Keeps track of changes in the application image"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Defines how to build the application"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${NAMESPACE}",
+ "name": "${DOTNET_IMAGE_STREAM_TAG}"
+ },
+ "env": [
+ {
+ "name": "DOTNET_STARTUP_PROJECT",
+ "value": "${DOTNET_STARTUP_PROJECT}"
+ },
+ {
+ "name": "DOTNET_ASSEMBLY_NAME",
+ "value": "${DOTNET_ASSEMBLY_NAME}"
+ },
+ {
+ "name": "DOTNET_NPM_TOOLS",
+ "value": "${DOTNET_NPM_TOOLS}"
+ },
+ {
+ "name": "DOTNET_TEST_PROJECTS",
+ "value": "${DOTNET_TEST_PROJECTS}"
+ },
+ {
+ "name": "DOTNET_CONFIGURATION",
+ "value": "${DOTNET_CONFIGURATION}"
+ },
+ {
+ "name": "DOTNET_PUBLISH",
+ "value": "true"
+ },
+ {
+ "name": "DOTNET_RESTORE_SOURCES",
+ "value": "${DOTNET_RESTORE_SOURCES}"
+ }
+ ]
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange"
+ },
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ }
+ ],
+ "postCommit": {}
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Defines how to deploy the application server"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Rolling",
+ "rollingParams": {
+ "updatePeriodSeconds": 1,
+ "intervalSeconds": 1,
+ "timeoutSeconds": 600,
+ "maxUnavailable": "25%",
+ "maxSurge": "25%"
+ },
+ "resources": {}
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "dotnet-pgsql-persistent"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${NAME}",
+ "labels": {
+ "name": "${NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "dotnet-pgsql-persistent",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 8080
+ }
+ ],
+ "env": [
+ {
+ "name": "ConnectionString",
+ "valueFrom": {
+ "secretKeyRef": {
+ "name": "${NAME}",
+ "key": "connect-string"
+ }
+ }
+ }
+ ],
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_LIMIT}"
+ }
+ },
+ "livenessProbe": {
+ "httpGet": {
+ "path": "/",
+ "port": 8080,
+ "scheme": "HTTP"
+ },
+ "initialDelaySeconds": 40,
+ "timeoutSeconds": 10
+ },
+ "readinessProbe": {
+ "httpGet": {
+ "path": "/",
+ "port": 8080,
+ "scheme": "HTTP"
+ },
+ "initialDelaySeconds": 10,
+ "timeoutSeconds": 30
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "PersistentVolumeClaim",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "description": "Exposes the database server"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "postgresql",
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "description": "Defines how to deploy the database"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "openshift",
+ "name": "postgresql:9.5"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "labels": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ }
+ },
+ "spec": {
+ "volumes": [
+ {
+ "name": "${DATABASE_SERVICE_NAME}-data",
+ "persistentVolumeClaim": {
+ "claimName": "${DATABASE_SERVICE_NAME}"
+ }
+ }
+ ],
+ "containers": [
+ {
+ "name": "postgresql",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 5432
+ }
+ ],
+ "readinessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 5,
+ "exec": {
+ "command": [
+ "/bin/sh",
+ "-i",
+ "-c",
+ "psql -h 127.0.0.1 -U ${POSTGRESQL_USER} -q -d ${POSTGRESQL_DATABASE} -c 'SELECT 1'"
+ ]
+ }
+ },
+ "livenessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 30,
+ "tcpSocket": {
+ "port": 5432
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "${DATABASE_SERVICE_NAME}-data",
+ "mountPath": "/var/lib/pgsql/data"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DATABASE_USER}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef": {
+ "name": "${NAME}",
+ "key": "database-password"
+ }
+ }
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DATABASE_NAME}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ],
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_POSTGRESQL_LIMIT}"
+ }
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ],
+ "parameters": [
+ {
+ "name": "NAME",
+ "displayName": "Name",
+ "description": "The name assigned to all of the frontend objects defined in this template.",
+ "required": true,
+ "value": "musicstore"
+ },
+ {
+ "name": "MEMORY_LIMIT",
+ "displayName": "Memory Limit",
+ "required": true,
+ "description": "Maximum amount of memory the .NET Core container can use.",
+ "value": "512Mi"
+ },
+ {
+ "name": "MEMORY_POSTGRESQL_LIMIT",
+ "displayName": "Memory Limit (PostgreSQL)",
+ "required": true,
+ "description": "Maximum amount of memory the PostgreSQL container can use.",
+ "value": "512Mi"
+ },
+ {
+ "name": "VOLUME_CAPACITY",
+ "displayName": "Volume Capacity",
+ "description": "Volume space available for data, e.g. 512Mi, 2Gi",
+ "value": "1Gi",
+ "required": true
+ },
+ {
+ "name": "DOTNET_IMAGE_STREAM_TAG",
+ "displayName": ".NET builder",
+ "required": true,
+ "description": "The image stream tag which is used to build the code.",
+ "value": "dotnet:2.0"
+ },
+ {
+ "name": "NAMESPACE",
+ "displayName": "Namespace",
+ "required": true,
+ "description": "The OpenShift Namespace where the .NET builder ImageStream resides.",
+ "value": "openshift"
+ },
+ {
+ "name": "SOURCE_REPOSITORY_URL",
+ "displayName": "Git Repository URL",
+ "required": true,
+ "description": "The URL of the repository with your application source code.",
+ "value": "https://github.com/redhat-developer/s2i-aspnet-musicstore-ex.git"
+ },
+ {
+ "name": "SOURCE_REPOSITORY_REF",
+ "displayName": "Git Reference",
+ "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch.",
+ "value": "rel/2.0-example"
+ },
+ {
+ "name": "CONTEXT_DIR",
+ "displayName": "Context Directory",
+ "description": "Set this to the relative path to your project if it is not in the root of your repository."
+ },
+ {
+ "name": "DOTNET_STARTUP_PROJECT",
+ "displayName": "Startup Project",
+ "description": "Set this to a project file (e.g. csproj) or a folder containing a single project file.",
+ "value": "samples/MusicStore"
+ },
+ {
+ "name": "DOTNET_ASSEMBLY_NAME",
+ "displayName": "Startup Assembly",
+ "description": "Set this when the assembly name is overridden in the project file."
+ },
+ {
+ "name": "DOTNET_NPM_TOOLS",
+ "displayName": "Npm Tools",
+ "description": "Set this to a space separated list of npm tools needed to publish."
+ },
+ {
+ "name": "DOTNET_TEST_PROJECTS",
+ "displayName": "Test projects",
+ "description": "Set this to a space separated list of test projects to run before publishing."
+ },
+ {
+ "name": "DOTNET_CONFIGURATION",
+ "displayName": "Configuration",
+ "description": "Set this to configuration (Release/Debug).",
+ "value": "Release"
+ },
+ {
+ "name": "DOTNET_RESTORE_SOURCES",
+ "displayName": "NuGet package sources",
+ "description": "Set this to override the NuGet.config sources."
+ },
+ {
+ "name": "APPLICATION_DOMAIN",
+ "displayName": "Application Hostname",
+ "description": "The exposed hostname that will route to the .NET Core service, if left blank a value will be defaulted.",
+ "value": ""
+ },
+ {
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "displayName": "GitHub Webhook Secret",
+ "description": "A secret string used to configure the GitHub webhook.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{40}"
+ },
+ {
+ "name": "DATABASE_SERVICE_NAME",
+ "required": true,
+ "displayName": "Database Service Name",
+ "value": "postgresql"
+ },
+ {
+ "name": "DATABASE_USER",
+ "displayName": "Database Username",
+ "generate": "expression",
+ "from": "user[A-Z0-9]{3}"
+ },
+ {
+ "name": "DATABASE_PASSWORD",
+ "displayName": "Database Password",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{8}"
+ },
+ {
+ "name": "DATABASE_NAME",
+ "required": true,
+ "displayName": "Database Name",
+ "value": "musicstore"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "displayName": "Maximum Database Connections",
+ "value": "100"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "displayName": "Shared Buffer Amount",
+ "value": "12MB"
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/quickstart-templates/dotnet-runtime-example.json b/roles/openshift_examples/files/examples/v3.8/quickstart-templates/dotnet-runtime-example.json
new file mode 100644
index 000000000..e1dccf290
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/quickstart-templates/dotnet-runtime-example.json
@@ -0,0 +1,412 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "dotnet-runtime-example",
+ "annotations": {
+ "openshift.io/display-name": ".NET Core Runtime Example",
+ "description": "An example .NET Core Runtime example application.",
+ "tags": "quickstart,dotnet,.net",
+ "iconClass": "icon-dotnet",
+ "template.openshift.io/provider-display-name": "Red Hat, Inc.",
+ "template.openshift.io/documentation-url": "https://github.com/redhat-developer/s2i-dotnetcore",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ }
+ },
+ "objects": [
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}"
+ },
+ "spec": {
+ "host": "${APPLICATION_DOMAIN}",
+ "to": {
+ "kind": "Service",
+ "name": "${NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Exposes and load balances the application pods"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "web",
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "name": "${NAME}"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Keeps track of changes in the application runtime image"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}-build",
+ "annotations": {
+ "description": "Keeps track of changes in the application builder image"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}-build",
+ "annotations": {
+ "description": "Defines how to build the application"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${NAMESPACE}",
+ "name": "${DOTNET_BUILD_IMAGE_STREAM_TAG}"
+ },
+ "env": [
+ {
+ "name": "DOTNET_STARTUP_PROJECT",
+ "value": "${DOTNET_STARTUP_PROJECT}"
+ },
+ {
+ "name": "DOTNET_ASSEMBLY_NAME",
+ "value": "${DOTNET_ASSEMBLY_NAME}"
+ },
+ {
+ "name": "DOTNET_NPM_TOOLS",
+ "value": "${DOTNET_NPM_TOOLS}"
+ },
+ {
+ "name": "DOTNET_TEST_PROJECTS",
+ "value": "${DOTNET_TEST_PROJECTS}"
+ },
+ {
+ "name": "DOTNET_CONFIGURATION",
+ "value": "${DOTNET_CONFIGURATION}"
+ },
+ {
+ "name": "DOTNET_RESTORE_SOURCES",
+ "value": "${DOTNET_RESTORE_SOURCES}"
+ },
+ {
+ "name": "DOTNET_PACK",
+ "value": "true"
+ }
+ ]
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${NAME}-build:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange"
+ },
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}-runtime",
+ "annotations": {
+ "description": "Defines how to chain the runtime image from the source build image"
+ }
+ },
+ "spec": {
+ "source": {
+ "dockerfile": "FROM ${DOTNET_RUNTIME_IMAGE_STREAM_TAG}\nADD app.tar.gz .",
+ "images": [
+ {
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${NAME}-build:latest"
+ },
+ "paths": [
+ {
+ "sourcePath": "/opt/app-root/app.tar.gz",
+ "destinationDir": "."
+ }
+ ]
+ }
+ ]
+ },
+ "strategy": {
+ "type": "Docker",
+ "dockerStrategy": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${NAMESPACE}",
+ "name": "${DOTNET_RUNTIME_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange"
+ },
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${NAME}-build:latest"
+ }
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}-runtime",
+ "annotations": {
+ "description": "Defines how to deploy the application server"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Rolling"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "dotnet-runtime-app"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${NAME}",
+ "labels": {
+ "name": "${NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "dotnet-runtime-app",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 8080
+ }
+ ],
+ "livenessProbe": {
+ "httpGet": {
+ "path": "/",
+ "port": 8080,
+ "scheme": "HTTP"
+ },
+ "initialDelaySeconds": 40,
+ "timeoutSeconds": 15
+ },
+ "readinessProbe": {
+ "httpGet": {
+ "path": "/",
+ "port": 8080,
+ "scheme": "HTTP"
+ },
+ "initialDelaySeconds": 10,
+ "timeoutSeconds": 30
+ },
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_LIMIT}"
+ }
+ },
+ "env": []
+ }
+ ]
+ }
+ }
+ }
+ }
+ ],
+ "parameters": [
+ {
+ "name": "NAME",
+ "displayName": "Name",
+ "description": "The name assigned to all of the frontend objects defined in this template.",
+ "required": true,
+ "value": "dotnet-runtime-example"
+ },
+ {
+ "name": "MEMORY_LIMIT",
+ "displayName": "Memory Limit",
+ "description": "Maximum amount of memory the container can use.",
+ "required": true,
+ "value": "512Mi"
+ },
+ {
+ "name": "DOTNET_RUNTIME_IMAGE_STREAM_TAG",
+ "displayName": ".NET Runtime Imagestream Tag",
+ "description": "The image stream tag which is used to run the application.",
+ "required": true,
+ "value": "dotnet-runtime:2.0"
+ },
+ {
+ "name": "DOTNET_BUILD_IMAGE_STREAM_TAG",
+ "displayName": ".NET builder",
+ "required": true,
+ "description": "The image stream tag which is used to build the application.",
+ "value": "dotnet:2.0"
+ },
+ {
+ "name": "NAMESPACE",
+ "displayName": "Namespace",
+ "description": "The OpenShift Namespace where the ImageStream resides.",
+ "required": true,
+ "value": "openshift"
+ },
+ {
+ "name": "APPLICATION_DOMAIN",
+ "displayName": "Application Hostname",
+ "description": "The exposed hostname that will route to the .NET Core service, if left blank a value will be defaulted.",
+ "value": ""
+ },
+ {
+ "name": "SOURCE_REPOSITORY_URL",
+ "displayName": "Git Repository URL",
+ "description": "The URL of the repository with your application source code.",
+ "required": true,
+ "value": "https://github.com/redhat-developer/s2i-dotnetcore-ex.git"
+ },
+ {
+ "name": "SOURCE_REPOSITORY_REF",
+ "displayName": "Git Reference",
+ "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch.",
+ "value": "dotnetcore-2.0"
+ },
+ {
+ "name": "CONTEXT_DIR",
+ "displayName": "Context Directory",
+ "description": "Set this to use a subdirectory of the source code repository"
+ },
+ {
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "displayName": "GitHub Webhook Secret",
+ "description": "A secret string used to configure the GitHub webhook.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{40}"
+ },
+ {
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "displayName": "Generic Webhook Secret",
+ "description": "A secret string used to configure the Generic webhook.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{40}"
+ },
+ {
+ "name": "DOTNET_STARTUP_PROJECT",
+ "displayName": "Startup Project",
+ "description": "Set this to the folder containing your startup project.",
+ "value": "app"
+ },
+ {
+ "name": "DOTNET_ASSEMBLY_NAME",
+ "displayName": "Startup Assembly",
+ "description": "Set this when the assembly name is overridden in the project file."
+ },
+ {
+ "name": "DOTNET_NPM_TOOLS",
+ "displayName": "Npm Tools",
+ "description": "Set this to a space separated list of npm tools needed to publish.",
+ "value": "bower gulp"
+ },
+ {
+ "name": "DOTNET_TEST_PROJECTS",
+ "displayName": "Test projects",
+ "description": "Set this to a space separated list of test projects to run before publishing."
+ },
+ {
+ "name": "DOTNET_CONFIGURATION",
+ "displayName": "Configuration",
+ "description": "Set this to configuration (Release/Debug).",
+ "value": "Release"
+ },
+ {
+ "name": "DOTNET_RESTORE_SOURCES",
+ "displayName": "NuGet package sources",
+ "description": "Set this to override the NuGet.config sources."
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/quickstart-templates/httpd.json b/roles/openshift_examples/files/examples/v3.8/quickstart-templates/httpd.json
new file mode 100644
index 000000000..d7cab4889
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/quickstart-templates/httpd.json
@@ -0,0 +1,275 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "httpd-example",
+ "annotations": {
+ "openshift.io/display-name": "Apache HTTP Server",
+ "description": "An example Apache HTTP Server (httpd) application that serves static content. For more information about using this template, including OpenShift considerations, see https://github.com/openshift/httpd-ex/blob/master/README.md.",
+ "tags": "quickstart,httpd",
+ "iconClass": "icon-apache",
+ "openshift.io/long-description": "This template defines resources needed to develop a static application served by Apache HTTP Server (httpd), including a build configuration and application deployment configuration.",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "openshift.io/documentation-url": "https://github.com/openshift/httpd-ex",
+ "openshift.io/support-url": "https://access.redhat.com",
+ "template.openshift.io/bindable": "false"
+ }
+ },
+ "message": "The following service(s) have been created in your project: ${NAME}.\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/openshift/httpd-ex/blob/master/README.md.",
+ "labels": {
+ "template": "httpd-example",
+ "app": "httpd-example"
+ },
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Exposes and load balances the application pods"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "web",
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "name": "${NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}"
+ },
+ "spec": {
+ "host": "${APPLICATION_DOMAIN}",
+ "to": {
+ "kind": "Service",
+ "name": "${NAME}"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Keeps track of changes in the application image"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Defines how to build the application",
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${NAMESPACE}",
+ "name": "httpd:2.4"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange"
+ },
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Defines how to deploy the application server",
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Rolling"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "httpd-example"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${NAME}",
+ "labels": {
+ "name": "${NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "httpd-example",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 8080
+ }
+ ],
+ "readinessProbe": {
+ "timeoutSeconds": 3,
+ "initialDelaySeconds": 3,
+ "httpGet": {
+ "path": "/",
+ "port": 8080
+ }
+ },
+ "livenessProbe": {
+ "timeoutSeconds": 3,
+ "initialDelaySeconds": 30,
+ "httpGet": {
+ "path": "/",
+ "port": 8080
+ }
+ },
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_LIMIT}"
+ }
+ },
+ "env": [
+ ],
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_LIMIT}"
+ }
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ],
+ "parameters": [
+ {
+ "name": "NAME",
+ "displayName": "Name",
+ "description": "The name assigned to all of the frontend objects defined in this template.",
+ "required": true,
+ "value": "httpd-example"
+ },
+ {
+ "name": "NAMESPACE",
+ "displayName": "Namespace",
+ "description": "The OpenShift Namespace where the ImageStream resides.",
+ "required": true,
+ "value": "openshift"
+ },
+ {
+ "name": "MEMORY_LIMIT",
+ "displayName": "Memory Limit",
+ "description": "Maximum amount of memory the container can use.",
+ "required": true,
+ "value": "512Mi"
+ },
+ {
+ "name": "SOURCE_REPOSITORY_URL",
+ "displayName": "Git Repository URL",
+ "description": "The URL of the repository with your application source code.",
+ "required": true,
+ "value": "https://github.com/openshift/httpd-ex.git"
+ },
+ {
+ "name": "SOURCE_REPOSITORY_REF",
+ "displayName": "Git Reference",
+ "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch."
+ },
+ {
+ "name": "CONTEXT_DIR",
+ "displayName": "Context Directory",
+ "description": "Set this to the relative path to your project if it is not in the root of your repository."
+ },
+ {
+ "name": "APPLICATION_DOMAIN",
+ "displayName": "Application Hostname",
+ "description": "The exposed hostname that will route to the httpd service, if left blank a value will be defaulted.",
+ "value": ""
+ },
+ {
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "displayName": "GitHub Webhook Secret",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{40}"
+ },
+ {
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "displayName": "Generic Webhook Secret",
+ "description": "A secret string used to configure the Generic webhook.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{40}"
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/quickstart-templates/jenkins-ephemeral-template.json b/roles/openshift_examples/files/examples/v3.8/quickstart-templates/jenkins-ephemeral-template.json
new file mode 100644
index 000000000..6186bba10
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/quickstart-templates/jenkins-ephemeral-template.json
@@ -0,0 +1,287 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jenkins-ephemeral",
+ "annotations": {
+ "openshift.io/display-name": "Jenkins (Ephemeral)",
+ "description": "Jenkins service, without persistent storage.\n\nWARNING: Any data stored will be lost upon pod destruction. Only use this template for testing.",
+ "iconClass": "icon-jenkins",
+ "tags": "instant-app,jenkins",
+ "openshift.io/long-description": "This template deploys a Jenkins server capable of managing OpenShift Pipeline builds and supporting OpenShift-based oauth login. The Jenkins configuration is stored in non-persistent storage, so this configuration should be used for experimental purposes only.",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "openshift.io/documentation-url": "https://docs.openshift.org/latest/using_images/other_images/jenkins.html",
+ "openshift.io/support-url": "https://access.redhat.com"
+ }
+ },
+ "message": "A Jenkins service has been created in your project. Log into Jenkins with your OpenShift account. The tutorial at https://github.com/openshift/origin/blob/master/examples/jenkins/README.md contains more information about using this template.",
+ "labels": {
+ "app": "jenkins-ephemeral"
+ },
+ "objects": [
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${JENKINS_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}"
+ }
+ },
+ "spec": {
+ "to": {
+ "kind": "Service",
+ "name": "${JENKINS_SERVICE_NAME}"
+ },
+ "tls": {
+ "termination": "edge",
+ "insecureEdgeTerminationPolicy": "Redirect"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${JENKINS_SERVICE_NAME}",
+ "annotations": {
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "jenkins"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${JENKINS_IMAGE_STREAM_TAG}",
+ "namespace": "${NAMESPACE}"
+ },
+ "lastTriggeredImage": ""
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${JENKINS_SERVICE_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "labels": {
+ "name": "${JENKINS_SERVICE_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${JENKINS_SERVICE_NAME}",
+ "containers": [
+ {
+ "name": "jenkins",
+ "image": " ",
+ "readinessProbe": {
+ "timeoutSeconds": 3,
+ "initialDelaySeconds": 3,
+ "httpGet": {
+ "path": "/login",
+ "port": 8080
+ }
+ },
+ "livenessProbe": {
+ "timeoutSeconds": 3,
+ "initialDelaySeconds": 420,
+ "failureThreshold" : 30,
+ "httpGet": {
+ "path": "/login",
+ "port": 8080
+ }
+ },
+ "env": [
+ {
+ "name": "OPENSHIFT_ENABLE_OAUTH",
+ "value": "${ENABLE_OAUTH}"
+ },
+ {
+ "name": "OPENSHIFT_ENABLE_REDIRECT_PROMPT",
+ "value": "true"
+ },
+ {
+ "name": "KUBERNETES_MASTER",
+ "value": "https://kubernetes.default:443"
+ },
+ {
+ "name": "KUBERNETES_TRUST_CERTIFICATES",
+ "value": "true"
+ },
+ {
+ "name": "JENKINS_SERVICE_NAME",
+ "value": "${JENKINS_SERVICE_NAME}"
+ },
+ {
+ "name": "JNLP_SERVICE_NAME",
+ "value": "${JNLP_SERVICE_NAME}"
+ }
+ ],
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_LIMIT}"
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "${JENKINS_SERVICE_NAME}-data",
+ "mountPath": "/var/lib/jenkins"
+ }
+ ],
+ "terminationMessagePath": "/dev/termination-log",
+ "imagePullPolicy": "IfNotPresent",
+ "capabilities": {},
+ "securityContext": {
+ "capabilities": {},
+ "privileged": false
+ }
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${JENKINS_SERVICE_NAME}-data",
+ "emptyDir": {
+ "medium": ""
+ }
+ }
+ ],
+ "restartPolicy": "Always",
+ "dnsPolicy": "ClusterFirst"
+ }
+ }
+ }
+ },
+ {
+ "kind": "ServiceAccount",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${JENKINS_SERVICE_NAME}",
+ "annotations": {
+ "serviceaccounts.openshift.io/oauth-redirectreference.jenkins": "{\"kind\":\"OAuthRedirectReference\",\"apiVersion\":\"v1\",\"reference\":{\"kind\":\"Route\",\"name\":\"${JENKINS_SERVICE_NAME}\"}}"
+ }
+ }
+ },
+ {
+ "kind": "RoleBinding",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${JENKINS_SERVICE_NAME}_edit"
+ },
+ "groupNames": null,
+ "subjects": [
+ {
+ "kind": "ServiceAccount",
+ "name": "${JENKINS_SERVICE_NAME}"
+ }
+ ],
+ "roleRef": {
+ "name": "edit"
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${JNLP_SERVICE_NAME}"
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "agent",
+ "protocol": "TCP",
+ "port": 50000,
+ "targetPort": 50000,
+ "nodePort": 0
+ }
+ ],
+ "selector": {
+ "name": "${JENKINS_SERVICE_NAME}"
+ },
+ "type": "ClusterIP",
+ "sessionAffinity": "None"
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${JENKINS_SERVICE_NAME}",
+ "annotations": {
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${JNLP_SERVICE_NAME}\", \"namespace\": \"\", \"kind\": \"Service\"}]",
+ "service.openshift.io/infrastructure": "true"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "web",
+ "protocol": "TCP",
+ "port": 80,
+ "targetPort": 8080,
+ "nodePort": 0
+ }
+ ],
+ "selector": {
+ "name": "${JENKINS_SERVICE_NAME}"
+ },
+ "type": "ClusterIP",
+ "sessionAffinity": "None"
+ }
+ }
+ ],
+ "parameters": [
+ {
+ "name": "JENKINS_SERVICE_NAME",
+ "displayName": "Jenkins Service Name",
+ "description": "The name of the OpenShift Service exposed for the Jenkins container.",
+ "value": "jenkins"
+ },
+ {
+ "name": "JNLP_SERVICE_NAME",
+ "displayName": "Jenkins JNLP Service Name",
+ "description": "The name of the service used for master/slave communication.",
+ "value": "jenkins-jnlp"
+ },
+ {
+ "name": "ENABLE_OAUTH",
+ "displayName": "Enable OAuth in Jenkins",
+ "description": "Whether to enable OAuth OpenShift integration. If false, the static account 'admin' will be initialized with the password 'password'.",
+ "value": "true"
+ },
+ {
+ "name": "MEMORY_LIMIT",
+ "displayName": "Memory Limit",
+ "description": "Maximum amount of memory the container can use.",
+ "value": "512Mi"
+ },
+ {
+ "name": "NAMESPACE",
+ "displayName": "Jenkins ImageStream Namespace",
+ "description": "The OpenShift Namespace where the Jenkins ImageStream resides.",
+ "value": "openshift"
+ },
+ {
+ "name": "JENKINS_IMAGE_STREAM_TAG",
+ "displayName": "Jenkins ImageStreamTag",
+ "description": "Name of the ImageStreamTag to be used for the Jenkins image.",
+ "value": "jenkins:latest"
+ }
+ ],
+ "labels": {
+ "template": "jenkins-ephemeral-template"
+ }
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/quickstart-templates/jenkins-persistent-template.json b/roles/openshift_examples/files/examples/v3.8/quickstart-templates/jenkins-persistent-template.json
new file mode 100644
index 000000000..59dc0d22b
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/quickstart-templates/jenkins-persistent-template.json
@@ -0,0 +1,311 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jenkins-persistent",
+ "annotations": {
+ "openshift.io/display-name": "Jenkins",
+ "description": "Jenkins service, with persistent storage.\n\nNOTE: You must have persistent volumes available in your cluster to use this template.",
+ "iconClass": "icon-jenkins",
+ "tags": "instant-app,jenkins",
+ "openshift.io/long-description": "This template deploys a Jenkins server capable of managing OpenShift Pipeline builds and supporting OpenShift-based oauth login.",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "openshift.io/documentation-url": "https://docs.openshift.org/latest/using_images/other_images/jenkins.html",
+ "openshift.io/support-url": "https://access.redhat.com"
+ }
+ },
+ "message": "A Jenkins service has been created in your project. Log into Jenkins with your OpenShift account. The tutorial at https://github.com/openshift/origin/blob/master/examples/jenkins/README.md contains more information about using this template.",
+ "labels": {
+ "app": "jenkins-persistent"
+ },
+ "objects": [
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${JENKINS_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}"
+ }
+ },
+ "spec": {
+ "to": {
+ "kind": "Service",
+ "name": "${JENKINS_SERVICE_NAME}"
+ },
+ "tls": {
+ "termination": "edge",
+ "insecureEdgeTerminationPolicy": "Redirect"
+ }
+ }
+ },
+ {
+ "kind": "PersistentVolumeClaim",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${JENKINS_SERVICE_NAME}"
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${JENKINS_SERVICE_NAME}",
+ "annotations": {
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "jenkins"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${JENKINS_IMAGE_STREAM_TAG}",
+ "namespace": "${NAMESPACE}"
+ },
+ "lastTriggeredImage": ""
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${JENKINS_SERVICE_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "labels": {
+ "name": "${JENKINS_SERVICE_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${JENKINS_SERVICE_NAME}",
+ "containers": [
+ {
+ "name": "jenkins",
+ "image": " ",
+ "readinessProbe": {
+ "timeoutSeconds": 3,
+ "initialDelaySeconds": 3,
+ "httpGet": {
+ "path": "/login",
+ "port": 8080
+ }
+ },
+ "livenessProbe": {
+ "timeoutSeconds": 3,
+ "initialDelaySeconds": 420,
+ "failureThreshold" : 30,
+ "httpGet": {
+ "path": "/login",
+ "port": 8080
+ }
+ },
+ "env": [
+ {
+ "name": "OPENSHIFT_ENABLE_OAUTH",
+ "value": "${ENABLE_OAUTH}"
+ },
+ {
+ "name": "OPENSHIFT_ENABLE_REDIRECT_PROMPT",
+ "value": "true"
+ },
+ {
+ "name": "KUBERNETES_MASTER",
+ "value": "https://kubernetes.default:443"
+ },
+ {
+ "name": "KUBERNETES_TRUST_CERTIFICATES",
+ "value": "true"
+ },
+ {
+ "name": "JENKINS_SERVICE_NAME",
+ "value": "${JENKINS_SERVICE_NAME}"
+ },
+ {
+ "name": "JNLP_SERVICE_NAME",
+ "value": "${JNLP_SERVICE_NAME}"
+ }
+ ],
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_LIMIT}"
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "${JENKINS_SERVICE_NAME}-data",
+ "mountPath": "/var/lib/jenkins"
+ }
+ ],
+ "terminationMessagePath": "/dev/termination-log",
+ "imagePullPolicy": "IfNotPresent",
+ "capabilities": {},
+ "securityContext": {
+ "capabilities": {},
+ "privileged": false
+ }
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${JENKINS_SERVICE_NAME}-data",
+ "persistentVolumeClaim": {
+ "claimName": "${JENKINS_SERVICE_NAME}"
+ }
+ }
+ ],
+ "restartPolicy": "Always",
+ "dnsPolicy": "ClusterFirst"
+ }
+ }
+ }
+ },
+ {
+ "kind": "ServiceAccount",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${JENKINS_SERVICE_NAME}",
+ "annotations": {
+ "serviceaccounts.openshift.io/oauth-redirectreference.jenkins": "{\"kind\":\"OAuthRedirectReference\",\"apiVersion\":\"v1\",\"reference\":{\"kind\":\"Route\",\"name\":\"${JENKINS_SERVICE_NAME}\"}}"
+ }
+ }
+ },
+ {
+ "kind": "RoleBinding",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${JENKINS_SERVICE_NAME}_edit"
+ },
+ "groupNames": null,
+ "subjects": [
+ {
+ "kind": "ServiceAccount",
+ "name": "${JENKINS_SERVICE_NAME}"
+ }
+ ],
+ "roleRef": {
+ "name": "edit"
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${JNLP_SERVICE_NAME}"
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "agent",
+ "protocol": "TCP",
+ "port": 50000,
+ "targetPort": 50000,
+ "nodePort": 0
+ }
+ ],
+ "selector": {
+ "name": "${JENKINS_SERVICE_NAME}"
+ },
+ "type": "ClusterIP",
+ "sessionAffinity": "None"
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${JENKINS_SERVICE_NAME}",
+ "annotations": {
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${JNLP_SERVICE_NAME}\", \"namespace\": \"\", \"kind\": \"Service\"}]",
+ "service.openshift.io/infrastructure": "true"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "web",
+ "protocol": "TCP",
+ "port": 80,
+ "targetPort": 8080,
+ "nodePort": 0
+ }
+ ],
+ "selector": {
+ "name": "${JENKINS_SERVICE_NAME}"
+ },
+ "type": "ClusterIP",
+ "sessionAffinity": "None"
+ }
+ }
+ ],
+ "parameters": [
+ {
+ "name": "JENKINS_SERVICE_NAME",
+ "displayName": "Jenkins Service Name",
+ "description": "The name of the OpenShift Service exposed for the Jenkins container.",
+ "value": "jenkins"
+ },
+ {
+ "name": "JNLP_SERVICE_NAME",
+ "displayName": "Jenkins JNLP Service Name",
+ "description": "The name of the service used for master/slave communication.",
+ "value": "jenkins-jnlp"
+ },
+ {
+ "name": "ENABLE_OAUTH",
+ "displayName": "Enable OAuth in Jenkins",
+ "description": "Whether to enable OAuth OpenShift integration. If false, the static account 'admin' will be initialized with the password 'password'.",
+ "value": "true"
+ },
+ {
+ "name": "MEMORY_LIMIT",
+ "displayName": "Memory Limit",
+ "description": "Maximum amount of memory the container can use.",
+ "value": "512Mi"
+ },
+ {
+ "name": "VOLUME_CAPACITY",
+ "displayName": "Volume Capacity",
+ "description": "Volume space available for data, e.g. 512Mi, 2Gi.",
+ "value": "1Gi",
+ "required": true
+ },
+ {
+ "name": "NAMESPACE",
+ "displayName": "Jenkins ImageStream Namespace",
+ "description": "The OpenShift Namespace where the Jenkins ImageStream resides.",
+ "value": "openshift"
+ },
+ {
+ "name": "JENKINS_IMAGE_STREAM_TAG",
+ "displayName": "Jenkins ImageStreamTag",
+ "description": "Name of the ImageStreamTag to be used for the Jenkins image.",
+ "value": "jenkins:latest"
+ }
+ ],
+ "labels": {
+ "template": "jenkins-persistent-template"
+ }
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/quickstart-templates/nodejs-mongodb-persistent.json b/roles/openshift_examples/files/examples/v3.8/quickstart-templates/nodejs-mongodb-persistent.json
new file mode 100644
index 000000000..f04adaa67
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/quickstart-templates/nodejs-mongodb-persistent.json
@@ -0,0 +1,550 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "nodejs-mongo-persistent",
+ "annotations": {
+ "openshift.io/display-name": "Node.js + MongoDB",
+ "description": "An example Node.js application with a MongoDB database. For more information about using this template, including OpenShift considerations, see https://github.com/openshift/nodejs-ex/blob/master/README.md.",
+ "tags": "quickstart,nodejs",
+ "iconClass": "icon-nodejs",
+ "openshift.io/long-description": "This template defines resources needed to develop a NodeJS application, including a build configuration, application deployment configuration, and database deployment configuration.",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "openshift.io/documentation-url": "https://github.com/openshift/nodejs-ex",
+ "openshift.io/support-url": "https://access.redhat.com",
+ "template.openshift.io/bindable": "false"
+ }
+ },
+ "message": "The following service(s) have been created in your project: ${NAME}, ${DATABASE_SERVICE_NAME}.\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/openshift/nodejs-ex/blob/master/README.md.",
+ "labels": {
+ "template": "nodejs-mongo-persistent",
+ "app": "nodejs-mongo-persistent"
+ },
+ "objects": [
+ {
+ "kind": "Secret",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}"
+ },
+ "stringData": {
+ "database-user": "${DATABASE_USER}",
+ "database-password": "${DATABASE_PASSWORD}",
+ "database-admin-password" : "${DATABASE_ADMIN_PASSWORD}"
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Exposes and load balances the application pods",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${DATABASE_SERVICE_NAME}\", \"kind\": \"Service\"}]"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "web",
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "name": "${NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}"
+ },
+ "spec": {
+ "host": "${APPLICATION_DOMAIN}",
+ "to": {
+ "kind": "Service",
+ "name": "${NAME}"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Keeps track of changes in the application image"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Defines how to build the application",
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${NAMESPACE}",
+ "name": "nodejs:6"
+ },
+ "env": [
+ {
+ "name": "NPM_MIRROR",
+ "value": "${NPM_MIRROR}"
+ }
+ ]
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange"
+ },
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ }
+ ],
+ "postCommit": {
+ "script": "npm test"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Defines how to deploy the application server",
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "nodejs-mongo-persistent"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${NAME}",
+ "labels": {
+ "name": "${NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "nodejs-mongo-persistent",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 8080
+ }
+ ],
+ "env": [
+ {
+ "name": "DATABASE_SERVICE_NAME",
+ "value": "${DATABASE_SERVICE_NAME}"
+ },
+ {
+ "name": "MONGODB_USER",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-user"
+ }
+ }
+ },
+ {
+ "name": "MONGODB_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-password"
+ }
+ }
+ },
+ {
+ "name": "MONGODB_DATABASE",
+ "value": "${DATABASE_NAME}"
+ },
+ {
+ "name": "MONGODB_ADMIN_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-admin-password"
+ }
+ }
+ }
+ ],
+ "readinessProbe": {
+ "timeoutSeconds": 3,
+ "initialDelaySeconds": 3,
+ "httpGet": {
+ "path": "/pagecount",
+ "port": 8080
+ }
+ },
+ "livenessProbe": {
+ "timeoutSeconds": 3,
+ "initialDelaySeconds": 30,
+ "httpGet": {
+ "path": "/pagecount",
+ "port": 8080
+ }
+ },
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_LIMIT}"
+ }
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "PersistentVolumeClaim",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "description": "Exposes the database server"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "mongodb",
+ "port": 27017,
+ "targetPort": 27017
+ }
+ ],
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "description": "Defines how to deploy the database",
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "mongodb"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${NAMESPACE}",
+ "name": "mongodb:3.2"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "labels": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "mongodb",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 27017
+ }
+ ],
+ "env": [
+ {
+ "name": "MONGODB_USER",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-user"
+ }
+ }
+ },
+ {
+ "name": "MONGODB_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-password"
+ }
+ }
+ },
+ {
+ "name": "MONGODB_DATABASE",
+ "value": "${DATABASE_NAME}"
+ },
+ {
+ "name": "MONGODB_ADMIN_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-admin-password"
+ }
+ }
+ }
+ ],
+ "readinessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 3,
+ "exec": {
+ "command": [
+ "/bin/sh",
+ "-i",
+ "-c",
+ "mongo 127.0.0.1:27017/$MONGODB_DATABASE -u $MONGODB_USER -p $MONGODB_PASSWORD --eval=\"quit()\""
+ ]
+ }
+ },
+ "livenessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 30,
+ "tcpSocket": {
+ "port": 27017
+ }
+ },
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_MONGODB_LIMIT}"
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "${DATABASE_SERVICE_NAME}-data",
+ "mountPath": "/var/lib/mongodb/data"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${DATABASE_SERVICE_NAME}-data",
+ "persistentVolumeClaim": {
+ "claimName": "${DATABASE_SERVICE_NAME}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ],
+ "parameters": [
+ {
+ "name": "NAME",
+ "displayName": "Name",
+ "description": "The name assigned to all of the frontend objects defined in this template.",
+ "required": true,
+ "value": "nodejs-mongo-persistent"
+ },
+ {
+ "name": "NAMESPACE",
+ "displayName": "Namespace",
+ "description": "The OpenShift Namespace where the ImageStream resides.",
+ "required": true,
+ "value": "openshift"
+ },
+ {
+ "name": "MEMORY_LIMIT",
+ "displayName": "Memory Limit",
+ "description": "Maximum amount of memory the Node.js container can use.",
+ "required": true,
+ "value": "512Mi"
+ },
+ {
+ "name": "MEMORY_MONGODB_LIMIT",
+ "displayName": "Memory Limit (MongoDB)",
+ "description": "Maximum amount of memory the MongoDB container can use.",
+ "required": true,
+ "value": "512Mi"
+ },
+ {
+ "name": "VOLUME_CAPACITY",
+ "displayName": "Volume Capacity",
+ "description": "Volume space available for data, e.g. 512Mi, 2Gi",
+ "value": "1Gi",
+ "required": true
+ },
+ {
+ "name": "SOURCE_REPOSITORY_URL",
+ "displayName": "Git Repository URL",
+ "description": "The URL of the repository with your application source code.",
+ "required": true,
+ "value": "https://github.com/openshift/nodejs-ex.git"
+ },
+ {
+ "name": "SOURCE_REPOSITORY_REF",
+ "displayName": "Git Reference",
+ "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch."
+ },
+ {
+ "name": "CONTEXT_DIR",
+ "displayName": "Context Directory",
+ "description": "Set this to the relative path to your project if it is not in the root of your repository."
+ },
+ {
+ "name": "APPLICATION_DOMAIN",
+ "displayName": "Application Hostname",
+ "description": "The exposed hostname that will route to the Node.js service, if left blank a value will be defaulted.",
+ "value": ""
+ },
+ {
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "displayName": "GitHub Webhook Secret",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{40}"
+ },
+ {
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "displayName": "Generic Webhook Secret",
+ "description": "A secret string used to configure the Generic webhook.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{40}"
+ },
+ {
+ "name": "DATABASE_SERVICE_NAME",
+ "displayName": "Database Service Name",
+ "required": true,
+ "value": "mongodb"
+ },
+ {
+ "name": "DATABASE_USER",
+ "displayName": "MongoDB Username",
+ "description": "Username for MongoDB user that will be used for accessing the database.",
+ "generate": "expression",
+ "from": "user[A-Z0-9]{3}"
+ },
+ {
+ "name": "DATABASE_PASSWORD",
+ "displayName": "MongoDB Password",
+ "description": "Password for the MongoDB user.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{16}"
+ },
+ {
+ "name": "DATABASE_NAME",
+ "displayName": "Database Name",
+ "required": true,
+ "value": "sampledb"
+ },
+ {
+ "name": "DATABASE_ADMIN_PASSWORD",
+ "displayName": "Database Administrator Password",
+ "description": "Password for the database admin user.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{16}"
+ },
+ {
+ "name": "NPM_MIRROR",
+ "displayName": "Custom NPM Mirror URL",
+ "description": "The custom NPM mirror URL",
+ "value": ""
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/quickstart-templates/nodejs-mongodb.json b/roles/openshift_examples/files/examples/v3.8/quickstart-templates/nodejs-mongodb.json
new file mode 100644
index 000000000..0ce36dba5
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/quickstart-templates/nodejs-mongodb.json
@@ -0,0 +1,526 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "nodejs-mongodb-example",
+ "annotations": {
+ "openshift.io/display-name": "Node.js + MongoDB (Ephemeral)",
+ "description": "An example Node.js application with a MongoDB database. For more information about using this template, including OpenShift considerations, see https://github.com/openshift/nodejs-ex/blob/master/README.md.\n\nWARNING: Any data stored will be lost upon pod destruction. Only use this template for testing.",
+ "tags": "quickstart,nodejs",
+ "iconClass": "icon-nodejs",
+ "openshift.io/long-description": "This template defines resources needed to develop a NodeJS application, including a build configuration, application deployment configuration, and database deployment configuration. The database is stored in non-persistent storage, so this configuration should be used for experimental purposes only.",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "openshift.io/documentation-url": "https://github.com/openshift/nodejs-ex",
+ "openshift.io/support-url": "https://access.redhat.com",
+ "template.openshift.io/bindable": "false"
+ }
+ },
+ "message": "The following service(s) have been created in your project: ${NAME}, ${DATABASE_SERVICE_NAME}.\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/openshift/nodejs-ex/blob/master/README.md.",
+ "labels": {
+ "template": "nodejs-mongodb-example",
+ "app": "nodejs-mongodb-example"
+ },
+ "objects": [
+ {
+ "kind": "Secret",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}"
+ },
+ "stringData": {
+ "database-user": "${DATABASE_USER}",
+ "database-password": "${DATABASE_PASSWORD}",
+ "database-admin-password" : "${DATABASE_ADMIN_PASSWORD}"
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Exposes and load balances the application pods",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${DATABASE_SERVICE_NAME}\", \"kind\": \"Service\"}]"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "web",
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "name": "${NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}"
+ },
+ "spec": {
+ "host": "${APPLICATION_DOMAIN}",
+ "to": {
+ "kind": "Service",
+ "name": "${NAME}"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Keeps track of changes in the application image"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Defines how to build the application",
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${NAMESPACE}",
+ "name": "nodejs:6"
+ },
+ "env": [
+ {
+ "name": "NPM_MIRROR",
+ "value": "${NPM_MIRROR}"
+ }
+ ]
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange"
+ },
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ }
+ ],
+ "postCommit": {
+ "script": "npm test"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Defines how to deploy the application server",
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "nodejs-mongodb-example"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${NAME}",
+ "labels": {
+ "name": "${NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "nodejs-mongodb-example",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 8080
+ }
+ ],
+ "env": [
+ {
+ "name": "DATABASE_SERVICE_NAME",
+ "value": "${DATABASE_SERVICE_NAME}"
+ },
+ {
+ "name": "MONGODB_USER",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-user"
+ }
+ }
+ },
+ {
+ "name": "MONGODB_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-password"
+ }
+ }
+ },
+ {
+ "name": "MONGODB_DATABASE",
+ "value": "${DATABASE_NAME}"
+ },
+ {
+ "name": "MONGODB_ADMIN_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-admin-password"
+ }
+ }
+ }
+ ],
+ "readinessProbe": {
+ "timeoutSeconds": 3,
+ "initialDelaySeconds": 3,
+ "httpGet": {
+ "path": "/pagecount",
+ "port": 8080
+ }
+ },
+ "livenessProbe": {
+ "timeoutSeconds": 3,
+ "initialDelaySeconds": 30,
+ "httpGet": {
+ "path": "/pagecount",
+ "port": 8080
+ }
+ },
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_LIMIT}"
+ }
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "description": "Exposes the database server"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "mongodb",
+ "port": 27017,
+ "targetPort": 27017
+ }
+ ],
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "description": "Defines how to deploy the database",
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "mongodb"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${NAMESPACE}",
+ "name": "mongodb:3.2"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "labels": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "mongodb",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 27017
+ }
+ ],
+ "env": [
+ {
+ "name": "MONGODB_USER",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-user"
+ }
+ }
+ },
+ {
+ "name": "MONGODB_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-password"
+ }
+ }
+ },
+ {
+ "name": "MONGODB_DATABASE",
+ "value": "${DATABASE_NAME}"
+ },
+ {
+ "name": "MONGODB_ADMIN_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-admin-password"
+ }
+ }
+ }
+ ],
+ "readinessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 3,
+ "exec": {
+ "command": [
+ "/bin/sh",
+ "-i",
+ "-c",
+ "mongo 127.0.0.1:27017/$MONGODB_DATABASE -u $MONGODB_USER -p $MONGODB_PASSWORD --eval=\"quit()\""
+ ]
+ }
+ },
+ "livenessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 30,
+ "tcpSocket": {
+ "port": 27017
+ }
+ },
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_MONGODB_LIMIT}"
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "${DATABASE_SERVICE_NAME}-data",
+ "mountPath": "/var/lib/mongodb/data"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${DATABASE_SERVICE_NAME}-data",
+ "emptyDir": {
+ "medium": ""
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ],
+ "parameters": [
+ {
+ "name": "NAME",
+ "displayName": "Name",
+ "description": "The name assigned to all of the frontend objects defined in this template.",
+ "required": true,
+ "value": "nodejs-mongodb-example"
+ },
+ {
+ "name": "NAMESPACE",
+ "displayName": "Namespace",
+ "description": "The OpenShift Namespace where the ImageStream resides.",
+ "required": true,
+ "value": "openshift"
+ },
+ {
+ "name": "MEMORY_LIMIT",
+ "displayName": "Memory Limit",
+ "description": "Maximum amount of memory the Node.js container can use.",
+ "required": true,
+ "value": "512Mi"
+ },
+ {
+ "name": "MEMORY_MONGODB_LIMIT",
+ "displayName": "Memory Limit (MongoDB)",
+ "description": "Maximum amount of memory the MongoDB container can use.",
+ "required": true,
+ "value": "512Mi"
+ },
+ {
+ "name": "SOURCE_REPOSITORY_URL",
+ "displayName": "Git Repository URL",
+ "description": "The URL of the repository with your application source code.",
+ "required": true,
+ "value": "https://github.com/openshift/nodejs-ex.git"
+ },
+ {
+ "name": "SOURCE_REPOSITORY_REF",
+ "displayName": "Git Reference",
+ "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch."
+ },
+ {
+ "name": "CONTEXT_DIR",
+ "displayName": "Context Directory",
+ "description": "Set this to the relative path to your project if it is not in the root of your repository."
+ },
+ {
+ "name": "APPLICATION_DOMAIN",
+ "displayName": "Application Hostname",
+ "description": "The exposed hostname that will route to the Node.js service, if left blank a value will be defaulted.",
+ "value": ""
+ },
+ {
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "displayName": "GitHub Webhook Secret",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{40}"
+ },
+ {
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "displayName": "Generic Webhook Secret",
+ "description": "A secret string used to configure the Generic webhook.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{40}"
+ },
+ {
+ "name": "DATABASE_SERVICE_NAME",
+ "displayName": "Database Service Name",
+ "required": true,
+ "value": "mongodb"
+ },
+ {
+ "name": "DATABASE_USER",
+ "displayName": "MongoDB Username",
+ "description": "Username for MongoDB user that will be used for accessing the database.",
+ "generate": "expression",
+ "from": "user[A-Z0-9]{3}"
+ },
+ {
+ "name": "DATABASE_PASSWORD",
+ "displayName": "MongoDB Password",
+ "description": "Password for the MongoDB user.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{16}"
+ },
+ {
+ "name": "DATABASE_NAME",
+ "displayName": "Database Name",
+ "required": true,
+ "value": "sampledb"
+ },
+ {
+ "name": "DATABASE_ADMIN_PASSWORD",
+ "displayName": "Database Administrator Password",
+ "description": "Password for the database admin user.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{16}"
+ },
+ {
+ "name": "NPM_MIRROR",
+ "displayName": "Custom NPM Mirror URL",
+ "description": "The custom NPM mirror URL",
+ "value": ""
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/quickstart-templates/pvc.yml b/roles/openshift_examples/files/examples/v3.8/quickstart-templates/pvc.yml
new file mode 100644
index 000000000..0bbb8e625
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/quickstart-templates/pvc.yml
@@ -0,0 +1,49 @@
+apiVersion: v1
+kind: Template
+metadata:
+ name: "amp-pvc"
+objects:
+
+- apiVersion: "v1"
+ kind: "PersistentVolumeClaim"
+ metadata:
+ name: "system-storage"
+ spec:
+ accessModes:
+ - "ReadWriteMany"
+ resources:
+ requests:
+ storage: "100Mi"
+
+- apiVersion: "v1"
+ kind: "PersistentVolumeClaim"
+ metadata:
+ name: "mysql-storage"
+ spec:
+ accessModes:
+ - "ReadWriteOnce"
+ resources:
+ requests:
+ storage: "1Gi"
+
+- apiVersion: "v1"
+ kind: "PersistentVolumeClaim"
+ metadata:
+ name: "system-redis-storage"
+ spec:
+ accessModes:
+ - "ReadWriteOnce"
+ resources:
+ requests:
+ storage: "1Gi"
+
+- apiVersion: "v1"
+ kind: "PersistentVolumeClaim"
+ metadata:
+ name: "backend-redis-storage"
+ spec:
+ accessModes:
+ - "ReadWriteOnce"
+ resources:
+ requests:
+ storage: "1Gi"
diff --git a/roles/openshift_examples/files/examples/v3.8/quickstart-templates/rails-postgresql-persistent.json b/roles/openshift_examples/files/examples/v3.8/quickstart-templates/rails-postgresql-persistent.json
new file mode 100644
index 000000000..10e9382cc
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/quickstart-templates/rails-postgresql-persistent.json
@@ -0,0 +1,607 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "rails-pgsql-persistent",
+ "annotations": {
+ "openshift.io/display-name": "Rails + PostgreSQL",
+ "description": "An example Rails application with a PostgreSQL database. For more information about using this template, including OpenShift considerations, see https://github.com/openshift/rails-ex/blob/master/README.md.",
+ "tags": "quickstart,ruby,rails",
+ "iconClass": "icon-ruby",
+ "openshift.io/long-description": "This template defines resources needed to develop a Rails application, including a build configuration, application deployment configuration, and database deployment configuration.",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "openshift.io/documentation-url": "https://github.com/openshift/rails-ex",
+ "openshift.io/support-url": "https://access.redhat.com",
+ "template.openshift.io/bindable": "false"
+ }
+ },
+ "message": "The following service(s) have been created in your project: ${NAME}, ${DATABASE_SERVICE_NAME}.\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/openshift/rails-ex/blob/master/README.md.",
+ "labels": {
+ "template": "rails-pgsql-persistent",
+ "app": "rails-pgsql-persistent"
+ },
+ "objects": [
+ {
+ "kind": "Secret",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}"
+ },
+ "stringData" : {
+ "database-user" : "${DATABASE_USER}",
+ "database-password" : "${DATABASE_PASSWORD}",
+ "application-user" : "${APPLICATION_USER}",
+ "application-password" : "${APPLICATION_PASSWORD}",
+ "keybase" : "${SECRET_KEY_BASE}"
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Exposes and load balances the application pods",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${DATABASE_SERVICE_NAME}\", \"kind\": \"Service\"}]"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "web",
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "name": "${NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}"
+ },
+ "spec": {
+ "host": "${APPLICATION_DOMAIN}",
+ "to": {
+ "kind": "Service",
+ "name": "${NAME}"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Keeps track of changes in the application image"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Defines how to build the application",
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${NAMESPACE}",
+ "name": "ruby:2.3"
+ },
+ "env": [
+ {
+ "name": "RUBYGEM_MIRROR",
+ "value": "${RUBYGEM_MIRROR}"
+ }
+ ]
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange"
+ },
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ }
+ ],
+ "postCommit": {
+ "script": "bundle exec rake test"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Defines how to deploy the application server",
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate",
+ "recreateParams": {
+ "pre": {
+ "failurePolicy": "Abort",
+ "execNewPod": {
+ "command": [
+ "./migrate-database.sh"
+ ],
+ "containerName": "${NAME}"
+ }
+ }
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${NAME}",
+ "labels": {
+ "name": "${NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "${NAME}",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 8080
+ }
+ ],
+ "readinessProbe": {
+ "timeoutSeconds": 3,
+ "initialDelaySeconds": 5,
+ "httpGet": {
+ "path": "/articles",
+ "port": 8080
+ }
+ },
+ "livenessProbe": {
+ "timeoutSeconds": 3,
+ "initialDelaySeconds": 10,
+ "httpGet": {
+ "path": "/articles",
+ "port": 8080
+ }
+ },
+ "env": [
+ {
+ "name": "DATABASE_SERVICE_NAME",
+ "value": "${DATABASE_SERVICE_NAME}"
+ },
+ {
+ "name": "POSTGRESQL_USER",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-user"
+ }
+ }
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-password"
+ }
+ }
+ },
+ {
+ "name": "SECRET_KEY_BASE",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "keybase"
+ }
+ }
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DATABASE_NAME}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ },
+ {
+ "name": "APPLICATION_DOMAIN",
+ "value": "${APPLICATION_DOMAIN}"
+ },
+ {
+ "name": "APPLICATION_USER",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "application-user"
+ }
+ }
+ },
+ {
+ "name": "APPLICATION_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "application-password"
+ }
+ }
+ },
+ {
+ "name": "RAILS_ENV",
+ "value": "${RAILS_ENV}"
+ }
+ ],
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_LIMIT}"
+ }
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "PersistentVolumeClaim",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "description": "Exposes the database server"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "postgresql",
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "description": "Defines how to deploy the database",
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${NAMESPACE}",
+ "name": "postgresql:9.5"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "labels": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ }
+ },
+ "spec": {
+ "volumes": [
+ {
+ "name": "${DATABASE_SERVICE_NAME}-data",
+ "persistentVolumeClaim": {
+ "claimName": "${DATABASE_SERVICE_NAME}"
+ }
+ }
+ ],
+ "containers": [
+ {
+ "name": "postgresql",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 5432
+ }
+ ],
+ "readinessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 5,
+ "exec": {
+ "command": [ "/bin/sh", "-i", "-c", "psql -h 127.0.0.1 -U ${POSTGRESQL_USER} -q -d ${POSTGRESQL_DATABASE} -c 'SELECT 1'"]
+ }
+ },
+ "livenessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 30,
+ "tcpSocket": {
+ "port": 5432
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "${DATABASE_SERVICE_NAME}-data",
+ "mountPath": "/var/lib/pgsql/data"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-user"
+ }
+ }
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-password"
+ }
+ }
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DATABASE_NAME}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ],
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_POSTGRESQL_LIMIT}"
+ }
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ],
+ "parameters": [
+ {
+ "name": "NAME",
+ "displayName": "Name",
+ "description": "The name assigned to all of the frontend objects defined in this template.",
+ "required": true,
+ "value": "rails-pgsql-persistent"
+ },
+ {
+ "name": "NAMESPACE",
+ "displayName": "Namespace",
+ "required": true,
+ "description": "The OpenShift Namespace where the ImageStream resides.",
+ "value": "openshift"
+ },
+ {
+ "name": "MEMORY_LIMIT",
+ "displayName": "Memory Limit",
+ "required": true,
+ "description": "Maximum amount of memory the Rails container can use.",
+ "value": "512Mi"
+ },
+ {
+ "name": "MEMORY_POSTGRESQL_LIMIT",
+ "displayName": "Memory Limit (PostgreSQL)",
+ "required": true,
+ "description": "Maximum amount of memory the PostgreSQL container can use.",
+ "value": "512Mi"
+ },
+ {
+ "name": "VOLUME_CAPACITY",
+ "displayName": "Volume Capacity",
+ "description": "Volume space available for data, e.g. 512Mi, 2Gi",
+ "value": "1Gi",
+ "required": true
+ },
+ {
+ "name": "SOURCE_REPOSITORY_URL",
+ "displayName": "Git Repository URL",
+ "required": true,
+ "description": "The URL of the repository with your application source code.",
+ "value": "https://github.com/openshift/rails-ex.git"
+ },
+ {
+ "name": "SOURCE_REPOSITORY_REF",
+ "displayName": "Git Reference",
+ "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch."
+ },
+ {
+ "name": "CONTEXT_DIR",
+ "displayName": "Context Directory",
+ "description": "Set this to the relative path to your project if it is not in the root of your repository."
+ },
+ {
+ "name": "APPLICATION_DOMAIN",
+ "displayName": "Application Hostname",
+ "description": "The exposed hostname that will route to the Rails service, if left blank a value will be defaulted.",
+ "value": ""
+ },
+ {
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "displayName": "GitHub Webhook Secret",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{40}"
+ },
+ {
+ "name": "SECRET_KEY_BASE",
+ "displayName": "Secret Key",
+ "description": "Your secret key for verifying the integrity of signed cookies.",
+ "generate": "expression",
+ "from": "[a-z0-9]{127}"
+ },
+ {
+ "name": "APPLICATION_USER",
+ "displayName": "Application Username",
+ "required": true,
+ "description": "The application user that is used within the sample application to authorize access on pages.",
+ "value": "openshift"
+ },
+ {
+ "name": "APPLICATION_PASSWORD",
+ "displayName": "Application Password",
+ "required": true,
+ "description": "The application password that is used within the sample application to authorize access on pages.",
+ "value": "secret"
+ },
+ {
+ "name": "RAILS_ENV",
+ "displayName": "Rails Environment",
+ "required": true,
+ "description": "Environment under which the sample application will run. Could be set to production, development or test.",
+ "value": "production"
+ },
+ {
+ "name": "DATABASE_SERVICE_NAME",
+ "required": true,
+ "displayName": "Database Service Name",
+ "value": "postgresql"
+ },
+ {
+ "name": "DATABASE_USER",
+ "displayName": "Database Username",
+ "generate": "expression",
+ "from": "user[A-Z0-9]{3}"
+ },
+ {
+ "name": "DATABASE_PASSWORD",
+ "displayName": "Database Password",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{8}"
+ },
+ {
+ "name": "DATABASE_NAME",
+ "required": true,
+ "displayName": "Database Name",
+ "value": "root"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "displayName": "Maximum Database Connections",
+ "value": "100"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "displayName": "Shared Buffer Amount",
+ "value": "12MB"
+ },
+ {
+ "name": "RUBYGEM_MIRROR",
+ "displayName": "Custom RubyGems Mirror URL",
+ "description": "The custom RubyGems mirror URL",
+ "value": ""
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/quickstart-templates/rails-postgresql.json b/roles/openshift_examples/files/examples/v3.8/quickstart-templates/rails-postgresql.json
new file mode 100644
index 000000000..8ec2c8ea6
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/quickstart-templates/rails-postgresql.json
@@ -0,0 +1,581 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "rails-postgresql-example",
+ "annotations": {
+ "openshift.io/display-name": "Rails + PostgreSQL (Ephemeral)",
+ "description": "An example Rails application with a PostgreSQL database. For more information about using this template, including OpenShift considerations, see https://github.com/openshift/rails-ex/blob/master/README.md.\n\nWARNING: Any data stored will be lost upon pod destruction. Only use this template for testing.",
+ "tags": "quickstart,ruby,rails",
+ "iconClass": "icon-ruby",
+ "openshift.io/long-description": "This template defines resources needed to develop a Rails application, including a build configuration, application deployment configuration, and database deployment configuration. The database is stored in non-persistent storage, so this configuration should be used for experimental purposes only.",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "openshift.io/documentation-url": "https://github.com/openshift/rails-ex",
+ "openshift.io/support-url": "https://access.redhat.com",
+ "template.openshift.io/bindable": "false"
+ }
+ },
+ "message": "The following service(s) have been created in your project: ${NAME}, ${DATABASE_SERVICE_NAME}.\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/openshift/rails-ex/blob/master/README.md.",
+ "labels": {
+ "template": "rails-postgresql-example",
+ "app": "rails-postgresql-example"
+ },
+ "objects": [
+ {
+ "kind": "Secret",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}"
+ },
+ "stringData" : {
+ "database-user" : "${DATABASE_USER}",
+ "database-password" : "${DATABASE_PASSWORD}",
+ "application-user" : "${APPLICATION_USER}",
+ "application-password" : "${APPLICATION_PASSWORD}",
+ "keybase" : "${SECRET_KEY_BASE}"
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Exposes and load balances the application pods",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${DATABASE_SERVICE_NAME}\", \"kind\": \"Service\"}]"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "web",
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "name": "${NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}"
+ },
+ "spec": {
+ "host": "${APPLICATION_DOMAIN}",
+ "to": {
+ "kind": "Service",
+ "name": "${NAME}"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Keeps track of changes in the application image"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Defines how to build the application",
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${NAMESPACE}",
+ "name": "ruby:2.3"
+ },
+ "env": [
+ {
+ "name": "RUBYGEM_MIRROR",
+ "value": "${RUBYGEM_MIRROR}"
+ }
+ ]
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange"
+ },
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ }
+ ],
+ "postCommit": {
+ "script": "bundle exec rake test"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Defines how to deploy the application server",
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate",
+ "recreateParams": {
+ "pre": {
+ "failurePolicy": "Abort",
+ "execNewPod": {
+ "command": [
+ "./migrate-database.sh"
+ ],
+ "containerName": "${NAME}"
+ }
+ }
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${NAME}",
+ "labels": {
+ "name": "${NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "${NAME}",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 8080
+ }
+ ],
+ "readinessProbe": {
+ "timeoutSeconds": 3,
+ "initialDelaySeconds": 5,
+ "httpGet": {
+ "path": "/articles",
+ "port": 8080
+ }
+ },
+ "livenessProbe": {
+ "timeoutSeconds": 3,
+ "initialDelaySeconds": 10,
+ "httpGet": {
+ "path": "/articles",
+ "port": 8080
+ }
+ },
+ "env": [
+ {
+ "name": "DATABASE_SERVICE_NAME",
+ "value": "${DATABASE_SERVICE_NAME}"
+ },
+ {
+ "name": "POSTGRESQL_USER",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-user"
+ }
+ }
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-password"
+ }
+ }
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DATABASE_NAME}"
+ },
+ {
+ "name": "SECRET_KEY_BASE",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "keybase"
+ }
+ }
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ },
+ {
+ "name": "APPLICATION_DOMAIN",
+ "value": "${APPLICATION_DOMAIN}"
+ },
+ {
+ "name": "APPLICATION_USER",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "application-user"
+ }
+ }
+ },
+ {
+ "name": "APPLICATION_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "application-password"
+ }
+ }
+ },
+ {
+ "name": "RAILS_ENV",
+ "value": "${RAILS_ENV}"
+ }
+ ],
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_LIMIT}"
+ }
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "description": "Exposes the database server"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "postgresql",
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "description": "Defines how to deploy the database",
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${NAMESPACE}",
+ "name": "postgresql:9.5"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "labels": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ }
+ },
+ "spec": {
+ "volumes": [
+ {
+ "name": "data",
+ "emptyDir": {}
+ }
+ ],
+ "containers": [
+ {
+ "name": "postgresql",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 5432
+ }
+ ],
+ "readinessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 5,
+ "exec": {
+ "command": [ "/bin/sh", "-i", "-c", "psql -h 127.0.0.1 -U ${POSTGRESQL_USER} -q -d ${POSTGRESQL_DATABASE} -c 'SELECT 1'"]
+ }
+ },
+ "livenessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 30,
+ "tcpSocket": {
+ "port": 5432
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "data",
+ "mountPath": "/var/lib/pgsql/data"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-user"
+ }
+ }
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-password"
+ }
+ }
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DATABASE_NAME}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ],
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_POSTGRESQL_LIMIT}"
+ }
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ],
+ "parameters": [
+ {
+ "name": "NAME",
+ "displayName": "Name",
+ "description": "The name assigned to all of the frontend objects defined in this template.",
+ "required": true,
+ "value": "rails-postgresql-example"
+ },
+ {
+ "name": "NAMESPACE",
+ "displayName": "Namespace",
+ "required": true,
+ "description": "The OpenShift Namespace where the ImageStream resides.",
+ "value": "openshift"
+ },
+ {
+ "name": "MEMORY_LIMIT",
+ "displayName": "Memory Limit",
+ "required": true,
+ "description": "Maximum amount of memory the Rails container can use.",
+ "value": "512Mi"
+ },
+ {
+ "name": "MEMORY_POSTGRESQL_LIMIT",
+ "displayName": "Memory Limit (PostgreSQL)",
+ "required": true,
+ "description": "Maximum amount of memory the PostgreSQL container can use.",
+ "value": "512Mi"
+ },
+ {
+ "name": "SOURCE_REPOSITORY_URL",
+ "displayName": "Git Repository URL",
+ "required": true,
+ "description": "The URL of the repository with your application source code.",
+ "value": "https://github.com/openshift/rails-ex.git"
+ },
+ {
+ "name": "SOURCE_REPOSITORY_REF",
+ "displayName": "Git Reference",
+ "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch."
+ },
+ {
+ "name": "CONTEXT_DIR",
+ "displayName": "Context Directory",
+ "description": "Set this to the relative path to your project if it is not in the root of your repository."
+ },
+ {
+ "name": "APPLICATION_DOMAIN",
+ "displayName": "Application Hostname",
+ "description": "The exposed hostname that will route to the Rails service, if left blank a value will be defaulted.",
+ "value": ""
+ },
+ {
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "displayName": "GitHub Webhook Secret",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{40}"
+ },
+ {
+ "name": "SECRET_KEY_BASE",
+ "displayName": "Secret Key",
+ "description": "Your secret key for verifying the integrity of signed cookies.",
+ "generate": "expression",
+ "from": "[a-z0-9]{127}"
+ },
+ {
+ "name": "APPLICATION_USER",
+ "displayName": "Application Username",
+ "required": true,
+ "description": "The application user that is used within the sample application to authorize access on pages.",
+ "value": "openshift"
+ },
+ {
+ "name": "APPLICATION_PASSWORD",
+ "displayName": "Application Password",
+ "required": true,
+ "description": "The application password that is used within the sample application to authorize access on pages.",
+ "value": "secret"
+ },
+ {
+ "name": "RAILS_ENV",
+ "displayName": "Rails Environment",
+ "required": true,
+ "description": "Environment under which the sample application will run. Could be set to production, development or test.",
+ "value": "production"
+ },
+ {
+ "name": "DATABASE_SERVICE_NAME",
+ "required": true,
+ "displayName": "Database Service Name",
+ "value": "postgresql"
+ },
+ {
+ "name": "DATABASE_USER",
+ "displayName": "Database Username",
+ "generate": "expression",
+ "from": "user[A-Z0-9]{3}"
+ },
+ {
+ "name": "DATABASE_PASSWORD",
+ "displayName": "Database Password",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{8}"
+ },
+ {
+ "name": "DATABASE_NAME",
+ "required": true,
+ "displayName": "Database Name",
+ "value": "root"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "displayName": "Maximum Database Connections",
+ "value": "100"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "displayName": "Shared Buffer Amount",
+ "value": "12MB"
+ },
+ {
+ "name": "RUBYGEM_MIRROR",
+ "displayName": "Custom RubyGems Mirror URL",
+ "description": "The custom RubyGems mirror URL",
+ "value": ""
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/quickstart-templates/wildcard.yml b/roles/openshift_examples/files/examples/v3.8/quickstart-templates/wildcard.yml
new file mode 100644
index 000000000..00dedecd5
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/quickstart-templates/wildcard.yml
@@ -0,0 +1,158 @@
+apiVersion: v1
+kind: Template
+metadata:
+ name: "amp-apicast-wildcard-router"
+objects:
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: apicast-router
+ spec:
+ replicas: 1
+ selector:
+ deploymentconfig: apicast-router
+ strategy:
+ type: Rolling
+ template:
+ metadata:
+ labels:
+ deploymentconfig: apicast-router
+ spec:
+ volumes:
+ - name: apicast-router-config
+ configMap:
+ name: apicast-router-config
+ items:
+ - key: router.conf
+ path: router.conf
+ containers:
+ - env:
+ - name: APICAST_CONFIGURATION_LOADER
+ value: "lazy"
+ - name: APICAST_CONFIGURATION_CACHE
+ value: "0"
+ image: 3scale-amp20/apicast-gateway:1.0-3
+ imagePullPolicy: IfNotPresent
+ name: apicast-router
+ command: ['bin/apicast']
+ livenessProbe:
+ tcpSocket:
+ port: router
+ initialDelaySeconds: 5
+ timeoutSeconds: 5
+ periodSeconds: 10
+ readinessProbe:
+ httpGet:
+ path: /status/ready
+ port: management
+ initialDelaySeconds: 5
+ timeoutSeconds: 5
+ periodSeconds: 30
+ volumeMounts:
+ - name: apicast-router-config
+ mountPath: /opt/app-root/src/sites.d/
+ readOnly: true
+ ports:
+ - containerPort: 8082
+ name: router
+ protocol: TCP
+ - containerPort: 8090
+ name: management
+ protocol: TCP
+ triggers:
+ - type: ConfigChange
+
+- apiVersion: v1
+ kind: Service
+ metadata:
+ name: apicast-router
+ spec:
+ ports:
+ - name: router
+ port: 80
+ protocol: TCP
+ targetPort: router
+ selector:
+ deploymentconfig: apicast-router
+
+- apiVersion: v1
+ kind: ConfigMap
+ metadata:
+ name: apicast-router-config
+ data:
+ router.conf: |-
+ upstream wildcard {
+ server 0.0.0.1:1;
+
+ balancer_by_lua_block {
+ local round_robin = require 'resty.balancer.round_robin'
+ local balancer = round_robin.new()
+ local peers = balancer:peers(ngx.ctx.apicast)
+
+ local peer, err = balancer:set_peer(peers)
+
+ if not peer then
+ ngx.status = ngx.HTTP_SERVICE_UNAVAILABLE
+ ngx.log(ngx.ERR, "failed to set current backend peer: ", err)
+ ngx.exit(ngx.status)
+ end
+ }
+
+ keepalive 1024;
+ }
+
+ server {
+ listen 8082;
+ server_name ~-(?<apicast>apicast-(staging|production))\.;
+ access_log /dev/stdout combined;
+
+ location / {
+ access_by_lua_block {
+ local resolver = require('resty.resolver'):instance()
+ local servers = resolver:get_servers(ngx.var.apicast, { port = 8080 })
+
+ if #servers == 0 then
+ ngx.status = ngx.HTTP_BAD_GATEWAY
+ ngx.exit(ngx.HTTP_OK)
+ end
+
+ ngx.ctx.apicast = servers
+ }
+ proxy_http_version 1.1;
+ proxy_pass $scheme://wildcard;
+ proxy_set_header Host $host;
+ proxy_set_header Connection "";
+ }
+ }
+
+- apiVersion: v1
+ kind: Route
+ metadata:
+ name: apicast-wildcard-router
+ labels:
+ app: apicast-wildcard-router
+ spec:
+ host: apicast-${TENANT_NAME}.${WILDCARD_DOMAIN}
+ to:
+ kind: Service
+ name: apicast-router
+ port:
+ targetPort: router
+ wildcardPolicy: Subdomain
+ tls:
+ termination: edge
+ insecureEdgeTerminationPolicy: Allow
+
+parameters:
+- name: AMP_RELEASE
+ description: "AMP release tag."
+ value: 2.0.0-CR2-redhat-1
+ required: true
+- name: WILDCARD_DOMAIN
+ description: Root domain for the wildcard routes. Eg. example.com will generate 3scale-admin.example.com.
+ required: true
+- name: TENANT_NAME
+ description: "Domain name under the root that Admin UI will be available with -admin suffix."
+ required: true
+ value: "3scale"
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-streams/fis-image-streams.json b/roles/openshift_examples/files/examples/v3.8/xpaas-streams/fis-image-streams.json
new file mode 100644
index 000000000..9d99973be
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-streams/fis-image-streams.json
@@ -0,0 +1,76 @@
+{
+ "kind": "List",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "fis-image-streams",
+ "annotations": {
+ "description": "ImageStream definitions for JBoss Fuse Integration Services."
+ }
+ },
+ "items": [
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "fis-java-openshift"
+ },
+ "spec": {
+ "dockerImageRepository": "registry.access.redhat.com/jboss-fuse-6/fis-java-openshift",
+ "tags": [
+ {
+ "name": "1.0",
+ "annotations": {
+ "description": "JBoss Fuse Integration Services 1.0 Java S2I images.",
+ "iconClass": "icon-jboss",
+ "tags": "builder,jboss-fuse,java,xpaas",
+ "supports":"jboss-fuse:6.2.1,java:8,xpaas:1.2",
+ "version": "1.0"
+ }
+ },
+ {
+ "name": "2.0",
+ "annotations": {
+ "description": "JBoss Fuse Integration Services 2.0 Java S2I images.",
+ "iconClass": "icon-jboss",
+ "tags": "builder,jboss-fuse,java,xpaas",
+ "supports":"jboss-fuse:6.3.0,java:8,xpaas:1.2",
+ "version": "2.0"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "fis-karaf-openshift"
+ },
+ "spec": {
+ "dockerImageRepository": "registry.access.redhat.com/jboss-fuse-6/fis-karaf-openshift",
+ "tags": [
+ {
+ "name": "1.0",
+ "annotations": {
+ "description": "JBoss Fuse Integration Services 1.0 Karaf S2I images.",
+ "iconClass": "icon-jboss",
+ "tags": "builder,jboss-fuse,java,karaf,xpaas",
+ "supports":"jboss-fuse:6.2.1,java:8,xpaas:1.2",
+ "version": "1.0"
+ }
+ },
+ {
+ "name": "2.0",
+ "annotations": {
+ "description": "JBoss Fuse Integration Services 2.0 Karaf S2I images.",
+ "iconClass": "icon-jboss",
+ "tags": "builder,jboss-fuse,java,karaf,xpaas",
+ "supports":"jboss-fuse:6.3.0,java:8,xpaas:1.2",
+ "version": "2.0"
+ }
+ }
+ ]
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-streams/jboss-image-streams.json b/roles/openshift_examples/files/examples/v3.8/xpaas-streams/jboss-image-streams.json
new file mode 100644
index 000000000..ed2dbf572
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-streams/jboss-image-streams.json
@@ -0,0 +1,1480 @@
+{
+ "kind": "List",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jboss-image-streams",
+ "annotations": {
+ "description": "ImageStream definitions for JBoss Middleware products.",
+ "openshift.io/provider-display-name": "Red Hat, Inc."
+ }
+ },
+ "items": [
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jboss-webserver30-tomcat7-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Apache Tomcat 7",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "version": "1.4.7"
+ }
+ },
+ "labels": {
+ "xpaas": "1.4.7"
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "1.1",
+ "annotations": {
+ "description": "JBoss Web Server 3.0 Apache Tomcat 7 S2I images.",
+ "iconClass": "icon-rh-tomcat",
+ "tags": "builder,tomcat,tomcat7,java,jboss,hidden",
+ "supports": "tomcat7:3.0,tomcat:7,java:8",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "sampleContextDir": "tomcat-websocket-chat",
+ "version": "1.1",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Apache Tomcat 7"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-webserver-3/webserver30-tomcat7-openshift:1.1"
+ }
+ },
+ {
+ "name": "1.2",
+ "annotations": {
+ "description": "JBoss Web Server 3.0 Apache Tomcat 7 S2I images.",
+ "iconClass": "icon-rh-tomcat",
+ "tags": "builder,tomcat,tomcat7,java,jboss,hidden",
+ "supports": "tomcat7:3.0,tomcat:7,java:8",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "sampleContextDir": "tomcat-websocket-chat",
+ "version": "1.2",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Apache Tomcat 7"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-webserver-3/webserver30-tomcat7-openshift:1.2"
+ }
+ },
+ {
+ "name": "1.3",
+ "annotations": {
+ "description": "JBoss Web Server 3.0 Apache Tomcat 7 S2I images.",
+ "iconClass": "icon-rh-tomcat",
+ "tags": "builder,tomcat,tomcat7,java,jboss,hidden",
+ "supports": "tomcat7:3.0,tomcat:7,java:8",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "sampleContextDir": "tomcat-websocket-chat",
+ "version": "1.3",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 ApacheTomcat 7"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-webserver-3/webserver30-tomcat7-openshift:1.3"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jboss-webserver30-tomcat8-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Apache Tomcat 8",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "version": "1.4.7"
+ }
+ },
+ "labels": {
+ "xpaas": "1.4.7"
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "1.1",
+ "annotations": {
+ "description": "JBoss Web Server 3.0 Apache Tomcat 8 S2I images.",
+ "iconClass": "icon-rh-tomcat",
+ "tags": "builder,tomcat,tomcat8,java,jboss,hidden",
+ "supports": "tomcat8:3.0,tomcat:8,java:8",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "sampleContextDir": "tomcat-websocket-chat",
+ "version": "1.1",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Apache Tomcat 8"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-webserver-3/webserver30-tomcat8-openshift:1.1"
+ }
+ },
+ {
+ "name": "1.2",
+ "annotations": {
+ "description": "JBoss Web Server 3.0 Apache Tomcat 8 S2I images.",
+ "iconClass": "icon-rh-tomcat",
+ "tags": "builder,tomcat,tomcat8,java,jboss,hidden",
+ "supports": "tomcat8:3.0,tomcat:8,java:8",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "sampleContextDir": "tomcat-websocket-chat",
+ "version": "1.2",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Apache Tomcat 8"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-webserver-3/webserver30-tomcat8-openshift:1.2"
+ }
+ },
+ {
+ "name": "1.3",
+ "annotations": {
+ "description": "JBoss Web Server 3.0 Apache Tomcat 8 S2I images.",
+ "iconClass": "icon-rh-tomcat",
+ "tags": "builder,tomcat,tomcat8,java,jboss,hidden",
+ "supports": "tomcat8:3.0,tomcat:8,java:8",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "sampleContextDir": "tomcat-websocket-chat",
+ "version": "1.3",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Apache Tomcat 8"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-webserver-3/webserver30-tomcat8-openshift:1.3"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jboss-webserver31-tomcat7-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Apache Tomcat 7",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "version": "1.4.7"
+ }
+ },
+ "labels": {
+ "xpaas": "1.4.7"
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "1.0",
+ "annotations": {
+ "description": "JBoss Web Server 3.1 Apache Tomcat 7 S2I images.",
+ "iconClass": "icon-rh-tomcat",
+ "tags": "builder,tomcat,tomcat7,java,jboss,hidden",
+ "supports": "tomcat7:3.1,tomcat:7,java:8",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "sampleContextDir": "tomcat-websocket-chat",
+ "version": "1.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Apache Tomcat 7"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-webserver-3/webserver31-tomcat7-openshift:1.0"
+ }
+ },
+ {
+ "name": "1.1",
+ "annotations": {
+ "description": "JBoss Web Server 3.1 Apache Tomcat 7 S2I images.",
+ "iconClass": "icon-rh-tomcat",
+ "tags": "builder,tomcat,tomcat7,java,jboss,hidden",
+ "supports": "tomcat7:3.1,tomcat:7,java:8",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "sampleContextDir": "tomcat-websocket-chat",
+ "version": "1.1",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Apache Tomcat 7"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-webserver-3/webserver31-tomcat7-openshift:1.1"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jboss-webserver31-tomcat8-openshift",
+ "annotations": {
+ "openshift.io/display-name": "JBoss Web Server 3.1 Apache Tomcat 8",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "version": "1.4.7"
+ }
+ },
+ "labels": {
+ "xpaas": "1.4.7"
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "1.0",
+ "annotations": {
+ "description": "JBoss Web Server 3.1 Apache Tomcat 8 S2I images.",
+ "iconClass": "icon-rh-tomcat",
+ "tags": "builder,tomcat,tomcat8,java,jboss,hidden",
+ "supports": "tomcat8:3.1,tomcat:8,java:8",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "sampleContextDir": "tomcat-websocket-chat",
+ "version": "1.0",
+ "openshift.io/display-name": "JBoss Web Server 3.1 Apache Tomcat 8"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-webserver-3/webserver31-tomcat8-openshift:1.0"
+ }
+ },
+ {
+ "name": "1.1",
+ "annotations": {
+ "description": "JBoss Web Server 3.1 Apache Tomcat 8 S2I images.",
+ "iconClass": "icon-rh-tomcat",
+ "tags": "builder,tomcat,tomcat8,java,jboss,hidden",
+ "supports": "tomcat8:3.1,tomcat:8,java:8",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "sampleContextDir": "tomcat-websocket-chat",
+ "version": "1.1",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Apache Tomcat 8"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-webserver-3/webserver31-tomcat8-openshift:1.1"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jboss-eap64-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "version": "1.4.7"
+ }
+ },
+ "labels": {
+ "xpaas": "1.4.7"
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "1.1",
+ "annotations": {
+ "description": "JBoss EAP 6.4 S2I images.",
+ "iconClass": "icon-eap",
+ "tags": "builder,eap,javaee,java,jboss,hidden",
+ "supports": "eap:6.4,javaee:6,java:8",
+ "sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
+ "sampleContextDir": "kitchensink",
+ "sampleRef": "6.4.x",
+ "version": "1.1",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-eap-6/eap64-openshift:1.1"
+ }
+ },
+ {
+ "name": "1.2",
+ "annotations": {
+ "description": "JBoss EAP 6.4 S2I images.",
+ "iconClass": "icon-eap",
+ "tags": "builder,eap,javaee,java,jboss,hidden",
+ "supports": "eap:6.4,javaee:6,java:8",
+ "sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
+ "sampleContextDir": "kitchensink",
+ "sampleRef": "6.4.x",
+ "version": "1.2",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-eap-6/eap64-openshift:1.2"
+ }
+ },
+ {
+ "name": "1.3",
+ "annotations": {
+ "description": "JBoss EAP 6.4 S2I images.",
+ "iconClass": "icon-eap",
+ "tags": "builder,eap,javaee,java,jboss,hidden",
+ "supports": "eap:6.4,javaee:6,java:8",
+ "sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
+ "sampleContextDir": "kitchensink",
+ "sampleRef": "6.4.x",
+ "version": "1.3",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-eap-6/eap64-openshift:1.3"
+ }
+ },
+ {
+ "name": "1.4",
+ "annotations": {
+ "description": "JBoss EAP 6.4 S2I images.",
+ "iconClass": "icon-eap",
+ "tags": "builder,eap,javaee,java,jboss,hidden",
+ "supports": "eap:6.4,javaee:6,java:8",
+ "sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
+ "sampleContextDir": "kitchensink",
+ "sampleRef": "6.4.x",
+ "version": "1.4",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-eap-6/eap64-openshift:1.4"
+ }
+ },
+ {
+ "name": "1.5",
+ "annotations": {
+ "description": "JBoss EAP 6.4 S2I images.",
+ "iconClass": "icon-eap",
+ "tags": "builder,eap,javaee,java,jboss,hidden",
+ "supports": "eap:6.4,javaee:6,java:8",
+ "sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
+ "sampleContextDir": "kitchensink",
+ "sampleRef": "6.4.x",
+ "version": "1.5",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-eap-6/eap64-openshift:1.5"
+ }
+ },
+ {
+ "name": "1.6",
+ "annotations": {
+ "description": "JBoss EAP 6.4 S2I images.",
+ "iconClass": "icon-eap",
+ "tags": "builder,eap,javaee,java,jboss,hidden",
+ "supports": "eap:6.4,javaee:6,java:8",
+ "sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
+ "sampleContextDir": "kitchensink",
+ "sampleRef": "6.4.x",
+ "version": "1.6",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-eap-6/eap64-openshift:1.6"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jboss-eap70-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "version": "1.4.7"
+ }
+ },
+ "labels": {
+ "xpaas": "1.4.7"
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "1.3",
+ "annotations": {
+ "description": "JBoss EAP 7.0 S2I images.",
+ "iconClass": "icon-eap",
+ "tags": "builder,eap,javaee,java,jboss,hidden",
+ "supports": "eap:7.0,javaee:7,java:8",
+ "sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
+ "sampleContextDir": "kitchensink",
+ "sampleRef": "7.0.0.GA",
+ "version": "1.3",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-eap-7/eap70-openshift:1.3"
+ }
+ },
+ {
+ "name": "1.4",
+ "annotations": {
+ "description": "JBoss EAP 7.0 S2I images.",
+ "iconClass": "icon-eap",
+ "tags": "builder,eap,javaee,java,jboss,hidden",
+ "supports": "eap:7.0,javaee:7,java:8",
+ "sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
+ "sampleContextDir": "kitchensink",
+ "sampleRef": "7.0.0.GA",
+ "version": "1.4",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-eap-7/eap70-openshift:1.4"
+ }
+ },
+ {
+ "name": "1.5",
+ "annotations": {
+ "description": "JBoss EAP 7.0 S2I images.",
+ "iconClass": "icon-eap",
+ "tags": "builder,eap,javaee,java,jboss,hidden",
+ "supports": "eap:7.0,javaee:7,java:8",
+ "sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
+ "sampleContextDir": "kitchensink",
+ "sampleRef": "7.0.0.GA",
+ "version": "1.5",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-eap-7/eap70-openshift:1.5"
+ }
+ },
+ {
+ "name": "1.6",
+ "annotations": {
+ "description": "JBoss EAP 7.0 S2I images.",
+ "iconClass": "icon-eap",
+ "tags": "builder,eap,javaee,java,jboss,hidden",
+ "supports": "eap:7.0,javaee:7,java:8",
+ "sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
+ "sampleContextDir": "kitchensink",
+ "sampleRef": "7.0.0.GA",
+ "version": "1.6",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-eap-7/eap70-openshift:1.6"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jboss-eap71-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.1",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "version": "1.4.7"
+ }
+ },
+ "labels": {
+ "xpaas": "1.4.7"
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "TP",
+ "annotations": {
+ "description": "JBoss EAP 7.1 Tech Preview.",
+ "iconClass": "icon-eap",
+ "tags": "builder,eap,javaee,java,jboss,hidden",
+ "supports": "eap:7.1,javaee:7,java:8,xpass:1.0",
+ "sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
+ "sampleContextDir": "kitchensink",
+ "sampleRef": "7.0.0.GA",
+ "version": "TP",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.1 (Tech Preview)"
+ },
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "1.0-TP"
+ }
+ },
+ {
+ "name": "1.0-TP",
+ "annotations": {
+ "description": "JBoss EAP 7.1 Tech Preview.",
+ "iconClass": "icon-eap",
+ "tags": "builder,eap,javaee,java,jboss,hidden",
+ "supports": "eap:7.1,javaee:7,java:8",
+ "sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
+ "sampleContextDir": "kitchensink",
+ "sampleRef": "7.0.0.GA",
+ "version": "1.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.1 (Tech Preview)"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-eap-7-tech-preview/eap71-openshift:1.0"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jboss-decisionserver62-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.2 decision server",
+ "version": "1.4.7"
+ }
+ },
+ "labels": {
+ "xpaas": "1.4.7"
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "1.2",
+ "annotations": {
+ "description": "Red Hat JBoss BRMS 6.2 decision server S2I images.",
+ "iconClass": "icon-decisionserver",
+ "tags": "builder,decisionserver,hidden",
+ "supports": "decisionserver:6.2",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "sampleContextDir": "decisionserver/hellorules",
+ "sampleRef": "1.2",
+ "version": "1.2",
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.2 decision server"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-decisionserver-6/decisionserver62-openshift:1.2"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jboss-decisionserver63-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.3 decision server",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "version": "1.4.7"
+ }
+ },
+ "labels": {
+ "xpaas": "1.4.7"
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "1.3",
+ "annotations": {
+ "description": "Red Hat JBoss BRMS 6.3 decision server S2I images.",
+ "iconClass": "icon-decisionserver",
+ "tags": "builder,decisionserver,hidden",
+ "supports": "decisionserver:6.3",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "sampleContextDir": "decisionserver/hellorules",
+ "sampleRef": "1.3",
+ "version": "1.3",
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.3 decision server"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-decisionserver-6/decisionserver63-openshift:1.3"
+ }
+ },
+ {
+ "name": "1.4",
+ "annotations": {
+ "description": "Red Hat JBoss BRMS 6.3 decision server S2I images.",
+ "iconClass": "icon-decisionserver",
+ "tags": "builder,decisionserver,java,hidden",
+ "supports": "decisionserver:6.3,java:8",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "sampleContextDir": "decisionserver/hellorules",
+ "sampleRef": "1.3",
+ "version": "1.4",
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.3 decision server"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-decisionserver-6/decisionserver63-openshift:1.4"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jboss-decisionserver64-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.4 decision server",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "version": "1.4.7"
+ }
+ },
+ "labels": {
+ "xpaas": "1.4.7"
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "1.0",
+ "annotations": {
+ "description": "Red Hat JBoss BRMS 6.4 decision server S2I images.",
+ "iconClass": "icon-decisionserver",
+ "tags": "builder,decisionserver,java,hidden",
+ "supports": "decisionserver:6.4,java:8",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "sampleContextDir": "decisionserver/hellorules",
+ "sampleRef": "1.3",
+ "version": "1.0",
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.4 decision server"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-decisionserver-6/decisionserver64-openshift:1.0"
+ }
+ },
+ {
+ "name": "1.1",
+ "annotations": {
+ "description": "Red Hat JBoss BRMS 6.4 decision server S2I images.",
+ "iconClass": "icon-decisionserver",
+ "tags": "builder,decisionserver,java,hidden",
+ "supports": "decisionserver:6.4,java:8",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "sampleContextDir": "decisionserver/hellorules",
+ "sampleRef": "1.3",
+ "version": "1.1",
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.4 decision server"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-decisionserver-6/decisionserver64-openshift:1.1"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jboss-processserver63-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "version": "1.4.7"
+ }
+ },
+ "labels": {
+ "xpaas": "1.4.7"
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "1.3",
+ "annotations": {
+ "description": "Red Hat JBoss BPM Suite 6.3 intelligent process server S2I images.",
+ "iconClass": "icon-processserver",
+ "tags": "builder,processserver,hidden",
+ "supports": "processserver:6.3",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "sampleContextDir": "processserver/library",
+ "sampleRef": "1.3",
+ "version": "1.3",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-processserver-6/processserver63-openshift:1.3"
+ }
+ },
+ {
+ "name": "1.4",
+ "annotations": {
+ "description": "Red Hat JBoss BPM Suite 6.3 intelligent process server S2I images.",
+ "iconClass": "icon-processserver",
+ "tags": "builder,processserver,java,hidden",
+ "supports": "processserver:6.3,java:8",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "sampleContextDir": "processserver/library",
+ "sampleRef": "1.3",
+ "version": "1.4",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-processserver-6/processserver63-openshift:1.4"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jboss-processserver64-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.4 intelligent process server",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "version": "1.4.7"
+ }
+ },
+ "labels": {
+ "xpaas": "1.4.7"
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "1.0",
+ "annotations": {
+ "description": "Red Hat JBoss BPM Suite 6.4 intelligent process server S2I images.",
+ "iconClass": "icon-processserver",
+ "tags": "builder,processserver,java,hidden",
+ "supports": "processserver:6.4,java:8",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "sampleContextDir": "processserver/library",
+ "sampleRef": "1.3",
+ "version": "1.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.4 intelligent process server"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-processserver-6/processserver64-openshift:1.0"
+ }
+ },
+ {
+ "name": "1.1",
+ "annotations": {
+ "description": "Red Hat JBoss BPM Suite 6.4 intelligent process server S2I images.",
+ "iconClass": "icon-processserver",
+ "tags": "builder,processserver,java,hidden",
+ "supports": "processserver:6.4,java:8",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "sampleContextDir": "processserver/library",
+ "sampleRef": "1.3",
+ "version": "1.1",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.4 intelligent process server"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-processserver-6/processserver64-openshift:1.1"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jboss-datagrid65-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "version": "1.4.7"
+ }
+ },
+ "labels": {
+ "xpaas": "1.4.7"
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "1.2",
+ "annotations": {
+ "description": "JBoss Data Grid 6.5 S2I images.",
+ "iconClass": "icon-datagrid",
+ "tags": "datagrid,jboss,hidden",
+ "supports": "datagrid:6.5",
+ "version": "1.2",
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-datagrid-6/datagrid65-openshift:1.2"
+ }
+ },
+ {
+ "name": "1.3",
+ "annotations": {
+ "description": "JBoss Data Grid 6.5 S2I images.",
+ "iconClass": "icon-datagrid",
+ "tags": "datagrid,jboss,hidden",
+ "supports": "datagrid:6.5",
+ "version": "1.3",
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-datagrid-6/datagrid65-openshift:1.3"
+ }
+ },
+ {
+ "name": "1.4",
+ "annotations": {
+ "description": "JBoss Data Grid 6.5 S2I images.",
+ "iconClass": "icon-datagrid",
+ "tags": "datagrid,jboss,hidden",
+ "supports": "datagrid:6.5",
+ "version": "1.4",
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-datagrid-6/datagrid65-openshift:1.4"
+ }
+ },
+ {
+ "name": "1.5",
+ "annotations": {
+ "description": "JBoss Data Grid 6.5 S2I images.",
+ "iconClass": "icon-datagrid",
+ "tags": "datagrid,jboss,hidden",
+ "supports": "datagrid:6.5",
+ "version": "1.5",
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-datagrid-6/datagrid65-openshift:1.5"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jboss-datagrid71-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 7.1",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "version": "1.4.7"
+ }
+ },
+ "labels": {
+ "xpaas": "1.4.7"
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "1.0",
+ "annotations": {
+ "description": "JBoss Data Grid 7.1 S2I images.",
+ "iconClass": "icon-datagrid",
+ "tags": "datagrid,jboss,hidden",
+ "supports": "datagrid:7.1",
+ "version": "1.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 7.1"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-datagrid-7/datagrid71-openshift:1.0"
+ }
+ },
+ {
+ "name": "1.1",
+ "annotations": {
+ "description": "JBoss Data Grid 7.1 S2I images.",
+ "iconClass": "icon-datagrid",
+ "tags": "datagrid,jboss,hidden",
+ "supports": "datagrid:7.1",
+ "version": "1.1",
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 7.1"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-datagrid-7/datagrid71-openshift:1.1"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jboss-datagrid65-client-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5 Client Modules for EAP",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "version": "1.4.7"
+ }
+ },
+ "labels": {
+ "xpaas": "1.4.7"
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "1.0",
+ "annotations": {
+ "description": "JBoss Data Grid 6.5 Client Modules for EAP.",
+ "iconClass": "icon-datagrid",
+ "tags": "client,jboss,hidden",
+ "version": "1.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5 Client Modules for EAP"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-datagrid-6/datagrid65-client-openshift:1.0"
+ }
+ },
+ {
+ "name": "1.1",
+ "annotations": {
+ "description": "JBoss Data Grid 6.5 Client Modules for EAP.",
+ "iconClass": "icon-datagrid",
+ "tags": "client,jboss,hidden",
+ "version": "1.1",
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5 Client Modules for EAP"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-datagrid-6/datagrid65-client-openshift:1.1"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jboss-datagrid71-client-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 7.1 Client Modules for EAP",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "version": "1.4.7"
+ }
+ },
+ "labels": {
+ "xpaas": "1.4.7"
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "1.0",
+ "annotations": {
+ "description": "JBoss Data Grid 7.1 Client Modules for EAP.",
+ "iconClass": "icon-datagrid",
+ "tags": "client,jboss,hidden",
+ "version": "1.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 7.1 Client Modules for EAP"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-datagrid-7/datagrid71-client-openshift:1.0"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jboss-datavirt63-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.3",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "version": "1.4.7"
+ }
+ },
+ "labels": {
+ "xpaas": "1.4.7"
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "1.0",
+ "annotations": {
+ "description": "Red Hat JBoss Data Virtualization 6.3 S2I images.",
+ "iconClass": "icon-datavirt",
+ "tags": "datavirt,jboss,hidden",
+ "supports": "datavirt:6.3",
+ "version": "1.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.3"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-datavirt-6/datavirt63-openshift:1.0"
+ }
+ },
+ {
+ "name": "1.1",
+ "annotations": {
+ "description": "Red Hat JBoss Data Virtualization 6.3 S2I images.",
+ "iconClass": "icon-datavirt",
+ "tags": "datavirt,jboss,hidden",
+ "supports": "datavirt:6.3",
+ "version": "1.1",
+ "openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.3"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-datavirt-6/datavirt63-openshift:1.1"
+ }
+ },
+ {
+ "name": "1.2",
+ "annotations": {
+ "description": "Red Hat JBoss Data Virtualization 6.3 S2I images.",
+ "iconClass": "icon-datavirt",
+ "tags": "datavirt,jboss,hidden",
+ "supports": "datavirt:6.3",
+ "version": "1.2",
+ "openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.3"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-datavirt-6/datavirt63-openshift:1.2"
+ }
+ },
+ {
+ "name": "1.3",
+ "annotations": {
+ "description": "Red Hat JBoss Data Virtualization 6.3 S2I images.",
+ "iconClass": "icon-datavirt",
+ "tags": "datavirt,jboss,hidden",
+ "supports":"datavirt:6.3",
+ "version": "1.3",
+ "openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.3"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-datavirt-6/datavirt63-openshift:1.3"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jboss-datavirt63-driver-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.5 JDBC Driver Modules for EAP",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "version": "1.4.7"
+ }
+ },
+ "labels": {
+ "xpaas": "1.4.7"
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "1.0",
+ "annotations": {
+ "description": "JBoss Data Virtualization 6.5 JDBC Driver Modules for EAP.",
+ "iconClass": "icon-datavirt",
+ "tags": "client,jboss,hidden",
+ "version": "1.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.5 JDBC Driver Modules for EAP"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-datavirt-6/datavirt63-driver-openshift:1.0"
+ }
+ },
+ {
+ "name": "1.1",
+ "annotations": {
+ "description": "JBoss Data Virtualization 6.5 JDBC Driver Modules for EAP.",
+ "iconClass": "icon-datavirt",
+ "tags": "client,jboss,hidden",
+ "version": "1.1",
+ "openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.5 JDBC Driver Modules for EAP"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-datavirt-6/datavirt63-driver-openshift:1.1"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jboss-amq-62",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.2",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "version": "1.4.7"
+ }
+ },
+ "labels": {
+ "xpaas": "1.4.7"
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "1.1",
+ "annotations": {
+ "description": "JBoss A-MQ 6.2 broker image.",
+ "iconClass": "icon-amq",
+ "tags": "messaging,amq,jboss,hidden",
+ "supports": "amq:6.2,messaging",
+ "version": "1.1",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.2"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-amq-6/amq62-openshift:1.1"
+ }
+ },
+ {
+ "name": "1.2",
+ "annotations": {
+ "description": "JBoss A-MQ 6.2 broker image.",
+ "iconClass": "icon-amq",
+ "tags": "messaging,amq,jboss,hidden",
+ "supports": "amq:6.2,messaging",
+ "version": "1.2",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.2"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-amq-6/amq62-openshift:1.2"
+ }
+ },
+ {
+ "name": "1.3",
+ "annotations": {
+ "description": "JBoss A-MQ 6.2 broker image.",
+ "iconClass": "icon-amq",
+ "tags": "messaging,amq,jboss,hidden",
+ "supports": "amq:6.2,messaging",
+ "version": "1.3",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.2"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-amq-6/amq62-openshift:1.3"
+ }
+ },
+ {
+ "name": "1.4",
+ "annotations": {
+ "description": "JBoss A-MQ 6.2 broker image.",
+ "iconClass": "icon-amq",
+ "tags": "messaging,amq,jboss,hidden",
+ "supports": "amq:6.2,messaging",
+ "version": "1.4",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.2"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-amq-6/amq62-openshift:1.4"
+ }
+ },
+ {
+ "name": "1.5",
+ "annotations": {
+ "description": "JBoss A-MQ 6.2 broker image.",
+ "iconClass": "icon-amq",
+ "tags": "messaging,amq,jboss,hidden",
+ "supports": "amq:6.2,messaging",
+ "version": "1.5",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.2"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-amq-6/amq62-openshift:1.5"
+ }
+ },
+ {
+ "name": "1.6",
+ "annotations": {
+ "description": "JBoss A-MQ 6.2 broker image.",
+ "iconClass": "icon-amq",
+ "tags": "messaging,amq,jboss,hidden",
+ "supports":"amq:6.2,messaging",
+ "version": "1.6",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.2"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-amq-6/amq62-openshift:1.6"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jboss-amq-63",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.3",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "version": "1.4.7"
+ }
+ },
+ "labels": {
+ "xpaas": "1.4.7"
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "1.0",
+ "annotations": {
+ "description": "JBoss A-MQ 6.3 broker image.",
+ "iconClass": "icon-amq",
+ "tags": "messaging,amq,jboss,hidden",
+ "supports": "amq:6.3,messaging",
+ "version": "1.0",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.3"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-amq-6/amq63-openshift:1.0"
+ }
+ },
+ {
+ "name": "1.1",
+ "annotations": {
+ "description": "JBoss A-MQ 6.3 broker image.",
+ "iconClass": "icon-amq",
+ "tags": "messaging,amq,jboss,hidden",
+ "supports": "amq:6.3,messaging",
+ "version": "1.1",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.3"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-amq-6/amq63-openshift:1.1"
+ }
+ },
+ {
+ "name": "1.2",
+ "annotations": {
+ "description": "JBoss A-MQ 6.3 broker image.",
+ "iconClass": "icon-amq",
+ "tags": "messaging,amq,jboss,hidden",
+ "supports": "amq:6.3,messaging",
+ "version": "1.2",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.3"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-amq-6/amq63-openshift:1.2"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "redhat-sso70-openshift",
+ "annotations": {
+ "description": "Red Hat SSO 7.0",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.0",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "version": "1.4.7"
+ }
+ },
+ "labels": {
+ "xpaas": "1.4.7"
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "1.3",
+ "annotations": {
+ "description": "Red Hat SSO 7.0",
+ "iconClass": "icon-sso",
+ "tags": "sso,keycloak,redhat,hidden",
+ "supports": "sso:7.0",
+ "version": "1.3",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.0"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/redhat-sso-7/sso70-openshift:1.3"
+ }
+ },
+ {
+ "name": "1.4",
+ "annotations": {
+ "description": "Red Hat SSO 7.0",
+ "iconClass": "icon-sso",
+ "tags": "sso,keycloak,redhat,hidden",
+ "supports": "sso:7.0",
+ "version": "1.4",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.0"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/redhat-sso-7/sso70-openshift:1.4"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "redhat-sso71-openshift",
+ "annotations": {
+ "description": "Red Hat SSO 7.1",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.1",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "version": "1.4.7"
+ }
+ },
+ "labels": {
+ "xpaas": "1.4.7"
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "1.0",
+ "annotations": {
+ "description": "Red Hat SSO 7.1",
+ "iconClass": "icon-sso",
+ "tags": "sso,keycloak,redhat,hidden",
+ "supports": "sso:7.1",
+ "version": "1.0",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.1"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/redhat-sso-7/sso71-openshift:1.0"
+ }
+ },
+ {
+ "name": "1.1",
+ "annotations": {
+ "description": "Red Hat SSO 7.1",
+ "iconClass": "icon-sso",
+ "tags": "sso,keycloak,redhat,hidden",
+ "supports": "sso:7.1",
+ "version": "1.1",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.1"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/redhat-sso-7/sso71-openshift:1.1"
+ }
+ },
+ {
+ "name": "1.2",
+ "annotations": {
+ "description": "Red Hat SSO 7.1",
+ "iconClass": "icon-sso",
+ "tags": "sso,keycloak,redhat,hidden",
+ "supports": "sso:7.1",
+ "version": "1.2",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.1"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/redhat-sso-7/sso71-openshift:1.2"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "redhat-openjdk18-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat OpenJDK 8",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "version": "1.4.7"
+ }
+ },
+ "labels": {
+ "xpaas": "1.4.7"
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "1.0",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat OpenJDK 8",
+ "description": "Build and run Java applications using Maven and OpenJDK 8.",
+ "iconClass": "icon-rh-openjdk",
+ "tags": "builder,java,openjdk,hidden",
+ "supports": "java:8",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "sampleContextDir": "undertow-servlet",
+ "version": "1.0"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/redhat-openjdk-18/openjdk18-openshift:1.0"
+ }
+ },
+ {
+ "name": "1.1",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat OpenJDK 8",
+ "description": "Build and run Java applications using Maven and OpenJDK 8.",
+ "iconClass": "icon-rh-openjdk",
+ "tags": "builder,java,openjdk",
+ "supports": "java:8",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "sampleContextDir": "undertow-servlet",
+ "version": "1.1"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/redhat-openjdk-18/openjdk18-openshift:1.1"
+ }
+ },
+ {
+ "name": "1.2",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat OpenJDK 8",
+ "description": "Build and run Java applications using Maven and OpenJDK 8.",
+ "iconClass": "icon-rh-openjdk",
+ "tags": "builder,java,openjdk",
+ "supports": "java:8",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "sampleContextDir": "undertow-servlet",
+ "version": "1.2"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/redhat-openjdk-18/openjdk18-openshift:1.2"
+ }
+ }
+ ]
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/amq62-basic.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/amq62-basic.json
new file mode 100644
index 000000000..8f8e14cb6
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/amq62-basic.json
@@ -0,0 +1,346 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for JBoss A-MQ brokers. These can be deployed as standalone or in a mesh. This template doesn't feature SSL support.",
+ "iconClass": "icon-amq",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "tags": "messaging,amq,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss A-MQ 6.2 (Ephemeral, no SSL)"
+ },
+ "name": "amq62-basic"
+ },
+ "labels": {
+ "template": "amq62-basic",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new messaging service has been created in your project. It will handle the protocol(s) \"${MQ_PROTOCOL}\". The username/password for accessing the service is ${MQ_USERNAME}/${MQ_PASSWORD}.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "broker",
+ "required": true
+ },
+ {
+ "displayName": "A-MQ Protocols",
+ "description": "Protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`.",
+ "name": "MQ_PROTOCOL",
+ "value": "openwire",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. If left empty, queues will be still created dynamically.",
+ "name": "MQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. If left empty, topics will be still created dynamically.",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Serializable Packages",
+ "description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Username",
+ "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Password",
+ "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Mesh Discovery Type",
+ "description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "kube",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Storage Limit",
+ "description": "The A-MQ storage usage limit",
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "100 gb",
+ "required": false
+ },
+ {
+ "displayName": "Queue Memory Limit",
+ "description": "The queue memory limit (default is 1mb)",
+ "name": "AMQ_QUEUE_MEMORY_LIMIT",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5672,
+ "targetPort": 5672
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-amqp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's AMQP port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 1883,
+ "targetPort": 1883
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-mqtt",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's MQTT port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61613,
+ "targetPort": 61613
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-stomp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's STOMP port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61616,
+ "targetPort": 61616
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-tcp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's OpenWire port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-amqp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-mqtt\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-stomp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Rolling",
+ "rollingParams": {
+ "maxSurge": 0
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-amq"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-amq-62:1.6"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-amq",
+ "image": "jboss-amq-62",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/amq/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp",
+ "containerPort": 5672,
+ "protocol": "TCP"
+ },
+ {
+ "name": "mqtt",
+ "containerPort": 1883,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp",
+ "containerPort": 61613,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp",
+ "containerPort": 61616,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "AMQ_USER",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "AMQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "AMQ_TRANSPORTS",
+ "value": "${MQ_PROTOCOL}"
+ },
+ {
+ "name": "AMQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "AMQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "${MQ_SERIALIZABLE_PACKAGES}"
+ },
+ {
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "${AMQ_MESH_DISCOVERY_TYPE}"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-amq-tcp"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "${AMQ_STORAGE_USAGE_LIMIT}"
+ },
+ {
+ "name": "AMQ_QUEUE_MEMORY_LIMIT",
+ "value": "${AMQ_QUEUE_MEMORY_LIMIT}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/amq62-persistent-ssl.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/amq62-persistent-ssl.json
new file mode 100644
index 000000000..96f9d616f
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/amq62-persistent-ssl.json
@@ -0,0 +1,693 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-amq",
+ "tags": "messaging,amq,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss A-MQ 6.2 (with SSL)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example JBoss A-MQ application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat JBoss A-MQ 6.2 based application, including a deployment configuration, using persistence and secure communication using SSL.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-amq/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+
+ },
+ "name": "amq62-persistent-ssl"
+ },
+ "labels": {
+ "template": "amq62-persistent-ssl",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new persistent messaging service with SSL support has been created in your project. It will handle the protocol(s) \"${MQ_PROTOCOL}\". The username/password for accessing the service is ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"amq-service-account\" service account and a secret named \"${AMQ_SECRET}\" containing the trust store and key store files (\"${AMQ_TRUSTSTORE}\" and \"${AMQ_KEYSTORE}\") used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "broker",
+ "required": true
+ },
+ {
+ "displayName": "Split Data?",
+ "description": "Split the data directory for each node in a mesh, this is now the default behaviour.",
+ "name": "AMQ_SPLIT",
+ "value": "true",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Protocols",
+ "description": "Protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`.",
+ "name": "MQ_PROTOCOL",
+ "value": "openwire",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. If left empty, queues will be still created dynamically.",
+ "name": "MQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. If left empty, topics will be still created dynamically.",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Serializable Packages",
+ "description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Volume Size",
+ "description": "Size of the volume used by A-MQ for persisting messages.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "A-MQ Username",
+ "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Password",
+ "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Mesh Discovery Type",
+ "description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "kube",
+ "required": false
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "Name of a secret containing SSL related files",
+ "name": "AMQ_SECRET",
+ "value": "amq-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Trust Store Filename",
+ "description": "SSL trust store filename",
+ "name": "AMQ_TRUSTSTORE",
+ "value": "broker.ts",
+ "required": true
+ },
+ {
+ "displayName": "Trust Store Password",
+ "description": "SSL trust store password",
+ "name": "AMQ_TRUSTSTORE_PASSWORD",
+ "value": "",
+ "required": true
+ },
+ {
+ "displayName": "A-MQ Keystore Filename",
+ "description": "SSL key store filename",
+ "name": "AMQ_KEYSTORE",
+ "value": "broker.ks",
+ "required": true
+ },
+ {
+ "displayName": "A-MQ Keystore Password",
+ "description": "Password for accessing SSL keystore",
+ "name": "AMQ_KEYSTORE_PASSWORD",
+ "value": "",
+ "required": true
+ },
+ {
+ "displayName": "A-MQ Storage Limit",
+ "description": "The A-MQ storage usage limit",
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "100 gb",
+ "required": false
+ },
+ {
+ "displayName": "Queue Memory Limit",
+ "description": "The queue memory limit (default is 1mb)",
+ "name": "AMQ_QUEUE_MEMORY_LIMIT",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5672,
+ "targetPort": 5672
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-amqp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's AMQP port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5671,
+ "targetPort": 5671
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-amqp-ssl",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's AMQP SSL port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 1883,
+ "targetPort": 1883
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-mqtt",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's MQTT port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8883,
+ "targetPort": 8883
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-mqtt-ssl",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's MQTT SSL port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61613,
+ "targetPort": 61613
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-stomp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's STOMP port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61612,
+ "targetPort": 61612
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-stomp-ssl",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's STOMP SSL port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61616,
+ "targetPort": 61616
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-tcp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's OpenWire port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61617,
+ "targetPort": 61617
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-tcp-ssl",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's OpenWire (SSL) port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-amqp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-mqtt\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-stomp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-amqp-ssl\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-mqtt-ssl\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-stomp-ssl\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Rolling",
+ "rollingParams": {
+ "maxSurge": 0
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-amq"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-amq-62:1.6"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "amq-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-amq",
+ "image": "jboss-amq-62",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "broker-secret-volume",
+ "mountPath": "/etc/amq-secret-volume",
+ "readOnly": true
+ },
+ {
+ "mountPath": "/opt/amq/data",
+ "name": "${APPLICATION_NAME}-amq-pvol"
+ }
+ ],
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/amq/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp",
+ "containerPort": 5672,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp-ssl",
+ "containerPort": 5671,
+ "protocol": "TCP"
+ },
+ {
+ "name": "mqtt",
+ "containerPort": 1883,
+ "protocol": "TCP"
+ },
+ {
+ "name": "mqtt-ssl",
+ "containerPort": 8883,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp",
+ "containerPort": 61613,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp-ssl",
+ "containerPort": 61612,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp",
+ "containerPort": 61616,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp-ssl",
+ "containerPort": 61617,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "AMQ_USER",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "AMQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "AMQ_TRANSPORTS",
+ "value": "${MQ_PROTOCOL}"
+ },
+ {
+ "name": "AMQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "AMQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "${MQ_SERIALIZABLE_PACKAGES}"
+ },
+ {
+ "name": "AMQ_SPLIT",
+ "value": "${AMQ_SPLIT}"
+ },
+ {
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "${AMQ_MESH_DISCOVERY_TYPE}"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-amq-tcp"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "AMQ_KEYSTORE_TRUSTSTORE_DIR",
+ "value": "/etc/amq-secret-volume"
+ },
+ {
+ "name": "AMQ_TRUSTSTORE",
+ "value": "${AMQ_TRUSTSTORE}"
+ },
+ {
+ "name": "AMQ_TRUSTSTORE_PASSWORD",
+ "value": "${AMQ_TRUSTSTORE_PASSWORD}"
+ },
+ {
+ "name": "AMQ_KEYSTORE",
+ "value": "${AMQ_KEYSTORE}"
+ },
+ {
+ "name": "AMQ_KEYSTORE_PASSWORD",
+ "value": "${AMQ_KEYSTORE_PASSWORD}"
+ },
+ {
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "${AMQ_STORAGE_USAGE_LIMIT}"
+ },
+ {
+ "name": "AMQ_QUEUE_MEMORY_LIMIT",
+ "value": "${AMQ_QUEUE_MEMORY_LIMIT}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "broker-secret-volume",
+ "secret": {
+ "secretName": "${AMQ_SECRET}"
+ }
+ },
+ {
+ "name": "${APPLICATION_NAME}-amq-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-amq-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-drainer",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-drainer"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-amq-62:1.6"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-drainer"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-drainer",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-drainer",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-drainer",
+ "image": "jboss-amq-62",
+ "command": [
+ "/opt/amq/bin/drain.sh"
+ ],
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "mountPath": "/opt/amq/data",
+ "name": "${APPLICATION_NAME}-amq-pvol"
+ }
+ ],
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp",
+ "containerPort": 61616,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "AMQ_USER",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "AMQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-amq-tcp"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-amq-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-amq-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteMany"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/amq62-persistent.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/amq62-persistent.json
new file mode 100644
index 000000000..67c812fb4
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/amq62-persistent.json
@@ -0,0 +1,506 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for JBoss A-MQ brokers. These can be deployed as standalone and use persistent storage for saving messages, including message migration when the number of pods are reduced. This template doesn't feature SSL support.",
+ "iconClass": "icon-amq",
+ "tags": "messaging,amq,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss A-MQ 6.2 (no SSL)",
+ "openshift.io/provider-display-name": "Red Hat, Inc."
+ },
+ "name": "amq62-persistent"
+ },
+ "labels": {
+ "template": "amq62-persistent",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new persistent messaging service has been created in your project. It will handle the protocol(s) \"${MQ_PROTOCOL}\". The username/password for accessing the service is ${MQ_USERNAME}/${MQ_PASSWORD}.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "broker",
+ "required": true
+ },
+ {
+ "displayName": "Split Data?",
+ "description": "Split the data directory for each node in a mesh, this is now the default behaviour.",
+ "name": "AMQ_SPLIT",
+ "value": "true",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Protocols",
+ "description": "Protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`.",
+ "name": "MQ_PROTOCOL",
+ "value": "openwire",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. If left empty, queues will be still created dynamically.",
+ "name": "MQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. If left empty, topics will be still created dynamically.",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Serializable Packages",
+ "description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Volume Size",
+ "description": "Size of the volume used by A-MQ for persisting messages.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "A-MQ Username",
+ "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Password",
+ "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Mesh Discovery Type",
+ "description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "kube",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Storage Limit",
+ "description": "The A-MQ storage usage limit",
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "100 gb",
+ "required": false
+ },
+ {
+ "displayName": "Queue Memory Limit",
+ "description": "The queue memory limit (default is 1mb)",
+ "name": "AMQ_QUEUE_MEMORY_LIMIT",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5672,
+ "targetPort": 5672
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-amqp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's AMQP port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 1883,
+ "targetPort": 1883
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-mqtt",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's MQTT port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61613,
+ "targetPort": 61613
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-stomp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's STOMP port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61616,
+ "targetPort": 61616
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-tcp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's OpenWire port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-amqp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-mqtt\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-stomp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Rolling",
+ "rollingParams": {
+ "maxSurge": 0
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-amq"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-amq-62:1.6"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-amq",
+ "image": "jboss-amq-62",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "mountPath": "/opt/amq/data",
+ "name": "${APPLICATION_NAME}-amq-pvol"
+ }
+ ],
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/amq/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp",
+ "containerPort": 5672,
+ "protocol": "TCP"
+ },
+ {
+ "name": "mqtt",
+ "containerPort": 1883,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp",
+ "containerPort": 61613,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp",
+ "containerPort": 61616,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "AMQ_USER",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "AMQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "AMQ_TRANSPORTS",
+ "value": "${MQ_PROTOCOL}"
+ },
+ {
+ "name": "AMQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "AMQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "${MQ_SERIALIZABLE_PACKAGES}"
+ },
+ {
+ "name": "AMQ_SPLIT",
+ "value": "${AMQ_SPLIT}"
+ },
+ {
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "${AMQ_MESH_DISCOVERY_TYPE}"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-amq-tcp"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "${AMQ_STORAGE_USAGE_LIMIT}"
+ },
+ {
+ "name": "AMQ_QUEUE_MEMORY_LIMIT",
+ "value": "${AMQ_QUEUE_MEMORY_LIMIT}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-amq-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-amq-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-drainer",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-drainer"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-amq-62:1.6"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-drainer"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-drainer",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-drainer",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-drainer",
+ "image": "jboss-amq-62",
+ "command": [
+ "/opt/amq/bin/drain.sh"
+ ],
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "mountPath": "/opt/amq/data",
+ "name": "${APPLICATION_NAME}-amq-pvol"
+ }
+ ],
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp",
+ "containerPort": 61616,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "AMQ_USER",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "AMQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-amq-tcp"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-amq-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-amq-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteMany"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/amq62-ssl.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/amq62-ssl.json
new file mode 100644
index 000000000..9f488820c
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/amq62-ssl.json
@@ -0,0 +1,533 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for JBoss A-MQ brokers. These can be deployed as standalone or in a mesh. This template supports SSL and requires usage of OpenShift secrets.",
+ "iconClass": "icon-amq",
+ "tags": "messaging,amq,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss A-MQ 6.2 (Ephemeral with SSL)",
+ "openshift.io/provider-display-name": "Red Hat, Inc."
+ },
+ "name": "amq62-ssl"
+ },
+ "labels": {
+ "template": "amq62-ssl",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new messaging service with SSL support has been created in your project. It will handle the protocol(s) \"${MQ_PROTOCOL}\". The username/password for accessing the service is ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"amq-service-account\" service account and a secret named \"${AMQ_SECRET}\" containing the trust store and key store files (\"${AMQ_TRUSTSTORE}\" and \"${AMQ_KEYSTORE}\") used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "broker",
+ "required": true
+ },
+ {
+ "displayName": "A-MQ Protocols",
+ "description": "Protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. SSL variants of these protocols will be configured automaticaly.",
+ "name": "MQ_PROTOCOL",
+ "value": "openwire",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. If left empty, queues will be still created dynamically.",
+ "name": "MQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. If left empty, topics will be still created dynamically.",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Serializable Packages",
+ "description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Username",
+ "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Password",
+ "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "Name of a secret containing SSL related files",
+ "name": "AMQ_SECRET",
+ "value": "amq-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Trust Store Filename",
+ "description": "SSL trust store filename",
+ "name": "AMQ_TRUSTSTORE",
+ "value": "broker.ts",
+ "required": true
+ },
+ {
+ "displayName": "Trust Store Password",
+ "description": "SSL trust store password",
+ "name": "AMQ_TRUSTSTORE_PASSWORD",
+ "value": "",
+ "required": true
+ },
+ {
+ "displayName": "A-MQ Keystore Filename",
+ "description": "SSL key store filename",
+ "name": "AMQ_KEYSTORE",
+ "value": "broker.ks",
+ "required": true
+ },
+ {
+ "displayName": "A-MQ Keystore Password",
+ "description": "Password for accessing SSL keystore",
+ "name": "AMQ_KEYSTORE_PASSWORD",
+ "value": "",
+ "required": true
+ },
+ {
+ "displayName": "A-MQ Mesh Discovery Type",
+ "description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "kube",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Storage Limit",
+ "description": "The A-MQ storage usage limit",
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "100 gb",
+ "required": false
+ },
+ {
+ "displayName": "Queue Memory Limit",
+ "description": "The queue memory limit (default is 1mb)",
+ "name": "AMQ_QUEUE_MEMORY_LIMIT",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5672,
+ "targetPort": 5672
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-amqp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's AMQP port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5671,
+ "targetPort": 5671
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-amqp-ssl",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's AMQP SSL port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 1883,
+ "targetPort": 1883
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-mqtt",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's MQTT port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8883,
+ "targetPort": 8883
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-mqtt-ssl",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's MQTT SSL port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61613,
+ "targetPort": 61613
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-stomp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's STOMP port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61612,
+ "targetPort": 61612
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-stomp-ssl",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's STOMP SSL port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61616,
+ "targetPort": 61616
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-tcp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's OpenWire port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61617,
+ "targetPort": 61617
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-tcp-ssl",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's OpenWire (SSL) port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-amqp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-mqtt\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-stomp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-amqp-ssl\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-mqtt-ssl\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-stomp-ssl\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Rolling",
+ "rollingParams": {
+ "maxSurge": 0
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-amq"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-amq-62:1.6"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "amq-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-amq",
+ "image": "jboss-amq-62",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "broker-secret-volume",
+ "mountPath": "/etc/amq-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/amq/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp",
+ "containerPort": 5672,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp-ssl",
+ "containerPort": 5671,
+ "protocol": "TCP"
+ },
+ {
+ "name": "mqtt",
+ "containerPort": 1883,
+ "protocol": "TCP"
+ },
+ {
+ "name": "mqtt-ssl",
+ "containerPort": 8883,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp",
+ "containerPort": 61613,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp-ssl",
+ "containerPort": 61612,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp",
+ "containerPort": 61616,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp-ssl",
+ "containerPort": 61617,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "AMQ_USER",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "AMQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "AMQ_TRANSPORTS",
+ "value": "${MQ_PROTOCOL}"
+ },
+ {
+ "name": "AMQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "AMQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "${MQ_SERIALIZABLE_PACKAGES}"
+ },
+ {
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "${AMQ_MESH_DISCOVERY_TYPE}"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-amq-tcp"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "AMQ_KEYSTORE_TRUSTSTORE_DIR",
+ "value": "/etc/amq-secret-volume"
+ },
+ {
+ "name": "AMQ_TRUSTSTORE",
+ "value": "${AMQ_TRUSTSTORE}"
+ },
+ {
+ "name": "AMQ_TRUSTSTORE_PASSWORD",
+ "value": "${AMQ_TRUSTSTORE_PASSWORD}"
+ },
+ {
+ "name": "AMQ_KEYSTORE",
+ "value": "${AMQ_KEYSTORE}"
+ },
+ {
+ "name": "AMQ_KEYSTORE_PASSWORD",
+ "value": "${AMQ_KEYSTORE_PASSWORD}"
+ },
+ {
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "${AMQ_STORAGE_USAGE_LIMIT}"
+ },
+ {
+ "name": "AMQ_QUEUE_MEMORY_LIMIT",
+ "value": "${AMQ_QUEUE_MEMORY_LIMIT}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "broker-secret-volume",
+ "secret": {
+ "secretName": "${AMQ_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/amq63-basic.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/amq63-basic.json
new file mode 100644
index 000000000..e13530764
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/amq63-basic.json
@@ -0,0 +1,346 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for JBoss A-MQ brokers. These can be deployed as standalone or in a mesh. This template doesn't feature SSL support.",
+ "iconClass": "icon-amq",
+ "tags": "messaging,amq,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.3 (Ephemeral, no SSL)",
+ "openshift.io/provider-display-name": "Red Hat, Inc."
+ },
+ "name": "amq63-basic"
+ },
+ "labels": {
+ "template": "amq63-basic",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new messaging service has been created in your project. It will handle the protocol(s) \"${MQ_PROTOCOL}\". The username/password for accessing the service is ${MQ_USERNAME}/${MQ_PASSWORD}.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "broker",
+ "required": true
+ },
+ {
+ "displayName": "A-MQ Protocols",
+ "description": "Protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`.",
+ "name": "MQ_PROTOCOL",
+ "value": "openwire",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. If left empty, queues will be still created dynamically.",
+ "name": "MQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. If left empty, topics will be still created dynamically.",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Serializable Packages",
+ "description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Username",
+ "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Password",
+ "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Mesh Discovery Type",
+ "description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "kube",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Storage Limit",
+ "description": "The A-MQ storage usage limit",
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "100 gb",
+ "required": false
+ },
+ {
+ "displayName": "Queue Memory Limit",
+ "description": "The queue memory limit (default is 1mb)",
+ "name": "AMQ_QUEUE_MEMORY_LIMIT",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5672,
+ "targetPort": 5672
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-amqp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's AMQP port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 1883,
+ "targetPort": 1883
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-mqtt",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's MQTT port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61613,
+ "targetPort": 61613
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-stomp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's STOMP port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61616,
+ "targetPort": 61616
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-tcp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's OpenWire port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-amqp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-mqtt\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-stomp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Rolling",
+ "rollingParams": {
+ "maxSurge": 0
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-amq"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-amq-63:1.2"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-amq",
+ "image": "jboss-amq-63",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/amq/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp",
+ "containerPort": 5672,
+ "protocol": "TCP"
+ },
+ {
+ "name": "mqtt",
+ "containerPort": 1883,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp",
+ "containerPort": 61613,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp",
+ "containerPort": 61616,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "AMQ_USER",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "AMQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "AMQ_TRANSPORTS",
+ "value": "${MQ_PROTOCOL}"
+ },
+ {
+ "name": "AMQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "AMQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "${MQ_SERIALIZABLE_PACKAGES}"
+ },
+ {
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "${AMQ_MESH_DISCOVERY_TYPE}"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-amq-tcp"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "${AMQ_STORAGE_USAGE_LIMIT}"
+ },
+ {
+ "name": "AMQ_QUEUE_MEMORY_LIMIT",
+ "value": "${AMQ_QUEUE_MEMORY_LIMIT}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/amq63-persistent-ssl.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/amq63-persistent-ssl.json
new file mode 100644
index 000000000..3eedee933
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/amq63-persistent-ssl.json
@@ -0,0 +1,692 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-amq",
+ "tags": "messaging,amq,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss A-MQ 6.3 (with SSL)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example JBoss A-MQ application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat JBoss A-MQ 6.3 based application, including a deployment configuration, using persistence and secure communication using SSL.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-amq/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "amq63-persistent-ssl"
+ },
+ "labels": {
+ "template": "amq63-persistent-ssl",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new persistent messaging service with SSL support has been created in your project. It will handle the protocol(s) \"${MQ_PROTOCOL}\". The username/password for accessing the service is ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"amq-service-account\" service account and a secret named \"${AMQ_SECRET}\" containing the trust store and key store files (\"${AMQ_TRUSTSTORE}\" and \"${AMQ_KEYSTORE}\") used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "broker",
+ "required": true
+ },
+ {
+ "displayName": "Split Data?",
+ "description": "Split the data directory for each node in a mesh, this is now the default behaviour.",
+ "name": "AMQ_SPLIT",
+ "value": "true",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Protocols",
+ "description": "Protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`.",
+ "name": "MQ_PROTOCOL",
+ "value": "openwire",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. If left empty, queues will be still created dynamically.",
+ "name": "MQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. If left empty, topics will be still created dynamically.",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Serializable Packages",
+ "description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Volume Size",
+ "description": "Size of the volume used by A-MQ for persisting messages.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "A-MQ Username",
+ "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Password",
+ "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Mesh Discovery Type",
+ "description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "kube",
+ "required": false
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "Name of a secret containing SSL related files",
+ "name": "AMQ_SECRET",
+ "value": "amq-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Trust Store Filename",
+ "description": "SSL trust store filename",
+ "name": "AMQ_TRUSTSTORE",
+ "value": "broker.ts",
+ "required": true
+ },
+ {
+ "displayName": "Trust Store Password",
+ "description": "SSL trust store password",
+ "name": "AMQ_TRUSTSTORE_PASSWORD",
+ "value": "",
+ "required": true
+ },
+ {
+ "displayName": "A-MQ Keystore Filename",
+ "description": "SSL key store filename",
+ "name": "AMQ_KEYSTORE",
+ "value": "broker.ks",
+ "required": true
+ },
+ {
+ "displayName": "A-MQ Keystore Password",
+ "description": "Password for accessing SSL keystore",
+ "name": "AMQ_KEYSTORE_PASSWORD",
+ "value": "",
+ "required": true
+ },
+ {
+ "displayName": "A-MQ Storage Limit",
+ "description": "The A-MQ storage usage limit",
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "100 gb",
+ "required": false
+ },
+ {
+ "displayName": "Queue Memory Limit",
+ "description": "The queue memory limit (default is 1mb)",
+ "name": "AMQ_QUEUE_MEMORY_LIMIT",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5672,
+ "targetPort": 5672
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-amqp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's AMQP port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5671,
+ "targetPort": 5671
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-amqp-ssl",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's AMQP SSL port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 1883,
+ "targetPort": 1883
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-mqtt",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's MQTT port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8883,
+ "targetPort": 8883
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-mqtt-ssl",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's MQTT SSL port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61613,
+ "targetPort": 61613
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-stomp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's STOMP port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61612,
+ "targetPort": 61612
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-stomp-ssl",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's STOMP SSL port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61616,
+ "targetPort": 61616
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-tcp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's OpenWire port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61617,
+ "targetPort": 61617
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-tcp-ssl",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's OpenWire (SSL) port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-amqp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-mqtt\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-stomp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-amqp-ssl\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-mqtt-ssl\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-stomp-ssl\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Rolling",
+ "rollingParams": {
+ "maxSurge": 0
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-amq"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-amq-63:1.2"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "amq-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-amq",
+ "image": "jboss-amq-63",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "broker-secret-volume",
+ "mountPath": "/etc/amq-secret-volume",
+ "readOnly": true
+ },
+ {
+ "mountPath": "/opt/amq/data",
+ "name": "${APPLICATION_NAME}-amq-pvol"
+ }
+ ],
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/amq/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp",
+ "containerPort": 5672,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp-ssl",
+ "containerPort": 5671,
+ "protocol": "TCP"
+ },
+ {
+ "name": "mqtt",
+ "containerPort": 1883,
+ "protocol": "TCP"
+ },
+ {
+ "name": "mqtt-ssl",
+ "containerPort": 8883,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp",
+ "containerPort": 61613,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp-ssl",
+ "containerPort": 61612,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp",
+ "containerPort": 61616,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp-ssl",
+ "containerPort": 61617,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "AMQ_USER",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "AMQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "AMQ_TRANSPORTS",
+ "value": "${MQ_PROTOCOL}"
+ },
+ {
+ "name": "AMQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "AMQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "${MQ_SERIALIZABLE_PACKAGES}"
+ },
+ {
+ "name": "AMQ_SPLIT",
+ "value": "${AMQ_SPLIT}"
+ },
+ {
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "${AMQ_MESH_DISCOVERY_TYPE}"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-amq-tcp"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "AMQ_KEYSTORE_TRUSTSTORE_DIR",
+ "value": "/etc/amq-secret-volume"
+ },
+ {
+ "name": "AMQ_TRUSTSTORE",
+ "value": "${AMQ_TRUSTSTORE}"
+ },
+ {
+ "name": "AMQ_TRUSTSTORE_PASSWORD",
+ "value": "${AMQ_TRUSTSTORE_PASSWORD}"
+ },
+ {
+ "name": "AMQ_KEYSTORE",
+ "value": "${AMQ_KEYSTORE}"
+ },
+ {
+ "name": "AMQ_KEYSTORE_PASSWORD",
+ "value": "${AMQ_KEYSTORE_PASSWORD}"
+ },
+ {
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "${AMQ_STORAGE_USAGE_LIMIT}"
+ },
+ {
+ "name": "AMQ_QUEUE_MEMORY_LIMIT",
+ "value": "${AMQ_QUEUE_MEMORY_LIMIT}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "broker-secret-volume",
+ "secret": {
+ "secretName": "${AMQ_SECRET}"
+ }
+ },
+ {
+ "name": "${APPLICATION_NAME}-amq-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-amq-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-drainer",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-drainer"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-amq-63:1.2"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-drainer"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-drainer",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-drainer",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-drainer",
+ "image": "jboss-amq-63",
+ "command": [
+ "/opt/amq/bin/drain.sh"
+ ],
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "mountPath": "/opt/amq/data",
+ "name": "${APPLICATION_NAME}-amq-pvol"
+ }
+ ],
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp",
+ "containerPort": 61616,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "AMQ_USER",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "AMQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-amq-tcp"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-amq-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-amq-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteMany"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/amq63-persistent.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/amq63-persistent.json
new file mode 100644
index 000000000..7c0aec61a
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/amq63-persistent.json
@@ -0,0 +1,509 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-amq",
+ "tags": "messaging,amq,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss A-MQ 6.3 (no SSL)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example JBoss A-MQ application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat JBoss A-MQ 6.3 based application, including a deployment configuration and using persistence.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-amq/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "amq63-persistent"
+ },
+ "labels": {
+ "template": "amq63-persistent",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new persistent messaging service has been created in your project. It will handle the protocol(s) \"${MQ_PROTOCOL}\". The username/password for accessing the service is ${MQ_USERNAME}/${MQ_PASSWORD}.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "broker",
+ "required": true
+ },
+ {
+ "displayName": "Split Data?",
+ "description": "Split the data directory for each node in a mesh, this is now the default behaviour.",
+ "name": "AMQ_SPLIT",
+ "value": "true",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Protocols",
+ "description": "Protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`.",
+ "name": "MQ_PROTOCOL",
+ "value": "openwire",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. If left empty, queues will be still created dynamically.",
+ "name": "MQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. If left empty, topics will be still created dynamically.",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Serializable Packages",
+ "description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Volume Size",
+ "description": "Size of the volume used by A-MQ for persisting messages.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "A-MQ Username",
+ "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Password",
+ "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Mesh Discovery Type",
+ "description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "kube",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Storage Limit",
+ "description": "The A-MQ storage usage limit",
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "100 gb",
+ "required": false
+ },
+ {
+ "displayName": "Queue Memory Limit",
+ "description": "The queue memory limit (default is 1mb)",
+ "name": "AMQ_QUEUE_MEMORY_LIMIT",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5672,
+ "targetPort": 5672
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-amqp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's AMQP port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 1883,
+ "targetPort": 1883
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-mqtt",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's MQTT port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61613,
+ "targetPort": 61613
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-stomp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's STOMP port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61616,
+ "targetPort": 61616
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-tcp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's OpenWire port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-amqp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-mqtt\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-stomp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Rolling",
+ "rollingParams": {
+ "maxSurge": 0
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-amq"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-amq-63:1.2"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-amq",
+ "image": "jboss-amq-63",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "mountPath": "/opt/amq/data",
+ "name": "${APPLICATION_NAME}-amq-pvol"
+ }
+ ],
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/amq/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp",
+ "containerPort": 5672,
+ "protocol": "TCP"
+ },
+ {
+ "name": "mqtt",
+ "containerPort": 1883,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp",
+ "containerPort": 61613,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp",
+ "containerPort": 61616,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "AMQ_USER",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "AMQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "AMQ_TRANSPORTS",
+ "value": "${MQ_PROTOCOL}"
+ },
+ {
+ "name": "AMQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "AMQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "${MQ_SERIALIZABLE_PACKAGES}"
+ },
+ {
+ "name": "AMQ_SPLIT",
+ "value": "${AMQ_SPLIT}"
+ },
+ {
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "${AMQ_MESH_DISCOVERY_TYPE}"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-amq-tcp"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "${AMQ_STORAGE_USAGE_LIMIT}"
+ },
+ {
+ "name": "AMQ_QUEUE_MEMORY_LIMIT",
+ "value": "${AMQ_QUEUE_MEMORY_LIMIT}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-amq-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-amq-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-drainer",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-drainer"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-amq-63:1.2"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-drainer"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-drainer",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-drainer",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-drainer",
+ "image": "jboss-amq-63",
+ "command": [
+ "/opt/amq/bin/drain.sh"
+ ],
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "mountPath": "/opt/amq/data",
+ "name": "${APPLICATION_NAME}-amq-pvol"
+ }
+ ],
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp",
+ "containerPort": 61616,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "AMQ_USER",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "AMQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-amq-tcp"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-amq-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-amq-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteMany"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/amq63-ssl.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/amq63-ssl.json
new file mode 100644
index 000000000..a55403c79
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/amq63-ssl.json
@@ -0,0 +1,536 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-amq",
+ "tags": "messaging,amq,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss A-MQ 6.3 (Ephemeral with SSL)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example JBoss A-MQ application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat JBoss A-MQ 6.2 based application, including a deployment configuration, using ephemeral (temporary) storage and secure communication using SSL. These can be deployed as standalone or in a mesh.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-amq/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "amq63-ssl"
+ },
+ "labels": {
+ "template": "amq63-ssl",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new messaging service with SSL support has been created in your project. It will handle the protocol(s) \"${MQ_PROTOCOL}\". The username/password for accessing the service is ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"amq-service-account\" service account and a secret named \"${AMQ_SECRET}\" containing the trust store and key store files (\"${AMQ_TRUSTSTORE}\" and \"${AMQ_KEYSTORE}\") used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "broker",
+ "required": true
+ },
+ {
+ "displayName": "A-MQ Protocols",
+ "description": "Protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. SSL variants of these protocols will be configured automaticaly.",
+ "name": "MQ_PROTOCOL",
+ "value": "openwire",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. If left empty, queues will be still created dynamically.",
+ "name": "MQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. If left empty, topics will be still created dynamically.",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Serializable Packages",
+ "description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Username",
+ "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Password",
+ "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "Name of a secret containing SSL related files",
+ "name": "AMQ_SECRET",
+ "value": "amq-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Trust Store Filename",
+ "description": "SSL trust store filename",
+ "name": "AMQ_TRUSTSTORE",
+ "value": "broker.ts",
+ "required": true
+ },
+ {
+ "displayName": "Trust Store Password",
+ "description": "SSL trust store password",
+ "name": "AMQ_TRUSTSTORE_PASSWORD",
+ "value": "",
+ "required": true
+ },
+ {
+ "displayName": "A-MQ Keystore Filename",
+ "description": "SSL key store filename",
+ "name": "AMQ_KEYSTORE",
+ "value": "broker.ks",
+ "required": true
+ },
+ {
+ "displayName": "A-MQ Keystore Password",
+ "description": "Password for accessing SSL keystore",
+ "name": "AMQ_KEYSTORE_PASSWORD",
+ "value": "",
+ "required": true
+ },
+ {
+ "displayName": "A-MQ Mesh Discovery Type",
+ "description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "kube",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Storage Limit",
+ "description": "The A-MQ storage usage limit",
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "100 gb",
+ "required": false
+ },
+ {
+ "displayName": "Queue Memory Limit",
+ "description": "The queue memory limit (default is 1mb)",
+ "name": "AMQ_QUEUE_MEMORY_LIMIT",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5672,
+ "targetPort": 5672
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-amqp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's AMQP port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5671,
+ "targetPort": 5671
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-amqp-ssl",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's AMQP SSL port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 1883,
+ "targetPort": 1883
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-mqtt",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's MQTT port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8883,
+ "targetPort": 8883
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-mqtt-ssl",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's MQTT SSL port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61613,
+ "targetPort": 61613
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-stomp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's STOMP port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61612,
+ "targetPort": 61612
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-stomp-ssl",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's STOMP SSL port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61616,
+ "targetPort": 61616
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-tcp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's OpenWire port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61617,
+ "targetPort": 61617
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-tcp-ssl",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's OpenWire (SSL) port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-amqp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-mqtt\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-stomp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-amqp-ssl\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-mqtt-ssl\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-stomp-ssl\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Rolling",
+ "rollingParams": {
+ "maxSurge": 0
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-amq"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-amq-63:1.2"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "amq-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-amq",
+ "image": "jboss-amq-63",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "broker-secret-volume",
+ "mountPath": "/etc/amq-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/amq/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp",
+ "containerPort": 5672,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp-ssl",
+ "containerPort": 5671,
+ "protocol": "TCP"
+ },
+ {
+ "name": "mqtt",
+ "containerPort": 1883,
+ "protocol": "TCP"
+ },
+ {
+ "name": "mqtt-ssl",
+ "containerPort": 8883,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp",
+ "containerPort": 61613,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp-ssl",
+ "containerPort": 61612,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp",
+ "containerPort": 61616,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp-ssl",
+ "containerPort": 61617,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "AMQ_USER",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "AMQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "AMQ_TRANSPORTS",
+ "value": "${MQ_PROTOCOL}"
+ },
+ {
+ "name": "AMQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "AMQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "${MQ_SERIALIZABLE_PACKAGES}"
+ },
+ {
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "${AMQ_MESH_DISCOVERY_TYPE}"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-amq-tcp"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "AMQ_KEYSTORE_TRUSTSTORE_DIR",
+ "value": "/etc/amq-secret-volume"
+ },
+ {
+ "name": "AMQ_TRUSTSTORE",
+ "value": "${AMQ_TRUSTSTORE}"
+ },
+ {
+ "name": "AMQ_TRUSTSTORE_PASSWORD",
+ "value": "${AMQ_TRUSTSTORE_PASSWORD}"
+ },
+ {
+ "name": "AMQ_KEYSTORE",
+ "value": "${AMQ_KEYSTORE}"
+ },
+ {
+ "name": "AMQ_KEYSTORE_PASSWORD",
+ "value": "${AMQ_KEYSTORE_PASSWORD}"
+ },
+ {
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "${AMQ_STORAGE_USAGE_LIMIT}"
+ },
+ {
+ "name": "AMQ_QUEUE_MEMORY_LIMIT",
+ "value": "${AMQ_QUEUE_MEMORY_LIMIT}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "broker-secret-volume",
+ "secret": {
+ "secretName": "${AMQ_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/datagrid65-basic.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/datagrid65-basic.json
new file mode 100644
index 000000000..af390c13d
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/datagrid65-basic.json
@@ -0,0 +1,373 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-datagrid",
+ "description": "Application template for JDG 6.5 applications.",
+ "tags": "datagrid,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Data Grid 6.5 (Ephemeral, no https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc."
+ },
+ "name": "datagrid65-basic"
+ },
+ "labels": {
+ "template": "datagrid65-basic",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new data grid service has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\".",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "datagrid-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Username",
+ "description": "User name for JDG user.",
+ "name": "USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Password",
+ "description": "The password to access the JDG Caches. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s). (optional)",
+ "name": "PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Infinispan Connectors",
+ "description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')",
+ "name": "INFINISPAN_CONNECTORS",
+ "value": "hotrod,memcached,rest",
+ "required": false
+ },
+ {
+ "displayName": "Cache Names",
+ "description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configured for each entry.",
+ "name": "CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datavirt Cache Names",
+ "description": "Comma-separated list of caches to configure for use by Red Hat JBoss Data Virtualization for materialization of views. Three caches will be created for each named cache: <name>, <name>_staging and <name>_alias.",
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Default Cache Type",
+ "description": "Default cache type for all caches. If empty then distributed will be the default",
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Encryption Requires SSL Client Authentication?",
+ "description": "",
+ "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Memcached Cache Name",
+ "description": "The name of the cache to expose through this memcached connector (defaults to 'default')",
+ "name": "MEMCACHED_CACHE",
+ "value": "default",
+ "required": false
+ },
+ {
+ "displayName": "REST Security Domain",
+ "description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint",
+ "name": "REST_SECURITY_DOMAIN",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTP port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 11211,
+ "targetPort": 11211
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-memcached",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Memcached service for clustered applications."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 11333,
+ "targetPort": 11333
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-hotrod",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Hot Rod service for clustered applications."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTP service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-datagrid65-openshift:1.5"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "jboss-datagrid65-openshift",
+ "imagePullPolicy": "Always",
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/datagrid/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/datagrid/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ },
+ {
+ "name": "memcached",
+ "containerPort": 11211,
+ "protocol": "TCP"
+ },
+ {
+ "name": "hotrod-internal",
+ "containerPort": 11222,
+ "protocol": "TCP"
+ },
+ {
+ "name": "hotrod",
+ "containerPort": 11333,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "USERNAME",
+ "value": "${USERNAME}"
+ },
+ {
+ "name": "PASSWORD",
+ "value": "${PASSWORD}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "INFINISPAN_CONNECTORS",
+ "value": "${INFINISPAN_CONNECTORS}"
+ },
+ {
+ "name": "CACHE_NAMES",
+ "value": "${CACHE_NAMES}"
+ },
+ {
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "${DATAVIRT_CACHE_NAMES}"
+ },
+ {
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "${CACHE_TYPE_DEFAULT}"
+ },
+ {
+ "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
+ "value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}"
+ },
+ {
+ "name": "HOTROD_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-hotrod"
+ },
+ {
+ "name": "MEMCACHED_CACHE",
+ "value": "${MEMCACHED_CACHE}"
+ },
+ {
+ "name": "REST_SECURITY_DOMAIN",
+ "value": "${REST_SECURITY_DOMAIN}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/datagrid65-https.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/datagrid65-https.json
new file mode 100644
index 000000000..97d02c788
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/datagrid65-https.json
@@ -0,0 +1,555 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-datagrid",
+ "description": "Application template for JDG 6.5 applications.",
+ "tags": "datagrid,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Data Grid 6.5 (Ephemeral with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc."
+ },
+ "name": "datagrid65-https"
+ },
+ "labels": {
+ "template": "datagrid65-https",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new data grid service has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\". Please be sure to create the \"datagrid-service-account\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "datagrid-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Username",
+ "description": "User name for JDG user.",
+ "name": "USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Password",
+ "description": "The password to access the JDG Caches. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s). (optional)",
+ "name": "PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "datagrid-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Infinispan Connectors",
+ "description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')",
+ "name": "INFINISPAN_CONNECTORS",
+ "value": "hotrod,memcached,rest",
+ "required": false
+ },
+ {
+ "displayName": "Cache Names",
+ "description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configured for each entry.",
+ "name": "CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datavirt Cache Names",
+ "description": "Comma-separated list of caches to configure for use by Red Hat JBoss Data Virtualization for materialization of views. Three caches will be created for each named cache: <name>, <name>_staging and <name>_alias.",
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Default Cache Type",
+ "description": "Default cache type for all caches. If empty then distributed will be the default",
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Encryption Requires SSL Client Authentication?",
+ "description": "",
+ "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Memcached Cache Name",
+ "description": "The name of the cache to expose through this memcached connector (defaults to 'default')",
+ "name": "MEMCACHED_CACHE",
+ "value": "default",
+ "required": false
+ },
+ {
+ "displayName": "REST Security Domain",
+ "description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint",
+ "name": "REST_SECURITY_DOMAIN",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "datagrid-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTP port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTPS port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 11211,
+ "targetPort": 11211
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-memcached",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Memcached service for clustered applications."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 11333,
+ "targetPort": 11333
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-hotrod",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Hot Rod service for clustered applications."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTP service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTPS service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-datagrid65-openshift:1.5"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "datagrid-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "jboss-datagrid65-openshift",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "datagrid-keystore-volume",
+ "mountPath": "/etc/datagrid-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "datagrid-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/datagrid/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/datagrid/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ },
+ {
+ "name": "memcached",
+ "containerPort": 11211,
+ "protocol": "TCP"
+ },
+ {
+ "name": "hotrod-internal",
+ "containerPort": 11222,
+ "protocol": "TCP"
+ },
+ {
+ "name": "hotrod",
+ "containerPort": 11333,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "USERNAME",
+ "value": "${USERNAME}"
+ },
+ {
+ "name": "PASSWORD",
+ "value": "${PASSWORD}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/datagrid-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "INFINISPAN_CONNECTORS",
+ "value": "${INFINISPAN_CONNECTORS}"
+ },
+ {
+ "name": "CACHE_NAMES",
+ "value": "${CACHE_NAMES}"
+ },
+ {
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "${DATAVIRT_CACHE_NAMES}"
+ },
+ {
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "${CACHE_TYPE_DEFAULT}"
+ },
+ {
+ "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
+ "value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}"
+ },
+ {
+ "name": "HOTROD_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-hotrod"
+ },
+ {
+ "name": "MEMCACHED_CACHE",
+ "value": "${MEMCACHED_CACHE}"
+ },
+ {
+ "name": "REST_SECURITY_DOMAIN",
+ "value": "${REST_SECURITY_DOMAIN}"
+ },
+ {
+ "name": "HOTROD_ENCRYPTION",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "datagrid-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "datagrid-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/datagrid65-mysql-persistent.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/datagrid65-mysql-persistent.json
new file mode 100644
index 000000000..018132668
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/datagrid65-mysql-persistent.json
@@ -0,0 +1,860 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-datagrid",
+ "tags": "datagrid,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Data Grid 6.5 + MySQL (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example JBoss Data Grid application with a MySQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat JBoss Data Grid 6.5 based application, including a deployment configuration, using MySQL databased using persistence and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-data-grid/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "datagrid65-mysql-persistent"
+ },
+ "labels": {
+ "template": "datagrid65-mysql-persistent",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new data grid service (using MySQL with persistent storage) has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\". The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"datagrid-service-account\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "datagrid-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Username",
+ "description": "User name for JDG user.",
+ "name": "USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Password",
+ "description": "The password to access the JDG Caches. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s). (optional)",
+ "name": "PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "datagrid-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
+ "name": "DB_JNDI",
+ "value": "java:/jboss/datasources/mysql",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Lower Case Table Names",
+ "description": "Sets how the table names are stored and compared.",
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Maximum number of connections",
+ "description": "The maximum permitted number of simultaneous client connections.",
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Minimum Word Length",
+ "description": "The minimum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Maximum Word Length",
+ "description": "The maximum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL AIO",
+ "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
+ "name": "MYSQL_AIO",
+ "required": false
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Infinispan Connectors",
+ "description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')",
+ "name": "INFINISPAN_CONNECTORS",
+ "value": "hotrod,memcached,rest",
+ "required": false
+ },
+ {
+ "displayName": "Cache Names",
+ "description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configured for each entry.",
+ "name": "CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datavirt Cache Names",
+ "description": "Comma-separated list of caches to configure for use by Red Hat JBoss Data Virtualization for materialization of views. Three caches will be created for each named cache: <name>, <name>_staging and <name>_alias.",
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Default Cache Type",
+ "description": "Default cache type for all caches. If empty then distributed will be the default",
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Encryption Requires SSL Client Authentication?",
+ "description": "",
+ "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Memcached Cache Name",
+ "description": "The name of the cache to expose through this memcached connector (defaults to 'default')",
+ "name": "MEMCACHED_CACHE",
+ "value": "default",
+ "required": false
+ },
+ {
+ "displayName": "REST Security Domain",
+ "description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint",
+ "name": "REST_SECURITY_DOMAIN",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "datagrid-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 11211,
+ "targetPort": 11211
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-memcached",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Memcached service for clustered applications.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 11333,
+ "targetPort": 11333
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-hotrod",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Hot Rod service for clustered applications.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTP service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTPS service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-datagrid65-openshift:1.5"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "datagrid-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "jboss-datagrid65-openshift",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "datagrid-keystore-volume",
+ "mountPath": "/etc/datagrid-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "datagrid-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/datagrid/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/datagrid/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ },
+ {
+ "name": "memcached",
+ "containerPort": 11211,
+ "protocol": "TCP"
+ },
+ {
+ "name": "hotrod-internal",
+ "containerPort": 11222,
+ "protocol": "TCP"
+ },
+ {
+ "name": "hotrod",
+ "containerPort": 11333,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "USERNAME",
+ "value": "${USERNAME}"
+ },
+ {
+ "name": "PASSWORD",
+ "value": "${PASSWORD}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/datagrid-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "DEFAULT_JDBC_STORE_TYPE",
+ "value": "string"
+ },
+ {
+ "name": "DEFAULT_JDBC_STORE_DATASOURCE",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "MEMCACHED_JDBC_STORE_TYPE",
+ "value": "string"
+ },
+ {
+ "name": "MEMCACHED_JDBC_STORE_DATASOURCE",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "INFINISPAN_CONNECTORS",
+ "value": "${INFINISPAN_CONNECTORS}"
+ },
+ {
+ "name": "CACHE_NAMES",
+ "value": "${CACHE_NAMES}"
+ },
+ {
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "${DATAVIRT_CACHE_NAMES}"
+ },
+ {
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "${CACHE_TYPE_DEFAULT}"
+ },
+ {
+ "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
+ "value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}"
+ },
+ {
+ "name": "HOTROD_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-hotrod"
+ },
+ {
+ "name": "HOTROD_ENCRYPTION",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "MEMCACHED_CACHE",
+ "value": "${MEMCACHED_CACHE}"
+ },
+ {
+ "name": "REST_SECURITY_DOMAIN",
+ "value": "${REST_SECURITY_DOMAIN}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "datagrid-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "datagrid-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mysql",
+ "image": "mysql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/mysql/data",
+ "name": "${APPLICATION_NAME}-mysql-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
+ },
+ {
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "value": "${MYSQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "value": "${MYSQL_FT_MIN_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "value": "${MYSQL_FT_MAX_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_AIO",
+ "value": "${MYSQL_AIO}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-mysql-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-mysql-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/datagrid65-mysql.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/datagrid65-mysql.json
new file mode 100644
index 000000000..1e8ca1b51
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/datagrid65-mysql.json
@@ -0,0 +1,816 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-datagrid",
+ "description": "Application template for JDG 6.5 and MySQL applications.",
+ "tags": "datagrid,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Data Grid 6.5 + MySQL (Ephemeral with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc."
+ },
+ "name": "datagrid65-mysql"
+ },
+ "labels": {
+ "template": "datagrid65-mysql",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new data grid service (using MySQL) has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\". The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"datagrid-service-account\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "datagrid-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Username",
+ "description": "User name for JDG user.",
+ "name": "USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Password",
+ "description": "The password to access the JDG Caches. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s). (optional)",
+ "name": "PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "datagrid-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
+ "name": "DB_JNDI",
+ "value": "java:/jboss/datasources/mysql",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Lower Case Table Names",
+ "description": "Sets how the table names are stored and compared.",
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Maximum number of connections",
+ "description": "The maximum permitted number of simultaneous client connections.",
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Minimum Word Length",
+ "description": "The minimum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Maximum Word Length",
+ "description": "The maximum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL AIO",
+ "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
+ "name": "MYSQL_AIO",
+ "required": false
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Infinispan Connectors",
+ "description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')",
+ "name": "INFINISPAN_CONNECTORS",
+ "value": "hotrod,memcached,rest",
+ "required": false
+ },
+ {
+ "displayName": "Cache Names",
+ "description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configured for each entry.",
+ "name": "CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datavirt Cache Names",
+ "description": "Comma-separated list of caches to configure for use by Red Hat JBoss Data Virtualization for materialization of views. Three caches will be created for each named cache: <name>, <name>_staging and <name>_alias.",
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Default Cache Type",
+ "description": "Default cache type for all caches. If empty then distributed will be the default",
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Encryption Requires SSL Client Authentication?",
+ "description": "",
+ "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Memcached Cache Name",
+ "description": "The name of the cache to expose through this memcached connector (defaults to 'default')",
+ "name": "MEMCACHED_CACHE",
+ "value": "default",
+ "required": false
+ },
+ {
+ "displayName": "REST Security Domain",
+ "description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint",
+ "name": "REST_SECURITY_DOMAIN",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "datagrid-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 11211,
+ "targetPort": 11211
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-memcached",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Memcached service for clustered applications.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 11333,
+ "targetPort": 11333
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-hotrod",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Hot Rod service for clustered applications.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTP service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTPS service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-datagrid65-openshift:1.5"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "datagrid-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "jboss-datagrid65-openshift",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "datagrid-keystore-volume",
+ "mountPath": "/etc/datagrid-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "datagrid-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/datagrid/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/datagrid/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ },
+ {
+ "name": "memcached",
+ "containerPort": 11211,
+ "protocol": "TCP"
+ },
+ {
+ "name": "hotrod-internal",
+ "containerPort": 11222,
+ "protocol": "TCP"
+ },
+ {
+ "name": "hotrod",
+ "containerPort": 11333,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "USERNAME",
+ "value": "${USERNAME}"
+ },
+ {
+ "name": "PASSWORD",
+ "value": "${PASSWORD}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/datagrid-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "DEFAULT_JDBC_STORE_TYPE",
+ "value": "string"
+ },
+ {
+ "name": "DEFAULT_JDBC_STORE_DATASOURCE",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "MEMCACHED_JDBC_STORE_TYPE",
+ "value": "string"
+ },
+ {
+ "name": "MEMCACHED_JDBC_STORE_DATASOURCE",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "INFINISPAN_CONNECTORS",
+ "value": "${INFINISPAN_CONNECTORS}"
+ },
+ {
+ "name": "CACHE_NAMES",
+ "value": "${CACHE_NAMES}"
+ },
+ {
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "${DATAVIRT_CACHE_NAMES}"
+ },
+ {
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "${CACHE_TYPE_DEFAULT}"
+ },
+ {
+ "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
+ "value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}"
+ },
+ {
+ "name": "HOTROD_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-hotrod"
+ },
+ {
+ "name": "HOTROD_ENCRYPTION",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "MEMCACHED_CACHE",
+ "value": "${MEMCACHED_CACHE}"
+ },
+ {
+ "name": "REST_SECURITY_DOMAIN",
+ "value": "${REST_SECURITY_DOMAIN}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "datagrid-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "datagrid-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mysql",
+ "image": "mysql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
+ },
+ {
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "value": "${MYSQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "value": "${MYSQL_FT_MIN_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "value": "${MYSQL_FT_MAX_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_AIO",
+ "value": "${MYSQL_AIO}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/datagrid65-postgresql-persistent.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/datagrid65-postgresql-persistent.json
new file mode 100644
index 000000000..4a1d818c9
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/datagrid65-postgresql-persistent.json
@@ -0,0 +1,833 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-datagrid",
+ "description": "Application template for JDG 6.5 and PostgreSQL applications with persistent storage.",
+ "tags": "datagrid,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Data Grid 6.5 + PostgreSQL (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example JBoss Data Grid application with a PostgreSQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat JBoss Data Grid 6.5 based application, including a deployment configuration, using PostgreSQL database using persistence and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-data-grid/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "datagrid65-postgresql-persistent"
+ },
+ "labels": {
+ "template": "datagrid65-postgresql-persistent",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new data grid service (using PostgreSQL with persistent storage) has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\". The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"datagrid-service-account\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "datagrid-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Username",
+ "description": "User name for JDG user.",
+ "name": "USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Password",
+ "description": "The password to access the JDG Caches. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s). (optional)",
+ "name": "PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "datagrid-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/postgresql",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Maximum number of connections",
+ "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Shared Buffers",
+ "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "required": false
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Infinispan Connectors",
+ "description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')",
+ "name": "INFINISPAN_CONNECTORS",
+ "value": "hotrod,memcached,rest",
+ "required": false
+ },
+ {
+ "displayName": "Cache Names",
+ "description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configured for each entry.",
+ "name": "CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datavirt Cache Names",
+ "description": "Comma-separated list of caches to configure for use by Red Hat JBoss Data Virtualization for materialization of views. Three caches will be created for each named cache: <name>, <name>_staging and <name>_alias.",
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Default Cache Type",
+ "description": "Default cache type for all caches. If empty then distributed will be the default",
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Encryption Requires SSL Client Authentication?",
+ "description": "",
+ "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Memcached Cache Name",
+ "description": "The name of the cache to expose through this memcached connector (defaults to 'default')",
+ "name": "MEMCACHED_CACHE",
+ "value": "default",
+ "required": false
+ },
+ {
+ "displayName": "REST Security Domain",
+ "description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint",
+ "name": "REST_SECURITY_DOMAIN",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "datagrid-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 11211,
+ "targetPort": 11211
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-memcached",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Memcached service for clustered applications."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 11333,
+ "targetPort": 11333
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-hotrod",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Hot Rod service for clustered applications."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTP service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTPS service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-datagrid65-openshift:1.5"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "datagrid-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "jboss-datagrid65-openshift",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "datagrid-keystore-volume",
+ "mountPath": "/etc/datagrid-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "datagrid-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/datagrid/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/datagrid/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ },
+ {
+ "name": "memcached",
+ "containerPort": 11211,
+ "protocol": "TCP"
+ },
+ {
+ "name": "hotrod-internal",
+ "containerPort": 11222,
+ "protocol": "TCP"
+ },
+ {
+ "name": "hotrod",
+ "containerPort": 11333,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "USERNAME",
+ "value": "${USERNAME}"
+ },
+ {
+ "name": "PASSWORD",
+ "value": "${PASSWORD}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/datagrid-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "DEFAULT_JDBC_STORE_TYPE",
+ "value": "string"
+ },
+ {
+ "name": "DEFAULT_JDBC_STORE_DATASOURCE",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "MEMCACHED_JDBC_STORE_TYPE",
+ "value": "string"
+ },
+ {
+ "name": "MEMCACHED_JDBC_STORE_DATASOURCE",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "INFINISPAN_CONNECTORS",
+ "value": "${INFINISPAN_CONNECTORS}"
+ },
+ {
+ "name": "CACHE_NAMES",
+ "value": "${CACHE_NAMES}"
+ },
+ {
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "${DATAVIRT_CACHE_NAMES}"
+ },
+ {
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "${CACHE_TYPE_DEFAULT}"
+ },
+ {
+ "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
+ "value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}"
+ },
+ {
+ "name": "HOTROD_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-hotrod"
+ },
+ {
+ "name": "HOTROD_ENCRYPTION",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "MEMCACHED_CACHE",
+ "value": "${MEMCACHED_CACHE}"
+ },
+ {
+ "name": "REST_SECURITY_DOMAIN",
+ "value": "${REST_SECURITY_DOMAIN}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "datagrid-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "datagrid-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "image": "postgresql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/pgsql/data",
+ "name": "${APPLICATION_NAME}-postgresql-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_PREPARED_TRANSACTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-postgresql-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/datagrid65-postgresql.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/datagrid65-postgresql.json
new file mode 100644
index 000000000..d97bdfa75
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/datagrid65-postgresql.json
@@ -0,0 +1,788 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-datagrid",
+ "description": "Application template for JDG 6.5 and PostgreSQL applications built using.",
+ "tags": "datagrid,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Data Grid 6.5 + PostgreSQL (Ephemeral with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc."
+ },
+ "name": "datagrid65-postgresql"
+ },
+ "labels": {
+ "template": "datagrid65-postgresql",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new data grid service (using PostgreSQL) has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\". The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"datagrid-service-account\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "datagrid-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Username",
+ "description": "User name for JDG user.",
+ "name": "USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Password",
+ "description": "The password to access the JDG Caches. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s). (optional)",
+ "name": "PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "datagrid-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/postgresql",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Maximum number of connections",
+ "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Shared Buffers",
+ "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "required": false
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Infinispan Connectors",
+ "description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')",
+ "name": "INFINISPAN_CONNECTORS",
+ "value": "hotrod,memcached,rest",
+ "required": false
+ },
+ {
+ "displayName": "Cache Names",
+ "description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configurd for each entry.",
+ "name": "CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datavirt Cache Names",
+ "description": "Comma-separated list of caches to configure for use by Red Hat JBoss Data Virtualization for materialization of views. Three caches will be created for each named cache: <name>, <name>_staging and <name>_alias.",
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Default Cache Type",
+ "description": "Default cache type for all caches. If empty then distributed will be the default",
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Encryption Requires SSL Client Authentication?",
+ "description": "",
+ "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Memcached Cache Name",
+ "description": "The name of the cache to expose through this memcached connector (defaults to 'default')",
+ "name": "MEMCACHED_CACHE",
+ "value": "default",
+ "required": false
+ },
+ {
+ "displayName": "REST Security Domain",
+ "description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint",
+ "name": "REST_SECURITY_DOMAIN",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "datagrid-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 11211,
+ "targetPort": 11211
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-memcached",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Memcached service for clustered applications."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 11333,
+ "targetPort": 11333
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-hotrod",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Hot Rod service for clustered applications."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTP service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTPS service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-datagrid65-openshift:1.5"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "datagrid-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "jboss-datagrid65-openshift",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "datagrid-keystore-volume",
+ "mountPath": "/etc/datagrid-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "datagrid-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/datagrid/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/datagrid/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ },
+ {
+ "name": "memcached",
+ "containerPort": 11211,
+ "protocol": "TCP"
+ },
+ {
+ "name": "hotrod-internal",
+ "containerPort": 11222,
+ "protocol": "TCP"
+ },
+ {
+ "name": "hotrod",
+ "containerPort": 11333,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "USERNAME",
+ "value": "${USERNAME}"
+ },
+ {
+ "name": "PASSWORD",
+ "value": "${PASSWORD}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/datagrid-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "DEFAULT_JDBC_STORE_TYPE",
+ "value": "string"
+ },
+ {
+ "name": "DEFAULT_JDBC_STORE_DATASOURCE",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "MEMCACHED_JDBC_STORE_TYPE",
+ "value": "string"
+ },
+ {
+ "name": "MEMCACHED_JDBC_STORE_DATASOURCE",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "INFINISPAN_CONNECTORS",
+ "value": "${INFINISPAN_CONNECTORS}"
+ },
+ {
+ "name": "CACHE_NAMES",
+ "value": "${CACHE_NAMES}"
+ },
+ {
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "${DATAVIRT_CACHE_NAMES}"
+ },
+ {
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "${CACHE_TYPE_DEFAULT}"
+ },
+ {
+ "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
+ "value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}"
+ },
+ {
+ "name": "HOTROD_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-hotrod"
+ },
+ {
+ "name": "HOTROD_ENCRYPTION",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "MEMCACHED_CACHE",
+ "value": "${MEMCACHED_CACHE}"
+ },
+ {
+ "name": "REST_SECURITY_DOMAIN",
+ "value": "${REST_SECURITY_DOMAIN}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "datagrid-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "datagrid-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "image": "postgresql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_PREPARED_TRANSACTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/datagrid71-basic.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/datagrid71-basic.json
new file mode 100644
index 000000000..d4b83da34
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/datagrid71-basic.json
@@ -0,0 +1,420 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-datagrid",
+ "tags": "datagrid,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Data Grid 7.1 (Ephemeral, no https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example JBoss Data Grid application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat JBoss Data Grid 7.1 based application, including a deployment configuration, using using ephemeral (temporary) storage and communication using http.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-data-grid/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "datagrid71-basic"
+ },
+ "labels": {
+ "template": "datagrid71-basic",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new data grid service has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\".",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "datagrid-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Username",
+ "description": "User name for JDG user.",
+ "name": "USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Password",
+ "description": "The password to access the JDG Caches. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s). (optional)",
+ "name": "PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JDG User Roles/Groups",
+ "description": "Comma delimited list of roles/groups associated with the JDG user",
+ "name": "ADMIN_GROUP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Hotrod Authentication",
+ "description": "Enable Hotrod Authentication",
+ "name": "HOTROD_AUTHENTICATION",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Container Security Role Mapper",
+ "description": "Defines which role mapper to use for cache authentication",
+ "name": "CONTAINER_SECURITY_ROLE_MAPPER",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Container Security Roles",
+ "description": "Comma delimited list of role names and assigned permissions",
+ "name": "CONTAINER_SECURITY_ROLES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Infinispan Connectors",
+ "description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')",
+ "name": "INFINISPAN_CONNECTORS",
+ "value": "hotrod,memcached,rest",
+ "required": false
+ },
+ {
+ "displayName": "Cache Names",
+ "description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configured for each entry.",
+ "name": "CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datavirt Cache Names",
+ "description": "Comma-separated list of caches to configure for use by Red Hat JBoss Data Virtualization for materialization of views. Three caches will be created for each named cache: <name>, <name>_staging and <name>_alias.",
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Default Cache Type",
+ "description": "Default cache type for all caches. If empty then distributed will be the default",
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Encryption Requires SSL Client Authentication?",
+ "description": "",
+ "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Memcached Cache Name",
+ "description": "The name of the cache to expose through this memcached connector (defaults to 'default')",
+ "name": "MEMCACHED_CACHE",
+ "value": "default",
+ "required": false
+ },
+ {
+ "displayName": "REST Security Domain",
+ "description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint",
+ "name": "REST_SECURITY_DOMAIN",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTP port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 11211,
+ "targetPort": 11211
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-memcached",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Memcached service for clustered applications."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 11333,
+ "targetPort": 11333
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-hotrod",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Hot Rod service for clustered applications."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTP service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-datagrid71-openshift:1.1"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "jboss-datagrid71-openshift",
+ "imagePullPolicy": "Always",
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/datagrid/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/datagrid/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ },
+ {
+ "name": "memcached",
+ "containerPort": 11211,
+ "protocol": "TCP"
+ },
+ {
+ "name": "hotrod-internal",
+ "containerPort": 11222,
+ "protocol": "TCP"
+ },
+ {
+ "name": "hotrod",
+ "containerPort": 11333,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "USERNAME",
+ "value": "${USERNAME}"
+ },
+ {
+ "name": "PASSWORD",
+ "value": "${PASSWORD}"
+ },
+ {
+ "name": "ADMIN_GROUP",
+ "value": "${ADMIN_GROUP}"
+ },
+ {
+ "name": "HOTROD_AUTHENTICATION",
+ "value": "${HOTROD_AUTHENTICATION}"
+ },
+ {
+ "name": "CONTAINER_SECURITY_ROLE_MAPPER",
+ "value": "${CONTAINER_SECURITY_ROLE_MAPPER}"
+ },
+ {
+ "name": "CONTAINER_SECURITY_ROLES",
+ "value": "${CONTAINER_SECURITY_ROLES}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "INFINISPAN_CONNECTORS",
+ "value": "${INFINISPAN_CONNECTORS}"
+ },
+ {
+ "name": "CACHE_NAMES",
+ "value": "${CACHE_NAMES}"
+ },
+ {
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "${DATAVIRT_CACHE_NAMES}"
+ },
+ {
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "${CACHE_TYPE_DEFAULT}"
+ },
+ {
+ "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
+ "value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}"
+ },
+ {
+ "name": "HOTROD_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-hotrod"
+ },
+ {
+ "name": "MEMCACHED_CACHE",
+ "value": "${MEMCACHED_CACHE}"
+ },
+ {
+ "name": "REST_SECURITY_DOMAIN",
+ "value": "${REST_SECURITY_DOMAIN}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/datagrid71-https.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/datagrid71-https.json
new file mode 100644
index 000000000..2a46bd3a2
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/datagrid71-https.json
@@ -0,0 +1,602 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-datagrid",
+ "tags": "datagrid,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Data Grid 7.1 (Ephemeral with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example JBoss Data Grid application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat JBoss Data Grid 7.1 based application, including a deployment configuration, using using ephemeral (temporary) storage and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-data-grid/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "datagrid71-https"
+ },
+ "labels": {
+ "template": "datagrid71-https",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new data grid service has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\". Please be sure to create the \"datagrid-service-account\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "datagrid-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Username",
+ "description": "User name for JDG user.",
+ "name": "USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Password",
+ "description": "The password to access the JDG Caches. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s). (optional)",
+ "name": "PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JDG User Roles/Groups",
+ "description": "Comma delimited list of roles/groups associated with the JDG user",
+ "name": "ADMIN_GROUP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Hotrod Authentication",
+ "description": "Enable Hotrod Authentication",
+ "name": "HOTROD_AUTHENTICATION",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Container Security Role Mapper",
+ "description": "Defines which role mapper to use for cache authentication",
+ "name": "CONTAINER_SECURITY_ROLE_MAPPER",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Container Security Roles",
+ "description": "Comma delimited list of role names and assigned permissions",
+ "name": "CONTAINER_SECURITY_ROLES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "datagrid-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Infinispan Connectors",
+ "description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')",
+ "name": "INFINISPAN_CONNECTORS",
+ "value": "hotrod,memcached,rest",
+ "required": false
+ },
+ {
+ "displayName": "Cache Names",
+ "description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configured for each entry.",
+ "name": "CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datavirt Cache Names",
+ "description": "Comma-separated list of caches to configure for use by Red Hat JBoss Data Virtualization for materialization of views. Three caches will be created for each named cache: <name>, <name>_staging and <name>_alias.",
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Default Cache Type",
+ "description": "Default cache type for all caches. If empty then distributed will be the default",
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Encryption Requires SSL Client Authentication?",
+ "description": "",
+ "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Memcached Cache Name",
+ "description": "The name of the cache to expose through this memcached connector (defaults to 'default')",
+ "name": "MEMCACHED_CACHE",
+ "value": "default",
+ "required": false
+ },
+ {
+ "displayName": "REST Security Domain",
+ "description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint",
+ "name": "REST_SECURITY_DOMAIN",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "datagrid-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTP port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTPS port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 11211,
+ "targetPort": 11211
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-memcached",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Memcached service for clustered applications."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 11333,
+ "targetPort": 11333
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-hotrod",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Hot Rod service for clustered applications."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTP service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTPS service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-datagrid71-openshift:1.1"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "datagrid-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "jboss-datagrid71-openshift",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "datagrid-keystore-volume",
+ "mountPath": "/etc/datagrid-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "datagrid-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/datagrid/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/datagrid/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ },
+ {
+ "name": "memcached",
+ "containerPort": 11211,
+ "protocol": "TCP"
+ },
+ {
+ "name": "hotrod-internal",
+ "containerPort": 11222,
+ "protocol": "TCP"
+ },
+ {
+ "name": "hotrod",
+ "containerPort": 11333,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "USERNAME",
+ "value": "${USERNAME}"
+ },
+ {
+ "name": "PASSWORD",
+ "value": "${PASSWORD}"
+ },
+ {
+ "name": "ADMIN_GROUP",
+ "value": "${ADMIN_GROUP}"
+ },
+ {
+ "name": "HOTROD_AUTHENTICATION",
+ "value": "${HOTROD_AUTHENTICATION}"
+ },
+ {
+ "name": "CONTAINER_SECURITY_ROLE_MAPPER",
+ "value": "${CONTAINER_SECURITY_ROLE_MAPPER}"
+ },
+ {
+ "name": "CONTAINER_SECURITY_ROLES",
+ "value": "${CONTAINER_SECURITY_ROLES}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/datagrid-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "INFINISPAN_CONNECTORS",
+ "value": "${INFINISPAN_CONNECTORS}"
+ },
+ {
+ "name": "CACHE_NAMES",
+ "value": "${CACHE_NAMES}"
+ },
+ {
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "${DATAVIRT_CACHE_NAMES}"
+ },
+ {
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "${CACHE_TYPE_DEFAULT}"
+ },
+ {
+ "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
+ "value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}"
+ },
+ {
+ "name": "HOTROD_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-hotrod"
+ },
+ {
+ "name": "HOTROD_ENCRYPTION",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "MEMCACHED_CACHE",
+ "value": "${MEMCACHED_CACHE}"
+ },
+ {
+ "name": "REST_SECURITY_DOMAIN",
+ "value": "${REST_SECURITY_DOMAIN}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "datagrid-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "datagrid-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/datagrid71-mysql-persistent.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/datagrid71-mysql-persistent.json
new file mode 100644
index 000000000..72bdf2037
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/datagrid71-mysql-persistent.json
@@ -0,0 +1,904 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-datagrid",
+ "tags": "datagrid,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Data Grid 7.1 + MySQL (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example JBoss Data Grid application with a MySQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat JBoss Data Grid 7.1 based application, including a deployment configuration, using MySQL databased using persistence and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-data-grid/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "datagrid71-mysql-persistent"
+ },
+ "labels": {
+ "template": "datagrid71-mysql-persistent",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new data grid service (using MySQL with persistent storage) has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\". The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"datagrid-service-account\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "datagrid-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Username",
+ "description": "User name for JDG user.",
+ "name": "USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Password",
+ "description": "The password to access the JDG Caches. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s). (optional)",
+ "name": "PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JDG User Roles/Groups",
+ "description": "Comma delimited list of roles/groups associated with the JDG user",
+ "name": "ADMIN_GROUP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Hotrod Authentication",
+ "description": "Enable Hotrod Authentication",
+ "name": "HOTROD_AUTHENTICATION",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Container Security Role Mapper",
+ "description": "Defines which role mapper to use for cache authentication",
+ "name": "CONTAINER_SECURITY_ROLE_MAPPER",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Container Security Roles",
+ "description": "Comma delimited list of role names and assigned permissions",
+ "name": "CONTAINER_SECURITY_ROLES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "datagrid-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
+ "name": "DB_JNDI",
+ "value": "java:/jboss/datasources/mysql",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Lower Case Table Names",
+ "description": "Sets how the table names are stored and compared.",
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Maximum number of connections",
+ "description": "The maximum permitted number of simultaneous client connections.",
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Minimum Word Length",
+ "description": "The minimum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Maximum Word Length",
+ "description": "The maximum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL AIO",
+ "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
+ "name": "MYSQL_AIO",
+ "required": false
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Infinispan Connectors",
+ "description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')",
+ "name": "INFINISPAN_CONNECTORS",
+ "value": "hotrod,memcached,rest",
+ "required": false
+ },
+ {
+ "displayName": "Cache Names",
+ "description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configured for each entry.",
+ "name": "CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datavirt Cache Names",
+ "description": "Comma-separated list of caches to configure for use by Red Hat JBoss Data Virtualization for materialization of views. Three caches will be created for each named cache: <name>, <name>_staging and <name>_alias.",
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Default Cache Type",
+ "description": "Default cache type for all caches. If empty then distributed will be the default",
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Encryption Requires SSL Client Authentication?",
+ "description": "",
+ "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Memcached Cache Name",
+ "description": "The name of the cache to expose through this memcached connector (defaults to 'default')",
+ "name": "MEMCACHED_CACHE",
+ "value": "default",
+ "required": false
+ },
+ {
+ "displayName": "REST Security Domain",
+ "description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint",
+ "name": "REST_SECURITY_DOMAIN",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "datagrid-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 11211,
+ "targetPort": 11211
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-memcached",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Memcached service for clustered applications.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 11333,
+ "targetPort": 11333
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-hotrod",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Hot Rod service for clustered applications.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTP service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTPS service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-datagrid71-openshift:1.1"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "datagrid-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "jboss-datagrid71-openshift",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "datagrid-keystore-volume",
+ "mountPath": "/etc/datagrid-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "datagrid-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/datagrid/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/datagrid/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ },
+ {
+ "name": "memcached",
+ "containerPort": 11211,
+ "protocol": "TCP"
+ },
+ {
+ "name": "hotrod-internal",
+ "containerPort": 11222,
+ "protocol": "TCP"
+ },
+ {
+ "name": "hotrod",
+ "containerPort": 11333,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "USERNAME",
+ "value": "${USERNAME}"
+ },
+ {
+ "name": "PASSWORD",
+ "value": "${PASSWORD}"
+ },
+ {
+ "name": "ADMIN_GROUP",
+ "value": "${ADMIN_GROUP}"
+ },
+ {
+ "name": "HOTROD_AUTHENTICATION",
+ "value": "${HOTROD_AUTHENTICATION}"
+ },
+ {
+ "name": "CONTAINER_SECURITY_ROLE_MAPPER",
+ "value": "${CONTAINER_SECURITY_ROLE_MAPPER}"
+ },
+ {
+ "name": "CONTAINER_SECURITY_ROLES",
+ "value": "${CONTAINER_SECURITY_ROLES}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/datagrid-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "DEFAULT_JDBC_STORE_TYPE",
+ "value": "string"
+ },
+ {
+ "name": "DEFAULT_JDBC_STORE_DATASOURCE",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "MEMCACHED_JDBC_STORE_TYPE",
+ "value": "string"
+ },
+ {
+ "name": "MEMCACHED_JDBC_STORE_DATASOURCE",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "INFINISPAN_CONNECTORS",
+ "value": "${INFINISPAN_CONNECTORS}"
+ },
+ {
+ "name": "CACHE_NAMES",
+ "value": "${CACHE_NAMES}"
+ },
+ {
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "${DATAVIRT_CACHE_NAMES}"
+ },
+ {
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "${CACHE_TYPE_DEFAULT}"
+ },
+ {
+ "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
+ "value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}"
+ },
+ {
+ "name": "HOTROD_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-hotrod"
+ },
+ {
+ "name": "HOTROD_ENCRYPTION",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "MEMCACHED_CACHE",
+ "value": "${MEMCACHED_CACHE}"
+ },
+ {
+ "name": "REST_SECURITY_DOMAIN",
+ "value": "${REST_SECURITY_DOMAIN}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "datagrid-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "datagrid-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mysql",
+ "image": "mysql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/mysql/data",
+ "name": "${APPLICATION_NAME}-mysql-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
+ },
+ {
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "value": "${MYSQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "value": "${MYSQL_FT_MIN_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "value": "${MYSQL_FT_MAX_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_AIO",
+ "value": "${MYSQL_AIO}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-mysql-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-mysql-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/datagrid71-mysql.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/datagrid71-mysql.json
new file mode 100644
index 000000000..99f97a7c7
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/datagrid71-mysql.json
@@ -0,0 +1,863 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-datagrid",
+ "tags": "datagrid,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Data Grid 7.1 + MySQL (Ephemeral with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example JBoss Data Grid application with a MySQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat JBoss Data Grid 7.1 based application, including a deployment configuration, using MySQL databased using ephemeral (temporary) storage and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-data-grid/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "datagrid71-mysql"
+ },
+ "labels": {
+ "template": "datagrid71-mysql",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new data grid service (using MySQL) has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\". The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"datagrid-service-account\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "datagrid-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Username",
+ "description": "User name for JDG user.",
+ "name": "USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Password",
+ "description": "The password to access the JDG Caches. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s). (optional)",
+ "name": "PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JDG User Roles/Groups",
+ "description": "Comma delimited list of roles/groups associated with the JDG user",
+ "name": "ADMIN_GROUP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Hotrod Authentication",
+ "description": "Enable Hotrod Authentication",
+ "name": "HOTROD_AUTHENTICATION",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Container Security Role Mapper",
+ "description": "Defines which role mapper to use for cache authentication",
+ "name": "CONTAINER_SECURITY_ROLE_MAPPER",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Container Security Roles",
+ "description": "Comma delimited list of role names and assigned permissions",
+ "name": "CONTAINER_SECURITY_ROLES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "datagrid-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
+ "name": "DB_JNDI",
+ "value": "java:/jboss/datasources/mysql",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Lower Case Table Names",
+ "description": "Sets how the table names are stored and compared.",
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Maximum number of connections",
+ "description": "The maximum permitted number of simultaneous client connections.",
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Minimum Word Length",
+ "description": "The minimum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Maximum Word Length",
+ "description": "The maximum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL AIO",
+ "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
+ "name": "MYSQL_AIO",
+ "required": false
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Infinispan Connectors",
+ "description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')",
+ "name": "INFINISPAN_CONNECTORS",
+ "value": "hotrod,memcached,rest",
+ "required": false
+ },
+ {
+ "displayName": "Cache Names",
+ "description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configured for each entry.",
+ "name": "CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datavirt Cache Names",
+ "description": "Comma-separated list of caches to configure for use by Red Hat JBoss Data Virtualization for materialization of views. Three caches will be created for each named cache: <name>, <name>_staging and <name>_alias.",
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Default Cache Type",
+ "description": "Default cache type for all caches. If empty then distributed will be the default",
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Encryption Requires SSL Client Authentication?",
+ "description": "",
+ "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Memcached Cache Name",
+ "description": "The name of the cache to expose through this memcached connector (defaults to 'default')",
+ "name": "MEMCACHED_CACHE",
+ "value": "default",
+ "required": false
+ },
+ {
+ "displayName": "REST Security Domain",
+ "description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint",
+ "name": "REST_SECURITY_DOMAIN",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "datagrid-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 11211,
+ "targetPort": 11211
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-memcached",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Memcached service for clustered applications.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 11333,
+ "targetPort": 11333
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-hotrod",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Hot Rod service for clustered applications.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTP service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTPS service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-datagrid71-openshift:1.1"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "datagrid-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "jboss-datagrid71-openshift",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "datagrid-keystore-volume",
+ "mountPath": "/etc/datagrid-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "datagrid-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/datagrid/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/datagrid/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ },
+ {
+ "name": "memcached",
+ "containerPort": 11211,
+ "protocol": "TCP"
+ },
+ {
+ "name": "hotrod-internal",
+ "containerPort": 11222,
+ "protocol": "TCP"
+ },
+ {
+ "name": "hotrod",
+ "containerPort": 11333,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "USERNAME",
+ "value": "${USERNAME}"
+ },
+ {
+ "name": "PASSWORD",
+ "value": "${PASSWORD}"
+ },
+ {
+ "name": "ADMIN_GROUP",
+ "value": "${ADMIN_GROUP}"
+ },
+ {
+ "name": "HOTROD_AUTHENTICATION",
+ "value": "${HOTROD_AUTHENTICATION}"
+ },
+ {
+ "name": "CONTAINER_SECURITY_ROLE_MAPPER",
+ "value": "${CONTAINER_SECURITY_ROLE_MAPPER}"
+ },
+ {
+ "name": "CONTAINER_SECURITY_ROLES",
+ "value": "${CONTAINER_SECURITY_ROLES}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/datagrid-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "DEFAULT_JDBC_STORE_TYPE",
+ "value": "string"
+ },
+ {
+ "name": "DEFAULT_JDBC_STORE_DATASOURCE",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "MEMCACHED_JDBC_STORE_TYPE",
+ "value": "string"
+ },
+ {
+ "name": "MEMCACHED_JDBC_STORE_DATASOURCE",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "INFINISPAN_CONNECTORS",
+ "value": "${INFINISPAN_CONNECTORS}"
+ },
+ {
+ "name": "CACHE_NAMES",
+ "value": "${CACHE_NAMES}"
+ },
+ {
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "${DATAVIRT_CACHE_NAMES}"
+ },
+ {
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "${CACHE_TYPE_DEFAULT}"
+ },
+ {
+ "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
+ "value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}"
+ },
+ {
+ "name": "HOTROD_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-hotrod"
+ },
+ {
+ "name": "HOTROD_ENCRYPTION",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "MEMCACHED_CACHE",
+ "value": "${MEMCACHED_CACHE}"
+ },
+ {
+ "name": "REST_SECURITY_DOMAIN",
+ "value": "${REST_SECURITY_DOMAIN}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "datagrid-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "datagrid-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mysql",
+ "image": "mysql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
+ },
+ {
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "value": "${MYSQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "value": "${MYSQL_FT_MIN_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "value": "${MYSQL_FT_MAX_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_AIO",
+ "value": "${MYSQL_AIO}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/datagrid71-partition.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/datagrid71-partition.json
new file mode 100644
index 000000000..baf17dbbb
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/datagrid71-partition.json
@@ -0,0 +1,501 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-datagrid",
+ "tags": "datagrid,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Data Grid 7.1 (Ephemeral, no https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example JBoss Data Grid application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat JBoss Data Grid 7.1 based application, including a deployment configuration, using using ephemeral (temporary) storage and communication using http.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-data-grid/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "datagrid71-partition"
+ },
+ "labels": {
+ "template": "datagrid71-partition",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new data grid service has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\".",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "datagrid-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Username",
+ "description": "User name for JDG user.",
+ "name": "USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Password",
+ "description": "The password to access the JDG Caches. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s). (optional)",
+ "name": "PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Infinispan Connectors",
+ "description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')",
+ "name": "INFINISPAN_CONNECTORS",
+ "value": "hotrod,memcached,rest",
+ "required": false
+ },
+ {
+ "displayName": "Cache Names",
+ "description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configured for each entry.",
+ "name": "CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datavirt Cache Names",
+ "description": "Comma-separated list of caches to configure for use by Red Hat JBoss Data Virtualization for materialization of views. Three caches will be created for each named cache: <name>, <name>_staging and <name>_alias.",
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Default Cache Type",
+ "description": "Default cache type for all caches. If empty then distributed will be the default",
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Encryption Requires SSL Client Authentication?",
+ "description": "",
+ "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Memcached Cache Name",
+ "description": "The name of the cache to expose through this memcached connector (defaults to 'default')",
+ "name": "MEMCACHED_CACHE",
+ "value": "default",
+ "required": false
+ },
+ {
+ "displayName": "ADMIN_GROUP",
+ "description": "Comma delimited list of groups/roles for the Application Realm User",
+ "name": "ADMIN_GROUP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "HOTROD_AUTHENTICATION",
+ "description": "True/False for HotRod Authentication",
+ "name": "HOTROD_AUTHENTICATION",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "CONTAINER_SECURITY_ROLE_MAPPER",
+ "description": "Container Role Mapper",
+ "name": "CONTAINER_SECURITY_ROLE_MAPPER",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "CONTAINER_SECURITY_ROLES",
+ "description": "Comma Delimited List of Container Roles",
+ "name": "CONTAINER_SECURITY_ROLES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "REST Security Domain",
+ "description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint",
+ "name": "REST_SECURITY_DOMAIN",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Datagrid Volume Size",
+ "description": "Size of the volume used by Datagrid for persisting metadata.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "Split Data?",
+ "description": "Split the data directory for each node in a mesh, this is now the default behaviour.",
+ "name": "DATAGRID_SPLIT",
+ "value": "true",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTP port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 11211,
+ "targetPort": 11211
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-memcached",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Memcached service for clustered applications."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 11333,
+ "targetPort": 11333
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-hotrod",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Hot Rod service for clustered applications."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8787,
+ "targetPort": 8787
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-debug",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Hot Rod service for clustered applications."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTP service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-datagrid71-openshift:1.1"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "jboss-datagrid71-openshift",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "mountPath": "/opt/datagrid/standalone/partitioned_data",
+ "name": "${APPLICATION_NAME}-datagrid-pvol"
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/datagrid/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/datagrid/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ },
+ {
+ "name": "memcached",
+ "containerPort": 11211,
+ "protocol": "TCP"
+ },
+ {
+ "name": "hotrod-internal",
+ "containerPort": 11222,
+ "protocol": "TCP"
+ },
+ {
+ "name": "hotrod",
+ "containerPort": 11333,
+ "protocol": "TCP"
+ },
+ {
+ "name": "debug",
+ "containerPort": 8787,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "USERNAME",
+ "value": "${USERNAME}"
+ },
+ {
+ "name": "PASSWORD",
+ "value": "${PASSWORD}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "INFINISPAN_CONNECTORS",
+ "value": "${INFINISPAN_CONNECTORS}"
+ },
+ {
+ "name": "CACHE_NAMES",
+ "value": "${CACHE_NAMES}"
+ },
+ {
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "${DATAVIRT_CACHE_NAMES}"
+ },
+ {
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "${CACHE_TYPE_DEFAULT}"
+ },
+ {
+ "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
+ "value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}"
+ },
+ {
+ "name": "HOTROD_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-hotrod"
+ },
+ {
+ "name": "MEMCACHED_CACHE",
+ "value": "${MEMCACHED_CACHE}"
+ },
+ {
+ "name": "REST_SECURITY_DOMAIN",
+ "value": "${REST_SECURITY_DOMAIN}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "ADMIN_GROUP",
+ "value": "${ADMIN_GROUP}"
+ },
+ {
+ "name": "HOTROD_AUTHENTICATION",
+ "value": "${HOTROD_AUTHENTICATION}"
+ },
+ {
+ "name": "CONTAINER_SECURITY_ROLE_MAPPER",
+ "value": "${CONTAINER_SECURITY_ROLE_MAPPER}"
+ },
+ {
+ "name": "CONTAINER_SECURITY_ROLES",
+ "value": "${CONTAINER_SECURITY_ROLES}"
+ },
+ {
+ "name": "DATAGRID_SPLIT",
+ "value": "${DATAGRID_SPLIT}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-datagrid-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-datagrid-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-datagrid-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteMany"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/datagrid71-postgresql-persistent.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/datagrid71-postgresql-persistent.json
new file mode 100644
index 000000000..5cd6e854a
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/datagrid71-postgresql-persistent.json
@@ -0,0 +1,876 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-datagrid",
+ "tags": "datagrid,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Data Grid 7.1 + PostgreSQL (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example JBoss Data Grid application with a PostgreSQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat JBoss Data Grid 7.1 based application, including a deployment configuration, using PostgreSQL database using persistence and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-data-grid/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "datagrid71-postgresql-persistent"
+ },
+ "labels": {
+ "template": "datagrid71-postgresql-persistent",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new data grid service (using PostgreSQL with persistent storage) has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\". The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"datagrid-service-account\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "datagrid-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Username",
+ "description": "User name for JDG user.",
+ "name": "USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Password",
+ "description": "The password to access the JDG Caches. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s). (optional)",
+ "name": "PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JDG User Roles/Groups",
+ "description": "Comma delimited list of roles/groups associated with the JDG user",
+ "name": "ADMIN_GROUP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Hotrod Authentication",
+ "description": "Enable Hotrod Authentication",
+ "name": "HOTROD_AUTHENTICATION",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Container Security Role Mapper",
+ "description": "Defines which role mapper to use for cache authentication",
+ "name": "CONTAINER_SECURITY_ROLE_MAPPER",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Container Security Roles",
+ "description": "Comma delimited list of role names and assigned permissions",
+ "name": "CONTAINER_SECURITY_ROLES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "datagrid-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/postgresql",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Maximum number of connections",
+ "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Shared Buffers",
+ "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "required": false
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Infinispan Connectors",
+ "description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')",
+ "name": "INFINISPAN_CONNECTORS",
+ "value": "hotrod,memcached,rest",
+ "required": false
+ },
+ {
+ "displayName": "Cache Names",
+ "description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configured for each entry.",
+ "name": "CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datavirt Cache Names",
+ "description": "Comma-separated list of caches to configure for use by Red Hat JBoss Data Virtualization for materialization of views. Three caches will be created for each named cache: <name>, <name>_staging and <name>_alias.",
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Default Cache Type",
+ "description": "Default cache type for all caches. If empty then distributed will be the default",
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Encryption Requires SSL Client Authentication?",
+ "description": "",
+ "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Memcached Cache Name",
+ "description": "The name of the cache to expose through this memcached connector (defaults to 'default')",
+ "name": "MEMCACHED_CACHE",
+ "value": "default",
+ "required": false
+ },
+ {
+ "displayName": "REST Security Domain",
+ "description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint",
+ "name": "REST_SECURITY_DOMAIN",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "datagrid-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 11211,
+ "targetPort": 11211
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-memcached",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Memcached service for clustered applications."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 11333,
+ "targetPort": 11333
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-hotrod",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Hot Rod service for clustered applications."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTP service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTPS service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-datagrid71-openshift:1.1"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "datagrid-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "jboss-datagrid71-openshift",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "datagrid-keystore-volume",
+ "mountPath": "/etc/datagrid-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "datagrid-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/datagrid/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/datagrid/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ },
+ {
+ "name": "memcached",
+ "containerPort": 11211,
+ "protocol": "TCP"
+ },
+ {
+ "name": "hotrod-internal",
+ "containerPort": 11222,
+ "protocol": "TCP"
+ },
+ {
+ "name": "hotrod",
+ "containerPort": 11333,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "USERNAME",
+ "value": "${USERNAME}"
+ },
+ {
+ "name": "PASSWORD",
+ "value": "${PASSWORD}"
+ },
+ {
+ "name": "ADMIN_GROUP",
+ "value": "${ADMIN_GROUP}"
+ },
+ {
+ "name": "HOTROD_AUTHENTICATION",
+ "value": "${HOTROD_AUTHENTICATION}"
+ },
+ {
+ "name": "CONTAINER_SECURITY_ROLE_MAPPER",
+ "value": "${CONTAINER_SECURITY_ROLE_MAPPER}"
+ },
+ {
+ "name": "CONTAINER_SECURITY_ROLES",
+ "value": "${CONTAINER_SECURITY_ROLES}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/datagrid-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "DEFAULT_JDBC_STORE_TYPE",
+ "value": "string"
+ },
+ {
+ "name": "DEFAULT_JDBC_STORE_DATASOURCE",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "MEMCACHED_JDBC_STORE_TYPE",
+ "value": "string"
+ },
+ {
+ "name": "MEMCACHED_JDBC_STORE_DATASOURCE",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "INFINISPAN_CONNECTORS",
+ "value": "${INFINISPAN_CONNECTORS}"
+ },
+ {
+ "name": "CACHE_NAMES",
+ "value": "${CACHE_NAMES}"
+ },
+ {
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "${DATAVIRT_CACHE_NAMES}"
+ },
+ {
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "${CACHE_TYPE_DEFAULT}"
+ },
+ {
+ "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
+ "value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}"
+ },
+ {
+ "name": "HOTROD_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-hotrod"
+ },
+ {
+ "name": "HOTROD_ENCRYPTION",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "MEMCACHED_CACHE",
+ "value": "${MEMCACHED_CACHE}"
+ },
+ {
+ "name": "REST_SECURITY_DOMAIN",
+ "value": "${REST_SECURITY_DOMAIN}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "datagrid-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "datagrid-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "image": "postgresql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/pgsql/data",
+ "name": "${APPLICATION_NAME}-postgresql-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_PREPARED_TRANSACTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-postgresql-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/datagrid71-postgresql.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/datagrid71-postgresql.json
new file mode 100644
index 000000000..505d67750
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/datagrid71-postgresql.json
@@ -0,0 +1,835 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-datagrid",
+ "tags": "datagrid,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Data Grid 7.1 + PostgreSQL (Ephemeral with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example JBoss Data Grid application with a PostgreSQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat JBoss Data Grid 7.1 based application, including a deployment configuration, using PostgreSQL database using ephemeral (temporary) storage and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-data-grid/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "datagrid71-postgresql"
+ },
+ "labels": {
+ "template": "datagrid71-postgresql",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new data grid service (using PostgreSQL) has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\". The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"datagrid-service-account\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "datagrid-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Username",
+ "description": "User name for JDG user.",
+ "name": "USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Password",
+ "description": "The password to access the JDG Caches. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s). (optional)",
+ "name": "PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JDG User Roles/Groups",
+ "description": "Comma delimited list of roles/groups associated with the JDG user",
+ "name": "ADMIN_GROUP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Hotrod Authentication",
+ "description": "Enable Hotrod Authentication",
+ "name": "HOTROD_AUTHENTICATION",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Container Security Role Mapper",
+ "description": "Defines which role mapper to use for cache authentication",
+ "name": "CONTAINER_SECURITY_ROLE_MAPPER",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Container Security Roles",
+ "description": "Comma delimited list of role names and assigned permissions",
+ "name": "CONTAINER_SECURITY_ROLES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "datagrid-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/postgresql",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Maximum number of connections",
+ "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Shared Buffers",
+ "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "required": false
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Infinispan Connectors",
+ "description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')",
+ "name": "INFINISPAN_CONNECTORS",
+ "value": "hotrod,memcached,rest",
+ "required": false
+ },
+ {
+ "displayName": "Cache Names",
+ "description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configurd for each entry.",
+ "name": "CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datavirt Cache Names",
+ "description": "Comma-separated list of caches to configure for use by Red Hat JBoss Data Virtualization for materialization of views. Three caches will be created for each named cache: <name>, <name>_staging and <name>_alias.",
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Default Cache Type",
+ "description": "Default cache type for all caches. If empty then distributed will be the default",
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Encryption Requires SSL Client Authentication?",
+ "description": "",
+ "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Memcached Cache Name",
+ "description": "The name of the cache to expose through this memcached connector (defaults to 'default')",
+ "name": "MEMCACHED_CACHE",
+ "value": "default",
+ "required": false
+ },
+ {
+ "displayName": "REST Security Domain",
+ "description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint",
+ "name": "REST_SECURITY_DOMAIN",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "datagrid-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 11211,
+ "targetPort": 11211
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-memcached",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Memcached service for clustered applications."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 11333,
+ "targetPort": 11333
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-hotrod",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Hot Rod service for clustered applications."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTP service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTPS service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-datagrid71-openshift:1.1"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "datagrid-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "jboss-datagrid71-openshift",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "datagrid-keystore-volume",
+ "mountPath": "/etc/datagrid-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "datagrid-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/datagrid/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/datagrid/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ },
+ {
+ "name": "memcached",
+ "containerPort": 11211,
+ "protocol": "TCP"
+ },
+ {
+ "name": "hotrod-internal",
+ "containerPort": 11222,
+ "protocol": "TCP"
+ },
+ {
+ "name": "hotrod",
+ "containerPort": 11333,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "USERNAME",
+ "value": "${USERNAME}"
+ },
+ {
+ "name": "PASSWORD",
+ "value": "${PASSWORD}"
+ },
+ {
+ "name": "ADMIN_GROUP",
+ "value": "${ADMIN_GROUP}"
+ },
+ {
+ "name": "HOTROD_AUTHENTICATION",
+ "value": "${HOTROD_AUTHENTICATION}"
+ },
+ {
+ "name": "CONTAINER_SECURITY_ROLE_MAPPER",
+ "value": "${CONTAINER_SECURITY_ROLE_MAPPER}"
+ },
+ {
+ "name": "CONTAINER_SECURITY_ROLES",
+ "value": "${CONTAINER_SECURITY_ROLES}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/datagrid-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "DEFAULT_JDBC_STORE_TYPE",
+ "value": "string"
+ },
+ {
+ "name": "DEFAULT_JDBC_STORE_DATASOURCE",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "MEMCACHED_JDBC_STORE_TYPE",
+ "value": "string"
+ },
+ {
+ "name": "MEMCACHED_JDBC_STORE_DATASOURCE",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "INFINISPAN_CONNECTORS",
+ "value": "${INFINISPAN_CONNECTORS}"
+ },
+ {
+ "name": "CACHE_NAMES",
+ "value": "${CACHE_NAMES}"
+ },
+ {
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "${DATAVIRT_CACHE_NAMES}"
+ },
+ {
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "${CACHE_TYPE_DEFAULT}"
+ },
+ {
+ "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
+ "value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}"
+ },
+ {
+ "name": "HOTROD_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-hotrod"
+ },
+ {
+ "name": "HOTROD_ENCRYPTION",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "MEMCACHED_CACHE",
+ "value": "${MEMCACHED_CACHE}"
+ },
+ {
+ "name": "REST_SECURITY_DOMAIN",
+ "value": "${REST_SECURITY_DOMAIN}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "datagrid-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "datagrid-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "image": "postgresql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_PREPARED_TRANSACTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/datavirt63-basic-s2i.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/datavirt63-basic-s2i.json
new file mode 100644
index 000000000..b6885d6f6
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/datavirt63-basic-s2i.json
@@ -0,0 +1,491 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-datavirt",
+ "description": "Application template for JBoss Data Virtualization 6.3 services built using S2I.",
+ "tags": "jdv,datavirt,database,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Data Virtualization 6.3 (no SSL)",
+ "openshift.io/provider-display-name": "Red Hat, Inc."
+ },
+ "name": "datavirt63-basic-s2i"
+ },
+ "labels": {
+ "template": "datavirt63-basic-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new data service has been created in your project. The username/password for accessing the service is ${TEIID_USERNAME}/${TEIID_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the secret named ${CONFIGURATION_NAME} containing the datasource configuration details required by the deployed VDB(s).",
+ "parameters": [
+ {
+ "description": "The name for the application.",
+ "displayName": "Application Name",
+ "name": "APPLICATION_NAME",
+ "value": "datavirt-app",
+ "required": true
+ },
+ {
+ "description": "The name of the secret containing configuration properties for the data sources.",
+ "displayName": "Configuration Secret Name",
+ "name": "CONFIGURATION_NAME",
+ "value": "datavirt-app-config",
+ "required": true
+ },
+ {
+ "description": "Specify a custom hostname for the http route. Leave blank to use default hostname, e.g.: <service-name>-<project>.<default-domain-suffix>",
+ "displayName": "Custom http Route Hostname",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The URL of the repository with your application source code.",
+ "displayName": "Git Repository URL",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch.",
+ "displayName": "Git Reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "master",
+ "required": false
+ },
+ {
+ "description": "Set this to the relative path to your project if it is not in the root of your repository.",
+ "displayName": "Context Directory",
+ "name": "CONTEXT_DIR",
+ "value": "datavirt/dynamicvdb-datafederation/app",
+ "required": false
+ },
+ {
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow usage of the secret specified by CONFIGURATION_NAME.",
+ "displayName": "Service Account Name",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "datavirt-service-account",
+ "required": true
+ },
+ {
+ "description": "Username associated with Teiid data service.",
+ "displayName": "Teiid Username",
+ "name": "TEIID_USERNAME",
+ "from": "[\\a]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Password for Teiid user.",
+ "displayName": "Teiid User Password",
+ "name": "TEIID_PASSWORD",
+ "from": "[\\a\\A]{8}[\\d]{1}[\\A]{1}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Username associated with ModeShape.",
+ "displayName": "ModeShape Username",
+ "name": "MODESHAPE_USERNAME",
+ "from": "[\\a]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Password for ModeShape user.",
+ "displayName": "ModeShape User Password",
+ "name": "MODESHAPE_PASSWORD",
+ "from": "[\\a\\A]{8}[\\d]{1}[\\A]{1}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "A secret string used to configure the GitHub webhook.",
+ "displayName": "Github Webhook Secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "A secret string used to configure the Generic webhook.",
+ "displayName": "Generic Webhook Secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "displayName": "ImageStream Namespace",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "description": "Password used by JGroups to authenticate nodes in the cluster.",
+ "displayName": "JGroups Cluster Password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "displayName": "Deploy Exploded Archives",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "description": "Comma delimited list of source directories containing VDBs for deployment",
+ "displayName": "VDB Deployment Directories",
+ "name": "VDB_DIRS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Artifact Directories",
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "name": "http",
+ "port": 8080,
+ "targetPort": "http"
+ },
+ {
+ "name": "jdbc",
+ "port": 31000,
+ "targetPort": "jdbc"
+ },
+ {
+ "name": "odbc",
+ "port": 35432,
+ "targetPort": "odbc"
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The data virtualization services."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http (REST) service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "port": {
+ "targetPort": "http"
+ },
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}",
+ "images": [
+ {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-datagrid65-client-openshift:1.1"
+ },
+ "paths": [
+ {
+ "destinationDir": "./${CONTEXT_DIR}/extensions/datagrid65",
+ "sourcePath": "/extensions/."
+ }
+ ]
+ }
+ ]
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-datavirt63-openshift:1.3"
+ },
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "CUSTOM_INSTALL_DIRECTORIES",
+ "value": "extensions/*"
+ },
+ {
+ "name": "VDB_DIRS",
+ "value": "${VDB_DIRS}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ]
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "jboss-datagrid65-client-openshift:1.1"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "configuration",
+ "mountPath": "/etc/datavirt-environment",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "jdbc",
+ "containerPort": 31000,
+ "protocol": "TCP"
+ },
+ {
+ "name": "odbc",
+ "containerPort": 35432,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ },
+ {
+ "name": "TEIID_USERNAME",
+ "value": "${TEIID_USERNAME}"
+ },
+ {
+ "name": "TEIID_PASSWORD",
+ "value": "${TEIID_PASSWORD}"
+ },
+ {
+ "name": "MODESHAPE_USERNAME",
+ "value": "${MODESHAPE_USERNAME}"
+ },
+ {
+ "name": "MODESHAPE_PASSWORD",
+ "value": "${MODESHAPE_PASSWORD}"
+ },
+ {
+ "name": "ENV_FILES",
+ "value": "/etc/datavirt-environment/*"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "configuration",
+ "secret": {
+ "secretName": "${CONFIGURATION_NAME}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/datavirt63-extensions-support-s2i.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/datavirt63-extensions-support-s2i.json
new file mode 100644
index 000000000..a06f714a7
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/datavirt63-extensions-support-s2i.json
@@ -0,0 +1,844 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-datavirt",
+ "tags": "jdv,datavirt,database,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Data Virtualization 6.3 (with SSL and Extensions)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example JBoss Data Virtualization application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Data Virtualization based application, including a build configuration, application deployment configuration, support for installing extensions (e.g. third-party DB drivers) and the ability to configure certificates for serving secure content.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-data-virtualization/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "datavirt63-extensions-support-s2i"
+ },
+ "labels": {
+ "template": "datavirt63-extensions-support-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new data service has been created in your project. The username/password for accessing the service is ${TEIID_USERNAME}/${TEIID_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${CONFIGURATION_NAME}\" containing the datasource configuration details required by the deployed VDB(s); \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "description": "The name for the application.",
+ "displayName": "Application Name",
+ "name": "APPLICATION_NAME",
+ "value": "datavirt-app",
+ "required": true
+ },
+ {
+ "description": "The name of the secret containing configuration properties for the data sources.",
+ "displayName": "Configuration Secret Name",
+ "name": "CONFIGURATION_NAME",
+ "value": "datavirt-app-config",
+ "required": true
+ },
+ {
+ "description": "Specify a custom hostname for the http route. Leave blank to use default hostname, e.g.: <service-name>-<project>.<default-domain-suffix>",
+ "displayName": "Custom http Route Hostname",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "Specify a custom hostname for the https route. Leave blank to use default hostname, e.g.: secure-<service-name>-<project>.<default-domain-suffix>",
+ "displayName": "Custom https Route Hostname",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "Specify a custom hostname for the JDBC route. Leave blank to use default hostname, e.g.: secure-<service-name>-<project>.<default-domain-suffix>",
+ "displayName": "Custom JDBC Route Hostname",
+ "name": "HOSTNAME_JDBC",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The URL of the repository with your application source code.",
+ "displayName": "Git Repository URL",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch.",
+ "displayName": "Git Reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "master",
+ "required": false
+ },
+ {
+ "description": "Set this to the relative path to your project if it is not in the root of your repository.",
+ "displayName": "Context Directory",
+ "name": "CONTEXT_DIR",
+ "value": "datavirt/dynamicvdb-datafederation/app",
+ "required": false
+ },
+ {
+ "description": "The URL of the repository with source code for the extensions image. The image should have all modules, etc., placed in the \"/extensions/\" directory in the image. If the contents are in a different directory, the sourcePath for the ImageSource in the BuildConfig must be modified.",
+ "displayName": "Extensions Git Repository URL",
+ "name": "EXTENSIONS_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "description": "Set this to a branch name, tag or other ref of your extensions repository if you are not using the default branch.",
+ "displayName": "Extensions Git Reference",
+ "name": "EXTENSIONS_REPOSITORY_REF",
+ "value": "master",
+ "required": false
+ },
+ {
+ "description": "Set this to the relative path to your project if it is not in the root of your extensions repository.",
+ "displayName": "Extensions Context Directory",
+ "name": "EXTENSIONS_DIR",
+ "value": "datavirt/derby-driver-image",
+ "required": false
+ },
+ {
+ "description": "Set this to the relative path to the Dockerfile in your extensions directory.",
+ "displayName": "Extensions Dockerfile",
+ "name": "EXTENSIONS_DOCKERFILE",
+ "value": "Dockerfile",
+ "required": false
+ },
+ {
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow usage of the secret(s) specified by CONFIGURATION_NAME, HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "displayName": "Service Account Name",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "datavirt-service-account",
+ "required": true
+ },
+ {
+ "description": "The name of the secret containing the keystore to be used for serving secure content.",
+ "displayName": "Server Keystore Secret Name",
+ "name": "HTTPS_SECRET",
+ "value": "datavirt-app-secret",
+ "required": true
+ },
+ {
+ "description": "The name of the keystore file within the secret.",
+ "displayName": "Server Keystore Filename",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "description": "The type of the keystore file (JKS or JCEKS).",
+ "displayName": "Server Keystore Type",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The name associated with the server certificate.",
+ "displayName": "Server Certificate Name",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "description": "The password for the keystore and certificate",
+ "displayName": "Server Keystore Password",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "description": "Username associated with Teiid data service.",
+ "displayName": "Teiid Username",
+ "name": "TEIID_USERNAME",
+ "from": "[\\a]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Password for Teiid user.",
+ "displayName": "Teiid User Password",
+ "name": "TEIID_PASSWORD",
+ "from": "[\\a\\A]{8}[\\d]{1}[\\A]{1}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Username associated with ModeShape.",
+ "displayName": "ModeShape Username",
+ "name": "MODESHAPE_USERNAME",
+ "from": "[\\a]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Password for ModeShape user.",
+ "displayName": "ModeShape User Password",
+ "name": "MODESHAPE_PASSWORD",
+ "from": "[\\a\\A]{8}[\\d]{1}[\\A]{1}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "A secret string used to configure the GitHub webhook.",
+ "displayName": "Github Webhook Secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "A secret string used to configure the Generic webhook.",
+ "displayName": "Generic Webhook Secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "displayName": "ImageStream Namespace",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "description": "The name of the secret containing the keystore to be used for securing JGroups communications.",
+ "displayName": "JGroups Secret Name",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "datavirt-app-secret",
+ "required": false
+ },
+ {
+ "description": "The name of the keystore file within the JGroups secret.",
+ "displayName": "JGroups Keystore Filename",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "description": "The name associated with the JGroups server certificate",
+ "displayName": "JGroups Certificate Name",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "secret-key",
+ "required": false
+ },
+ {
+ "description": "The password for the keystore and certificate",
+ "displayName": "JGroups Keystore Password",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "password",
+ "required": false
+ },
+ {
+ "description": "Password used by JGroups to authenticate nodes in the cluster.",
+ "displayName": "JGroups Cluster Password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "displayName": "Deploy Exploded Archives",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "description": "Comma delimited list of source directories containing VDBs for deployment",
+ "displayName": "VDB Deployment Directories",
+ "name": "VDB_DIRS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Artifact Directories",
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "name": "http",
+ "port": 8080,
+ "targetPort": "http"
+ },
+ {
+ "name": "https",
+ "port": 8443,
+ "targetPort": "https"
+ },
+ {
+ "name": "jdbc",
+ "port": 31000,
+ "targetPort": "jdbc"
+ },
+ {
+ "name": "jdbcs",
+ "port": 31443,
+ "targetPort": "jdbcs"
+ },
+ {
+ "name": "odbc",
+ "port": 35432,
+ "targetPort": "odbc"
+ },
+ {
+ "name": "odbcs",
+ "port": 35443,
+ "targetPort": "odbcs"
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The data virtualization services."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http (REST) service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "port": {
+ "targetPort": "http"
+ },
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https (REST) service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "port": {
+ "targetPort": "https"
+ },
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-jdbc",
+ "metadata": {
+ "name": "jdbc-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's JDBC service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_JDBC}",
+ "port": {
+ "targetPort": "jdbcs"
+ },
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-ext",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-ext",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${EXTENSIONS_REPOSITORY_URL}",
+ "ref": "${EXTENSIONS_REPOSITORY_REF}"
+ },
+ "contextDir": "${EXTENSIONS_DIR}"
+ },
+ "strategy": {
+ "type": "Docker",
+ "dockerStrategy": {
+ "dockerfilePath": "${EXTENSIONS_DOCKERFILE}"
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}-ext:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}",
+ "images": [
+ {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-datagrid65-client-openshift:1.1"
+ },
+ "paths": [
+ {
+ "destinationDir": "./${CONTEXT_DIR}/extensions/datagrid65",
+ "sourcePath": "/extensions/."
+ }
+ ]
+ },
+ {
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}-ext:latest"
+ },
+ "paths": [
+ {
+ "destinationDir": "./${CONTEXT_DIR}/extensions/extras",
+ "sourcePath": "/extensions/."
+ }
+ ]
+ }
+ ]
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-datavirt63-openshift:1.3"
+ },
+ "env": [
+ {
+ "name": "CUSTOM_INSTALL_DIRECTORIES",
+ "value": "extensions/*"
+ },
+ {
+ "name": "VDB_DIRS",
+ "value": "${VDB_DIRS}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ]
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}-ext:latest"
+ }
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "jboss-datagrid65-client-openshift:1.1"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "configuration",
+ "mountPath": "/etc/datavirt-environment",
+ "readOnly": true
+ },
+ {
+ "name": "datavirt-keystore-volume",
+ "mountPath": "/etc/datavirt-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "datavirt-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "jdbc",
+ "containerPort": 31000,
+ "protocol": "TCP"
+ },
+ {
+ "name": "jdbcs",
+ "containerPort": 31443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "odbc",
+ "containerPort": 35432,
+ "protocol": "TCP"
+ },
+ {
+ "name": "odbcs",
+ "containerPort": 35443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/datavirt-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ },
+ {
+ "name": "TEIID_USERNAME",
+ "value": "${TEIID_USERNAME}"
+ },
+ {
+ "name": "TEIID_PASSWORD",
+ "value": "${TEIID_PASSWORD}"
+ },
+ {
+ "name": "MODESHAPE_USERNAME",
+ "value": "${MODESHAPE_USERNAME}"
+ },
+ {
+ "name": "MODESHAPE_PASSWORD",
+ "value": "${MODESHAPE_PASSWORD}"
+ },
+ {
+ "name": "ENV_FILES",
+ "value": "/etc/datavirt-environment/*"
+ },
+ {
+ "name": "DATAVIRT_TRANSPORT_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "DATAVIRT_TRANSPORT_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "DATAVIRT_TRANSPORT_KEY_ALIAS",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "DATAVIRT_TRANSPORT_KEYSTORE_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "QS_DB_TYPE",
+ "value": "derby",
+ "description": "Used soley by the quickstart and set here to ensure the template can be instatiated with its default parameter values, i.e. so itworks ootb."
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "configuration",
+ "secret": {
+ "secretName": "${CONFIGURATION_NAME}"
+ }
+ },
+ {
+ "name": "datavirt-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "datavirt-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/datavirt63-secure-s2i.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/datavirt63-secure-s2i.json
new file mode 100644
index 000000000..1758b1be0
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/datavirt63-secure-s2i.json
@@ -0,0 +1,964 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-datavirt",
+ "tags": "jdv,datavirt,database,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Data Virtualization 6.3 (with SSL)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example JBoss Data Virtualization application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Data Virtualization based application, including a build configuration, application deployment configuration and ability to configure certificates for serving secure content.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-data-virtualization/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "datavirt63-secure-s2i"
+ },
+ "labels": {
+ "template": "datavirt63-secure-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new data service has been created in your project. The username/password for accessing the service is ${TEIID_USERNAME}/${TEIID_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${CONFIGURATION_NAME}\" containing the datasource configuration details required by the deployed VDB(s); \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "description": "The name for the application.",
+ "displayName": "Application Name",
+ "name": "APPLICATION_NAME",
+ "value": "datavirt-app",
+ "required": true
+ },
+ {
+ "description": "The name of the secret containing configuration properties for the data sources.",
+ "displayName": "Configuration Secret Name",
+ "name": "CONFIGURATION_NAME",
+ "value": "datavirt-app-config",
+ "required": true
+ },
+ {
+ "description": "Specify a custom hostname for the http route. Leave blank to use default hostname, e.g.: <service-name>-<project>.<default-domain-suffix>",
+ "displayName": "Custom http Route Hostname",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "Specify a custom hostname for the https route. Leave blank to use default hostname, e.g.: secure-<service-name>-<project>.<default-domain-suffix>",
+ "displayName": "Custom https Route Hostname",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "Specify a custom hostname for the JDBC route. Leave blank to use default hostname, e.g.: secure-<service-name>-<project>.<default-domain-suffix>",
+ "displayName": "Custom JDBC Route Hostname",
+ "name": "HOSTNAME_JDBC",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The URL of the repository with your application source code.",
+ "displayName": "Git Repository URL",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch.",
+ "displayName": "Git Reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "master",
+ "required": false
+ },
+ {
+ "description": "Set this to the relative path to your project if it is not in the root of your repository.",
+ "displayName": "Context Directory",
+ "name": "CONTEXT_DIR",
+ "value": "datavirt/dynamicvdb-datafederation/app",
+ "required": false
+ },
+ {
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow usage of the secret(s) specified by CONFIGURATION_NAME, HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "displayName": "Service Account Name",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "datavirt-service-account",
+ "required": true
+ },
+ {
+ "description": "The name of the secret containing the keystore to be used for serving secure content.",
+ "displayName": "Server Keystore Secret Name",
+ "name": "HTTPS_SECRET",
+ "value": "datavirt-app-secret",
+ "required": true
+ },
+ {
+ "description": "The name of the keystore file within the secret.",
+ "displayName": "Server Keystore Filename",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "description": "The type of the keystore file (JKS or JCEKS).",
+ "displayName": "Server Keystore Type",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The name associated with the server certificate.",
+ "displayName": "Server Certificate Name",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "description": "The password for the keystore and certificate",
+ "displayName": "Server Keystore Password",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "description": "Username associated with Teiid data service.",
+ "displayName": "Teiid Username",
+ "name": "TEIID_USERNAME",
+ "from": "[\\a]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Password for Teiid user.",
+ "displayName": "Teiid User Password",
+ "name": "TEIID_PASSWORD",
+ "from": "[\\a\\A]{8}[\\d]{1}[\\A]{1}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Username associated with ModeShape.",
+ "displayName": "ModeShape Username",
+ "name": "MODESHAPE_USERNAME",
+ "from": "[\\a]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Password for ModeShape user.",
+ "displayName": "ModeShape User Password",
+ "name": "MODESHAPE_PASSWORD",
+ "from": "[\\a\\A]{8}[\\d]{1}[\\A]{1}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "A secret string used to configure the GitHub webhook.",
+ "displayName": "Github Webhook Secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "A secret string used to configure the Generic webhook.",
+ "displayName": "Generic Webhook Secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "displayName": "ImageStream Namespace",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "description": "The name of the secret containing the keystore to be used for securing JGroups communications.",
+ "displayName": "JGroups Secret Name",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "datavirt-app-secret",
+ "required": false
+ },
+ {
+ "description": "The name of the keystore file within the JGroups secret.",
+ "displayName": "JGroups Keystore Filename",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "description": "The name associated with the JGroups server certificate",
+ "displayName": "JGroups Certificate Name",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "secret-key",
+ "required": false
+ },
+ {
+ "description": "The password for the keystore and certificate",
+ "displayName": "JGroups Keystore Password",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "password",
+ "required": false
+ },
+ {
+ "description": "Password used by JGroups to authenticate nodes in the cluster.",
+ "displayName": "JGroups Cluster Password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "displayName": "Deploy Exploded Archives",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "description": "Comma delimited list of source directories containing VDBs for deployment",
+ "displayName": "VDB Deployment Directories",
+ "name": "VDB_DIRS",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The URL for the SSO server (e.g. https://secure-sso-myproject.example.com/auth). This is the URL through which the user will be redirected when a login or token is required by the application.",
+ "displayName": "SSO Server URL",
+ "name": "SSO_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The URL for the interal SSO service, where secure-sso is the kubernetes service exposed by the SSO server. This is used to create the application client(s) (see SSO_USERNAME). This can also be the same as SSO_URL.",
+ "displayName": "SSO Server Service URL",
+ "name": "SSO_SERVICE_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The SSO realm to which the application client(s) should be associated (e.g. demo).",
+ "displayName": "SSO Realm",
+ "name": "SSO_REALM",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The username used to access the SSO service. This is used to create the appliction client(s) within the specified SSO realm. This should match the SSO_SERVICE_USERNAME specified through one of the sso70-* templates.",
+ "displayName": "SSO Username",
+ "name": "SSO_USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The password for the SSO service user.",
+ "displayName": "SSO User's Password",
+ "name": "SSO_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "SSO Realm Public Key. Public key is recommended to be passed into the template to avoid man-in-the-middle security vulnerability. This can be retrieved from the SSO server, for the specified realm.",
+ "displayName": "SSO Realm Public Key",
+ "name": "SSO_PUBLIC_KEY",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "SSO Client Access Type. true or false",
+ "displayName": "SSO Bearer Only",
+ "name": "SSO_BEARER_ONLY",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The name of the secret containing the keystore file",
+ "displayName": "SSO SAML Keystore Secret",
+ "name": "SSO_SAML_KEYSTORE_SECRET",
+ "value": "datavirt-app-secret",
+ "required": false
+ },
+ {
+ "description": "The name of the keystore file within the secret",
+ "displayName": "SSO SAML Keystore File",
+ "name": "SSO_SAML_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "description": "The name associated with the server certificate",
+ "displayName": "SSO SAML Certificate Alias",
+ "name": "SSO_SAML_CERTIFICATE_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The password for the keystore and certificate",
+ "name": "SSO_SAML_KEYSTORE_PASSWORD",
+ "displayName": "SSO SAML Keystore Password",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The SSO Client Secret for Confidential Access",
+ "name": "SSO_SECRET",
+ "displayName": "SSO Client Secret",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "description": "Enable CORS for SSO applications. true or false",
+ "name": "SSO_ENABLE_CORS",
+ "displayName": "SSO Enable CORS",
+ "value": "false",
+ "required": false
+ },
+ {
+ "description": "SSO logout page for SAML applications",
+ "name": "SSO_SAML_LOGOUT_PAGE",
+ "displayName": "SSO SAML Logout Page",
+ "value": "/",
+ "required": false
+ },
+ {
+ "description": "If true SSL communication between EAP and the SSO Server will be insecure (i.e. certificate validation is disabled with curl)",
+ "name": "SSO_DISABLE_SSL_CERTIFICATE_VALIDATION",
+ "displayName": "SSO Disable SSL Certificate Validation",
+ "value": "true",
+ "required": false
+ },
+ {
+ "description": "The name of the truststore file within the secret (e.g. truststore.jks)",
+ "name": "SSO_TRUSTSTORE",
+ "displayName": "SSO Truststore File",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The password for the truststore and certificate (e.g. mykeystorepass)",
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "displayName": "SSO Truststore Password",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
+ "name": "SSO_TRUSTSTORE_SECRET",
+ "displayName": "SSO Truststore Secret",
+ "value": "datavirt-app-secret",
+ "required": false
+ },
+ {
+ "description": "Comma delimited list of deployments that shoulds be exploded and enabled for SSO OpenIDConnect via auth-method",
+ "name": "SSO_OPENIDCONNECT_DEPLOYMENTS",
+ "displayName": "SSO OpenIDConnect Deployments",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "Comma delimited list of deployments that shoulds be exploded and enabled for SSO SAML via auth-method",
+ "name": "SSO_SAML_DEPLOYMENTS",
+ "displayName": "SSO SAML Deployments",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Artifact Directories",
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "name": "http",
+ "port": 8080,
+ "targetPort": "http"
+ },
+ {
+ "name": "https",
+ "port": 8443,
+ "targetPort": "https"
+ },
+ {
+ "name": "jdbc",
+ "port": 31000,
+ "targetPort": "jdbc"
+ },
+ {
+ "name": "jdbcs",
+ "port": 31443,
+ "targetPort": "jdbcs"
+ },
+ {
+ "name": "odbc",
+ "port": 35432,
+ "targetPort": "odbc"
+ },
+ {
+ "name": "odbcs",
+ "port": 35443,
+ "targetPort": "odbcs"
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The data virtualization services."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http (REST) service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "port": {
+ "targetPort": "http"
+ },
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https (REST) service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "port": {
+ "targetPort": "https"
+ },
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-jdbc",
+ "metadata": {
+ "name": "jdbc-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's JDBC service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_JDBC}",
+ "port": {
+ "targetPort": "jdbcs"
+ },
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}",
+ "images": [
+ {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-datagrid65-client-openshift:1.1"
+ },
+ "paths": [
+ {
+ "destinationDir": "./${CONTEXT_DIR}/extensions/datagrid65",
+ "sourcePath": "/extensions/."
+ }
+ ]
+ }
+ ]
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-datavirt63-openshift:1.3"
+ },
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "CUSTOM_INSTALL_DIRECTORIES",
+ "value": "extensions/*"
+ },
+ {
+ "name": "VDB_DIRS",
+ "value": "${VDB_DIRS}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ]
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "jboss-datagrid65-client-openshift:1.1"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "configuration",
+ "mountPath": "/etc/datavirt-environment",
+ "readOnly": true
+ },
+ {
+ "name": "datavirt-keystore-volume",
+ "mountPath": "/etc/datavirt-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "datavirt-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "jdbc",
+ "containerPort": 31000,
+ "protocol": "TCP"
+ },
+ {
+ "name": "jdbcs",
+ "containerPort": 31443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "odbc",
+ "containerPort": 35432,
+ "protocol": "TCP"
+ },
+ {
+ "name": "odbcs",
+ "containerPort": 35443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/datavirt-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ },
+ {
+ "name": "TEIID_USERNAME",
+ "value": "${TEIID_USERNAME}"
+ },
+ {
+ "name": "TEIID_PASSWORD",
+ "value": "${TEIID_PASSWORD}"
+ },
+ {
+ "name": "MODESHAPE_USERNAME",
+ "value": "${MODESHAPE_USERNAME}"
+ },
+ {
+ "name": "MODESHAPE_PASSWORD",
+ "value": "${MODESHAPE_PASSWORD}"
+ },
+ {
+ "name": "ENV_FILES",
+ "value": "/etc/datavirt-environment/*"
+ },
+ {
+ "name": "DATAVIRT_TRANSPORT_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "DATAVIRT_TRANSPORT_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "DATAVIRT_TRANSPORT_KEY_ALIAS",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "DATAVIRT_TRANSPORT_KEYSTORE_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "SSO_URL",
+ "value": "${SSO_URL}"
+ },
+ {
+ "name": "SSO_SERVICE_URL",
+ "value": "${SSO_SERVICE_URL}"
+ },
+ {
+ "name": "SSO_REALM",
+ "value": "${SSO_REALM}"
+ },
+ {
+ "name": "SSO_USERNAME",
+ "value": "${SSO_USERNAME}"
+ },
+ {
+ "name": "SSO_PASSWORD",
+ "value": "${SSO_PASSWORD}"
+ },
+ {
+ "name": "SSO_PUBLIC_KEY",
+ "value": "${SSO_PUBLIC_KEY}"
+ },
+ {
+ "name": "SSO_BEARER_ONLY",
+ "value": "${SSO_BEARER_ONLY}"
+ },
+ {
+ "name": "SSO_SAML_KEYSTORE_SECRET",
+ "value": "${SSO_SAML_KEYSTORE_SECRET}"
+ },
+ {
+ "name": "SSO_SAML_KEYSTORE",
+ "value": "${SSO_SAML_KEYSTORE}"
+ },
+ {
+ "name": "SSO_SAML_KEYSTORE_DIR",
+ "value": "/etc/sso-saml-secret-volume"
+ },
+ {
+ "name": "SSO_SAML_CERTIFICATE_NAME",
+ "value": "${SSO_SAML_CERTIFICATE_NAME}"
+ },
+ {
+ "name": "SSO_SAML_KEYSTORE_PASSWORD",
+ "value": "${SSO_SAML_KEYSTORE_PASSWORD}"
+ },
+ {
+ "name": "SSO_SECRET",
+ "value": "${SSO_SECRET}"
+ },
+ {
+ "name": "SSO_ENABLE_CORS",
+ "value": "${SSO_ENABLE_CORS}"
+ },
+ {
+ "name": "SSO_SAML_LOGOUT_PAGE",
+ "value": "${SSO_SAML_LOGOUT_PAGE}"
+ },
+ {
+ "name": "SSO_DISABLE_SSL_CERTIFICATE_VALIDATION",
+ "value": "${SSO_DISABLE_SSL_CERTIFICATE_VALIDATION}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE",
+ "value": "${SSO_TRUSTSTORE}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_DIR",
+ "value": "/etc/sso-secret-volume"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "${SSO_TRUSTSTORE_PASSWORD}"
+ },
+ {
+ "name": "SSO_OPENIDCONNECT_DEPLOYMENTS",
+ "value": "${SSO_OPENIDCONNECT_DEPLOYMENTS}"
+ },
+ {
+ "name": "SSO_SAML_DEPLOYMENTS",
+ "value": "${SSO_SAML_DEPLOYMENTS}"
+ },
+ {
+ "name": "HOSTNAME_HTTP",
+ "value": "${HOSTNAME_HTTP}"
+ },
+ {
+ "name": "HOSTNAME_HTTPS",
+ "value": "${HOSTNAME_HTTPS}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "configuration",
+ "secret": {
+ "secretName": "${CONFIGURATION_NAME}"
+ }
+ },
+ {
+ "name": "datavirt-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "datavirt-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/decisionserver64-amq-s2i.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/decisionserver64-amq-s2i.json
new file mode 100644
index 000000000..3006a7265
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/decisionserver64-amq-s2i.json
@@ -0,0 +1,752 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-decisionserver",
+ "tags": "decisionserver,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss BRMS 6.4 decision server + A-MQ (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example BRMS decision server A-MQ application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat JBoss BRMS 6.4 decision server with A-MQ application, including a build configuration and application deployment configuration.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-brms/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "decisionserver64-amq-s2i"
+ },
+ "labels": {
+ "template": "decisionserver64-amq-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new BRMS/A-MQ application with SSL support has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the A-MQ service use the credentials ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"decisionserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "KIE Container Deployment",
+ "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "decisionserver-hellorules=org.openshift.quickstarts:decisionserver-hellorules:1.3.0.Final",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Username",
+ "description": "The user name to access the KIE Server REST or JMS interface.",
+ "name": "KIE_SERVER_USER",
+ "value": "kieserver",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Password",
+ "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
+ "name": "KIE_SERVER_PASSWORD",
+ "from": "[a-zA-Z]{6}[0-9]{1}!",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Domain",
+ "description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "other",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server JMS Queues Request",
+ "description": "JNDI name of request queue for JMS.",
+ "name": "KIE_SERVER_JMS_QUEUES_REQUEST",
+ "value": "queue/KIE.SERVER.REQUEST",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server JMS Queues Response",
+ "description": "JNDI name of response queue for JMS.",
+ "name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
+ "value": "queue/KIE.SERVER.RESPONSE",
+ "required": false
+ },
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "kie-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "decisionserver/hellorules",
+ "required": false
+ },
+ {
+ "displayName": "JMS Connection Factory JNDI Name",
+ "description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/JmsXA",
+ "name": "MQ_JNDI",
+ "value": "java:/JmsXA",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Protocols",
+ "description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
+ "name": "MQ_PROTOCOL",
+ "value": "openwire",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
+ "name": "MQ_QUEUES",
+ "value": "KIE.SERVER.REQUEST,KIE.SERVER.RESPONSE",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "decisionserver-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Username",
+ "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Password",
+ "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Mesh Discovery Type",
+ "description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "kube",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Storage Limit",
+ "description": "The A-MQ storage usage limit",
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "100 gb",
+ "required": false
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61616,
+ "targetPort": 61616
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-tcp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's OpenWire port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTP service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTPS service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-decisionserver64-openshift:1.1"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStream",
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "decisionserver-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "decisionserver-keystore-volume",
+ "mountPath": "/etc/decisionserver-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "KIE_SERVER_USER",
+ "value": "${KIE_SERVER_USER}"
+ },
+ {
+ "name": "KIE_SERVER_PASSWORD",
+ "value": "${KIE_SERVER_PASSWORD}"
+ },
+ {
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "${KIE_SERVER_DOMAIN}"
+ },
+ {
+ "name": "KIE_SERVER_JMS_QUEUES_REQUEST",
+ "value": "${KIE_SERVER_JMS_QUEUES_REQUEST}"
+ },
+ {
+ "name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
+ "value": "${KIE_SERVER_JMS_QUEUES_RESPONSE}"
+ },
+ {
+ "name": "MQ_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-amq=MQ"
+ },
+ {
+ "name": "MQ_JNDI",
+ "value": "${MQ_JNDI}"
+ },
+ {
+ "name": "MQ_USERNAME",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "MQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "MQ_PROTOCOL",
+ "value": "tcp"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/decisionserver-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "decisionserver-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-amq"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-amq-63:1.2"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-amq",
+ "image": "jboss-amq-63",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/amq/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp",
+ "containerPort": 5672,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp-ssl",
+ "containerPort": 5671,
+ "protocol": "TCP"
+ },
+ {
+ "name": "mqtt",
+ "containerPort": 1883,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp",
+ "containerPort": 61613,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp-ssl",
+ "containerPort": 61612,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp",
+ "containerPort": 61616,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp-ssl",
+ "containerPort": 61617,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "AMQ_USER",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "AMQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "AMQ_TRANSPORTS",
+ "value": "${MQ_PROTOCOL}"
+ },
+ {
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "${AMQ_MESH_DISCOVERY_TYPE}"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-amq-tcp"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "${AMQ_STORAGE_USAGE_LIMIT}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/decisionserver64-basic-s2i.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/decisionserver64-basic-s2i.json
new file mode 100644
index 000000000..eaee9c1a5
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/decisionserver64-basic-s2i.json
@@ -0,0 +1,376 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for Red Hat JBoss BRMS 6.4 decision server applications built using S2I.",
+ "iconClass": "icon-decisionserver",
+ "tags": "decisionserver,jboss,xpaas",
+ "version": "1.4.7",
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.4 decision server (no https)"
+ },
+ "name": "decisionserver64-basic-s2i"
+ },
+ "labels": {
+ "template": "decisionserver64-basic-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new BRMS application has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}.",
+ "parameters": [
+ {
+ "displayName": "KIE Container Deployment",
+ "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "decisionserver-hellorules=org.openshift.quickstarts:decisionserver-hellorules:1.3.0.Final",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Username",
+ "description": "The user name to access the KIE Server REST or JMS interface.",
+ "name": "KIE_SERVER_USER",
+ "value": "kieserver",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Password",
+ "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
+ "name": "KIE_SERVER_PASSWORD",
+ "from": "[a-zA-Z]{6}[0-9]{1}!",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "kie-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "decisionserver/hellorules",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "HORNETQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "HORNETQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "HornetQ Password",
+ "description": "HornetQ cluster admin password",
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-decisionserver64-openshift:1.1"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStream",
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "KIE_SERVER_USER",
+ "value": "${KIE_SERVER_USER}"
+ },
+ {
+ "name": "KIE_SERVER_PASSWORD",
+ "value": "${KIE_SERVER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_QUEUES",
+ "value": "${HORNETQ_QUEUES}"
+ },
+ {
+ "name": "HORNETQ_TOPICS",
+ "value": "${HORNETQ_TOPICS}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/decisionserver64-https-s2i.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/decisionserver64-https-s2i.json
new file mode 100644
index 000000000..cb6eb1706
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/decisionserver64-https-s2i.json
@@ -0,0 +1,522 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for Red Hat JBoss BRMS 6.4 decision server HTTPS applications built using S2I.",
+ "iconClass": "icon-decisionserver",
+ "tags": "decisionserver,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss BRMS 6.4 decision server (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example BRMS decision server application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat JBoss BRMS 6.4 decision server, including a build configuration, application deployment configuration and secured using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-brms/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "decisionserver64-https-s2i"
+ },
+ "labels": {
+ "template": "decisionserver64-https-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new BRMS application with SSL support has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. Please be sure to create the \"decisionserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "KIE Container Deployment",
+ "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "decisionserver-hellorules=org.openshift.quickstarts:decisionserver-hellorules:1.3.0.Final",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Protocol",
+ "description": "The protocol to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "https",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Port",
+ "description": "The port to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PORT",
+ "value": "8443",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Username",
+ "description": "The user name to access the KIE Server REST or JMS interface.",
+ "name": "KIE_SERVER_USER",
+ "value": "kieserver",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Password",
+ "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
+ "name": "KIE_SERVER_PASSWORD",
+ "from": "[a-zA-Z]{6}[0-9]{1}!",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "kie-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "decisionserver/hellorules",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "HORNETQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "HORNETQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "decisionserver-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "displayName": "HornetQ Password",
+ "description": "HornetQ cluster admin password",
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-decisionserver64-openshift:1.1"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStream",
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "decisionserver-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "decisionserver-keystore-volume",
+ "mountPath": "/etc/decisionserver-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "${KIE_SERVER_PROTOCOL}"
+ },
+ {
+ "name": "KIE_SERVER_PORT",
+ "value": "${KIE_SERVER_PORT}"
+ },
+ {
+ "name": "KIE_SERVER_USER",
+ "value": "${KIE_SERVER_USER}"
+ },
+ {
+ "name": "KIE_SERVER_PASSWORD",
+ "value": "${KIE_SERVER_PASSWORD}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/decisionserver-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_QUEUES",
+ "value": "${HORNETQ_QUEUES}"
+ },
+ {
+ "name": "HORNETQ_TOPICS",
+ "value": "${HORNETQ_TOPICS}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "decisionserver-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap64-amq-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap64-amq-persistent-s2i.json
new file mode 100644
index 000000000..9ebbfd06c
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap64-amq-persistent-s2i.json
@@ -0,0 +1,876 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 6.4 + A-MQ (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 6 A-MQ application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 6.4 based application, including a build configuration, application deployment configuration, using Red Hat JBoss A-MQ with persistence and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "eap64-amq-persistent-s2i"
+ },
+ "labels": {
+ "template": "eap64-amq-persistent-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new EAP 6 and A-MQ persistent based application with SSL support has been created in your project. The username/password for accessing the A-MQ service is ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "6.4.x",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "helloworld-mdb",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Volume Size",
+ "description": "Size of the volume used by A-MQ for persisting messages.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "JMS Connection Factory JNDI Name",
+ "description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/ConnectionFactory",
+ "name": "MQ_JNDI",
+ "value": "java:/ConnectionFactory",
+ "required": false
+ },
+ {
+ "displayName": "Split Data?",
+ "description": "Split the data directory for each node in a mesh.",
+ "name": "AMQ_SPLIT",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Protocols",
+ "description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
+ "name": "MQ_PROTOCOL",
+ "value": "openwire",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
+ "name": "MQ_QUEUES",
+ "value": "HELLOWORLDMDBQueue",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
+ "name": "MQ_TOPICS",
+ "value": "HELLOWORLDMDBTopic",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Serializable Packages",
+ "description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "eap-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Username",
+ "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Password",
+ "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Mesh Discovery Type",
+ "description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "kube",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Storage Limit",
+ "description": "The A-MQ storage usage limit",
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "100 gb",
+ "required": false
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61616,
+ "targetPort": 61616
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-tcp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's OpenWire port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTP service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTPS service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap64-openshift:1.6"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "MQ_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-amq=MQ"
+ },
+ {
+ "name": "MQ_JNDI",
+ "value": "${MQ_JNDI}"
+ },
+ {
+ "name": "MQ_USERNAME",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "MQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "MQ_PROTOCOL",
+ "value": "tcp"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "${MQ_SERIALIZABLE_PACKAGES}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Rolling",
+ "rollingParams": {
+ "maxSurge": 0
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-amq"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-amq-62:1.6"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-amq",
+ "image": "jboss-amq-62",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/amq/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp",
+ "containerPort": 5672,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp-ssl",
+ "containerPort": 5671,
+ "protocol": "TCP"
+ },
+ {
+ "name": "mqtt",
+ "containerPort": 1883,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp",
+ "containerPort": 61613,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp-ssl",
+ "containerPort": 61612,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp",
+ "containerPort": 61616,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp-ssl",
+ "containerPort": 61617,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/opt/amq/data/kahadb",
+ "name": "${APPLICATION_NAME}-amq-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "AMQ_USER",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "AMQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "AMQ_TRANSPORTS",
+ "value": "${MQ_PROTOCOL}"
+ },
+ {
+ "name": "AMQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "AMQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "${MQ_SERIALIZABLE_PACKAGES}"
+ },
+ {
+ "name": "AMQ_SPLIT",
+ "value": "${AMQ_SPLIT}"
+ },
+ {
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "${AMQ_MESH_DISCOVERY_TYPE}"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-amq-tcp"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "${AMQ_STORAGE_USAGE_LIMIT}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-amq-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-amq-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap64-amq-s2i.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap64-amq-s2i.json
new file mode 100644
index 000000000..6b0e1a30c
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap64-amq-s2i.json
@@ -0,0 +1,821 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 6.4 + A-MQ (Ephemeral with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 6 A-MQ application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 6.4 based application, including a build configuration, application deployment configuration, using Red Hat JBoss A-MQ and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "eap64-amq-s2i"
+ },
+ "labels": {
+ "template": "eap64-amq-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new EAP 6 and A-MQ based application with SSL support has been created in your project. The username/password for accessing the A-MQ service is ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "6.4.x",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "helloworld-mdb",
+ "required": false
+ },
+ {
+ "displayName": "JMS Connection Factory JNDI Name",
+ "description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/ConnectionFactory",
+ "name": "MQ_JNDI",
+ "value": "java:/ConnectionFactory",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Protocols",
+ "description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
+ "name": "MQ_PROTOCOL",
+ "value": "openwire",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
+ "name": "MQ_QUEUES",
+ "value": "HELLOWORLDMDBQueue",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
+ "name": "MQ_TOPICS",
+ "value": "HELLOWORLDMDBTopic",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Serializable Packages",
+ "description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "eap-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Username",
+ "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Password",
+ "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Mesh Discovery Type",
+ "description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "kube",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Storage Limit",
+ "description": "The A-MQ storage usage limit",
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "100 gb",
+ "required": false
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61616,
+ "targetPort": 61616
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-tcp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's OpenWire port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTP service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTPS service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap64-openshift:1.6"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "MQ_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-amq=MQ"
+ },
+ {
+ "name": "MQ_JNDI",
+ "value": "${MQ_JNDI}"
+ },
+ {
+ "name": "MQ_USERNAME",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "MQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "MQ_PROTOCOL",
+ "value": "tcp"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "${MQ_SERIALIZABLE_PACKAGES}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-amq"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-amq-62:1.6"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-amq",
+ "image": "jboss-amq-62",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/amq/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp",
+ "containerPort": 5672,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp-ssl",
+ "containerPort": 5671,
+ "protocol": "TCP"
+ },
+ {
+ "name": "mqtt",
+ "containerPort": 1883,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp",
+ "containerPort": 61613,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp-ssl",
+ "containerPort": 61612,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp",
+ "containerPort": 61616,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp-ssl",
+ "containerPort": 61617,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "AMQ_USER",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "AMQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "AMQ_TRANSPORTS",
+ "value": "${MQ_PROTOCOL}"
+ },
+ {
+ "name": "AMQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "AMQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "${MQ_SERIALIZABLE_PACKAGES}"
+ },
+ {
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "${AMQ_MESH_DISCOVERY_TYPE}"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-amq-tcp"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "${AMQ_STORAGE_USAGE_LIMIT}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap64-basic-s2i.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap64-basic-s2i.json
new file mode 100644
index 000000000..17fdd2333
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap64-basic-s2i.json
@@ -0,0 +1,382 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 6.4 (no https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 6 application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 6.4 based application, including a build configuration, application deployment configuration and insecure communication using http.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "eap64-basic-s2i"
+ },
+ "labels": {
+ "template": "eap64-basic-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new EAP 6 based application has been created in your project.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-developer/jboss-eap-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "6.4.x",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "kitchensink",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "HORNETQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "HORNETQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "HornetQ Password",
+ "description": "HornetQ cluster admin password",
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap64-openshift:1.6"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_QUEUES",
+ "value": "${HORNETQ_QUEUES}"
+ },
+ {
+ "name": "HORNETQ_TOPICS",
+ "value": "${HORNETQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap64-https-s2i.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap64-https-s2i.json
new file mode 100644
index 000000000..8616ac04f
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap64-https-s2i.json
@@ -0,0 +1,578 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 6.4 (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 6 application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 6.4 based application, including a build configuration, application deployment configuration and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "eap64-https-s2i"
+ },
+ "labels": {
+ "template": "eap64-https-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new EAP 6 based application with SSL support has been created in your project. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-developer/jboss-eap-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "6.4.x",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "kitchensink",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "HORNETQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "HORNETQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "eap-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "HornetQ Password",
+ "description": "HornetQ cluster admin password",
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap64-openshift:1.6"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_QUEUES",
+ "value": "${HORNETQ_QUEUES}"
+ },
+ {
+ "name": "HORNETQ_TOPICS",
+ "value": "${HORNETQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap64-mongodb-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap64-mongodb-persistent-s2i.json
new file mode 100644
index 000000000..ea3b46d78
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap64-mongodb-persistent-s2i.json
@@ -0,0 +1,855 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 6.4 + MongoDB (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 6 application with a MongoDB database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 6.4 based application, including a build configuration, application deployment configuration, database deployment configuration for MongoDB using persistence and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "eap64-mongodb-persistent-s2i"
+ },
+ "labels": {
+ "template": "eap64-mongodb-persistent-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new EAP 6 and MongoDB persistent based application with SSL support has been created in your project. The username/password for accessing the MongoDB database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-mongodb",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
+ "name": "DB_JNDI",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "HORNETQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "HORNETQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "eap-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB No Preallocation",
+ "description": "Disable data file preallocation.",
+ "name": "MONGODB_NOPREALLOC",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Small Files",
+ "description": "Set MongoDB to use a smaller default data file size.",
+ "name": "MONGODB_SMALLFILES",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Quiet",
+ "description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
+ "name": "MONGODB_QUIET",
+ "required": false
+ },
+ {
+ "displayName": "HornetQ Password",
+ "description": "HornetQ cluster admin password",
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database admin password",
+ "description": "Database admin password",
+ "name": "DB_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Image Stream Tag",
+ "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
+ "name": "MONGODB_IMAGE_STREAM_TAG",
+ "value": "3.2",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 27017,
+ "targetPort": 27017
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap64-openshift:1.6"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mongodb=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_ADMIN_PASSWORD",
+ "value": "${DB_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_QUEUES",
+ "value": "${HORNETQ_QUEUES}"
+ },
+ {
+ "name": "HORNETQ_TOPICS",
+ "value": "${HORNETQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mongodb"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "image": "mongodb",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 27017,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/mongodb/data",
+ "name": "${APPLICATION_NAME}-mongodb-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "MONGODB_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MONGODB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MONGODB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MONGODB_ADMIN_PASSWORD",
+ "value": "${DB_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "MONGODB_NOPREALLOC",
+ "value": "${MONGODB_NOPREALLOC}"
+ },
+ {
+ "name": "MONGODB_SMALLFILES",
+ "value": "${MONGODB_SMALLFILES}"
+ },
+ {
+ "name": "MONGODB_QUIET",
+ "value": "${MONGODB_QUIET}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-mongodb-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-mongodb-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap64-mongodb-s2i.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap64-mongodb-s2i.json
new file mode 100644
index 000000000..4aa9be281
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap64-mongodb-s2i.json
@@ -0,0 +1,814 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 6.4 + MongoDB (Ephemeral with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 6 application with a MongoDB database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 6.4 based application, including a build configuration, application deployment configuration, database deployment configuration for MongoDB using ephemeral (temporary) storage and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "eap64-mongodb-s2i"
+ },
+ "labels": {
+ "template": "eap64-mongodb-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new EAP 6 and MongoDB based application with SSL support has been created in your project. The username/password for accessing the MongoDB database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-mongodb",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
+ "name": "DB_JNDI",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "HORNETQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "HORNETQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "eap-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB No Preallocation",
+ "description": "Disable data file preallocation.",
+ "name": "MONGODB_NOPREALLOC",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Small Files",
+ "description": "Set MongoDB to use a smaller default data file size.",
+ "name": "MONGODB_SMALLFILES",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Quiet",
+ "description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
+ "name": "MONGODB_QUIET",
+ "required": false
+ },
+ {
+ "displayName": "HornetQ Password",
+ "description": "HornetQ cluster admin password",
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database admin password",
+ "description": "Database admin password",
+ "name": "DB_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Image Stream Tag",
+ "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
+ "name": "MONGODB_IMAGE_STREAM_TAG",
+ "value": "3.2",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 27017,
+ "targetPort": 27017
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap64-openshift:1.6"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mongodb=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_ADMIN_PASSWORD",
+ "value": "${DB_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_QUEUES",
+ "value": "${HORNETQ_QUEUES}"
+ },
+ {
+ "name": "HORNETQ_TOPICS",
+ "value": "${HORNETQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mongodb"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "image": "mongodb",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 27017,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "MONGODB_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MONGODB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MONGODB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MONGODB_ADMIN_PASSWORD",
+ "value": "${DB_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "MONGODB_NOPREALLOC",
+ "value": "${MONGODB_NOPREALLOC}"
+ },
+ {
+ "name": "MONGODB_SMALLFILES",
+ "value": "${MONGODB_SMALLFILES}"
+ },
+ {
+ "name": "MONGODB_QUIET",
+ "value": "${MONGODB_QUIET}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap64-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap64-mysql-persistent-s2i.json
new file mode 100644
index 000000000..304f11348
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap64-mysql-persistent-s2i.json
@@ -0,0 +1,867 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 6.4 + MySQL (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 6 application with a MySQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 6.4 based application, including a build configuration, application deployment configuration, database deployment configuration for MySQL using persistence and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "eap64-mysql-persistent-s2i"
+ },
+ "labels": {
+ "template": "eap64-mysql-persistent-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new EAP 6 and MySQL persistent based application with SSL support has been created in your project. The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-jdbc",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/TodoListDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "HORNETQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "HORNETQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "eap-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Lower Case Table Names",
+ "description": "Sets how the table names are stored and compared.",
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Maximum number of connections",
+ "description": "The maximum permitted number of simultaneous client connections.",
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Minimum Word Length",
+ "description": "The minimum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Maximum Word Length",
+ "description": "The maximum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL AIO",
+ "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
+ "name": "MYSQL_AIO",
+ "required": false
+ },
+ {
+ "displayName": "HornetQ Password",
+ "description": "HornetQ cluster admin password",
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap64-openshift:1.6"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_QUEUES",
+ "value": "${HORNETQ_QUEUES}"
+ },
+ {
+ "name": "HORNETQ_TOPICS",
+ "value": "${HORNETQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "TIMER_SERVICE_DATA_STORE",
+ "value": "${APPLICATION_NAME}-mysql"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mysql",
+ "image": "mysql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/mysql/data",
+ "name": "${APPLICATION_NAME}-mysql-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
+ },
+ {
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "value": "${MYSQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "value": "${MYSQL_FT_MIN_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "value": "${MYSQL_FT_MAX_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_AIO",
+ "value": "${MYSQL_AIO}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-mysql-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-mysql-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap64-mysql-s2i.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap64-mysql-s2i.json
new file mode 100644
index 000000000..bc1cdaca5
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap64-mysql-s2i.json
@@ -0,0 +1,826 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 6.4 + MySQL (Ephemeral with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 6 application with a MySQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 6.4 based application, including a build configuration, application deployment configuration, database deployment configuration for MySQL using ephemeral (temporary) storage and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "eap64-mysql-s2i"
+ },
+ "labels": {
+ "template": "eap64-mysql-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new EAP 6 and MySQL based application with SSL support has been created in your project. The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-jdbc",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/TodoListDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "HORNETQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "HORNETQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "eap-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Lower Case Table Names",
+ "description": "Sets how the table names are stored and compared.",
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Maximum number of connections",
+ "description": "The maximum permitted number of simultaneous client connections.",
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Minimum Word Length",
+ "description": "The minimum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Maximum Word Length",
+ "description": "The maximum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL AIO",
+ "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
+ "name": "MYSQL_AIO",
+ "required": false
+ },
+ {
+ "displayName": "HornetQ Password",
+ "description": "HornetQ cluster admin password",
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap64-openshift:1.6"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_QUEUES",
+ "value": "${HORNETQ_QUEUES}"
+ },
+ {
+ "name": "HORNETQ_TOPICS",
+ "value": "${HORNETQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "TIMER_SERVICE_DATA_STORE",
+ "value": "${APPLICATION_NAME}-mysql"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mysql",
+ "image": "mysql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
+ },
+ {
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "value": "${MYSQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "value": "${MYSQL_FT_MIN_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "value": "${MYSQL_FT_MAX_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_AIO",
+ "value": "${MYSQL_AIO}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap64-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap64-postgresql-persistent-s2i.json
new file mode 100644
index 000000000..d2e6ea25b
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap64-postgresql-persistent-s2i.json
@@ -0,0 +1,841 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4 + PostgreSQL (Persistent with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 6 application with a PostgreSQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 6.4 based application, including a build configuration, application deployment configuration, database deployment configuration for PostgreSQL using persistence and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "eap64-postgresql-persistent-s2i"
+ },
+ "labels": {
+ "template": "eap64-postgresql-persistent-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new EAP 6 and PostgreSQL persistent based application with SSL support has been created in your project. The username/password for accessing the PostgreSQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-jdbc",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/TodoListDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "HORNETQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "HORNETQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "eap-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Maximum number of connections",
+ "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Shared Buffers",
+ "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "required": false
+ },
+ {
+ "displayName": "HornetQ Password",
+ "description": "HornetQ cluster admin password",
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap64-openshift:1.6"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_QUEUES",
+ "value": "${HORNETQ_QUEUES}"
+ },
+ {
+ "name": "HORNETQ_TOPICS",
+ "value": "${HORNETQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "TIMER_SERVICE_DATA_STORE",
+ "value": "${APPLICATION_NAME}-postgresql"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "image": "postgresql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/pgsql/data",
+ "name": "${APPLICATION_NAME}-postgresql-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_PREPARED_TRANSACTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-postgresql-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap64-postgresql-s2i.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap64-postgresql-s2i.json
new file mode 100644
index 000000000..7a2d4009e
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap64-postgresql-s2i.json
@@ -0,0 +1,800 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 6.4 + PostgreSQL (Ephemeral with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 6 application with a PostgreSQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 6.4 based application, including a build configuration, application deployment configuration, database deployment configuration for PostgreSQL using ephemeral (temporary) storage and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "eap64-postgresql-s2i"
+ },
+ "labels": {
+ "template": "eap64-postgresql-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new EAP 6 and PostgreSQL based application with SSL support has been created in your project. The username/password for accessing the PostgreSQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-jdbc",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/TodoListDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "HORNETQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "HORNETQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "eap-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Maximum number of connections",
+ "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Shared Buffers",
+ "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "required": false
+ },
+ {
+ "displayName": "HornetQ Password",
+ "description": "HornetQ cluster admin password",
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap64-openshift:1.6"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_QUEUES",
+ "value": "${HORNETQ_QUEUES}"
+ },
+ {
+ "name": "HORNETQ_TOPICS",
+ "value": "${HORNETQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "TIMER_SERVICE_DATA_STORE",
+ "value": "${APPLICATION_NAME}-postgresql"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "image": "postgresql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_PREPARED_TRANSACTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap64-sso-s2i.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap64-sso-s2i.json
new file mode 100644
index 000000000..368f147f4
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap64-sso-s2i.json
@@ -0,0 +1,816 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 6.4 + Single Sign-On (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 6 Single Sign-On application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 6.4 based application, including a build configuration, application deployment configuration and integrated with Red Hat Single Sign-On.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "eap64-sso-s2i"
+ },
+ "labels": {
+ "template": "eap64-sso-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new EAP 6 based application with SSL and SSO support has been created in your project. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Hostname for http service route (e.g. eap-app-myproject.example.com). Required for SSO-enabled applications. This is added to the white list of redirects in the SSO server.",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": true
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Hostname for https service route (e.g. secure-eap-app-myproject.example.com). Required for SSO-enabled applications. This is added to the white list of redirects in the SSO server.",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": true
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/redhat-developer/redhat-sso-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "7.0.x-ose",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "HORNETQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "HORNETQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "eap-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate (e.g. jboss)",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. mykeystorepass)",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "HornetQ Password",
+ "description": "HornetQ cluster admin password",
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate (e.g. secret-key)",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. password)",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "URL for SSO",
+ "description": "The URL for the SSO server (e.g. https://secure-sso-myproject.example.com/auth). This is the URL through which the user will be redirected when a login or token is required by the application.",
+ "name": "SSO_URL",
+ "value": "",
+ "required": true
+ },
+ {
+ "displayName": "URL for SSO (internal service)",
+ "description": "The URL for the internal SSO service, where secure-sso is the kubernetes service exposed by the SSO server. This is used to create the application client(s) (see SSO_USERNAME). This can also be the same as SSO_URL.",
+ "name": "SSO_SERVICE_URL",
+ "value": "https://secure-sso:8443/auth",
+ "required": false
+ },
+ {
+ "displayName": "SSO Realm",
+ "description": "The SSO realm to which the application client(s) should be associated (e.g. demo).",
+ "name": "SSO_REALM",
+ "value": "",
+ "required": true
+ },
+ {
+ "displayName": "SSO Username",
+ "description": "The username used to access the SSO service. This is used to create the appliction client(s) within the specified SSO realm. This should match the SSO_SERVICE_USERNAME specified through one of the sso70-* templates.",
+ "name": "SSO_USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Password",
+ "description": "The password for the SSO service user.",
+ "name": "SSO_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Public Key",
+ "description": "SSO Public Key. Public key is recommended to be passed into the template to avoid man-in-the-middle security vulnerability. This can be retrieved from the SSO server, for the specified realm.",
+ "name": "SSO_PUBLIC_KEY",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Bearer Only?",
+ "description": "SSO Client Access Type",
+ "name": "SSO_BEARER_ONLY",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Artifact Directories",
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "app-jee-jsp/target,service-jee-jaxrs/target,app-profile-jee-jsp/target,app-profile-saml-jee-jsp/target",
+ "required": false
+ },
+ {
+ "displayName": "SSO SAML Keystore Secret",
+ "description": "The name of the secret containing the keystore file",
+ "name": "SSO_SAML_KEYSTORE_SECRET",
+ "value": "eap-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "SSO SAML Keystore",
+ "description": "The name of the keystore file within the secret",
+ "name": "SSO_SAML_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "SSO SAML Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "SSO_SAML_CERTIFICATE_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "displayName": "SSO SAML Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "SSO_SAML_KEYSTORE_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "displayName": "SSO Client Secret",
+ "description": "The SSO Client Secret for Confidential Access",
+ "name": "SSO_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Enable CORS for SSO?",
+ "description": "Enable CORS for SSO applications",
+ "name": "SSO_ENABLE_CORS",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "SSO SAML Logout Page",
+ "description": "SSO logout page for SAML applications",
+ "name": "SSO_SAML_LOGOUT_PAGE",
+ "value": "/",
+ "required": false
+ },
+ {
+ "displayName": "Disable SSL Validation in EAP->SSO communication",
+ "description": "If true SSL communication between EAP and the SSO Server will be insecure (i.e. certificate validation is disabled with curl)",
+ "name": "SSO_DISABLE_SSL_CERTIFICATE_VALIDATION",
+ "value": "true",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store",
+ "description": "The name of the truststore file within the secret (e.g. truststore.jks)",
+ "name": "SSO_TRUSTSTORE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Password",
+ "description": "The password for the truststore and certificate (e.g. mykeystorepass)",
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Secret",
+ "description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
+ "name": "SSO_TRUSTSTORE_SECRET",
+ "value": "eap-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap64-openshift:1.6"
+ },
+ "env": [
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ },
+ {
+ "name": "MAVEN_ARGS_APPEND",
+ "value": ""
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ }
+ ]
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "sso-saml-keystore-volume",
+ "mountPath": "/etc/sso-saml-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "sso-truststore-volume",
+ "mountPath": "/etc/sso-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HOSTNAME_HTTP",
+ "value": "${HOSTNAME_HTTP}"
+ },
+ {
+ "name": "HOSTNAME_HTTPS",
+ "value": "${HOSTNAME_HTTPS}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_QUEUES",
+ "value": "${HORNETQ_QUEUES}"
+ },
+ {
+ "name": "HORNETQ_TOPICS",
+ "value": "${HORNETQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ },
+ {
+ "name": "SSO_URL",
+ "value": "${SSO_URL}"
+ },
+ {
+ "name": "SSO_SERVICE_URL",
+ "value": "${SSO_SERVICE_URL}"
+ },
+ {
+ "name": "SSO_REALM",
+ "value": "${SSO_REALM}"
+ },
+ {
+ "name": "SSO_USERNAME",
+ "value": "${SSO_USERNAME}"
+ },
+ {
+ "name": "SSO_PASSWORD",
+ "value": "${SSO_PASSWORD}"
+ },
+ {
+ "name": "SSO_PUBLIC_KEY",
+ "value": "${SSO_PUBLIC_KEY}"
+ },
+ {
+ "name": "SSO_BEARER_ONLY",
+ "value": "${SSO_BEARER_ONLY}"
+ },
+ {
+ "name": "SSO_SAML_KEYSTORE_SECRET",
+ "value": "${SSO_SAML_KEYSTORE_SECRET}"
+ },
+ {
+ "name": "SSO_SAML_KEYSTORE",
+ "value": "${SSO_SAML_KEYSTORE}"
+ },
+ {
+ "name": "SSO_SAML_KEYSTORE_DIR",
+ "value": "/etc/sso-saml-secret-volume"
+ },
+ {
+ "name": "SSO_SAML_CERTIFICATE_NAME",
+ "value": "${SSO_SAML_CERTIFICATE_NAME}"
+ },
+ {
+ "name": "SSO_SAML_KEYSTORE_PASSWORD",
+ "value": "${SSO_SAML_KEYSTORE_PASSWORD}"
+ },
+ {
+ "name": "SSO_SECRET",
+ "value": "${SSO_SECRET}"
+ },
+ {
+ "name": "SSO_ENABLE_CORS",
+ "value": "${SSO_ENABLE_CORS}"
+ },
+ {
+ "name": "SSO_SAML_LOGOUT_PAGE",
+ "value": "${SSO_SAML_LOGOUT_PAGE}"
+ },
+ {
+ "name": "SSO_DISABLE_SSL_CERTIFICATE_VALIDATION",
+ "value": "${SSO_DISABLE_SSL_CERTIFICATE_VALIDATION}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE",
+ "value": "${SSO_TRUSTSTORE}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_DIR",
+ "value": "/etc/sso-secret-volume"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "${SSO_TRUSTSTORE_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "sso-saml-keystore-volume",
+ "secret": {
+ "secretName": "${SSO_SAML_KEYSTORE_SECRET}"
+ }
+ },
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ },
+ {
+ "name": "sso-truststore-volume",
+ "secret": {
+ "secretName": "${SSO_TRUSTSTORE_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap64-third-party-db-s2i.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap64-third-party-db-s2i.json
new file mode 100644
index 000000000..701f4eee6
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap64-third-party-db-s2i.json
@@ -0,0 +1,650 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4 (with https, DB drivers)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 6 DB application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 6.4 based application, including a build configuration, application deployment configuration, using third-party DB drivers and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "eap64-third-party-db-s2i"
+ },
+ "labels": {
+ "template": "eap64-third-party-db-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new EAP 6 based application with SSL support has been created in your project. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets:\"${CONFIGURATION_NAME}\" containing the datasource configuration details required by the deployed application(s); \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Configuration Secret Name",
+ "description": "The name of the secret containing configuration properties for the datasources.",
+ "name": "CONFIGURATION_NAME",
+ "value": "eap-app-config",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "master",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "datavirt/hibernate-webapp",
+ "required": false
+ },
+ {
+ "displayName": "Drivers ImageStreamTag",
+ "description": "ImageStreamTag definition for the image containing the drivers and configuration, e.g. jboss-datavirt63-openshift:1.0-driver",
+ "name": "EXTENSIONS_IMAGE",
+ "value": "jboss-datavirt63-driver-openshift:1.1",
+ "required": true
+ },
+ {
+ "displayName": "Drivers ImageStream Namespace",
+ "description": "Namespace within which the ImageStream definition for the image containing the drivers and configuration is located.",
+ "name": "EXTENSIONS_IMAGE_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Drivers Image Install Directory",
+ "description": "Full path to the directory within the extensions image where the extensions are located (e.g. install.sh, modules/, etc.)",
+ "name": "EXTENSIONS_INSTALL_DIR",
+ "value": "/extensions",
+ "required": true
+ },
+ {
+ "displayName": "Queue Names",
+ "description": "Queue names to preconfigure within HornetQ subsystem.",
+ "name": "HORNETQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topic Names",
+ "description": "Topic names to preconfigure within HornetQ subsystem.",
+ "name": "HORNETQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "eap-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "displayName": "HornetQ Cluster Admin Password",
+ "description": "Admin password for HornetQ cluster.",
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "A secret string used to configure the GitHub webhook.",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "A secret string used to configure the Generic webhook.",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore to be used for securing JGroups communications.",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the JGroups secret.",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the JGroups server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "secret-key",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "password",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "Password used by JGroups to authenticate nodes in the cluster.",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}",
+ "images": [
+ {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${EXTENSIONS_IMAGE_NAMESPACE}",
+ "name": "${EXTENSIONS_IMAGE}"
+ },
+ "paths": [
+ {
+ "destinationDir": "./${CONTEXT_DIR}/extensions/extras",
+ "sourcePath": "${EXTENSIONS_INSTALL_DIR}/."
+ }
+ ]
+ }
+ ]
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "CUSTOM_INSTALL_DIRECTORIES",
+ "value": "extensions/*"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap64-openshift:1.6"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${EXTENSIONS_IMAGE_NAMESPACE}",
+ "name": "${EXTENSIONS_IMAGE}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "configuration",
+ "mountPath": "/etc/eap-environment",
+ "readOnly": true
+ },
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "ENV_FILES",
+ "value": "/etc/eap-environment/*"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_QUEUES",
+ "value": "${HORNETQ_QUEUES}"
+ },
+ {
+ "name": "HORNETQ_TOPICS",
+ "value": "${HORNETQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "configuration",
+ "secret": {
+ "secretName": "${CONFIGURATION_NAME}"
+ }
+ },
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap70-amq-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap70-amq-persistent-s2i.json
new file mode 100644
index 000000000..d16756bad
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap70-amq-persistent-s2i.json
@@ -0,0 +1,876 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 7.0 + A-MQ (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 7 A-MQ application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 7.0 based application, including a build configuration, application deployment configuration, using Red Hat JBoss A-MQ with persistence and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "eap70-amq-persistent-s2i"
+ },
+ "labels": {
+ "template": "eap70-amq-persistent-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new EAP 7 and A-MQ persistent based application with SSL support has been created in your project. The username/password for accessing the A-MQ service is ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "helloworld-mdb",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Volume Size",
+ "description": "Size of the volume used by A-MQ for persisting messages.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "JMS Connection Factory JNDI Name",
+ "description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/ConnectionFactory",
+ "name": "MQ_JNDI",
+ "value": "java:/ConnectionFactory",
+ "required": false
+ },
+ {
+ "displayName": "Split Data?",
+ "description": "Split the data directory for each node in a mesh.",
+ "name": "AMQ_SPLIT",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Protocols",
+ "description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
+ "name": "MQ_PROTOCOL",
+ "value": "openwire",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
+ "name": "MQ_QUEUES",
+ "value": "HELLOWORLDMDBQueue",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
+ "name": "MQ_TOPICS",
+ "value": "HELLOWORLDMDBTopic",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Serializable Packages",
+ "description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "eap7-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap7-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Username",
+ "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Password",
+ "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Mesh Discovery Type",
+ "description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "kube",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Storage Limit",
+ "description": "The A-MQ storage usage limit",
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "100 gb",
+ "required": false
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap7-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61616,
+ "targetPort": 61616
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-tcp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's OpenWire port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTP service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTPS service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap70-openshift:1.6"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "MQ_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-amq=MQ"
+ },
+ {
+ "name": "MQ_JNDI",
+ "value": "${MQ_JNDI}"
+ },
+ {
+ "name": "MQ_USERNAME",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "MQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "MQ_PROTOCOL",
+ "value": "tcp"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "${MQ_SERIALIZABLE_PACKAGES}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Rolling",
+ "rollingParams": {
+ "maxSurge": 0
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-amq"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-amq-62:1.6"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-amq",
+ "image": "jboss-amq-62",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/amq/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp",
+ "containerPort": 5672,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp-ssl",
+ "containerPort": 5671,
+ "protocol": "TCP"
+ },
+ {
+ "name": "mqtt",
+ "containerPort": 1883,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp",
+ "containerPort": 61613,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp-ssl",
+ "containerPort": 61612,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp",
+ "containerPort": 61616,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp-ssl",
+ "containerPort": 61617,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/opt/amq/data/kahadb",
+ "name": "${APPLICATION_NAME}-amq-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "AMQ_USER",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "AMQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "AMQ_TRANSPORTS",
+ "value": "${MQ_PROTOCOL}"
+ },
+ {
+ "name": "AMQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "AMQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "${MQ_SERIALIZABLE_PACKAGES}"
+ },
+ {
+ "name": "AMQ_SPLIT",
+ "value": "${AMQ_SPLIT}"
+ },
+ {
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "${AMQ_MESH_DISCOVERY_TYPE}"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-amq-tcp"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "${AMQ_STORAGE_USAGE_LIMIT}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-amq-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-amq-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap70-amq-s2i.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap70-amq-s2i.json
new file mode 100644
index 000000000..70323214f
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap70-amq-s2i.json
@@ -0,0 +1,821 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 7.0 + A-MQ (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 7 A-MQ application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 7.0 based application, including a build configuration, application deployment configuration, using Red Hat JBoss A-MQ and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "eap70-amq-s2i"
+ },
+ "labels": {
+ "template": "eap70-amq-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new EAP 7 and A-MQ based application with SSL support has been created in your project. The username/password for accessing the A-MQ service is ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "helloworld-mdb",
+ "required": false
+ },
+ {
+ "displayName": "JMS Connection Factory JNDI Name",
+ "description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/ConnectionFactory",
+ "name": "MQ_JNDI",
+ "value": "java:/ConnectionFactory",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Protocols",
+ "description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
+ "name": "MQ_PROTOCOL",
+ "value": "openwire",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
+ "name": "MQ_QUEUES",
+ "value": "HELLOWORLDMDBQueue",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
+ "name": "MQ_TOPICS",
+ "value": "HELLOWORLDMDBTopic",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Serializable Packages",
+ "description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "eap7-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap7-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Username",
+ "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Password",
+ "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Mesh Discovery Type",
+ "description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "kube",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Storage Limit",
+ "description": "The A-MQ storage usage limit",
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "100 gb",
+ "required": false
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap7-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61616,
+ "targetPort": 61616
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-tcp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's OpenWire port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTP service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTPS service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap70-openshift:1.6"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "MQ_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-amq=MQ"
+ },
+ {
+ "name": "MQ_JNDI",
+ "value": "${MQ_JNDI}"
+ },
+ {
+ "name": "MQ_USERNAME",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "MQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "MQ_PROTOCOL",
+ "value": "tcp"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "${MQ_SERIALIZABLE_PACKAGES}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-amq"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-amq-62:1.6"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-amq",
+ "image": "jboss-amq-62",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/amq/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp",
+ "containerPort": 5672,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp-ssl",
+ "containerPort": 5671,
+ "protocol": "TCP"
+ },
+ {
+ "name": "mqtt",
+ "containerPort": 1883,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp",
+ "containerPort": 61613,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp-ssl",
+ "containerPort": 61612,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp",
+ "containerPort": 61616,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp-ssl",
+ "containerPort": 61617,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "AMQ_USER",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "AMQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "AMQ_TRANSPORTS",
+ "value": "${MQ_PROTOCOL}"
+ },
+ {
+ "name": "AMQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "AMQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "${MQ_SERIALIZABLE_PACKAGES}"
+ },
+ {
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "${AMQ_MESH_DISCOVERY_TYPE}"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-amq-tcp"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "${AMQ_STORAGE_USAGE_LIMIT}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap70-basic-s2i.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap70-basic-s2i.json
new file mode 100644
index 000000000..312db1971
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap70-basic-s2i.json
@@ -0,0 +1,382 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 7.0 (no https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 7 application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 7.0 based application, including a build configuration, application deployment configuration and insecure communication using http.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "eap70-basic-s2i"
+ },
+ "labels": {
+ "template": "eap70-basic-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new EAP 7 based application has been created in your project.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-developer/jboss-eap-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "7.0.0.GA",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "kitchensink",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "MQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ cluster password",
+ "description": "A-MQ cluster admin password",
+ "name": "MQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap70-openshift:1.6"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "MQ_CLUSTER_PASSWORD",
+ "value": "${MQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap70-https-s2i.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap70-https-s2i.json
new file mode 100644
index 000000000..7c3b35f5a
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap70-https-s2i.json
@@ -0,0 +1,578 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 7.0 (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 7 application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 7.0 based application, including a build configuration, application deployment configuration and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "eap70-https-s2i"
+ },
+ "labels": {
+ "template": "eap70-https-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new EAP 7 based application with SSL support has been created in your project. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-developer/jboss-eap-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "7.0.0.GA",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "kitchensink",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "MQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "eap7-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap7-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ cluster password",
+ "description": "A-MQ cluster admin password",
+ "name": "MQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap7-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap70-openshift:1.6"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "MQ_CLUSTER_PASSWORD",
+ "value": "${MQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap70-mongodb-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap70-mongodb-persistent-s2i.json
new file mode 100644
index 000000000..205e451c7
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap70-mongodb-persistent-s2i.json
@@ -0,0 +1,855 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 7.0 + MongoDB (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 7 application with a MongoDB database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 7.0 based application, including a build configuration, application deployment configuration, database deployment configuration for MongoDB using persistence and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "eap70-mongodb-persistent-s2i"
+ },
+ "labels": {
+ "template": "eap70-mongodb-persistent-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new EAP 7 and MongoDB persistent based application with SSL support has been created in your project. The username/password for accessing the MongoDB database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-mongodb",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
+ "name": "DB_JNDI",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "MQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "eap7-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap7-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB No Preallocation",
+ "description": "Disable data file preallocation.",
+ "name": "MONGODB_NOPREALLOC",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Small Files",
+ "description": "Set MongoDB to use a smaller default data file size.",
+ "name": "MONGODB_SMALLFILES",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Quiet",
+ "description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
+ "name": "MONGODB_QUIET",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ cluster password",
+ "description": "A-MQ cluster admin password",
+ "name": "MQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database admin password",
+ "description": "Database admin password",
+ "name": "DB_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap7-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Image Stream Tag",
+ "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
+ "name": "MONGODB_IMAGE_STREAM_TAG",
+ "value": "3.2",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 27017,
+ "targetPort": 27017
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap70-openshift:1.6"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mongodb=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_ADMIN_PASSWORD",
+ "value": "${DB_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "MQ_CLUSTER_PASSWORD",
+ "value": "${MQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mongodb"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "image": "mongodb",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 27017,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/mongodb/data",
+ "name": "${APPLICATION_NAME}-mongodb-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "MONGODB_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MONGODB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MONGODB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MONGODB_ADMIN_PASSWORD",
+ "value": "${DB_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "MONGODB_NOPREALLOC",
+ "value": "${MONGODB_NOPREALLOC}"
+ },
+ {
+ "name": "MONGODB_SMALLFILES",
+ "value": "${MONGODB_SMALLFILES}"
+ },
+ {
+ "name": "MONGODB_QUIET",
+ "value": "${MONGODB_QUIET}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-mongodb-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-mongodb-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap70-mongodb-s2i.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap70-mongodb-s2i.json
new file mode 100644
index 000000000..63b57d5dc
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap70-mongodb-s2i.json
@@ -0,0 +1,814 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "Boss EAP 7.0 + MongoDB (Ephemeral with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 7 application with a MongoDB database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 7.0 based application, including a build configuration, application deployment configuration, database deployment configuration for MongoDB using ephemeral (temporary) storage and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "eap70-mongodb-s2i"
+ },
+ "labels": {
+ "template": "eap70-mongodb-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new EAP 7 and MongoDB based application with SSL support has been created in your project. The username/password for accessing the MongoDB database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-mongodb",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
+ "name": "DB_JNDI",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "MQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "eap7-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap7-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB No Preallocation",
+ "description": "Disable data file preallocation.",
+ "name": "MONGODB_NOPREALLOC",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Small Files",
+ "description": "Set MongoDB to use a smaller default data file size.",
+ "name": "MONGODB_SMALLFILES",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Quiet",
+ "description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
+ "name": "MONGODB_QUIET",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ cluster password",
+ "description": "A-MQ cluster admin password",
+ "name": "MQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database admin password",
+ "description": "Database admin password",
+ "name": "DB_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap7-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Image Stream Tag",
+ "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
+ "name": "MONGODB_IMAGE_STREAM_TAG",
+ "value": "3.2",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 27017,
+ "targetPort": 27017
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap70-openshift:1.6"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mongodb=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_ADMIN_PASSWORD",
+ "value": "${DB_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "MQ_CLUSTER_PASSWORD",
+ "value": "${MQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mongodb"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "image": "mongodb",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 27017,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "MONGODB_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MONGODB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MONGODB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MONGODB_ADMIN_PASSWORD",
+ "value": "${DB_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "MONGODB_NOPREALLOC",
+ "value": "${MONGODB_NOPREALLOC}"
+ },
+ {
+ "name": "MONGODB_SMALLFILES",
+ "value": "${MONGODB_SMALLFILES}"
+ },
+ {
+ "name": "MONGODB_QUIET",
+ "value": "${MONGODB_QUIET}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap70-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap70-mysql-persistent-s2i.json
new file mode 100644
index 000000000..f9f77f22c
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap70-mysql-persistent-s2i.json
@@ -0,0 +1,871 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 7.0 + MySQL (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 7 application with a MySQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 7.0 based application, including a build configuration, application deployment configuration, database deployment configuration for MySQL using persistence and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "eap70-mysql-persistent-s2i"
+ },
+ "labels": {
+ "template": "eap70-mysql-persistent-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new EAP 7 and MySQL persistent based application with SSL support has been created in your project. The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-jdbc",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/TodoListDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "MQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "eap7-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap7-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Lower Case Table Names",
+ "description": "Sets how the table names are stored and compared.",
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Maximum number of connections",
+ "description": "The maximum permitted number of simultaneous client connections.",
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Minimum Word Length",
+ "description": "The minimum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Maximum Word Length",
+ "description": "The maximum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL AIO",
+ "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
+ "name": "MYSQL_AIO",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ cluster password",
+ "description": "A-MQ cluster admin password",
+ "name": "MQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap7-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap70-openshift:1.6"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "MQ_CLUSTER_PASSWORD",
+ "value": "${MQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ },
+ {
+ "name": "DEFAULT_JOB_REPOSITORY",
+ "value": "${APPLICATION_NAME}-mysql"
+ },
+ {
+ "name": "TIMER_SERVICE_DATA_STORE",
+ "value": "${APPLICATION_NAME}-mysql"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mysql",
+ "image": "mysql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/mysql/data",
+ "name": "${APPLICATION_NAME}-mysql-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
+ },
+ {
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "value": "${MYSQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "value": "${MYSQL_FT_MIN_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "value": "${MYSQL_FT_MAX_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_AIO",
+ "value": "${MYSQL_AIO}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-mysql-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-mysql-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap70-mysql-s2i.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap70-mysql-s2i.json
new file mode 100644
index 000000000..8ea433a80
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap70-mysql-s2i.json
@@ -0,0 +1,830 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 7.0 + MySQL (Ephemeral with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 7 application with a MySQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 7.1 based application, including a build configuration, application deployment configuration, database deployment configuration for MySQL using ephemeral (temporary) storage and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "eap70-mysql-s2i"
+ },
+ "labels": {
+ "template": "eap70-mysql-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new EAP 7 and MySQL based application with SSL support has been created in your project. The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-jdbc",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/TodoListDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "MQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "eap7-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap7-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Lower Case Table Names",
+ "description": "Sets how the table names are stored and compared.",
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Maximum number of connections",
+ "description": "The maximum permitted number of simultaneous client connections.",
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Minimum Word Length",
+ "description": "The minimum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Maximum Word Length",
+ "description": "The maximum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL AIO",
+ "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
+ "name": "MYSQL_AIO",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ cluster password",
+ "description": "A-MQ cluster admin password",
+ "name": "MQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap7-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap70-openshift:1.6"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "MQ_CLUSTER_PASSWORD",
+ "value": "${MQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ },
+ {
+ "name": "DEFAULT_JOB_REPOSITORY",
+ "value": "${APPLICATION_NAME}-mysql"
+ },
+ {
+ "name": "TIMER_SERVICE_DATA_STORE",
+ "value": "${APPLICATION_NAME}-mysql"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mysql",
+ "image": "mysql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
+ },
+ {
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "value": "${MYSQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "value": "${MYSQL_FT_MIN_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "value": "${MYSQL_FT_MAX_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_AIO",
+ "value": "${MYSQL_AIO}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap70-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap70-postgresql-persistent-s2i.json
new file mode 100644
index 000000000..a2bc9d3b9
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap70-postgresql-persistent-s2i.json
@@ -0,0 +1,845 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 7.0 + PostgreSQL (Persistent with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 7 application with a PostgreSQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 7.0 based application, including a build configuration, application deployment configuration, database deployment configuration for PostgreSQL using persistence and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "eap70-postgresql-persistent-s2i"
+ },
+ "labels": {
+ "template": "eap70-postgresql-persistent-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new EAP 7 and PostgreSQL persistent based application with SSL support has been created in your project. The username/password for accessing the PostgreSQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-jdbc",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/TodoListDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "MQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "eap7-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap7-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Maximum number of connections",
+ "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Shared Buffers",
+ "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ cluster password",
+ "description": "A-MQ cluster admin password",
+ "name": "MQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap7-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap70-openshift:1.6"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "MQ_CLUSTER_PASSWORD",
+ "value": "${MQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ },
+ {
+ "name": "DEFAULT_JOB_REPOSITORY",
+ "value": "${APPLICATION_NAME}-postgresql"
+ },
+ {
+ "name": "TIMER_SERVICE_DATA_STORE",
+ "value": "${APPLICATION_NAME}-postgresql"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "image": "postgresql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/pgsql/data",
+ "name": "${APPLICATION_NAME}-postgresql-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_PREPARED_TRANSACTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-postgresql-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap70-postgresql-s2i.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap70-postgresql-s2i.json
new file mode 100644
index 000000000..66b0c737d
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap70-postgresql-s2i.json
@@ -0,0 +1,804 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 7.0 + PostgreSQL (Ephemeral with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 7 application with a PostgreSQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 7.0 based application, including a build configuration, application deployment configuration, database deployment configuration for PostgreSQL using ephemeral (temporary) storage and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "eap70-postgresql-s2i"
+ },
+ "labels": {
+ "template": "eap70-postgresql-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new EAP 7 and PostgreSQL based application with SSL support has been created in your project. The username/password for accessing the PostgreSQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-jdbc",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/TodoListDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "MQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "eap7-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap7-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Maximum number of connections",
+ "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Shared Buffers",
+ "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ cluster password",
+ "description": "A-MQ cluster admin password",
+ "name": "MQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap7-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap70-openshift:1.6"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "MQ_CLUSTER_PASSWORD",
+ "value": "${MQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ },
+ {
+ "name": "DEFAULT_JOB_REPOSITORY",
+ "value": "${APPLICATION_NAME}-postgresql"
+ },
+ {
+ "name": "TIMER_SERVICE_DATA_STORE",
+ "value": "${APPLICATION_NAME}-postgresql"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "image": "postgresql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_PREPARED_TRANSACTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap70-sso-s2i.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap70-sso-s2i.json
new file mode 100644
index 000000000..2201ff7f3
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap70-sso-s2i.json
@@ -0,0 +1,816 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 7.0 + Single Sign-On (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 7 Single Sign-On application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 7.0 based application, including a build configuration, application deployment configuration and integrated with Red Hat Single Sign-On.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "eap70-sso-s2i"
+ },
+ "labels": {
+ "template": "eap70-sso-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new EAP 7 based application with SSL and SSO support has been created in your project. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Hostname for http service route (e.g. eap-app-myproject.example.com). Required for SSO-enabled applications. This is added to the white list of redirects in the SSO server.",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": true
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Hostname for https service route (e.g. secure-eap-app-myproject.example.com). Required for SSO-enabled applications. This is added to the white list of redirects in the SSO server.",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": true
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/redhat-developer/redhat-sso-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "7.0.x-ose",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "MQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ cluster password",
+ "description": "A-MQ cluster admin password",
+ "name": "MQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "eap7-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap7-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate (e.g. jboss)",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. mykeystorepass)",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap7-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate (e.g. secret-key)",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. password)",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "URL for SSO",
+ "description": "The URL for the SSO server (e.g. https://secure-sso-myproject.example.com/auth). This is the URL through which the user will be redirected when a login or token is required by the application.",
+ "name": "SSO_URL",
+ "value": "",
+ "required": true
+ },
+ {
+ "displayName": "URL for SSO (internal service)",
+ "description": "The URL for the internal SSO service, where secure-sso (the default) is the kubernetes service exposed by the SSO server. This is used to create the application client(s) (see SSO_USERNAME). This can also be the same as SSO_URL.",
+ "name": "SSO_SERVICE_URL",
+ "value": "https://secure-sso:8443/auth",
+ "required": false
+ },
+ {
+ "displayName": "SSO Realm",
+ "description": "The SSO realm to which the application client(s) should be associated (e.g. demo).",
+ "name": "SSO_REALM",
+ "value": "",
+ "required": true
+ },
+ {
+ "displayName": "SSO Username",
+ "description": "The username used to access the SSO service. This is used to create the appliction client(s) within the specified SSO realm. This should match the SSO_SERVICE_USERNAME specified through one of the sso70-* templates.",
+ "name": "SSO_USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Password",
+ "description": "The password for the SSO service user.",
+ "name": "SSO_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Public Key",
+ "description": "SSO Public Key. Public key is recommended to be passed into the template to avoid man-in-the-middle security vulnerability",
+ "name": "SSO_PUBLIC_KEY",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Bearer Only?",
+ "description": "SSO Client Access Type",
+ "name": "SSO_BEARER_ONLY",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Artifact Directories",
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "app-jee-jsp/target,service-jee-jaxrs/target,app-profile-jee-jsp/target,app-profile-saml-jee-jsp/target",
+ "required": false
+ },
+ {
+ "displayName": "SSO SAML Keystore Secret",
+ "description": "The name of the secret containing the keystore file",
+ "name": "SSO_SAML_KEYSTORE_SECRET",
+ "value": "eap7-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "SSO SAML Keystore",
+ "description": "The name of the keystore file within the secret",
+ "name": "SSO_SAML_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "SSO SAML Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "SSO_SAML_CERTIFICATE_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "displayName": "SSO SAML Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "SSO_SAML_KEYSTORE_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "displayName": "SSO Client Secret",
+ "description": "The SSO Client Secret for Confidential Access",
+ "name": "SSO_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Enable CORS for SSO?",
+ "description": "Enable CORS for SSO applications",
+ "name": "SSO_ENABLE_CORS",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "SSO SAML Logout Page",
+ "description": "SSO logout page for SAML applications",
+ "name": "SSO_SAML_LOGOUT_PAGE",
+ "value": "/",
+ "required": false
+ },
+ {
+ "displayName": "Disable SSL Validation in EAP->SSO communication",
+ "description": "If true SSL communication between EAP and the SSO Server will be insecure (i.e. certificate validation is disabled with curl)",
+ "name": "SSO_DISABLE_SSL_CERTIFICATE_VALIDATION",
+ "value": "true",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store",
+ "description": "The name of the truststore file within the secret (e.g. truststore.jks)",
+ "name": "SSO_TRUSTSTORE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Password",
+ "description": "The password for the truststore and certificate (e.g. mykeystorepass)",
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Secret",
+ "description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
+ "name": "SSO_TRUSTSTORE_SECRET",
+ "value": "eap7-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap70-openshift:1.6"
+ },
+ "env": [
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ },
+ {
+ "name": "MAVEN_ARGS_APPEND",
+ "value": ""
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ }
+ ]
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "sso-saml-keystore-volume",
+ "mountPath": "/etc/sso-saml-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "sso-truststore-volume",
+ "mountPath": "/etc/sso-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HOSTNAME_HTTP",
+ "value": "${HOSTNAME_HTTP}"
+ },
+ {
+ "name": "HOSTNAME_HTTPS",
+ "value": "${HOSTNAME_HTTPS}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "MQ_CLUSTER_PASSWORD",
+ "value": "${MQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ },
+ {
+ "name": "SSO_URL",
+ "value": "${SSO_URL}"
+ },
+ {
+ "name": "SSO_SERVICE_URL",
+ "value": "${SSO_SERVICE_URL}"
+ },
+ {
+ "name": "SSO_REALM",
+ "value": "${SSO_REALM}"
+ },
+ {
+ "name": "SSO_USERNAME",
+ "value": "${SSO_USERNAME}"
+ },
+ {
+ "name": "SSO_PASSWORD",
+ "value": "${SSO_PASSWORD}"
+ },
+ {
+ "name": "SSO_PUBLIC_KEY",
+ "value": "${SSO_PUBLIC_KEY}"
+ },
+ {
+ "name": "SSO_BEARER_ONLY",
+ "value": "${SSO_BEARER_ONLY}"
+ },
+ {
+ "name": "SSO_SAML_KEYSTORE_SECRET",
+ "value": "${SSO_SAML_KEYSTORE_SECRET}"
+ },
+ {
+ "name": "SSO_SAML_KEYSTORE",
+ "value": "${SSO_SAML_KEYSTORE}"
+ },
+ {
+ "name": "SSO_SAML_KEYSTORE_DIR",
+ "value": "/etc/sso-saml-secret-volume"
+ },
+ {
+ "name": "SSO_SAML_CERTIFICATE_NAME",
+ "value": "${SSO_SAML_CERTIFICATE_NAME}"
+ },
+ {
+ "name": "SSO_SAML_KEYSTORE_PASSWORD",
+ "value": "${SSO_SAML_KEYSTORE_PASSWORD}"
+ },
+ {
+ "name": "SSO_SECRET",
+ "value": "${SSO_SECRET}"
+ },
+ {
+ "name": "SSO_ENABLE_CORS",
+ "value": "${SSO_ENABLE_CORS}"
+ },
+ {
+ "name": "SSO_SAML_LOGOUT_PAGE",
+ "value": "${SSO_SAML_LOGOUT_PAGE}"
+ },
+ {
+ "name": "SSO_DISABLE_SSL_CERTIFICATE_VALIDATION",
+ "value": "${SSO_DISABLE_SSL_CERTIFICATE_VALIDATION}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE",
+ "value": "${SSO_TRUSTSTORE}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_DIR",
+ "value": "/etc/sso-secret-volume"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "${SSO_TRUSTSTORE_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "sso-saml-keystore-volume",
+ "secret": {
+ "secretName": "${SSO_SAML_KEYSTORE_SECRET}"
+ }
+ },
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ },
+ {
+ "name": "sso-truststore-volume",
+ "secret": {
+ "secretName": "${SSO_TRUSTSTORE_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap70-third-party-db-s2i.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap70-third-party-db-s2i.json
new file mode 100644
index 000000000..3ca69f6c7
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap70-third-party-db-s2i.json
@@ -0,0 +1,650 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 7.0 (with https, DB drivers)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 7 DB application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 7.0 based application, including a build configuration, application deployment configuration, using third-party DB drivers and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "eap70-third-party-db-s2i"
+ },
+ "labels": {
+ "template": "eap70-third-party-db-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new EAP 7 based application with SSL support has been created in your project. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets:\"${CONFIGURATION_NAME}\" containing the datasource configuration details required by the deployed application(s); \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Configuration Secret Name",
+ "description": "The name of the secret containing configuration properties for the datasources.",
+ "name": "CONFIGURATION_NAME",
+ "value": "eap-app-config",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "master",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "datavirt/hibernate-webapp",
+ "required": false
+ },
+ {
+ "displayName": "Drivers ImageStreamTag",
+ "description": "ImageStreamTag definition for the image containing the drivers and configuration, e.g. jboss-datavirt63-openshift:1.0-driver",
+ "name": "EXTENSIONS_IMAGE",
+ "value": "jboss-datavirt63-driver-openshift:1.1",
+ "required": true
+ },
+ {
+ "displayName": "Drivers ImageStream Namespace",
+ "description": "Namespace within which the ImageStream definition for the image containing the drivers and configuration is located.",
+ "name": "EXTENSIONS_IMAGE_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Drivers Image Install Directory",
+ "description": "Full path to the directory within the extensions image where the extensions are located (e.g. install.sh, modules/, etc.)",
+ "name": "EXTENSIONS_INSTALL_DIR",
+ "value": "/extensions",
+ "required": true
+ },
+ {
+ "displayName": "Queue Names",
+ "description": "Queue names to preconfigure within Messaging subsystem.",
+ "name": "MQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topic Names",
+ "description": "Topic names to preconfigure within Messaging subsystem.",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "eap-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "displayName": "Messaging Cluster Admin Password",
+ "description": "Admin password for Messaging cluster.",
+ "name": "MQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "A secret string used to configure the GitHub webhook.",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "A secret string used to configure the Generic webhook.",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore to be used for securing JGroups communications.",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the JGroups secret.",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the JGroups server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "secret-key",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "password",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "Password used by JGroups to authenticate nodes in the cluster.",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}",
+ "images": [
+ {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${EXTENSIONS_IMAGE_NAMESPACE}",
+ "name": "${EXTENSIONS_IMAGE}"
+ },
+ "paths": [
+ {
+ "destinationDir": "./${CONTEXT_DIR}/extensions/extras",
+ "sourcePath": "${EXTENSIONS_INSTALL_DIR}/."
+ }
+ ]
+ }
+ ]
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "CUSTOM_INSTALL_DIRECTORIES",
+ "value": "extensions/*"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap70-openshift:1.6"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${EXTENSIONS_IMAGE_NAMESPACE}",
+ "name": "${EXTENSIONS_IMAGE}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "configuration",
+ "mountPath": "/etc/eap-environment",
+ "readOnly": true
+ },
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "ENV_FILES",
+ "value": "/etc/eap-environment/*"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "MQ_CLUSTER_PASSWORD",
+ "value": "${MQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "configuration",
+ "secret": {
+ "secretName": "${CONFIGURATION_NAME}"
+ }
+ },
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap71-amq-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap71-amq-persistent-s2i.json
new file mode 100644
index 000000000..dbc1a8013
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap71-amq-persistent-s2i.json
@@ -0,0 +1,876 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 7.1 + A-MQ (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 7 A-MQ application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 7.1 based application, including a build configuration, application deployment configuration, using Red Hat JBoss A-MQ with persistence and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "eap71-amq-persistent-s2i"
+ },
+ "labels": {
+ "template": "eap71-amq-persistent-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new EAP 7 and A-MQ persistent based application with SSL support has been created in your project. The username/password for accessing the A-MQ service is ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "helloworld-mdb",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Volume Size",
+ "description": "Size of the volume used by A-MQ for persisting messages.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "JMS Connection Factory JNDI Name",
+ "description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/ConnectionFactory",
+ "name": "MQ_JNDI",
+ "value": "java:/ConnectionFactory",
+ "required": false
+ },
+ {
+ "displayName": "Split Data?",
+ "description": "Split the data directory for each node in a mesh.",
+ "name": "AMQ_SPLIT",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Protocols",
+ "description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
+ "name": "MQ_PROTOCOL",
+ "value": "openwire",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
+ "name": "MQ_QUEUES",
+ "value": "HELLOWORLDMDBQueue",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
+ "name": "MQ_TOPICS",
+ "value": "HELLOWORLDMDBTopic",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Serializable Packages",
+ "description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "eap7-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap7-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Username",
+ "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Password",
+ "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Mesh Discovery Type",
+ "description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "kube",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Storage Limit",
+ "description": "The A-MQ storage usage limit",
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "100 gb",
+ "required": false
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap7-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61616,
+ "targetPort": 61616
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-tcp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's OpenWire port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTP service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTPS service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap71-openshift:TP"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "MQ_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-amq=MQ"
+ },
+ {
+ "name": "MQ_JNDI",
+ "value": "${MQ_JNDI}"
+ },
+ {
+ "name": "MQ_USERNAME",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "MQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "MQ_PROTOCOL",
+ "value": "tcp"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "${MQ_SERIALIZABLE_PACKAGES}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Rolling",
+ "rollingParams": {
+ "maxSurge": 0
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-amq"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-amq-62:1.6"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-amq",
+ "image": "jboss-amq-62",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/amq/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp",
+ "containerPort": 5672,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp-ssl",
+ "containerPort": 5671,
+ "protocol": "TCP"
+ },
+ {
+ "name": "mqtt",
+ "containerPort": 1883,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp",
+ "containerPort": 61613,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp-ssl",
+ "containerPort": 61612,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp",
+ "containerPort": 61616,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp-ssl",
+ "containerPort": 61617,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/opt/amq/data/kahadb",
+ "name": "${APPLICATION_NAME}-amq-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "AMQ_USER",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "AMQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "AMQ_TRANSPORTS",
+ "value": "${MQ_PROTOCOL}"
+ },
+ {
+ "name": "AMQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "AMQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "${MQ_SERIALIZABLE_PACKAGES}"
+ },
+ {
+ "name": "AMQ_SPLIT",
+ "value": "${AMQ_SPLIT}"
+ },
+ {
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "${AMQ_MESH_DISCOVERY_TYPE}"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-amq-tcp"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "${AMQ_STORAGE_USAGE_LIMIT}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-amq-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-amq-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap71-amq-s2i.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap71-amq-s2i.json
new file mode 100644
index 000000000..6e330eae9
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap71-amq-s2i.json
@@ -0,0 +1,821 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,xpaas,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 7.1 + A-MQ (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 7 A-MQ application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 7.1 based application, including a build configuration, application deployment configuration, using Red Hat JBoss A-MQ and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "eap71-amq-s2i"
+ },
+ "labels": {
+ "template": "eap71-amq-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new EAP 7 and A-MQ based application with SSL support has been created in your project. The username/password for accessing the A-MQ service is ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "helloworld-mdb",
+ "required": false
+ },
+ {
+ "displayName": "JMS Connection Factory JNDI Name",
+ "description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/ConnectionFactory",
+ "name": "MQ_JNDI",
+ "value": "java:/ConnectionFactory",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Protocols",
+ "description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
+ "name": "MQ_PROTOCOL",
+ "value": "openwire",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
+ "name": "MQ_QUEUES",
+ "value": "HELLOWORLDMDBQueue",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
+ "name": "MQ_TOPICS",
+ "value": "HELLOWORLDMDBTopic",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Serializable Packages",
+ "description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "eap7-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap7-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Username",
+ "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Password",
+ "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Mesh Discovery Type",
+ "description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "kube",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Storage Limit",
+ "description": "The A-MQ storage usage limit",
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "100 gb",
+ "required": false
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap7-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61616,
+ "targetPort": 61616
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-tcp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's OpenWire port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTP service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTPS service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap71-openshift:TP"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "MQ_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-amq=MQ"
+ },
+ {
+ "name": "MQ_JNDI",
+ "value": "${MQ_JNDI}"
+ },
+ {
+ "name": "MQ_USERNAME",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "MQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "MQ_PROTOCOL",
+ "value": "tcp"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "${MQ_SERIALIZABLE_PACKAGES}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-amq"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-amq-62:1.6"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-amq",
+ "image": "jboss-amq-62",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/amq/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp",
+ "containerPort": 5672,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp-ssl",
+ "containerPort": 5671,
+ "protocol": "TCP"
+ },
+ {
+ "name": "mqtt",
+ "containerPort": 1883,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp",
+ "containerPort": 61613,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp-ssl",
+ "containerPort": 61612,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp",
+ "containerPort": 61616,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp-ssl",
+ "containerPort": 61617,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "AMQ_USER",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "AMQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "AMQ_TRANSPORTS",
+ "value": "${MQ_PROTOCOL}"
+ },
+ {
+ "name": "AMQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "AMQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "${MQ_SERIALIZABLE_PACKAGES}"
+ },
+ {
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "${AMQ_MESH_DISCOVERY_TYPE}"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-amq-tcp"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "${AMQ_STORAGE_USAGE_LIMIT}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap71-basic-s2i.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap71-basic-s2i.json
new file mode 100644
index 000000000..892ec468c
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap71-basic-s2i.json
@@ -0,0 +1,382 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 7.1 (no https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 7 application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 7.1 based application, including a build configuration, application deployment configuration and insecure communication using http.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "eap71-basic-s2i"
+ },
+ "labels": {
+ "template": "eap71-basic-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new EAP 7 based application has been created in your project.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-developer/jboss-eap-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "7.0.0.GA",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "kitchensink",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "MQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ cluster password",
+ "description": "A-MQ cluster admin password",
+ "name": "MQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap71-openshift:TP"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "MQ_CLUSTER_PASSWORD",
+ "value": "${MQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap71-https-s2i.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap71-https-s2i.json
new file mode 100644
index 000000000..7426830ec
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap71-https-s2i.json
@@ -0,0 +1,578 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 7.1 (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 7 application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 7.1 based application, including a build configuration, application deployment configuration and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "eap71-https-s2i"
+ },
+ "labels": {
+ "template": "eap71-https-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new EAP 7 based application with SSL support has been created in your project. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-developer/jboss-eap-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "7.0.0.GA",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "kitchensink",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "MQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "eap7-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap7-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ cluster password",
+ "description": "A-MQ cluster admin password",
+ "name": "MQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap7-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap71-openshift:TP"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "MQ_CLUSTER_PASSWORD",
+ "value": "${MQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap71-mongodb-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap71-mongodb-persistent-s2i.json
new file mode 100644
index 000000000..fb7f27acf
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap71-mongodb-persistent-s2i.json
@@ -0,0 +1,855 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 7.1 + MongoDB (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 7 application with a MongoDB database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 7.1 based application, including a build configuration, application deployment configuration, database deployment configuration for MongoDB using persistence and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "eap71-mongodb-persistent-s2i"
+ },
+ "labels": {
+ "template": "eap71-mongodb-persistent-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new EAP 7 and MongoDB persistent based application with SSL support has been created in your project. The username/password for accessing the MongoDB database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-mongodb",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
+ "name": "DB_JNDI",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "MQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "eap7-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap7-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB No Preallocation",
+ "description": "Disable data file preallocation.",
+ "name": "MONGODB_NOPREALLOC",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Small Files",
+ "description": "Set MongoDB to use a smaller default data file size.",
+ "name": "MONGODB_SMALLFILES",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Quiet",
+ "description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
+ "name": "MONGODB_QUIET",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ cluster password",
+ "description": "A-MQ cluster admin password",
+ "name": "MQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database admin password",
+ "description": "Database admin password",
+ "name": "DB_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap7-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Image Stream Tag",
+ "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
+ "name": "MONGODB_IMAGE_STREAM_TAG",
+ "value": "3.2",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 27017,
+ "targetPort": 27017
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap71-openshift:TP"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mongodb=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_ADMIN_PASSWORD",
+ "value": "${DB_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "MQ_CLUSTER_PASSWORD",
+ "value": "${MQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mongodb"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "image": "mongodb",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 27017,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/mongodb/data",
+ "name": "${APPLICATION_NAME}-mongodb-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "MONGODB_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MONGODB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MONGODB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MONGODB_ADMIN_PASSWORD",
+ "value": "${DB_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "MONGODB_NOPREALLOC",
+ "value": "${MONGODB_NOPREALLOC}"
+ },
+ {
+ "name": "MONGODB_SMALLFILES",
+ "value": "${MONGODB_SMALLFILES}"
+ },
+ {
+ "name": "MONGODB_QUIET",
+ "value": "${MONGODB_QUIET}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-mongodb-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-mongodb-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap71-mongodb-s2i.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap71-mongodb-s2i.json
new file mode 100644
index 000000000..915c9ba0a
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap71-mongodb-s2i.json
@@ -0,0 +1,814 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 7.1 + MongoDB (Ephemeral with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 7 application with a MongoDB database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 7.1 based application, including a build configuration, application deployment configuration, database deployment configuration for MongoDB using ephemeral (temporary) storage and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "eap71-mongodb-s2i"
+ },
+ "labels": {
+ "template": "eap71-mongodb-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new EAP 7 and MongoDB based application with SSL support has been created in your project. The username/password for accessing the MongoDB database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-mongodb",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
+ "name": "DB_JNDI",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "MQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "eap7-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap7-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB No Preallocation",
+ "description": "Disable data file preallocation.",
+ "name": "MONGODB_NOPREALLOC",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Small Files",
+ "description": "Set MongoDB to use a smaller default data file size.",
+ "name": "MONGODB_SMALLFILES",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Quiet",
+ "description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
+ "name": "MONGODB_QUIET",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ cluster password",
+ "description": "A-MQ cluster admin password",
+ "name": "MQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database admin password",
+ "description": "Database admin password",
+ "name": "DB_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap7-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Image Stream Tag",
+ "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
+ "name": "MONGODB_IMAGE_STREAM_TAG",
+ "value": "3.2",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 27017,
+ "targetPort": 27017
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap71-openshift:TP"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mongodb=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_ADMIN_PASSWORD",
+ "value": "${DB_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "MQ_CLUSTER_PASSWORD",
+ "value": "${MQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mongodb"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "image": "mongodb",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 27017,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "MONGODB_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MONGODB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MONGODB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MONGODB_ADMIN_PASSWORD",
+ "value": "${DB_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "MONGODB_NOPREALLOC",
+ "value": "${MONGODB_NOPREALLOC}"
+ },
+ {
+ "name": "MONGODB_SMALLFILES",
+ "value": "${MONGODB_SMALLFILES}"
+ },
+ {
+ "name": "MONGODB_QUIET",
+ "value": "${MONGODB_QUIET}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap71-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap71-mysql-persistent-s2i.json
new file mode 100644
index 000000000..6af9e5f50
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap71-mysql-persistent-s2i.json
@@ -0,0 +1,871 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 7.1 + MySQL (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 7 application with a MySQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 7.1 based application, including a build configuration, application deployment configuration, database deployment configuration for MySQL using persistence and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "eap71-mysql-persistent-s2i"
+ },
+ "labels": {
+ "template": "eap71-mysql-persistent-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new EAP 7 and MySQL persistent based application with SSL support has been created in your project. The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-jdbc",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/TodoListDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "MQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "eap7-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap7-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Lower Case Table Names",
+ "description": "Sets how the table names are stored and compared.",
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Maximum number of connections",
+ "description": "The maximum permitted number of simultaneous client connections.",
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Minimum Word Length",
+ "description": "The minimum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Maximum Word Length",
+ "description": "The maximum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL AIO",
+ "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
+ "name": "MYSQL_AIO",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ cluster password",
+ "description": "A-MQ cluster admin password",
+ "name": "MQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap7-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap71-openshift:TP"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "MQ_CLUSTER_PASSWORD",
+ "value": "${MQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ },
+ {
+ "name": "DEFAULT_JOB_REPOSITORY",
+ "value": "${APPLICATION_NAME}-mysql"
+ },
+ {
+ "name": "TIMER_SERVICE_DATA_STORE",
+ "value": "${APPLICATION_NAME}-mysql"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mysql",
+ "image": "mysql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/mysql/data",
+ "name": "${APPLICATION_NAME}-mysql-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
+ },
+ {
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "value": "${MYSQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "value": "${MYSQL_FT_MIN_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "value": "${MYSQL_FT_MAX_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_AIO",
+ "value": "${MYSQL_AIO}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-mysql-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-mysql-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap71-mysql-s2i.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap71-mysql-s2i.json
new file mode 100644
index 000000000..c7d14d3c7
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap71-mysql-s2i.json
@@ -0,0 +1,830 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 7.1 + MySQL (Ephemeral with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 7 application with a MySQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 7.1 based application, including a build configuration, application deployment configuration, database deployment configuration for MySQL using ephemeral (temporary) storage and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "eap71-mysql-s2i"
+ },
+ "labels": {
+ "template": "eap71-mysql-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new EAP 7 and MySQL based application with SSL support has been created in your project. The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-jdbc",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/TodoListDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "MQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "eap7-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap7-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Lower Case Table Names",
+ "description": "Sets how the table names are stored and compared.",
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Maximum number of connections",
+ "description": "The maximum permitted number of simultaneous client connections.",
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Minimum Word Length",
+ "description": "The minimum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Maximum Word Length",
+ "description": "The maximum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL AIO",
+ "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
+ "name": "MYSQL_AIO",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ cluster password",
+ "description": "A-MQ cluster admin password",
+ "name": "MQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap7-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap71-openshift:TP"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "MQ_CLUSTER_PASSWORD",
+ "value": "${MQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ },
+ {
+ "name": "DEFAULT_JOB_REPOSITORY",
+ "value": "${APPLICATION_NAME}-mysql"
+ },
+ {
+ "name": "TIMER_SERVICE_DATA_STORE",
+ "value": "${APPLICATION_NAME}-mysql"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mysql",
+ "image": "mysql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
+ },
+ {
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "value": "${MYSQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "value": "${MYSQL_FT_MIN_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "value": "${MYSQL_FT_MAX_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_AIO",
+ "value": "${MYSQL_AIO}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap71-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap71-postgresql-persistent-s2i.json
new file mode 100644
index 000000000..a8d77b0ab
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap71-postgresql-persistent-s2i.json
@@ -0,0 +1,845 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 7.1 + PostgreSQL (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 7 application with a PostgreSQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 7.1 based application, including a build configuration, application deployment configuration, database deployment configuration for PostgreSQL using persistence and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "eap71-postgresql-persistent-s2i"
+ },
+ "labels": {
+ "template": "eap71-postgresql-persistent-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new EAP 7 and PostgreSQL persistent based application with SSL support has been created in your project. The username/password for accessing the PostgreSQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-jdbc",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/TodoListDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "MQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "eap7-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap7-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Maximum number of connections",
+ "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Shared Buffers",
+ "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ cluster password",
+ "description": "A-MQ cluster admin password",
+ "name": "MQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap7-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap71-openshift:TP"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "MQ_CLUSTER_PASSWORD",
+ "value": "${MQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ },
+ {
+ "name": "DEFAULT_JOB_REPOSITORY",
+ "value": "${APPLICATION_NAME}-postgresql"
+ },
+ {
+ "name": "TIMER_SERVICE_DATA_STORE",
+ "value": "${APPLICATION_NAME}-postgresql"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "image": "postgresql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/pgsql/data",
+ "name": "${APPLICATION_NAME}-postgresql-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_PREPARED_TRANSACTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-postgresql-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap71-postgresql-s2i.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap71-postgresql-s2i.json
new file mode 100644
index 000000000..d87f05ea8
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap71-postgresql-s2i.json
@@ -0,0 +1,804 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 7.1 + PostgreSQL (Ephemeral with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 7 application with a PostgreSQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 7.1 based application, including a build configuration, application deployment configuration, database deployment configuration for PostgreSQL using ephemeral (temporary) storage and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "eap71-postgresql-s2i"
+ },
+ "labels": {
+ "template": "eap71-postgresql-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new EAP 7 and PostgreSQL based application with SSL support has been created in your project. The username/password for accessing the PostgreSQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-jdbc",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/TodoListDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "MQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "eap7-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap7-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Maximum number of connections",
+ "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Shared Buffers",
+ "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ cluster password",
+ "description": "A-MQ cluster admin password",
+ "name": "MQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap7-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap71-openshift:TP"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "MQ_CLUSTER_PASSWORD",
+ "value": "${MQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ },
+ {
+ "name": "DEFAULT_JOB_REPOSITORY",
+ "value": "${APPLICATION_NAME}-postgresql"
+ },
+ {
+ "name": "TIMER_SERVICE_DATA_STORE",
+ "value": "${APPLICATION_NAME}-postgresql"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "image": "postgresql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_PREPARED_TRANSACTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap71-sso-s2i.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap71-sso-s2i.json
new file mode 100644
index 000000000..96b3dffc9
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap71-sso-s2i.json
@@ -0,0 +1,816 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 7.1 + Single Sign-On (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 7 Single Sign-On application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 7.1 based application, including a build configuration, application deployment configuration and integrated with Red Hat Single Sign-On.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "eap71-sso-s2i"
+ },
+ "labels": {
+ "template": "eap71-sso-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new EAP 7 based application with SSL and SSO support has been created in your project. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Hostname for http service route (e.g. eap-app-myproject.example.com). Required for SSO-enabled applications. This is added to the white list of redirects in the SSO server.",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": true
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Hostname for https service route (e.g. secure-eap-app-myproject.example.com). Required for SSO-enabled applications. This is added to the white list of redirects in the SSO server.",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": true
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/redhat-developer/redhat-sso-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "7.0.x-ose",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "HORNETQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "HORNETQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "eap7-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap7-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate (e.g. jboss)",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. mykeystorepass)",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "HornetQ Password",
+ "description": "HornetQ cluster admin password",
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap7-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate (e.g. secret-key)",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. password)",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "URL for SSO",
+ "description": "The URL for the SSO server (e.g. https://secure-sso-myproject.example.com/auth). This is the URL through which the user will be redirected when a login or token is required by the application.",
+ "name": "SSO_URL",
+ "value": "",
+ "required": true
+ },
+ {
+ "displayName": "URL for SSO (internal service)",
+ "description": "The URL for the internal SSO service, where secure-sso (the default) is the kubernetes service exposed by the SSO server. This is used to create the application client(s) (see SSO_USERNAME). This can also be the same as SSO_URL.",
+ "name": "SSO_SERVICE_URL",
+ "value": "https://secure-sso:8443/auth",
+ "required": false
+ },
+ {
+ "displayName": "SSO Realm",
+ "description": "The SSO realm to which the application client(s) should be associated (e.g. demo).",
+ "name": "SSO_REALM",
+ "value": "",
+ "required": true
+ },
+ {
+ "displayName": "SSO Username",
+ "description": "The username used to access the SSO service. This is used to create the appliction client(s) within the specified SSO realm. This should match the SSO_SERVICE_USERNAME specified through one of the sso70-* templates.",
+ "name": "SSO_USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Password",
+ "description": "The password for the SSO service user.",
+ "name": "SSO_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Public Key",
+ "description": "SSO Public Key. Public key is recommended to be passed into the template to avoid man-in-the-middle security vulnerability",
+ "name": "SSO_PUBLIC_KEY",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Bearer Only?",
+ "description": "SSO Client Access Type",
+ "name": "SSO_BEARER_ONLY",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Artifact Directories",
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "app-jee-jsp/target,service-jee-jaxrs/target,app-profile-jee-jsp/target,app-profile-saml-jee-jsp/target",
+ "required": false
+ },
+ {
+ "displayName": "SSO SAML Keystore Secret",
+ "description": "The name of the secret containing the keystore file",
+ "name": "SSO_SAML_KEYSTORE_SECRET",
+ "value": "eap7-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "SSO SAML Keystore",
+ "description": "The name of the keystore file within the secret",
+ "name": "SSO_SAML_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "SSO SAML Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "SSO_SAML_CERTIFICATE_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "displayName": "SSO SAML Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "SSO_SAML_KEYSTORE_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "displayName": "SSO Client Secret",
+ "description": "The SSO Client Secret for Confidential Access",
+ "name": "SSO_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Enable CORS for SSO?",
+ "description": "Enable CORS for SSO applications",
+ "name": "SSO_ENABLE_CORS",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "SSO SAML Logout Page",
+ "description": "SSO logout page for SAML applications",
+ "name": "SSO_SAML_LOGOUT_PAGE",
+ "value": "/",
+ "required": false
+ },
+ {
+ "displayName": "Disable SSL Validation in EAP->SSO communication",
+ "description": "If true SSL communication between EAP and the SSO Server will be insecure (i.e. certificate validation is disabled with curl)",
+ "name": "SSO_DISABLE_SSL_CERTIFICATE_VALIDATION",
+ "value": "true",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store",
+ "description": "The name of the truststore file within the secret (e.g. truststore.jks)",
+ "name": "SSO_TRUSTSTORE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Password",
+ "description": "The password for the truststore and certificate (e.g. mykeystorepass)",
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Secret",
+ "description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
+ "name": "SSO_TRUSTSTORE_SECRET",
+ "value": "eap7-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap71-openshift:TP"
+ },
+ "env": [
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ },
+ {
+ "name": "MAVEN_ARGS_APPEND",
+ "value": ""
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ }
+ ]
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "sso-saml-keystore-volume",
+ "mountPath": "/etc/sso-saml-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "sso-truststore-volume",
+ "mountPath": "/etc/sso-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HOSTNAME_HTTP",
+ "value": "${HOSTNAME_HTTP}"
+ },
+ {
+ "name": "HOSTNAME_HTTPS",
+ "value": "${HOSTNAME_HTTPS}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_QUEUES",
+ "value": "${HORNETQ_QUEUES}"
+ },
+ {
+ "name": "HORNETQ_TOPICS",
+ "value": "${HORNETQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ },
+ {
+ "name": "SSO_URL",
+ "value": "${SSO_URL}"
+ },
+ {
+ "name": "SSO_SERVICE_URL",
+ "value": "${SSO_SERVICE_URL}"
+ },
+ {
+ "name": "SSO_REALM",
+ "value": "${SSO_REALM}"
+ },
+ {
+ "name": "SSO_USERNAME",
+ "value": "${SSO_USERNAME}"
+ },
+ {
+ "name": "SSO_PASSWORD",
+ "value": "${SSO_PASSWORD}"
+ },
+ {
+ "name": "SSO_PUBLIC_KEY",
+ "value": "${SSO_PUBLIC_KEY}"
+ },
+ {
+ "name": "SSO_BEARER_ONLY",
+ "value": "${SSO_BEARER_ONLY}"
+ },
+ {
+ "name": "SSO_SAML_KEYSTORE_SECRET",
+ "value": "${SSO_SAML_KEYSTORE_SECRET}"
+ },
+ {
+ "name": "SSO_SAML_KEYSTORE",
+ "value": "${SSO_SAML_KEYSTORE}"
+ },
+ {
+ "name": "SSO_SAML_KEYSTORE_DIR",
+ "value": "/etc/sso-saml-secret-volume"
+ },
+ {
+ "name": "SSO_SAML_CERTIFICATE_NAME",
+ "value": "${SSO_SAML_CERTIFICATE_NAME}"
+ },
+ {
+ "name": "SSO_SAML_KEYSTORE_PASSWORD",
+ "value": "${SSO_SAML_KEYSTORE_PASSWORD}"
+ },
+ {
+ "name": "SSO_SECRET",
+ "value": "${SSO_SECRET}"
+ },
+ {
+ "name": "SSO_ENABLE_CORS",
+ "value": "${SSO_ENABLE_CORS}"
+ },
+ {
+ "name": "SSO_SAML_LOGOUT_PAGE",
+ "value": "${SSO_SAML_LOGOUT_PAGE}"
+ },
+ {
+ "name": "SSO_DISABLE_SSL_CERTIFICATE_VALIDATION",
+ "value": "${SSO_DISABLE_SSL_CERTIFICATE_VALIDATION}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE",
+ "value": "${SSO_TRUSTSTORE}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_DIR",
+ "value": "/etc/sso-secret-volume"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "${SSO_TRUSTSTORE_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "sso-saml-keystore-volume",
+ "secret": {
+ "secretName": "${SSO_SAML_KEYSTORE_SECRET}"
+ }
+ },
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ },
+ {
+ "name": "sso-truststore-volume",
+ "secret": {
+ "secretName": "${SSO_TRUSTSTORE_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap71-third-party-db-s2i.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap71-third-party-db-s2i.json
new file mode 100644
index 000000000..a2a7264fb
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/eap71-third-party-db-s2i.json
@@ -0,0 +1,650 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 7.1 (with https, DB drivers)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 7 DB application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 7.1 based application, including a build configuration, application deployment configuration, using third-party DB drivers and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "eap71-third-party-db-s2i"
+ },
+ "labels": {
+ "template": "eap71-third-party-db-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new EAP 7 based application with SSL support has been created in your project. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets:\"${CONFIGURATION_NAME}\" containing the datasource configuration details required by the deployed application(s); \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Configuration Secret Name",
+ "description": "The name of the secret containing configuration properties for the datasources.",
+ "name": "CONFIGURATION_NAME",
+ "value": "eap-app-config",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "master",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "datavirt/hibernate-webapp",
+ "required": false
+ },
+ {
+ "displayName": "Drivers ImageStreamTag",
+ "description": "ImageStreamTag definition for the image containing the drivers and configuration, e.g. jboss-datavirt63-openshift:1.0-driver",
+ "name": "EXTENSIONS_IMAGE",
+ "value": "jboss-datavirt63-driver-openshift:1.1",
+ "required": true
+ },
+ {
+ "displayName": "Drivers ImageStream Namespace",
+ "description": "Namespace within which the ImageStream definition for the image containing the drivers and configuration is located.",
+ "name": "EXTENSIONS_IMAGE_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Drivers Image Install Directory",
+ "description": "Full path to the directory within the extensions image where the extensions are located (e.g. install.sh, modules/, etc.)",
+ "name": "EXTENSIONS_INSTALL_DIR",
+ "value": "/extensions",
+ "required": true
+ },
+ {
+ "displayName": "Queue Names",
+ "description": "Queue names to preconfigure within Messaging subsystem.",
+ "name": "MQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topic Names",
+ "description": "Topic names to preconfigure within Messaging subsystem.",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "eap-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "displayName": "Messaging Cluster Admin Password",
+ "description": "Admin password for Messaging cluster.",
+ "name": "MQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "A secret string used to configure the GitHub webhook.",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "A secret string used to configure the Generic webhook.",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore to be used for securing JGroups communications.",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the JGroups secret.",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the JGroups server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "secret-key",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "password",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "Password used by JGroups to authenticate nodes in the cluster.",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}",
+ "images": [
+ {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${EXTENSIONS_IMAGE_NAMESPACE}",
+ "name": "${EXTENSIONS_IMAGE}"
+ },
+ "paths": [
+ {
+ "destinationDir": "./${CONTEXT_DIR}/extensions/extras",
+ "sourcePath": "${EXTENSIONS_INSTALL_DIR}/."
+ }
+ ]
+ }
+ ]
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "CUSTOM_INSTALL_DIRECTORIES",
+ "value": "extensions/*"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap71-openshift:TP"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${EXTENSIONS_IMAGE_NAMESPACE}",
+ "name": "${EXTENSIONS_IMAGE}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "configuration",
+ "mountPath": "/etc/eap-environment",
+ "readOnly": true
+ },
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "ENV_FILES",
+ "value": "/etc/eap-environment/*"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "MQ_CLUSTER_PASSWORD",
+ "value": "${MQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "configuration",
+ "secret": {
+ "secretName": "${CONFIGURATION_NAME}"
+ }
+ },
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/jws31-tomcat7-basic-s2i.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/jws31-tomcat7-basic-s2i.json
new file mode 100644
index 000000000..42e352538
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/jws31-tomcat7-basic-s2i.json
@@ -0,0 +1,320 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-rh-tomcat",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Application template for JWS applications built using S2I.",
+ "tags": "tomcat,tomcat7,java,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Web Server 3.1 Apache Tomcat 7 (no https)"
+ },
+ "name": "jws31-tomcat7-basic-s2i"
+ },
+ "labels": {
+ "template": "jws31-tomcat7-basic-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new JWS application for Apache Tomcat 7 has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "jws-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "tomcat-websocket-chat",
+ "required": false
+ },
+ {
+ "displayName": "JWS Admin Username",
+ "description": "JWS Admin User",
+ "name": "JWS_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Password",
+ "description": "JWS Admin Password",
+ "name": "JWS_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-webserver31-tomcat7-openshift:1.1"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "JWS_ADMIN_USERNAME",
+ "value": "${JWS_ADMIN_USERNAME}"
+ },
+ {
+ "name": "JWS_ADMIN_PASSWORD",
+ "value": "${JWS_ADMIN_PASSWORD}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/jws31-tomcat7-https-s2i.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/jws31-tomcat7-https-s2i.json
new file mode 100644
index 000000000..b0a81d9c3
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/jws31-tomcat7-https-s2i.json
@@ -0,0 +1,443 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-rh-tomcat",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example JBoss Web Server application configured for use with https. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "tags": "tomcat,tomcat7,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Web Server 3.1 Apache Tomcat 7 (with https)",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat JBoss Web Server 3.1 Apache Tomcat 7 based application, including a build configuration, and application deployment configuration. This also illustrations how to connect to the web applicaiton using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-web-server/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+
+ },
+ "name": "jws31-tomcat7-https-s2i"
+ },
+ "labels": {
+ "template": "jws31-tomcat7-https-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new JWS application for Apache Tomcat 7 has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "jws-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "tomcat-websocket-chat",
+ "required": false
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "The name of the secret containing the certificate files",
+ "name": "JWS_HTTPS_SECRET",
+ "value": "jws-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Certificate Name",
+ "description": "The name of the certificate file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "server.crt",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Key Name",
+ "description": "The name of the certificate key file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "server.key",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Password",
+ "description": "The certificate password",
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JWS Admin Username",
+ "description": "JWS Admin User",
+ "name": "JWS_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Password",
+ "description": "JWS Admin Password",
+ "name": "JWS_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-webserver31-tomcat7-openshift:1.1"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "jws-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ ]
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "jws-certificate-volume",
+ "mountPath": "/etc/jws-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_DIR",
+ "value": "/etc/jws-secret-volume"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "${JWS_HTTPS_CERTIFICATE}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
+ },
+ {
+ "name": "JWS_ADMIN_USERNAME",
+ "value": "${JWS_ADMIN_USERNAME}"
+ },
+ {
+ "name": "JWS_ADMIN_PASSWORD",
+ "value": "${JWS_ADMIN_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "jws-certificate-volume",
+ "secret": {
+ "secretName": "${JWS_HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/jws31-tomcat7-mongodb-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/jws31-tomcat7-mongodb-persistent-s2i.json
new file mode 100644
index 000000000..565f97822
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/jws31-tomcat7-mongodb-persistent-s2i.json
@@ -0,0 +1,719 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-rh-tomcat",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "tags": "tomcat,tomcat7,java,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Web Server 3.1 Apache Tomcat 7 + MongoDB (with https)",
+ "description": "An example JBoss Web Server application with a MongoDB database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat JBoss Web Server 3.1 Apache Tomcat 7 based application, including a build configuration, application deployment configuration, database deployment configuration for MongoDB using persistence and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-web-server/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "jws31-tomcat7-mongodb-persistent-s2i"
+ },
+ "labels": {
+ "template": "jws31-tomcat7-mongodb-persistent-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new persistent JWS application for Apache Tomcat 7 (using MongoDB) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MongoDB database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "jws-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-mongodb",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
+ "name": "DB_JNDI",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "The name of the secret containing the certificate files",
+ "name": "JWS_HTTPS_SECRET",
+ "value": "jws-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Certificate Name",
+ "description": "The name of the certificate file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "server.crt",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Key Name",
+ "description": "The name of the certificate key file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "server.key",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Password",
+ "description": "The certificate password",
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB No Preallocation",
+ "description": "Disable data file preallocation.",
+ "name": "MONGODB_NOPREALLOC",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Small Files",
+ "description": "Set MongoDB to use a smaller default data file size.",
+ "name": "MONGODB_SMALLFILES",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Quiet",
+ "description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
+ "name": "MONGODB_QUIET",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database admin password",
+ "description": "Database admin password",
+ "name": "DB_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Username",
+ "description": "JWS Admin User",
+ "name": "JWS_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Password",
+ "description": "JWS Admin Password",
+ "name": "JWS_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Image Stream Tag",
+ "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
+ "name": "MONGODB_IMAGE_STREAM_TAG",
+ "value": "3.2",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 27017,
+ "targetPort": 27017
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-webserver31-tomcat7-openshift:1.1"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "jws-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ ]
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "jws-certificate-volume",
+ "mountPath": "/etc/jws-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mongodb=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_ADMIN_PASSWORD",
+ "value": "${DB_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_DIR",
+ "value": "/etc/jws-secret-volume"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "${JWS_HTTPS_CERTIFICATE}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
+ },
+ {
+ "name": "JWS_ADMIN_USERNAME",
+ "value": "${JWS_ADMIN_USERNAME}"
+ },
+ {
+ "name": "JWS_ADMIN_PASSWORD",
+ "value": "${JWS_ADMIN_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "jws-certificate-volume",
+ "secret": {
+ "secretName": "${JWS_HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mongodb"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "image": "mongodb",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 27017,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/mongodb/data",
+ "name": "${APPLICATION_NAME}-mongodb-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "MONGODB_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MONGODB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MONGODB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MONGODB_ADMIN_PASSWORD",
+ "value": "${DB_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "MONGODB_NOPREALLOC",
+ "value": "${MONGODB_NOPREALLOC}"
+ },
+ {
+ "name": "MONGODB_SMALLFILES",
+ "value": "${MONGODB_SMALLFILES}"
+ },
+ {
+ "name": "MONGODB_QUIET",
+ "value": "${MONGODB_QUIET}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-mongodb-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-mongodb-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/jws31-tomcat7-mongodb-s2i.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/jws31-tomcat7-mongodb-s2i.json
new file mode 100644
index 000000000..fc473f5c3
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/jws31-tomcat7-mongodb-s2i.json
@@ -0,0 +1,675 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-rh-tomcat",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Application template for JWS MongoDB applications built using S2I.",
+ "tags": "tomcat,tomcat7,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Web Server 3.1 Apache Tomcat 7 + MongoDB (Ephemeral with https)"
+ },
+ "name": "jws31-tomcat7-mongodb-s2i"
+ },
+ "labels": {
+ "template": "jws31-tomcat7-mongodb-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new JWS application for Apache Tomcat 7 (using MongoDB) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MongoDB database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "jws-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-mongodb",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
+ "name": "DB_JNDI",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "The name of the secret containing the certificate files",
+ "name": "JWS_HTTPS_SECRET",
+ "value": "jws-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Certificate Name",
+ "description": "The name of the certificate file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "server.crt",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Key Name",
+ "description": "The name of the certificate key file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "server.key",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Password",
+ "description": "The certificate password",
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB No Preallocation",
+ "description": "Disable data file preallocation.",
+ "name": "MONGODB_NOPREALLOC",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Small Files",
+ "description": "Set MongoDB to use a smaller default data file size.",
+ "name": "MONGODB_SMALLFILES",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Quiet",
+ "description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
+ "name": "MONGODB_QUIET",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database admin password",
+ "description": "Database admin password",
+ "name": "DB_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Username",
+ "description": "JWS Admin User",
+ "name": "JWS_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Password",
+ "description": "JWS Admin Password",
+ "name": "JWS_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Image Stream Tag",
+ "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
+ "name": "MONGODB_IMAGE_STREAM_TAG",
+ "value": "3.2",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 27017,
+ "targetPort": 27017
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-webserver31-tomcat7-openshift:1.1"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "jws-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ ]
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "jws-certificate-volume",
+ "mountPath": "/etc/jws-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mongodb=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_ADMIN_PASSWORD",
+ "value": "${DB_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_DIR",
+ "value": "/etc/jws-secret-volume"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "${JWS_HTTPS_CERTIFICATE}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
+ },
+ {
+ "name": "JWS_ADMIN_USERNAME",
+ "value": "${JWS_ADMIN_USERNAME}"
+ },
+ {
+ "name": "JWS_ADMIN_PASSWORD",
+ "value": "${JWS_ADMIN_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "jws-certificate-volume",
+ "secret": {
+ "secretName": "${JWS_HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mongodb"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "image": "mongodb",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 27017,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "MONGODB_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MONGODB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MONGODB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MONGODB_ADMIN_PASSWORD",
+ "value": "${DB_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "MONGODB_NOPREALLOC",
+ "value": "${MONGODB_NOPREALLOC}"
+ },
+ {
+ "name": "MONGODB_SMALLFILES",
+ "value": "${MONGODB_SMALLFILES}"
+ },
+ {
+ "name": "MONGODB_QUIET",
+ "value": "${MONGODB_QUIET}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/jws31-tomcat7-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/jws31-tomcat7-mysql-persistent-s2i.json
new file mode 100644
index 000000000..1223acd0f
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/jws31-tomcat7-mysql-persistent-s2i.json
@@ -0,0 +1,723 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-rh-tomcat",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "tags": "tomcat,tomcat7,java,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Apache Tomcat 7 + MySQL (with https)",
+ "description": "An example JBoss Web Server application with a MySQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat JBoss Web Server 3.1 Apache Tomcat 7 based application, including a build configuration, application deployment configuration, database deployment configuration for MySQL using persistence and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-web-server/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+
+ },
+ "name": "jws31-tomcat7-mysql-persistent-s2i"
+ },
+ "labels": {
+ "template": "jws31-tomcat7-mysql-persistent-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new persistent JWS application for Apache Tomcat 7 (using MySQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "jws-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-jdbc",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/mysqlDS",
+ "name": "DB_JNDI",
+ "value": "jboss/datasources/defaultDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "The name of the secret containing the certificate files",
+ "name": "JWS_HTTPS_SECRET",
+ "value": "jws-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Certificate Name",
+ "description": "The name of the certificate file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "server.crt",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Key Name",
+ "description": "The name of the certificate key file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "server.key",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Password",
+ "description": "The certificate password",
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Lower Case Table Names",
+ "description": "Sets how the table names are stored and compared.",
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Maximum number of connections",
+ "description": "The maximum permitted number of simultaneous client connections.",
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Minimum Word Length",
+ "description": "The minimum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Maximum Word Length",
+ "description": "The maximum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL AIO",
+ "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
+ "name": "MYSQL_AIO",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Username",
+ "description": "JWS Admin User",
+ "name": "JWS_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Password",
+ "description": "JWS Admin Password",
+ "name": "JWS_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-webserver31-tomcat7-openshift:1.1"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "jws-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ ]
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "jws-certificate-volume",
+ "mountPath": "/etc/jws-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_DIR",
+ "value": "/etc/jws-secret-volume"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "${JWS_HTTPS_CERTIFICATE}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
+ },
+ {
+ "name": "JWS_ADMIN_USERNAME",
+ "value": "${JWS_ADMIN_USERNAME}"
+ },
+ {
+ "name": "JWS_ADMIN_PASSWORD",
+ "value": "${JWS_ADMIN_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "jws-certificate-volume",
+ "secret": {
+ "secretName": "${JWS_HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mysql",
+ "image": "mysql",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/mysql/data",
+ "name": "${APPLICATION_NAME}-mysql-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
+ },
+ {
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "value": "${MYSQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "value": "${MYSQL_FT_MIN_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "value": "${MYSQL_FT_MAX_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_AIO",
+ "value": "${MYSQL_AIO}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-mysql-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-mysql-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/jws31-tomcat7-mysql-s2i.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/jws31-tomcat7-mysql-s2i.json
new file mode 100644
index 000000000..39becd41e
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/jws31-tomcat7-mysql-s2i.json
@@ -0,0 +1,678 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-rh-tomcat",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Application template for JWS MySQL applications built using S2I.",
+ "tags": "tomcat,tomcat7,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Web Server 3.1 Apache Tomcat 7 + MySQL (Ephemeral with https)"
+ },
+ "name": "jws31-tomcat7-mysql-s2i"
+ },
+ "labels": {
+ "template": "jws31-tomcat7-mysql-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new JWS application for Apache Tomcat 7 (using MySQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "jws-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-jdbc",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/mysqlDS",
+ "name": "DB_JNDI",
+ "value": "jboss/datasources/defaultDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "The name of the secret containing the certificate files",
+ "name": "JWS_HTTPS_SECRET",
+ "value": "jws-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Certificate Name",
+ "description": "The name of the certificate file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "server.crt",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Key Name",
+ "description": "The name of the certificate key file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "server.key",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Password",
+ "description": "The certificate password",
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Lower Case Table Names",
+ "description": "Sets how the table names are stored and compared.",
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Maximum number of connections",
+ "description": "The maximum permitted number of simultaneous client connections.",
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Minimum Word Length",
+ "description": "The minimum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Maximum Word Length",
+ "description": "The maximum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL AIO",
+ "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
+ "name": "MYSQL_AIO",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Username",
+ "description": "JWS Admin User",
+ "name": "JWS_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Password",
+ "description": "JWS Admin Password",
+ "name": "JWS_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-webserver31-tomcat7-openshift:1.1"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "jws-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ ]
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "jws-certificate-volume",
+ "mountPath": "/etc/jws-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_DIR",
+ "value": "/etc/jws-secret-volume"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "${JWS_HTTPS_CERTIFICATE}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
+ },
+ {
+ "name": "JWS_ADMIN_USERNAME",
+ "value": "${JWS_ADMIN_USERNAME}"
+ },
+ {
+ "name": "JWS_ADMIN_PASSWORD",
+ "value": "${JWS_ADMIN_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "jws-certificate-volume",
+ "secret": {
+ "secretName": "${JWS_HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mysql",
+ "image": "mysql",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
+ },
+ {
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "value": "${MYSQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "value": "${MYSQL_FT_MIN_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "value": "${MYSQL_FT_MAX_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_AIO",
+ "value": "${MYSQL_AIO}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/jws31-tomcat7-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/jws31-tomcat7-postgresql-persistent-s2i.json
new file mode 100644
index 000000000..77f4f8c9f
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/jws31-tomcat7-postgresql-persistent-s2i.json
@@ -0,0 +1,696 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-rh-tomcat",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "tags": "tomcat,tomcat7,java,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Web Server 3.1 Apache Tomcat 7 + PostgreSQL (with https)",
+ "description": "An example JBoss Web Server application with a PostgreSQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat JBoss Web Server 3.1 Apache Tomcat 8 based application, including a build configuration, application deployment configuration, database deployment configuration for PostgreSQL using persistence and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-web-server/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "jws31-tomcat7-postgresql-persistent-s2i"
+ },
+ "labels": {
+ "template": "jws31-tomcat7-postgresql-persistent-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new persistent JWS application for Apache Tomcat 7 (using PostgreSQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the PostgreSQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "jws-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-jdbc",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/postgresqlDS",
+ "name": "DB_JNDI",
+ "value": "jboss/datasources/defaultDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "The name of the secret containing the certificate files",
+ "name": "JWS_HTTPS_SECRET",
+ "value": "jws-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Certificate Name",
+ "description": "The name of the certificate file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "server.crt",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Key Name",
+ "description": "The name of the certificate key file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "server.key",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Password",
+ "description": "The certificate password",
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Maximum number of connections",
+ "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Shared Buffers",
+ "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Username",
+ "description": "JWS Admin User",
+ "name": "JWS_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Password",
+ "description": "JWS Admin Password",
+ "name": "JWS_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-webserver31-tomcat7-openshift:1.1"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "jws-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ ]
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "jws-certificate-volume",
+ "mountPath": "/etc/jws-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_DIR",
+ "value": "/etc/jws-secret-volume"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "${JWS_HTTPS_CERTIFICATE}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
+ },
+ {
+ "name": "JWS_ADMIN_USERNAME",
+ "value": "${JWS_ADMIN_USERNAME}"
+ },
+ {
+ "name": "JWS_ADMIN_PASSWORD",
+ "value": "${JWS_ADMIN_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "jws-certificate-volume",
+ "secret": {
+ "secretName": "${JWS_HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "image": "postgresql",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/pgsql/data",
+ "name": "${APPLICATION_NAME}-postgresql-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_PREPARED_TRANSACTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-postgresql-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/jws31-tomcat7-postgresql-s2i.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/jws31-tomcat7-postgresql-s2i.json
new file mode 100644
index 000000000..6d1d7aef7
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/jws31-tomcat7-postgresql-s2i.json
@@ -0,0 +1,652 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-rh-tomcat",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Application template for JWS PostgreSQL applications built using S2I.",
+ "tags": "tomcat,tomcat7,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Web Server 3.1 Apache Tomcat 7 + PostgreSQL (Ephemeral with https)"
+ },
+ "name": "jws31-tomcat7-postgresql-s2i"
+ },
+ "labels": {
+ "template": "jws31-tomcat7-postgresql-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new JWS application for Apache Tomcat 7 (using PostgreSQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the PostgreSQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "jws-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-jdbc",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/postgresqlDS",
+ "name": "DB_JNDI",
+ "value": "jboss/datasources/defaultDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "The name of the secret containing the certificate files",
+ "name": "JWS_HTTPS_SECRET",
+ "value": "jws-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Certificate Name",
+ "description": "The name of the certificate file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "server.crt",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Key Name",
+ "description": "The name of the certificate key file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "server.key",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Password",
+ "description": "The certificate password",
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Maximum number of connections",
+ "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Shared Buffers",
+ "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Username",
+ "description": "JWS Admin User",
+ "name": "JWS_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Password",
+ "description": "JWS Admin Password",
+ "name": "JWS_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-webserver31-tomcat7-openshift:1.1"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "jws-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ ]
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "jws-certificate-volume",
+ "mountPath": "/etc/jws-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_DIR",
+ "value": "/etc/jws-secret-volume"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "${JWS_HTTPS_CERTIFICATE}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
+ },
+ {
+ "name": "JWS_ADMIN_USERNAME",
+ "value": "${JWS_ADMIN_USERNAME}"
+ },
+ {
+ "name": "JWS_ADMIN_PASSWORD",
+ "value": "${JWS_ADMIN_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "jws-certificate-volume",
+ "secret": {
+ "secretName": "${JWS_HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "image": "postgresql",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_PREPARED_TRANSACTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/jws31-tomcat8-basic-s2i.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/jws31-tomcat8-basic-s2i.json
new file mode 100644
index 000000000..9e7dc3488
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/jws31-tomcat8-basic-s2i.json
@@ -0,0 +1,323 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-rh-tomcat",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "tags": "tomcat,tomcat8,java,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Web Server 3.1 Apache Tomcat 8 (no https)",
+ "description": "An example JBoss Web Server application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat JBoss Web Server 3.1 Apache Tomcat 8 based application, including a build configuration, and an application deployment configuration.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-web-server/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "jws31-tomcat8-basic-s2i"
+ },
+ "labels": {
+ "template": "jws31-tomcat8-basic-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new JWS application for Apache Tomcat 8 has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "jws-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "tomcat-websocket-chat",
+ "required": false
+ },
+ {
+ "displayName": "JWS Admin Username",
+ "description": "JWS Admin User",
+ "name": "JWS_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Password",
+ "description": "JWS Admin Password",
+ "name": "JWS_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-webserver31-tomcat8-openshift:1.1"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "JWS_ADMIN_USERNAME",
+ "value": "${JWS_ADMIN_USERNAME}"
+ },
+ {
+ "name": "JWS_ADMIN_PASSWORD",
+ "value": "${JWS_ADMIN_PASSWORD}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/jws31-tomcat8-https-s2i.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/jws31-tomcat8-https-s2i.json
new file mode 100644
index 000000000..8fd5d9fab
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/jws31-tomcat8-https-s2i.json
@@ -0,0 +1,443 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-rh-tomcat",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "tags": "tomcat,tomcat8,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Web Server 3.1 Apache Tomcat 8 (with https)",
+ "description": "An example JBoss Web Server application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat JBoss Web Server 3.1 Apache Tomcat 8 based application, including a build configuration, application deployment configuration, and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-web-server/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+
+ },
+ "name": "jws31-tomcat8-https-s2i"
+ },
+ "labels": {
+ "template": "jws31-tomcat8-https-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new JWS application for Apache Tomcat 8 has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "jws-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "tomcat-websocket-chat",
+ "required": false
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "The name of the secret containing the certificate files",
+ "name": "JWS_HTTPS_SECRET",
+ "value": "jws-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Certificate Name",
+ "description": "The name of the certificate file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "server.crt",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Key Name",
+ "description": "The name of the certificate key file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "server.key",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Password",
+ "description": "The certificate password",
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JWS Admin Username",
+ "description": "JWS Admin User",
+ "name": "JWS_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Password",
+ "description": "JWS Admin Password",
+ "name": "JWS_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-webserver31-tomcat8-openshift:1.1"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "jws-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ ]
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "jws-certificate-volume",
+ "mountPath": "/etc/jws-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_DIR",
+ "value": "/etc/jws-secret-volume"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "${JWS_HTTPS_CERTIFICATE}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
+ },
+ {
+ "name": "JWS_ADMIN_USERNAME",
+ "value": "${JWS_ADMIN_USERNAME}"
+ },
+ {
+ "name": "JWS_ADMIN_PASSWORD",
+ "value": "${JWS_ADMIN_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "jws-certificate-volume",
+ "secret": {
+ "secretName": "${JWS_HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/jws31-tomcat8-mongodb-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/jws31-tomcat8-mongodb-persistent-s2i.json
new file mode 100644
index 000000000..f4b11ccfa
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/jws31-tomcat8-mongodb-persistent-s2i.json
@@ -0,0 +1,720 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "tags": "tomcat,tomcat8,java,jboss",
+ "version": "1.4.7",
+ "iconClass": "icon-rh-tomcat",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "openshift.io/display-name": "JBoss Web Server 3.1 Apache Tomcat 8 + MongoDB (with https)",
+ "description": "An example JBoss Web Server application with a MongoDB database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat JBoss Web Server 3.1 Apache Tomcat 8 based application, including a build configuration, application deployment configuration, database deployment configuration for MongoDB using persistence and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-web-server/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+
+ },
+ "name": "jws31-tomcat8-mongodb-persistent-s2i"
+ },
+ "message": "A new persistent JWS application for Apache Tomcat 8 (using MongoDB) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MongoDB database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "labels": {
+ "template": "jws31-tomcat8-mongodb-persistent-s2i",
+ "xpaas": "1.4.7"
+ },
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "jws-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-mongodb",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
+ "name": "DB_JNDI",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "The name of the secret containing the certificate files",
+ "name": "JWS_HTTPS_SECRET",
+ "value": "jws-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Certificate Name",
+ "description": "The name of the certificate file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "server.crt",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Key Name",
+ "description": "The name of the certificate key file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "server.key",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Password",
+ "description": "The certificate password",
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB No Preallocation",
+ "description": "Disable data file preallocation.",
+ "name": "MONGODB_NOPREALLOC",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Small Files",
+ "description": "Set MongoDB to use a smaller default data file size.",
+ "name": "MONGODB_SMALLFILES",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Quiet",
+ "description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
+ "name": "MONGODB_QUIET",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database admin password",
+ "description": "Database admin password",
+ "name": "DB_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Username",
+ "description": "JWS Admin User",
+ "name": "JWS_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Password",
+ "description": "JWS Admin Password",
+ "name": "JWS_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Image Stream Tag",
+ "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
+ "name": "MONGODB_IMAGE_STREAM_TAG",
+ "value": "3.2",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 27017,
+ "targetPort": 27017
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-webserver31-tomcat8-openshift:1.1"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "jws-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ ]
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "jws-certificate-volume",
+ "mountPath": "/etc/jws-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mongodb=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_ADMIN_PASSWORD",
+ "value": "${DB_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_DIR",
+ "value": "/etc/jws-secret-volume"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "${JWS_HTTPS_CERTIFICATE}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
+ },
+ {
+ "name": "JWS_ADMIN_USERNAME",
+ "value": "${JWS_ADMIN_USERNAME}"
+ },
+ {
+ "name": "JWS_ADMIN_PASSWORD",
+ "value": "${JWS_ADMIN_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "jws-certificate-volume",
+ "secret": {
+ "secretName": "${JWS_HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mongodb"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "image": "mongodb",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 27017,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/mongodb/data",
+ "name": "${APPLICATION_NAME}-mongodb-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "MONGODB_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MONGODB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MONGODB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MONGODB_ADMIN_PASSWORD",
+ "value": "${DB_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "MONGODB_NOPREALLOC",
+ "value": "${MONGODB_NOPREALLOC}"
+ },
+ {
+ "name": "MONGODB_SMALLFILES",
+ "value": "${MONGODB_SMALLFILES}"
+ },
+ {
+ "name": "MONGODB_QUIET",
+ "value": "${MONGODB_QUIET}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-mongodb-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-mongodb-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/jws31-tomcat8-mongodb-s2i.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/jws31-tomcat8-mongodb-s2i.json
new file mode 100644
index 000000000..e2f69f157
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/jws31-tomcat8-mongodb-s2i.json
@@ -0,0 +1,675 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-rh-tomcat",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Application template for JWS MongoDB applications built using S2I.",
+ "tags": "tomcat,tomcat8,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Web Server 3.1 Apache Tomcat 8 + MongoDB (Ephemeral with https)"
+ },
+ "name": "jws31-tomcat8-mongodb-s2i"
+ },
+ "labels": {
+ "template": "jws31-tomcat8-mongodb-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new JWS application for Apache Tomcat 8 (using MongoDB) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MongoDB database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "jws-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-mongodb",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
+ "name": "DB_JNDI",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "The name of the secret containing the certificate files",
+ "name": "JWS_HTTPS_SECRET",
+ "value": "jws-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Certificate Name",
+ "description": "The name of the certificate file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "server.crt",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Key Name",
+ "description": "The name of the certificate key file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "server.key",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Password",
+ "description": "The certificate password",
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB No Preallocation",
+ "description": "Disable data file preallocation.",
+ "name": "MONGODB_NOPREALLOC",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Small Files",
+ "description": "Set MongoDB to use a smaller default data file size.",
+ "name": "MONGODB_SMALLFILES",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Quiet",
+ "description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
+ "name": "MONGODB_QUIET",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database admin password",
+ "description": "Database admin password",
+ "name": "DB_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Username",
+ "description": "JWS Admin User",
+ "name": "JWS_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Password",
+ "description": "JWS Admin Password",
+ "name": "JWS_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Image Stream Tag",
+ "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
+ "name": "MONGODB_IMAGE_STREAM_TAG",
+ "value": "3.2",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 27017,
+ "targetPort": 27017
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-webserver31-tomcat8-openshift:1.1"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "jws-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ ]
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "jws-certificate-volume",
+ "mountPath": "/etc/jws-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mongodb=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_ADMIN_PASSWORD",
+ "value": "${DB_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_DIR",
+ "value": "/etc/jws-secret-volume"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "${JWS_HTTPS_CERTIFICATE}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
+ },
+ {
+ "name": "JWS_ADMIN_USERNAME",
+ "value": "${JWS_ADMIN_USERNAME}"
+ },
+ {
+ "name": "JWS_ADMIN_PASSWORD",
+ "value": "${JWS_ADMIN_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "jws-certificate-volume",
+ "secret": {
+ "secretName": "${JWS_HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mongodb"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "image": "mongodb",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 27017,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "MONGODB_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MONGODB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MONGODB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MONGODB_ADMIN_PASSWORD",
+ "value": "${DB_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "MONGODB_NOPREALLOC",
+ "value": "${MONGODB_NOPREALLOC}"
+ },
+ {
+ "name": "MONGODB_SMALLFILES",
+ "value": "${MONGODB_SMALLFILES}"
+ },
+ {
+ "name": "MONGODB_QUIET",
+ "value": "${MONGODB_QUIET}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/jws31-tomcat8-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/jws31-tomcat8-mysql-persistent-s2i.json
new file mode 100644
index 000000000..579071cb1
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/jws31-tomcat8-mysql-persistent-s2i.json
@@ -0,0 +1,722 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-rh-tomcat",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "tags": "tomcat,tomcat8,java,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Web Server 3.1 Apache Tomcat 8 + MySQL (with https)",
+ "description": "An example JBoss Web Server application with a MySQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat JBoss Web Server 3.1 Apache Tomcat 8 based application, including a build configuration, application deployment configuration, database deployment configuration for MySQL using persistence and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-web-server/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "jws31-tomcat8-mysql-persistent-s2i"
+ },
+ "labels": {
+ "template": "jws31-tomcat8-mysql-persistent-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new persistent JWS application for Apache Tomcat 8 (using MySQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "jws-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-jdbc",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/mysqlDS",
+ "name": "DB_JNDI",
+ "value": "jboss/datasources/defaultDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "The name of the secret containing the certificate files",
+ "name": "JWS_HTTPS_SECRET",
+ "value": "jws-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Certificate Name",
+ "description": "The name of the certificate file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "server.crt",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Key Name",
+ "description": "The name of the certificate key file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "server.key",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Password",
+ "description": "The certificate password",
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Lower Case Table Names",
+ "description": "Sets how the table names are stored and compared.",
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Maximum number of connections",
+ "description": "The maximum permitted number of simultaneous client connections.",
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Minimum Word Length",
+ "description": "The minimum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Maximum Word Length",
+ "description": "The maximum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL AIO",
+ "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
+ "name": "MYSQL_AIO",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Username",
+ "description": "JWS Admin User",
+ "name": "JWS_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Password",
+ "description": "JWS Admin Password",
+ "name": "JWS_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-webserver31-tomcat8-openshift:1.1"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "jws-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ ]
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "jws-certificate-volume",
+ "mountPath": "/etc/jws-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_DIR",
+ "value": "/etc/jws-secret-volume"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "${JWS_HTTPS_CERTIFICATE}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
+ },
+ {
+ "name": "JWS_ADMIN_USERNAME",
+ "value": "${JWS_ADMIN_USERNAME}"
+ },
+ {
+ "name": "JWS_ADMIN_PASSWORD",
+ "value": "${JWS_ADMIN_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "jws-certificate-volume",
+ "secret": {
+ "secretName": "${JWS_HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mysql",
+ "image": "mysql",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/mysql/data",
+ "name": "${APPLICATION_NAME}-mysql-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
+ },
+ {
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "value": "${MYSQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "value": "${MYSQL_FT_MIN_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "value": "${MYSQL_FT_MAX_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_AIO",
+ "value": "${MYSQL_AIO}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-mysql-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-mysql-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/jws31-tomcat8-mysql-s2i.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/jws31-tomcat8-mysql-s2i.json
new file mode 100644
index 000000000..e84d61608
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/jws31-tomcat8-mysql-s2i.json
@@ -0,0 +1,678 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-rh-tomcat",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Application template for JWS MySQL applications built using S2I.",
+ "tags": "tomcat,tomcat8,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Web Server 3.1 Apache Tomcat 8 + MySQL (Ephemeral with https)"
+ },
+ "name": "jws31-tomcat8-mysql-s2i"
+ },
+ "labels": {
+ "template": "jws31-tomcat8-mysql-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new JWS application for Apache Tomcat 8 (using MySQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "jws-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-jdbc",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/mysqlDS",
+ "name": "DB_JNDI",
+ "value": "jboss/datasources/defaultDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "The name of the secret containing the certificate files",
+ "name": "JWS_HTTPS_SECRET",
+ "value": "jws-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Certificate Name",
+ "description": "The name of the certificate file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "server.crt",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Key Name",
+ "description": "The name of the certificate key file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "server.key",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Password",
+ "description": "The certificate password",
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Lower Case Table Names",
+ "description": "Sets how the table names are stored and compared.",
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Maximum number of connections",
+ "description": "The maximum permitted number of simultaneous client connections.",
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Minimum Word Length",
+ "description": "The minimum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Maximum Word Length",
+ "description": "The maximum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL AIO",
+ "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
+ "name": "MYSQL_AIO",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Username",
+ "description": "JWS Admin User",
+ "name": "JWS_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Password",
+ "description": "JWS Admin Password",
+ "name": "JWS_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-webserver31-tomcat8-openshift:1.1"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "jws-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ ]
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "jws-certificate-volume",
+ "mountPath": "/etc/jws-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_DIR",
+ "value": "/etc/jws-secret-volume"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "${JWS_HTTPS_CERTIFICATE}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
+ },
+ {
+ "name": "JWS_ADMIN_USERNAME",
+ "value": "${JWS_ADMIN_USERNAME}"
+ },
+ {
+ "name": "JWS_ADMIN_PASSWORD",
+ "value": "${JWS_ADMIN_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "jws-certificate-volume",
+ "secret": {
+ "secretName": "${JWS_HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mysql",
+ "image": "mysql",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
+ },
+ {
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "value": "${MYSQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "value": "${MYSQL_FT_MIN_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "value": "${MYSQL_FT_MAX_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_AIO",
+ "value": "${MYSQL_AIO}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/jws31-tomcat8-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/jws31-tomcat8-postgresql-persistent-s2i.json
new file mode 100644
index 000000000..83a6ca19b
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/jws31-tomcat8-postgresql-persistent-s2i.json
@@ -0,0 +1,693 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-rh-tomcat",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Application template for JWS PostgreSQL applications with persistent storage built using S2I.",
+ "tags": "tomcat,tomcat8,java,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Web Server 3.1 Apache Tomcat 8 + PostgreSQL (with https)"
+ },
+ "name": "jws31-tomcat8-postgresql-persistent-s2i"
+ },
+ "labels": {
+ "template": "jws31-tomcat8-postgresql-persistent-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new persistent JWS application for Apache Tomcat 8 (using PostgreSQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the PostgreSQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "jws-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-jdbc",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/postgresqlDS",
+ "name": "DB_JNDI",
+ "value": "jboss/datasources/defaultDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "The name of the secret containing the certificate files",
+ "name": "JWS_HTTPS_SECRET",
+ "value": "jws-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Certificate Name",
+ "description": "The name of the certificate file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "server.crt",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Key Name",
+ "description": "The name of the certificate key file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "server.key",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Password",
+ "description": "The certificate password",
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Maximum number of connections",
+ "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Shared Buffers",
+ "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Username",
+ "description": "JWS Admin User",
+ "name": "JWS_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Password",
+ "description": "JWS Admin Password",
+ "name": "JWS_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-webserver31-tomcat8-openshift:1.1"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "jws-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ ]
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "jws-certificate-volume",
+ "mountPath": "/etc/jws-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_DIR",
+ "value": "/etc/jws-secret-volume"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "${JWS_HTTPS_CERTIFICATE}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
+ },
+ {
+ "name": "JWS_ADMIN_USERNAME",
+ "value": "${JWS_ADMIN_USERNAME}"
+ },
+ {
+ "name": "JWS_ADMIN_PASSWORD",
+ "value": "${JWS_ADMIN_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "jws-certificate-volume",
+ "secret": {
+ "secretName": "${JWS_HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "image": "postgresql",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/pgsql/data",
+ "name": "${APPLICATION_NAME}-postgresql-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_PREPARED_TRANSACTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-postgresql-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/jws31-tomcat8-postgresql-s2i.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/jws31-tomcat8-postgresql-s2i.json
new file mode 100644
index 000000000..e28cf8a04
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/jws31-tomcat8-postgresql-s2i.json
@@ -0,0 +1,650 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-rh-tomcat",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Application template for JWS PostgreSQL applications built using S2I.",
+ "tags": "tomcat,tomcat8,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Web Server 3.0 Apache Tomcat 8 + PostgreSQL (Ephemeral with https)"
+ },
+ "name": "jws31-tomcat8-postgresql-s2i"
+ },
+ "labels": {
+ "template": "jws31-tomcat8-postgresql-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new JWS application for Apache Tomcat 8 (using PostgreSQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the PostgreSQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "jws-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-jdbc",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/postgresqlDS",
+ "name": "DB_JNDI",
+ "value": "jboss/datasources/defaultDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "The name of the secret containing the certificate files",
+ "name": "JWS_HTTPS_SECRET",
+ "value": "jws-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Certificate Name",
+ "description": "The name of the certificate file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "server.crt",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Key Name",
+ "description": "The name of the certificate key file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "server.key",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Password",
+ "description": "The certificate password",
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Maximum number of connections",
+ "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Shared Buffers",
+ "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Username",
+ "description": "JWS Admin User",
+ "name": "JWS_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Password",
+ "description": "JWS Admin Password",
+ "name": "JWS_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-webserver31-tomcat8-openshift:1.1"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "jws-service-account",
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ ]
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "jws-certificate-volume",
+ "mountPath": "/etc/jws-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_DIR",
+ "value": "/etc/jws-secret-volume"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "${JWS_HTTPS_CERTIFICATE}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
+ },
+ {
+ "name": "JWS_ADMIN_USERNAME",
+ "value": "${JWS_ADMIN_USERNAME}"
+ },
+ {
+ "name": "JWS_ADMIN_PASSWORD",
+ "value": "${JWS_ADMIN_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "jws-certificate-volume",
+ "secret": {
+ "secretName": "${JWS_HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "image": "postgresql",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_PREPARED_TRANSACTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/karaf2-camel-amq-template.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/karaf2-camel-amq-template.json
new file mode 100644
index 000000000..aad649f84
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/karaf2-camel-amq-template.json
@@ -0,0 +1,362 @@
+{
+ "apiVersion": "v1",
+ "kind": "Template",
+ "metadata": {
+ "annotations": {
+ "description": "Camel route using ActiveMQ in Karaf container. This quickstart shows how to use Camel in a Karaf Container using Blueprint to connect to the A-MQ xPaaS message broker on OpenShift that should already be installed, one simple way to run a A-MQ service is following the documentation of the A-MQ xPaaS image for OpenShift related to the amq62-basic template.",
+ "tags": "quickstart,java,karaf,fis",
+ "iconClass": "icon-jboss",
+ "version": "2.0"
+ },
+ "name": "s2i-karaf2-camel-amq"
+ },
+ "labels": {
+ "template": "s2i-karaf2-camel-amq"
+ },
+ "parameters": [
+ {
+ "name": "APP_NAME",
+ "displayName": "Application Name",
+ "required": true,
+ "value": "s2i-karaf2-camel-amq",
+ "description": "The name assigned to the application."
+ },
+ {
+ "name": "GIT_REPO",
+ "displayName": "Git Repository URL",
+ "value": "https://github.com/fabric8-quickstarts/karaf2-camel-amq.git",
+ "required": true,
+ "description": "The URL of the repository with your application source code."
+ },
+ {
+ "name": "GIT_REF",
+ "displayName": "Git Reference",
+ "value": "karaf2-camel-amq-1.0.0.redhat-000019",
+ "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch."
+ },
+ {
+ "name": "SERVICE_NAME",
+ "displayName": "Service Name",
+ "value": "s2i-karaf2-camel-amq",
+ "description": "Exposed Service name."
+ },
+ {
+ "name": "BUILDER_VERSION",
+ "displayName": "Builder version",
+ "value": "2.0",
+ "description": "The version of the FIS S2I builder image to use."
+ },
+ {
+ "name": "APP_VERSION",
+ "displayName": "Application Version",
+ "value": "1.0.0.redhat-000019",
+ "description": "The application version."
+ },
+ {
+ "name": "MAVEN_ARGS",
+ "displayName": "Maven Arguments",
+ "value": "install -DskipTests -Dfabric8.skip -e -B",
+ "description": "Arguments passed to mvn in the build."
+ },
+ {
+ "name": "MAVEN_ARGS_APPEND",
+ "displayName": "Extra Maven Arguments",
+ "description": "Extra arguments passed to mvn, e.g. for multi-module builds."
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "displayName": "Maven build directory",
+ "description": "Directory of the artifact to be built, e.g. for multi-module builds."
+ },
+ {
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "displayName": "Image Stream Namespace",
+ "value": "openshift",
+ "required": true,
+ "description": "Namespace in which the Fuse ImageStreams are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project."
+ },
+ {
+ "name": "BUILD_SECRET",
+ "displayName": "Git Build Secret",
+ "generate": "expression",
+ "description": "The secret needed to trigger a build.",
+ "from": "[a-zA-Z0-9]{40}"
+ },
+ {
+ "name": "ACTIVEMQ_SERVICE_NAME",
+ "displayName": "ActiveMQ Broker Service",
+ "required": true,
+ "value": "broker-amq-tcp",
+ "description": "Set this to the name of the TCP service of the ActiveMQ broker. You may need to create a broker first."
+ },
+ {
+ "name": "ACTIVEMQ_USERNAME",
+ "displayName": "ActiveMQ Broker Username",
+ "description": "The username used to authenticate with the ActiveMQ broker. Leave it empty if authentication is disabled."
+ },
+ {
+ "name": "ACTIVEMQ_PASSWORD",
+ "displayName": "ActiveMQ Broker Password",
+ "description": "The password used to authenticate with the ActiveMQ broker. Leave it empty if authentication is disabled."
+ },
+ {
+ "name": "CPU_REQUEST",
+ "displayName": "CPU request",
+ "value": "0.2",
+ "required": true,
+ "description": "The amount of CPU to requests."
+ },
+ {
+ "name": "MEMORY_REQUEST",
+ "displayName": "Memory request",
+ "value": "1.5G",
+ "required": true,
+ "description": "The amount of memory required for the container to run."
+ },
+ {
+ "name": "CPU_LIMIT",
+ "displayName": "CPU limit",
+ "value": "1.0",
+ "required": true,
+ "description": "The amount of CPU the container is limited to use."
+ },
+ {
+ "name": "MEMORY_LIMIT",
+ "displayName": "Memory limit",
+ "value": "2G",
+ "required": true,
+ "description": "The amount of memory the container is limited to use."
+ }
+ ],
+ "objects": [
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "container": "karaf",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {},
+ "status": {
+ "dockerImageRepository": ""
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "container": "karaf",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${BUILD_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${BUILD_SECRET}"
+ }
+ },
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ }
+ ],
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${GIT_REPO}",
+ "ref": "${GIT_REF}"
+ }
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "fis-karaf-openshift:${BUILDER_VERSION}"
+ },
+ "forcePull": true,
+ "incremental": true,
+ "env": [
+ {
+ "name": "BUILD_LOGLEVEL",
+ "value": "5"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ },
+ {
+ "name": "MAVEN_ARGS",
+ "value": "${MAVEN_ARGS}"
+ },
+ {
+ "name": "MAVEN_ARGS_APPEND",
+ "value": "${MAVEN_ARGS_APPEND}"
+ }
+ ]
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APP_NAME}:latest"
+ }
+ },
+ "resources": {}
+ },
+ "status": {
+ "lastVersion": 0
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "container": "karaf",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "resources": {}
+ },
+ "triggers": [
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APP_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APP_NAME}:latest"
+ }
+ }
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "component": "${APP_NAME}",
+ "container": "karaf",
+ "deploymentconfig": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ },
+ "template": {
+ "metadata": {
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "container": "karaf",
+ "deploymentconfig": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "${APP_NAME}",
+ "image": "library/${APP_NAME}:latest",
+ "readinessProbe" : {
+ "httpGet" : {
+ "path" : "/readiness-check",
+ "port" : 8181
+ },
+ "initialDelaySeconds" : 10
+ },
+ "livenessProbe" : {
+ "httpGet" : {
+ "path" : "/health-check",
+ "port" : 8181
+ },
+ "initialDelaySeconds" : 180
+ },
+ "ports": [
+ {
+ "containerPort": 8181,
+ "name": "http"
+ },
+ {
+ "containerPort": 8778,
+ "name": "jolokia"
+ }
+ ],
+ "env" : [ {
+ "name" : "KUBERNETES_NAMESPACE",
+ "valueFrom" : {
+ "fieldRef" : {
+ "fieldPath" : "metadata.namespace"
+ }
+ }
+ }, {
+ "name": "ACTIVEMQ_SERVICE_NAME",
+ "value": "${ACTIVEMQ_SERVICE_NAME}"
+ }, {
+ "name": "ACTIVEMQ_USERNAME",
+ "value": "${ACTIVEMQ_USERNAME}"
+ }, {
+ "name": "ACTIVEMQ_PASSWORD",
+ "value": "${ACTIVEMQ_PASSWORD}"
+ } ],
+ "resources": {
+ "requests": {
+ "cpu": "${CPU_REQUEST}",
+ "memory": "${MEMORY_REQUEST}"
+ },
+ "limits": {
+ "cpu": "${CPU_LIMIT}",
+ "memory": "${MEMORY_LIMIT}"
+ }
+ }
+ }
+ ]
+ }
+ }
+ },
+ "status": {}
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/karaf2-camel-log-template.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/karaf2-camel-log-template.json
new file mode 100644
index 000000000..38b7bc249
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/karaf2-camel-log-template.json
@@ -0,0 +1,336 @@
+{
+ "apiVersion": "v1",
+ "kind": "Template",
+ "metadata": {
+ "annotations": {
+ "description": "A simple Camel route in Karaf container. This quickstart shows a simple Apache Camel application that logs a message to the server log every 5th second.",
+ "tags": "quickstart,java,karaf,fis",
+ "iconClass": "icon-jboss",
+ "version": "2.0"
+ },
+ "name": "s2i-karaf2-camel-log"
+ },
+ "labels": {
+ "template": "s2i-karaf2-camel-log"
+ },
+ "parameters": [
+ {
+ "name": "APP_NAME",
+ "displayName": "Application Name",
+ "required": true,
+ "value": "s2i-karaf2-camel-log",
+ "description": "The name assigned to the application."
+ },
+ {
+ "name": "GIT_REPO",
+ "displayName": "Git Repository URL",
+ "value": "https://github.com/fabric8-quickstarts/karaf2-camel-log.git",
+ "required": true,
+ "description": "The URL of the repository with your application source code."
+ },
+ {
+ "name": "GIT_REF",
+ "displayName": "Git Reference",
+ "value": "karaf2-camel-log-1.0.0.redhat-000019",
+ "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch."
+ },
+ {
+ "name": "SERVICE_NAME",
+ "displayName": "Service Name",
+ "value": "s2i-karaf2-camel-log",
+ "description": "Exposed Service name."
+ },
+ {
+ "name": "BUILDER_VERSION",
+ "displayName": "Builder version",
+ "value": "2.0",
+ "description": "The version of the FIS S2I builder image to use."
+ },
+ {
+ "name": "APP_VERSION",
+ "displayName": "Application Version",
+ "value": "1.0.0.redhat-000019",
+ "description": "The application version."
+ },
+ {
+ "name": "MAVEN_ARGS",
+ "displayName": "Maven Arguments",
+ "value": "install -DskipTests -Dfabric8.skip -e -B",
+ "description": "Arguments passed to mvn in the build."
+ },
+ {
+ "name": "MAVEN_ARGS_APPEND",
+ "displayName": "Extra Maven Arguments",
+ "description": "Extra arguments passed to mvn, e.g. for multi-module builds."
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "displayName": "Maven build directory",
+ "description": "Directory of the artifact to be built, e.g. for multi-module builds."
+ },
+ {
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "displayName": "Image Stream Namespace",
+ "value": "openshift",
+ "required": true,
+ "description": "Namespace in which the Fuse ImageStreams are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project."
+ },
+ {
+ "name": "BUILD_SECRET",
+ "displayName": "Git Build Secret",
+ "generate": "expression",
+ "description": "The secret needed to trigger a build.",
+ "from": "[a-zA-Z0-9]{40}"
+ },
+ {
+ "name": "CPU_REQUEST",
+ "displayName": "CPU request",
+ "value": "0.2",
+ "required": true,
+ "description": "The amount of CPU to requests."
+ },
+ {
+ "name": "MEMORY_REQUEST",
+ "displayName": "Memory request",
+ "value": "1.5G",
+ "required": true,
+ "description": "The amount of memory required for the container to run."
+ },
+ {
+ "name": "CPU_LIMIT",
+ "displayName": "CPU limit",
+ "value": "1.0",
+ "required": true,
+ "description": "The amount of CPU the container is limited to use."
+ },
+ {
+ "name": "MEMORY_LIMIT",
+ "displayName": "Memory limit",
+ "value": "2G",
+ "required": true,
+ "description": "The amount of memory the container is limited to use."
+ }
+ ],
+ "objects": [
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "container": "karaf",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {},
+ "status": {
+ "dockerImageRepository": ""
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "container": "karaf",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${BUILD_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${BUILD_SECRET}"
+ }
+ },
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ }
+ ],
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${GIT_REPO}",
+ "ref": "${GIT_REF}"
+ }
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "fis-karaf-openshift:${BUILDER_VERSION}"
+ },
+ "forcePull": true,
+ "incremental": true,
+ "env": [
+ {
+ "name": "BUILD_LOGLEVEL",
+ "value": "5"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ },
+ {
+ "name": "MAVEN_ARGS",
+ "value": "${MAVEN_ARGS}"
+ },
+ {
+ "name": "MAVEN_ARGS_APPEND",
+ "value": "${MAVEN_ARGS_APPEND}"
+ }
+ ]
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APP_NAME}:latest"
+ }
+ },
+ "resources": {}
+ },
+ "status": {
+ "lastVersion": 0
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "container": "karaf",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "resources": {}
+ },
+ "triggers": [
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APP_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APP_NAME}:latest"
+ }
+ }
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "component": "${APP_NAME}",
+ "container": "karaf",
+ "deploymentconfig": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ },
+ "template": {
+ "metadata": {
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "container": "karaf",
+ "deploymentconfig": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "${APP_NAME}",
+ "image": "library/${APP_NAME}:latest",
+ "readinessProbe" : {
+ "httpGet" : {
+ "path" : "/readiness-check",
+ "port" : 8181
+ },
+ "initialDelaySeconds" : 10
+ },
+ "livenessProbe" : {
+ "httpGet" : {
+ "path" : "/health-check",
+ "port" : 8181
+ },
+ "initialDelaySeconds" : 180
+ },
+ "ports": [
+ {
+ "containerPort": 8181,
+ "name": "http"
+ },
+ {
+ "containerPort": 8778,
+ "name": "jolokia"
+ }
+ ],
+ "env" : [ {
+ "name" : "KUBERNETES_NAMESPACE",
+ "valueFrom" : {
+ "fieldRef" : {
+ "fieldPath" : "metadata.namespace"
+ }
+ }
+ } ],
+ "resources": {
+ "requests": {
+ "cpu": "${CPU_REQUEST}",
+ "memory": "${MEMORY_REQUEST}"
+ },
+ "limits": {
+ "cpu": "${CPU_LIMIT}",
+ "memory": "${MEMORY_LIMIT}"
+ }
+ }
+ }
+ ]
+ }
+ }
+ },
+ "status": {}
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/karaf2-camel-rest-sql-template.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/karaf2-camel-rest-sql-template.json
new file mode 100644
index 000000000..6d9573e5b
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/karaf2-camel-rest-sql-template.json
@@ -0,0 +1,421 @@
+{
+ "apiVersion": "v1",
+ "kind": "Template",
+ "metadata": {
+ "annotations": {
+ "description": "Camel example using Rest DSL with SQL Database in Karaf container. This example demonstrates how to use SQL via JDBC along with Camel's REST DSL to expose a RESTful API. The OpenShift MySQL container image should already be installed and running on your OpenShift installation, one simple way to run a MySQL service is following the documentation of the Openshift MySQL container image related to the mysql-ephemeral template..",
+ "tags": "quickstart,java,karaf,fis",
+ "iconClass": "icon-jboss",
+ "version": "2.0"
+ },
+ "name": "s2i-karaf2-camel-rest-sql"
+ },
+ "labels": {
+ "template": "s2i-karaf2-camel-rest-sql"
+ },
+ "parameters": [
+ {
+ "name": "APP_NAME",
+ "displayName": "Application Name",
+ "required": true,
+ "value": "s2i-karaf2-camel-rest-sql",
+ "description": "The name assigned to the application."
+ },
+ {
+ "name": "GIT_REPO",
+ "displayName": "Git Repository URL",
+ "value": "https://github.com/fabric8-quickstarts/karaf2-camel-rest-sql.git",
+ "required": true,
+ "description": "The URL of the repository with your application source code."
+ },
+ {
+ "name": "GIT_REF",
+ "displayName": "Git Reference",
+ "value": "karaf2-camel-rest-sql-1.0.0.redhat-000019",
+ "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch."
+ },
+ {
+ "name": "SERVICE_NAME",
+ "displayName": "Service Name",
+ "value": "s2i-karaf2-camel-rest",
+ "description": "Exposed Service name."
+ },
+ {
+ "name": "MYSQL_SERVICE_NAME",
+ "displayName": "MySQL Server Service",
+ "required": true,
+ "value": "mysql",
+ "description": "Set this to the name of the TCP service of the MySQL server. You may need to create a server first."
+ },
+ {
+ "name": "MYSQL_SERVICE_DATABASE",
+ "displayName": "MySQL Server Database",
+ "required": true,
+ "value": "sampledb",
+ "description": "The database hosted by the MySQL server to be used by the application."
+ },
+ {
+ "name": "MYSQL_SERVICE_USERNAME",
+ "displayName": "MySQL Server Username",
+ "description": "The username used to authenticate with the MySQL server. Leave it empty if authentication is disabled."
+ },
+ {
+ "name": "MYSQL_SERVICE_PASSWORD",
+ "displayName": "MySQL Server Password",
+ "description": "The password used to authenticate with the MySQL server. Leave it empty if authentication is disabled."
+ },
+ {
+ "name": "BUILDER_VERSION",
+ "displayName": "Builder version",
+ "value": "2.0",
+ "description": "The version of the FIS S2I builder image to use."
+ },
+ {
+ "name": "APP_VERSION",
+ "displayName": "Application Version",
+ "value": "1.0.0.redhat-000019",
+ "description": "The application version."
+ },
+ {
+ "name": "MAVEN_ARGS",
+ "displayName": "Maven Arguments",
+ "value": "install -DskipTests -Dfabric8.skip -e -B",
+ "description": "Arguments passed to mvn in the build."
+ },
+ {
+ "name": "MAVEN_ARGS_APPEND",
+ "displayName": "Extra Maven Arguments",
+ "description": "Extra arguments passed to mvn, e.g. for multi-module builds."
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "displayName": "Maven build directory",
+ "description": "Directory of the artifact to be built, e.g. for multi-module builds."
+ },
+ {
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "displayName": "Image Stream Namespace",
+ "value": "openshift",
+ "required": true,
+ "description": "Namespace in which the Fuse ImageStreams are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project."
+ },
+ {
+ "name": "CPU_REQUEST",
+ "displayName": "CPU request",
+ "value": "0.2",
+ "required": true,
+ "description": "The amount of CPU to requests."
+ },
+ {
+ "name": "MEMORY_REQUEST",
+ "displayName": "Memory request",
+ "value": "1.5G",
+ "required": true,
+ "description": "The amount of memory required for the container to run."
+ },
+ {
+ "name": "CPU_LIMIT",
+ "displayName": "CPU limit",
+ "value": "1.0",
+ "required": true,
+ "description": "The amount of CPU the container is limited to use."
+ },
+ {
+ "name": "MEMORY_LIMIT",
+ "displayName": "Memory limit",
+ "value": "2G",
+ "required": true,
+ "description": "The amount of memory the container is limited to use."
+ }
+ ],
+ "objects": [
+ {
+ "apiVersion": "v1",
+ "kind": "Route",
+ "metadata": {
+ "labels": {
+ "container": "karaf",
+ "component": "${APP_NAME}",
+ "provider": "s2i",
+ "project": "${APP_NAME}",
+ "version": "${APP_VERSION}",
+ "group": "quickstarts"
+ },
+ "name": "${SERVICE_NAME}-route"
+ },
+ "spec": {
+ "to": {
+ "kind": "Service",
+ "name": "${SERVICE_NAME}"
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "Service",
+ "metadata": {
+ "annotations": {
+ },
+ "labels": {
+ "container": "karaf",
+ "component": "${APP_NAME}",
+ "provider": "s2i",
+ "project": "${APP_NAME}",
+ "version": "${APP_VERSION}",
+ "group": "quickstarts"
+ },
+ "name": "${SERVICE_NAME}"
+ },
+ "spec": {
+ "clusterIP": "None",
+ "deprecatedPublicIPs": [],
+ "ports": [
+ {
+ "port": 9411,
+ "protocol": "TCP",
+ "targetPort": 8181
+ }
+ ],
+ "selector": {
+ "container": "karaf",
+ "project": "${APP_NAME}",
+ "component": "${APP_NAME}",
+ "provider": "s2i",
+ "group": "quickstarts"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "container": "karaf",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {},
+ "status": {
+ "dockerImageRepository": ""
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "container": "karaf",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${BUILD_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${BUILD_SECRET}"
+ }
+ },
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ }
+ ],
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${GIT_REPO}",
+ "ref": "${GIT_REF}"
+ }
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "fis-karaf-openshift:${BUILDER_VERSION}"
+ },
+ "forcePull": true,
+ "incremental": true,
+ "env": [
+ {
+ "name": "BUILD_LOGLEVEL",
+ "value": "5"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ },
+ {
+ "name": "MAVEN_ARGS",
+ "value": "${MAVEN_ARGS}"
+ },
+ {
+ "name": "MAVEN_ARGS_APPEND",
+ "value": "${MAVEN_ARGS_APPEND}"
+ }
+ ]
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APP_NAME}:latest"
+ }
+ },
+ "resources": {}
+ },
+ "status": {
+ "lastVersion": 0
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "container": "karaf",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "resources": {}
+ },
+ "triggers": [
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APP_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APP_NAME}:latest"
+ }
+ }
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "component": "${APP_NAME}",
+ "container": "karaf",
+ "deploymentconfig": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ },
+ "template": {
+ "metadata": {
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "container": "karaf",
+ "deploymentconfig": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "${APP_NAME}",
+ "image": "library/${APP_NAME}:latest",
+ "readinessProbe" : {
+ "httpGet" : {
+ "path" : "/readiness-check",
+ "port" : 8181
+ },
+ "initialDelaySeconds" : 10
+ },
+ "livenessProbe" : {
+ "httpGet" : {
+ "path" : "/health-check",
+ "port" : 8181
+ },
+ "initialDelaySeconds" : 180
+ },
+ "ports": [
+ {
+ "containerPort": 8181,
+ "name": "http"
+ },
+ {
+ "containerPort": 8778,
+ "name": "jolokia"
+ }
+ ],
+ "env" : [ {
+ "name" : "KUBERNETES_NAMESPACE",
+ "valueFrom" : {
+ "fieldRef" : {
+ "fieldPath" : "metadata.namespace"
+ }
+ }
+ } , {
+ "name": "MYSQL_SERVICE_NAME",
+ "value": "${MYSQL_SERVICE_NAME}"
+ }, {
+ "name": "MYSQL_SERVICE_DATABASE",
+ "value": "${MYSQL_SERVICE_DATABASE}"
+ }, {
+ "name": "MYSQL_SERVICE_USERNAME",
+ "value": "${MYSQL_SERVICE_USERNAME}"
+ }, {
+ "name": "MYSQL_SERVICE_PASSWORD",
+ "value": "${MYSQL_SERVICE_PASSWORD}"
+ } ],
+ "resources": {
+ "requests": {
+ "cpu": "${CPU_REQUEST}",
+ "memory": "${MEMORY_REQUEST}"
+ },
+ "limits": {
+ "cpu": "${CPU_LIMIT}",
+ "memory": "${MEMORY_LIMIT}"
+ }
+ }
+ }
+ ]
+ }
+ }
+ },
+ "status": {}
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/karaf2-cxf-rest-template.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/karaf2-cxf-rest-template.json
new file mode 100644
index 000000000..fdc0c00e5
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/karaf2-cxf-rest-template.json
@@ -0,0 +1,385 @@
+{
+ "apiVersion": "v1",
+ "kind": "Template",
+ "metadata": {
+ "annotations": {
+ "description": "REST example using CXF in Karaf container. This quickstart demonstrates how to create a RESTful (JAX-RS) web service using CXF and expose it through the OSGi HTTP Service",
+ "tags": "quickstart,java,karaf,fis",
+ "iconClass": "icon-jboss",
+ "version": "2.0"
+ },
+ "name": "s2i-karaf2-cxf-rest"
+ },
+ "labels": {
+ "template": "s2i-karaf2-cxf-rest"
+ },
+ "parameters": [
+ {
+ "name": "APP_NAME",
+ "displayName": "Application Name",
+ "required": true,
+ "value": "s2i-karaf2-cxf-rest",
+ "description": "The name assigned to the application."
+ },
+ {
+ "name": "GIT_REPO",
+ "displayName": "Git Repository URL",
+ "value": "https://github.com/fabric8-quickstarts/karaf2-cxf-rest.git",
+ "required": true,
+ "description": "The URL of the repository with your application source code."
+ },
+ {
+ "name": "GIT_REF",
+ "displayName": "Git Reference",
+ "value": "karaf2-cxf-rest-1.0.0.redhat-000019",
+ "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch."
+ },
+ {
+ "name": "SERVICE_NAME",
+ "displayName": "Service Name",
+ "value": "s2i-karaf2-cxf-rest",
+ "description": "Exposed Service name."
+ },
+ {
+ "name": "BUILDER_VERSION",
+ "displayName": "Builder version",
+ "value": "2.0",
+ "description": "The version of the FIS S2I builder image to use."
+ },
+ {
+ "name": "APP_VERSION",
+ "displayName": "Application Version",
+ "value": "1.0.0.redhat-000019",
+ "description": "The application version."
+ },
+ {
+ "name": "MAVEN_ARGS",
+ "displayName": "Maven Arguments",
+ "value": "install -DskipTests -Dfabric8.skip -e -B",
+ "description": "Arguments passed to mvn in the build."
+ },
+ {
+ "name": "MAVEN_ARGS_APPEND",
+ "displayName": "Extra Maven Arguments",
+ "description": "Extra arguments passed to mvn, e.g. for multi-module builds."
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "displayName": "Maven build directory",
+ "description": "Directory of the artifact to be built, e.g. for multi-module builds."
+ },
+ {
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "displayName": "Image Stream Namespace",
+ "value": "openshift",
+ "required": true,
+ "description": "Namespace in which the Fuse ImageStreams are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project."
+ },
+ {
+ "name": "CPU_REQUEST",
+ "displayName": "CPU request",
+ "value": "0.2",
+ "required": true,
+ "description": "The amount of CPU to requests."
+ },
+ {
+ "name": "MEMORY_REQUEST",
+ "displayName": "Memory request",
+ "value": "1.5G",
+ "required": true,
+ "description": "The amount of memory required for the container to run."
+ },
+ {
+ "name": "CPU_LIMIT",
+ "displayName": "CPU limit",
+ "value": "1.0",
+ "required": true,
+ "description": "The amount of CPU the container is limited to use."
+ },
+ {
+ "name": "MEMORY_LIMIT",
+ "displayName": "Memory limit",
+ "value": "2G",
+ "required": true,
+ "description": "The amount of memory the container is limited to use."
+ }
+ ],
+ "objects": [
+ {
+ "apiVersion": "v1",
+ "kind": "Route",
+ "metadata": {
+ "labels": {
+ "container": "java",
+ "component": "${APP_NAME}",
+ "provider": "s2i",
+ "project": "${APP_NAME}",
+ "version": "${APP_VERSION}",
+ "group": "quickstarts"
+ },
+ "name": "${SERVICE_NAME}-route"
+ },
+ "spec": {
+ "to": {
+ "kind": "Service",
+ "name": "${SERVICE_NAME}"
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "Service",
+ "metadata": {
+ "annotations": {
+ },
+ "labels": {
+ "container": "karaf",
+ "component": "${APP_NAME}",
+ "provider": "s2i",
+ "project": "${APP_NAME}",
+ "version": "${APP_VERSION}",
+ "group": "quickstarts"
+ },
+ "name": "${SERVICE_NAME}"
+ },
+ "spec": {
+ "clusterIP": "None",
+ "deprecatedPublicIPs": [],
+ "ports": [
+ {
+ "port": 9412,
+ "protocol": "TCP",
+ "targetPort": 8181
+ }
+ ],
+ "selector": {
+ "container": "karaf",
+ "project": "${APP_NAME}",
+ "component": "${APP_NAME}",
+ "provider": "s2i",
+ "group": "quickstarts"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "container": "karaf",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {},
+ "status": {
+ "dockerImageRepository": ""
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "container": "karaf",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${BUILD_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${BUILD_SECRET}"
+ }
+ },
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ }
+ ],
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${GIT_REPO}",
+ "ref": "${GIT_REF}"
+ }
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "fis-karaf-openshift:${BUILDER_VERSION}"
+ },
+ "forcePull": true,
+ "incremental": true,
+ "env": [
+ {
+ "name": "BUILD_LOGLEVEL",
+ "value": "5"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ },
+ {
+ "name": "MAVEN_ARGS",
+ "value": "${MAVEN_ARGS}"
+ },
+ {
+ "name": "MAVEN_ARGS_APPEND",
+ "value": "${MAVEN_ARGS_APPEND}"
+ }
+ ]
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APP_NAME}:latest"
+ }
+ },
+ "resources": {}
+ },
+ "status": {
+ "lastVersion": 0
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "container": "karaf",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "resources": {}
+ },
+ "triggers": [
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APP_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APP_NAME}:latest"
+ }
+ }
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "component": "${APP_NAME}",
+ "container": "karaf",
+ "deploymentconfig": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ },
+ "template": {
+ "metadata": {
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "container": "karaf",
+ "deploymentconfig": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "${APP_NAME}",
+ "image": "library/${APP_NAME}:latest",
+ "readinessProbe" : {
+ "httpGet" : {
+ "path" : "/readiness-check",
+ "port" : 8181
+ },
+ "initialDelaySeconds" : 10
+ },
+ "livenessProbe" : {
+ "httpGet" : {
+ "path" : "/health-check",
+ "port" : 8181
+ },
+ "initialDelaySeconds" : 180
+ },
+ "ports": [
+ {
+ "containerPort": 8181,
+ "name": "http"
+ },
+ {
+ "containerPort": 8778,
+ "name": "jolokia"
+ }
+ ],
+ "env" : [ {
+ "name" : "KUBERNETES_NAMESPACE",
+ "valueFrom" : {
+ "fieldRef" : {
+ "fieldPath" : "metadata.namespace"
+ }
+ }
+ } ],
+ "resources": {
+ "requests": {
+ "cpu": "${CPU_REQUEST}",
+ "memory": "${MEMORY_REQUEST}"
+ },
+ "limits": {
+ "cpu": "${CPU_LIMIT}",
+ "memory": "${MEMORY_LIMIT}"
+ }
+ }
+ }
+ ]
+ }
+ }
+ },
+ "status": {}
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/openjdk18-web-basic-s2i.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/openjdk18-web-basic-s2i.json
new file mode 100644
index 000000000..6336f0398
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/openjdk18-web-basic-s2i.json
@@ -0,0 +1,272 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-rh-openjdk",
+ "tags": "java",
+ "version": "1.4.7",
+ "openshift.io/display-name": "OpenJDK 8",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example Java application using OpenJDK 8. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat OpenJDK Java 8 based application.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "openjdk18-web-basic-s2i"
+ },
+ "labels": {
+ "template": "openjdk18-web-basic-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new java application has been created in your project.",
+ "parameters": [
+ {
+ "description": "The name for the application.",
+ "displayName": "Application Name",
+ "name": "APPLICATION_NAME",
+ "value": "openjdk-app",
+ "required": true
+ },
+ {
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "displayName": "Custom http Route Hostname",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "Git source URI for application",
+ "displayName": "Git Repository URL",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "description": "Git branch/tag reference",
+ "displayName": "Git Reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "master",
+ "required": false
+ },
+ {
+ "description": "Path within Git project to build; empty for root project directory.",
+ "displayName": "Context Directory",
+ "name": "CONTEXT_DIR",
+ "value": "undertow-servlet",
+ "required": false
+ },
+ {
+ "description": "GitHub trigger secret",
+ "displayName": "Github Webhook Secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Generic build trigger secret",
+ "displayName": "Generic Webhook Secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "displayName": "ImageStream Namespace",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The application's http port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "redhat-openjdk18-openshift:1.2"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "env": [
+ ],
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/processserver64-amq-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/processserver64-amq-mysql-persistent-s2i.json
new file mode 100644
index 000000000..9ef04ae71
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/processserver64-amq-mysql-persistent-s2i.json
@@ -0,0 +1,1160 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-processserver",
+ "tags": "processserver,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss BPM Suite 6.4 intelligent process server + A-MQ + MySQL (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example BPM Suite application with A-MQ and a MySQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Business Process Suite intelligent process server 6.4 based application, including a build configuration, application deployment configuration, Red Hat A-MQ for messaging broker, database deployment configuration for MySQL using persistence and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-bpm-suite/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "processserver64-amq-mysql-persistent-s2i"
+ },
+ "labels": {
+ "template": "processserver64-amq-mysql-persistent-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new persistent BPMS application (using MySQL and A-MQ) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. And for the A-MQ service use the credentials ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "KIE Container Deployment",
+ "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Protocol",
+ "description": "The protocol to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "https",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Port",
+ "description": "The port to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PORT",
+ "value": "8443",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Username",
+ "description": "The user name to access the KIE Server REST or JMS interface.",
+ "name": "KIE_SERVER_USER",
+ "value": "kieserver",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Password",
+ "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
+ "name": "KIE_SERVER_PASSWORD",
+ "from": "[a-zA-Z]{6}[0-9]{1}!",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Domain",
+ "description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "other",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server JMS Queues Request",
+ "description": "JNDI name of request queue for JMS.",
+ "name": "KIE_SERVER_JMS_QUEUES_REQUEST",
+ "value": "queue/KIE.SERVER.REQUEST",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server JMS Queues Response",
+ "description": "JNDI name of response queue for JMS.",
+ "name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
+ "value": "queue/KIE.SERVER.RESPONSE",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Executor JMS Queue",
+ "description": "JNDI name of executor queue for JMS.",
+ "name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
+ "value": "queue/KIE.SERVER.EXECUTOR",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Persistence Dialect",
+ "description": "Hibernate persistence dialect.",
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "org.hibernate.dialect.MySQL5Dialect",
+ "required": false
+ },
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "kie-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "processserver/library",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/ExampleDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "JMS Connection Factory JNDI Name",
+ "description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/JmsXA",
+ "name": "MQ_JNDI",
+ "value": "java:/JmsXA",
+ "required": false
+ },
+ {
+ "displayName": "Split Data?",
+ "description": "Split the data directory for each node in a mesh.",
+ "name": "AMQ_SPLIT",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Protocols",
+ "description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
+ "name": "MQ_PROTOCOL",
+ "value": "openwire",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
+ "name": "MQ_QUEUES",
+ "value": "KIE.SERVER.REQUEST,KIE.SERVER.RESPONSE,KIE.SERVER.EXECUTOR",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "processserver-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Lower Case Table Names",
+ "description": "Sets how the table names are stored and compared.",
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Maximum number of connections",
+ "description": "The maximum permitted number of simultaneous client connections.",
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Minimum Word Length",
+ "description": "The minimum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Maximum Word Length",
+ "description": "The maximum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL AIO",
+ "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
+ "name": "MYSQL_AIO",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Username",
+ "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Password",
+ "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Mesh Discovery Type",
+ "description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "kube",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Storage Limit",
+ "description": "The A-MQ storage usage limit",
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "100 gb",
+ "required": false
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61616,
+ "targetPort": 61616
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-tcp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's OpenWire port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-processserver64-openshift:1.1"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStream",
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "processserver-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "processserver-keystore-volume",
+ "mountPath": "/etc/processserver-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "${KIE_SERVER_PROTOCOL}"
+ },
+ {
+ "name": "KIE_SERVER_PORT",
+ "value": "${KIE_SERVER_PORT}"
+ },
+ {
+ "name": "KIE_SERVER_USER",
+ "value": "${KIE_SERVER_USER}"
+ },
+ {
+ "name": "KIE_SERVER_PASSWORD",
+ "value": "${KIE_SERVER_PASSWORD}"
+ },
+ {
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "${KIE_SERVER_DOMAIN}"
+ },
+ {
+ "name": "KIE_SERVER_JMS_QUEUES_REQUEST",
+ "value": "${KIE_SERVER_JMS_QUEUES_REQUEST}"
+ },
+ {
+ "name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
+ "value": "${KIE_SERVER_JMS_QUEUES_RESPONSE}"
+ },
+ {
+ "name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
+ "value": "${KIE_SERVER_EXECUTOR_JMS_QUEUE}"
+ },
+ {
+ "name": "MQ_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-amq=MQ"
+ },
+ {
+ "name": "MQ_JNDI",
+ "value": "${MQ_JNDI}"
+ },
+ {
+ "name": "MQ_USERNAME",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "MQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "MQ_PROTOCOL",
+ "value": "tcp"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "${KIE_SERVER_PERSISTENCE_DIALECT}"
+ },
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB,${APPLICATION_NAME}-mysql=QUARTZ"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "QUARTZ_JNDI",
+ "value": "${DB_JNDI}NotManaged"
+ },
+ {
+ "name": "QUARTZ_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "QUARTZ_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "QUARTZ_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "QUARTZ_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "QUARTZ_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "QUARTZ_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "QUARTZ_JTA",
+ "value": "false"
+ },
+ {
+ "name": "QUARTZ_NONXA",
+ "value": "true"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/processserver-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "processserver-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mysql",
+ "image": "mysql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/mysql/data",
+ "name": "${APPLICATION_NAME}-mysql-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
+ },
+ {
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "value": "${MYSQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "value": "${MYSQL_FT_MIN_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "value": "${MYSQL_FT_MAX_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_AIO",
+ "value": "${MYSQL_AIO}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-mysql-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-mysql-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-amq"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-amq-63:1.2"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-amq",
+ "image": "jboss-amq-63",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "mountPath": "/opt/amq/data",
+ "name": "${APPLICATION_NAME}-amq-pvol"
+ }
+ ],
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/amq/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp",
+ "containerPort": 5672,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp-ssl",
+ "containerPort": 5671,
+ "protocol": "TCP"
+ },
+ {
+ "name": "mqtt",
+ "containerPort": 1883,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp",
+ "containerPort": 61613,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp-ssl",
+ "containerPort": 61612,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp",
+ "containerPort": 61616,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp-ssl",
+ "containerPort": 61617,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "AMQ_USER",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "AMQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "AMQ_TRANSPORTS",
+ "value": "${MQ_PROTOCOL}"
+ },
+ {
+ "name": "AMQ_SPLIT",
+ "value": "${AMQ_SPLIT}"
+ },
+ {
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "${AMQ_MESH_DISCOVERY_TYPE}"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-amq-tcp"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "${AMQ_STORAGE_USAGE_LIMIT}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-amq-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-amq-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteMany"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/processserver64-amq-mysql-s2i.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/processserver64-amq-mysql-s2i.json
new file mode 100644
index 000000000..4cb45db42
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/processserver64-amq-mysql-s2i.json
@@ -0,0 +1,1038 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-processserver",
+ "tags": "processserver,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss BPM Suite 6.4 intelligent process server + A-MQ + MySQL (Ephemeral with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example BPM Suite application with A-MQ and a MySQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Business Process Suite intelligent process server 6.4 based application, including a build configuration, application deployment configuration, Red Hat A-MQ for messaging broker, database deployment configuration for MySQL using ephemeral (temporary) storage and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-bpm-suite/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "processserver64-amq-mysql-s2i"
+ },
+ "labels": {
+ "template": "processserver64-amq-mysql-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new BPMS application (using MySQL and A-MQ) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. And for the A-MQ service use the credentials ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "KIE Container Deployment",
+ "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Protocol",
+ "description": "The protocol to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "https",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Port",
+ "description": "The port to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PORT",
+ "value": "8443",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Username",
+ "description": "The user name to access the KIE Server REST or JMS interface.",
+ "name": "KIE_SERVER_USER",
+ "value": "kieserver",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Password",
+ "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
+ "name": "KIE_SERVER_PASSWORD",
+ "from": "[a-zA-Z]{6}[0-9]{1}!",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Domain",
+ "description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "other",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server JMS Queues Request",
+ "description": "JNDI name of request queue for JMS.",
+ "name": "KIE_SERVER_JMS_QUEUES_REQUEST",
+ "value": "queue/KIE.SERVER.REQUEST",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server JMS Queues Response",
+ "description": "JNDI name of response queue for JMS.",
+ "name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
+ "value": "queue/KIE.SERVER.RESPONSE",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Executor JMS Queue",
+ "description": "JNDI name of executor queue for JMS.",
+ "name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
+ "value": "queue/KIE.SERVER.EXECUTOR",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Persistence Dialect",
+ "description": "Hibernate persistence dialect.",
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "org.hibernate.dialect.MySQL5Dialect",
+ "required": false
+ },
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "kie-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "processserver/library",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/ExampleDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "JMS Connection Factory JNDI Name",
+ "description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/JmsXA",
+ "name": "MQ_JNDI",
+ "value": "java:/JmsXA",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Protocols",
+ "description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
+ "name": "MQ_PROTOCOL",
+ "value": "openwire",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
+ "name": "MQ_QUEUES",
+ "value": "KIE.SERVER.REQUEST,KIE.SERVER.RESPONSE,KIE.SERVER.EXECUTOR",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "processserver-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Lower Case Table Names",
+ "description": "Sets how the table names are stored and compared.",
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Maximum number of connections",
+ "description": "The maximum permitted number of simultaneous client connections.",
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Minimum Word Length",
+ "description": "The minimum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Maximum Word Length",
+ "description": "The maximum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL AIO",
+ "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
+ "name": "MYSQL_AIO",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Username",
+ "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Password",
+ "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Mesh Discovery Type",
+ "description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "kube",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Storage Limit",
+ "description": "The A-MQ storage usage limit",
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "100 gb",
+ "required": false
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61616,
+ "targetPort": 61616
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-tcp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's OpenWire port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-processserver64-openshift:1.1"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStream",
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "processserver-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "processserver-keystore-volume",
+ "mountPath": "/etc/processserver-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "${KIE_SERVER_PROTOCOL}"
+ },
+ {
+ "name": "KIE_SERVER_PORT",
+ "value": "${KIE_SERVER_PORT}"
+ },
+ {
+ "name": "KIE_SERVER_USER",
+ "value": "${KIE_SERVER_USER}"
+ },
+ {
+ "name": "KIE_SERVER_PASSWORD",
+ "value": "${KIE_SERVER_PASSWORD}"
+ },
+ {
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "${KIE_SERVER_DOMAIN}"
+ },
+ {
+ "name": "KIE_SERVER_JMS_QUEUES_REQUEST",
+ "value": "${KIE_SERVER_JMS_QUEUES_REQUEST}"
+ },
+ {
+ "name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
+ "value": "${KIE_SERVER_JMS_QUEUES_RESPONSE}"
+ },
+ {
+ "name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
+ "value": "${KIE_SERVER_EXECUTOR_JMS_QUEUE}"
+ },
+ {
+ "name": "MQ_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-amq=MQ"
+ },
+ {
+ "name": "MQ_JNDI",
+ "value": "${MQ_JNDI}"
+ },
+ {
+ "name": "MQ_USERNAME",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "MQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "MQ_PROTOCOL",
+ "value": "tcp"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "${KIE_SERVER_PERSISTENCE_DIALECT}"
+ },
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/processserver-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "processserver-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mysql",
+ "image": "mysql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
+ },
+ {
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "value": "${MYSQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "value": "${MYSQL_FT_MIN_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "value": "${MYSQL_FT_MAX_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_AIO",
+ "value": "${MYSQL_AIO}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-amq"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-amq-63:1.2"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-amq",
+ "image": "jboss-amq-63",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/amq/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp",
+ "containerPort": 5672,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp-ssl",
+ "containerPort": 5671,
+ "protocol": "TCP"
+ },
+ {
+ "name": "mqtt",
+ "containerPort": 1883,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp",
+ "containerPort": 61613,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp-ssl",
+ "containerPort": 61612,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp",
+ "containerPort": 61616,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp-ssl",
+ "containerPort": 61617,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "AMQ_USER",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "AMQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "AMQ_TRANSPORTS",
+ "value": "${MQ_PROTOCOL}"
+ },
+ {
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "${AMQ_MESH_DISCOVERY_TYPE}"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-amq-tcp"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "${AMQ_STORAGE_USAGE_LIMIT}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/processserver64-amq-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/processserver64-amq-postgresql-persistent-s2i.json
new file mode 100644
index 000000000..56fefcc0a
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/processserver64-amq-postgresql-persistent-s2i.json
@@ -0,0 +1,1130 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-processserver",
+ "tags": "processserver,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss BPM Suite 6.4 intelligent process server + A-MQ + PostgreSQL (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example BPM Suite application with A-MQ and a PostgreSQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Business Process Suite intelligent process server 6.4 based application, including a build configuration, application deployment configuration, Red Hat A-MQ for messaging broker, database deployment configuration for PostgreSQL using persistence and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-bpm-suite/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "processserver64-amq-postgresql-persistent-s2i"
+ },
+ "labels": {
+ "template": "processserver64-amq-postgresql-persistent-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new persistent BPMS application (using PostgreSQL and A-MQ) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. And for the A-MQ service use the credentials ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "KIE Container Deployment",
+ "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Protocol",
+ "description": "The protocol to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "https",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Port",
+ "description": "The port to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PORT",
+ "value": "8443",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Username",
+ "description": "The user name to access the KIE Server REST or JMS interface.",
+ "name": "KIE_SERVER_USER",
+ "value": "kieserver",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Password",
+ "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
+ "name": "KIE_SERVER_PASSWORD",
+ "from": "[a-zA-Z]{6}[0-9]{1}!",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Domain",
+ "description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "other",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server JMS Queues Request",
+ "description": "JNDI name of request queue for JMS.",
+ "name": "KIE_SERVER_JMS_QUEUES_REQUEST",
+ "value": "queue/KIE.SERVER.REQUEST",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server JMS Queues Response",
+ "description": "JNDI name of response queue for JMS.",
+ "name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
+ "value": "queue/KIE.SERVER.RESPONSE",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Executor JMS Queue",
+ "description": "JNDI name of executor queue for JMS.",
+ "name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
+ "value": "queue/KIE.SERVER.EXECUTOR",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Persistence Dialect",
+ "description": "Hibernate persistence dialect.",
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "org.hibernate.dialect.PostgreSQL82Dialect",
+ "required": false
+ },
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "kie-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "processserver/library",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/ExampleDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "JMS Connection Factory JNDI Name",
+ "description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/JmsXA",
+ "name": "MQ_JNDI",
+ "value": "java:/JmsXA",
+ "required": false
+ },
+ {
+ "displayName": "Split Data?",
+ "description": "Split the data directory for each node in a mesh.",
+ "name": "AMQ_SPLIT",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Protocols",
+ "description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
+ "name": "MQ_PROTOCOL",
+ "value": "openwire",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
+ "name": "MQ_QUEUES",
+ "value": "KIE.SERVER.REQUEST,KIE.SERVER.RESPONSE,KIE.SERVER.EXECUTOR",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "processserver-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Maximum number of connections",
+ "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Shared Buffers",
+ "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Username",
+ "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Password",
+ "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Mesh Discovery Type",
+ "description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "kube",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Storage Limit",
+ "description": "The A-MQ storage usage limit",
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "100 gb",
+ "required": false
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61616,
+ "targetPort": 61616
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-tcp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's OpenWire port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-processserver64-openshift:1.1"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStream",
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "processserver-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "processserver-keystore-volume",
+ "mountPath": "/etc/processserver-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "${KIE_SERVER_PROTOCOL}"
+ },
+ {
+ "name": "KIE_SERVER_PORT",
+ "value": "${KIE_SERVER_PORT}"
+ },
+ {
+ "name": "KIE_SERVER_USER",
+ "value": "${KIE_SERVER_USER}"
+ },
+ {
+ "name": "KIE_SERVER_PASSWORD",
+ "value": "${KIE_SERVER_PASSWORD}"
+ },
+ {
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "${KIE_SERVER_DOMAIN}"
+ },
+ {
+ "name": "KIE_SERVER_JMS_QUEUES_REQUEST",
+ "value": "${KIE_SERVER_JMS_QUEUES_REQUEST}"
+ },
+ {
+ "name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
+ "value": "${KIE_SERVER_JMS_QUEUES_RESPONSE}"
+ },
+ {
+ "name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
+ "value": "${KIE_SERVER_EXECUTOR_JMS_QUEUE}"
+ },
+ {
+ "name": "MQ_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-amq=MQ"
+ },
+ {
+ "name": "MQ_JNDI",
+ "value": "${MQ_JNDI}"
+ },
+ {
+ "name": "MQ_USERNAME",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "MQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "MQ_PROTOCOL",
+ "value": "tcp"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "${KIE_SERVER_PERSISTENCE_DIALECT}"
+ },
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB,${APPLICATION_NAME}-postgresql=QUARTZ"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "QUARTZ_JNDI",
+ "value": "${DB_JNDI}NotManaged"
+ },
+ {
+ "name": "QUARTZ_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "QUARTZ_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "QUARTZ_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "QUARTZ_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "QUARTZ_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "QUARTZ_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "QUARTZ_JTA",
+ "value": "false"
+ },
+ {
+ "name": "QUARTZ_NONXA",
+ "value": "true"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/processserver-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "processserver-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "image": "postgresql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/pgsql/data",
+ "name": "${APPLICATION_NAME}-postgresql-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-postgresql-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-amq"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-amq-63:1.2"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-amq",
+ "image": "jboss-amq-63",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "mountPath": "/opt/amq/data",
+ "name": "${APPLICATION_NAME}-amq-pvol"
+ }
+ ],
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/amq/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp",
+ "containerPort": 5672,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp-ssl",
+ "containerPort": 5671,
+ "protocol": "TCP"
+ },
+ {
+ "name": "mqtt",
+ "containerPort": 1883,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp",
+ "containerPort": 61613,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp-ssl",
+ "containerPort": 61612,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp",
+ "containerPort": 61616,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp-ssl",
+ "containerPort": 61617,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "AMQ_USER",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "AMQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "AMQ_TRANSPORTS",
+ "value": "${MQ_PROTOCOL}"
+ },
+ {
+ "name": "AMQ_SPLIT",
+ "value": "${AMQ_SPLIT}"
+ },
+ {
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "${AMQ_MESH_DISCOVERY_TYPE}"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-amq-tcp"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "${AMQ_STORAGE_USAGE_LIMIT}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-amq-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-amq-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteMany"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/processserver64-amq-postgresql-s2i.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/processserver64-amq-postgresql-s2i.json
new file mode 100644
index 000000000..bb8d2df28
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/processserver64-amq-postgresql-s2i.json
@@ -0,0 +1,1009 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for Red Hat JBoss BPM Suite 6.4 intelligent process server AMQ and PostgreSQL applications built using S2I.",
+ "iconClass": "icon-processserver",
+ "tags": "processserver,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss BPM Suite 6.4 intelligent process server + A-MQ + PostgreSQL (Ephemeral with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example BPM Suite application with A-MQ and a PostgreSQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Business Process Suite intelligent process server 6.4 based application, including a build configuration, application deployment configuration, Red Hat A-MQ for messaging broker, database deployment configuration for PostgreSQL using ephemeral (temporary) storage and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-bpm-suite/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "processserver64-amq-postgresql-s2i"
+ },
+ "labels": {
+ "template": "processserver64-amq-postgresql-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new BPMS application (using PostgreSQL and A-MQ) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. And for the A-MQ service use the credentials ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "KIE Container Deployment",
+ "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Protocol",
+ "description": "The protocol to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "https",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Port",
+ "description": "The port to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PORT",
+ "value": "8443",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Username",
+ "description": "The user name to access the KIE Server REST or JMS interface.",
+ "name": "KIE_SERVER_USER",
+ "value": "kieserver",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Password",
+ "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
+ "name": "KIE_SERVER_PASSWORD",
+ "from": "[a-zA-Z]{6}[0-9]{1}!",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Domain",
+ "description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "other",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server JMS Queues Request",
+ "description": "JNDI name of request queue for JMS.",
+ "name": "KIE_SERVER_JMS_QUEUES_REQUEST",
+ "value": "queue/KIE.SERVER.REQUEST",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server JMS Queues Response",
+ "description": "JNDI name of response queue for JMS.",
+ "name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
+ "value": "queue/KIE.SERVER.RESPONSE",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Executor JMS Queue",
+ "description": "JNDI name of executor queue for JMS.",
+ "name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
+ "value": "queue/KIE.SERVER.EXECUTOR",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Persistence Dialect",
+ "description": "Hibernate persistence dialect.",
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "org.hibernate.dialect.PostgreSQL82Dialect",
+ "required": false
+ },
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "kie-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "processserver/library",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/ExampleDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "JMS Connection Factory JNDI Name",
+ "description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/JmsXA",
+ "name": "MQ_JNDI",
+ "value": "java:/JmsXA",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Protocols",
+ "description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
+ "name": "MQ_PROTOCOL",
+ "value": "openwire",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
+ "name": "MQ_QUEUES",
+ "value": "KIE.SERVER.REQUEST,KIE.SERVER.RESPONSE,KIE.SERVER.EXECUTOR",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "processserver-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Maximum number of connections",
+ "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Shared Buffers",
+ "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Username",
+ "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Password",
+ "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Mesh Discovery Type",
+ "description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "kube",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Storage Limit",
+ "description": "The A-MQ storage usage limit",
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "100 gb",
+ "required": false
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61616,
+ "targetPort": 61616
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-tcp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's OpenWire port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-processserver64-openshift:1.1"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStream",
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "processserver-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "processserver-keystore-volume",
+ "mountPath": "/etc/processserver-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "${KIE_SERVER_PROTOCOL}"
+ },
+ {
+ "name": "KIE_SERVER_PORT",
+ "value": "${KIE_SERVER_PORT}"
+ },
+ {
+ "name": "KIE_SERVER_USER",
+ "value": "${KIE_SERVER_USER}"
+ },
+ {
+ "name": "KIE_SERVER_PASSWORD",
+ "value": "${KIE_SERVER_PASSWORD}"
+ },
+ {
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "${KIE_SERVER_DOMAIN}"
+ },
+ {
+ "name": "KIE_SERVER_JMS_QUEUES_REQUEST",
+ "value": "${KIE_SERVER_JMS_QUEUES_REQUEST}"
+ },
+ {
+ "name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
+ "value": "${KIE_SERVER_JMS_QUEUES_RESPONSE}"
+ },
+ {
+ "name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
+ "value": "${KIE_SERVER_EXECUTOR_JMS_QUEUE}"
+ },
+ {
+ "name": "MQ_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-amq=MQ"
+ },
+ {
+ "name": "MQ_JNDI",
+ "value": "${MQ_JNDI}"
+ },
+ {
+ "name": "MQ_USERNAME",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "MQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "MQ_PROTOCOL",
+ "value": "tcp"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "${KIE_SERVER_PERSISTENCE_DIALECT}"
+ },
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/processserver-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "processserver-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "image": "postgresql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-amq"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-amq-63:1.2"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-amq",
+ "image": "jboss-amq-63",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/amq/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp",
+ "containerPort": 5672,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp-ssl",
+ "containerPort": 5671,
+ "protocol": "TCP"
+ },
+ {
+ "name": "mqtt",
+ "containerPort": 1883,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp",
+ "containerPort": 61613,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp-ssl",
+ "containerPort": 61612,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp",
+ "containerPort": 61616,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp-ssl",
+ "containerPort": 61617,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "AMQ_USER",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "AMQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "AMQ_TRANSPORTS",
+ "value": "${MQ_PROTOCOL}"
+ },
+ {
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "${AMQ_MESH_DISCOVERY_TYPE}"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-amq-tcp"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "${AMQ_STORAGE_USAGE_LIMIT}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/processserver64-basic-s2i.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/processserver64-basic-s2i.json
new file mode 100644
index 000000000..1b7cc8cf1
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/processserver64-basic-s2i.json
@@ -0,0 +1,387 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-processserver",
+ "tags": "processserver,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss BPM Suite 6.4 intelligent process server (no https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example BPM Suite application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Business Process Suite intelligent process server 6.4 based application, including a build configuration, application deployment configuration and insecure communication using http.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-bpm-suite/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "processserver64-basic-s2i"
+ },
+ "labels": {
+ "template": "processserver64-basic-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new BPMS application has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}.",
+ "parameters": [
+ {
+ "displayName": "KIE Container Deployment",
+ "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Username",
+ "description": "The user name to access the KIE Server REST or JMS interface.",
+ "name": "KIE_SERVER_USER",
+ "value": "kieserver",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Password",
+ "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
+ "name": "KIE_SERVER_PASSWORD",
+ "from": "[a-zA-Z]{6}[0-9]{1}!",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Persistence Dialect",
+ "description": "Hibernate persistence dialect.",
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "org.hibernate.dialect.H2Dialect",
+ "required": false
+ },
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "kie-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "processserver/library",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "HORNETQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "HORNETQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "HornetQ Password",
+ "description": "HornetQ cluster admin password",
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-processserver64-openshift:1.1"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStream",
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "KIE_SERVER_USER",
+ "value": "${KIE_SERVER_USER}"
+ },
+ {
+ "name": "KIE_SERVER_PASSWORD",
+ "value": "${KIE_SERVER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_QUEUES",
+ "value": "${HORNETQ_QUEUES}"
+ },
+ {
+ "name": "HORNETQ_TOPICS",
+ "value": "${HORNETQ_TOPICS}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/processserver64-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/processserver64-mysql-persistent-s2i.json
new file mode 100644
index 000000000..1a4d0887c
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/processserver64-mysql-persistent-s2i.json
@@ -0,0 +1,865 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for Red Hat JBoss BPM Suite 6.4 intelligent process server MySQL applications with persistent storage built using S2I.",
+ "iconClass": "icon-processserver",
+ "tags": "processserver,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss BPM Suite 6.4 intelligent process server + MySQL (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example BPM Suite application with a MySQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Business Process Suite intelligent process server 6.4 based application, including a build configuration, application deployment configuration, database deployment configuration for MySQL using persistence and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-bpm-suite/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "processserver64-mysql-persistent-s2i"
+ },
+ "labels": {
+ "template": "processserver64-mysql-persistent-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new persistent BPMS application (using MySQL) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "KIE Container Deployment",
+ "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Protocol",
+ "description": "The protocol to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "https",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Port",
+ "description": "The port to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PORT",
+ "value": "8443",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Username",
+ "description": "The user name to access the KIE Server REST or JMS interface.",
+ "name": "KIE_SERVER_USER",
+ "value": "kieserver",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Password",
+ "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
+ "name": "KIE_SERVER_PASSWORD",
+ "from": "[a-zA-Z]{6}[0-9]{1}!",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Domain",
+ "description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "other",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Persistence Dialect",
+ "description": "Hibernate persistence dialect.",
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "org.hibernate.dialect.MySQL5Dialect",
+ "required": false
+ },
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "kie-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "processserver/library",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/ExampleDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "HORNETQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "HORNETQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "processserver-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Lower Case Table Names",
+ "description": "Sets how the table names are stored and compared.",
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Maximum number of connections",
+ "description": "The maximum permitted number of simultaneous client connections.",
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Minimum Word Length",
+ "description": "The minimum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Maximum Word Length",
+ "description": "The maximum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL AIO",
+ "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
+ "name": "MYSQL_AIO",
+ "required": false
+ },
+ {
+ "displayName": "HornetQ Password",
+ "description": "HornetQ cluster admin password",
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-processserver64-openshift:1.1"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStream",
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "processserver-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "processserver-keystore-volume",
+ "mountPath": "/etc/processserver-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "${KIE_SERVER_PROTOCOL}"
+ },
+ {
+ "name": "KIE_SERVER_PORT",
+ "value": "${KIE_SERVER_PORT}"
+ },
+ {
+ "name": "KIE_SERVER_USER",
+ "value": "${KIE_SERVER_USER}"
+ },
+ {
+ "name": "KIE_SERVER_PASSWORD",
+ "value": "${KIE_SERVER_PASSWORD}"
+ },
+ {
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "${KIE_SERVER_DOMAIN}"
+ },
+ {
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "${KIE_SERVER_PERSISTENCE_DIALECT}"
+ },
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB,${APPLICATION_NAME}-mysql=QUARTZ"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "QUARTZ_JNDI",
+ "value": "${DB_JNDI}NotManaged"
+ },
+ {
+ "name": "QUARTZ_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "QUARTZ_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "QUARTZ_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "QUARTZ_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "QUARTZ_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "QUARTZ_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "QUARTZ_JTA",
+ "value": "false"
+ },
+ {
+ "name": "QUARTZ_NONXA",
+ "value": "true"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/processserver-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_QUEUES",
+ "value": "${HORNETQ_QUEUES}"
+ },
+ {
+ "name": "HORNETQ_TOPICS",
+ "value": "${HORNETQ_TOPICS}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "processserver-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mysql",
+ "image": "mysql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/mysql/data",
+ "name": "${APPLICATION_NAME}-mysql-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
+ },
+ {
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "value": "${MYSQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "value": "${MYSQL_FT_MIN_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "value": "${MYSQL_FT_MAX_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_AIO",
+ "value": "${MYSQL_AIO}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-mysql-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-mysql-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/processserver64-mysql-s2i.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/processserver64-mysql-s2i.json
new file mode 100644
index 000000000..7c491d832
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/processserver64-mysql-s2i.json
@@ -0,0 +1,787 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-processserver",
+ "tags": "processserver,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss BPM Suite 6.4 intelligent process server + MySQL (Ephemeral with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example BPM Suite application with a MySQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Business Process Suite intelligent process server 6.4 based application, including a build configuration, application deployment configuration, database deployment configuration for MySQL using ephemeral (temporary) storage and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-bpm-suite/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "processserver64-mysql-s2i"
+ },
+ "labels": {
+ "template": "processserver64-mysql-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new BPMS application (using MySQL) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "KIE Container Deployment",
+ "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Protocol",
+ "description": "The protocol to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "https",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Port",
+ "description": "The port to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PORT",
+ "value": "8443",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Username",
+ "description": "The user name to access the KIE Server REST or JMS interface.",
+ "name": "KIE_SERVER_USER",
+ "value": "kieserver",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Password",
+ "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
+ "name": "KIE_SERVER_PASSWORD",
+ "from": "[a-zA-Z]{6}[0-9]{1}!",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Domain",
+ "description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "other",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Persistence Dialect",
+ "description": "Hibernate persistence dialect.",
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "org.hibernate.dialect.MySQL5Dialect",
+ "required": false
+ },
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "kie-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "processserver/library",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/ExampleDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "HORNETQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "HORNETQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "processserver-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Lower Case Table Names",
+ "description": "Sets how the table names are stored and compared.",
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Maximum number of connections",
+ "description": "The maximum permitted number of simultaneous client connections.",
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Minimum Word Length",
+ "description": "The minimum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Maximum Word Length",
+ "description": "The maximum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL AIO",
+ "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
+ "name": "MYSQL_AIO",
+ "required": false
+ },
+ {
+ "displayName": "HornetQ Password",
+ "description": "HornetQ cluster admin password",
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-processserver64-openshift:1.1"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStream",
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "processserver-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "processserver-keystore-volume",
+ "mountPath": "/etc/processserver-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "${KIE_SERVER_PROTOCOL}"
+ },
+ {
+ "name": "KIE_SERVER_PORT",
+ "value": "${KIE_SERVER_PORT}"
+ },
+ {
+ "name": "KIE_SERVER_USER",
+ "value": "${KIE_SERVER_USER}"
+ },
+ {
+ "name": "KIE_SERVER_PASSWORD",
+ "value": "${KIE_SERVER_PASSWORD}"
+ },
+ {
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "${KIE_SERVER_DOMAIN}"
+ },
+ {
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "${KIE_SERVER_PERSISTENCE_DIALECT}"
+ },
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/processserver-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_QUEUES",
+ "value": "${HORNETQ_QUEUES}"
+ },
+ {
+ "name": "HORNETQ_TOPICS",
+ "value": "${HORNETQ_TOPICS}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "processserver-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mysql",
+ "image": "mysql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
+ },
+ {
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "value": "${MYSQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "value": "${MYSQL_FT_MIN_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "value": "${MYSQL_FT_MAX_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_AIO",
+ "value": "${MYSQL_AIO}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/processserver64-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/processserver64-postgresql-persistent-s2i.json
new file mode 100644
index 000000000..8965ea41f
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/processserver64-postgresql-persistent-s2i.json
@@ -0,0 +1,834 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-processserver",
+ "tags": "processserver,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss BPM Suite 6.4 intelligent process server + PostgreSQL (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example BPM Suite application with a PostgreSQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Business Process Suite intelligent process server 6.4 based application, including a build configuration, application deployment configuration, database deployment configuration for PostgreSQL using persistence and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-bpm-suite/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "processserver64-postgresql-persistent-s2i"
+ },
+ "labels": {
+ "template": "processserver64-postgresql-persistent-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new persistent BPMS application (using PostgreSQL) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "KIE Container Deployment",
+ "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Protocol",
+ "description": "The protocol to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "https",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Port",
+ "description": "The port to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PORT",
+ "value": "8443",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Username",
+ "description": "The user name to access the KIE Server REST or JMS interface.",
+ "name": "KIE_SERVER_USER",
+ "value": "kieserver",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Password",
+ "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
+ "name": "KIE_SERVER_PASSWORD",
+ "from": "[a-zA-Z]{6}[0-9]{1}!",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Domain",
+ "description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "other",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Persistence Dialect",
+ "description": "Hibernate persistence dialect.",
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "org.hibernate.dialect.PostgreSQL82Dialect",
+ "required": false
+ },
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "kie-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "processserver/library",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/ExampleDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "HORNETQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "HORNETQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "processserver-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Maximum number of connections",
+ "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Shared Buffers",
+ "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "required": false
+ },
+ {
+ "displayName": "HornetQ Password",
+ "description": "HornetQ cluster admin password",
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-processserver64-openshift:1.1"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStream",
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "processserver-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "processserver-keystore-volume",
+ "mountPath": "/etc/processserver-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "${KIE_SERVER_PROTOCOL}"
+ },
+ {
+ "name": "KIE_SERVER_PORT",
+ "value": "${KIE_SERVER_PORT}"
+ },
+ {
+ "name": "KIE_SERVER_USER",
+ "value": "${KIE_SERVER_USER}"
+ },
+ {
+ "name": "KIE_SERVER_PASSWORD",
+ "value": "${KIE_SERVER_PASSWORD}"
+ },
+ {
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "${KIE_SERVER_DOMAIN}"
+ },
+ {
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "${KIE_SERVER_PERSISTENCE_DIALECT}"
+ },
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB,${APPLICATION_NAME}-postgresql=QUARTZ"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "QUARTZ_JNDI",
+ "value": "${DB_JNDI}NotManaged"
+ },
+ {
+ "name": "QUARTZ_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "QUARTZ_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "QUARTZ_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "QUARTZ_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "QUARTZ_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "QUARTZ_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "QUARTZ_JTA",
+ "value": "false"
+ },
+ {
+ "name": "QUARTZ_NONXA",
+ "value": "true"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/processserver-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_QUEUES",
+ "value": "${HORNETQ_QUEUES}"
+ },
+ {
+ "name": "HORNETQ_TOPICS",
+ "value": "${HORNETQ_TOPICS}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "processserver-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "image": "postgresql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/pgsql/data",
+ "name": "${APPLICATION_NAME}-postgresql-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-postgresql-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/processserver64-postgresql-s2i.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/processserver64-postgresql-s2i.json
new file mode 100644
index 000000000..e21f0ce4e
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/processserver64-postgresql-s2i.json
@@ -0,0 +1,757 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-processserver",
+ "tags": "processserver,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss BPM Suite 6.4 intelligent process server + PostgreSQL (Ephemeral with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example BPM Suite application with a PostgreSQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Business Process Suite intelligent process server 6.4 based application, including a build configuration, application deployment configuration, database deployment configuration for PostgreSQL using ephemeral (temporary) storage and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-bpm-suite/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "processserver64-postgresql-s2i"
+ },
+ "labels": {
+ "template": "processserver64-postgresql-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new BPMS application (using PostgreSQL) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "KIE Container Deployment",
+ "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Protocol",
+ "description": "The protocol to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "https",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Port",
+ "description": "The port to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PORT",
+ "value": "8443",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Username",
+ "description": "The user name to access the KIE Server REST or JMS interface.",
+ "name": "KIE_SERVER_USER",
+ "value": "kieserver",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Password",
+ "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
+ "name": "KIE_SERVER_PASSWORD",
+ "from": "[a-zA-Z]{6}[0-9]{1}!",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Domain",
+ "description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "other",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Persistence Dialect",
+ "description": "Hibernate persistence dialect.",
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "org.hibernate.dialect.PostgreSQL82Dialect",
+ "required": false
+ },
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "kie-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "processserver/library",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/ExampleDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "HORNETQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "HORNETQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "processserver-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Maximum number of connections",
+ "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Shared Buffers",
+ "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "required": false
+ },
+ {
+ "displayName": "HornetQ Password",
+ "description": "HornetQ cluster admin password",
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-processserver64-openshift:1.1"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStream",
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "processserver-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "processserver-keystore-volume",
+ "mountPath": "/etc/processserver-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "${KIE_SERVER_PROTOCOL}"
+ },
+ {
+ "name": "KIE_SERVER_PORT",
+ "value": "${KIE_SERVER_PORT}"
+ },
+ {
+ "name": "KIE_SERVER_USER",
+ "value": "${KIE_SERVER_USER}"
+ },
+ {
+ "name": "KIE_SERVER_PASSWORD",
+ "value": "${KIE_SERVER_PASSWORD}"
+ },
+ {
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "${KIE_SERVER_DOMAIN}"
+ },
+ {
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "${KIE_SERVER_PERSISTENCE_DIALECT}"
+ },
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/processserver-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_QUEUES",
+ "value": "${HORNETQ_QUEUES}"
+ },
+ {
+ "name": "HORNETQ_TOPICS",
+ "value": "${HORNETQ_TOPICS}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "processserver-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "image": "postgresql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/spring-boot-camel-amq-template.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/spring-boot-camel-amq-template.json
new file mode 100644
index 000000000..2c1a73a29
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/spring-boot-camel-amq-template.json
@@ -0,0 +1,331 @@
+{
+ "apiVersion": "v1",
+ "kind": "Template",
+ "metadata": {
+ "annotations": {
+ "description": "Spring Boot, Camel and ActiveMQ QuickStart. This quickstart demonstrates how to connect a Spring-Boot application to an ActiveMQ broker and use JMS messaging between two Camel routes using OpenShift. In this example we will use two containers, one container to run as a ActiveMQ broker, and another as a client to the broker, where the Camel routes are running. This quickstart requires the ActiveMQ broker has been deployed and running first, one simple way to run a A-MQ service is following the documentation of the A-MQ xPaaS image for OpenShift related to the amq62-basic template",
+ "tags": "quickstart,java,springboot,fis",
+ "iconClass": "icon-jboss",
+ "version": "2.0"
+ },
+ "name": "s2i-spring-boot-camel-amq"
+ },
+ "labels": {
+ "template": "s2i-spring-boot-camel-amq"
+ },
+ "parameters": [
+ {
+ "name": "APP_NAME",
+ "displayName": "Application Name",
+ "required": true,
+ "value": "s2i-spring-boot-camel-amq",
+ "description": "The name assigned to the application."
+ },
+ {
+ "name": "GIT_REPO",
+ "displayName": "Git Repository URL",
+ "required": true,
+ "value": "https://github.com/fabric8-quickstarts/spring-boot-camel-amq.git",
+ "description": "The URL of the repository with your application source code."
+ },
+ {
+ "name": "GIT_REF",
+ "displayName": "Git Reference",
+ "value": "spring-boot-camel-amq-1.0.0.redhat-000064",
+ "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch."
+ },
+ {
+ "name": "ACTIVEMQ_SERVICE_NAME",
+ "displayName": "ActiveMQ Broker Service",
+ "required": true,
+ "value": "broker-amq-tcp",
+ "description": "Set this to the name of the TCP service of the ActiveMQ broker. You may need to create a broker first."
+ },
+ {
+ "name": "ACTIVEMQ_BROKER_USERNAME",
+ "displayName": "ActiveMQ Broker Username",
+ "description": "The username used to authenticate with the ActiveMQ broker. Leave it empty if authentication is disabled."
+ },
+ {
+ "name": "ACTIVEMQ_BROKER_PASSWORD",
+ "displayName": "ActiveMQ Broker Password",
+ "description": "The password used to authenticate with the ActiveMQ broker. Leave it empty if authentication is disabled."
+ },
+ {
+ "name": "BUILDER_VERSION",
+ "displayName": "Builder version",
+ "value": "2.0",
+ "description": "The version of the FIS S2I builder image to use."
+ },
+ {
+ "name": "APP_VERSION",
+ "displayName": "Application Version",
+ "value": "1.0.0.redhat-000064",
+ "description": "The application version."
+ },
+ {
+ "name": "MAVEN_ARGS",
+ "displayName": "Maven Arguments",
+ "value": "package -DskipTests -Dfabric8.skip -e -B",
+ "description": "Arguments passed to mvn in the build."
+ },
+ {
+ "name": "MAVEN_ARGS_APPEND",
+ "displayName": "Extra Maven Arguments",
+ "description": "Extra arguments passed to mvn, e.g. for multi-module builds."
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "displayName": "Maven build directory",
+ "description": "Directory of the artifact to be built, e.g. for multi-module builds."
+ },
+ {
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "displayName": "Image Stream Namespace",
+ "value": "openshift",
+ "required": true,
+ "description": "Namespace in which the Fuse ImageStreams are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project."
+ },
+ {
+ "name": "BUILD_SECRET",
+ "displayName": "Git Build Secret",
+ "generate": "expression",
+ "description": "The secret needed to trigger a build.",
+ "from": "[a-zA-Z0-9]{40}"
+ },
+ {
+ "name": "CPU_REQUEST",
+ "displayName": "CPU request",
+ "value": "0.2",
+ "required": true,
+ "description": "The amount of CPU to requests."
+ },
+ {
+ "name": "CPU_LIMIT",
+ "displayName": "CPU limit",
+ "value": "1.0",
+ "required": true,
+ "description": "The amount of CPU the container is limited to use."
+ }
+ ],
+ "objects": [
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {},
+ "status": {
+ "dockerImageRepository": ""
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${BUILD_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${BUILD_SECRET}"
+ }
+ },
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ }
+ ],
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${GIT_REPO}",
+ "ref": "${GIT_REF}"
+ }
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "fis-java-openshift:${BUILDER_VERSION}"
+ },
+ "forcePull": true,
+ "incremental": true,
+ "env": [
+ {
+ "name": "BUILD_LOGLEVEL",
+ "value": "5"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ },
+ {
+ "name": "MAVEN_ARGS",
+ "value": "${MAVEN_ARGS}"
+ },
+ {
+ "name": "MAVEN_ARGS_APPEND",
+ "value": "${MAVEN_ARGS_APPEND}"
+ }
+ ]
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APP_NAME}:latest"
+ }
+ },
+ "resources": {}
+ },
+ "status": {
+ "lastVersion": 0
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "resources": {}
+ },
+ "triggers": [
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APP_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APP_NAME}:latest"
+ }
+ }
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "component": "${APP_NAME}",
+ "deploymentconfig": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ },
+ "template": {
+ "metadata": {
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "deploymentconfig": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "${APP_NAME}",
+ "image": "library/${APP_NAME}:latest",
+ "readinessProbe" : {
+ "httpGet" : {
+ "path" : "/health",
+ "port" : 8081
+ },
+ "initialDelaySeconds" : 10
+ },
+ "livenessProbe" : {
+ "httpGet" : {
+ "path" : "/health",
+ "port" : 8081
+ },
+ "initialDelaySeconds" : 180
+ },
+ "ports": [
+ {
+ "containerPort": 8778,
+ "name": "jolokia"
+ }
+ ],
+ "env" : [ {
+ "name" : "KUBERNETES_NAMESPACE",
+ "valueFrom" : {
+ "fieldRef" : {
+ "fieldPath" : "metadata.namespace"
+ }
+ }
+ } , {
+ "name": "ACTIVEMQ_SERVICE_NAME",
+ "value": "${ACTIVEMQ_SERVICE_NAME}"
+ }, {
+ "name": "ACTIVEMQ_BROKER_USERNAME",
+ "value": "${ACTIVEMQ_BROKER_USERNAME}"
+ }, {
+ "name": "ACTIVEMQ_BROKER_PASSWORD",
+ "value": "${ACTIVEMQ_BROKER_PASSWORD}"
+ } ],
+ "resources": {
+ "requests": {
+ "cpu": "${CPU_REQUEST}"
+ },
+ "limits": {
+ "cpu": "${CPU_LIMIT}"
+ }
+ }
+ }
+ ]
+ }
+ }
+ },
+ "status": {}
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/spring-boot-camel-config-template.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/spring-boot-camel-config-template.json
new file mode 100644
index 000000000..b62e768b6
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/spring-boot-camel-config-template.json
@@ -0,0 +1,327 @@
+{
+ "apiVersion": "v1",
+ "kind": "Template",
+ "metadata": {
+ "annotations": {
+ "description": "Spring Boot and Camel using ConfigMaps and Secrets. This quickstart demonstrates how to configure a Spring-Boot application using OpenShift ConfigMaps and Secrets. This example requires that a ConfigMap named camel-config and a Secret named camel-config are present in the namespace before the application is deployed, instruction about how to manually create them can be found here: https://github.com/fabric8-quickstarts/spring-boot-camel-config/blob/fis-2.0.x.redhat/README.redhat.md ",
+ "tags": "quickstart,java,springboot,fis",
+ "iconClass": "icon-jboss",
+ "version": "2.0"
+ },
+ "name": "s2i-spring-boot-camel-config"
+ },
+ "labels": {
+ "template": "s2i-spring-boot-camel-config"
+ },
+ "parameters": [
+ {
+ "name": "APP_NAME",
+ "displayName": "Application Name",
+ "required": true,
+ "value": "s2i-spring-boot-camel-config",
+ "description": "The name assigned to the application."
+ },
+ {
+ "name": "GIT_REPO",
+ "displayName": "Git Repository URL",
+ "required": true,
+ "value": "https://github.com/fabric8-quickstarts/spring-boot-camel-config.git",
+ "description": "The URL of the repository with your application source code."
+ },
+ {
+ "name": "GIT_REF",
+ "displayName": "Git Reference",
+ "value": "spring-boot-camel-config-1.0.0.redhat-000014",
+ "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch."
+ },
+ {
+ "name": "SERVICE_ACCOUNT_NAME",
+ "displayName": "Service Account",
+ "value": "qs-camel-config",
+ "required": true,
+ "description": "The Service Account that will be used to run the container. It must be already present in Openshift and have the view role."
+ },
+ {
+ "name": "SECRET_NAME",
+ "displayName": "Secret Name",
+ "value": "camel-config",
+ "required": true,
+ "description": "The name of the Openshift Secret that will be used to configure the application. It must be already present in Openshift."
+ },
+ {
+ "name": "CONFIGMAP_NAME",
+ "displayName": "ConfigMap Name",
+ "value": "camel-config",
+ "required": true,
+ "description": "The name of the Openshift ConfigMap that will be used to configure the application. It must be already present in Openshift."
+ },
+ {
+ "name": "BUILDER_VERSION",
+ "displayName": "Builder version",
+ "value": "2.0",
+ "description": "The version of the FIS S2I builder image to use."
+ },
+ {
+ "name": "APP_VERSION",
+ "displayName": "Application Version",
+ "value": "1.0.0.redhat-000014",
+ "description": "The application version."
+ },
+ {
+ "name": "MAVEN_ARGS",
+ "displayName": "Maven Arguments",
+ "value": "package -DskipTests -Dfabric8.skip -e -B",
+ "description": "Arguments passed to mvn in the build."
+ },
+ {
+ "name": "MAVEN_ARGS_APPEND",
+ "displayName": "Extra Maven Arguments",
+ "description": "Extra arguments passed to mvn, e.g. for multi-module builds."
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "displayName": "Maven build directory",
+ "description": "Directory of the artifact to be built, e.g. for multi-module builds."
+ },
+ {
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "displayName": "Image Stream Namespace",
+ "value": "openshift",
+ "required": true,
+ "description": "Namespace in which the Fuse ImageStreams are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project."
+ },
+ {
+ "name": "BUILD_SECRET",
+ "displayName": "Git Build Secret",
+ "generate": "expression",
+ "description": "The secret needed to trigger a build.",
+ "from": "[a-zA-Z0-9]{40}"
+ }
+ ],
+ "objects": [
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {},
+ "status": {
+ "dockerImageRepository": ""
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${BUILD_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${BUILD_SECRET}"
+ }
+ },
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ }
+ ],
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${GIT_REPO}",
+ "ref": "${GIT_REF}"
+ }
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "fis-java-openshift:${BUILDER_VERSION}"
+ },
+ "forcePull": true,
+ "incremental": true,
+ "env": [
+ {
+ "name": "BUILD_LOGLEVEL",
+ "value": "5"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ },
+ {
+ "name": "MAVEN_ARGS",
+ "value": "${MAVEN_ARGS}"
+ },
+ {
+ "name": "MAVEN_ARGS_APPEND",
+ "value": "${MAVEN_ARGS_APPEND}"
+ }
+ ]
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APP_NAME}:latest"
+ }
+ },
+ "resources": {}
+ },
+ "status": {
+ "lastVersion": 0
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "resources": {}
+ },
+ "triggers": [
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APP_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APP_NAME}:latest"
+ }
+ }
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "component": "${APP_NAME}",
+ "deploymentconfig": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ },
+ "template": {
+ "metadata": {
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "deploymentconfig": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "volumes": [
+ {
+ "name": "camel-config",
+ "secret": {
+ "secretName": "${SECRET_NAME}"
+ }
+ }
+ ],
+ "containers": [
+ {
+ "name": "${APP_NAME}",
+ "image": "library/${APP_NAME}:latest",
+ "readinessProbe" : {
+ "httpGet" : {
+ "path" : "/health",
+ "port" : 8081
+ },
+ "initialDelaySeconds" : 10
+ },
+ "livenessProbe" : {
+ "httpGet" : {
+ "path" : "/health",
+ "port" : 8081
+ },
+ "initialDelaySeconds" : 180
+ },
+ "ports": [
+ {
+ "containerPort": 8778,
+ "name": "jolokia"
+ }
+ ],
+ "env" : [ {
+ "name" : "KUBERNETES_NAMESPACE",
+ "valueFrom" : {
+ "fieldRef" : {
+ "fieldPath" : "metadata.namespace"
+ }
+ }
+ }, {
+ "name": "SPRING_CLOUD_KUBERNETES_SECRETS_NAME",
+ "value": "${SECRET_NAME}"
+ }, {
+ "name": "SPRING_CLOUD_KUBERNETES_CONFIG_NAME",
+ "value": "${CONFIGMAP_NAME}"
+ } ],
+ "resources": {},
+ "volumeMounts": [
+ {
+ "name": "camel-config",
+ "readOnly": true,
+ "mountPath": "/etc/secrets/camel-config"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ },
+ "status": {}
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/spring-boot-camel-drools-template.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/spring-boot-camel-drools-template.json
new file mode 100644
index 000000000..91081e493
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/spring-boot-camel-drools-template.json
@@ -0,0 +1,334 @@
+{
+ "apiVersion": "v1",
+ "kind": "Template",
+ "metadata": {
+ "annotations": {
+ "description": "Spring-Boot, Camel and JBoss BRMS QuickStart. This example demonstrates how you can use Apache Camel and JBoss BRMS with Spring Boot on OpenShift. DRL files contain simple rules which are used to create knowledge session via Spring configuration file. Camel routes, defined via Spring as well, are then used to e.g. pass (insert) the Body of the message as a POJO to Drools engine for execution. A Kie Server should be deployed and configured before running the application, more information about how to configure it can be found at https://github.com/fabric8-quickstarts/spring-boot-camel-drools/blob/fis-2.0.x.redhat/README.redhat.md",
+ "tags": "quickstart,java,springboot,fis",
+ "iconClass": "icon-jboss",
+ "version": "2.0"
+ },
+ "name": "s2i-spring-boot-camel-drools"
+ },
+ "labels": {
+ "template": "s2i-spring-boot-camel-drools"
+ },
+ "parameters": [
+ {
+ "name": "APP_NAME",
+ "displayName": "Application Name",
+ "required": true,
+ "value": "s2i-spring-boot-camel-drools",
+ "description": "The name assigned to the application."
+ },
+ {
+ "name": "GIT_REPO",
+ "displayName": "Git Repository URL",
+ "required": true,
+ "value": "https://github.com/fabric8-quickstarts/spring-boot-camel-drools.git",
+ "description": "The URL of the repository with your application source code."
+ },
+ {
+ "name": "GIT_REF",
+ "displayName": "Git Reference",
+ "value": "spring-boot-camel-drools-1.0.0.redhat-000063",
+ "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch."
+ },
+ {
+ "name": "KIESERVER_SERVICE",
+ "displayName": "Decision Server Name",
+ "required": true,
+ "value": "kie-app",
+ "description": "Set this to the name of the Decision Server. You may need to create an instance before."
+ },
+ {
+ "name": "KIESERVER_USERNAME",
+ "displayName": "Decision Server Username",
+ "required": true,
+ "value": "kieserver",
+ "description": "The username used to authenticate with the Decision Server."
+ },
+ {
+ "name": "KIESERVER_PASSWORD",
+ "displayName": "Decision Server Password",
+ "required": true,
+ "description": "The password used to authenticate with the Decision Server."
+ },
+ {
+ "name": "BUILDER_VERSION",
+ "displayName": "Builder version",
+ "value": "2.0",
+ "description": "The version of the FIS S2I builder image to use."
+ },
+ {
+ "name": "APP_VERSION",
+ "displayName": "Application Version",
+ "value": "1.0.0.redhat-000063",
+ "description": "The application version."
+ },
+ {
+ "name": "MAVEN_ARGS",
+ "displayName": "Maven Arguments",
+ "value": "package -DskipTests -Dfabric8.skip -e -B",
+ "description": "Arguments passed to mvn in the build."
+ },
+ {
+ "name": "MAVEN_ARGS_APPEND",
+ "displayName": "Extra Maven Arguments",
+ "description": "Extra arguments passed to mvn, e.g. for multi-module builds."
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "displayName": "Maven build directory",
+ "description": "Directory of the artifact to be built, e.g. for multi-module builds."
+ },
+ {
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "displayName": "Image Stream Namespace",
+ "value": "openshift",
+ "required": true,
+ "description": "Namespace in which the Fuse ImageStreams are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project."
+ },
+ {
+ "name": "BUILD_SECRET",
+ "displayName": "Git Build Secret",
+ "generate": "expression",
+ "description": "The secret needed to trigger a build.",
+ "from": "[a-zA-Z0-9]{40}"
+ },
+ {
+ "name": "CPU_REQUEST",
+ "displayName": "CPU request",
+ "value": "0.2",
+ "required": true,
+ "description": "The amount of CPU to requests."
+ },
+ {
+ "name": "CPU_LIMIT",
+ "displayName": "CPU limit",
+ "value": "1.0",
+ "required": true,
+ "description": "The amount of CPU the container is limited to use."
+ }
+ ],
+ "objects": [
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {},
+ "status": {
+ "dockerImageRepository": ""
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${BUILD_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${BUILD_SECRET}"
+ }
+ },
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ }
+ ],
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${GIT_REPO}",
+ "ref": "${GIT_REF}"
+ }
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "fis-java-openshift:${BUILDER_VERSION}"
+ },
+ "forcePull": true,
+ "incremental": true,
+ "env": [
+ {
+ "name": "BUILD_LOGLEVEL",
+ "value": "5"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ },
+ {
+ "name": "MAVEN_ARGS",
+ "value": "${MAVEN_ARGS}"
+ },
+ {
+ "name": "MAVEN_ARGS_APPEND",
+ "value": "${MAVEN_ARGS_APPEND}"
+ }
+ ]
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APP_NAME}:latest"
+ }
+ },
+ "resources": {}
+ },
+ "status": {
+ "lastVersion": 0
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "resources": {}
+ },
+ "triggers": [
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APP_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APP_NAME}:latest"
+ }
+ }
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "component": "${APP_NAME}",
+ "deploymentconfig": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ },
+ "template": {
+ "metadata": {
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "deploymentconfig": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "${APP_NAME}",
+ "image": "library/${APP_NAME}:latest",
+ "readinessProbe" : {
+ "httpGet" : {
+ "path" : "/health",
+ "port" : 8081
+ },
+ "initialDelaySeconds" : 10
+ },
+ "livenessProbe" : {
+ "httpGet" : {
+ "path" : "/health",
+ "port" : 8081
+ },
+ "initialDelaySeconds" : 180
+ },
+ "ports": [
+ {
+ "containerPort": 8778,
+ "name": "jolokia"
+ }
+ ],
+ "env" : [ {
+ "name" : "KUBERNETES_NAMESPACE",
+ "valueFrom" : {
+ "fieldRef" : {
+ "fieldPath" : "metadata.namespace"
+ }
+ }
+ }, {
+ "name": "KIESERVER_SERVICE",
+ "value": "${KIESERVER_SERVICE}"
+ }, {
+ "name": "KIESERVER_USERNAME",
+ "value": "${KIESERVER_USERNAME}"
+ }, {
+ "name": "KIESERVER_PASSWORD",
+ "value": "${KIESERVER_PASSWORD}"
+ } ],
+ "resources": {
+ "requests": {
+ "cpu": "${CPU_REQUEST}"
+ },
+ "limits": {
+ "cpu": "${CPU_LIMIT}"
+ }
+ }
+ }
+ ]
+ }
+ }
+ },
+ "status": {}
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/spring-boot-camel-infinispan-template.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/spring-boot-camel-infinispan-template.json
new file mode 100644
index 000000000..8d97400ab
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/spring-boot-camel-infinispan-template.json
@@ -0,0 +1,315 @@
+{
+ "apiVersion": "v1",
+ "kind": "Template",
+ "metadata": {
+ "annotations": {
+ "description": "Spring Boot, Camel and JBoss Data Grid QuickStart. This quickstart demonstrates how to connect a Spring-Boot application to a JBoss Data Grid (or Infinispan) server using the Hot Rod protocol. It requires that the data grid server (or cluster) has been deployed first, one simple way to run a JDG service is following the documentation of the JDG xPaaS image for OpenShift related to the datagrid65-basic template.",
+ "tags": "quickstart,java,springboot,fis",
+ "iconClass": "icon-jboss",
+ "version": "2.0"
+ },
+ "name": "s2i-spring-boot-camel-infinispan"
+ },
+ "labels": {
+ "template": "s2i-spring-boot-camel-infinispan"
+ },
+ "parameters": [
+ {
+ "name": "APP_NAME",
+ "displayName": "Application Name",
+ "required": true,
+ "value": "s2i-spring-boot-camel-infinispan",
+ "description": "The name assigned to the application."
+ },
+ {
+ "name": "GIT_REPO",
+ "displayName": "Git Repository URL",
+ "required": true,
+ "value": "https://github.com/fabric8-quickstarts/spring-boot-camel-infinispan.git",
+ "description": "The URL of the repository with your application source code."
+ },
+ {
+ "name": "GIT_REF",
+ "displayName": "Git Reference",
+ "value": "spring-boot-camel-infinispan-1.0.0.redhat-000033",
+ "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch."
+ },
+ {
+ "name": "INFINISPAN_SERVICE",
+ "displayName": "JBoss Data Grid Service (Hot Rod)",
+ "required": true,
+ "value": "datagrid-app-hotrod",
+ "description": "Set this to the name of the Hot Rod service of the JBoss Data Grid. You may need to create the data grid first."
+ },
+ {
+ "name": "BUILDER_VERSION",
+ "displayName": "Builder version",
+ "value": "2.0",
+ "description": "The version of the FIS S2I builder image to use."
+ },
+ {
+ "name": "APP_VERSION",
+ "displayName": "Application Version",
+ "value": "1.0.0.redhat-000033",
+ "description": "The application version."
+ },
+ {
+ "name": "MAVEN_ARGS",
+ "displayName": "Maven Arguments",
+ "value": "package -DskipTests -Dfabric8.skip -e -B",
+ "description": "Arguments passed to mvn in the build."
+ },
+ {
+ "name": "MAVEN_ARGS_APPEND",
+ "displayName": "Extra Maven Arguments",
+ "description": "Extra arguments passed to mvn, e.g. for multi-module builds."
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "displayName": "Maven build directory",
+ "description": "Directory of the artifact to be built, e.g. for multi-module builds."
+ },
+ {
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "displayName": "Image Stream Namespace",
+ "value": "openshift",
+ "required": true,
+ "description": "Namespace in which the Fuse ImageStreams are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project."
+ },
+ {
+ "name": "BUILD_SECRET",
+ "displayName": "Git Build Secret",
+ "generate": "expression",
+ "description": "The secret needed to trigger a build.",
+ "from": "[a-zA-Z0-9]{40}"
+ },
+ {
+ "name": "CPU_REQUEST",
+ "displayName": "CPU request",
+ "value": "0.2",
+ "required": true,
+ "description": "The amount of CPU to requests."
+ },
+ {
+ "name": "CPU_LIMIT",
+ "displayName": "CPU limit",
+ "value": "1.0",
+ "required": true,
+ "description": "The amount of CPU the container is limited to use."
+ }
+ ],
+ "objects": [
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {},
+ "status": {
+ "dockerImageRepository": ""
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${BUILD_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${BUILD_SECRET}"
+ }
+ },
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ }
+ ],
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${GIT_REPO}",
+ "ref": "${GIT_REF}"
+ }
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "fis-java-openshift:${BUILDER_VERSION}"
+ },
+ "forcePull": true,
+ "incremental": true,
+ "env": [
+ {
+ "name": "BUILD_LOGLEVEL",
+ "value": "5"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ },
+ {
+ "name": "MAVEN_ARGS",
+ "value": "${MAVEN_ARGS}"
+ },
+ {
+ "name": "MAVEN_ARGS_APPEND",
+ "value": "${MAVEN_ARGS_APPEND}"
+ }
+ ]
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APP_NAME}:latest"
+ }
+ },
+ "resources": {}
+ },
+ "status": {
+ "lastVersion": 0
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "resources": {}
+ },
+ "triggers": [
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APP_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APP_NAME}:latest"
+ }
+ }
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "component": "${APP_NAME}",
+ "deploymentconfig": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ },
+ "template": {
+ "metadata": {
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "deploymentconfig": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "${APP_NAME}",
+ "image": "library/${APP_NAME}:latest",
+ "readinessProbe" : {
+ "httpGet" : {
+ "path" : "/health",
+ "port" : 8081
+ },
+ "initialDelaySeconds" : 10
+ },
+ "livenessProbe" : {
+ "httpGet" : {
+ "path" : "/health",
+ "port" : 8081
+ },
+ "initialDelaySeconds" : 180
+ },
+ "ports": [
+ {
+ "containerPort": 8778,
+ "name": "jolokia"
+ }
+ ],
+ "env" : [ {
+ "name" : "KUBERNETES_NAMESPACE",
+ "valueFrom" : {
+ "fieldRef" : {
+ "fieldPath" : "metadata.namespace"
+ }
+ }
+ } , {
+ "name": "INFINISPAN_SERVICE",
+ "value": "${INFINISPAN_SERVICE}"
+ } ],
+ "resources": {
+ "requests": {
+ "cpu": "${CPU_REQUEST}"
+ },
+ "limits": {
+ "cpu": "${CPU_LIMIT}"
+ }
+ }
+ }
+ ]
+ }
+ }
+ },
+ "status": {}
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/spring-boot-camel-rest-sql-template.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/spring-boot-camel-rest-sql-template.json
new file mode 100644
index 000000000..bf722844c
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/spring-boot-camel-rest-sql-template.json
@@ -0,0 +1,403 @@
+{
+ "apiVersion": "v1",
+ "kind": "Template",
+ "metadata": {
+ "annotations": {
+ "description": "Spring Boot, Camel REST DSL and MySQL QuickStart. This quickstart demonstrates how to connect a Spring Boot application to a MySQL database and expose a REST API with Camel on OpenShift. In this example we will use two containers, one container to run as a MySQL server, and another as a client to the database, where the Camel routes are running. This quickstart requires the MySQL server to be deployed and started first, one simple way to run a MySQL service is following the documentation of the OpenShift MySQL container image related to the mysql-ephemeral template.",
+ "tags": "quickstart,java,springboot,fis",
+ "iconClass": "icon-jboss",
+ "version": "2.0"
+ },
+ "name": "s2i-spring-boot-camel-rest-sql"
+ },
+ "labels": {
+ "template": "s2i-spring-boot-camel-rest-sql"
+ },
+ "parameters": [
+ {
+ "name": "APP_NAME",
+ "displayName": "Application Name",
+ "required": true,
+ "value": "s2i-spring-boot-camel-rest-sql",
+ "description": "The name assigned to the application."
+ },
+ {
+ "name": "GIT_REPO",
+ "displayName": "Git Repository URL",
+ "required": true,
+ "value": "https://github.com/fabric8-quickstarts/spring-boot-camel-rest-sql.git",
+ "description": "The URL of the repository with your application source code."
+ },
+ {
+ "name": "GIT_REF",
+ "displayName": "Git Reference",
+ "value": "spring-boot-camel-rest-sql-1.0.0.redhat-000064",
+ "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch."
+ },
+ {
+ "name": "SERVICE_NAME",
+ "displayName": "Service Name",
+ "value": "camel-rest-sql",
+ "description": "Exposed service name."
+ },
+ {
+ "name": "MYSQL_SERVICE_NAME",
+ "displayName": "MySQL Server Service",
+ "required": true,
+ "value": "mysql",
+ "description": "Set this to the name of the TCP service of the MySQL server. You may need to create a server first."
+ },
+ {
+ "name": "MYSQL_SERVICE_DATABASE",
+ "displayName": "MySQL Server Database",
+ "value": "sampledb",
+ "description": "The database hosted by the MySQL server to be used by the application."
+ },
+ {
+ "name": "MYSQL_SERVICE_USERNAME",
+ "displayName": "MySQL Server Username",
+ "description": "The username used to authenticate with the MySQL server. Leave it empty if authentication is disabled."
+ },
+ {
+ "name": "MYSQL_SERVICE_PASSWORD",
+ "displayName": "MySQL Server Password",
+ "description": "The password used to authenticate with the MySQL server. Leave it empty if authentication is disabled."
+ },
+ {
+ "name": "BUILDER_VERSION",
+ "displayName": "Builder version",
+ "value": "2.0",
+ "description": "The version of the FIS S2I builder image to use."
+ },
+ {
+ "name": "APP_VERSION",
+ "displayName": "Application Version",
+ "value": "1.0.0.redhat-000064",
+ "description": "The application version."
+ },
+ {
+ "name": "MAVEN_ARGS",
+ "displayName": "Maven Arguments",
+ "value": "package -DskipTests -Dfabric8.skip -e -B",
+ "description": "Arguments passed to mvn in the build."
+ },
+ {
+ "name": "MAVEN_ARGS_APPEND",
+ "displayName": "Extra Maven Arguments",
+ "description": "Extra arguments passed to mvn, e.g. for multi-module builds."
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "displayName": "Maven build directory",
+ "description": "Directory of the artifact to be built, e.g. for multi-module builds."
+ },
+ {
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "displayName": "Image Stream Namespace",
+ "value": "openshift",
+ "required": true,
+ "description": "Namespace in which the Fuse ImageStreams are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project."
+ },
+ {
+ "name": "BUILD_SECRET",
+ "displayName": "Git Build Secret",
+ "generate": "expression",
+ "description": "The secret needed to trigger a build.",
+ "from": "[a-zA-Z0-9]{40}"
+ },
+ {
+ "name": "CPU_REQUEST",
+ "displayName": "CPU request",
+ "value": "0.2",
+ "required": true,
+ "description": "The amount of CPU to requests."
+ },
+ {
+ "name": "CPU_LIMIT",
+ "displayName": "CPU limit",
+ "value": "1.0",
+ "required": true,
+ "description": "The amount of CPU the container is limited to use."
+ }
+ ],
+ "objects": [
+ {
+ "apiVersion": "v1",
+ "kind": "Route",
+ "metadata": {
+ "labels": {
+ "component": "${APP_NAME}",
+ "provider": "s2i",
+ "project": "${APP_NAME}",
+ "version": "${APP_VERSION}",
+ "group": "quickstarts"
+ },
+ "name": "${SERVICE_NAME}-route"
+ },
+ "spec": {
+ "to": {
+ "kind": "Service",
+ "name": "${SERVICE_NAME}"
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "Service",
+ "metadata": {
+ "annotations": {
+ },
+ "labels": {
+ "component": "${APP_NAME}",
+ "provider": "s2i",
+ "project": "${APP_NAME}",
+ "version": "${APP_VERSION}",
+ "group": "quickstarts"
+ },
+ "name": "${SERVICE_NAME}"
+ },
+ "spec": {
+ "clusterIP": "None",
+ "deprecatedPublicIPs": [],
+ "ports": [
+ {
+ "port": 9411,
+ "protocol": "TCP",
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "project": "${APP_NAME}",
+ "component": "${APP_NAME}",
+ "provider": "s2i",
+ "group": "quickstarts"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {},
+ "status": {
+ "dockerImageRepository": ""
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${BUILD_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${BUILD_SECRET}"
+ }
+ },
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ }
+ ],
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${GIT_REPO}",
+ "ref": "${GIT_REF}"
+ }
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "fis-java-openshift:${BUILDER_VERSION}"
+ },
+ "forcePull": true,
+ "incremental": true,
+ "env": [
+ {
+ "name": "BUILD_LOGLEVEL",
+ "value": "5"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ },
+ {
+ "name": "MAVEN_ARGS",
+ "value": "${MAVEN_ARGS}"
+ },
+ {
+ "name": "MAVEN_ARGS_APPEND",
+ "value": "${MAVEN_ARGS_APPEND}"
+ }
+ ]
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APP_NAME}:latest"
+ }
+ },
+ "resources": {}
+ },
+ "status": {
+ "lastVersion": 0
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "resources": {}
+ },
+ "triggers": [
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APP_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APP_NAME}:latest"
+ }
+ }
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "component": "${APP_NAME}",
+ "deploymentconfig": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ },
+ "template": {
+ "metadata": {
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "deploymentconfig": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "${APP_NAME}",
+ "image": "library/${APP_NAME}:latest",
+ "readinessProbe" : {
+ "httpGet" : {
+ "path" : "/health",
+ "port" : 8081
+ },
+ "initialDelaySeconds" : 10
+ },
+ "livenessProbe" : {
+ "httpGet" : {
+ "path" : "/health",
+ "port" : 8081
+ },
+ "initialDelaySeconds" : 180
+ },
+ "ports": [
+ {
+ "containerPort": 8080,
+ "name": "http"
+ },
+ {
+ "containerPort": 8778,
+ "name": "jolokia"
+ }
+ ],
+ "env" : [ {
+ "name" : "KUBERNETES_NAMESPACE",
+ "valueFrom" : {
+ "fieldRef" : {
+ "fieldPath" : "metadata.namespace"
+ }
+ }
+ } , {
+ "name": "MYSQL_SERVICE_NAME",
+ "value": "${MYSQL_SERVICE_NAME}"
+ }, {
+ "name": "MYSQL_SERVICE_DATABASE",
+ "value": "${MYSQL_SERVICE_DATABASE}"
+ }, {
+ "name": "MYSQL_SERVICE_USERNAME",
+ "value": "${MYSQL_SERVICE_USERNAME}"
+ }, {
+ "name": "MYSQL_SERVICE_PASSWORD",
+ "value": "${MYSQL_SERVICE_PASSWORD}"
+ } ],
+ "resources": {
+ "requests": {
+ "cpu": "${CPU_REQUEST}"
+ },
+ "limits": {
+ "cpu": "${CPU_LIMIT}"
+ }
+ }
+ }
+ ]
+ }
+ }
+ },
+ "status": {}
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/spring-boot-camel-teiid-template.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/spring-boot-camel-teiid-template.json
new file mode 100644
index 000000000..856264615
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/spring-boot-camel-teiid-template.json
@@ -0,0 +1,343 @@
+{
+ "apiVersion": "v1",
+ "kind": "Template",
+ "metadata": {
+ "annotations": {
+ "description": "Spring-Boot, Camel and JBoss Data Virtualization QuickStart. This example demonstrates how to connect Apache Camel to a remote JBoss Data Virtualization (or Teiid) Server using the JDBC protocol. This quickstart assumes that the JDV server is already running and configured on OpenShift, more information about to setup a JDV server can be found at https://github.com/fabric8-quickstarts/spring-boot-camel-teiid/blob/fis-2.0.x.redhat/README.redhat.md",
+ "tags": "quickstart,java,springboot,fis",
+ "iconClass": "icon-jboss",
+ "version": "2.0"
+ },
+ "name": "s2i-spring-boot-camel-teiid"
+ },
+ "labels": {
+ "template": "s2i-spring-boot-camel-teiid"
+ },
+ "parameters": [
+ {
+ "name": "APP_NAME",
+ "displayName": "Application Name",
+ "required": true,
+ "value": "s2i-spring-boot-camel-teiid",
+ "description": "The name assigned to the application."
+ },
+ {
+ "name": "GIT_REPO",
+ "displayName": "Git Repository URL",
+ "required": true,
+ "value": "https://github.com/fabric8-quickstarts/spring-boot-camel-teiid.git",
+ "description": "The URL of the repository with your application source code."
+ },
+ {
+ "name": "GIT_REF",
+ "displayName": "Git Reference",
+ "value": "spring-boot-camel-teiid-1.0.0.redhat-000062",
+ "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch."
+ },
+ {
+ "name": "TEIID_SERVICE_NAME",
+ "displayName": "JDV Server Name",
+ "required": true,
+ "value": "datavirt-app",
+ "description": "Set this to the name of the JDV Server. You may need to create an instance before."
+ },
+ {
+ "name": "TEIID_PORT_NAME",
+ "displayName": "JDV Port Name",
+ "value": "jdbc",
+ "description": "Set this to the name of the JDV port to use. Set this value if the JDV service contains multiple named ports."
+ },
+ {
+ "name": "TEIID_USERNAME",
+ "displayName": "JDV Server Username",
+ "required": true,
+ "description": "The username used to authenticate with the JDV Server."
+ },
+ {
+ "name": "TEIID_PASSWORD",
+ "displayName": "JDV Server Password",
+ "required": true,
+ "description": "The password used to authenticate with the JDV Server."
+ },
+ {
+ "name": "BUILDER_VERSION",
+ "displayName": "Builder version",
+ "value": "2.0",
+ "description": "The version of the FIS S2I builder image to use."
+ },
+ {
+ "name": "APP_VERSION",
+ "displayName": "Application Version",
+ "value": "1.0.0.redhat-000062",
+ "description": "The application version."
+ },
+ {
+ "name": "MAVEN_ARGS",
+ "displayName": "Maven Arguments",
+ "value": "package -DskipTests -Dfabric8.skip -e -B",
+ "description": "Arguments passed to mvn in the build."
+ },
+ {
+ "name": "MAVEN_ARGS_APPEND",
+ "displayName": "Extra Maven Arguments",
+ "description": "Extra arguments passed to mvn, e.g. for multi-module builds."
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "displayName": "Maven build directory",
+ "description": "Directory of the artifact to be built, e.g. for multi-module builds."
+ },
+ {
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "displayName": "Image Stream Namespace",
+ "value": "openshift",
+ "required": true,
+ "description": "Namespace in which the Fuse ImageStreams are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project."
+ },
+ {
+ "name": "BUILD_SECRET",
+ "displayName": "Git Build Secret",
+ "generate": "expression",
+ "description": "The secret needed to trigger a build.",
+ "from": "[a-zA-Z0-9]{40}"
+ },
+ {
+ "name": "CPU_REQUEST",
+ "displayName": "CPU request",
+ "value": "0.2",
+ "required": true,
+ "description": "The amount of CPU to requests."
+ },
+ {
+ "name": "CPU_LIMIT",
+ "displayName": "CPU limit",
+ "value": "1.0",
+ "required": true,
+ "description": "The amount of CPU the container is limited to use."
+ }
+ ],
+ "objects": [
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {},
+ "status": {
+ "dockerImageRepository": ""
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${BUILD_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${BUILD_SECRET}"
+ }
+ },
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ }
+ ],
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${GIT_REPO}",
+ "ref": "${GIT_REF}"
+ }
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "fis-java-openshift:${BUILDER_VERSION}"
+ },
+ "forcePull": true,
+ "incremental": true,
+ "env": [
+ {
+ "name": "BUILD_LOGLEVEL",
+ "value": "5"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ },
+ {
+ "name": "MAVEN_ARGS",
+ "value": "${MAVEN_ARGS}"
+ },
+ {
+ "name": "MAVEN_ARGS_APPEND",
+ "value": "${MAVEN_ARGS_APPEND}"
+ }
+ ]
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APP_NAME}:latest"
+ }
+ },
+ "resources": {}
+ },
+ "status": {
+ "lastVersion": 0
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "resources": {}
+ },
+ "triggers": [
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APP_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APP_NAME}:latest"
+ }
+ }
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "component": "${APP_NAME}",
+ "deploymentconfig": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ },
+ "template": {
+ "metadata": {
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "deploymentconfig": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "${APP_NAME}",
+ "image": "library/${APP_NAME}:latest",
+ "readinessProbe" : {
+ "httpGet" : {
+ "path" : "/health",
+ "port" : 8081
+ },
+ "initialDelaySeconds" : 10
+ },
+ "livenessProbe" : {
+ "httpGet" : {
+ "path" : "/health",
+ "port" : 8081
+ },
+ "initialDelaySeconds" : 180
+ },
+ "ports": [
+ {
+ "containerPort": 8778,
+ "name": "jolokia"
+ }
+ ],
+ "env" : [
+ {
+ "name" : "KUBERNETES_NAMESPACE",
+ "valueFrom" : {
+ "fieldRef" : {
+ "fieldPath" : "metadata.namespace"
+ }
+ }
+ }, {
+ "name": "TEIID_SERVICE_NAME",
+ "value": "${TEIID_SERVICE_NAME}"
+ }, {
+ "name": "TEIID_PORT_NAME",
+ "value": "${TEIID_PORT_NAME}"
+ }, {
+ "name": "TEIID_USERNAME",
+ "value": "${TEIID_USERNAME}"
+ }, {
+ "name": "TEIID_PASSWORD",
+ "value": "${TEIID_PASSWORD}"
+ }],
+ "resources": {
+ "requests": {
+ "cpu": "${CPU_REQUEST}"
+ },
+ "limits": {
+ "cpu": "${CPU_LIMIT}"
+ }
+ }
+ }
+ ]
+ }
+ }
+ },
+ "status": {}
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/spring-boot-camel-template.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/spring-boot-camel-template.json
new file mode 100644
index 000000000..9c0fe287e
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/spring-boot-camel-template.json
@@ -0,0 +1,305 @@
+{
+ "apiVersion": "v1",
+ "kind": "Template",
+ "metadata": {
+ "annotations": {
+ "description": "Spring-Boot and Camel QuickStart. This example demonstrates how you can use Apache Camel with Spring Boot on Openshift. The quickstart uses Spring Boot to configure a little application that includes a Camel route that triggeres a message every 5th second, and routes the message to a log.",
+ "tags": "quickstart,java,springboot,fis",
+ "iconClass": "icon-jboss",
+ "version": "2.0"
+ },
+ "name": "s2i-spring-boot-camel"
+ },
+ "labels": {
+ "template": "s2i-spring-boot-camel"
+ },
+ "parameters": [
+ {
+ "name": "APP_NAME",
+ "displayName": "Application Name",
+ "required": true,
+ "value": "s2i-spring-boot-camel",
+ "description": "The name assigned to the application."
+ },
+ {
+ "name": "GIT_REPO",
+ "displayName": "Git Repository URL",
+ "required": true,
+ "value": "https://github.com/fabric8-quickstarts/spring-boot-camel.git",
+ "description": "The URL of the repository with your application source code."
+ },
+ {
+ "name": "GIT_REF",
+ "displayName": "Git Reference",
+ "value": "spring-boot-camel-1.0.0.redhat-000064",
+ "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch."
+ },
+ {
+ "name": "BUILDER_VERSION",
+ "displayName": "Builder version",
+ "value": "2.0",
+ "description": "The version of the FIS S2I builder image to use."
+ },
+ {
+ "name": "APP_VERSION",
+ "displayName": "Application Version",
+ "value": "1.0.0.redhat-000064",
+ "description": "The application version."
+ },
+ {
+ "name": "MAVEN_ARGS",
+ "displayName": "Maven Arguments",
+ "value": "package -DskipTests -Dfabric8.skip -e -B",
+ "description": "Arguments passed to mvn in the build."
+ },
+ {
+ "name": "MAVEN_ARGS_APPEND",
+ "displayName": "Extra Maven Arguments",
+ "description": "Extra arguments passed to mvn, e.g. for multi-module builds."
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "displayName": "Maven build directory",
+ "description": "Directory of the artifact to be built, e.g. for multi-module builds."
+ },
+ {
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "displayName": "Image Stream Namespace",
+ "value": "openshift",
+ "required": true,
+ "description": "Namespace in which the Fuse ImageStreams are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project."
+ },
+ {
+ "name": "BUILD_SECRET",
+ "displayName": "Git Build Secret",
+ "generate": "expression",
+ "description": "The secret needed to trigger a build.",
+ "from": "[a-zA-Z0-9]{40}"
+ },
+ {
+ "name": "CPU_REQUEST",
+ "displayName": "CPU request",
+ "value": "0.2",
+ "required": true,
+ "description": "The amount of CPU to requests."
+ },
+ {
+ "name": "CPU_LIMIT",
+ "displayName": "CPU limit",
+ "value": "1.0",
+ "required": true,
+ "description": "The amount of CPU the container is limited to use."
+ }
+ ],
+ "objects": [
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {},
+ "status": {
+ "dockerImageRepository": ""
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${BUILD_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${BUILD_SECRET}"
+ }
+ },
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ }
+ ],
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${GIT_REPO}",
+ "ref": "${GIT_REF}"
+ }
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "fis-java-openshift:${BUILDER_VERSION}"
+ },
+ "forcePull": true,
+ "incremental": true,
+ "env": [
+ {
+ "name": "BUILD_LOGLEVEL",
+ "value": "5"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ },
+ {
+ "name": "MAVEN_ARGS",
+ "value": "${MAVEN_ARGS}"
+ },
+ {
+ "name": "MAVEN_ARGS_APPEND",
+ "value": "${MAVEN_ARGS_APPEND}"
+ }
+ ]
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APP_NAME}:latest"
+ }
+ },
+ "resources": {}
+ },
+ "status": {
+ "lastVersion": 0
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "resources": {}
+ },
+ "triggers": [
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APP_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APP_NAME}:latest"
+ }
+ }
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "component": "${APP_NAME}",
+ "deploymentconfig": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ },
+ "template": {
+ "metadata": {
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "deploymentconfig": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "${APP_NAME}",
+ "image": "library/${APP_NAME}:latest",
+ "readinessProbe" : {
+ "httpGet" : {
+ "path" : "/health",
+ "port" : 8081
+ },
+ "initialDelaySeconds" : 10
+ },
+ "livenessProbe" : {
+ "httpGet" : {
+ "path" : "/health",
+ "port" : 8081
+ },
+ "initialDelaySeconds" : 180
+ },
+ "ports": [
+ {
+ "containerPort": 8778,
+ "name": "jolokia"
+ }
+ ],
+ "env" : [ {
+ "name" : "KUBERNETES_NAMESPACE",
+ "valueFrom" : {
+ "fieldRef" : {
+ "fieldPath" : "metadata.namespace"
+ }
+ }
+ } ],
+ "resources": {
+ "requests": {
+ "cpu": "${CPU_REQUEST}"
+ },
+ "limits": {
+ "cpu": "${CPU_LIMIT}"
+ }
+ }
+ }
+ ]
+ }
+ }
+ },
+ "status": {}
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/spring-boot-camel-xml-template.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/spring-boot-camel-xml-template.json
new file mode 100644
index 000000000..87c0e347a
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/spring-boot-camel-xml-template.json
@@ -0,0 +1,305 @@
+{
+ "apiVersion": "v1",
+ "kind": "Template",
+ "metadata": {
+ "annotations": {
+ "description": "Spring-Boot and Camel Xml QuickStart. This example demonstrates how you can use Apache Camel with Spring Boot on Openshift. The quickstart uses Spring Boot to configure a little application that includes a Camel route (in Spring xml) that triggeres a message every 5th second, and routes the message to a log.",
+ "tags": "quickstart,java,springboot,fis",
+ "iconClass": "icon-jboss",
+ "version": "2.0"
+ },
+ "name": "s2i-spring-boot-camel-xml"
+ },
+ "labels": {
+ "template": "s2i-spring-boot-camel-xml"
+ },
+ "parameters": [
+ {
+ "name": "APP_NAME",
+ "displayName": "Application Name",
+ "required": true,
+ "value": "s2i-spring-boot-camel-xml",
+ "description": "The name assigned to the application."
+ },
+ {
+ "name": "GIT_REPO",
+ "displayName": "Git Repository URL",
+ "required": true,
+ "value": "https://github.com/fabric8-quickstarts/spring-boot-camel-xml.git",
+ "description": "The URL of the repository with your application source code."
+ },
+ {
+ "name": "GIT_REF",
+ "displayName": "Git Reference",
+ "value": "spring-boot-camel-xml-1.0.0.redhat-000064",
+ "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch."
+ },
+ {
+ "name": "BUILDER_VERSION",
+ "displayName": "Builder version",
+ "value": "2.0",
+ "description": "The version of the FIS S2I builder image to use."
+ },
+ {
+ "name": "APP_VERSION",
+ "displayName": "Application Version",
+ "value": "1.0.0.redhat-000064",
+ "description": "The application version."
+ },
+ {
+ "name": "MAVEN_ARGS",
+ "displayName": "Maven Arguments",
+ "value": "package -DskipTests -Dfabric8.skip -e -B",
+ "description": "Arguments passed to mvn in the build."
+ },
+ {
+ "name": "MAVEN_ARGS_APPEND",
+ "displayName": "Extra Maven Arguments",
+ "description": "Extra arguments passed to mvn, e.g. for multi-module builds."
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "displayName": "Maven build directory",
+ "description": "Directory of the artifact to be built, e.g. for multi-module builds."
+ },
+ {
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "displayName": "Image Stream Namespace",
+ "value": "openshift",
+ "required": true,
+ "description": "Namespace in which the Fuse ImageStreams are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project."
+ },
+ {
+ "name": "BUILD_SECRET",
+ "displayName": "Git Build Secret",
+ "generate": "expression",
+ "description": "The secret needed to trigger a build.",
+ "from": "[a-zA-Z0-9]{40}"
+ },
+ {
+ "name": "CPU_REQUEST",
+ "displayName": "CPU request",
+ "value": "0.2",
+ "required": true,
+ "description": "The amount of CPU to requests."
+ },
+ {
+ "name": "CPU_LIMIT",
+ "displayName": "CPU limit",
+ "value": "1.0",
+ "required": true,
+ "description": "The amount of CPU the container is limited to use."
+ }
+ ],
+ "objects": [
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {},
+ "status": {
+ "dockerImageRepository": ""
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${BUILD_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${BUILD_SECRET}"
+ }
+ },
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ }
+ ],
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${GIT_REPO}",
+ "ref": "${GIT_REF}"
+ }
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "fis-java-openshift:${BUILDER_VERSION}"
+ },
+ "forcePull": true,
+ "incremental": true,
+ "env": [
+ {
+ "name": "BUILD_LOGLEVEL",
+ "value": "5"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ },
+ {
+ "name": "MAVEN_ARGS",
+ "value": "${MAVEN_ARGS}"
+ },
+ {
+ "name": "MAVEN_ARGS_APPEND",
+ "value": "${MAVEN_ARGS_APPEND}"
+ }
+ ]
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APP_NAME}:latest"
+ }
+ },
+ "resources": {}
+ },
+ "status": {
+ "lastVersion": 0
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "resources": {}
+ },
+ "triggers": [
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APP_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APP_NAME}:latest"
+ }
+ }
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "component": "${APP_NAME}",
+ "deploymentconfig": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ },
+ "template": {
+ "metadata": {
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "deploymentconfig": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "${APP_NAME}",
+ "image": "library/${APP_NAME}:latest",
+ "readinessProbe" : {
+ "httpGet" : {
+ "path" : "/health",
+ "port" : 8081
+ },
+ "initialDelaySeconds" : 10
+ },
+ "livenessProbe" : {
+ "httpGet" : {
+ "path" : "/health",
+ "port" : 8081
+ },
+ "initialDelaySeconds" : 180
+ },
+ "ports": [
+ {
+ "containerPort": 8778,
+ "name": "jolokia"
+ }
+ ],
+ "env" : [ {
+ "name" : "KUBERNETES_NAMESPACE",
+ "valueFrom" : {
+ "fieldRef" : {
+ "fieldPath" : "metadata.namespace"
+ }
+ }
+ } ],
+ "resources": {
+ "requests": {
+ "cpu": "${CPU_REQUEST}"
+ },
+ "limits": {
+ "cpu": "${CPU_LIMIT}"
+ }
+ }
+ }
+ ]
+ }
+ }
+ },
+ "status": {}
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/spring-boot-cxf-jaxrs-template.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/spring-boot-cxf-jaxrs-template.json
new file mode 100644
index 000000000..8b0261035
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/spring-boot-cxf-jaxrs-template.json
@@ -0,0 +1,364 @@
+{
+ "apiVersion": "v1",
+ "kind": "Template",
+ "metadata": {
+ "annotations": {
+ "description": "Spring-Boot and CXF JAXRS QuickStart. This example demonstrates how you can use Apache CXF JAXRS with Spring Boot on Openshift. The quickstart uses Spring Boot to configure a little application that includes a CXF JAXRS endpoint with Swagger enabled.",
+ "tags": "quickstart,java,springboot,fis",
+ "iconClass": "icon-jboss",
+ "version": "2.0"
+ },
+ "name": "s2i-spring-boot-cxf-jaxrs"
+ },
+ "labels": {
+ "template": "s2i-spring-boot-cxf-jaxrs"
+ },
+ "parameters": [
+ {
+ "name": "APP_NAME",
+ "displayName": "Application Name",
+ "required": true,
+ "value": "s2i-spring-boot-cxf-jaxrs",
+ "description": "The name assigned to the application."
+ },
+ {
+ "name": "GIT_REPO",
+ "displayName": "Git Repository URL",
+ "required": true,
+ "value": "https://github.com/fabric8-quickstarts/spring-boot-cxf-jaxrs.git",
+ "description": "The URL of the repository with your application source code."
+ },
+ {
+ "name": "GIT_REF",
+ "displayName": "Git Reference",
+ "value": "spring-boot-cxf-jaxrs-1.0.0.redhat-000014",
+ "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch."
+ },
+ {
+ "name": "SERVICE_NAME",
+ "displayName": "Service Name",
+ "value": "cxf-jaxrs",
+ "description": "Exposed service name."
+ },
+ {
+ "name": "BUILDER_VERSION",
+ "displayName": "Builder version",
+ "value": "2.0",
+ "description": "The version of the FIS S2I builder image to use."
+ },
+ {
+ "name": "APP_VERSION",
+ "displayName": "Application Version",
+ "value": "1.0.0.redhat-000014",
+ "description": "The application version."
+ },
+ {
+ "name": "MAVEN_ARGS",
+ "displayName": "Maven Arguments",
+ "value": "package -DskipTests -Dfabric8.skip -e -B",
+ "description": "Arguments passed to mvn in the build."
+ },
+ {
+ "name": "MAVEN_ARGS_APPEND",
+ "displayName": "Extra Maven Arguments",
+ "description": "Extra arguments passed to mvn, e.g. for multi-module builds."
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "displayName": "Maven build directory",
+ "description": "Directory of the artifact to be built, e.g. for multi-module builds."
+ },
+ {
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "displayName": "Image Stream Namespace",
+ "value": "openshift",
+ "required": true,
+ "description": "Namespace in which the Fuse ImageStreams are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project."
+ },
+ {
+ "name": "BUILD_SECRET",
+ "displayName": "Git Build Secret",
+ "generate": "expression",
+ "description": "The secret needed to trigger a build.",
+ "from": "[a-zA-Z0-9]{40}"
+ },
+ {
+ "name": "CPU_REQUEST",
+ "displayName": "CPU request",
+ "value": "0.2",
+ "required": true,
+ "description": "The amount of CPU to requests."
+ },
+ {
+ "name": "CPU_LIMIT",
+ "displayName": "CPU limit",
+ "value": "1.0",
+ "required": true,
+ "description": "The amount of CPU the container is limited to use."
+ }
+ ],
+ "objects": [
+ {
+ "apiVersion": "v1",
+ "kind": "Route",
+ "metadata": {
+ "labels": {
+ "component": "${APP_NAME}",
+ "provider": "s2i",
+ "project": "${APP_NAME}",
+ "version": "${APP_VERSION}",
+ "group": "quickstarts"
+ },
+ "name": "${SERVICE_NAME}-route"
+ },
+ "spec": {
+ "to": {
+ "kind": "Service",
+ "name": "${SERVICE_NAME}"
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "Service",
+ "metadata": {
+ "annotations": {
+ },
+ "labels": {
+ "component": "${APP_NAME}",
+ "provider": "s2i",
+ "project": "${APP_NAME}",
+ "version": "${APP_VERSION}",
+ "group": "quickstarts"
+ },
+ "name": "${SERVICE_NAME}"
+ },
+ "spec": {
+ "clusterIP": "None",
+ "deprecatedPublicIPs": [],
+ "ports": [
+ {
+ "port": 9413,
+ "protocol": "TCP",
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "project": "${APP_NAME}",
+ "component": "${APP_NAME}",
+ "provider": "s2i",
+ "group": "quickstarts"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {},
+ "status": {
+ "dockerImageRepository": ""
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${BUILD_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${BUILD_SECRET}"
+ }
+ },
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ }
+ ],
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${GIT_REPO}",
+ "ref": "${GIT_REF}"
+ }
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "fis-java-openshift:${BUILDER_VERSION}"
+ },
+ "forcePull": true,
+ "incremental": true,
+ "env": [
+ {
+ "name": "BUILD_LOGLEVEL",
+ "value": "5"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ },
+ {
+ "name": "MAVEN_ARGS",
+ "value": "${MAVEN_ARGS}"
+ },
+ {
+ "name": "MAVEN_ARGS_APPEND",
+ "value": "${MAVEN_ARGS_APPEND}"
+ }
+ ]
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APP_NAME}:latest"
+ }
+ },
+ "resources": {}
+ },
+ "status": {
+ "lastVersion": 0
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "resources": {}
+ },
+ "triggers": [
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APP_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APP_NAME}:latest"
+ }
+ }
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "component": "${APP_NAME}",
+ "deploymentconfig": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ },
+ "template": {
+ "metadata": {
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "deploymentconfig": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "${APP_NAME}",
+ "image": "library/${APP_NAME}:latest",
+ "readinessProbe" : {
+ "httpGet" : {
+ "path" : "/health",
+ "port" : 8081
+ },
+ "initialDelaySeconds" : 10
+ },
+ "livenessProbe" : {
+ "httpGet" : {
+ "path" : "/health",
+ "port" : 8081
+ },
+ "initialDelaySeconds" : 180
+ },
+ "ports": [
+ {
+ "containerPort": 8778,
+ "name": "jolokia"
+ }
+ ],
+ "env" : [ {
+ "name" : "KUBERNETES_NAMESPACE",
+ "valueFrom" : {
+ "fieldRef" : {
+ "fieldPath" : "metadata.namespace"
+ }
+ }
+ } ],
+ "resources": {
+ "requests": {
+ "cpu": "${CPU_REQUEST}"
+ },
+ "limits": {
+ "cpu": "${CPU_LIMIT}"
+ }
+ }
+ }
+ ]
+ }
+ }
+ },
+ "status": {}
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/spring-boot-cxf-jaxws-template.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/spring-boot-cxf-jaxws-template.json
new file mode 100644
index 000000000..8b36f5f0b
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/spring-boot-cxf-jaxws-template.json
@@ -0,0 +1,364 @@
+{
+ "apiVersion": "v1",
+ "kind": "Template",
+ "metadata": {
+ "annotations": {
+ "description": "Spring-Boot and CXF JAXWS QuickStart. This example demonstrates how you can use Apache CXF JAXWS with Spring Boot on Openshift. The quickstart uses Spring Boot to configure a little application that includes a CXF JAXWS endpoint.",
+ "tags": "quickstart,java,springboot,fis",
+ "iconClass": "icon-jboss",
+ "version": "2.0"
+ },
+ "name": "s2i-spring-boot-cxf-jaxws"
+ },
+ "labels": {
+ "template": "s2i-spring-boot-cxf-jaxws"
+ },
+ "parameters": [
+ {
+ "name": "APP_NAME",
+ "displayName": "Application Name",
+ "required": true,
+ "value": "s2i-spring-boot-cxf-jaxws",
+ "description": "The name assigned to the application."
+ },
+ {
+ "name": "GIT_REPO",
+ "displayName": "Git Repository URL",
+ "required": true,
+ "value": "https://github.com/fabric8-quickstarts/spring-boot-cxf-jaxws.git",
+ "description": "The URL of the repository with your application source code."
+ },
+ {
+ "name": "GIT_REF",
+ "displayName": "Git Reference",
+ "value": "spring-boot-cxf-jaxws-1.0.0.redhat-000014",
+ "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch."
+ },
+ {
+ "name": "SERVICE_NAME",
+ "displayName": "Service Name",
+ "value": "cxf-jaxws",
+ "description": "Exposed service name."
+ },
+ {
+ "name": "BUILDER_VERSION",
+ "displayName": "Builder version",
+ "value": "2.0",
+ "description": "The version of the FIS S2I builder image to use."
+ },
+ {
+ "name": "APP_VERSION",
+ "displayName": "Application Version",
+ "value": "1.0.0.redhat-000014",
+ "description": "The application version."
+ },
+ {
+ "name": "MAVEN_ARGS",
+ "displayName": "Maven Arguments",
+ "value": "package -DskipTests -Dfabric8.skip -e -B",
+ "description": "Arguments passed to mvn in the build."
+ },
+ {
+ "name": "MAVEN_ARGS_APPEND",
+ "displayName": "Extra Maven Arguments",
+ "description": "Extra arguments passed to mvn, e.g. for multi-module builds."
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "displayName": "Maven build directory",
+ "description": "Directory of the artifact to be built, e.g. for multi-module builds."
+ },
+ {
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "displayName": "Image Stream Namespace",
+ "value": "openshift",
+ "required": true,
+ "description": "Namespace in which the Fuse ImageStreams are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project."
+ },
+ {
+ "name": "BUILD_SECRET",
+ "displayName": "Git Build Secret",
+ "generate": "expression",
+ "description": "The secret needed to trigger a build.",
+ "from": "[a-zA-Z0-9]{40}"
+ },
+ {
+ "name": "CPU_REQUEST",
+ "displayName": "CPU request",
+ "value": "0.2",
+ "required": true,
+ "description": "The amount of CPU to requests."
+ },
+ {
+ "name": "CPU_LIMIT",
+ "displayName": "CPU limit",
+ "value": "1.0",
+ "required": true,
+ "description": "The amount of CPU the container is limited to use."
+ }
+ ],
+ "objects": [
+ {
+ "apiVersion": "v1",
+ "kind": "Route",
+ "metadata": {
+ "labels": {
+ "component": "${APP_NAME}",
+ "provider": "s2i",
+ "project": "${APP_NAME}",
+ "version": "${APP_VERSION}",
+ "group": "quickstarts"
+ },
+ "name": "${SERVICE_NAME}-route"
+ },
+ "spec": {
+ "to": {
+ "kind": "Service",
+ "name": "${SERVICE_NAME}"
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "Service",
+ "metadata": {
+ "annotations": {
+ },
+ "labels": {
+ "component": "${APP_NAME}",
+ "provider": "s2i",
+ "project": "${APP_NAME}",
+ "version": "${APP_VERSION}",
+ "group": "quickstarts"
+ },
+ "name": "${SERVICE_NAME}"
+ },
+ "spec": {
+ "clusterIP": "None",
+ "deprecatedPublicIPs": [],
+ "ports": [
+ {
+ "port": 9414,
+ "protocol": "TCP",
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "project": "${APP_NAME}",
+ "component": "${APP_NAME}",
+ "provider": "s2i",
+ "group": "quickstarts"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {},
+ "status": {
+ "dockerImageRepository": ""
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${BUILD_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${BUILD_SECRET}"
+ }
+ },
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ }
+ ],
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${GIT_REPO}",
+ "ref": "${GIT_REF}"
+ }
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "fis-java-openshift:${BUILDER_VERSION}"
+ },
+ "forcePull": true,
+ "incremental": true,
+ "env": [
+ {
+ "name": "BUILD_LOGLEVEL",
+ "value": "5"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ },
+ {
+ "name": "MAVEN_ARGS",
+ "value": "${MAVEN_ARGS}"
+ },
+ {
+ "name": "MAVEN_ARGS_APPEND",
+ "value": "${MAVEN_ARGS_APPEND}"
+ }
+ ]
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APP_NAME}:latest"
+ }
+ },
+ "resources": {}
+ },
+ "status": {
+ "lastVersion": 0
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "resources": {}
+ },
+ "triggers": [
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APP_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APP_NAME}:latest"
+ }
+ }
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "component": "${APP_NAME}",
+ "deploymentconfig": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ },
+ "template": {
+ "metadata": {
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "deploymentconfig": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "${APP_NAME}",
+ "image": "library/${APP_NAME}:latest",
+ "readinessProbe" : {
+ "httpGet" : {
+ "path" : "/health",
+ "port" : 8081
+ },
+ "initialDelaySeconds" : 10
+ },
+ "livenessProbe" : {
+ "httpGet" : {
+ "path" : "/health",
+ "port" : 8081
+ },
+ "initialDelaySeconds" : 180
+ },
+ "ports": [
+ {
+ "containerPort": 8778,
+ "name": "jolokia"
+ }
+ ],
+ "env" : [ {
+ "name" : "KUBERNETES_NAMESPACE",
+ "valueFrom" : {
+ "fieldRef" : {
+ "fieldPath" : "metadata.namespace"
+ }
+ }
+ } ],
+ "resources": {
+ "requests": {
+ "cpu": "${CPU_REQUEST}"
+ },
+ "limits": {
+ "cpu": "${CPU_LIMIT}"
+ }
+ }
+ }
+ ]
+ }
+ }
+ },
+ "status": {}
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/sso71-https.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/sso71-https.json
new file mode 100644
index 000000000..26dd26624
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/sso71-https.json
@@ -0,0 +1,549 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass" : "icon-sso",
+ "tags" : "sso,keycloak,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "Single Sign-On 7.1",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example SSO 7 application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Single Sign-On 7.1 server based deployment.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-single-sign-on/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "sso71-https"
+ },
+ "labels": {
+ "template": "sso71-https",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new SSO service has been created in your project. The admin username/password for accessing the master realm via the SSO console is ${SSO_ADMIN_USERNAME}/${SSO_ADMIN_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications; \"${SSO_TRUSTSTORE_SECRET}\" containing the ${SSO_TRUSTSTORE} file used for securing SSO requests.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "sso",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "sso-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate (e.g. jboss)",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. mykeystorepass)",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate (e.g. secret-key)",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. password)",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "SSO Admin Username",
+ "description": "SSO Server admin username",
+ "name": "SSO_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "SSO Admin Password",
+ "description": "SSO Server admin password",
+ "name": "SSO_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "SSO Realm",
+ "description": "Realm to be created in the SSO server (e.g. demo).",
+ "name": "SSO_REALM",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Service Username",
+ "description": "The username used to access the SSO service. This is used by clients to create the appliction client(s) within the specified SSO realm.",
+ "name": "SSO_SERVICE_USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Service Password",
+ "description": "The password for the SSO service user.",
+ "name": "SSO_SERVICE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store",
+ "description": "The name of the truststore file within the secret (e.g. truststore.jks)",
+ "name": "SSO_TRUSTSTORE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Password",
+ "description": "The password for the truststore and certificate (e.g. mykeystorepass)",
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Secret",
+ "description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
+ "name": "SSO_TRUSTSTORE_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "redhat-sso71-openshift:1.2"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "sso-truststore-volume",
+ "mountPath": "/etc/sso-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "lifecycle": {
+ "preStop": {
+ "exec": {
+ "command": [
+ "/opt/eap/bin/jboss-cli.sh",
+ "-c",
+ ":shutdown(timeout=60)"
+ ]
+ }
+ }
+ },
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ },
+ "initialDelaySeconds": 10
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "SSO_ADMIN_USERNAME",
+ "value": "${SSO_ADMIN_USERNAME}"
+ },
+ {
+ "name": "SSO_ADMIN_PASSWORD",
+ "value": "${SSO_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "SSO_REALM",
+ "value": "${SSO_REALM}"
+ },
+ {
+ "name": "SSO_SERVICE_USERNAME",
+ "value": "${SSO_SERVICE_USERNAME}"
+ },
+ {
+ "name": "SSO_SERVICE_PASSWORD",
+ "value": "${SSO_SERVICE_PASSWORD}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE",
+ "value": "${SSO_TRUSTSTORE}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_DIR",
+ "value": "/etc/sso-secret-volume"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "${SSO_TRUSTSTORE_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ },
+ {
+ "name": "sso-truststore-volume",
+ "secret": {
+ "secretName": "${SSO_TRUSTSTORE_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/sso71-mysql-persistent.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/sso71-mysql-persistent.json
new file mode 100644
index 000000000..7092bb65e
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/sso71-mysql-persistent.json
@@ -0,0 +1,804 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass" : "icon-sso",
+ "tags" : "sso,keycloak,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "Single Sign-On 7.1 + MySQL",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example SSO 7 application with a MySQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Single Sign-On 7.1 server based deployment and deployment configuration for MySQL using persistence.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-single-sign-on/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "sso71-mysql-persistent"
+ },
+ "labels": {
+ "template": "sso71-mysql-persistent",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new persistent SSO service (using MySQL) has been created in your project. The admin username/password for accessing the master realm via the SSO console is ${SSO_ADMIN_USERNAME}/${SSO_ADMIN_PASSWORD}. The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications; \"${SSO_TRUSTSTORE_SECRET}\" containing the ${SSO_TRUSTSTORE} file used for securing SSO requests.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "sso",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/KeycloakDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "sso-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate (e.g. jboss)",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. mykeystorepass)",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Lower Case Table Names",
+ "description": "Sets how the table names are stored and compared.",
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Maximum number of connections",
+ "description": "The maximum permitted number of simultaneous client connections.",
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Minimum Word Length",
+ "description": "The minimum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Maximum Word Length",
+ "description": "The maximum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL AIO",
+ "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
+ "name": "MYSQL_AIO",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate (e.g. secret-key)",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. password)",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "SSO Admin Username",
+ "description": "SSO Server admin username",
+ "name": "SSO_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "SSO Admin Password",
+ "description": "SSO Server admin password",
+ "name": "SSO_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "SSO Realm",
+ "description": "Realm to be created in the SSO server (e.g. demo).",
+ "name": "SSO_REALM",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Service Username",
+ "description": "The username used to access the SSO service. This is used by clients to create the appliction client(s) within the specified SSO realm.",
+ "name": "SSO_SERVICE_USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Service Password",
+ "description": "The password for the SSO service user.",
+ "name": "SSO_SERVICE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store",
+ "description": "The name of the truststore file within the secret (e.g. truststore.jks)",
+ "name": "SSO_TRUSTSTORE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Password",
+ "description": "The password for the truststore and certificate (e.g. mykeystorepass)",
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Secret",
+ "description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
+ "name": "SSO_TRUSTSTORE_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "redhat-sso71-openshift:1.2"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "sso-truststore-volume",
+ "mountPath": "/etc/sso-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "lifecycle": {
+ "preStop": {
+ "exec": {
+ "command": [
+ "/opt/eap/bin/jboss-cli.sh",
+ "-c",
+ ":shutdown(timeout=60)"
+ ]
+ }
+ }
+ },
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ },
+ "initialDelaySeconds": 10
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "SSO_ADMIN_USERNAME",
+ "value": "${SSO_ADMIN_USERNAME}"
+ },
+ {
+ "name": "SSO_ADMIN_PASSWORD",
+ "value": "${SSO_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "SSO_REALM",
+ "value": "${SSO_REALM}"
+ },
+ {
+ "name": "SSO_SERVICE_USERNAME",
+ "value": "${SSO_SERVICE_USERNAME}"
+ },
+ {
+ "name": "SSO_SERVICE_PASSWORD",
+ "value": "${SSO_SERVICE_PASSWORD}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE",
+ "value": "${SSO_TRUSTSTORE}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_DIR",
+ "value": "/etc/sso-secret-volume"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "${SSO_TRUSTSTORE_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ },
+ {
+ "name": "sso-truststore-volume",
+ "secret": {
+ "secretName": "${SSO_TRUSTSTORE_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mysql",
+ "image": "mysql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/mysql/data",
+ "name": "${APPLICATION_NAME}-mysql-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
+ },
+ {
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "value": "${MYSQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "value": "${MYSQL_FT_MIN_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "value": "${MYSQL_FT_MAX_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_AIO",
+ "value": "${MYSQL_AIO}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-mysql-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-mysql-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/sso71-mysql.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/sso71-mysql.json
new file mode 100644
index 000000000..d90f0a0cc
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/sso71-mysql.json
@@ -0,0 +1,772 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass" : "icon-sso",
+ "tags" : "sso,keycloak,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "Single Sign-On 7.1 + MySQL (Ephemeral)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example SSO 7 application with a MySQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Single Sign-On 7.1 server based deployment and deployment configuration for MySQL using ephemeral (temporary) storage.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-single-sign-on/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "sso71-mysql"
+ },
+ "labels": {
+ "template": "sso71-mysql",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new SSO service (using MySQL) has been created in your project. The admin username/password for accessing the master realm via the SSO console is ${SSO_ADMIN_USERNAME}/${SSO_ADMIN_PASSWORD}. The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications; \"${SSO_TRUSTSTORE_SECRET}\" containing the ${SSO_TRUSTSTORE} file used for securing SSO requests.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "sso",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/KeycloakDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "sso-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate (e.g. jboss)",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. mykeystorepass)",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Lower Case Table Names",
+ "description": "Sets how the table names are stored and compared.",
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Maximum number of connections",
+ "description": "The maximum permitted number of simultaneous client connections.",
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Minimum Word Length",
+ "description": "The minimum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Maximum Word Length",
+ "description": "The maximum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL AIO",
+ "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
+ "name": "MYSQL_AIO",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate (e.g. secret-key)",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. password)",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "SSO Admin Username",
+ "description": "SSO Server admin username",
+ "name": "SSO_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "SSO Admin Password",
+ "description": "SSO Server admin password",
+ "name": "SSO_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "SSO Realm",
+ "description": "Realm to be created in the SSO server (e.g. demo).",
+ "name": "SSO_REALM",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Service Username",
+ "description": "The username used to access the SSO service. This is used by clients to create the appliction client(s) within the specified SSO realm.",
+ "name": "SSO_SERVICE_USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Service Password",
+ "description": "The password for the SSO service user.",
+ "name": "SSO_SERVICE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store",
+ "description": "The name of the truststore file within the secret (e.g. truststore.jks)",
+ "name": "SSO_TRUSTSTORE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Password",
+ "description": "The password for the truststore and certificate (e.g. mykeystorepass)",
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Secret",
+ "description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
+ "name": "SSO_TRUSTSTORE_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "database"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "redhat-sso71-openshift:1.2"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "sso-truststore-volume",
+ "mountPath": "/etc/sso-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "lifecycle": {
+ "preStop": {
+ "exec": {
+ "command": [
+ "/opt/eap/bin/jboss-cli.sh",
+ "-c",
+ ":shutdown(timeout=60)"
+ ]
+ }
+ }
+ },
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ },
+ "initialDelaySeconds": 10
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "SSO_ADMIN_USERNAME",
+ "value": "${SSO_ADMIN_USERNAME}"
+ },
+ {
+ "name": "SSO_ADMIN_PASSWORD",
+ "value": "${SSO_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "SSO_REALM",
+ "value": "${SSO_REALM}"
+ },
+ {
+ "name": "SSO_SERVICE_USERNAME",
+ "value": "${SSO_SERVICE_USERNAME}"
+ },
+ {
+ "name": "SSO_SERVICE_PASSWORD",
+ "value": "${SSO_SERVICE_PASSWORD}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE",
+ "value": "${SSO_TRUSTSTORE}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_DIR",
+ "value": "/etc/sso-secret-volume"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "${SSO_TRUSTSTORE_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ },
+ {
+ "name": "sso-truststore-volume",
+ "secret": {
+ "secretName": "${SSO_TRUSTSTORE_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "database"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql",
+ "application": "${APPLICATION_NAME}",
+ "component": "database"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mysql",
+ "image": "mysql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
+ },
+ {
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "value": "${MYSQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "value": "${MYSQL_FT_MIN_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "value": "${MYSQL_FT_MAX_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_AIO",
+ "value": "${MYSQL_AIO}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/sso71-postgresql-persistent.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/sso71-postgresql-persistent.json
new file mode 100644
index 000000000..b1077db91
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/sso71-postgresql-persistent.json
@@ -0,0 +1,778 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass" : "icon-sso",
+ "tags" : "sso,keycloak,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "Single Sign-On 7.1 + PostgreSQL",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example SSO 7 application with a PostgreSQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Single Sign-On 7.1 server based deployment and deployment configuration for PostgreSQL using persistence.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-single-sign-on/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "sso71-postgresql-persistent"
+ },
+ "labels": {
+ "template": "sso71-postgresql-persistent",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new persistent SSO service (using PostgreSQL) has been created in your project. The admin username/password for accessing the master realm via the SSO console is ${SSO_ADMIN_USERNAME}/${SSO_ADMIN_PASSWORD}. The username/password for accessing the PostgreSQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications; \"${SSO_TRUSTSTORE_SECRET}\" containing the ${SSO_TRUSTSTORE} file used for securing SSO requests.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "sso",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/KeycloakDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "sso-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate (e.g. jboss)",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. mykeystorepass)",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Maximum number of connections",
+ "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Shared Buffers",
+ "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate (e.g. secret-key)",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. password)",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "SSO Admin Username",
+ "description": "SSO Server admin username",
+ "name": "SSO_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "SSO Admin Password",
+ "description": "SSO Server admin password",
+ "name": "SSO_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "SSO Realm",
+ "description": "Realm to be created in the SSO server (e.g. demo).",
+ "name": "SSO_REALM",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Service Username",
+ "description": "The username used to access the SSO service. This is used by clients to create the appliction client(s) within the specified SSO realm.",
+ "name": "SSO_SERVICE_USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Service Password",
+ "description": "The password for the SSO service user.",
+ "name": "SSO_SERVICE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store",
+ "description": "The name of the truststore file within the secret (e.g. truststore.jks)",
+ "name": "SSO_TRUSTSTORE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Password",
+ "description": "The password for the truststore and certificate (e.g. mykeystorepass)",
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Secret",
+ "description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
+ "name": "SSO_TRUSTSTORE_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "redhat-sso71-openshift:1.2"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "sso-truststore-volume",
+ "mountPath": "/etc/sso-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "lifecycle": {
+ "preStop": {
+ "exec": {
+ "command": [
+ "/opt/eap/bin/jboss-cli.sh",
+ "-c",
+ ":shutdown(timeout=60)"
+ ]
+ }
+ }
+ },
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ },
+ "initialDelaySeconds": 10
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "SSO_ADMIN_USERNAME",
+ "value": "${SSO_ADMIN_USERNAME}"
+ },
+ {
+ "name": "SSO_ADMIN_PASSWORD",
+ "value": "${SSO_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "SSO_REALM",
+ "value": "${SSO_REALM}"
+ },
+ {
+ "name": "SSO_SERVICE_USERNAME",
+ "value": "${SSO_SERVICE_USERNAME}"
+ },
+ {
+ "name": "SSO_SERVICE_PASSWORD",
+ "value": "${SSO_SERVICE_PASSWORD}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE",
+ "value": "${SSO_TRUSTSTORE}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_DIR",
+ "value": "/etc/sso-secret-volume"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "${SSO_TRUSTSTORE_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ },
+ {
+ "name": "sso-truststore-volume",
+ "secret": {
+ "secretName": "${SSO_TRUSTSTORE_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "image": "postgresql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/pgsql/data",
+ "name": "${APPLICATION_NAME}-postgresql-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_PREPARED_TRANSACTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-postgresql-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.8/xpaas-templates/sso71-postgresql.json b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/sso71-postgresql.json
new file mode 100644
index 000000000..0955d712a
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.8/xpaas-templates/sso71-postgresql.json
@@ -0,0 +1,746 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass" : "icon-sso",
+ "tags" : "sso,keycloak,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "Single Sign-On 7.1 + PostgreSQL (Ephemeral)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example SSO 7 application with a PostgreSQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Single Sign-On 7.1 server based deployment and deployment configuration for PostgreSQL using ephemeral (temporary) storage.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-single-sign-on/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "sso71-postgresql"
+ },
+ "labels": {
+ "template": "sso71-postgresql",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new SSO service (using PostgreSQL) has been created in your project. The admin username/password for accessing the master realm via the SSO console is ${SSO_ADMIN_USERNAME}/${SSO_ADMIN_PASSWORD}. The username/password for accessing the PostgreSQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications; \"${SSO_TRUSTSTORE_SECRET}\" containing the ${SSO_TRUSTSTORE} file used for securing SSO requests.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "sso",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/KeycloakDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "sso-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate (e.g. jboss)",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. mykeystorepass)",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Maximum number of connections",
+ "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Shared Buffers",
+ "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate (e.g. secret-key)",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. password)",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "SSO Admin Username",
+ "description": "SSO Server admin username",
+ "name": "SSO_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "SSO Admin Password",
+ "description": "SSO Server admin password",
+ "name": "SSO_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "SSO Realm",
+ "description": "Realm to be created in the SSO server (e.g. demo).",
+ "name": "SSO_REALM",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Service Username",
+ "description": "The username used to access the SSO service. This is used by clients to create the appliction client(s) within the specified SSO realm.",
+ "name": "SSO_SERVICE_USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Service Password",
+ "description": "The password for the SSO service user.",
+ "name": "SSO_SERVICE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store",
+ "description": "The name of the truststore file within the secret (e.g. truststore.jks)",
+ "name": "SSO_TRUSTSTORE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Password",
+ "description": "The password for the truststore and certificate (e.g. mykeystorepass)",
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Secret",
+ "description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
+ "name": "SSO_TRUSTSTORE_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "database"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "redhat-sso71-openshift:1.2"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "sso-truststore-volume",
+ "mountPath": "/etc/sso-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "lifecycle": {
+ "preStop": {
+ "exec": {
+ "command": [
+ "/opt/eap/bin/jboss-cli.sh",
+ "-c",
+ ":shutdown(timeout=60)"
+ ]
+ }
+ }
+ },
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ },
+ "initialDelaySeconds": 10
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "SSO_ADMIN_USERNAME",
+ "value": "${SSO_ADMIN_USERNAME}"
+ },
+ {
+ "name": "SSO_ADMIN_PASSWORD",
+ "value": "${SSO_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "SSO_REALM",
+ "value": "${SSO_REALM}"
+ },
+ {
+ "name": "SSO_SERVICE_USERNAME",
+ "value": "${SSO_SERVICE_USERNAME}"
+ },
+ {
+ "name": "SSO_SERVICE_PASSWORD",
+ "value": "${SSO_SERVICE_PASSWORD}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE",
+ "value": "${SSO_TRUSTSTORE}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_DIR",
+ "value": "/etc/sso-secret-volume"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "${SSO_TRUSTSTORE_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ },
+ {
+ "name": "sso-truststore-volume",
+ "secret": {
+ "secretName": "${SSO_TRUSTSTORE_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "database"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql",
+ "application": "${APPLICATION_NAME}",
+ "component": "database"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "image": "postgresql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_PREPARED_TRANSACTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/cfme-templates/cfme-pv-db-example.yaml b/roles/openshift_examples/files/examples/v3.9/cfme-templates/cfme-pv-db-example.yaml
new file mode 100644
index 000000000..250a99b8d
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/cfme-templates/cfme-pv-db-example.yaml
@@ -0,0 +1,13 @@
+apiVersion: v1
+kind: PersistentVolume
+metadata:
+ name: cfme-pv01
+spec:
+ capacity:
+ storage: 15Gi
+ accessModes:
+ - ReadWriteOnce
+ nfs:
+ path: /exports/cfme-pv01
+ server: <your-nfs-host-here>
+ persistentVolumeReclaimPolicy: Retain
diff --git a/roles/openshift_examples/files/examples/v3.9/cfme-templates/cfme-pv-region-example.yaml b/roles/openshift_examples/files/examples/v3.9/cfme-templates/cfme-pv-region-example.yaml
new file mode 100644
index 000000000..cba9bbe35
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/cfme-templates/cfme-pv-region-example.yaml
@@ -0,0 +1,13 @@
+apiVersion: v1
+kind: PersistentVolume
+metadata:
+ name: cfme-pv02
+spec:
+ capacity:
+ storage: 5Gi
+ accessModes:
+ - ReadWriteOnce
+ nfs:
+ path: /exports/cfme-pv02
+ server: <your-nfs-host-here>
+ persistentVolumeReclaimPolicy: Retain
diff --git a/roles/openshift_examples/files/examples/v3.9/cfme-templates/cfme-pv-server-example.yaml b/roles/openshift_examples/files/examples/v3.9/cfme-templates/cfme-pv-server-example.yaml
new file mode 100644
index 000000000..c08c21265
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/cfme-templates/cfme-pv-server-example.yaml
@@ -0,0 +1,13 @@
+apiVersion: v1
+kind: PersistentVolume
+metadata:
+ name: cfme-pv03
+spec:
+ capacity:
+ storage: 5Gi
+ accessModes:
+ - ReadWriteOnce
+ nfs:
+ path: /exports/cfme-pv03
+ server: <your-nfs-host-here>
+ persistentVolumeReclaimPolicy: Retain
diff --git a/roles/openshift_examples/files/examples/v3.9/cfme-templates/cfme-template.yaml b/roles/openshift_examples/files/examples/v3.9/cfme-templates/cfme-template.yaml
new file mode 100644
index 000000000..3bc6c5813
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/cfme-templates/cfme-template.yaml
@@ -0,0 +1,545 @@
+apiVersion: v1
+kind: Template
+labels:
+ template: cloudforms
+metadata:
+ name: cloudforms
+ annotations:
+ description: "CloudForms appliance with persistent storage"
+ tags: "instant-app,cloudforms,cfme"
+ iconClass: "icon-rails"
+objects:
+- apiVersion: v1
+ kind: Service
+ metadata:
+ annotations:
+ description: "Exposes and load balances CloudForms pods"
+ service.alpha.openshift.io/dependencies: '[{"name":"${DATABASE_SERVICE_NAME}","namespace":"","kind":"Service"},{"name":"${MEMCACHED_SERVICE_NAME}","namespace":"","kind":"Service"}]'
+ name: ${NAME}
+ spec:
+ clusterIP: None
+ ports:
+ - name: http
+ port: 80
+ protocol: TCP
+ targetPort: 80
+ - name: https
+ port: 443
+ protocol: TCP
+ targetPort: 443
+ selector:
+ name: ${NAME}
+- apiVersion: v1
+ kind: Route
+ metadata:
+ name: ${NAME}
+ spec:
+ host: ${APPLICATION_DOMAIN}
+ port:
+ targetPort: https
+ tls:
+ termination: passthrough
+ to:
+ kind: Service
+ name: ${NAME}
+- apiVersion: v1
+ kind: ImageStream
+ metadata:
+ name: cfme-openshift-app
+ annotations:
+ description: "Keeps track of changes in the CloudForms app image"
+ spec:
+ dockerImageRepository: "${APPLICATION_IMG_NAME}"
+- apiVersion: v1
+ kind: ImageStream
+ metadata:
+ name: cfme-openshift-postgresql
+ annotations:
+ description: "Keeps track of changes in the CloudForms postgresql image"
+ spec:
+ dockerImageRepository: "${POSTGRESQL_IMG_NAME}"
+- apiVersion: v1
+ kind: ImageStream
+ metadata:
+ name: cfme-openshift-memcached
+ annotations:
+ description: "Keeps track of changes in the CloudForms memcached image"
+ spec:
+ dockerImageRepository: "${MEMCACHED_IMG_NAME}"
+- apiVersion: v1
+ kind: PersistentVolumeClaim
+ metadata:
+ name: "${NAME}-${DATABASE_SERVICE_NAME}"
+ spec:
+ accessModes:
+ - ReadWriteOnce
+ resources:
+ requests:
+ storage: ${DATABASE_VOLUME_CAPACITY}
+- apiVersion: v1
+ kind: PersistentVolumeClaim
+ metadata:
+ name: "${NAME}-region"
+ spec:
+ accessModes:
+ - ReadWriteOnce
+ resources:
+ requests:
+ storage: ${APPLICATION_REGION_VOLUME_CAPACITY}
+- apiVersion: apps/v1beta1
+ kind: "StatefulSet"
+ metadata:
+ name: ${NAME}
+ annotations:
+ description: "Defines how to deploy the CloudForms appliance"
+ spec:
+ serviceName: "${NAME}"
+ replicas: 1
+ template:
+ metadata:
+ labels:
+ name: ${NAME}
+ name: ${NAME}
+ spec:
+ containers:
+ - name: cloudforms
+ image: "${APPLICATION_IMG_NAME}:${APPLICATION_IMG_TAG}"
+ livenessProbe:
+ tcpSocket:
+ port: 443
+ initialDelaySeconds: 480
+ timeoutSeconds: 3
+ readinessProbe:
+ httpGet:
+ path: /
+ port: 443
+ scheme: HTTPS
+ initialDelaySeconds: 200
+ timeoutSeconds: 3
+ ports:
+ - containerPort: 80
+ protocol: TCP
+ - containerPort: 443
+ protocol: TCP
+ securityContext:
+ privileged: true
+ volumeMounts:
+ -
+ name: "${NAME}-server"
+ mountPath: "/persistent"
+ -
+ name: "${NAME}-region"
+ mountPath: "/persistent-region"
+ env:
+ -
+ name: "APPLICATION_INIT_DELAY"
+ value: "${APPLICATION_INIT_DELAY}"
+ -
+ name: "DATABASE_SERVICE_NAME"
+ value: "${DATABASE_SERVICE_NAME}"
+ -
+ name: "DATABASE_REGION"
+ value: "${DATABASE_REGION}"
+ -
+ name: "MEMCACHED_SERVICE_NAME"
+ value: "${MEMCACHED_SERVICE_NAME}"
+ -
+ name: "POSTGRESQL_USER"
+ value: "${DATABASE_USER}"
+ -
+ name: "POSTGRESQL_PASSWORD"
+ value: "${DATABASE_PASSWORD}"
+ -
+ name: "POSTGRESQL_DATABASE"
+ value: "${DATABASE_NAME}"
+ -
+ name: "POSTGRESQL_MAX_CONNECTIONS"
+ value: "${POSTGRESQL_MAX_CONNECTIONS}"
+ -
+ name: "POSTGRESQL_SHARED_BUFFERS"
+ value: "${POSTGRESQL_SHARED_BUFFERS}"
+ resources:
+ requests:
+ memory: "${APPLICATION_MEM_REQ}"
+ cpu: "${APPLICATION_CPU_REQ}"
+ limits:
+ memory: "${APPLICATION_MEM_LIMIT}"
+ lifecycle:
+ preStop:
+ exec:
+ command:
+ - /opt/rh/cfme-container-scripts/sync-pv-data
+ volumes:
+ -
+ name: "${NAME}-region"
+ persistentVolumeClaim:
+ claimName: ${NAME}-region
+ volumeClaimTemplates:
+ - metadata:
+ name: "${NAME}-server"
+ annotations:
+ # Uncomment this if using dynamic volume provisioning.
+ # https://docs.openshift.org/latest/install_config/persistent_storage/dynamically_provisioning_pvs.html
+ # volume.alpha.kubernetes.io/storage-class: anything
+ spec:
+ accessModes: [ ReadWriteOnce ]
+ resources:
+ requests:
+ storage: "${APPLICATION_VOLUME_CAPACITY}"
+- apiVersion: v1
+ kind: "Service"
+ metadata:
+ name: "${MEMCACHED_SERVICE_NAME}"
+ annotations:
+ description: "Exposes the memcached server"
+ spec:
+ ports:
+ -
+ name: "memcached"
+ port: 11211
+ targetPort: 11211
+ selector:
+ name: "${MEMCACHED_SERVICE_NAME}"
+- apiVersion: v1
+ kind: "DeploymentConfig"
+ metadata:
+ name: "${MEMCACHED_SERVICE_NAME}"
+ annotations:
+ description: "Defines how to deploy memcached"
+ spec:
+ strategy:
+ type: "Recreate"
+ triggers:
+ -
+ type: "ImageChange"
+ imageChangeParams:
+ automatic: true
+ containerNames:
+ - "memcached"
+ from:
+ kind: "ImageStreamTag"
+ name: "cfme-openshift-memcached:${MEMCACHED_IMG_TAG}"
+ -
+ type: "ConfigChange"
+ replicas: 1
+ selector:
+ name: "${MEMCACHED_SERVICE_NAME}"
+ template:
+ metadata:
+ name: "${MEMCACHED_SERVICE_NAME}"
+ labels:
+ name: "${MEMCACHED_SERVICE_NAME}"
+ spec:
+ volumes: []
+ containers:
+ -
+ name: "memcached"
+ image: "${MEMCACHED_IMG_NAME}:${MEMCACHED_IMG_TAG}"
+ ports:
+ -
+ containerPort: 11211
+ readinessProbe:
+ timeoutSeconds: 1
+ initialDelaySeconds: 5
+ tcpSocket:
+ port: 11211
+ livenessProbe:
+ timeoutSeconds: 1
+ initialDelaySeconds: 30
+ tcpSocket:
+ port: 11211
+ volumeMounts: []
+ env:
+ -
+ name: "MEMCACHED_MAX_MEMORY"
+ value: "${MEMCACHED_MAX_MEMORY}"
+ -
+ name: "MEMCACHED_MAX_CONNECTIONS"
+ value: "${MEMCACHED_MAX_CONNECTIONS}"
+ -
+ name: "MEMCACHED_SLAB_PAGE_SIZE"
+ value: "${MEMCACHED_SLAB_PAGE_SIZE}"
+ resources:
+ requests:
+ memory: "${MEMCACHED_MEM_REQ}"
+ cpu: "${MEMCACHED_CPU_REQ}"
+ limits:
+ memory: "${MEMCACHED_MEM_LIMIT}"
+- apiVersion: v1
+ kind: "Service"
+ metadata:
+ name: "${DATABASE_SERVICE_NAME}"
+ annotations:
+ description: "Exposes the database server"
+ spec:
+ ports:
+ -
+ name: "postgresql"
+ port: 5432
+ targetPort: 5432
+ selector:
+ name: "${DATABASE_SERVICE_NAME}"
+- apiVersion: v1
+ kind: "DeploymentConfig"
+ metadata:
+ name: "${DATABASE_SERVICE_NAME}"
+ annotations:
+ description: "Defines how to deploy the database"
+ spec:
+ strategy:
+ type: "Recreate"
+ triggers:
+ -
+ type: "ImageChange"
+ imageChangeParams:
+ automatic: true
+ containerNames:
+ - "postgresql"
+ from:
+ kind: "ImageStreamTag"
+ name: "cfme-openshift-postgresql:${POSTGRESQL_IMG_TAG}"
+ -
+ type: "ConfigChange"
+ replicas: 1
+ selector:
+ name: "${DATABASE_SERVICE_NAME}"
+ template:
+ metadata:
+ name: "${DATABASE_SERVICE_NAME}"
+ labels:
+ name: "${DATABASE_SERVICE_NAME}"
+ spec:
+ volumes:
+ -
+ name: "cfme-pgdb-volume"
+ persistentVolumeClaim:
+ claimName: "${NAME}-${DATABASE_SERVICE_NAME}"
+ containers:
+ -
+ name: "postgresql"
+ image: "${POSTGRESQL_IMG_NAME}:${POSTGRESQL_IMG_TAG}"
+ ports:
+ -
+ containerPort: 5432
+ readinessProbe:
+ timeoutSeconds: 1
+ initialDelaySeconds: 15
+ exec:
+ command:
+ - "/bin/sh"
+ - "-i"
+ - "-c"
+ - "psql -h 127.0.0.1 -U ${POSTGRESQL_USER} -q -d ${POSTGRESQL_DATABASE} -c 'SELECT 1'"
+ livenessProbe:
+ timeoutSeconds: 1
+ initialDelaySeconds: 60
+ tcpSocket:
+ port: 5432
+ volumeMounts:
+ -
+ name: "cfme-pgdb-volume"
+ mountPath: "/var/lib/pgsql/data"
+ env:
+ -
+ name: "POSTGRESQL_USER"
+ value: "${DATABASE_USER}"
+ -
+ name: "POSTGRESQL_PASSWORD"
+ value: "${DATABASE_PASSWORD}"
+ -
+ name: "POSTGRESQL_DATABASE"
+ value: "${DATABASE_NAME}"
+ -
+ name: "POSTGRESQL_MAX_CONNECTIONS"
+ value: "${POSTGRESQL_MAX_CONNECTIONS}"
+ -
+ name: "POSTGRESQL_SHARED_BUFFERS"
+ value: "${POSTGRESQL_SHARED_BUFFERS}"
+ resources:
+ requests:
+ memory: "${POSTGRESQL_MEM_REQ}"
+ cpu: "${POSTGRESQL_CPU_REQ}"
+ limits:
+ memory: "${POSTGRESQL_MEM_LIMIT}"
+
+parameters:
+ -
+ name: "NAME"
+ displayName: Name
+ required: true
+ description: "The name assigned to all of the frontend objects defined in this template."
+ value: cloudforms
+ -
+ name: "DATABASE_SERVICE_NAME"
+ displayName: "PostgreSQL Service Name"
+ required: true
+ description: "The name of the OpenShift Service exposed for the PostgreSQL container."
+ value: "postgresql"
+ -
+ name: "DATABASE_USER"
+ displayName: "PostgreSQL User"
+ required: true
+ description: "PostgreSQL user that will access the database."
+ value: "root"
+ -
+ name: "DATABASE_PASSWORD"
+ displayName: "PostgreSQL Password"
+ required: true
+ description: "Password for the PostgreSQL user."
+ value: "smartvm"
+ -
+ name: "DATABASE_NAME"
+ required: true
+ displayName: "PostgreSQL Database Name"
+ description: "Name of the PostgreSQL database accessed."
+ value: "vmdb_production"
+ -
+ name: "DATABASE_REGION"
+ required: true
+ displayName: "Application Database Region"
+ description: "Database region that will be used for application."
+ value: "0"
+ -
+ name: "MEMCACHED_SERVICE_NAME"
+ required: true
+ displayName: "Memcached Service Name"
+ description: "The name of the OpenShift Service exposed for the Memcached container."
+ value: "memcached"
+ -
+ name: "MEMCACHED_MAX_MEMORY"
+ displayName: "Memcached Max Memory"
+ description: "Memcached maximum memory for memcached object storage in MB."
+ value: "64"
+ -
+ name: "MEMCACHED_MAX_CONNECTIONS"
+ displayName: "Memcached Max Connections"
+ description: "Memcached maximum number of connections allowed."
+ value: "1024"
+ -
+ name: "MEMCACHED_SLAB_PAGE_SIZE"
+ displayName: "Memcached Slab Page Size"
+ description: "Memcached size of each slab page."
+ value: "1m"
+ -
+ name: "POSTGRESQL_MAX_CONNECTIONS"
+ displayName: "PostgreSQL Max Connections"
+ description: "PostgreSQL maximum number of database connections allowed."
+ value: "100"
+ -
+ name: "POSTGRESQL_SHARED_BUFFERS"
+ displayName: "PostgreSQL Shared Buffer Amount"
+ description: "Amount of memory dedicated for PostgreSQL shared memory buffers."
+ value: "256MB"
+ -
+ name: "APPLICATION_CPU_REQ"
+ displayName: "Application Min CPU Requested"
+ required: true
+ description: "Minimum amount of CPU time the Application container will need (expressed in millicores)."
+ value: "1000m"
+ -
+ name: "POSTGRESQL_CPU_REQ"
+ displayName: "PostgreSQL Min CPU Requested"
+ required: true
+ description: "Minimum amount of CPU time the PostgreSQL container will need (expressed in millicores)."
+ value: "500m"
+ -
+ name: "MEMCACHED_CPU_REQ"
+ displayName: "Memcached Min CPU Requested"
+ required: true
+ description: "Minimum amount of CPU time the Memcached container will need (expressed in millicores)."
+ value: "200m"
+ -
+ name: "APPLICATION_MEM_REQ"
+ displayName: "Application Min RAM Requested"
+ required: true
+ description: "Minimum amount of memory the Application container will need."
+ value: "6144Mi"
+ -
+ name: "POSTGRESQL_MEM_REQ"
+ displayName: "PostgreSQL Min RAM Requested"
+ required: true
+ description: "Minimum amount of memory the PostgreSQL container will need."
+ value: "1024Mi"
+ -
+ name: "MEMCACHED_MEM_REQ"
+ displayName: "Memcached Min RAM Requested"
+ required: true
+ description: "Minimum amount of memory the Memcached container will need."
+ value: "64Mi"
+ -
+ name: "APPLICATION_MEM_LIMIT"
+ displayName: "Application Max RAM Limit"
+ required: true
+ description: "Maximum amount of memory the Application container can consume."
+ value: "16384Mi"
+ -
+ name: "POSTGRESQL_MEM_LIMIT"
+ displayName: "PostgreSQL Max RAM Limit"
+ required: true
+ description: "Maximum amount of memory the PostgreSQL container can consume."
+ value: "8192Mi"
+ -
+ name: "MEMCACHED_MEM_LIMIT"
+ displayName: "Memcached Max RAM Limit"
+ required: true
+ description: "Maximum amount of memory the Memcached container can consume."
+ value: "256Mi"
+ -
+ name: "POSTGRESQL_IMG_NAME"
+ displayName: "PostgreSQL Image Name"
+ description: "This is the PostgreSQL image name requested to deploy."
+ value: "registry.access.redhat.com/cloudforms45/cfme-openshift-postgresql"
+ -
+ name: "POSTGRESQL_IMG_TAG"
+ displayName: "PostgreSQL Image Tag"
+ description: "This is the PostgreSQL image tag/version requested to deploy."
+ value: "latest"
+ -
+ name: "MEMCACHED_IMG_NAME"
+ displayName: "Memcached Image Name"
+ description: "This is the Memcached image name requested to deploy."
+ value: "registry.access.redhat.com/cloudforms45/cfme-openshift-memcached"
+ -
+ name: "MEMCACHED_IMG_TAG"
+ displayName: "Memcached Image Tag"
+ description: "This is the Memcached image tag/version requested to deploy."
+ value: "latest"
+ -
+ name: "APPLICATION_IMG_NAME"
+ displayName: "Application Image Name"
+ description: "This is the Application image name requested to deploy."
+ value: "registry.access.redhat.com/cloudforms45/cfme-openshift-app"
+ -
+ name: "APPLICATION_IMG_TAG"
+ displayName: "Application Image Tag"
+ description: "This is the Application image tag/version requested to deploy."
+ value: "latest"
+ -
+ name: "APPLICATION_DOMAIN"
+ displayName: "Application Hostname"
+ description: "The exposed hostname that will route to the application service, if left blank a value will be defaulted."
+ value: ""
+ -
+ name: "APPLICATION_INIT_DELAY"
+ displayName: "Application Init Delay"
+ required: true
+ description: "Delay in seconds before we attempt to initialize the application."
+ value: "15"
+ -
+ name: "APPLICATION_VOLUME_CAPACITY"
+ displayName: "Application Volume Capacity"
+ required: true
+ description: "Volume space available for application data."
+ value: "5Gi"
+ -
+ name: "APPLICATION_REGION_VOLUME_CAPACITY"
+ displayName: "Application Region Volume Capacity"
+ required: true
+ description: "Volume space available for region application data."
+ value: "5Gi"
+ -
+ name: "DATABASE_VOLUME_CAPACITY"
+ displayName: "Database Volume Capacity"
+ required: true
+ description: "Volume space available for database."
+ value: "15Gi"
diff --git a/roles/openshift_examples/files/examples/v3.9/cfme-templates/jboss-middleware-manager-pv-example.yaml b/roles/openshift_examples/files/examples/v3.9/cfme-templates/jboss-middleware-manager-pv-example.yaml
new file mode 100644
index 000000000..240f6cbdf
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/cfme-templates/jboss-middleware-manager-pv-example.yaml
@@ -0,0 +1,58 @@
+#
+# Copyright 2016-2017 Red Hat, Inc. and/or its affiliates
+# and other contributors as indicated by the @author tags.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+apiVersion: v1
+kind: Template
+parameters:
+- name: HAWKULAR_SERVICES_DATA_LIMIT
+ description: Maximum amount data used by hawkular-services container (mostly logging)
+ displayName: Hawkular Services Container Data Limit
+ value: 1Gi
+- name: CASSANDRA_DATA_LIMIT
+ description: Maximum amount data used by Cassandra container
+ displayName: Cassandra Container Data Limit
+ value: 2Gi
+
+objects:
+- apiVersion: v1
+ kind: PersistentVolume
+ metadata:
+ name: h-services-pv
+ labels:
+ type: h-services
+ spec:
+ capacity:
+ storage: ${HAWKULAR_SERVICES_DATA_LIMIT}
+ accessModes:
+ - ReadWriteOnce
+ persistentVolumeReclaimPolicy: Retain
+ hostPath:
+ path: /tmp/pv-services
+- apiVersion: v1
+ kind: PersistentVolume
+ metadata:
+ name: cassandra-pv
+ labels:
+ type: cassandra
+ spec:
+ capacity:
+ storage: ${CASSANDRA_DATA_LIMIT}
+ accessModes:
+ - ReadWriteOnce
+ persistentVolumeReclaimPolicy: Retain
+ hostPath:
+ path: /tmp/pv-cassandra
diff --git a/roles/openshift_examples/files/examples/v3.9/cfme-templates/jboss-middleware-manager-template.yaml b/roles/openshift_examples/files/examples/v3.9/cfme-templates/jboss-middleware-manager-template.yaml
new file mode 100644
index 000000000..bbc0c7044
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/cfme-templates/jboss-middleware-manager-template.yaml
@@ -0,0 +1,254 @@
+#
+# Copyright 2016-2017 Red Hat, Inc. and/or its affiliates
+# and other contributors as indicated by the @author tags.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+apiVersion: v1
+kind: Template
+metadata:
+ name: hawkular-services
+ annotations:
+ openshift.io/display-name: Hawkular Services
+ description: Hawkular-Services all-in-one (including Hawkular Metrics, Hawkular Alerts and Hawkular Inventory).
+ iconClass: icon-wildfly
+ tags: hawkular,hawkular-services,metrics,alerts,manageiq,cassandra
+
+parameters:
+- name: HAWKULAR_SERVICES_IMAGE
+ description: What docker image should be used for hawkular-services.
+ displayName: Hawkular Services Docker Image
+ value: registry.access.redhat.com/jboss-mm-7-tech-preview/middleware-manager:latest
+- name: CASSANDRA_IMAGE
+ description: What docker image should be used for cassandra node.
+ displayName: Cassandra Docker Image
+ value: registry.access.redhat.com/openshift3/metrics-cassandra:3.5.0
+- name: CASSANDRA_MEMORY_LIMIT
+ description: Maximum amount of memory for Cassandra container.
+ displayName: Cassandra Memory Limit
+ value: 2Gi
+- name: CASSANDRA_DATA_LIMIT
+ description: Maximum amount data used by Cassandra container.
+ displayName: Cassandra Container Data Limit
+ value: 2Gi
+- name: HAWKULAR_SERVICES_DATA_LIMIT
+ description: Maximum amount data used by hawkular-services container (mostly logging).
+ displayName: Hawkular Services Container Data Limit
+ value: 1Gi
+- name: ROUTE_NAME
+ description: Public route with this name will be created.
+ displayName: Route Name
+ value: hawkular-services
+- name: ROUTE_HOSTNAME
+ description: Under this hostname the Hawkular Services will be accessible, if left blank a value will be defaulted.
+ displayName: Hostname
+- name: HAWKULAR_USER
+ description: Username that is used for accessing the Hawkular Services, if left blank a value will be generated.
+ displayName: Hawkular User
+ from: '[a-zA-Z0-9]{16}'
+ generate: expression
+- name: HAWKULAR_PASSWORD
+ description: Password that is used for accessing the Hawkular Services, if left blank a value will be generated.
+ displayName: Hawkular Password
+ from: '[a-zA-Z0-9]{16}'
+ generate: expression
+labels:
+ template: hawkular-services
+message: Credentials for hawkular-services are ${HAWKULAR_USER}:${HAWKULAR_PASSWORD}
+
+objects:
+- apiVersion: v1
+ kind: Service
+ metadata:
+ annotations:
+ description: Exposes and load balances the application pods
+ service.alpha.openshift.io/dependencies: '[{"name":"hawkular-cassandra","namespace":"","kind":"Service"}]'
+ name: hawkular-services
+ spec:
+ ports:
+ - name: http-8080-tcp
+ port: 8080
+ protocol: TCP
+ targetPort: 8080
+ - name: admin-9990-tcp
+ port: 9990
+ protocol: TCP
+ targetPort: 9990
+ selector:
+ name: hawkular-services
+ type: ClusterIP
+- apiVersion: v1
+ kind: Service
+ metadata:
+ annotations:
+ description: Cassandra Service
+ name: hawkular-cassandra
+ spec:
+ ports:
+ - name: cql-9042-tcp
+ port: 9042
+ protocol: TCP
+ targetPort: 9042
+ selector:
+ name: hawkular-cassandra
+- apiVersion: v1
+ kind: Route
+ metadata:
+ name: ${ROUTE_NAME}
+ spec:
+ host: ${ROUTE_HOSTNAME}
+ to:
+ kind: Service
+ name: hawkular-services
+ port:
+ targetPort: http-8080-tcp
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ annotations:
+ description: Defines how to deploy the application server
+ name: hawkular-services
+ spec:
+ replicas: 1
+ selector:
+ name: hawkular-services
+ strategy:
+ type: Rolling
+ template:
+ metadata:
+ labels:
+ name: hawkular-services
+ spec:
+ containers:
+ - image: ${HAWKULAR_SERVICES_IMAGE}
+ env:
+ - name: HAWKULAR_BACKEND
+ value: remote
+ - name: CASSANDRA_NODES
+ value: hawkular-cassandra
+ - name: HAWKULAR_USER
+ value: ${HAWKULAR_USER}
+ - name: HAWKULAR_PASSWORD
+ value: ${HAWKULAR_PASSWORD}
+ imagePullPolicy: IfNotPresent
+ name: hawkular-services
+ volumeMounts:
+ - name: h-services-data
+ mountPath: /var/opt/hawkular
+ ports:
+ - containerPort: 8080
+ - containerPort: 9990
+ livenessProbe:
+ exec:
+ command:
+ - /opt/hawkular/bin/ready.sh
+ initialDelaySeconds: 180
+ timeoutSeconds: 3
+ readinessProbe:
+ exec:
+ command:
+ - /opt/hawkular/bin/ready.sh
+ initialDelaySeconds: 120
+ timeoutSeconds: 3
+ periodSeconds: 5
+ successThreshold: 1
+ failureThreshold: 12
+ resources:
+ requests:
+ memory: 1024Mi
+ cpu: 2000m
+ dnsPolicy: ClusterFirst
+ restartPolicy: Always
+ volumes:
+ - name: h-services-data
+ persistentVolumeClaim:
+ claimName: h-services-pvc
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ annotations:
+ description: Defines how to deploy the cassandra
+ name: hawkular-cassandra
+ spec:
+ replicas: 1
+ selector:
+ name: hawkular-cassandra
+ strategy:
+ type: Recreate
+ rollingParams:
+ timeoutSeconds: 300
+ template:
+ metadata:
+ labels:
+ name: hawkular-cassandra
+ spec:
+ containers:
+ - image: ${CASSANDRA_IMAGE}
+ imagePullPolicy: Always
+ name: hawkular-cassandra
+ env:
+ - name: DATA_VOLUME
+ value: /var/lib/cassandra
+ volumeMounts:
+ - name: cassandra-data
+ mountPath: /var/lib/cassandra
+ ports:
+ - containerPort: 9042
+ - containerPort: 9160
+ readinessProbe:
+ exec:
+ command: ['nodetool', 'status']
+ initialDelaySeconds: 30
+ timeoutSeconds: 10
+ periodSeconds: 15
+ successThreshold: 1
+ failureThreshold: 3
+ livenessProbe:
+ exec:
+ command: ['nodetool', 'status']
+ initialDelaySeconds: 300
+ timeoutSeconds: 10
+ periodSeconds: 15
+ successThreshold: 1
+ failureThreshold: 3
+ resources:
+ limits:
+ memory: ${CASSANDRA_MEMORY_LIMIT}
+ volumes:
+ - name: cassandra-data
+ persistentVolumeClaim:
+ claimName: cassandra-pvc
+
+- apiVersion: v1
+ kind: PersistentVolumeClaim
+ metadata:
+ name: h-services-pvc
+ spec:
+ accessModes:
+ - ReadWriteOnce
+ resources:
+ requests:
+ storage: 1Gi
+- apiVersion: v1
+ kind: PersistentVolumeClaim
+ metadata:
+ name: cassandra-pvc
+ spec:
+ accessModes:
+ - ReadWriteOnce
+ resources:
+ requests:
+ storage: 1Gi
diff --git a/roles/openshift_examples/files/examples/v3.9/db-templates/OWNERS b/roles/openshift_examples/files/examples/v3.9/db-templates/OWNERS
new file mode 100644
index 000000000..cbdc20f41
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/db-templates/OWNERS
@@ -0,0 +1,12 @@
+reviewers:
+ - bparees
+ - gabemontero
+ - mfojtik
+ - dinhxuanvu
+ - jim-minter
+ - spadgett
+approvers:
+ - bparees
+ - mfojtik
+ - spadgett
+ - jupierce
diff --git a/roles/openshift_examples/files/examples/v3.9/db-templates/README.md b/roles/openshift_examples/files/examples/v3.9/db-templates/README.md
new file mode 100644
index 000000000..a36d7ba7d
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/db-templates/README.md
@@ -0,0 +1,76 @@
+OpenShift 3 Database Examples
+=============================
+
+This directory contains example JSON templates to deploy databases in OpenShift.
+They can be used to immediately instantiate a database and expose it as a
+service in the current project, or to add a template that can be later used from
+the Web Console or the CLI.
+
+The examples can also be tweaked to create new templates.
+
+
+## Ephemeral vs. Persistent
+
+For each supported database, there are two template files.
+
+Files named `*-ephemeral-template.json` use
+"[emptyDir](https://docs.openshift.org/latest/dev_guide/volumes.html)" volumes
+for data storage, which means that data is lost after a pod restart.
+This is tolerable for experimenting, but not suitable for production use.
+
+The other templates, named `*-persistent-template.json`, use [persistent volume
+claims](https://docs.openshift.org/latest/architecture/additional_concepts/storage.html#persistent-volume-claims)
+to request persistent storage provided by [persistent
+volumes](https://docs.openshift.org/latest/architecture/additional_concepts/storage.html#persistent-volumes),
+that must have been created upfront.
+
+
+## Usage
+
+### Instantiating a new database service
+
+Use these instructions if you want to quickly deploy a new database service in
+your current project. Instantiate a new database service with this command:
+
+ $ oc new-app /path/to/template.json
+
+Replace `/path/to/template.json` with an appropriate path, that can be either a
+local path or an URL. Example:
+
+ $ oc new-app https://raw.githubusercontent.com/openshift/origin/master/examples/db-templates/mongodb-ephemeral-template.json
+
+The parameters listed in the output above can be tweaked by specifying values in
+the command line with the `-p` option:
+
+ $ oc new-app examples/db-templates/mongodb-ephemeral-template.json -p DATABASE_SERVICE_NAME=mydb -p MONGODB_USER=default
+
+Note that the persistent template requires an existing persistent volume,
+otherwise the deployment won't ever succeed.
+
+
+### Adding a database as a template
+
+Use these instructions if, instead of instantiating a service right away, you
+want to load the template into an OpenShift project so that it can be used
+later. Create the template with this command:
+
+ $ oc create -f /path/to/template.json
+
+Replace `/path/to/template.json` with an appropriate path, that can be either a
+local path or an URL. Example:
+
+ $ oc create -f https://raw.githubusercontent.com/openshift/origin/master/examples/db-templates/mongodb-ephemeral-template.json
+ template "mongodb-ephemeral" created
+
+The new template is now available to use in the Web Console or with `oc
+new-app`.
+
+
+## More information
+
+The usage of each supported database image is further documented in the links
+below:
+
+- [MySQL](https://docs.openshift.org/latest/using_images/db_images/mysql.html)
+- [PostgreSQL](https://docs.openshift.org/latest/using_images/db_images/postgresql.html)
+- [MongoDB](https://docs.openshift.org/latest/using_images/db_images/mongodb.html)
diff --git a/roles/openshift_examples/files/examples/v3.9/db-templates/mariadb-ephemeral-template.json b/roles/openshift_examples/files/examples/v3.9/db-templates/mariadb-ephemeral-template.json
new file mode 100644
index 000000000..5e7585eeb
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/db-templates/mariadb-ephemeral-template.json
@@ -0,0 +1,247 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "mariadb-ephemeral",
+ "annotations": {
+ "openshift.io/display-name": "MariaDB (Ephemeral)",
+ "description": "MariaDB database service, without persistent storage. For more information about using this template, including OpenShift considerations, see https://github.com/sclorg/mariadb-container/blob/master/10.1/README.md.\n\nWARNING: Any data stored will be lost upon pod destruction. Only use this template for testing",
+ "iconClass": "icon-mariadb",
+ "tags": "database,mariadb",
+ "openshift.io/long-description": "This template provides a standalone MariaDB server with a database created. The database is not stored on persistent storage, so any restart of the service will result in all data being lost. The database name, username, and password are chosen via parameters when provisioning this service.",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "openshift.io/documentation-url": "https://github.com/sclorg/mariadb-container/blob/master/10.1/README.md",
+ "openshift.io/support-url": "https://access.redhat.com"
+ }
+ },
+ "message": "The following service(s) have been created in your project: ${DATABASE_SERVICE_NAME}.\n\n Username: ${MYSQL_USER}\n Password: ${MYSQL_PASSWORD}\n Database Name: ${MYSQL_DATABASE}\n Connection URL: mysql://${DATABASE_SERVICE_NAME}:3306/\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/sclorg/mariadb-container/blob/master/10.1/README.md.",
+ "labels": {
+ "template": "mariadb-persistent-template"
+ },
+ "objects": [
+ {
+ "kind": "Secret",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-username": "{.data['database-user']}",
+ "template.openshift.io/expose-password": "{.data['database-password']}",
+ "template.openshift.io/expose-root_password": "{.data['database-root-password']}",
+ "template.openshift.io/expose-database_name": "{.data['database-name']}"
+ }
+ },
+ "stringData" : {
+ "database-user" : "${MYSQL_USER}",
+ "database-password" : "${MYSQL_PASSWORD}",
+ "database-root-password" : "${MYSQL_ROOT_PASSWORD}",
+ "database-name" : "${MYSQL_DATABASE}"
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "mysql://{.spec.clusterIP}:{.spec.ports[?(.name==\"mariadb\")].port}"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "mariadb",
+ "port": 3306
+ }
+ ],
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "mariadb"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "mariadb:10.1",
+ "namespace": "${NAMESPACE}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "labels": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "mariadb",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 3306
+ }
+ ],
+ "readinessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 5,
+ "exec": {
+ "command": [ "/bin/sh", "-i", "-c",
+ "MYSQL_PWD=\"$MYSQL_PASSWORD\" mysql -h 127.0.0.1 -u $MYSQL_USER -D $MYSQL_DATABASE -e 'SELECT 1'"]
+ }
+ },
+ "livenessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 30,
+ "tcpSocket": {
+ "port": 3306
+ }
+ },
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${DATABASE_SERVICE_NAME}",
+ "key" : "database-user"
+ }
+ }
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${DATABASE_SERVICE_NAME}",
+ "key" : "database-password"
+ }
+ }
+ },
+ {
+ "name": "MYSQL_ROOT_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${DATABASE_SERVICE_NAME}",
+ "key" : "database-root-password"
+ }
+ }
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${DATABASE_SERVICE_NAME}",
+ "key" : "database-name"
+ }
+ }
+ }
+ ],
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_LIMIT}"
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "${DATABASE_SERVICE_NAME}-data",
+ "mountPath": "/var/lib/mysql/data"
+ }
+ ],
+ "imagePullPolicy": "IfNotPresent"
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${DATABASE_SERVICE_NAME}-data",
+ "emptyDir": {
+ "medium": ""
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ],
+ "parameters": [
+ {
+ "name": "MEMORY_LIMIT",
+ "displayName": "Memory Limit",
+ "description": "Maximum amount of memory the container can use.",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "name": "NAMESPACE",
+ "displayName": "Namespace",
+ "description": "The OpenShift Namespace where the ImageStream resides.",
+ "value": "openshift"
+ },
+ {
+ "name": "DATABASE_SERVICE_NAME",
+ "displayName": "Database Service Name",
+ "description": "The name of the OpenShift Service exposed for the database.",
+ "value": "mariadb",
+ "required": true
+ },
+ {
+ "name": "MYSQL_USER",
+ "displayName": "MariaDB Connection Username",
+ "description": "Username for MariaDB user that will be used for accessing the database.",
+ "generate": "expression",
+ "from": "user[A-Z0-9]{3}",
+ "required": true
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "displayName": "MariaDB Connection Password",
+ "description": "Password for the MariaDB connection user.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{16}",
+ "required": true
+ },
+ {
+ "name": "MYSQL_ROOT_PASSWORD",
+ "displayName": "MariaDB root Password",
+ "description": "Password for the MariaDB root user.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{16}",
+ "required": true
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "displayName": "MariaDB Database Name",
+ "description": "Name of the MariaDB database accessed.",
+ "value": "sampledb",
+ "required": true
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/db-templates/mariadb-persistent-template.json b/roles/openshift_examples/files/examples/v3.9/db-templates/mariadb-persistent-template.json
new file mode 100644
index 000000000..217ef11dd
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/db-templates/mariadb-persistent-template.json
@@ -0,0 +1,271 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "mariadb-persistent",
+ "annotations": {
+ "openshift.io/display-name": "MariaDB (Persistent)",
+ "description": "MariaDB database service, with persistent storage. For more information about using this template, including OpenShift considerations, see https://github.com/sclorg/mariadb-container/blob/master/10.1/README.md.\n\nNOTE: Scaling to more than one replica is not supported. You must have persistent volumes available in your cluster to use this template.",
+ "iconClass": "icon-mariadb",
+ "tags": "database,mariadb",
+ "openshift.io/long-description": "This template provides a standalone MariaDB server with a database created. The database is stored on persistent storage. The database name, username, and password are chosen via parameters when provisioning this service.",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "openshift.io/documentation-url": "https://github.com/sclorg/mariadb-container/blob/master/10.1/README.md",
+ "openshift.io/support-url": "https://access.redhat.com"
+ }
+ },
+ "message": "The following service(s) have been created in your project: ${DATABASE_SERVICE_NAME}.\n\n Username: ${MYSQL_USER}\n Password: ${MYSQL_PASSWORD}\n Database Name: ${MYSQL_DATABASE}\n Connection URL: mysql://${DATABASE_SERVICE_NAME}:3306/\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/sclorg/mariadb-container/blob/master/10.1/README.md.",
+ "labels": {
+ "template": "mariadb-persistent-template"
+ },
+ "objects": [
+ {
+ "kind": "Secret",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-username": "{.data['database-user']}",
+ "template.openshift.io/expose-password": "{.data['database-password']}",
+ "template.openshift.io/expose-root_password": "{.data['database-root-password']}",
+ "template.openshift.io/expose-database_name": "{.data['database-name']}"
+ }
+ },
+ "stringData" : {
+ "database-user" : "${MYSQL_USER}",
+ "database-password" : "${MYSQL_PASSWORD}",
+ "database-root-password" : "${MYSQL_ROOT_PASSWORD}",
+ "database-name" : "${MYSQL_DATABASE}"
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "mysql://{.spec.clusterIP}:{.spec.ports[?(.name==\"mariadb\")].port}"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "mariadb",
+ "port": 3306
+ }
+ ],
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "PersistentVolumeClaim",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "mariadb"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "mariadb:10.1",
+ "namespace": "${NAMESPACE}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "labels": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "mariadb",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 3306
+ }
+ ],
+ "readinessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 5,
+ "exec": {
+ "command": [ "/bin/sh", "-i", "-c",
+ "MYSQL_PWD=\"$MYSQL_PASSWORD\" mysql -h 127.0.0.1 -u $MYSQL_USER -D $MYSQL_DATABASE -e 'SELECT 1'"]
+ }
+ },
+ "livenessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 30,
+ "tcpSocket": {
+ "port": 3306
+ }
+ },
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${DATABASE_SERVICE_NAME}",
+ "key" : "database-user"
+ }
+ }
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${DATABASE_SERVICE_NAME}",
+ "key" : "database-password"
+ }
+ }
+ },
+ {
+ "name": "MYSQL_ROOT_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${DATABASE_SERVICE_NAME}",
+ "key" : "database-root-password"
+ }
+ }
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${DATABASE_SERVICE_NAME}",
+ "key" : "database-name"
+ }
+ }
+ }
+ ],
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_LIMIT}"
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "${DATABASE_SERVICE_NAME}-data",
+ "mountPath": "/var/lib/mysql/data"
+ }
+ ],
+ "imagePullPolicy": "IfNotPresent"
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${DATABASE_SERVICE_NAME}-data",
+ "persistentVolumeClaim": {
+ "claimName": "${DATABASE_SERVICE_NAME}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ],
+ "parameters": [
+ {
+ "name": "MEMORY_LIMIT",
+ "displayName": "Memory Limit",
+ "description": "Maximum amount of memory the container can use.",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "name": "NAMESPACE",
+ "displayName": "Namespace",
+ "description": "The OpenShift Namespace where the ImageStream resides.",
+ "value": "openshift"
+ },
+ {
+ "name": "DATABASE_SERVICE_NAME",
+ "displayName": "Database Service Name",
+ "description": "The name of the OpenShift Service exposed for the database.",
+ "value": "mariadb",
+ "required": true
+ },
+ {
+ "name": "MYSQL_USER",
+ "displayName": "MariaDB Connection Username",
+ "description": "Username for MariaDB user that will be used for accessing the database.",
+ "generate": "expression",
+ "from": "user[A-Z0-9]{3}",
+ "required": true
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "displayName": "MariaDB Connection Password",
+ "description": "Password for the MariaDB connection user.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{16}",
+ "required": true
+ },
+ {
+ "name": "MYSQL_ROOT_PASSWORD",
+ "displayName": "MariaDB root Password",
+ "description": "Password for the MariaDB root user.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{16}",
+ "required": true
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "displayName": "MariaDB Database Name",
+ "description": "Name of the MariaDB database accessed.",
+ "value": "sampledb",
+ "required": true
+ },
+ {
+ "name": "VOLUME_CAPACITY",
+ "displayName": "Volume Capacity",
+ "description": "Volume space available for data, e.g. 512Mi, 2Gi.",
+ "value": "1Gi",
+ "required": true
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/db-templates/mongodb-ephemeral-template.json b/roles/openshift_examples/files/examples/v3.9/db-templates/mongodb-ephemeral-template.json
new file mode 100644
index 000000000..10f202c59
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/db-templates/mongodb-ephemeral-template.json
@@ -0,0 +1,272 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "mongodb-ephemeral",
+ "annotations": {
+ "openshift.io/display-name": "MongoDB (Ephemeral)",
+ "description": "MongoDB database service, without persistent storage. For more information about using this template, including OpenShift considerations, see https://github.com/sclorg/mongodb-container/blob/master/3.2/README.md.\n\nWARNING: Any data stored will be lost upon pod destruction. Only use this template for testing",
+ "iconClass": "icon-mongodb",
+ "tags": "database,mongodb",
+ "openshift.io/long-description": "This template provides a standalone MongoDB server with a database created. The database is not stored on persistent storage, so any restart of the service will result in all data being lost. The database name, username, and password are chosen via parameters when provisioning this service.",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "openshift.io/documentation-url": "https://docs.openshift.org/latest/using_images/db_images/mongodb.html",
+ "openshift.io/support-url": "https://access.redhat.com"
+ }
+ },
+ "message": "The following service(s) have been created in your project: ${DATABASE_SERVICE_NAME}.\n\n Username: ${MONGODB_USER}\n Password: ${MONGODB_PASSWORD}\n Database Name: ${MONGODB_DATABASE}\n Connection URL: mongodb://${MONGODB_USER}:${MONGODB_PASSWORD}@${DATABASE_SERVICE_NAME}/${MONGODB_DATABASE}\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/sclorg/mongodb-container/blob/master/3.2/README.md.",
+ "labels": {
+ "template": "mongodb-ephemeral-template"
+ },
+ "objects": [
+ {
+ "kind": "Secret",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-username": "{.data['database-user']}",
+ "template.openshift.io/expose-password": "{.data['database-password']}",
+ "template.openshift.io/expose-admin_password": "{.data['database-admin-password']}",
+ "template.openshift.io/expose-database_name": "{.data['database-name']}"
+ }
+ },
+ "stringData" : {
+ "database-user" : "${MONGODB_USER}",
+ "database-password" : "${MONGODB_PASSWORD}",
+ "database-admin-password" : "${MONGODB_ADMIN_PASSWORD}",
+ "database-name" : "${MONGODB_DATABASE}"
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "mongodb://{.spec.clusterIP}:{.spec.ports[?(.name==\"mongo\")].port}"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "mongo",
+ "protocol": "TCP",
+ "port": 27017,
+ "targetPort": 27017,
+ "nodePort": 0
+ }
+ ],
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "type": "ClusterIP",
+ "sessionAffinity": "None"
+ },
+ "status": {
+ "loadBalancer": {}
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "mongodb"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "mongodb:${MONGODB_VERSION}",
+ "namespace": "${NAMESPACE}"
+ },
+ "lastTriggeredImage": ""
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "labels": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "mongodb",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 27017,
+ "protocol": "TCP"
+ }
+ ],
+ "readinessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 3,
+ "exec": {
+ "command": [ "/bin/sh", "-i", "-c", "mongo 127.0.0.1:27017/$MONGODB_DATABASE -u $MONGODB_USER -p $MONGODB_PASSWORD --eval=\"quit()\""]
+ }
+ },
+ "livenessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 30,
+ "tcpSocket": {
+ "port": 27017
+ }
+ },
+ "env": [
+ {
+ "name": "MONGODB_USER",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${DATABASE_SERVICE_NAME}",
+ "key" : "database-user"
+ }
+ }
+ },
+ {
+ "name": "MONGODB_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${DATABASE_SERVICE_NAME}",
+ "key" : "database-password"
+ }
+ }
+ },
+ {
+ "name": "MONGODB_ADMIN_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${DATABASE_SERVICE_NAME}",
+ "key" : "database-admin-password"
+ }
+ }
+ },
+ {
+ "name": "MONGODB_DATABASE",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${DATABASE_SERVICE_NAME}",
+ "key" : "database-name"
+ }
+ }
+ }
+ ],
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_LIMIT}"
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "${DATABASE_SERVICE_NAME}-data",
+ "mountPath": "/var/lib/mongodb/data"
+ }
+ ],
+ "terminationMessagePath": "/dev/termination-log",
+ "imagePullPolicy": "IfNotPresent",
+ "capabilities": {},
+ "securityContext": {
+ "capabilities": {},
+ "privileged": false
+ }
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${DATABASE_SERVICE_NAME}-data",
+ "emptyDir": {
+ "medium": ""
+ }
+ }
+ ],
+ "restartPolicy": "Always",
+ "dnsPolicy": "ClusterFirst"
+ }
+ }
+ },
+ "status": {}
+ }
+ ],
+ "parameters": [
+ {
+ "name": "MEMORY_LIMIT",
+ "displayName": "Memory Limit",
+ "description": "Maximum amount of memory the container can use.",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "name": "NAMESPACE",
+ "displayName": "Namespace",
+ "description": "The OpenShift Namespace where the ImageStream resides.",
+ "value": "openshift"
+ },
+ {
+ "name": "DATABASE_SERVICE_NAME",
+ "displayName": "Database Service Name",
+ "description": "The name of the OpenShift Service exposed for the database.",
+ "value": "mongodb",
+ "required": true
+ },
+ {
+ "name": "MONGODB_USER",
+ "displayName": "MongoDB Connection Username",
+ "description": "Username for MongoDB user that will be used for accessing the database.",
+ "generate": "expression",
+ "from": "user[A-Z0-9]{3}",
+ "required": true
+ },
+ {
+ "name": "MONGODB_PASSWORD",
+ "displayName": "MongoDB Connection Password",
+ "description": "Password for the MongoDB connection user.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{16}",
+ "required": true
+ },
+ {
+ "name": "MONGODB_DATABASE",
+ "displayName": "MongoDB Database Name",
+ "description": "Name of the MongoDB database accessed.",
+ "value": "sampledb",
+ "required": true
+ },
+ {
+ "name": "MONGODB_ADMIN_PASSWORD",
+ "displayName": "MongoDB Admin Password",
+ "description": "Password for the database admin user.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{16}",
+ "required": true
+ },
+ {
+ "name": "MONGODB_VERSION",
+ "displayName": "Version of MongoDB Image",
+ "description": "Version of MongoDB image to be used (2.4, 2.6, 3.2 or latest).",
+ "value": "3.2",
+ "required": true
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/db-templates/mongodb-persistent-template.json b/roles/openshift_examples/files/examples/v3.9/db-templates/mongodb-persistent-template.json
new file mode 100644
index 000000000..97e4128a4
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/db-templates/mongodb-persistent-template.json
@@ -0,0 +1,296 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "mongodb-persistent",
+ "annotations": {
+ "openshift.io/display-name": "MongoDB (Persistent)",
+ "description": "MongoDB database service, with persistent storage. For more information about using this template, including OpenShift considerations, see https://github.com/sclorg/mongodb-container/blob/master/3.2/README.md.\n\nNOTE: Scaling to more than one replica is not supported. You must have persistent volumes available in your cluster to use this template.",
+ "iconClass": "icon-mongodb",
+ "tags": "database,mongodb",
+ "openshift.io/long-description": "This template provides a standalone MongoDB server with a database created. The database is stored on persistent storage. The database name, username, and password are chosen via parameters when provisioning this service.",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "openshift.io/documentation-url": "https://docs.openshift.org/latest/using_images/db_images/mongodb.html",
+ "openshift.io/support-url": "https://access.redhat.com"
+ }
+ },
+ "message": "The following service(s) have been created in your project: ${DATABASE_SERVICE_NAME}.\n\n Username: ${MONGODB_USER}\n Password: ${MONGODB_PASSWORD}\n Database Name: ${MONGODB_DATABASE}\n Connection URL: mongodb://${MONGODB_USER}:${MONGODB_PASSWORD}@${DATABASE_SERVICE_NAME}/${MONGODB_DATABASE}\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/sclorg/mongodb-container/blob/master/3.2/README.md.",
+ "labels": {
+ "template": "mongodb-persistent-template"
+ },
+ "objects": [
+ {
+ "kind": "Secret",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-username": "{.data['database-user']}",
+ "template.openshift.io/expose-password": "{.data['database-password']}",
+ "template.openshift.io/expose-admin_password": "{.data['database-admin-password']}",
+ "template.openshift.io/expose-database_name": "{.data['database-name']}"
+ }
+ },
+ "stringData" : {
+ "database-user" : "${MONGODB_USER}",
+ "database-password" : "${MONGODB_PASSWORD}",
+ "database-admin-password" : "${MONGODB_ADMIN_PASSWORD}",
+ "database-name" : "${MONGODB_DATABASE}"
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "mongodb://{.spec.clusterIP}:{.spec.ports[?(.name==\"mongo\")].port}"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "mongo",
+ "protocol": "TCP",
+ "port": 27017,
+ "targetPort": 27017,
+ "nodePort": 0
+ }
+ ],
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "type": "ClusterIP",
+ "sessionAffinity": "None"
+ },
+ "status": {
+ "loadBalancer": {}
+ }
+ },
+ {
+ "kind": "PersistentVolumeClaim",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "mongodb"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "mongodb:${MONGODB_VERSION}",
+ "namespace": "${NAMESPACE}"
+ },
+ "lastTriggeredImage": ""
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "labels": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "mongodb",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 27017,
+ "protocol": "TCP"
+ }
+ ],
+ "readinessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 3,
+ "exec": {
+ "command": [ "/bin/sh", "-i", "-c", "mongo 127.0.0.1:27017/$MONGODB_DATABASE -u $MONGODB_USER -p $MONGODB_PASSWORD --eval=\"quit()\""]
+ }
+ },
+ "livenessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 30,
+ "tcpSocket": {
+ "port": 27017
+ }
+ },
+ "env": [
+ {
+ "name": "MONGODB_USER",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${DATABASE_SERVICE_NAME}",
+ "key" : "database-user"
+ }
+ }
+ },
+ {
+ "name": "MONGODB_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${DATABASE_SERVICE_NAME}",
+ "key" : "database-password"
+ }
+ }
+ },
+ {
+ "name": "MONGODB_ADMIN_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${DATABASE_SERVICE_NAME}",
+ "key" : "database-admin-password"
+ }
+ }
+ },
+ {
+ "name": "MONGODB_DATABASE",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${DATABASE_SERVICE_NAME}",
+ "key" : "database-name"
+ }
+ }
+ }
+ ],
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_LIMIT}"
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "${DATABASE_SERVICE_NAME}-data",
+ "mountPath": "/var/lib/mongodb/data"
+ }
+ ],
+ "terminationMessagePath": "/dev/termination-log",
+ "imagePullPolicy": "IfNotPresent",
+ "capabilities": {},
+ "securityContext": {
+ "capabilities": {},
+ "privileged": false
+ }
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${DATABASE_SERVICE_NAME}-data",
+ "persistentVolumeClaim": {
+ "claimName": "${DATABASE_SERVICE_NAME}"
+ }
+ }
+ ],
+ "restartPolicy": "Always",
+ "dnsPolicy": "ClusterFirst"
+ }
+ }
+ },
+ "status": {}
+ }
+ ],
+ "parameters": [
+ {
+ "name": "MEMORY_LIMIT",
+ "displayName": "Memory Limit",
+ "description": "Maximum amount of memory the container can use.",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "name": "NAMESPACE",
+ "displayName": "Namespace",
+ "description": "The OpenShift Namespace where the ImageStream resides.",
+ "value": "openshift"
+ },
+ {
+ "name": "DATABASE_SERVICE_NAME",
+ "displayName": "Database Service Name",
+ "description": "The name of the OpenShift Service exposed for the database.",
+ "value": "mongodb",
+ "required": true
+ },
+ {
+ "name": "MONGODB_USER",
+ "displayName": "MongoDB Connection Username",
+ "description": "Username for MongoDB user that will be used for accessing the database.",
+ "generate": "expression",
+ "from": "user[A-Z0-9]{3}",
+ "required": true
+ },
+ {
+ "name": "MONGODB_PASSWORD",
+ "displayName": "MongoDB Connection Password",
+ "description": "Password for the MongoDB connection user.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{16}",
+ "required": true
+ },
+ {
+ "name": "MONGODB_DATABASE",
+ "displayName": "MongoDB Database Name",
+ "description": "Name of the MongoDB database accessed.",
+ "value": "sampledb",
+ "required": true
+ },
+ {
+ "name": "MONGODB_ADMIN_PASSWORD",
+ "displayName": "MongoDB Admin Password",
+ "description": "Password for the database admin user.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{16}",
+ "required": true
+ },
+ {
+ "name": "VOLUME_CAPACITY",
+ "displayName": "Volume Capacity",
+ "description": "Volume space available for data, e.g. 512Mi, 2Gi.",
+ "value": "1Gi",
+ "required": true
+ },
+ {
+ "name": "MONGODB_VERSION",
+ "displayName": "Version of MongoDB Image",
+ "description": "Version of MongoDB image to be used (2.4, 2.6, 3.2 or latest).",
+ "value": "3.2",
+ "required": true
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/db-templates/mysql-ephemeral-template.json b/roles/openshift_examples/files/examples/v3.9/db-templates/mysql-ephemeral-template.json
new file mode 100644
index 000000000..c0946416d
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/db-templates/mysql-ephemeral-template.json
@@ -0,0 +1,273 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "mysql-ephemeral",
+ "annotations": {
+ "openshift.io/display-name": "MySQL (Ephemeral)",
+ "description": "MySQL database service, without persistent storage. For more information about using this template, including OpenShift considerations, see https://github.com/sclorg/mysql-container/blob/master/5.7/README.md.\n\nWARNING: Any data stored will be lost upon pod destruction. Only use this template for testing",
+ "iconClass": "icon-mysql-database",
+ "tags": "database,mysql",
+ "openshift.io/long-description": "This template provides a standalone MySQL server with a database created. The database is not stored on persistent storage, so any restart of the service will result in all data being lost. The database name, username, and password are chosen via parameters when provisioning this service.",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "openshift.io/documentation-url": "https://docs.openshift.org/latest/using_images/db_images/mysql.html",
+ "openshift.io/support-url": "https://access.redhat.com"
+ }
+ },
+ "message": "The following service(s) have been created in your project: ${DATABASE_SERVICE_NAME}.\n\n Username: ${MYSQL_USER}\n Password: ${MYSQL_PASSWORD}\n Database Name: ${MYSQL_DATABASE}\n Connection URL: mysql://${DATABASE_SERVICE_NAME}:3306/\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/sclorg/mysql-container/blob/master/5.7/README.md.",
+ "labels": {
+ "template": "mysql-ephemeral-template"
+ },
+ "objects": [
+ {
+ "kind": "Secret",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-username": "{.data['database-user']}",
+ "template.openshift.io/expose-password": "{.data['database-password']}",
+ "template.openshift.io/expose-root_password": "{.data['database-root-password']}",
+ "template.openshift.io/expose-database_name": "{.data['database-name']}"
+ }
+ },
+ "stringData" : {
+ "database-user" : "${MYSQL_USER}",
+ "database-password" : "${MYSQL_PASSWORD}",
+ "database-root-password" : "${MYSQL_ROOT_PASSWORD}",
+ "database-name" : "${MYSQL_DATABASE}"
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "mysql://{.spec.clusterIP}:{.spec.ports[?(.name==\"mysql\")].port}"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "mysql",
+ "protocol": "TCP",
+ "port": 3306,
+ "targetPort": 3306,
+ "nodePort": 0
+ }
+ ],
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "type": "ClusterIP",
+ "sessionAffinity": "None"
+ },
+ "status": {
+ "loadBalancer": {}
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "mysql:${MYSQL_VERSION}",
+ "namespace": "${NAMESPACE}"
+ },
+ "lastTriggeredImage": ""
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "labels": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "mysql",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "readinessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 5,
+ "exec": {
+ "command": [ "/bin/sh", "-i", "-c",
+ "MYSQL_PWD=\"$MYSQL_PASSWORD\" mysql -h 127.0.0.1 -u $MYSQL_USER -D $MYSQL_DATABASE -e 'SELECT 1'"]
+ }
+ },
+ "livenessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 30,
+ "tcpSocket": {
+ "port": 3306
+ }
+ },
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${DATABASE_SERVICE_NAME}",
+ "key" : "database-user"
+ }
+ }
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${DATABASE_SERVICE_NAME}",
+ "key" : "database-password"
+ }
+ }
+ },
+ {
+ "name": "MYSQL_ROOT_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${DATABASE_SERVICE_NAME}",
+ "key" : "database-root-password"
+ }
+ }
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${DATABASE_SERVICE_NAME}",
+ "key" : "database-name"
+ }
+ }
+ }
+ ],
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_LIMIT}"
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "${DATABASE_SERVICE_NAME}-data",
+ "mountPath": "/var/lib/mysql/data"
+ }
+ ],
+ "terminationMessagePath": "/dev/termination-log",
+ "imagePullPolicy": "IfNotPresent",
+ "capabilities": {},
+ "securityContext": {
+ "capabilities": {},
+ "privileged": false
+ }
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${DATABASE_SERVICE_NAME}-data",
+ "emptyDir": {
+ "medium": ""
+ }
+ }
+ ],
+ "restartPolicy": "Always",
+ "dnsPolicy": "ClusterFirst"
+ }
+ }
+ },
+ "status": {}
+ }
+ ],
+ "parameters": [
+ {
+ "name": "MEMORY_LIMIT",
+ "displayName": "Memory Limit",
+ "description": "Maximum amount of memory the container can use.",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "name": "NAMESPACE",
+ "displayName": "Namespace",
+ "description": "The OpenShift Namespace where the ImageStream resides.",
+ "value": "openshift"
+ },
+ {
+ "name": "DATABASE_SERVICE_NAME",
+ "displayName": "Database Service Name",
+ "description": "The name of the OpenShift Service exposed for the database.",
+ "value": "mysql",
+ "required": true
+ },
+ {
+ "name": "MYSQL_USER",
+ "displayName": "MySQL Connection Username",
+ "description": "Username for MySQL user that will be used for accessing the database.",
+ "generate": "expression",
+ "from": "user[A-Z0-9]{3}",
+ "required": true
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "displayName": "MySQL Connection Password",
+ "description": "Password for the MySQL connection user.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{16}",
+ "required": true
+ },
+ {
+ "name": "MYSQL_ROOT_PASSWORD",
+ "displayName": "MySQL root user Password",
+ "description": "Password for the MySQL root user.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{16}",
+ "required": true
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "displayName": "MySQL Database Name",
+ "description": "Name of the MySQL database accessed.",
+ "value": "sampledb",
+ "required": true
+ },
+ {
+ "name": "MYSQL_VERSION",
+ "displayName": "Version of MySQL Image",
+ "description": "Version of MySQL image to be used (5.5, 5.6, 5.7, or latest).",
+ "value": "5.7",
+ "required": true
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/db-templates/mysql-persistent-template.json b/roles/openshift_examples/files/examples/v3.9/db-templates/mysql-persistent-template.json
new file mode 100644
index 000000000..48ac114fd
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/db-templates/mysql-persistent-template.json
@@ -0,0 +1,278 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "mysql-persistent",
+ "annotations": {
+ "openshift.io/display-name": "MySQL (Persistent)",
+ "description": "MySQL database service, with persistent storage. For more information about using this template, including OpenShift considerations, see https://github.com/sclorg/mysql-container/blob/master/5.7/README.md.\n\nNOTE: Scaling to more than one replica is not supported. You must have persistent volumes available in your cluster to use this template.",
+ "iconClass": "icon-mysql-database",
+ "tags": "database,mysql",
+ "openshift.io/long-description": "This template provides a standalone MySQL server with a database created. The database is stored on persistent storage. The database name, username, and password are chosen via parameters when provisioning this service.",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "openshift.io/documentation-url": "https://docs.openshift.org/latest/using_images/db_images/mysql.html",
+ "openshift.io/support-url": "https://access.redhat.com"
+ }
+ },
+ "message": "The following service(s) have been created in your project: ${DATABASE_SERVICE_NAME}.\n\n Username: ${MYSQL_USER}\n Password: ${MYSQL_PASSWORD}\n Database Name: ${MYSQL_DATABASE}\n Connection URL: mysql://${DATABASE_SERVICE_NAME}:3306/\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/sclorg/mysql-container/blob/master/5.7/README.md.",
+ "labels": {
+ "template": "mysql-persistent-template"
+ },
+ "objects": [
+ {
+ "kind": "Secret",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-username": "{.data['database-user']}",
+ "template.openshift.io/expose-password": "{.data['database-password']}",
+ "template.openshift.io/expose-root_password": "{.data['database-root-password']}",
+ "template.openshift.io/expose-database_name": "{.data['database-name']}"
+ }
+ },
+ "stringData" : {
+ "database-user" : "${MYSQL_USER}",
+ "database-password" : "${MYSQL_PASSWORD}",
+ "database-root-password" : "${MYSQL_ROOT_PASSWORD}",
+ "database-name" : "${MYSQL_DATABASE}"
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "mysql://{.spec.clusterIP}:{.spec.ports[?(.name==\"mysql\")].port}"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "mysql",
+ "port": 3306
+ }
+ ],
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "PersistentVolumeClaim",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "mysql:${MYSQL_VERSION}",
+ "namespace": "${NAMESPACE}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "labels": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "mysql",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 3306
+ }
+ ],
+ "readinessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 5,
+ "exec": {
+ "command": [ "/bin/sh", "-i", "-c",
+ "MYSQL_PWD=\"$MYSQL_PASSWORD\" mysql -h 127.0.0.1 -u $MYSQL_USER -D $MYSQL_DATABASE -e 'SELECT 1'"]
+ }
+ },
+ "livenessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 30,
+ "tcpSocket": {
+ "port": 3306
+ }
+ },
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${DATABASE_SERVICE_NAME}",
+ "key" : "database-user"
+ }
+ }
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${DATABASE_SERVICE_NAME}",
+ "key" : "database-password"
+ }
+ }
+ },
+ {
+ "name": "MYSQL_ROOT_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${DATABASE_SERVICE_NAME}",
+ "key" : "database-root-password"
+ }
+ }
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${DATABASE_SERVICE_NAME}",
+ "key" : "database-name"
+ }
+ }
+ }
+ ],
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_LIMIT}"
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "${DATABASE_SERVICE_NAME}-data",
+ "mountPath": "/var/lib/mysql/data"
+ }
+ ],
+ "imagePullPolicy": "IfNotPresent"
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${DATABASE_SERVICE_NAME}-data",
+ "persistentVolumeClaim": {
+ "claimName": "${DATABASE_SERVICE_NAME}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ],
+ "parameters": [
+ {
+ "name": "MEMORY_LIMIT",
+ "displayName": "Memory Limit",
+ "description": "Maximum amount of memory the container can use.",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "name": "NAMESPACE",
+ "displayName": "Namespace",
+ "description": "The OpenShift Namespace where the ImageStream resides.",
+ "value": "openshift"
+ },
+ {
+ "name": "DATABASE_SERVICE_NAME",
+ "displayName": "Database Service Name",
+ "description": "The name of the OpenShift Service exposed for the database.",
+ "value": "mysql",
+ "required": true
+ },
+ {
+ "name": "MYSQL_USER",
+ "displayName": "MySQL Connection Username",
+ "description": "Username for MySQL user that will be used for accessing the database.",
+ "generate": "expression",
+ "from": "user[A-Z0-9]{3}",
+ "required": true
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "displayName": "MySQL Connection Password",
+ "description": "Password for the MySQL connection user.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{16}",
+ "required": true
+ },
+ {
+ "name": "MYSQL_ROOT_PASSWORD",
+ "displayName": "MySQL root user Password",
+ "description": "Password for the MySQL root user.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{16}",
+ "required": true
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "displayName": "MySQL Database Name",
+ "description": "Name of the MySQL database accessed.",
+ "value": "sampledb",
+ "required": true
+ },
+ {
+ "name": "VOLUME_CAPACITY",
+ "displayName": "Volume Capacity",
+ "description": "Volume space available for data, e.g. 512Mi, 2Gi.",
+ "value": "1Gi",
+ "required": true
+ },
+ {
+ "name": "MYSQL_VERSION",
+ "displayName": "Version of MySQL Image",
+ "description": "Version of MySQL image to be used (5.5, 5.6, 5.7, or latest).",
+ "value": "5.7",
+ "required": true
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/db-templates/postgresql-ephemeral-template.json b/roles/openshift_examples/files/examples/v3.9/db-templates/postgresql-ephemeral-template.json
new file mode 100644
index 000000000..7c419f1ae
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/db-templates/postgresql-ephemeral-template.json
@@ -0,0 +1,253 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "postgresql-ephemeral",
+ "annotations": {
+ "openshift.io/display-name": "PostgreSQL (Ephemeral)",
+ "description": "PostgreSQL database service, without persistent storage. For more information about using this template, including OpenShift considerations, see https://github.com/sclorg/postgresql-container/blob/master/9.5.\n\nWARNING: Any data stored will be lost upon pod destruction. Only use this template for testing",
+ "iconClass": "icon-postgresql",
+ "tags": "database,postgresql",
+ "openshift.io/long-description": "This template provides a standalone PostgreSQL server with a database created. The database is not stored on persistent storage, so any restart of the service will result in all data being lost. The database name, username, and password are chosen via parameters when provisioning this service.",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "openshift.io/documentation-url": "https://docs.openshift.org/latest/using_images/db_images/postgresql.html",
+ "openshift.io/support-url": "https://access.redhat.com"
+ }
+ },
+ "message": "The following service(s) have been created in your project: ${DATABASE_SERVICE_NAME}.\n\n Username: ${POSTGRESQL_USER}\n Password: ${POSTGRESQL_PASSWORD}\n Database Name: ${POSTGRESQL_DATABASE}\n Connection URL: postgresql://${DATABASE_SERVICE_NAME}:5432/\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/sclorg/postgresql-container/blob/master/9.5.",
+ "labels": {
+ "template": "postgresql-ephemeral-template"
+ },
+ "objects": [
+ {
+ "kind": "Secret",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-username": "{.data['database-user']}",
+ "template.openshift.io/expose-password": "{.data['database-password']}",
+ "template.openshift.io/expose-database_name": "{.data['database-name']}"
+ }
+ },
+ "stringData" : {
+ "database-user" : "${POSTGRESQL_USER}",
+ "database-password" : "${POSTGRESQL_PASSWORD}",
+ "database-name" : "${POSTGRESQL_DATABASE}"
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "postgres://{.spec.clusterIP}:{.spec.ports[?(.name==\"postgresql\")].port}"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "postgresql",
+ "protocol": "TCP",
+ "port": 5432,
+ "targetPort": 5432,
+ "nodePort": 0
+ }
+ ],
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "type": "ClusterIP",
+ "sessionAffinity": "None"
+ },
+ "status": {
+ "loadBalancer": {}
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "postgresql:${POSTGRESQL_VERSION}",
+ "namespace": "${NAMESPACE}"
+ },
+ "lastTriggeredImage": ""
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "labels": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "postgresql",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "readinessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 5,
+ "exec": {
+ "command": [ "/bin/sh", "-i", "-c", "psql -h 127.0.0.1 -U $POSTGRESQL_USER -q -d $POSTGRESQL_DATABASE -c 'SELECT 1'"]
+ }
+ },
+ "livenessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 30,
+ "tcpSocket": {
+ "port": 5432
+ }
+ },
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${DATABASE_SERVICE_NAME}",
+ "key" : "database-user"
+ }
+ }
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${DATABASE_SERVICE_NAME}",
+ "key" : "database-password"
+ }
+ }
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${DATABASE_SERVICE_NAME}",
+ "key" : "database-name"
+ }
+ }
+ }
+ ],
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_LIMIT}"
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "${DATABASE_SERVICE_NAME}-data",
+ "mountPath": "/var/lib/pgsql/data"
+ }
+ ],
+ "terminationMessagePath": "/dev/termination-log",
+ "imagePullPolicy": "IfNotPresent",
+ "capabilities": {},
+ "securityContext": {
+ "capabilities": {},
+ "privileged": false
+ }
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${DATABASE_SERVICE_NAME}-data",
+ "emptyDir": {
+ "medium": ""
+ }
+ }
+ ],
+ "restartPolicy": "Always",
+ "dnsPolicy": "ClusterFirst"
+ }
+ }
+ },
+ "status": {}
+ }
+ ],
+ "parameters": [
+ {
+ "name": "MEMORY_LIMIT",
+ "displayName": "Memory Limit",
+ "description": "Maximum amount of memory the container can use.",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "name": "NAMESPACE",
+ "displayName": "Namespace",
+ "description": "The OpenShift Namespace where the ImageStream resides.",
+ "value": "openshift"
+ },
+ {
+ "name": "DATABASE_SERVICE_NAME",
+ "displayName": "Database Service Name",
+ "description": "The name of the OpenShift Service exposed for the database.",
+ "value": "postgresql",
+ "required": true
+ },
+ {
+ "name": "POSTGRESQL_USER",
+ "displayName": "PostgreSQL Connection Username",
+ "description": "Username for PostgreSQL user that will be used for accessing the database.",
+ "generate": "expression",
+ "from": "user[A-Z0-9]{3}",
+ "required": true
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "displayName": "PostgreSQL Connection Password",
+ "description": "Password for the PostgreSQL connection user.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{16}",
+ "required": true
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "displayName": "PostgreSQL Database Name",
+ "description": "Name of the PostgreSQL database accessed.",
+ "value": "sampledb",
+ "required": true
+ },
+ {
+ "name": "POSTGRESQL_VERSION",
+ "displayName": "Version of PostgreSQL Image",
+ "description": "Version of PostgreSQL image to be used (9.2, 9.4, 9.5 or latest).",
+ "value": "9.5",
+ "required": true
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/db-templates/postgresql-persistent-template.json b/roles/openshift_examples/files/examples/v3.9/db-templates/postgresql-persistent-template.json
new file mode 100644
index 000000000..8a2d23907
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/db-templates/postgresql-persistent-template.json
@@ -0,0 +1,277 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "postgresql-persistent",
+ "annotations": {
+ "openshift.io/display-name": "PostgreSQL (Persistent)",
+ "description": "PostgreSQL database service, with persistent storage. For more information about using this template, including OpenShift considerations, see https://github.com/sclorg/postgresql-container/blob/master/9.5.\n\nNOTE: Scaling to more than one replica is not supported. You must have persistent volumes available in your cluster to use this template.",
+ "iconClass": "icon-postgresql",
+ "tags": "database,postgresql",
+ "openshift.io/long-description": "This template provides a standalone PostgreSQL server with a database created. The database is stored on persistent storage. The database name, username, and password are chosen via parameters when provisioning this service.",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "openshift.io/documentation-url": "https://docs.openshift.org/latest/using_images/db_images/postgresql.html",
+ "openshift.io/support-url": "https://access.redhat.com"
+ }
+ },
+ "message": "The following service(s) have been created in your project: ${DATABASE_SERVICE_NAME}.\n\n Username: ${POSTGRESQL_USER}\n Password: ${POSTGRESQL_PASSWORD}\n Database Name: ${POSTGRESQL_DATABASE}\n Connection URL: postgresql://${DATABASE_SERVICE_NAME}:5432/\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/sclorg/postgresql-container/blob/master/9.5.",
+ "labels": {
+ "template": "postgresql-persistent-template"
+ },
+ "objects": [
+ {
+ "kind": "Secret",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-username": "{.data['database-user']}",
+ "template.openshift.io/expose-password": "{.data['database-password']}",
+ "template.openshift.io/expose-database_name": "{.data['database-name']}"
+ }
+ },
+ "stringData" : {
+ "database-user" : "${POSTGRESQL_USER}",
+ "database-password" : "${POSTGRESQL_PASSWORD}",
+ "database-name" : "${POSTGRESQL_DATABASE}"
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "postgres://{.spec.clusterIP}:{.spec.ports[?(.name==\"postgresql\")].port}"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "postgresql",
+ "protocol": "TCP",
+ "port": 5432,
+ "targetPort": 5432,
+ "nodePort": 0
+ }
+ ],
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "type": "ClusterIP",
+ "sessionAffinity": "None"
+ },
+ "status": {
+ "loadBalancer": {}
+ }
+ },
+ {
+ "kind": "PersistentVolumeClaim",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "postgresql:${POSTGRESQL_VERSION}",
+ "namespace": "${NAMESPACE}"
+ },
+ "lastTriggeredImage": ""
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "labels": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "postgresql",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "readinessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 5,
+ "exec": {
+ "command": [ "/bin/sh", "-i", "-c", "psql -h 127.0.0.1 -U $POSTGRESQL_USER -q -d $POSTGRESQL_DATABASE -c 'SELECT 1'"]
+ }
+ },
+ "livenessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 30,
+ "tcpSocket": {
+ "port": 5432
+ }
+ },
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${DATABASE_SERVICE_NAME}",
+ "key" : "database-user"
+ }
+ }
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${DATABASE_SERVICE_NAME}",
+ "key" : "database-password"
+ }
+ }
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${DATABASE_SERVICE_NAME}",
+ "key" : "database-name"
+ }
+ }
+ }
+ ],
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_LIMIT}"
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "${DATABASE_SERVICE_NAME}-data",
+ "mountPath": "/var/lib/pgsql/data"
+ }
+ ],
+ "terminationMessagePath": "/dev/termination-log",
+ "imagePullPolicy": "IfNotPresent",
+ "capabilities": {},
+ "securityContext": {
+ "capabilities": {},
+ "privileged": false
+ }
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${DATABASE_SERVICE_NAME}-data",
+ "persistentVolumeClaim": {
+ "claimName": "${DATABASE_SERVICE_NAME}"
+ }
+ }
+ ],
+ "restartPolicy": "Always",
+ "dnsPolicy": "ClusterFirst"
+ }
+ }
+ },
+ "status": {}
+ }
+ ],
+ "parameters": [
+ {
+ "name": "MEMORY_LIMIT",
+ "displayName": "Memory Limit",
+ "description": "Maximum amount of memory the container can use.",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "name": "NAMESPACE",
+ "displayName": "Namespace",
+ "description": "The OpenShift Namespace where the ImageStream resides.",
+ "value": "openshift"
+ },
+ {
+ "name": "DATABASE_SERVICE_NAME",
+ "displayName": "Database Service Name",
+ "description": "The name of the OpenShift Service exposed for the database.",
+ "value": "postgresql",
+ "required": true
+ },
+ {
+ "name": "POSTGRESQL_USER",
+ "displayName": "PostgreSQL Connection Username",
+ "description": "Username for PostgreSQL user that will be used for accessing the database.",
+ "generate": "expression",
+ "from": "user[A-Z0-9]{3}",
+ "required": true
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "displayName": "PostgreSQL Connection Password",
+ "description": "Password for the PostgreSQL connection user.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{16}",
+ "required": true
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "displayName": "PostgreSQL Database Name",
+ "description": "Name of the PostgreSQL database accessed.",
+ "value": "sampledb",
+ "required": true
+ },
+ {
+ "name": "VOLUME_CAPACITY",
+ "displayName": "Volume Capacity",
+ "description": "Volume space available for data, e.g. 512Mi, 2Gi.",
+ "value": "1Gi",
+ "required": true
+ },
+ {
+ "name": "POSTGRESQL_VERSION",
+ "displayName": "Version of PostgreSQL Image",
+ "description": "Version of PostgreSQL image to be used (9.2, 9.4, 9.5 or latest).",
+ "value": "9.5",
+ "required": true
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/db-templates/redis-ephemeral-template.json b/roles/openshift_examples/files/examples/v3.9/db-templates/redis-ephemeral-template.json
new file mode 100644
index 000000000..ee60af9db
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/db-templates/redis-ephemeral-template.json
@@ -0,0 +1,216 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "redis-ephemeral",
+ "annotations": {
+ "openshift.io/display-name": "Redis (Ephemeral)",
+ "description": "Redis in-memory data structure store, without persistent storage. For more information about using this template, including OpenShift considerations, see https://github.com/sclorg/redis-container/blob/master/3.2.\n\nWARNING: Any data stored will be lost upon pod destruction. Only use this template for testing",
+ "iconClass": "icon-redis",
+ "tags": "database,redis",
+ "openshift.io/long-description": "This template provides a standalone Redis server. The data is not stored on persistent storage, so any restart of the service will result in all data being lost.",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "openshift.io/documentation-url": "https://github.com/sclorg/redis-container/tree/master/3.2",
+ "openshift.io/support-url": "https://access.redhat.com"
+ }
+ },
+ "message": "The following service(s) have been created in your project: ${DATABASE_SERVICE_NAME}.\n\n Password: ${REDIS_PASSWORD}\n Connection URL: redis://${DATABASE_SERVICE_NAME}:6379/\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/sclorg/redis-container/blob/master/3.2.",
+ "labels": {
+ "template": "redis-ephemeral-template"
+ },
+ "objects": [
+ {
+ "kind": "Secret",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-password": "{.data['database-password']}"
+ }
+ },
+ "stringData" : {
+ "database-password" : "${REDIS_PASSWORD}"
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "redis://{.spec.clusterIP}:{.spec.ports[?(.name==\"redis\")].port}"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "redis",
+ "protocol": "TCP",
+ "port": 6379,
+ "targetPort": 6379,
+ "nodePort": 0
+ }
+ ],
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "type": "ClusterIP",
+ "sessionAffinity": "None"
+ },
+ "status": {
+ "loadBalancer": {}
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "redis"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "redis:${REDIS_VERSION}",
+ "namespace": "${NAMESPACE}"
+ },
+ "lastTriggeredImage": ""
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "labels": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "redis",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 6379,
+ "protocol": "TCP"
+ }
+ ],
+ "readinessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 5,
+ "exec": {
+ "command": [ "/bin/sh", "-i", "-c", "test \"$(redis-cli -h 127.0.0.1 -a $REDIS_PASSWORD ping)\" == \"PONG\""]
+ }
+ },
+ "livenessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 30,
+ "tcpSocket": {
+ "port": 6379
+ }
+ },
+ "env": [
+ {
+ "name": "REDIS_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${DATABASE_SERVICE_NAME}",
+ "key" : "database-password"
+ }
+ }
+ }
+ ],
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_LIMIT}"
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "${DATABASE_SERVICE_NAME}-data",
+ "mountPath": "/var/lib/redis/data"
+ }
+ ],
+ "terminationMessagePath": "/dev/termination-log",
+ "imagePullPolicy": "IfNotPresent",
+ "capabilities": {},
+ "securityContext": {
+ "capabilities": {},
+ "privileged": false
+ }
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${DATABASE_SERVICE_NAME}-data",
+ "emptyDir": {
+ "medium": ""
+ }
+ }
+ ],
+ "restartPolicy": "Always",
+ "dnsPolicy": "ClusterFirst"
+ }
+ }
+ },
+ "status": {}
+ }
+ ],
+ "parameters": [
+ {
+ "name": "MEMORY_LIMIT",
+ "displayName": "Memory Limit",
+ "description": "Maximum amount of memory the container can use.",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "name": "NAMESPACE",
+ "displayName": "Namespace",
+ "description": "The OpenShift Namespace where the ImageStream resides.",
+ "value": "openshift"
+ },
+ {
+ "name": "DATABASE_SERVICE_NAME",
+ "displayName": "Database Service Name",
+ "description": "The name of the OpenShift Service exposed for the database.",
+ "value": "redis",
+ "required": true
+ },
+ {
+ "name": "REDIS_PASSWORD",
+ "displayName": "Redis Connection Password",
+ "description": "Password for the Redis connection user.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{16}",
+ "required": true
+ },
+ {
+ "name": "REDIS_VERSION",
+ "displayName": "Version of Redis Image",
+ "description": "Version of Redis image to be used (3.2 or latest).",
+ "value": "3.2",
+ "required": true
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/db-templates/redis-persistent-template.json b/roles/openshift_examples/files/examples/v3.9/db-templates/redis-persistent-template.json
new file mode 100644
index 000000000..e0e0a88d5
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/db-templates/redis-persistent-template.json
@@ -0,0 +1,240 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "redis-persistent",
+ "annotations": {
+ "openshift.io/display-name": "Redis (Persistent)",
+ "description": "Redis in-memory data structure store, with persistent storage. For more information about using this template, including OpenShift considerations, see https://github.com/sclorg/redis-container/blob/master/3.2.\n\nNOTE: You must have persistent volumes available in your cluster to use this template.",
+ "iconClass": "icon-redis",
+ "tags": "database,redis",
+ "openshift.io/long-description": "This template provides a standalone Redis server. The data is stored on persistent storage.",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "openshift.io/documentation-url": "https://github.com/sclorg/redis-container/tree/master/3.2",
+ "openshift.io/support-url": "https://access.redhat.com"
+ }
+ },
+ "message": "The following service(s) have been created in your project: ${DATABASE_SERVICE_NAME}.\n\n Password: ${REDIS_PASSWORD}\n Connection URL: redis://${DATABASE_SERVICE_NAME}:6379/\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/sclorg/redis-container/blob/master/3.2.",
+ "labels": {
+ "template": "redis-persistent-template"
+ },
+ "objects": [
+ {
+ "kind": "Secret",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-password": "{.data['database-password']}"
+ }
+ },
+ "stringData" : {
+ "database-password" : "${REDIS_PASSWORD}"
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "redis://{.spec.clusterIP}:{.spec.ports[?(.name==\"redis\")].port}"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "redis",
+ "protocol": "TCP",
+ "port": 6379,
+ "targetPort": 6379,
+ "nodePort": 0
+ }
+ ],
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "type": "ClusterIP",
+ "sessionAffinity": "None"
+ },
+ "status": {
+ "loadBalancer": {}
+ }
+ },
+ {
+ "kind": "PersistentVolumeClaim",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "redis"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "redis:${REDIS_VERSION}",
+ "namespace": "${NAMESPACE}"
+ },
+ "lastTriggeredImage": ""
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "labels": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "redis",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 6379,
+ "protocol": "TCP"
+ }
+ ],
+ "readinessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 5,
+ "exec": {
+ "command": [ "/bin/sh", "-i", "-c", "test \"$(redis-cli -h 127.0.0.1 -a $REDIS_PASSWORD ping)\" == \"PONG\""]
+ }
+ },
+ "livenessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 30,
+ "tcpSocket": {
+ "port": 6379
+ }
+ },
+ "env": [
+ {
+ "name": "REDIS_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${DATABASE_SERVICE_NAME}",
+ "key" : "database-password"
+ }
+ }
+ }
+ ],
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_LIMIT}"
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "${DATABASE_SERVICE_NAME}-data",
+ "mountPath": "/var/lib/redis/data"
+ }
+ ],
+ "terminationMessagePath": "/dev/termination-log",
+ "imagePullPolicy": "IfNotPresent",
+ "capabilities": {},
+ "securityContext": {
+ "capabilities": {},
+ "privileged": false
+ }
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${DATABASE_SERVICE_NAME}-data",
+ "persistentVolumeClaim": {
+ "claimName": "${DATABASE_SERVICE_NAME}"
+ }
+ }
+ ],
+ "restartPolicy": "Always",
+ "dnsPolicy": "ClusterFirst"
+ }
+ }
+ },
+ "status": {}
+ }
+ ],
+ "parameters": [
+ {
+ "name": "MEMORY_LIMIT",
+ "displayName": "Memory Limit",
+ "description": "Maximum amount of memory the container can use.",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "name": "NAMESPACE",
+ "displayName": "Namespace",
+ "description": "The OpenShift Namespace where the ImageStream resides.",
+ "value": "openshift"
+ },
+ {
+ "name": "DATABASE_SERVICE_NAME",
+ "displayName": "Database Service Name",
+ "description": "The name of the OpenShift Service exposed for the database.",
+ "value": "redis",
+ "required": true
+ },
+ {
+ "name": "REDIS_PASSWORD",
+ "displayName": "Redis Connection Password",
+ "description": "Password for the Redis connection user.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{16}",
+ "required": true
+ },
+ {
+ "name": "VOLUME_CAPACITY",
+ "displayName": "Volume Capacity",
+ "description": "Volume space available for data, e.g. 512Mi, 2Gi.",
+ "value": "1Gi",
+ "required": true
+ },
+ {
+ "name": "REDIS_VERSION",
+ "displayName": "Version of Redis Image",
+ "description": "Version of Redis image to be used (3.2 or latest).",
+ "value": "3.2",
+ "required": true
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/image-streams/OWNERS b/roles/openshift_examples/files/examples/v3.9/image-streams/OWNERS
new file mode 100644
index 000000000..6ddf77f12
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/image-streams/OWNERS
@@ -0,0 +1,14 @@
+reviewers:
+ - bparees
+ - sspeiche
+ - mfojtik
+ - liggitt
+ - jcantrill
+ - hhorak
+ - csrwng
+approvers:
+ - bparees
+ - mfojtik
+ - liggitt
+ - jcantrill
+ - csrwng
diff --git a/roles/openshift_examples/files/examples/v3.9/image-streams/dotnet_imagestreams.json b/roles/openshift_examples/files/examples/v3.9/image-streams/dotnet_imagestreams.json
new file mode 100644
index 000000000..ee753966f
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/image-streams/dotnet_imagestreams.json
@@ -0,0 +1,140 @@
+{
+ "kind": "ImageStreamList",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "dotnet-image-streams",
+ "annotations": {
+ "description": "ImageStream definitions for .NET Core on RHEL"
+ }
+ },
+ "items": [
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "dotnet",
+ "annotations": {
+ "openshift.io/display-name": ".NET Core Builder Images"
+ }
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "latest",
+ "annotations": {
+ "openshift.io/display-name": ".NET Core (Latest)",
+ "description": "Build and run .NET Core applications on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/redhat-developer/s2i-dotnetcore/tree/master/2.0/build/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of .NET Core available on OpenShift, including major versions updates.",
+ "iconClass": "icon-dotnet",
+ "tags": "builder,.net,dotnet,dotnetcore",
+ "supports":"dotnet",
+ "sampleRepo": "https://github.com/redhat-developer/s2i-dotnetcore-ex.git",
+ "sampleContextDir": "app",
+ "sampleRef": "dotnetcore-2.0"
+ },
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "2.0"
+ }
+ },
+ {
+ "name": "2.0",
+ "annotations": {
+ "openshift.io/display-name": ".NET Core 2.0",
+ "description": "Build and run .NET Core 2.0 applications on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/redhat-developer/s2i-dotnetcore/tree/master/2.0/build/README.md.",
+ "iconClass": "icon-dotnet",
+ "tags": "builder,.net,dotnet,dotnetcore,rh-dotnet20",
+ "supports":"dotnet:2.0,dotnet",
+ "sampleRepo": "https://github.com/redhat-developer/s2i-dotnetcore-ex.git",
+ "sampleContextDir": "app",
+ "sampleRef": "dotnetcore-2.0",
+ "version": "2.0"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/dotnet/dotnet-20-rhel7:2.0"
+ }
+ },
+ {
+ "name": "1.1",
+ "annotations": {
+ "openshift.io/display-name": ".NET Core 1.1",
+ "description": "Build and run .NET Core 1.1 applications on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/redhat-developer/s2i-dotnetcore/tree/master/1.1/README.md.",
+ "iconClass": "icon-dotnet",
+ "tags": "builder,.net,dotnet,dotnetcore,rh-dotnetcore11",
+ "supports":"dotnet:1.1,dotnet",
+ "sampleRepo": "https://github.com/redhat-developer/s2i-dotnetcore-ex.git",
+ "sampleContextDir": "app",
+ "sampleRef": "dotnetcore-1.1",
+ "version": "1.1"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/dotnet/dotnetcore-11-rhel7:1.1"
+ }
+ },
+ {
+ "name": "1.0",
+ "annotations": {
+ "openshift.io/display-name": ".NET Core 1.0",
+ "description": "Build and run .NET Core 1.0 applications on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/redhat-developer/s2i-dotnetcore/tree/master/1.0/README.md.",
+ "iconClass": "icon-dotnet",
+ "tags": "builder,.net,dotnet,dotnetcore,rh-dotnetcore10",
+ "supports":"dotnet:1.0,dotnet",
+ "sampleRepo": "https://github.com/redhat-developer/s2i-dotnetcore-ex.git",
+ "sampleContextDir": "app",
+ "sampleRef": "dotnetcore-1.0",
+ "version": "1.0"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/dotnet/dotnetcore-10-rhel7:1.0"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "dotnet-runtime",
+ "annotations": {
+ "openshift.io/display-name": ".NET Core Runtime Images"
+ }
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "latest",
+ "annotations": {
+ "openshift.io/display-name": ".NET Core Runtime (Latest)",
+ "description": "Run .NET Core applications on RHEL 7. For more information about using this image, including OpenShift considerations, see https://github.com/redhat-developer/s2i-dotnetcore/tree/master/2.0/runtime/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of .NET Core Runtime available on OpenShift, including major versions updates.",
+ "iconClass": "icon-dotnet",
+ "tags": "runtime,.net-runtime,dotnet-runtime,dotnetcore-runtime",
+ "supports":"dotnet-runtime"
+ },
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "2.0"
+ }
+ },
+ {
+ "name": "2.0",
+ "annotations": {
+ "openshift.io/display-name": ".NET Core 2.0 Runtime",
+ "description": "Run .NET Core applications on RHEL 7. For more information about using this image, including OpenShift considerations, see https://github.com/redhat-developer/s2i-dotnetcore/tree/master/2.0/runtime/README.md.",
+ "iconClass": "icon-dotnet",
+ "tags": "runtime,.net-runtime,dotnet-runtime,dotnetcore-runtime",
+ "supports":"dotnet-runtime",
+ "version": "2.0"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/dotnet/dotnet-20-runtime-rhel7:2.0"
+ }
+ }
+ ]
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/image-streams/dotnet_imagestreams_centos.json b/roles/openshift_examples/files/examples/v3.9/image-streams/dotnet_imagestreams_centos.json
new file mode 100644
index 000000000..79afc355b
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/image-streams/dotnet_imagestreams_centos.json
@@ -0,0 +1,104 @@
+{
+ "kind": "ImageStreamList",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "dotnet-image-streams",
+ "annotations": {
+ "description": "ImageStream definitions for .NET Core on CentOS"
+ }
+ },
+ "items": [
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "dotnet",
+ "annotations": {
+ "openshift.io/display-name": ".NET Core Builder Images"
+ }
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "latest",
+ "annotations": {
+ "openshift.io/display-name": ".NET Core (Latest)",
+ "description": "Build and run .NET Core applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/redhat-developer/s2i-dotnetcore/tree/master/2.0/build/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of .NET Core available on OpenShift, including major versions updates.",
+ "iconClass": "icon-dotnet",
+ "tags": "builder,.net,dotnet,dotnetcore",
+ "supports":"dotnet",
+ "sampleRepo": "https://github.com/redhat-developer/s2i-dotnetcore-ex.git",
+ "sampleContextDir": "app",
+ "sampleRef": "dotnetcore-2.0"
+ },
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "2.0"
+ }
+ },
+ {
+ "name": "2.0",
+ "annotations": {
+ "openshift.io/display-name": ".NET Core 2.0",
+ "description": "Build and run .NET Core 2.0 applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/redhat-developer/s2i-dotnetcore/tree/master/2.0/build/README.md.",
+ "iconClass": "icon-dotnet",
+ "tags": "builder,.net,dotnet,dotnetcore,rh-dotnet20",
+ "supports":"dotnet:2.0,dotnet",
+ "sampleRepo": "https://github.com/redhat-developer/s2i-dotnetcore-ex.git",
+ "sampleContextDir": "app",
+ "sampleRef": "dotnetcore-2.0",
+ "version": "2.0"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.centos.org/dotnet/dotnet-20-centos7:latest"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "dotnet-runtime",
+ "annotations": {
+ "openshift.io/display-name": ".NET Core Runtime Images"
+ }
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "latest",
+ "annotations": {
+ "openshift.io/display-name": ".NET Core Runtime (Latest)",
+ "description": "Run .NET Core applications on CentOS 7. For more information about using this image, including OpenShift considerations, see https://github.com/redhat-developer/s2i-dotnetcore/tree/master/2.0/runtime/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of .NET Core Runtime available on OpenShift, including major versions updates.",
+ "iconClass": "icon-dotnet",
+ "tags": "runtime,.net-runtime,dotnet-runtime,dotnetcore-runtime",
+ "supports":"dotnet-runtime"
+ },
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "2.0"
+ }
+ },
+ {
+ "name": "2.0",
+ "annotations": {
+ "openshift.io/display-name": ".NET Core 2.0 Runtime",
+ "description": "Run .NET Core applications on CentOS 7. For more information about using this image, including OpenShift considerations, see https://github.com/redhat-developer/s2i-dotnetcore/tree/master/2.0/runtime/README.md.",
+ "iconClass": "icon-dotnet",
+ "tags": "runtime,.net-runtime,dotnet-runtime,dotnetcore-runtime",
+ "supports":"dotnet-runtime",
+ "version": "2.0"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.centos.org/dotnet/dotnet-20-runtime-centos7:latest"
+ }
+ }
+ ]
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/image-streams/image-streams-centos7.json b/roles/openshift_examples/files/examples/v3.9/image-streams/image-streams-centos7.json
new file mode 100644
index 000000000..e7af160d9
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/image-streams/image-streams-centos7.json
@@ -0,0 +1,954 @@
+{
+ "kind": "ImageStreamList",
+ "apiVersion": "v1",
+ "metadata": {},
+ "items": [
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "httpd",
+ "annotations": {
+ "openshift.io/display-name": "Apache HTTP Server (httpd)"
+ }
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "latest",
+ "annotations": {
+ "openshift.io/display-name": "Apache HTTP Server (Latest)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and serve static content via Apache HTTP Server (httpd) on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/httpd-container/blob/master/2.4/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of Httpd available on OpenShift, including major versions updates.",
+ "iconClass": "icon-apache",
+ "tags": "builder,httpd",
+ "supports":"httpd",
+ "sampleRepo": "https://github.com/openshift/httpd-ex.git"
+ },
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "2.4"
+ }
+ },
+ {
+ "name": "2.4",
+ "annotations": {
+ "openshift.io/display-name": "Apache HTTP Server 2.4",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and serve static content via Apache HTTP Server (httpd) 2.4 on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/httpd-container/blob/master/2.4/README.md.",
+ "iconClass": "icon-apache",
+ "tags": "builder,httpd",
+ "supports":"httpd",
+ "version": "2.4",
+ "sampleRepo": "https://github.com/openshift/httpd-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "centos/httpd-24-centos7:latest"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "ruby",
+ "annotations": {
+ "openshift.io/display-name": "Ruby"
+ }
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "latest",
+ "annotations": {
+ "openshift.io/display-name": "Ruby (Latest)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run Ruby applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-ruby-container/tree/master/2.3/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of Ruby available on OpenShift, including major versions updates.",
+ "iconClass": "icon-ruby",
+ "tags": "builder,ruby",
+ "supports": "ruby",
+ "sampleRepo": "https://github.com/openshift/ruby-ex.git"
+ },
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "2.4"
+ }
+ },
+ {
+ "name": "2.0",
+ "annotations": {
+ "openshift.io/display-name": "Ruby 2.0",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run Ruby 2.0 applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-ruby-container/tree/master/2.0/README.md.",
+ "iconClass": "icon-ruby",
+ "tags": "hidden,builder,ruby",
+ "supports": "ruby:2.0,ruby",
+ "version": "2.0",
+ "sampleRepo": "https://github.com/openshift/ruby-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "openshift/ruby-20-centos7:latest"
+ }
+ },
+ {
+ "name": "2.2",
+ "annotations": {
+ "openshift.io/display-name": "Ruby 2.2",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run Ruby 2.2 applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-ruby-container/tree/master/2.2/README.md.",
+ "iconClass": "icon-ruby",
+ "tags": "builder,ruby",
+ "supports": "ruby:2.2,ruby",
+ "version": "2.2",
+ "sampleRepo": "https://github.com/openshift/ruby-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "centos/ruby-22-centos7:latest"
+ }
+ },
+ {
+ "name": "2.3",
+ "annotations": {
+ "openshift.io/display-name": "Ruby 2.3",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run Ruby 2.3 applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-ruby-container/blob/master/2.3/README.md.",
+ "iconClass": "icon-ruby",
+ "tags": "builder,ruby",
+ "supports": "ruby:2.3,ruby",
+ "version": "2.3",
+ "sampleRepo": "https://github.com/openshift/ruby-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "centos/ruby-23-centos7:latest"
+ }
+ },
+ {
+ "name": "2.4",
+ "annotations": {
+ "openshift.io/display-name": "Ruby 2.4",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run Ruby 2.4 applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-ruby-container/blob/master/2.4/README.md.",
+ "iconClass": "icon-ruby",
+ "tags": "builder,ruby",
+ "supports": "ruby:2.4,ruby",
+ "version": "2.4",
+ "sampleRepo": "https://github.com/openshift/ruby-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "centos/ruby-24-centos7:latest"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "nodejs",
+ "annotations": {
+ "openshift.io/display-name": "Node.js"
+ }
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "latest",
+ "annotations": {
+ "openshift.io/display-name": "Node.js (Latest)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run Node.js applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-nodejs-container/blob/master/4/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of Node.js available on OpenShift, including major versions updates.",
+ "iconClass": "icon-nodejs",
+ "tags": "builder,nodejs",
+ "supports":"nodejs",
+ "sampleRepo": "https://github.com/openshift/nodejs-ex.git"
+ },
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "6"
+ }
+ },
+ {
+ "name": "0.10",
+ "annotations": {
+ "openshift.io/display-name": "Node.js 0.10",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "DEPRECATED: Build and run Node.js 0.10 applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-nodejs-container/blob/master/0.10/README.md.",
+ "iconClass": "icon-nodejs",
+ "tags": "hidden,nodejs",
+ "supports":"nodejs:0.10,nodejs:0.1,nodejs",
+ "version": "0.10",
+ "sampleRepo": "https://github.com/openshift/nodejs-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "openshift/nodejs-010-centos7:latest"
+ }
+ },
+ {
+ "name": "4",
+ "annotations": {
+ "openshift.io/display-name": "Node.js 4",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run Node.js 4 applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-nodejs-container/blob/master/4/README.md.",
+ "iconClass": "icon-nodejs",
+ "tags": "builder,nodejs",
+ "supports":"nodejs:4,nodejs",
+ "version": "4",
+ "sampleRepo": "https://github.com/openshift/nodejs-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "centos/nodejs-4-centos7:latest"
+ }
+ },
+ {
+ "name": "6",
+ "annotations": {
+ "openshift.io/display-name": "Node.js 6",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run Node.js 6 applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-nodejs-container/blob/master/6/README.md.",
+ "iconClass": "icon-nodejs",
+ "tags": "builder,nodejs",
+ "supports":"nodejs:6,nodejs",
+ "version": "6",
+ "sampleRepo": "https://github.com/openshift/nodejs-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "centos/nodejs-6-centos7:latest"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "perl",
+ "annotations": {
+ "openshift.io/display-name": "Perl"
+ }
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "latest",
+ "annotations": {
+ "openshift.io/display-name": "Perl (Latest)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run Perl applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-perl-container/blob/master/5.20/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of Perl available on OpenShift, including major versions updates.",
+ "iconClass": "icon-perl",
+ "tags": "builder,perl",
+ "supports":"perl",
+ "sampleRepo": "https://github.com/openshift/dancer-ex.git"
+ },
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "5.24"
+ }
+ },
+ {
+ "name": "5.16",
+ "annotations": {
+ "openshift.io/display-name": "Perl 5.16",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run Perl 5.16 applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-perl-container/blob/master/5.16/README.md.",
+ "iconClass": "icon-perl",
+ "tags": "hidden,builder,perl",
+ "supports":"perl:5.16,perl",
+ "version": "5.16",
+ "sampleRepo": "https://github.com/openshift/dancer-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "openshift/perl-516-centos7:latest"
+ }
+ },
+ {
+ "name": "5.20",
+ "annotations": {
+ "openshift.io/display-name": "Perl 5.20",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run Perl 5.20 applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-perl-container/blob/master/5.20/README.md.",
+ "iconClass": "icon-perl",
+ "tags": "builder,perl",
+ "supports":"perl:5.20,perl",
+ "version": "5.20",
+ "sampleRepo": "https://github.com/openshift/dancer-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "centos/perl-520-centos7:latest"
+ }
+ },
+ {
+ "name": "5.24",
+ "annotations": {
+ "openshift.io/display-name": "Perl 5.24",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run Perl 5.24 applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-perl-container/blob/master/5.24/README.md.",
+ "iconClass": "icon-perl",
+ "tags": "builder,perl",
+ "supports":"perl:5.24,perl",
+ "version": "5.24",
+ "sampleRepo": "https://github.com/openshift/dancer-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "centos/perl-524-centos7:latest"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "php",
+ "annotations": {
+ "openshift.io/display-name": "PHP"
+ }
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "latest",
+ "annotations": {
+ "openshift.io/display-name": "PHP (Latest)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run PHP applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-php-container/blob/master/5.6/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of PHP available on OpenShift, including major versions updates.",
+ "iconClass": "icon-php",
+ "tags": "builder,php",
+ "supports":"php",
+ "sampleRepo": "https://github.com/openshift/cakephp-ex.git"
+ },
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "7.0"
+ }
+ },
+ {
+ "name": "5.5",
+ "annotations": {
+ "openshift.io/display-name": "PHP 5.5",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run PHP 5.5 applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-php-container/blob/master/5.5/README.md.",
+ "iconClass": "icon-php",
+ "tags": "hidden,builder,php",
+ "supports":"php:5.5,php",
+ "version": "5.5",
+ "sampleRepo": "https://github.com/openshift/cakephp-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "openshift/php-55-centos7:latest"
+ }
+ },
+ {
+ "name": "5.6",
+ "annotations": {
+ "openshift.io/display-name": "PHP 5.6",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run PHP 5.6 applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-php-container/blob/master/5.6/README.md.",
+ "iconClass": "icon-php",
+ "tags": "builder,php",
+ "supports":"php:5.6,php",
+ "version": "5.6",
+ "sampleRepo": "https://github.com/openshift/cakephp-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "centos/php-56-centos7:latest"
+ }
+ },
+ {
+ "name": "7.0",
+ "annotations": {
+ "openshift.io/display-name": "PHP 7.0",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run PHP 7.0 applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-php-container/blob/master/7.0/README.md.",
+ "iconClass": "icon-php",
+ "tags": "builder,php",
+ "supports":"php:7.0,php",
+ "version": "7.0",
+ "sampleRepo": "https://github.com/openshift/cakephp-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "centos/php-70-centos7:latest"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "python",
+ "annotations": {
+ "openshift.io/display-name": "Python"
+ }
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "latest",
+ "annotations": {
+ "openshift.io/display-name": "Python (Latest)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run Python applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-python-container/blob/master/3.5/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of Python available on OpenShift, including major versions updates.",
+ "iconClass": "icon-python",
+ "tags": "builder,python",
+ "supports":"python",
+ "sampleRepo": "https://github.com/openshift/django-ex.git"
+ },
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "3.5"
+ }
+ },
+ {
+ "name": "3.3",
+ "annotations": {
+ "openshift.io/display-name": "Python 3.3",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run Python 3.3 applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-python-container/blob/master/3.3/README.md.",
+ "iconClass": "icon-python",
+ "tags": "hidden,builder,python",
+ "supports":"python:3.3,python",
+ "version": "3.3",
+ "sampleRepo": "https://github.com/openshift/django-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "openshift/python-33-centos7:latest"
+ }
+ },
+ {
+ "name": "2.7",
+ "annotations": {
+ "openshift.io/display-name": "Python 2.7",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run Python 2.7 applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-python-container/blob/master/2.7/README.md.",
+ "iconClass": "icon-python",
+ "tags": "builder,python",
+ "supports":"python:2.7,python",
+ "version": "2.7",
+ "sampleRepo": "https://github.com/openshift/django-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "centos/python-27-centos7:latest"
+ }
+ },
+ {
+ "name": "3.4",
+ "annotations": {
+ "openshift.io/display-name": "Python 3.4",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run Python 3.4 applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-python-container/blob/master/3.4/README.md.",
+ "iconClass": "icon-python",
+ "tags": "builder,python",
+ "supports":"python:3.4,python",
+ "version": "3.4",
+ "sampleRepo": "https://github.com/openshift/django-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "centos/python-34-centos7:latest"
+ }
+ },
+ {
+ "name": "3.5",
+ "annotations": {
+ "openshift.io/display-name": "Python 3.5",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run Python 3.5 applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-python-container/blob/master/3.5/README.md.",
+ "iconClass": "icon-python",
+ "tags": "builder,python",
+ "supports":"python:3.5,python",
+ "version": "3.5",
+ "sampleRepo": "https://github.com/openshift/django-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "centos/python-35-centos7:latest"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "wildfly",
+ "annotations": {
+ "openshift.io/display-name": "WildFly"
+ }
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "latest",
+ "annotations": {
+ "openshift.io/display-name": "WildFly (Latest)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run WildFly applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/openshift-s2i/s2i-wildfly/blob/master/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of WildFly available on OpenShift, including major versions updates.",
+ "iconClass": "icon-wildfly",
+ "tags": "builder,wildfly,java",
+ "supports":"jee,java",
+ "sampleRepo": "https://github.com/openshift/openshift-jee-sample.git"
+ },
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "10.1"
+ }
+ },
+ {
+ "name": "8.1",
+ "annotations": {
+ "openshift.io/display-name": "WildFly 8.1",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run WildFly 8.1 applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/openshift-s2i/s2i-wildfly/blob/master/README.md.",
+ "iconClass": "icon-wildfly",
+ "tags": "builder,wildfly,java",
+ "supports":"wildfly:8.1,jee,java",
+ "version": "8.1",
+ "sampleRepo": "https://github.com/openshift/openshift-jee-sample.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "openshift/wildfly-81-centos7:latest"
+ }
+ },
+ {
+ "name": "9.0",
+ "annotations": {
+ "openshift.io/display-name": "WildFly 9.0",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run WildFly 9.0 applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/openshift-s2i/s2i-wildfly/blob/master/README.md.",
+ "iconClass": "icon-wildfly",
+ "tags": "builder,wildfly,java",
+ "supports":"wildfly:9.0,jee,java",
+ "version": "9.0",
+ "sampleRepo": "https://github.com/openshift/openshift-jee-sample.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "openshift/wildfly-90-centos7:latest"
+ }
+ },
+ {
+ "name": "10.0",
+ "annotations": {
+ "openshift.io/display-name": "WildFly 10.0",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run WildFly 10.0 applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/openshift-s2i/s2i-wildfly/blob/master/README.md.",
+ "iconClass": "icon-wildfly",
+ "tags": "builder,wildfly,java",
+ "supports":"wildfly:10.0,jee,java",
+ "version": "10.0",
+ "sampleRepo": "https://github.com/openshift/openshift-jee-sample.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "openshift/wildfly-100-centos7:latest"
+ }
+ },
+ {
+ "name": "10.1",
+ "annotations": {
+ "openshift.io/display-name": "WildFly 10.1",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run WildFly 10.1 applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/openshift-s2i/s2i-wildfly/blob/master/README.md.",
+ "iconClass": "icon-wildfly",
+ "tags": "builder,wildfly,java",
+ "supports":"wildfly:10.1,jee,java",
+ "version": "10.1",
+ "sampleRepo": "https://github.com/openshift/openshift-jee-sample.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "openshift/wildfly-101-centos7:latest"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "mysql",
+ "annotations": {
+ "openshift.io/display-name": "MySQL"
+ }
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "latest",
+ "annotations": {
+ "openshift.io/display-name": "MySQL (Latest)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Provides a MySQL database on CentOS 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/mysql-container/tree/master/5.6/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of MySQL available on OpenShift, including major versions updates.",
+ "iconClass": "icon-mysql-database",
+ "tags": "mysql"
+ },
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "5.7"
+ }
+ },
+ {
+ "name": "5.5",
+ "annotations": {
+ "openshift.io/display-name": "MySQL 5.5",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Provides a MySQL 5.5 database on CentOS 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/mysql-container/tree/master/5.5/README.md.",
+ "iconClass": "icon-mysql-database",
+ "tags": "hidden,mysql",
+ "version": "5.5"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "openshift/mysql-55-centos7:latest"
+ }
+ },
+ {
+ "name": "5.6",
+ "annotations": {
+ "openshift.io/display-name": "MySQL 5.6",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Provides a MySQL 5.6 database on CentOS 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/mysql-container/tree/master/5.6/README.md.",
+ "iconClass": "icon-mysql-database",
+ "tags": "mysql",
+ "version": "5.6"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "centos/mysql-56-centos7:latest"
+ }
+ },
+ {
+ "name": "5.7",
+ "annotations": {
+ "openshift.io/display-name": "MySQL 5.7",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Provides a MySQL 5.7 database on CentOS 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/mysql-container/tree/master/5.7/README.md.",
+ "iconClass": "icon-mysql-database",
+ "tags": "mysql",
+ "version": "5.7"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "centos/mysql-57-centos7:latest"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "mariadb",
+ "annotations": {
+ "openshift.io/display-name": "MariaDB"
+ }
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "latest",
+ "annotations": {
+ "openshift.io/display-name": "MariaDB (Latest)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Provides a MariaDB database on CentOS 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/mariadb-container/tree/master/10.1/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of MariaDB available on OpenShift, including major versions updates.",
+ "iconClass": "icon-mariadb",
+ "tags": "mariadb"
+ },
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "10.1"
+ }
+ },
+ {
+ "name": "10.1",
+ "annotations": {
+ "openshift.io/display-name": "MariaDB 10.1",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Provides a MariaDB 10.1 database on CentOS 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/mariadb-container/tree/master/10.1/README.md.",
+ "iconClass": "icon-mariadb",
+ "tags": "mariadb",
+ "version": "10.1"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "centos/mariadb-101-centos7:latest"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "postgresql",
+ "annotations": {
+ "openshift.io/display-name": "PostgreSQL"
+ }
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "latest",
+ "annotations": {
+ "openshift.io/display-name": "PostgreSQL (Latest)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Provides a PostgreSQL database on CentOS 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/postgresql-container/tree/master/9.5.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of PostgreSQL available on OpenShift, including major versions updates.",
+ "iconClass": "icon-postgresql",
+ "tags": "postgresql"
+ },
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "9.5"
+ }
+ },
+ {
+ "name": "9.2",
+ "annotations": {
+ "openshift.io/display-name": "PostgreSQL 9.2",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Provides a PostgreSQL 9.2 database on CentOS 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/postgresql-container/tree/master/9.2.",
+ "iconClass": "icon-postgresql",
+ "tags": "hidden,postgresql",
+ "version": "9.2"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "openshift/postgresql-92-centos7:latest"
+ }
+ },
+ {
+ "name": "9.4",
+ "annotations": {
+ "openshift.io/display-name": "PostgreSQL 9.4",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Provides a PostgreSQL 9.4 database on CentOS 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/postgresql-container/tree/master/9.4.",
+ "iconClass": "icon-postgresql",
+ "tags": "postgresql",
+ "version": "9.4"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "centos/postgresql-94-centos7:latest"
+ }
+ },
+ {
+ "name": "9.5",
+ "annotations": {
+ "openshift.io/display-name": "PostgreSQL 9.5",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Provides a PostgreSQL 9.5 database on CentOS 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/postgresql-container/tree/master/9.5.",
+ "iconClass": "icon-postgresql",
+ "tags": "postgresql",
+ "version": "9.5"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "centos/postgresql-95-centos7:latest"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "mongodb",
+ "annotations": {
+ "openshift.io/display-name": "MongoDB"
+ }
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "latest",
+ "annotations": {
+ "openshift.io/display-name": "MongoDB (Latest)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Provides a MongoDB database on CentOS 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/mongodb-container/tree/master/3.2/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of MongoDB available on OpenShift, including major versions updates.",
+ "iconClass": "icon-mongodb",
+ "tags": "mongodb"
+ },
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "3.2"
+ }
+ },
+ {
+ "name": "2.4",
+ "annotations": {
+ "openshift.io/display-name": "MongoDB 2.4",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Provides a MongoDB 2.4 database on CentOS 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/mongodb-container/tree/master/2.4/README.md.",
+ "iconClass": "icon-mongodb",
+ "tags": "hidden,mongodb",
+ "version": "2.4"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "openshift/mongodb-24-centos7:latest"
+ }
+ },
+ {
+ "name": "2.6",
+ "annotations": {
+ "openshift.io/display-name": "MongoDB 2.6",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Provides a MongoDB 2.6 database on CentOS 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/mongodb-container/tree/master/2.6/README.md.",
+ "iconClass": "icon-mongodb",
+ "tags": "mongodb",
+ "version": "2.6"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "centos/mongodb-26-centos7:latest"
+ }
+ },
+ {
+ "name": "3.2",
+ "annotations": {
+ "openshift.io/display-name": "MongoDB 3.2",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Provides a MongoDB 3.2 database on CentOS 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/mongodb-container/tree/master/3.2/README.md.",
+ "iconClass": "icon-mongodb",
+ "tags": "mongodb",
+ "version": "3.2"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "centos/mongodb-32-centos7:latest"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "redis",
+ "annotations": {
+ "openshift.io/display-name": "Redis"
+ }
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "latest",
+ "annotations": {
+ "openshift.io/display-name": "Redis (Latest)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Provides a Redis database on CentOS 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/redis-container/tree/master/3.2/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of Redis available on OpenShift, including major versions updates.",
+ "iconClass": "icon-redis",
+ "tags": "redis"
+ },
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "3.2"
+ }
+ },
+ {
+ "name": "3.2",
+ "annotations": {
+ "openshift.io/display-name": "Redis 3.2",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Provides a Redis 3.2 database on CentOS 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/redis-container/tree/master/3.2/README.md.",
+ "iconClass": "icon-redis",
+ "tags": "redis",
+ "version": "3.2"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "centos/redis-32-centos7:latest"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jenkins",
+ "annotations": {
+ "openshift.io/display-name": "Jenkins"
+ }
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "latest",
+ "annotations": {
+ "openshift.io/display-name": "Jenkins (Latest)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Provides a Jenkins server on CentOS 7. For more information about using this container image, including OpenShift considerations, see https://github.com/openshift/jenkins/blob/master/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of Jenkins available on OpenShift, including major versions updates.",
+ "iconClass": "icon-jenkins",
+ "tags": "jenkins"
+ },
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "2"
+ }
+ },
+ {
+ "name": "1",
+ "annotations": {
+ "openshift.io/display-name": "Jenkins 1.X",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Provides a Jenkins 1.X server on CentOS 7. For more information about using this container image, including OpenShift considerations, see https://github.com/openshift/jenkins/blob/master/README.md.",
+ "iconClass": "icon-jenkins",
+ "tags": "hidden,jenkins",
+ "version": "1.x"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "openshift/jenkins-1-centos7:latest"
+ }
+ },
+ {
+ "name": "2",
+ "annotations": {
+ "openshift.io/display-name": "Jenkins 2.X",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Provides a Jenkins v2.x server on CentOS 7. For more information about using this container image, including OpenShift considerations, see https://github.com/openshift/jenkins/blob/master/README.md.",
+ "iconClass": "icon-jenkins",
+ "tags": "jenkins",
+ "version": "2.x"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "openshift/jenkins-2-centos7:latest"
+ }
+ }
+ ]
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/image-streams/image-streams-rhel7.json b/roles/openshift_examples/files/examples/v3.9/image-streams/image-streams-rhel7.json
new file mode 100644
index 000000000..2b082fc75
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/image-streams/image-streams-rhel7.json
@@ -0,0 +1,856 @@
+{
+ "kind": "ImageStreamList",
+ "apiVersion": "v1",
+ "metadata": {},
+ "items": [
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "httpd",
+ "annotations": {
+ "openshift.io/display-name": "Apache HTTP Server (httpd)"
+ }
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "latest",
+ "annotations": {
+ "openshift.io/display-name": "Apache HTTP Server (Latest)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and serve static content via Apache HTTP Server (httpd) on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/httpd-container/blob/master/2.4/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of Httpd available on OpenShift, including major versions updates.",
+ "iconClass": "icon-apache",
+ "tags": "builder,httpd",
+ "supports":"httpd",
+ "sampleRepo": "https://github.com/openshift/httpd-ex.git"
+ },
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "2.4"
+ }
+ },
+ {
+ "name": "2.4",
+ "annotations": {
+ "openshift.io/display-name": "Apache HTTP Server 2.4",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and serve static content via Apache HTTP Server (httpd) 2.4 on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/httpd-container/blob/master/2.4/README.md.",
+ "iconClass": "icon-apache",
+ "tags": "builder,httpd",
+ "supports":"httpd",
+ "version": "2.4",
+ "sampleRepo": "https://github.com/openshift/httpd-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/rhscl/httpd-24-rhel7"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "ruby",
+ "annotations": {
+ "openshift.io/display-name": "Ruby"
+ }
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "latest",
+ "annotations": {
+ "openshift.io/display-name": "Ruby (Latest)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run Ruby applications on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-ruby-container/tree/master/2.3/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of Ruby available on OpenShift, including major versions updates.",
+ "iconClass": "icon-ruby",
+ "tags": "builder,ruby",
+ "supports": "ruby",
+ "sampleRepo": "https://github.com/openshift/ruby-ex.git"
+ },
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "2.4"
+ }
+ },
+ {
+ "name": "2.0",
+ "annotations": {
+ "openshift.io/display-name": "Ruby 2.0",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run Ruby 2.0 applications on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-ruby-container/tree/master/2.0/README.md.",
+ "iconClass": "icon-ruby",
+ "tags": "hidden,builder,ruby",
+ "supports": "ruby:2.0,ruby",
+ "version": "2.0",
+ "sampleRepo": "https://github.com/openshift/ruby-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/openshift3/ruby-20-rhel7:latest"
+ }
+ },
+ {
+ "name": "2.2",
+ "annotations": {
+ "openshift.io/display-name": "Ruby 2.2",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run Ruby 2.2 applications on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-ruby-container/tree/master/2.2/README.md.",
+ "iconClass": "icon-ruby",
+ "tags": "builder,ruby",
+ "supports": "ruby:2.2,ruby",
+ "version": "2.2",
+ "sampleRepo": "https://github.com/openshift/ruby-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/rhscl/ruby-22-rhel7:latest"
+ }
+ },
+ {
+ "name": "2.3",
+ "annotations": {
+ "openshift.io/display-name": "Ruby 2.3",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run Ruby 2.3 applications on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-ruby-container/blob/master/2.3/README.md.",
+ "iconClass": "icon-ruby",
+ "tags": "builder,ruby",
+ "supports": "ruby:2.3,ruby",
+ "version": "2.3",
+ "sampleRepo": "https://github.com/openshift/ruby-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/rhscl/ruby-23-rhel7:latest"
+ }
+ },
+ {
+ "name": "2.4",
+ "annotations": {
+ "openshift.io/display-name": "Ruby 2.4",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run Ruby 2.4 applications on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-ruby-container/blob/master/2.4/README.md.",
+ "iconClass": "icon-ruby",
+ "tags": "builder,ruby",
+ "supports": "ruby:2.4,ruby",
+ "version": "2.4",
+ "sampleRepo": "https://github.com/openshift/ruby-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/rhscl/ruby-24-rhel7:latest"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "nodejs",
+ "annotations": {
+ "openshift.io/display-name": "Node.js"
+ }
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "latest",
+ "annotations": {
+ "openshift.io/display-name": "Node.js (Latest)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run Node.js applications on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-nodejs-container/blob/master/4/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of Node.js available on OpenShift, including major versions updates.",
+ "iconClass": "icon-nodejs",
+ "tags": "builder,nodejs",
+ "supports":"nodejs",
+ "sampleRepo": "https://github.com/openshift/nodejs-ex.git"
+ },
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "6"
+ }
+ },
+ {
+ "name": "0.10",
+ "annotations": {
+ "openshift.io/display-name": "Node.js 0.10",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "DEPRECATED: Build and run Node.js 0.10 applications on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-nodejs-container/blob/master/0.10/README.md.",
+ "iconClass": "icon-nodejs",
+ "tags": "hidden,nodejs",
+ "supports":"nodejs:0.10,nodejs:0.1,nodejs",
+ "version": "0.10",
+ "sampleRepo": "https://github.com/openshift/nodejs-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/openshift3/nodejs-010-rhel7:latest"
+ }
+ },
+ {
+ "name": "4",
+ "annotations": {
+ "openshift.io/display-name": "Node.js 4",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run Node.js 4 applications on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-nodejs-container/blob/master/4/README.md.",
+ "iconClass": "icon-nodejs",
+ "tags": "builder,nodejs",
+ "supports":"nodejs:4,nodejs",
+ "version": "4",
+ "sampleRepo": "https://github.com/openshift/nodejs-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/rhscl/nodejs-4-rhel7:latest"
+ }
+ },
+ {
+ "name": "6",
+ "annotations": {
+ "openshift.io/display-name": "Node.js 6",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run Node.js 6 applications on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-nodejs-container.",
+ "iconClass": "icon-nodejs",
+ "tags": "builder,nodejs",
+ "supports":"nodejs:6,nodejs",
+ "version": "6",
+ "sampleRepo": "https://github.com/openshift/nodejs-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/rhscl/nodejs-6-rhel7:latest"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "perl",
+ "annotations": {
+ "openshift.io/display-name": "Perl"
+ }
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "latest",
+ "annotations": {
+ "openshift.io/display-name": "Perl (Latest)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run Perl applications on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-perl-container/blob/master/5.20/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of Perl available on OpenShift, including major versions updates.",
+ "iconClass": "icon-perl",
+ "tags": "builder,perl",
+ "supports":"perl",
+ "sampleRepo": "https://github.com/openshift/dancer-ex.git"
+ },
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "5.24"
+ }
+ },
+ {
+ "name": "5.16",
+ "annotations": {
+ "openshift.io/display-name": "Perl 5.16",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run Perl 5.16 applications on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-perl-container/blob/master/5.16/README.md.",
+ "iconClass": "icon-perl",
+ "tags": "hidden,builder,perl",
+ "supports":"perl:5.16,perl",
+ "version": "5.16",
+ "sampleRepo": "https://github.com/openshift/dancer-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/openshift3/perl-516-rhel7:latest"
+ }
+ },
+ {
+ "name": "5.20",
+ "annotations": {
+ "openshift.io/display-name": "Perl 5.20",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run Perl 5.20 applications on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-perl-container/blob/master/5.20/README.md.",
+ "iconClass": "icon-perl",
+ "tags": "builder,perl",
+ "supports":"perl:5.20,perl",
+ "version": "5.20",
+ "sampleRepo": "https://github.com/openshift/dancer-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/rhscl/perl-520-rhel7:latest"
+ }
+ },
+ {
+ "name": "5.24",
+ "annotations": {
+ "openshift.io/display-name": "Perl 5.24",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run Perl 5.24 applications on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-perl-container/blob/master/5.24/README.md.",
+ "iconClass": "icon-perl",
+ "tags": "builder,perl",
+ "supports":"perl:5.24,perl",
+ "version": "5.24",
+ "sampleRepo": "https://github.com/openshift/dancer-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/rhscl/perl-524-rhel7:latest"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "php",
+ "annotations": {
+ "openshift.io/display-name": "PHP"
+ }
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "latest",
+ "annotations": {
+ "openshift.io/display-name": "PHP (Latest)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run PHP applications on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-php-container/blob/master/5.6/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of PHP available on OpenShift, including major versions updates.",
+ "iconClass": "icon-php",
+ "tags": "builder,php",
+ "supports":"php",
+ "sampleRepo": "https://github.com/openshift/cakephp-ex.git"
+ },
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "7.0"
+ }
+ },
+ {
+ "name": "5.5",
+ "annotations": {
+ "openshift.io/display-name": "PHP 5.5",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run PHP 5.5 applications on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-php-container/blob/master/5.5/README.md.",
+ "iconClass": "icon-php",
+ "tags": "hidden,builder,php",
+ "supports":"php:5.5,php",
+ "version": "5.5",
+ "sampleRepo": "https://github.com/openshift/cakephp-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/openshift3/php-55-rhel7:latest"
+ }
+ },
+ {
+ "name": "5.6",
+ "annotations": {
+ "openshift.io/display-name": "PHP 5.6",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run PHP 5.6 applications on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-php-container/blob/master/5.6/README.md.",
+ "iconClass": "icon-php",
+ "tags": "builder,php",
+ "supports":"php:5.6,php",
+ "version": "5.6",
+ "sampleRepo": "https://github.com/openshift/cakephp-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/rhscl/php-56-rhel7:latest"
+ }
+ },
+ {
+ "name": "7.0",
+ "annotations": {
+ "openshift.io/display-name": "PHP 7.0",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run PHP 7.0 applications on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-php-container/blob/master/7.0/README.md.",
+ "iconClass": "icon-php",
+ "tags": "builder,php",
+ "supports":"php:7.0,php",
+ "version": "7.0",
+ "sampleRepo": "https://github.com/openshift/cakephp-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/rhscl/php-70-rhel7:latest"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "python",
+ "annotations": {
+ "openshift.io/display-name": "Python"
+ }
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "latest",
+ "annotations": {
+ "openshift.io/display-name": "Python (Latest)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run Python applications on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-python-container/blob/master/3.5/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of Python available on OpenShift, including major versions updates.",
+ "iconClass": "icon-python",
+ "tags": "builder,python",
+ "supports":"python",
+ "sampleRepo": "https://github.com/openshift/django-ex.git"
+ },
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "3.5"
+ }
+ },
+ {
+ "name": "3.3",
+ "annotations": {
+ "openshift.io/display-name": "Python 3.3",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run Python 3.3 applications on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-python-container/blob/master/3.3/README.md.",
+ "iconClass": "icon-python",
+ "tags": "hidden,builder,python",
+ "supports":"python:3.3,python",
+ "version": "3.3",
+ "sampleRepo": "https://github.com/openshift/django-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/openshift3/python-33-rhel7:latest"
+ }
+ },
+ {
+ "name": "2.7",
+ "annotations": {
+ "openshift.io/display-name": "Python 2.7",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run Python 2.7 applications on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-python-container/blob/master/2.7/README.md.",
+ "iconClass": "icon-python",
+ "tags": "builder,python",
+ "supports":"python:2.7,python",
+ "version": "2.7",
+ "sampleRepo": "https://github.com/openshift/django-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/rhscl/python-27-rhel7:latest"
+ }
+ },
+ {
+ "name": "3.4",
+ "annotations": {
+ "openshift.io/display-name": "Python 3.4",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run Python 3.4 applications on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-python-container/blob/master/3.4/README.md.",
+ "iconClass": "icon-python",
+ "tags": "builder,python",
+ "supports":"python:3.4,python",
+ "version": "3.4",
+ "sampleRepo": "https://github.com/openshift/django-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/rhscl/python-34-rhel7:latest"
+ }
+ },
+ {
+ "name": "3.5",
+ "annotations": {
+ "openshift.io/display-name": "Python 3.5",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Build and run Python 3.5 applications on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-python-container/blob/master/3.5/README.md.",
+ "iconClass": "icon-python",
+ "tags": "builder,python",
+ "supports":"python:3.5,python",
+ "version": "3.5",
+ "sampleRepo": "https://github.com/openshift/django-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/rhscl/python-35-rhel7:latest"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "mysql",
+ "annotations": {
+ "openshift.io/display-name": "MySQL"
+ }
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "latest",
+ "annotations": {
+ "openshift.io/display-name": "MySQL (Latest)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Provides a MySQL database on RHEL 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/mysql-container/tree/master/5.6/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of MySQL available on OpenShift, including major versions updates.",
+ "iconClass": "icon-mysql-database",
+ "tags": "mysql"
+ },
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "5.7"
+ }
+ },
+ {
+ "name": "5.5",
+ "annotations": {
+ "openshift.io/display-name": "MySQL 5.5",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Provides a MySQL 5.5 database on RHEL 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/mysql-container/tree/master/5.5/README.md.",
+ "iconClass": "icon-mysql-database",
+ "tags": "hidden,mysql",
+ "version": "5.5"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/openshift3/mysql-55-rhel7:latest"
+ }
+ },
+ {
+ "name": "5.6",
+ "annotations": {
+ "openshift.io/display-name": "MySQL 5.6",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Provides a MySQL 5.6 database on RHEL 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/mysql-container/tree/master/5.6/README.md.",
+ "iconClass": "icon-mysql-database",
+ "tags": "mysql",
+ "version": "5.6"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/rhscl/mysql-56-rhel7:latest"
+ }
+ },
+ {
+ "name": "5.7",
+ "annotations": {
+ "openshift.io/display-name": "MySQL 5.7",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Provides a MySQL 5.7 database on RHEL 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/mysql-container/tree/master/5.7/README.md.",
+ "iconClass": "icon-mysql-database",
+ "tags": "mysql",
+ "version": "5.7"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/rhscl/mysql-57-rhel7:latest"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "mariadb",
+ "annotations": {
+ "openshift.io/display-name": "MariaDB"
+ }
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "latest",
+ "annotations": {
+ "openshift.io/display-name": "MariaDB (Latest)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Provides a MariaDB database on RHEL 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/mariadb-container/tree/master/10.1/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of MariaDB available on OpenShift, including major versions updates.",
+ "iconClass": "icon-mariadb",
+ "tags": "mariadb"
+ },
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "10.1"
+ }
+ },
+ {
+ "name": "10.1",
+ "annotations": {
+ "openshift.io/display-name": "MariaDB 10.1",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Provides a MariaDB 10.1 database on RHEL 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/mariadb-container/tree/master/10.1/README.md.",
+ "iconClass": "icon-mariadb",
+ "tags": "mariadb",
+ "version": "10.1"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/rhscl/mariadb-101-rhel7:latest"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "postgresql",
+ "annotations": {
+ "openshift.io/display-name": "PostgreSQL"
+ }
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "latest",
+ "annotations": {
+ "openshift.io/display-name": "PostgreSQL (Latest)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Provides a PostgreSQL database on RHEL 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/postgresql-container/tree/master/9.5.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of PostgreSQL available on OpenShift, including major versions updates.",
+ "iconClass": "icon-postgresql",
+ "tags": "postgresql"
+ },
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "9.5"
+ }
+ },
+ {
+ "name": "9.2",
+ "annotations": {
+ "openshift.io/display-name": "PostgreSQL 9.2",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Provides a PostgreSQL 9.2 database on RHEL 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/postgresql-container/tree/master/9.2.",
+ "iconClass": "icon-postgresql",
+ "tags": "hidden,postgresql",
+ "version": "9.2"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/openshift3/postgresql-92-rhel7:latest"
+ }
+ },
+ {
+ "name": "9.4",
+ "annotations": {
+ "openshift.io/display-name": "PostgreSQL 9.4",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Provides a PostgreSQL 9.4 database on RHEL 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/postgresql-container/tree/master/9.4.",
+ "iconClass": "icon-postgresql",
+ "tags": "postgresql",
+ "version": "9.4"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/rhscl/postgresql-94-rhel7:latest"
+ }
+ },
+ {
+ "name": "9.5",
+ "annotations": {
+ "openshift.io/display-name": "PostgreSQL 9.5",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Provides a PostgreSQL 9.5 database on RHEL 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/postgresql-container/tree/master/9.5.",
+ "iconClass": "icon-postgresql",
+ "tags": "postgresql",
+ "version": "9.5"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/rhscl/postgresql-95-rhel7:latest"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "mongodb",
+ "annotations": {
+ "openshift.io/display-name": "MongoDB"
+ }
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "latest",
+ "annotations": {
+ "openshift.io/display-name": "MongoDB (Latest)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Provides a MongoDB database on RHEL 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/mongodb-container/tree/master/3.2/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of MongoDB available on OpenShift, including major versions updates.",
+ "iconClass": "icon-mongodb",
+ "tags": "mongodb"
+ },
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "3.2"
+ }
+ },
+ {
+ "name": "2.4",
+ "annotations": {
+ "openshift.io/display-name": "MongoDB 2.4",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Provides a MongoDB 2.4 database on RHEL 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/mongodb-container/tree/master/2.4/README.md.",
+ "iconClass": "icon-mongodb",
+ "tags": "hidden,mongodb",
+ "version": "2.4"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/openshift3/mongodb-24-rhel7:latest"
+ }
+ },
+ {
+ "name": "2.6",
+ "annotations": {
+ "openshift.io/display-name": "MongoDB 2.6",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Provides a MongoDB 2.6 database on RHEL 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/mongodb-container/tree/master/2.6/README.md.",
+ "iconClass": "icon-mongodb",
+ "tags": "mongodb",
+ "version": "2.6"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/rhscl/mongodb-26-rhel7:latest"
+ }
+ },
+ {
+ "name": "3.2",
+ "annotations": {
+ "openshift.io/display-name": "MongoDB 3.2",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Provides a MongoDB 3.2 database on RHEL 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/mongodb-container/tree/master/3.2/README.md.",
+ "iconClass": "icon-mongodb",
+ "tags": "mongodb",
+ "version": "3.2"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/rhscl/mongodb-32-rhel7:latest"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "redis",
+ "annotations": {
+ "openshift.io/display-name": "Redis"
+ }
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "latest",
+ "annotations": {
+ "openshift.io/display-name": "Redis (Latest)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Provides a Redis database on RHEL 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/redis-container/tree/master/3.2/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of Redis available on OpenShift, including major versions updates.",
+ "iconClass": "icon-redis",
+ "tags": "redis"
+ },
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "3.2"
+ }
+ },
+ {
+ "name": "3.2",
+ "annotations": {
+ "openshift.io/display-name": "Redis 3.2",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Provides a Redis 3.2 database on RHEL 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/redis-container/tree/master/3.2/README.md.",
+ "iconClass": "icon-redis",
+ "tags": "redis",
+ "version": "3.2"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/rhscl/redis-32-rhel7:latest"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jenkins",
+ "annotations": {
+ "openshift.io/display-name": "Jenkins"
+ }
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "latest",
+ "annotations": {
+ "openshift.io/display-name": "Jenkins (Latest)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Provides a Jenkins server on RHEL 7. For more information about using this container image, including OpenShift considerations, see https://github.com/openshift/jenkins/blob/master/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of Jenkins available on OpenShift, including major versions updates.",
+ "iconClass": "icon-jenkins",
+ "tags": "jenkins"
+ },
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "2"
+ }
+ },
+ {
+ "name": "1",
+ "annotations": {
+ "openshift.io/display-name": "Jenkins 1.X",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Provides a Jenkins 1.X server on RHEL 7. For more information about using this container image, including OpenShift considerations, see https://github.com/openshift/jenkins/blob/master/README.md.",
+ "iconClass": "icon-jenkins",
+ "tags": "hidden,jenkins",
+ "version": "1.x"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/openshift3/jenkins-1-rhel7:latest"
+ }
+ },
+ {
+ "name": "2",
+ "annotations": {
+ "openshift.io/display-name": "Jenkins 2.X",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Provides a Jenkins 2.X server on RHEL 7. For more information about using this container image, including OpenShift considerations, see https://github.com/openshift/jenkins/blob/master/README.md.",
+ "iconClass": "icon-jenkins",
+ "tags": "jenkins",
+ "version": "2.x"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/openshift3/jenkins-2-rhel7:latest"
+ }
+ }
+ ]
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/quickstart-templates/OWNERS b/roles/openshift_examples/files/examples/v3.9/quickstart-templates/OWNERS
new file mode 100644
index 000000000..a26e484d6
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/quickstart-templates/OWNERS
@@ -0,0 +1,12 @@
+reviewers:
+ - bparees
+ - gabemontero
+ - coreydaley
+ - dinhxuanvu
+ - sspeiche
+ - mfojtik
+ - jupierce
+approvers:
+ - bparees
+ - mfojtik
+ - jupierce
diff --git a/roles/openshift_examples/files/examples/v3.9/quickstart-templates/README.md b/roles/openshift_examples/files/examples/v3.9/quickstart-templates/README.md
new file mode 100644
index 000000000..6d2ccbf7f
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/quickstart-templates/README.md
@@ -0,0 +1,28 @@
+QuickStarts
+===========
+
+QuickStarts provide the basic skeleton of an application. Generally they
+reference a repository containing very simple source code that implements a
+trivial application using a particular framework. In addition they define any
+components needed for the application including a Build configuration,
+supporting services such as Databases, etc.
+
+You can instantiate these templates as is, or fork the source repository they
+reference and supply your forked repository as the source-repository when
+instantiating them.
+
+* [CakePHP](https://raw.githubusercontent.com/openshift/cakephp-ex/master/openshift/templates/cakephp-mysql.json) - Provides a basic CakePHP application with a MySQL database. For more information see the [source repository](https://github.com/openshift/cakephp-ex).
+* [CakePHP persistent](https://raw.githubusercontent.com/openshift/cakephp-ex/master/openshift/templates/cakephp-mysql-persistent.json) - Provides a basic CakePHP application with a persistent MySQL database. Note: requires available persistent volumes. For more information see the [source repository](https://github.com/openshift/cakephp-ex).
+* [Dancer](https://raw.githubusercontent.com/openshift/dancer-ex/master/openshift/templates/dancer-mysql.json) - Provides a basic Dancer (Perl) application with a MySQL database. For more information see the [source repository](https://github.com/openshift/dancer-ex).
+* [Dancer persistent](https://raw.githubusercontent.com/openshift/dancer-ex/master/openshift/templates/dancer-mysql-persistent.json) - Provides a basic Dancer (Perl) application with a persistent MySQL database. Note: requires available persistent volumes. For more information see the [source repository](https://github.com/openshift/dancer-ex).
+* [Django](https://raw.githubusercontent.com/openshift/django-ex/master/openshift/templates/django-postgresql.json) - Provides a basic Django (Python) application with a PostgreSQL database. For more information see the [source repository](https://github.com/openshift/django-ex).
+* [Django persistent](https://raw.githubusercontent.com/openshift/django-ex/master/openshift/templates/django-postgresql-persistent.json) - Provides a basic Django (Python) application with a persistent PostgreSQL database. Note: requires available persistent volumes. For more information see the [source repository](https://github.com/openshift/django-ex).
+* [Httpd](https://raw.githubusercontent.com/openshift/httpd-ex/master/openshift/templates/httpd.json) - Provides a basic Httpd static content application. For more information see the [source repository](https://github.com/openshift/httpd-ex).
+* [NodeJS](https://raw.githubusercontent.com/openshift/nodejs-ex/master/openshift/templates/nodejs-mongodb.json) - Provides a basic NodeJS application with a MongoDB database. For more information see the [source repository](https://github.com/openshift/nodejs-ex).
+* [NodeJS persistent](https://raw.githubusercontent.com/openshift/nodejs-ex/master/openshift/templates/nodejs-mongodb-persistent.json) - Provides a basic NodeJS application with a persistent MongoDB database. Note: requires available persistent volumes. For more information see the [source repository](https://github.com/openshift/nodejs-ex).
+* [Rails](https://raw.githubusercontent.com/openshift/rails-ex/master/openshift/templates/rails-postgresql.json) - Provides a basic Rails (Ruby) application with a PostgreSQL database. For more information see the [source repository](https://github.com/openshift/rails-ex).
+* [Rails persistent](https://raw.githubusercontent.com/openshift/rails-ex/master/openshift/templates/rails-postgresql-persistent.json) - Provides a basic Rails (Ruby) application with a persistent PostgreSQL database. Note: requires available persistent volumes. For more information see the [source repository](https://github.com/openshift/rails-ex).
+
+Note: This file is processed by `hack/update-external-examples.sh`. New examples
+must follow the exact syntax of the existing entries. Files in this directory
+are automatically pulled down, do not modify/add files to this directory.
diff --git a/roles/openshift_examples/files/examples/v3.9/quickstart-templates/amp.yml b/roles/openshift_examples/files/examples/v3.9/quickstart-templates/amp.yml
new file mode 100644
index 000000000..4e469f6e8
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/quickstart-templates/amp.yml
@@ -0,0 +1,1261 @@
+base_env: &base_env
+- name: RAILS_ENV
+ value: "production"
+- name: DATABASE_URL
+ value: "mysql2://root:${MYSQL_ROOT_PASSWORD}@system-mysql/${MYSQL_DATABASE}"
+- name: FORCE_SSL
+ value: "true"
+- name: THREESCALE_SUPERDOMAIN
+ value: "${WILDCARD_DOMAIN}"
+- name: TENANT_NAME
+ value: "${TENANT_NAME}"
+- name: APICAST_ACCESS_TOKEN
+ value: "${APICAST_ACCESS_TOKEN}"
+- name: ADMIN_ACCESS_TOKEN
+ value: "${ADMIN_ACCESS_TOKEN}"
+- name: PROVIDER_PLAN
+ value: 'enterprise'
+- name: USER_LOGIN
+ value: "${ADMIN_USERNAME}"
+- name: USER_PASSWORD
+ value: "${ADMIN_PASSWORD}"
+- name: RAILS_LOG_TO_STDOUT
+ value: "true"
+- name: RAILS_LOG_LEVEL
+ value: "info"
+- name: THINKING_SPHINX_ADDRESS
+ value: "system-sphinx"
+- name: THINKING_SPHINX_PORT
+ value: "9306"
+- name: THINKING_SPHINX_CONFIGURATION_FILE
+ value: "/tmp/sphinx.conf"
+- name: EVENTS_SHARED_SECRET
+ value: "${SYSTEM_BACKEND_SHARED_SECRET}"
+- name: THREESCALE_SANDBOX_PROXY_OPENSSL_VERIFY_MODE
+ value: "VERIFY_NONE"
+- name: APICAST_BACKEND_ROOT_ENDPOINT
+ value: "https://backend-${TENANT_NAME}.${WILDCARD_DOMAIN}"
+- name: CONFIG_INTERNAL_API_USER
+ value: "${SYSTEM_BACKEND_USERNAME}"
+- name: CONFIG_INTERNAL_API_PASSWORD
+ value: "${SYSTEM_BACKEND_PASSWORD}"
+- name: SECRET_KEY_BASE
+ value: "${SYSTEM_APP_SECRET_KEY_BASE}"
+- name: AMP_RELEASE
+ value: "${AMP_RELEASE}"
+- name: SMTP_ADDRESS
+ valueFrom:
+ configMapKeyRef:
+ name: smtp
+ key: address
+- name: SMTP_USER_NAME
+ valueFrom:
+ configMapKeyRef:
+ name: smtp
+ key: username
+- name: SMTP_PASSWORD
+ valueFrom:
+ configMapKeyRef:
+ name: smtp
+ key: password
+- name: SMTP_DOMAIN
+ valueFrom:
+ configMapKeyRef:
+ name: smtp
+ key: domain
+- name: SMTP_PORT
+ valueFrom:
+ configMapKeyRef:
+ name: smtp
+ key: port
+- name: SMTP_AUTHENTICATION
+ valueFrom:
+ configMapKeyRef:
+ name: smtp
+ key: authentication
+- name: SMTP_OPENSSL_VERIFY_MODE
+ valueFrom:
+ configMapKeyRef:
+ name: smtp
+ key: openssl.verify.mode
+- name: BACKEND_ROUTE
+ value: "https://backend-${TENANT_NAME}.${WILDCARD_DOMAIN}"
+
+apiVersion: v1
+kind: Template
+metadata:
+ name: "system"
+message: "Login on https://${TENANT_NAME}-admin.${WILDCARD_DOMAIN} as ${ADMIN_USERNAME}/${ADMIN_PASSWORD}"
+objects:
+
+- apiVersion: "v1"
+ kind: "PersistentVolumeClaim"
+ metadata:
+ name: "system-storage"
+ spec:
+ accessModes:
+ - "ReadWriteMany"
+ resources:
+ requests:
+ storage: "100Mi"
+
+- apiVersion: "v1"
+ kind: "PersistentVolumeClaim"
+ metadata:
+ name: "mysql-storage"
+ spec:
+ accessModes:
+ - "ReadWriteOnce"
+ resources:
+ requests:
+ storage: "1Gi"
+
+- apiVersion: "v1"
+ kind: "PersistentVolumeClaim"
+ metadata:
+ name: "system-redis-storage"
+ spec:
+ accessModes:
+ - "ReadWriteOnce"
+ resources:
+ requests:
+ storage: "1Gi"
+
+- apiVersion: "v1"
+ kind: "PersistentVolumeClaim"
+ metadata:
+ name: "backend-redis-storage"
+ spec:
+ accessModes:
+ - "ReadWriteOnce"
+ resources:
+ requests:
+ storage: "1Gi"
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: backend-cron
+ spec:
+ replicas: 1
+ selector:
+ name: backend-cron
+ strategy:
+ rollingParams:
+ intervalSeconds: 1
+ maxSurge: 25%
+ maxUnavailable: 25%
+ timeoutSeconds: 600
+ updatePeriodSeconds: 1
+ type: Rolling
+ template:
+ metadata:
+ labels:
+ name: backend-cron
+ spec:
+ containers:
+ - args:
+ - backend-cron
+ env:
+ - name: CONFIG_REDIS_PROXY
+ value: "backend-redis:6379"
+ - name: CONFIG_QUEUES_MASTER_NAME
+ value: "backend-redis:6379/1"
+ - name: RACK_ENV
+ value: "production"
+ image: 3scale-amp20/backend:1.0-2
+ imagePullPolicy: IfNotPresent
+ name: backend-cron
+ triggers:
+ - type: ConfigChange
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: backend-redis
+ spec:
+ replicas: 1
+ selector:
+ name: backend-redis
+ strategy:
+ type: Recreate
+ template:
+ metadata:
+ labels:
+ name: backend-redis
+ spec:
+ containers:
+ - image: ${REDIS_IMAGE}
+ imagePullPolicy: IfNotPresent
+ name: backend-redis
+ readinessProbe:
+ exec:
+ command:
+ - "container-entrypoint"
+ - "bash"
+ - "-c"
+ - "redis-cli set liveness-probe \"`date`\" | grep OK"
+ initialDelaySeconds: 10
+ periodSeconds: 30
+ timeoutSeconds: 1
+ livenessProbe:
+ tcpSocket:
+ port: 6379
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ volumeMounts:
+ - name: backend-redis-storage
+ mountPath: "/var/lib/redis/data"
+ - name: redis-config
+ mountPath: /etc/redis.conf
+ subPath: redis.conf
+ volumes:
+ - name: backend-redis-storage
+ persistentVolumeClaim:
+ claimName: backend-redis-storage
+ - name: redis-config
+ configMap:
+ name: redis-config
+ items:
+ - key: redis.conf
+ path: redis.conf
+ triggers:
+ - type: ConfigChange
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: backend-listener
+ spec:
+ replicas: 1
+ selector:
+ name: backend-listener
+ strategy:
+ rollingParams:
+ intervalSeconds: 1
+ maxSurge: 25%
+ maxUnavailable: 25%
+ timeoutSeconds: 600
+ updatePeriodSeconds: 1
+ type: Rolling
+ template:
+ metadata:
+ labels:
+ name: backend-listener
+ spec:
+ containers:
+ - args:
+ - 3scale_backend
+ - start
+ - "-e"
+ - production
+ - "-p"
+ - '3000'
+ - "-x"
+ - "/dev/stdout"
+ env:
+ - name: CONFIG_REDIS_PROXY
+ value: "backend-redis:6379"
+ - name: CONFIG_QUEUES_MASTER_NAME
+ value: "backend-redis:6379/1"
+ - name: RACK_ENV
+ value: "production"
+ - name: CONFIG_INTERNAL_API_USER
+ value: "${SYSTEM_BACKEND_USERNAME}"
+ - name: CONFIG_INTERNAL_API_PASSWORD
+ value: "${SYSTEM_BACKEND_PASSWORD}"
+ image: 3scale-amp20/backend:1.0-2
+ imagePullPolicy: IfNotPresent
+ name: backend-listener
+ livenessProbe:
+ initialDelaySeconds: 30
+ periodSeconds: 10
+ tcpSocket:
+ port: 3000
+ readinessProbe:
+ httpGet:
+ path: "/status"
+ port: 3000
+ initialDelaySeconds: 30
+ timeoutSeconds: 5
+ ports:
+ - containerPort: 3000
+ protocol: TCP
+ triggers:
+ - type: ConfigChange
+
+- apiVersion: v1
+ kind: Service
+ metadata:
+ name: backend-redis
+ spec:
+ ports:
+ - port: 6379
+ protocol: TCP
+ targetPort: 6379
+ selector:
+ name: backend-redis
+
+- apiVersion: v1
+ kind: Service
+ metadata:
+ name: backend-listener
+ spec:
+ ports:
+ - port: 3000
+ protocol: TCP
+ targetPort: 3000
+ name: http
+ selector:
+ name: backend-listener
+
+- apiVersion: v1
+ kind: Service
+ metadata:
+ name: system-provider
+ spec:
+ ports:
+ - port: 3000
+ protocol: TCP
+ targetPort: provider
+ name: http
+ selector:
+ name: system-app
+
+- apiVersion: v1
+ kind: Service
+ metadata:
+ name: system-developer
+ spec:
+ ports:
+ - port: 3000
+ protocol: TCP
+ targetPort: developer
+ name: http
+ selector:
+ name: system-app
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: backend-worker
+ spec:
+ replicas: 1
+ selector:
+ name: backend-worker
+ strategy:
+ rollingParams:
+ intervalSeconds: 1
+ maxSurge: 25%
+ maxUnavailable: 25%
+ timeoutSeconds: 600
+ updatePeriodSeconds: 1
+ type: Rolling
+ template:
+ metadata:
+ labels:
+ name: backend-worker
+ spec:
+ containers:
+ - args:
+ - 3scale_backend_worker
+ - run
+ env:
+ - name: CONFIG_REDIS_PROXY
+ value: "backend-redis:6379"
+ - name: CONFIG_QUEUES_MASTER_NAME
+ value: "backend-redis:6379/1"
+ - name: RACK_ENV
+ value: "production"
+ - name: CONFIG_EVENTS_HOOK
+ value: http://system-provider:3000/master/events/import
+ - name: CONFIG_EVENTS_HOOK_SHARED_SECRET
+ value: ${SYSTEM_BACKEND_SHARED_SECRET}
+ image: 3scale-amp20/backend:1.0-2
+ imagePullPolicy: IfNotPresent
+ name: backend-worker
+ triggers:
+ - type: ConfigChange
+
+- kind: Service
+ apiVersion: v1
+ metadata:
+ name: 'system-mysql'
+ spec:
+ ports:
+ - name: system-mysql
+ protocol: TCP
+ port: 3306
+ targetPort: 3306
+ nodePort: 0
+ selector:
+ name: 'system-mysql'
+- apiVersion: v1
+ kind: Service
+ metadata:
+ name: system-redis
+ spec:
+ ports:
+ - port: 6379
+ protocol: TCP
+ targetPort: 6379
+ name: redis
+ selector:
+ name: system-redis
+
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: system-redis
+ spec:
+ replicas: 1
+ selector:
+ name: system-redis
+ strategy:
+ type: Recreate
+ template:
+ metadata:
+ labels:
+ name: system-redis
+ spec:
+ containers:
+ - args:
+ image: ${REDIS_IMAGE}
+ imagePullPolicy: IfNotPresent
+ name: system-redis
+ terminationMessagePath: /dev/termination-log
+ volumeMounts:
+ - name: system-redis-storage
+ mountPath: "/var/lib/redis/data"
+ - name: redis-config
+ mountPath: /etc/redis.conf
+ subPath: redis.conf
+ readinessProbe:
+ exec:
+ command:
+ - "container-entrypoint"
+ - "bash"
+ - "-c"
+ - "redis-cli set liveness-probe \"`date`\" | grep OK"
+ initialDelaySeconds: 30
+ periodSeconds: 10
+ timeoutSeconds: 5
+ livenessProbe:
+ tcpSocket:
+ port: 6379
+ initialDelaySeconds: 10
+ periodSeconds: 5
+ volumes:
+ - name: system-redis-storage
+ persistentVolumeClaim:
+ claimName: system-redis-storage
+ - name: redis-config
+ configMap:
+ name: redis-config
+ items:
+ - key: redis.conf
+ path: redis.conf
+ triggers:
+ - type: ConfigChange
+
+- apiVersion: v1
+ kind: Service
+ metadata:
+ name: system-sphinx
+ spec:
+ ports:
+ - port: 9306
+ protocol: TCP
+ targetPort: 9306
+ name: sphinx
+ selector:
+ name: system-sphinx
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: system-sphinx
+ spec:
+ replicas: 1
+ selector:
+ name: system-sphinx
+ strategy:
+ rollingParams:
+ intervalSeconds: 1
+ maxSurge: 25%
+ maxUnavailable: 25%
+ timeoutSeconds: 600
+ updatePeriodSeconds: 1
+ type: Rolling
+ template:
+ metadata:
+ labels:
+ name: system-sphinx
+ spec:
+ volumes:
+ - name: system-sphinx-database
+ emptyDir: {}
+ containers:
+ - args:
+ - rake
+ - 'openshift:thinking_sphinx:start'
+ volumeMounts:
+ - name: system-sphinx-database
+ mountPath: "/opt/system/db/sphinx"
+ env:
+ - name: RAILS_ENV
+ value: production
+ - name: DATABASE_URL
+ value: "mysql2://root:${MYSQL_ROOT_PASSWORD}@system-mysql/${MYSQL_DATABASE}"
+ - name: THINKING_SPHINX_ADDRESS
+ value: 0.0.0.0
+ - name: THINKING_SPHINX_CONFIGURATION_FILE
+ value: "db/sphinx/production.conf"
+ - name: THINKING_SPHINX_PID_FILE
+ value: db/sphinx/searchd.pid
+ - name: DELTA_INDEX_INTERVAL
+ value: '5'
+ - name: FULL_REINDEX_INTERVAL
+ value: '60'
+ image: 3scale-amp20/system:1.0-2
+ imagePullPolicy: IfNotPresent
+ name: system-sphinx
+ livenessProbe:
+ tcpSocket:
+ port: 9306
+ initialDelaySeconds: 60
+ periodSeconds: 10
+ triggers:
+ - type: ConfigChange
+
+- apiVersion: v1
+ kind: Service
+ metadata:
+ name: system-memcache
+ spec:
+ ports:
+ - port: 11211
+ protocol: TCP
+ targetPort: 11211
+ name: memcache
+ selector:
+ name: system-memcache
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: system-memcache
+ spec:
+ replicas: 1
+ selector:
+ name: system-memcache
+ strategy:
+ rollingParams:
+ intervalSeconds: 1
+ maxSurge: 25%
+ maxUnavailable: 25%
+ timeoutSeconds: 600
+ updatePeriodSeconds: 1
+ type: Rolling
+ template:
+ metadata:
+ labels:
+ name: system-memcache
+ spec:
+ containers:
+ - args:
+ env:
+ image: 3scale-amp20/memcached:1.4.15-7
+ imagePullPolicy: IfNotPresent
+ name: memcache
+ readinessProbe:
+ exec:
+ command:
+ - "sh"
+ - "-c"
+ - "echo version | nc $HOSTNAME 11211 | grep VERSION"
+ initialDelaySeconds: 10
+ periodSeconds: 30
+ timeoutSeconds: 5
+ livenessProbe:
+ tcpSocket:
+ port: 11211
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ command:
+ - "memcached"
+ - "-m"
+ - "64"
+ ports:
+ - containerPort: 6379
+ protocol: TCP
+ triggers:
+ - type: ConfigChange
+
+- apiVersion: v1
+ kind: Route
+ metadata:
+ name: system-provider-admin-route
+ labels:
+ app: system-route
+ spec:
+ host: ${TENANT_NAME}-admin.${WILDCARD_DOMAIN}
+ to:
+ kind: Service
+ name: system-provider
+ port:
+ targetPort: http
+ tls:
+ termination: edge
+ insecureEdgeTerminationPolicy: Allow
+
+- apiVersion: v1
+ kind: Route
+ metadata:
+ name: backend-route
+ labels:
+ app: system-route
+ spec:
+ host: backend-${TENANT_NAME}.${WILDCARD_DOMAIN}
+ to:
+ kind: Service
+ name: backend-listener
+ port:
+ targetPort: http
+ tls:
+ termination: edge
+ insecureEdgeTerminationPolicy: Allow
+
+- apiVersion: v1
+ kind: Route
+ metadata:
+ name: system-developer-route
+ labels:
+ app: system-route
+ spec:
+ host: ${TENANT_NAME}.${WILDCARD_DOMAIN}
+ to:
+ kind: Service
+ name: system-developer
+ port:
+ targetPort: http
+ tls:
+ termination: edge
+ insecureEdgeTerminationPolicy: Allow
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: apicast-staging
+ spec:
+ replicas: 1
+ selector:
+ deploymentconfig: apicast-staging
+ strategy:
+ rollingParams:
+ intervalSeconds: 1
+ maxSurge: 25%
+ maxUnavailable: 25%
+ timeoutSeconds: 1800
+ updatePeriodSeconds: 1
+ type: Rolling
+ template:
+ metadata:
+ labels:
+ deploymentconfig: apicast-staging
+ spec:
+ containers:
+ - env:
+ - name: THREESCALE_PORTAL_ENDPOINT
+ value: http://${APICAST_ACCESS_TOKEN}@system-provider:3000
+ - name: APICAST_CONFIGURATION_LOADER
+ value: "lazy"
+ - name: APICAST_CONFIGURATION_CACHE
+ value: "0"
+ - name: THREESCALE_DEPLOYMENT_ENV
+ value: "sandbox"
+ - name: APICAST_MANAGEMENT_API
+ value: "${APICAST_MANAGEMENT_API}"
+ - name: BACKEND_ENDPOINT_OVERRIDE
+ value: http://backend-listener:3000
+ - name: OPENSSL_VERIFY
+ value: '${APICAST_OPENSSL_VERIFY}'
+ - name: APICAST_RESPONSE_CODES
+ value: '${APICAST_RESPONSE_CODES}'
+ - name: REDIS_URL
+ value: "redis://system-redis:6379/2"
+ image: 3scale-amp20/apicast-gateway:1.0-3
+ imagePullPolicy: IfNotPresent
+ name: apicast-staging
+ livenessProbe:
+ httpGet:
+ path: /status/live
+ port: 8090
+ initialDelaySeconds: 10
+ timeoutSeconds: 5
+ periodSeconds: 10
+ readinessProbe:
+ httpGet:
+ path: /status/ready
+ port: 8090
+ initialDelaySeconds: 15
+ timeoutSeconds: 5
+ periodSeconds: 30
+ ports:
+ - containerPort: 8080
+ protocol: TCP
+ - containerPort: 8090
+ protocol: TCP
+ triggers:
+ - type: ConfigChange
+
+- apiVersion: v1
+ kind: Service
+ metadata:
+ name: apicast-staging
+ spec:
+ ports:
+ - name: gateway
+ port: 8080
+ protocol: TCP
+ targetPort: 8080
+ - name: management
+ port: 8090
+ protocol: TCP
+ targetPort: 8090
+ selector:
+ deploymentconfig: apicast-staging
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: apicast-production
+ spec:
+ replicas: 1
+ selector:
+ deploymentconfig: apicast-production
+ strategy:
+ rollingParams:
+ intervalSeconds: 1
+ maxSurge: 25%
+ maxUnavailable: 25%
+ timeoutSeconds: 1800
+ updatePeriodSeconds: 1
+ type: Rolling
+ template:
+ metadata:
+ labels:
+ deploymentconfig: apicast-production
+ spec:
+ containers:
+ - env:
+ - name: THREESCALE_PORTAL_ENDPOINT
+ value: "http://${APICAST_ACCESS_TOKEN}@system-provider:3000"
+ - name: APICAST_CONFIGURATION_LOADER
+ value: "boot"
+ - name: APICAST_CONFIGURATION_CACHE
+ value: "300"
+ - name: THREESCALE_DEPLOYMENT_ENV
+ value: "production"
+ - name: APICAST_MANAGEMENT_API
+ value: "${APICAST_MANAGEMENT_API}"
+ - name: BACKEND_ENDPOINT_OVERRIDE
+ value: http://backend-listener:3000
+ - name: OPENSSL_VERIFY
+ value: '${APICAST_OPENSSL_VERIFY}'
+ - name: APICAST_RESPONSE_CODES
+ value: '${APICAST_RESPONSE_CODES}'
+ - name: REDIS_URL
+ value: "redis://system-redis:6379/1"
+ image: 3scale-amp20/apicast-gateway:1.0-3
+ imagePullPolicy: IfNotPresent
+ name: apicast-production
+ livenessProbe:
+ httpGet:
+ path: /status/live
+ port: 8090
+ initialDelaySeconds: 10
+ timeoutSeconds: 5
+ periodSeconds: 10
+ readinessProbe:
+ httpGet:
+ path: /status/ready
+ port: 8090
+ initialDelaySeconds: 15
+ timeoutSeconds: 5
+ periodSeconds: 30
+ ports:
+ - containerPort: 8080
+ protocol: TCP
+ - containerPort: 8090
+ protocol: TCP
+ triggers:
+ - type: ConfigChange
+
+- apiVersion: v1
+ kind: Service
+ metadata:
+ name: apicast-production
+ spec:
+ ports:
+ - name: gateway
+ port: 8080
+ protocol: TCP
+ targetPort: 8080
+ - name: management
+ port: 8090
+ protocol: TCP
+ targetPort: 8090
+ selector:
+ deploymentconfig: apicast-production
+
+- apiVersion: v1
+ kind: Route
+ metadata:
+ name: api-apicast-staging-route
+ labels:
+ app: apicast-staging
+ spec:
+ host: api-${TENANT_NAME}-apicast-staging.${WILDCARD_DOMAIN}
+ to:
+ kind: Service
+ name: apicast-staging
+ port:
+ targetPort: gateway
+ tls:
+ termination: edge
+ insecureEdgeTerminationPolicy: Allow
+
+- apiVersion: v1
+ kind: Route
+ metadata:
+ name: api-apicast-production-route
+ labels:
+ app: apicast-production
+ spec:
+ host: api-${TENANT_NAME}-apicast-production.${WILDCARD_DOMAIN}
+ to:
+ kind: Service
+ name: apicast-production
+ port:
+ targetPort: gateway
+ tls:
+ termination: edge
+ insecureEdgeTerminationPolicy: Allow
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: system-app
+ spec:
+ replicas: 1
+ selector:
+ name: system-app
+ strategy:
+ rollingParams:
+ intervalSeconds: 1
+ maxSurge: 25%
+ maxUnavailable: 25%
+ timeoutSeconds: 600
+ updatePeriodSeconds: 1
+ pre:
+ failurePolicy: Retry
+ execNewPod:
+ containerName: system-provider
+ command:
+ - bash
+ - -c
+ - bundle exec rake boot openshift:deploy
+ env: *base_env
+ volumes:
+ - system-storage
+ post:
+ failurePolicy: Abort
+ execNewPod:
+ containerName: system-provider
+ command:
+ - bash
+ - -c
+ - bundle exec rake boot openshift:post_deploy
+ type: Rolling
+ template:
+ metadata:
+ labels:
+ name: system-app
+ spec:
+ containers:
+ - args:
+ env: *base_env
+ image: 3scale-amp20/system:1.0-2
+ imagePullPolicy: IfNotPresent
+ command: ['env', 'TENANT_MODE=provider', 'PORT=3000', 'container-entrypoint', 'bundle', 'exec', 'unicorn', '-c', 'config/unicorn.rb']
+ name: system-provider
+ livenessProbe:
+ timeoutSeconds: 10
+ initialDelaySeconds: 20
+ tcpSocket:
+ port: provider
+ periodSeconds: 10
+ readinessProbe:
+ httpGet:
+ path: /check.txt
+ port: provider
+ scheme: HTTP
+ httpHeaders:
+ - name: X-Forwarded-Proto
+ value: https
+ initialDelaySeconds: 30
+ timeoutSeconds: 10
+ periodSeconds: 30
+ ports:
+ - containerPort: 3000
+ protocol: TCP
+ name: provider
+ volumeMounts:
+ - name: system-storage
+ mountPath: /opt/system/public/system
+ - args:
+ env: *base_env
+ image: 3scale-amp20/system:1.0-2
+ command: ['env', 'TENANT_MODE=developer', 'PORT=3001', 'container-entrypoint', 'bundle', 'exec', 'unicorn', '-c', 'config/unicorn.rb']
+ imagePullPolicy: IfNotPresent
+ name: system-developer
+ livenessProbe:
+ timeoutSeconds: 10
+ initialDelaySeconds: 20
+ tcpSocket:
+ port: developer
+ periodSeconds: 10
+ readinessProbe:
+ httpGet:
+ path: /check.txt
+ port: developer
+ scheme: HTTP
+ httpHeaders:
+ - name: X-Forwarded-Proto
+ value: https
+ initialDelaySeconds: 30
+ timeoutSeconds: 10
+ periodSeconds: 30
+ ports:
+ - containerPort: 3001
+ protocol: TCP
+ name: developer
+ volumeMounts:
+ - name: system-storage
+ mountPath: /opt/system/public/system
+ readOnly: true
+ volumes:
+ - name: system-storage
+ persistentVolumeClaim:
+ claimName: system-storage
+ triggers:
+ - type: ConfigChange
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: system-resque
+ spec:
+ replicas: 1
+ selector:
+ name: system-resque
+ strategy:
+ rollingParams:
+ intervalSeconds: 1
+ maxSurge: 25%
+ maxUnavailable: 25%
+ timeoutSeconds: 600
+ updatePeriodSeconds: 1
+ type: Rolling
+ template:
+ metadata:
+ labels:
+ name: system-resque
+ spec:
+ containers:
+ - args:
+ - 'rake'
+ - 'resque:work'
+ - 'QUEUE=*'
+ env: *base_env
+ image: 3scale-amp20/system:1.0-2
+ imagePullPolicy: IfNotPresent
+ name: system-resque
+ volumeMounts:
+ - name: system-storage
+ mountPath: /opt/system/public/system
+ - args:
+ - 'rake'
+ - 'resque:scheduler'
+ - 'QUEUE=*'
+ env: *base_env
+ image: 3scale-amp20/system:1.0-2
+ imagePullPolicy: IfNotPresent
+ name: system-scheduler
+ volumes:
+ - name: system-storage
+ persistentVolumeClaim:
+ claimName: system-storage
+ triggers:
+ - type: ConfigChange
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: system-sidekiq
+ spec:
+ replicas: 1
+ selector:
+ name: system-sidekiq
+ strategy:
+ rollingParams:
+ intervalSeconds: 1
+ maxSurge: 25%
+ maxUnavailable: 25%
+ timeoutSeconds: 600
+ updatePeriodSeconds: 1
+ type: Rolling
+ template:
+ metadata:
+ labels:
+ name: system-sidekiq
+ spec:
+ containers:
+ - args:
+ - rake
+ - sidekiq:worker
+ env: *base_env
+ image: 3scale-amp20/system:1.0-2
+ imagePullPolicy: IfNotPresent
+ name: system-sidekiq
+ volumeMounts:
+ - name: system-storage
+ mountPath: /opt/system/public/system
+ volumes:
+ - name: system-storage
+ persistentVolumeClaim:
+ claimName: system-storage
+ triggers:
+ - type: ConfigChange
+
+
+- kind: DeploymentConfig
+ apiVersion: v1
+ metadata:
+ name: 'system-mysql'
+ spec:
+ strategy:
+ type: Recreate
+ triggers:
+ - type: ConfigChange
+ replicas: 1
+ selector:
+ name: 'system-mysql'
+ template:
+ metadata:
+ labels:
+ name: 'system-mysql'
+ spec:
+ containers:
+ - name: system-mysql
+ image: ${MYSQL_IMAGE}
+ ports:
+ - containerPort: 3306
+ protocol: TCP
+ resources:
+ limits:
+ memory: 2Gi
+ requests:
+ cpu: '1'
+ memory: 1Gi
+ readinessProbe:
+ timeoutSeconds: 5
+ initialDelaySeconds: 10
+ periodSeconds: 30
+ exec:
+ command:
+ - /bin/sh
+ - '-i'
+ - '-c'
+ - MYSQL_PWD="$MYSQL_PASSWORD" mysql -h 127.0.0.1 -u $MYSQL_USER -D $MYSQL_DATABASE -e 'SELECT 1'
+ livenessProbe:
+ initialDelaySeconds: 30
+ periodSeconds: 10
+ tcpSocket:
+ port: 3306
+ env:
+ - name: MYSQL_USER
+ value: ${MYSQL_USER}
+ - name: MYSQL_PASSWORD
+ value: ${MYSQL_PASSWORD}
+ - name: MYSQL_DATABASE
+ value: ${MYSQL_DATABASE}
+ - name: MYSQL_ROOT_PASSWORD
+ value: ${MYSQL_ROOT_PASSWORD}
+ - name: MYSQL_LOWER_CASE_TABLE_NAMES
+ value: "1"
+ volumeMounts:
+ - name: 'mysql-storage'
+ mountPath: /var/lib/mysql/data
+ imagePullPolicy: IfNotPresent
+ volumes:
+ - name: 'mysql-storage'
+ persistentVolumeClaim:
+ claimName: 'mysql-storage'
+- kind: ConfigMap
+ apiVersion: v1
+ metadata:
+ name: redis-config
+ data:
+ redis.conf: |
+ protected-mode no
+
+ port 6379
+
+ timeout 0
+ tcp-keepalive 300
+
+ daemonize no
+ supervised no
+
+ loglevel notice
+
+ databases 16
+
+ save 900 1
+ save 300 10
+ save 60 10000
+
+ stop-writes-on-bgsave-error yes
+
+ rdbcompression yes
+ rdbchecksum yes
+
+ dbfilename dump.rdb
+
+ slave-serve-stale-data yes
+ slave-read-only yes
+
+ repl-diskless-sync no
+ repl-disable-tcp-nodelay no
+
+ appendonly yes
+ appendfilename "appendonly.aof"
+ appendfsync everysec
+ no-appendfsync-on-rewrite no
+ auto-aof-rewrite-percentage 100
+ auto-aof-rewrite-min-size 64mb
+ aof-load-truncated yes
+
+ lua-time-limit 5000
+
+ activerehashing no
+
+ aof-rewrite-incremental-fsync yes
+ dir /var/lib/redis/data
+
+- kind: ConfigMap
+
+ apiVersion: v1
+ metadata:
+ name: smtp
+ data:
+ address: ""
+ username: ""
+ password: ""
+ domain: ""
+ port: ""
+ authentication: ""
+ openssl.verify.mode: ""
+
+parameters:
+- name: AMP_RELEASE
+ description: "AMP release tag."
+ value: 2.0.0-CR2-redhat-1
+ required: true
+- name: ADMIN_PASSWORD
+ required: true
+ generate: expression
+ from: "[a-z0-9]{8}"
+- name: ADMIN_USERNAME
+ value: admin
+ required: true
+- name: APICAST_ACCESS_TOKEN
+ required: true
+ generate: expression
+ from: "[a-z0-9]{8}"
+ description: "Read Only Access Token that is APIcast going to use to download its configuration."
+- name: ADMIN_ACCESS_TOKEN
+ required: false
+ generate: expression
+ from: "[a-z0-9]{16}"
+ description: "Admin Access Token with all scopes and write permissions for API access."
+- name: WILDCARD_DOMAIN
+ description: Root domain for the wildcard routes. Eg. example.com will generate 3scale-admin.example.com.
+ required: true
+- name: TENANT_NAME
+ description: "Tenant name under the root that Admin UI will be available with -admin suffix."
+ required: true
+ value: "3scale"
+- name: MYSQL_USER
+ displayName: MySQL User
+ description: Username for MySQL user that will be used for accessing the database.
+ value: "mysql"
+ required: true
+- name: MYSQL_PASSWORD
+ displayName: MySQL Password
+ description: Password for the MySQL user.
+ generate: expression
+ from: "[a-z0-9]{8}"
+ required: true
+- name: MYSQL_DATABASE
+ displayName: MySQL Database Name
+ description: Name of the MySQL database accessed.
+ value: "system"
+ required: true
+- name: MYSQL_ROOT_PASSWORD
+ displayName: MySQL Root password.
+ description: Password for Root user.
+ generate: expression
+ from: "[a-z0-9]{8}"
+ required: true
+- name: SYSTEM_BACKEND_USERNAME
+ description: Internal 3scale API username for internal 3scale api auth.
+ value: "3scale_api_user"
+ required: true
+- name: SYSTEM_BACKEND_PASSWORD
+ description: Internal 3scale API password for internal 3scale api auth.
+ generate: expression
+ from: "[a-z0-9]{8}"
+ required: true
+- name: REDIS_IMAGE
+ description: Redis image to use
+ required: true
+ value: rhscl/redis-32-rhel7:3.2-5.7
+- name: MYSQL_IMAGE
+ description: Mysql image to use
+ required: true
+ value: rhscl/mysql-56-rhel7:5.6-13.14
+- name: SYSTEM_BACKEND_SHARED_SECRET
+ description: Shared secret to import events from backend to system.
+ generate: expression
+ from: "[a-z0-9]{8}"
+ required: true
+- name: SYSTEM_APP_SECRET_KEY_BASE
+ description: System application secret key base
+ generate: expression
+ from: "[a-f0-9]{128}"
+ required: true
+- name: APICAST_MANAGEMENT_API
+ description: "Scope of the APIcast Management API. Can be disabled, status or debug. At least status required for health checks."
+ required: false
+ value: "status"
+- name: APICAST_OPENSSL_VERIFY
+ description: "Turn on/off the OpenSSL peer verification when downloading the configuration. Can be set to true/false."
+ required: false
+ value: "false"
+- name: APICAST_RESPONSE_CODES
+ description: "Enable logging response codes in APIcast."
+ value: "true"
+ required: false
diff --git a/roles/openshift_examples/files/examples/v3.9/quickstart-templates/apicast-gateway-template.yml b/roles/openshift_examples/files/examples/v3.9/quickstart-templates/apicast-gateway-template.yml
new file mode 100644
index 000000000..e69de29bb
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/quickstart-templates/apicast-gateway-template.yml
diff --git a/roles/openshift_examples/files/examples/v3.9/quickstart-templates/apicast.yml b/roles/openshift_examples/files/examples/v3.9/quickstart-templates/apicast.yml
new file mode 100644
index 000000000..8e8051c0b
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/quickstart-templates/apicast.yml
@@ -0,0 +1,157 @@
+apiVersion: v1
+kind: Template
+metadata:
+ name: 3scale-gateway
+ annotations:
+ description: "3scale API Gateway"
+ iconClass: "icon-load-balancer"
+ tags: "api,gateway,3scale"
+objects:
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: "${APICAST_NAME}"
+ spec:
+ replicas: 2
+ selector:
+ deploymentconfig: "${APICAST_NAME}"
+ strategy:
+ type: Rolling
+ template:
+ metadata:
+ labels:
+ deploymentconfig: "${APICAST_NAME}"
+ spec:
+ containers:
+ - env:
+ - name: THREESCALE_PORTAL_ENDPOINT
+ valueFrom:
+ secretKeyRef:
+ name: "${CONFIGURATION_URL_SECRET}"
+ key: password
+ - name: THREESCALE_CONFIG_FILE
+ value: "${CONFIGURATION_FILE_PATH}"
+ - name: THREESCALE_DEPLOYMENT_ENV
+ value: "${DEPLOYMENT_ENVIRONMENT}"
+ - name: RESOLVER
+ value: "${RESOLVER}"
+ - name: APICAST_SERVICES
+ value: "${SERVICES_LIST}"
+ - name: APICAST_CONFIGURATION_LOADER
+ value: "${CONFIGURATION_LOADER}"
+ - name: APICAST_LOG_LEVEL
+ value: "${LOG_LEVEL}"
+ - name: APICAST_PATH_ROUTING_ENABLED
+ value: "${PATH_ROUTING}"
+ - name: APICAST_RESPONSE_CODES
+ value: "${RESPONSE_CODES}"
+ - name: APICAST_CONFIGURATION_CACHE
+ value: "${CONFIGURATION_CACHE}"
+ - name: REDIS_URL
+ value: "${REDIS_URL}"
+ - name: APICAST_MANAGEMENT_API
+ value: "${MANAGEMENT_API}"
+ - name: OPENSSL_VERIFY
+ value: "${OPENSSL_VERIFY}"
+ image: 3scale-amp20/apicast-gateway:1.0-3
+ imagePullPolicy: IfNotPresent
+ name: "${APICAST_NAME}"
+ livenessProbe:
+ httpGet:
+ path: /status/live
+ port: management
+ initialDelaySeconds: 10
+ timeoutSeconds: 1
+ readinessProbe:
+ httpGet:
+ path: /status/ready
+ port: management
+ initialDelaySeconds: 15
+ timeoutSeconds: 1
+ ports:
+ - name: proxy
+ containerPort: 8080
+ protocol: TCP
+ - name: management
+ containerPort: 8090
+ protocol: TCP
+ triggers:
+ - type: ConfigChange
+
+- apiVersion: v1
+ kind: Service
+ metadata:
+ name: "${APICAST_NAME}"
+ spec:
+ ports:
+ - name: proxy
+ port: 8080
+ protocol: TCP
+ targetPort: 8080
+ - name: management
+ port: 8090
+ protocol: TCP
+ targetPort: 8090
+ selector:
+ deploymentconfig: "${APICAST_NAME}"
+
+parameters:
+- name: AMP_RELEASE
+ description: "AMP release tag."
+ value: 2.0.0-CR2-redhat-1
+ required: true
+- description: "Name of the secret containing the THREESCALE_PORTAL_ENDPOINT with the access-token or provider key"
+ value: apicast-configuration-url-secret
+ name: CONFIGURATION_URL_SECRET
+ required: true
+- description: "Path to saved JSON file with configuration for the gateway. Has to be injected to the docker image as read only volume."
+ value:
+ name: CONFIGURATION_FILE_PATH
+ required: false
+- description: "Deployment environment. Can be sandbox or production."
+ value: production
+ name: DEPLOYMENT_ENVIRONMENT
+ required: true
+- description: "Name for the 3scale API Gateway"
+ value: apicast
+ name: APICAST_NAME
+ required: true
+- description: "DNS Resolver for openresty, if empty it will be autodiscovered"
+ value:
+ name: RESOLVER
+ required: false
+- description: "Subset of services to run. Use comma separated list of service ids (eg. 42,1337)"
+ value:
+ name: SERVICES_LIST
+ required: false
+- name: CONFIGURATION_LOADER
+ description: "When to load configuration. If on gateway start or incoming request. Allowed values are: lazy, boot."
+ value: boot
+ required: false
+- description: "Log level. One of the following: debug, info, notice, warn, error, crit, alert, or emerg."
+ name: LOG_LEVEL
+ required: false
+- description: "Enable path routing. Experimental feature."
+ name: PATH_ROUTING
+ required: false
+ value: "false"
+- description: "Enable logging response codes to 3scale."
+ value: "false"
+ name: RESPONSE_CODES
+ required: false
+- name: CONFIGURATION_CACHE
+ description: "For how long to cache the downloaded configuration in seconds. Can be left empty, 0 or greater than 60."
+ value: ""
+ required: false
+- description: "Redis URL. Required for OAuth2 integration. ex: redis://PASSWORD@127.0.0.1:6379/0"
+ name: REDIS_URL
+ required: false
+- name: MANAGEMENT_API
+ description: "Scope of the Management API. Can be disabled, status or debug. At least status required for health checks."
+ required: false
+ value: "status"
+- name: OPENSSL_VERIFY
+ description: "Turn on/off the OpenSSL peer verification. Can be set to true/false."
+ required: true
+ value: "false"
diff --git a/roles/openshift_examples/files/examples/v3.9/quickstart-templates/cakephp-mysql-persistent.json b/roles/openshift_examples/files/examples/v3.9/quickstart-templates/cakephp-mysql-persistent.json
new file mode 100644
index 000000000..86ddc184a
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/quickstart-templates/cakephp-mysql-persistent.json
@@ -0,0 +1,586 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "cakephp-mysql-persistent",
+ "annotations": {
+ "openshift.io/display-name": "CakePHP + MySQL (Persistent)",
+ "description": "An example CakePHP application with a MySQL database. For more information about using this template, including OpenShift considerations, see https://github.com/openshift/cakephp-ex/blob/master/README.md.",
+ "tags": "quickstart,php,cakephp",
+ "iconClass": "icon-php",
+ "openshift.io/long-description": "This template defines resources needed to develop a CakePHP application, including a build configuration, application deployment configuration, and database deployment configuration.",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "openshift.io/documentation-url": "https://github.com/openshift/cakephp-ex",
+ "openshift.io/support-url": "https://access.redhat.com",
+ "template.openshift.io/bindable": "false"
+ }
+ },
+ "message": "The following service(s) have been created in your project: ${NAME}, ${DATABASE_SERVICE_NAME}.\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/openshift/cake-ex/blob/master/README.md.",
+ "labels": {
+ "template": "cakephp-mysql-persistent"
+ },
+ "objects": [
+ {
+ "kind": "Secret",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}"
+ },
+ "stringData" : {
+ "database-user" : "${DATABASE_USER}",
+ "database-password" : "${DATABASE_PASSWORD}",
+ "cakephp-secret-token" : "${CAKEPHP_SECRET_TOKEN}",
+ "cakephp-security-salt" : "${CAKEPHP_SECURITY_SALT}",
+ "cakephp-security-cipher-seed" : "${CAKEPHP_SECURITY_CIPHER_SEED}"
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Exposes and load balances the application pods",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${DATABASE_SERVICE_NAME}\", \"kind\": \"Service\"}]"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "web",
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "name": "${NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}"
+ },
+ "spec": {
+ "host": "${APPLICATION_DOMAIN}",
+ "to": {
+ "kind": "Service",
+ "name": "${NAME}"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Keeps track of changes in the application image"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Defines how to build the application",
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${NAMESPACE}",
+ "name": "php:7.0"
+ },
+ "env": [
+ {
+ "name": "COMPOSER_MIRROR",
+ "value": "${COMPOSER_MIRROR}"
+ }
+ ]
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange"
+ },
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ }
+ ],
+ "postCommit": {
+ "script": "./lib/Cake/Console/cake test app AllTests"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Defines how to deploy the application server",
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate",
+ "recreateParams": {
+ "pre": {
+ "failurePolicy": "Retry",
+ "execNewPod": {
+ "command": [
+ "./migrate-database.sh"
+ ],
+ "containerName": "cakephp-mysql-persistent"
+ }
+ }
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "cakephp-mysql-persistent"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${NAME}",
+ "labels": {
+ "name": "${NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "cakephp-mysql-persistent",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 8080
+ }
+ ],
+ "readinessProbe": {
+ "timeoutSeconds": 3,
+ "initialDelaySeconds": 3,
+ "httpGet": {
+ "path": "/health.php",
+ "port": 8080
+ }
+ },
+ "livenessProbe": {
+ "timeoutSeconds": 3,
+ "initialDelaySeconds": 30,
+ "httpGet": {
+ "path": "/health.php",
+ "port": 8080
+ }
+ },
+ "env": [
+ {
+ "name": "DATABASE_SERVICE_NAME",
+ "value": "${DATABASE_SERVICE_NAME}"
+ },
+ {
+ "name": "DATABASE_ENGINE",
+ "value": "${DATABASE_ENGINE}"
+ },
+ {
+ "name": "DATABASE_NAME",
+ "value": "${DATABASE_NAME}"
+ },
+ {
+ "name": "DATABASE_USER",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-user"
+ }
+ }
+ },
+ {
+ "name": "DATABASE_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-password"
+ }
+ }
+ },
+ {
+ "name": "CAKEPHP_SECRET_TOKEN",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "cakephp-secret-token"
+ }
+ }
+ },
+ {
+ "name": "CAKEPHP_SECURITY_SALT",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "cakephp-security-salt"
+ }
+ }
+ },
+ {
+ "name": "CAKEPHP_SECURITY_CIPHER_SEED",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "cakephp-security-cipher-seed"
+ }
+ }
+ },
+ {
+ "name": "OPCACHE_REVALIDATE_FREQ",
+ "value": "${OPCACHE_REVALIDATE_FREQ}"
+ }
+ ],
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_LIMIT}"
+ }
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "PersistentVolumeClaim",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "description": "Exposes the database server"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "mysql",
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "description": "Defines how to deploy the database",
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${NAMESPACE}",
+ "name": "mysql:5.7"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "labels": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ }
+ },
+ "spec": {
+ "volumes": [
+ {
+ "name": "${DATABASE_SERVICE_NAME}-data",
+ "persistentVolumeClaim": {
+ "claimName": "${DATABASE_SERVICE_NAME}"
+ }
+ }
+ ],
+ "containers": [
+ {
+ "name": "mysql",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 3306
+ }
+ ],
+ "volumeMounts": [
+ {
+ "name": "${DATABASE_SERVICE_NAME}-data",
+ "mountPath": "/var/lib/mysql/data"
+ }
+ ],
+ "readinessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 5,
+ "exec": {
+ "command": [ "/bin/sh", "-i", "-c", "MYSQL_PWD='${DATABASE_PASSWORD}' mysql -h 127.0.0.1 -u ${DATABASE_USER} -D ${DATABASE_NAME} -e 'SELECT 1'" ]
+ }
+ },
+ "livenessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 30,
+ "tcpSocket": {
+ "port": 3306
+ }
+ },
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-user"
+ }
+ }
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-password"
+ }
+ }
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DATABASE_NAME}"
+ }
+ ],
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_MYSQL_LIMIT}"
+ }
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ],
+ "parameters": [
+ {
+ "name": "NAME",
+ "displayName": "Name",
+ "description": "The name assigned to all of the frontend objects defined in this template.",
+ "required": true,
+ "value": "cakephp-mysql-persistent"
+ },
+ {
+ "name": "NAMESPACE",
+ "displayName": "Namespace",
+ "description": "The OpenShift Namespace where the ImageStream resides.",
+ "required": true,
+ "value": "openshift"
+ },
+ {
+ "name": "MEMORY_LIMIT",
+ "displayName": "Memory Limit",
+ "description": "Maximum amount of memory the CakePHP container can use.",
+ "required": true,
+ "value": "512Mi"
+ },
+ {
+ "name": "MEMORY_MYSQL_LIMIT",
+ "displayName": "Memory Limit (MySQL)",
+ "description": "Maximum amount of memory the MySQL container can use.",
+ "required": true,
+ "value": "512Mi"
+ },
+ {
+ "name": "VOLUME_CAPACITY",
+ "displayName": "Volume Capacity",
+ "description": "Volume space available for data, e.g. 512Mi, 2Gi",
+ "value": "1Gi",
+ "required": true
+ },
+ {
+ "name": "SOURCE_REPOSITORY_URL",
+ "displayName": "Git Repository URL",
+ "description": "The URL of the repository with your application source code.",
+ "required": true,
+ "value": "https://github.com/openshift/cakephp-ex.git"
+ },
+ {
+ "name": "SOURCE_REPOSITORY_REF",
+ "displayName": "Git Reference",
+ "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch."
+ },
+ {
+ "name": "CONTEXT_DIR",
+ "displayName": "Context Directory",
+ "description": "Set this to the relative path to your project if it is not in the root of your repository."
+ },
+ {
+ "name": "APPLICATION_DOMAIN",
+ "displayName": "Application Hostname",
+ "description": "The exposed hostname that will route to the CakePHP service, if left blank a value will be defaulted.",
+ "value": ""
+ },
+ {
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "displayName": "GitHub Webhook Secret",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{40}"
+ },
+ {
+ "name": "DATABASE_SERVICE_NAME",
+ "displayName": "Database Service Name",
+ "required": true,
+ "value": "mysql"
+ },
+ {
+ "name": "DATABASE_ENGINE",
+ "displayName": "Database Engine",
+ "description": "Database engine: postgresql, mysql or sqlite (default).",
+ "required": true,
+ "value": "mysql"
+ },
+ {
+ "name": "DATABASE_NAME",
+ "displayName": "Database Name",
+ "required": true,
+ "value": "default"
+ },
+ {
+ "name": "DATABASE_USER",
+ "displayName": "Database User",
+ "required": true,
+ "value": "cakephp"
+ },
+ {
+ "name": "DATABASE_PASSWORD",
+ "displayName": "Database Password",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{16}"
+ },
+ {
+ "name": "CAKEPHP_SECRET_TOKEN",
+ "displayName": "CakePHP secret token",
+ "description": "Set this to a long random string.",
+ "generate": "expression",
+ "from": "[\\w]{50}"
+ },
+ {
+ "name": "CAKEPHP_SECURITY_SALT",
+ "displayName": "CakePHP Security Salt",
+ "description": "Security salt for session hash.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{40}"
+ },
+ {
+ "name": "CAKEPHP_SECURITY_CIPHER_SEED",
+ "displayName": "CakePHP Security Cipher Seed",
+ "description": "Security cipher seed for session hash.",
+ "generate": "expression",
+ "from": "[0-9]{30}"
+ },
+ {
+ "name": "OPCACHE_REVALIDATE_FREQ",
+ "displayName": "OPcache Revalidation Frequency",
+ "description": "How often to check script timestamps for updates, in seconds. 0 will result in OPcache checking for updates on every request.",
+ "value": "2"
+ },
+ {
+ "name": "COMPOSER_MIRROR",
+ "displayName": "Custom Composer Mirror URL",
+ "description": "The custom Composer mirror URL",
+ "value": ""
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/quickstart-templates/cakephp-mysql.json b/roles/openshift_examples/files/examples/v3.9/quickstart-templates/cakephp-mysql.json
new file mode 100644
index 000000000..3c964bd6a
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/quickstart-templates/cakephp-mysql.json
@@ -0,0 +1,560 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "cakephp-mysql-example",
+ "annotations": {
+ "openshift.io/display-name": "CakePHP + MySQL (Ephemeral)",
+ "description": "An example CakePHP application with a MySQL database. For more information about using this template, including OpenShift considerations, see https://github.com/openshift/cakephp-ex/blob/master/README.md.\n\nWARNING: Any data stored will be lost upon pod destruction. Only use this template for testing.",
+ "tags": "quickstart,php,cakephp",
+ "iconClass": "icon-php",
+ "openshift.io/long-description": "This template defines resources needed to develop a CakePHP application, including a build configuration, application deployment configuration, and database deployment configuration. The database is stored in non-persistent storage, so this configuration should be used for experimental purposes only.",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "openshift.io/documentation-url": "https://github.com/openshift/cakephp-ex",
+ "openshift.io/support-url": "https://access.redhat.com",
+ "template.openshift.io/bindable": "false"
+ }
+ },
+ "message": "The following service(s) have been created in your project: ${NAME}, ${DATABASE_SERVICE_NAME}.\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/openshift/cake-ex/blob/master/README.md.",
+ "labels": {
+ "template": "cakephp-mysql-example"
+ },
+ "objects": [
+ {
+ "kind": "Secret",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}"
+ },
+ "stringData" : {
+ "database-user" : "${DATABASE_USER}",
+ "database-password" : "${DATABASE_PASSWORD}",
+ "cakephp-secret-token" : "${CAKEPHP_SECRET_TOKEN}",
+ "cakephp-security-salt" : "${CAKEPHP_SECURITY_SALT}",
+ "cakephp-security-cipher-seed" : "${CAKEPHP_SECURITY_CIPHER_SEED}"
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Exposes and load balances the application pods",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${DATABASE_SERVICE_NAME}\", \"kind\": \"Service\"}]"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "web",
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "name": "${NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}"
+ },
+ "spec": {
+ "host": "${APPLICATION_DOMAIN}",
+ "to": {
+ "kind": "Service",
+ "name": "${NAME}"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Keeps track of changes in the application image"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Defines how to build the application",
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${NAMESPACE}",
+ "name": "php:7.0"
+ },
+ "env": [
+ {
+ "name": "COMPOSER_MIRROR",
+ "value": "${COMPOSER_MIRROR}"
+ }
+ ]
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange"
+ },
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ }
+ ],
+ "postCommit": {
+ "script": "./lib/Cake/Console/cake test app AllTests"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Defines how to deploy the application server",
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate",
+ "recreateParams": {
+ "pre": {
+ "failurePolicy": "Retry",
+ "execNewPod": {
+ "command": [
+ "./migrate-database.sh"
+ ],
+ "containerName": "cakephp-mysql-example"
+ }
+ }
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "cakephp-mysql-example"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${NAME}",
+ "labels": {
+ "name": "${NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "cakephp-mysql-example",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 8080
+ }
+ ],
+ "readinessProbe": {
+ "timeoutSeconds": 3,
+ "initialDelaySeconds": 3,
+ "httpGet": {
+ "path": "/health.php",
+ "port": 8080
+ }
+ },
+ "livenessProbe": {
+ "timeoutSeconds": 3,
+ "initialDelaySeconds": 30,
+ "httpGet": {
+ "path": "/health.php",
+ "port": 8080
+ }
+ },
+ "env": [
+ {
+ "name": "DATABASE_SERVICE_NAME",
+ "value": "${DATABASE_SERVICE_NAME}"
+ },
+ {
+ "name": "DATABASE_ENGINE",
+ "value": "${DATABASE_ENGINE}"
+ },
+ {
+ "name": "DATABASE_NAME",
+ "value": "${DATABASE_NAME}"
+ },
+ {
+ "name": "DATABASE_USER",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-user"
+ }
+ }
+ },
+ {
+ "name": "DATABASE_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-password"
+ }
+ }
+ },
+ {
+ "name": "CAKEPHP_SECRET_TOKEN",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "cakephp-secret-token"
+ }
+ }
+ },
+ {
+ "name": "CAKEPHP_SECURITY_SALT",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "cakephp-security-salt"
+ }
+ }
+ },
+ {
+ "name": "CAKEPHP_SECURITY_CIPHER_SEED",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "cakephp-security-cipher-seed"
+ }
+ }
+ },
+ {
+ "name": "OPCACHE_REVALIDATE_FREQ",
+ "value": "${OPCACHE_REVALIDATE_FREQ}"
+ }
+ ],
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_LIMIT}"
+ }
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "description": "Exposes the database server"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "mysql",
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "description": "Defines how to deploy the database",
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${NAMESPACE}",
+ "name": "mysql:5.7"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "labels": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ }
+ },
+ "spec": {
+ "volumes": [
+ {
+ "name": "data",
+ "emptyDir": {}
+ }
+ ],
+ "containers": [
+ {
+ "name": "mysql",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 3306
+ }
+ ],
+ "volumeMounts": [
+ {
+ "name": "data",
+ "mountPath": "/var/lib/mysql/data"
+ }
+ ],
+ "readinessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 5,
+ "exec": {
+ "command": [ "/bin/sh", "-i", "-c", "MYSQL_PWD='${DATABASE_PASSWORD}' mysql -h 127.0.0.1 -u ${DATABASE_USER} -D ${DATABASE_NAME} -e 'SELECT 1'" ]
+ }
+ },
+ "livenessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 30,
+ "tcpSocket": {
+ "port": 3306
+ }
+ },
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-user"
+ }
+ }
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-password"
+ }
+ }
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DATABASE_NAME}"
+ }
+ ],
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_MYSQL_LIMIT}"
+ }
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ],
+ "parameters": [
+ {
+ "name": "NAME",
+ "displayName": "Name",
+ "description": "The name assigned to all of the frontend objects defined in this template.",
+ "required": true,
+ "value": "cakephp-mysql-example"
+ },
+ {
+ "name": "NAMESPACE",
+ "displayName": "Namespace",
+ "description": "The OpenShift Namespace where the ImageStream resides.",
+ "required": true,
+ "value": "openshift"
+ },
+ {
+ "name": "MEMORY_LIMIT",
+ "displayName": "Memory Limit",
+ "description": "Maximum amount of memory the CakePHP container can use.",
+ "required": true,
+ "value": "512Mi"
+ },
+ {
+ "name": "MEMORY_MYSQL_LIMIT",
+ "displayName": "Memory Limit (MySQL)",
+ "description": "Maximum amount of memory the MySQL container can use.",
+ "required": true,
+ "value": "512Mi"
+ },
+ {
+ "name": "SOURCE_REPOSITORY_URL",
+ "displayName": "Git Repository URL",
+ "description": "The URL of the repository with your application source code.",
+ "required": true,
+ "value": "https://github.com/openshift/cakephp-ex.git"
+ },
+ {
+ "name": "SOURCE_REPOSITORY_REF",
+ "displayName": "Git Reference",
+ "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch."
+ },
+ {
+ "name": "CONTEXT_DIR",
+ "displayName": "Context Directory",
+ "description": "Set this to the relative path to your project if it is not in the root of your repository."
+ },
+ {
+ "name": "APPLICATION_DOMAIN",
+ "displayName": "Application Hostname",
+ "description": "The exposed hostname that will route to the CakePHP service, if left blank a value will be defaulted.",
+ "value": ""
+ },
+ {
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "displayName": "GitHub Webhook Secret",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{40}"
+ },
+ {
+ "name": "DATABASE_SERVICE_NAME",
+ "displayName": "Database Service Name",
+ "required": true,
+ "value": "mysql"
+ },
+ {
+ "name": "DATABASE_ENGINE",
+ "displayName": "Database Engine",
+ "description": "Database engine: postgresql, mysql or sqlite (default).",
+ "required": true,
+ "value": "mysql"
+ },
+ {
+ "name": "DATABASE_NAME",
+ "displayName": "Database Name",
+ "required": true,
+ "value": "default"
+ },
+ {
+ "name": "DATABASE_USER",
+ "displayName": "Database User",
+ "required": true,
+ "value": "cakephp"
+ },
+ {
+ "name": "DATABASE_PASSWORD",
+ "displayName": "Database Password",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{16}"
+ },
+ {
+ "name": "CAKEPHP_SECRET_TOKEN",
+ "displayName": "CakePHP secret token",
+ "description": "Set this to a long random string.",
+ "generate": "expression",
+ "from": "[\\w]{50}"
+ },
+ {
+ "name": "CAKEPHP_SECURITY_SALT",
+ "displayName": "CakePHP Security Salt",
+ "description": "Security salt for session hash.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{40}"
+ },
+ {
+ "name": "CAKEPHP_SECURITY_CIPHER_SEED",
+ "displayName": "CakePHP Security Cipher Seed",
+ "description": "Security cipher seed for session hash.",
+ "generate": "expression",
+ "from": "[0-9]{30}"
+ },
+ {
+ "name": "OPCACHE_REVALIDATE_FREQ",
+ "displayName": "OPcache Revalidation Frequency",
+ "description": "How often to check script timestamps for updates, in seconds. 0 will result in OPcache checking for updates on every request.",
+ "value": "2"
+ },
+ {
+ "name": "COMPOSER_MIRROR",
+ "displayName": "Custom Composer Mirror URL",
+ "description": "The custom Composer mirror URL",
+ "value": ""
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/quickstart-templates/dancer-mysql-persistent.json b/roles/openshift_examples/files/examples/v3.9/quickstart-templates/dancer-mysql-persistent.json
new file mode 100644
index 000000000..0a10c5fbc
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/quickstart-templates/dancer-mysql-persistent.json
@@ -0,0 +1,530 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "dancer-mysql-persistent",
+ "annotations": {
+ "openshift.io/display-name": "Dancer + MySQL (Persistent)",
+ "description": "An example Dancer application with a MySQL database. For more information about using this template, including OpenShift considerations, see https://github.com/openshift/dancer-ex/blob/master/README.md.",
+ "tags": "quickstart,perl,dancer",
+ "iconClass": "icon-perl",
+ "openshift.io/long-description": "This template defines resources needed to develop a Dancer based application, including a build configuration, application deployment configuration, and database deployment configuration.",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "openshift.io/documentation-url": "https://github.com/openshift/dancer-ex",
+ "openshift.io/support-url": "https://access.redhat.com",
+ "template.openshift.io/bindable": "false"
+ }
+ },
+ "message": "The following service(s) have been created in your project: ${NAME}, ${DATABASE_SERVICE_NAME}.\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/openshift/dancer-ex/blob/master/README.md.",
+ "labels": {
+ "template": "dancer-mysql-persistent"
+ },
+ "objects": [
+ {
+ "kind": "Secret",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}"
+ },
+ "stringData" : {
+ "database-user" : "${DATABASE_USER}",
+ "database-password" : "${DATABASE_PASSWORD}",
+ "keybase" : "${SECRET_KEY_BASE}"
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Exposes and load balances the application pods",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${DATABASE_SERVICE_NAME}\", \"kind\": \"Service\"}]"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "web",
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "name": "${NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}"
+ },
+ "spec": {
+ "host": "${APPLICATION_DOMAIN}",
+ "to": {
+ "kind": "Service",
+ "name": "${NAME}"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Keeps track of changes in the application image"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Defines how to build the application",
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${NAMESPACE}",
+ "name": "perl:5.24"
+ },
+ "env": [
+ {
+ "name": "CPAN_MIRROR",
+ "value": "${CPAN_MIRROR}"
+ }
+ ]
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange"
+ },
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ }
+ ],
+ "postCommit": {
+ "script": "perl -I extlib/lib/perl5 -I lib t/*"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Defines how to deploy the application server",
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "dancer-mysql-persistent"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${NAME}",
+ "labels": {
+ "name": "${NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "dancer-mysql-persistent",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 8080
+ }
+ ],
+ "readinessProbe": {
+ "timeoutSeconds": 3,
+ "initialDelaySeconds": 3,
+ "httpGet": {
+ "path": "/health",
+ "port": 8080
+ }
+ },
+ "livenessProbe": {
+ "timeoutSeconds": 3,
+ "initialDelaySeconds": 30,
+ "httpGet": {
+ "path": "/health",
+ "port": 8080
+ }
+ },
+ "env": [
+ {
+ "name": "DATABASE_SERVICE_NAME",
+ "value": "${DATABASE_SERVICE_NAME}"
+ },
+ {
+ "name": "MYSQL_USER",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-user"
+ }
+ }
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-password"
+ }
+ }
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DATABASE_NAME}"
+ },
+ {
+ "name": "SECRET_KEY_BASE",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "keybase"
+ }
+ }
+ },
+ {
+ "name": "PERL_APACHE2_RELOAD",
+ "value": "${PERL_APACHE2_RELOAD}"
+ }
+ ],
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_LIMIT}"
+ }
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "PersistentVolumeClaim",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "description": "Exposes the database server"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "mysql",
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "description": "Defines how to deploy the database",
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${NAMESPACE}",
+ "name": "mysql:5.7"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "labels": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ }
+ },
+ "spec": {
+ "volumes": [
+ {
+ "name": "${DATABASE_SERVICE_NAME}-data",
+ "persistentVolumeClaim": {
+ "claimName": "${DATABASE_SERVICE_NAME}"
+ }
+ }
+ ],
+ "containers": [
+ {
+ "name": "mysql",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 3306
+ }
+ ],
+ "volumeMounts": [
+ {
+ "name": "${DATABASE_SERVICE_NAME}-data",
+ "mountPath": "/var/lib/mysql/data"
+ }
+ ],
+ "readinessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 5,
+ "exec": {
+ "command": [ "/bin/sh", "-i", "-c", "MYSQL_PWD='${DATABASE_PASSWORD}' mysql -h 127.0.0.1 -u ${DATABASE_USER} -D ${DATABASE_NAME} -e 'SELECT 1'" ]
+ }
+ },
+ "livenessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 30,
+ "tcpSocket": {
+ "port": 3306
+ }
+ },
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-user"
+ }
+ }
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-password"
+ }
+ }
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DATABASE_NAME}"
+ }
+ ],
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_MYSQL_LIMIT}"
+ }
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ],
+ "parameters": [
+ {
+ "name": "NAME",
+ "displayName": "Name",
+ "description": "The name assigned to all of the frontend objects defined in this template.",
+ "required": true,
+ "value": "dancer-mysql-persistent"
+ },
+ {
+ "name": "NAMESPACE",
+ "displayName": "Namespace",
+ "description": "The OpenShift Namespace where the ImageStream resides.",
+ "required": true,
+ "value": "openshift"
+ },
+ {
+ "name": "MEMORY_LIMIT",
+ "displayName": "Memory Limit",
+ "description": "Maximum amount of memory the Perl Dancer container can use.",
+ "required": true,
+ "value": "512Mi"
+ },
+ {
+ "name": "MEMORY_MYSQL_LIMIT",
+ "displayName": "Memory Limit (MySQL)",
+ "description": "Maximum amount of memory the MySQL container can use.",
+ "required": true,
+ "value": "512Mi"
+ },
+ {
+ "name": "VOLUME_CAPACITY",
+ "displayName": "Volume Capacity",
+ "description": "Volume space available for data, e.g. 512Mi, 2Gi",
+ "value": "1Gi",
+ "required": true
+ },
+ {
+ "name": "SOURCE_REPOSITORY_URL",
+ "displayName": "Git Repository URL",
+ "description": "The URL of the repository with your application source code.",
+ "required": true,
+ "value": "https://github.com/openshift/dancer-ex.git"
+ },
+ {
+ "name": "SOURCE_REPOSITORY_REF",
+ "displayName": "Git Reference",
+ "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch."
+ },
+ {
+ "name": "CONTEXT_DIR",
+ "displayName": "Context Directory",
+ "description": "Set this to the relative path to your project if it is not in the root of your repository."
+ },
+ {
+ "name": "APPLICATION_DOMAIN",
+ "displayName": "Application Hostname",
+ "description": "The exposed hostname that will route to the Dancer service, if left blank a value will be defaulted.",
+ "value": ""
+ },
+ {
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "displayName": "GitHub Webhook Secret",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{40}"
+ },
+ {
+ "name": "DATABASE_SERVICE_NAME",
+ "displayName": "Database Service Name",
+ "required": true,
+ "value": "database"
+ },
+ {
+ "name": "DATABASE_USER",
+ "displayName": "Database Username",
+ "generate": "expression",
+ "from": "user[A-Z0-9]{3}"
+ },
+ {
+ "name": "DATABASE_PASSWORD",
+ "displayName": "Database Password",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{8}"
+ },
+ {
+ "name": "DATABASE_NAME",
+ "displayName": "Database Name",
+ "required": true,
+ "value": "sampledb"
+ },
+ {
+ "name": "PERL_APACHE2_RELOAD",
+ "displayName": "Perl Module Reload",
+ "description": "Set this to \"true\" to enable automatic reloading of modified Perl modules.",
+ "value": ""
+ },
+ {
+ "name": "SECRET_KEY_BASE",
+ "displayName": "Secret Key",
+ "description": "Your secret key for verifying the integrity of signed cookies.",
+ "generate": "expression",
+ "from": "[a-z0-9]{127}"
+ },
+ {
+ "name": "CPAN_MIRROR",
+ "displayName": "Custom CPAN Mirror URL",
+ "description": "The custom CPAN mirror URL",
+ "value": ""
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/quickstart-templates/dancer-mysql.json b/roles/openshift_examples/files/examples/v3.9/quickstart-templates/dancer-mysql.json
new file mode 100644
index 000000000..6122d5436
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/quickstart-templates/dancer-mysql.json
@@ -0,0 +1,504 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "dancer-mysql-example",
+ "annotations": {
+ "openshift.io/display-name": "Dancer + MySQL (Ephemeral)",
+ "description": "An example Dancer application with a MySQL database. For more information about using this template, including OpenShift considerations, see https://github.com/openshift/dancer-ex/blob/master/README.md.\n\nWARNING: Any data stored will be lost upon pod destruction. Only use this template for testing.",
+ "tags": "quickstart,perl,dancer",
+ "iconClass": "icon-perl",
+ "openshift.io/long-description": "This template defines resources needed to develop a Dancer based application, including a build configuration, application deployment configuration, and database deployment configuration. The database is stored in non-persistent storage, so this configuration should be used for experimental purposes only.",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "openshift.io/documentation-url": "https://github.com/openshift/dancer-ex",
+ "openshift.io/support-url": "https://access.redhat.com",
+ "template.openshift.io/bindable": "false"
+ }
+ },
+ "message": "The following service(s) have been created in your project: ${NAME}, ${DATABASE_SERVICE_NAME}.\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/openshift/dancer-ex/blob/master/README.md.",
+ "labels": {
+ "template": "dancer-mysql-example"
+ },
+ "objects": [
+ {
+ "kind": "Secret",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}"
+ },
+ "stringData" : {
+ "database-user" : "${DATABASE_USER}",
+ "database-password" : "${DATABASE_PASSWORD}",
+ "keybase" : "${SECRET_KEY_BASE}"
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Exposes and load balances the application pods",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${DATABASE_SERVICE_NAME}\", \"kind\": \"Service\"}]"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "web",
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "name": "${NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}"
+ },
+ "spec": {
+ "host": "${APPLICATION_DOMAIN}",
+ "to": {
+ "kind": "Service",
+ "name": "${NAME}"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Keeps track of changes in the application image"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Defines how to build the application",
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${NAMESPACE}",
+ "name": "perl:5.24"
+ },
+ "env": [
+ {
+ "name": "CPAN_MIRROR",
+ "value": "${CPAN_MIRROR}"
+ }
+ ]
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange"
+ },
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ }
+ ],
+ "postCommit": {
+ "script": "perl -I extlib/lib/perl5 -I lib t/*"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Defines how to deploy the application server",
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "dancer-mysql-example"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${NAME}",
+ "labels": {
+ "name": "${NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "dancer-mysql-example",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 8080
+ }
+ ],
+ "readinessProbe": {
+ "timeoutSeconds": 3,
+ "initialDelaySeconds": 3,
+ "httpGet": {
+ "path": "/health",
+ "port": 8080
+ }
+ },
+ "livenessProbe": {
+ "timeoutSeconds": 3,
+ "initialDelaySeconds": 30,
+ "httpGet": {
+ "path": "/health",
+ "port": 8080
+ }
+ },
+ "env": [
+ {
+ "name": "DATABASE_SERVICE_NAME",
+ "value": "${DATABASE_SERVICE_NAME}"
+ },
+ {
+ "name": "MYSQL_USER",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-user"
+ }
+ }
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-password"
+ }
+ }
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DATABASE_NAME}"
+ },
+ {
+ "name": "SECRET_KEY_BASE",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "keybase"
+ }
+ }
+ },
+ {
+ "name": "PERL_APACHE2_RELOAD",
+ "value": "${PERL_APACHE2_RELOAD}"
+ }
+ ],
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_LIMIT}"
+ }
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "description": "Exposes the database server"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "mysql",
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "description": "Defines how to deploy the database",
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${NAMESPACE}",
+ "name": "mysql:5.7"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "labels": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ }
+ },
+ "spec": {
+ "volumes": [
+ {
+ "name": "data",
+ "emptyDir": {}
+ }
+ ],
+ "containers": [
+ {
+ "name": "mysql",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 3306
+ }
+ ],
+ "volumeMounts": [
+ {
+ "name": "data",
+ "mountPath": "/var/lib/mysql/data"
+ }
+ ],
+ "readinessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 5,
+ "exec": {
+ "command": [ "/bin/sh", "-i", "-c", "MYSQL_PWD='${DATABASE_PASSWORD}' mysql -h 127.0.0.1 -u ${DATABASE_USER} -D ${DATABASE_NAME} -e 'SELECT 1'" ]
+ }
+ },
+ "livenessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 30,
+ "tcpSocket": {
+ "port": 3306
+ }
+ },
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-user"
+ }
+ }
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-password"
+ }
+ }
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DATABASE_NAME}"
+ }
+ ],
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_MYSQL_LIMIT}"
+ }
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ],
+ "parameters": [
+ {
+ "name": "NAME",
+ "displayName": "Name",
+ "description": "The name assigned to all of the frontend objects defined in this template.",
+ "required": true,
+ "value": "dancer-mysql-example"
+ },
+ {
+ "name": "NAMESPACE",
+ "displayName": "Namespace",
+ "description": "The OpenShift Namespace where the ImageStream resides.",
+ "required": true,
+ "value": "openshift"
+ },
+ {
+ "name": "MEMORY_LIMIT",
+ "displayName": "Memory Limit",
+ "description": "Maximum amount of memory the Perl Dancer container can use.",
+ "required": true,
+ "value": "512Mi"
+ },
+ {
+ "name": "MEMORY_MYSQL_LIMIT",
+ "displayName": "Memory Limit (MySQL)",
+ "description": "Maximum amount of memory the MySQL container can use.",
+ "required": true,
+ "value": "512Mi"
+ },
+ {
+ "name": "SOURCE_REPOSITORY_URL",
+ "displayName": "Git Repository URL",
+ "description": "The URL of the repository with your application source code.",
+ "required": true,
+ "value": "https://github.com/openshift/dancer-ex.git"
+ },
+ {
+ "name": "SOURCE_REPOSITORY_REF",
+ "displayName": "Git Reference",
+ "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch."
+ },
+ {
+ "name": "CONTEXT_DIR",
+ "displayName": "Context Directory",
+ "description": "Set this to the relative path to your project if it is not in the root of your repository."
+ },
+ {
+ "name": "APPLICATION_DOMAIN",
+ "displayName": "Application Hostname",
+ "description": "The exposed hostname that will route to the Dancer service, if left blank a value will be defaulted.",
+ "value": ""
+ },
+ {
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "displayName": "GitHub Webhook Secret",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{40}"
+ },
+ {
+ "name": "DATABASE_SERVICE_NAME",
+ "displayName": "Database Service Name",
+ "required": true,
+ "value": "database"
+ },
+ {
+ "name": "DATABASE_USER",
+ "displayName": "Database Username",
+ "generate": "expression",
+ "from": "user[A-Z0-9]{3}"
+ },
+ {
+ "name": "DATABASE_PASSWORD",
+ "displayName": "Database Password",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{8}"
+ },
+ {
+ "name": "DATABASE_NAME",
+ "displayName": "Database Name",
+ "required": true,
+ "value": "sampledb"
+ },
+ {
+ "name": "PERL_APACHE2_RELOAD",
+ "displayName": "Perl Module Reload",
+ "description": "Set this to \"true\" to enable automatic reloading of modified Perl modules.",
+ "value": ""
+ },
+ {
+ "name": "SECRET_KEY_BASE",
+ "displayName": "Secret Key",
+ "description": "Your secret key for verifying the integrity of signed cookies.",
+ "generate": "expression",
+ "from": "[a-z0-9]{127}"
+ },
+ {
+ "name": "CPAN_MIRROR",
+ "displayName": "Custom CPAN Mirror URL",
+ "description": "The custom CPAN mirror URL",
+ "value": ""
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/quickstart-templates/django-postgresql-persistent.json b/roles/openshift_examples/files/examples/v3.9/quickstart-templates/django-postgresql-persistent.json
new file mode 100644
index 000000000..f3b5838fa
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/quickstart-templates/django-postgresql-persistent.json
@@ -0,0 +1,540 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "django-psql-persistent",
+ "annotations": {
+ "openshift.io/display-name": "Django + PostgreSQL (Persistent)",
+ "description": "An example Django application with a PostgreSQL database. For more information about using this template, including OpenShift considerations, see https://github.com/openshift/django-ex/blob/master/README.md.",
+ "tags": "quickstart,python,django",
+ "iconClass": "icon-python",
+ "openshift.io/long-description": "This template defines resources needed to develop a Django based application, including a build configuration, application deployment configuration, and database deployment configuration.",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "openshift.io/documentation-url": "https://github.com/openshift/django-ex",
+ "openshift.io/support-url": "https://access.redhat.com",
+ "template.openshift.io/bindable": "false"
+ }
+ },
+ "message": "The following service(s) have been created in your project: ${NAME}, ${DATABASE_SERVICE_NAME}.\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/openshift/django-ex/blob/master/README.md.",
+ "labels": {
+ "template": "django-psql-persistent"
+ },
+ "objects": [
+ {
+ "kind": "Secret",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}"
+ },
+ "stringData" : {
+ "database-user" : "${DATABASE_USER}",
+ "database-password" : "${DATABASE_PASSWORD}",
+ "django-secret-key" : "${DJANGO_SECRET_KEY}"
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Exposes and load balances the application pods",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${DATABASE_SERVICE_NAME}\", \"kind\": \"Service\"}]"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "web",
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "name": "${NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}"
+ },
+ "spec": {
+ "host": "${APPLICATION_DOMAIN}",
+ "to": {
+ "kind": "Service",
+ "name": "${NAME}"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Keeps track of changes in the application image"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Defines how to build the application",
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${NAMESPACE}",
+ "name": "python:3.5"
+ },
+ "env": [
+ {
+ "name": "PIP_INDEX_URL",
+ "value": "${PIP_INDEX_URL}"
+ }
+ ]
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange"
+ },
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ }
+ ],
+ "postCommit": {
+ "script": "./manage.py test"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Defines how to deploy the application server",
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "django-psql-persistent"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${NAME}",
+ "labels": {
+ "name": "${NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "django-psql-persistent",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 8080
+ }
+ ],
+ "readinessProbe": {
+ "timeoutSeconds": 3,
+ "initialDelaySeconds": 3,
+ "httpGet": {
+ "path": "/health",
+ "port": 8080
+ }
+ },
+ "livenessProbe": {
+ "timeoutSeconds": 3,
+ "initialDelaySeconds": 30,
+ "httpGet": {
+ "path": "/health",
+ "port": 8080
+ }
+ },
+ "env": [
+ {
+ "name": "DATABASE_SERVICE_NAME",
+ "value": "${DATABASE_SERVICE_NAME}"
+ },
+ {
+ "name": "DATABASE_ENGINE",
+ "value": "${DATABASE_ENGINE}"
+ },
+ {
+ "name": "DATABASE_NAME",
+ "value": "${DATABASE_NAME}"
+ },
+ {
+ "name": "DATABASE_USER",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-user"
+ }
+ }
+ },
+ {
+ "name": "DATABASE_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-password"
+ }
+ }
+ },
+ {
+ "name": "APP_CONFIG",
+ "value": "${APP_CONFIG}"
+ },
+ {
+ "name": "DJANGO_SECRET_KEY",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "django-secret-key"
+ }
+ }
+ }
+ ],
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_LIMIT}"
+ }
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "PersistentVolumeClaim",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "description": "Exposes the database server"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "postgresql",
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "description": "Defines how to deploy the database",
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${NAMESPACE}",
+ "name": "postgresql:9.5"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "labels": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ }
+ },
+ "spec": {
+ "volumes": [
+ {
+ "name": "${DATABASE_SERVICE_NAME}-data",
+ "persistentVolumeClaim": {
+ "claimName": "${DATABASE_SERVICE_NAME}"
+ }
+ }
+ ],
+ "containers": [
+ {
+ "name": "postgresql",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 5432
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-user"
+ }
+ }
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-password"
+ }
+ }
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DATABASE_NAME}"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "name": "${DATABASE_SERVICE_NAME}-data",
+ "mountPath": "/var/lib/pgsql/data"
+ }
+ ],
+ "readinessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 5,
+ "exec": {
+ "command": [ "/bin/sh", "-i", "-c", "psql -h 127.0.0.1 -U ${POSTGRESQL_USER} -q -d ${POSTGRESQL_DATABASE} -c 'SELECT 1'"]
+ }
+ },
+ "livenessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 30,
+ "tcpSocket": {
+ "port": 5432
+ }
+ },
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_POSTGRESQL_LIMIT}"
+ }
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ],
+ "parameters": [
+ {
+ "name": "NAME",
+ "displayName": "Name",
+ "description": "The name assigned to all of the frontend objects defined in this template.",
+ "required": true,
+ "value": "django-psql-persistent"
+ },
+ {
+ "name": "NAMESPACE",
+ "displayName": "Namespace",
+ "required": true,
+ "description": "The OpenShift Namespace where the ImageStream resides.",
+ "value": "openshift"
+ },
+ {
+ "name": "MEMORY_LIMIT",
+ "displayName": "Memory Limit",
+ "required": true,
+ "description": "Maximum amount of memory the Django container can use.",
+ "value": "512Mi"
+ },
+ {
+ "name": "MEMORY_POSTGRESQL_LIMIT",
+ "displayName": "Memory Limit (PostgreSQL)",
+ "required": true,
+ "description": "Maximum amount of memory the PostgreSQL container can use.",
+ "value": "512Mi"
+ },
+ {
+ "name": "VOLUME_CAPACITY",
+ "displayName": "Volume Capacity",
+ "description": "Volume space available for data, e.g. 512Mi, 2Gi",
+ "value": "1Gi",
+ "required": true
+ },
+ {
+ "name": "SOURCE_REPOSITORY_URL",
+ "displayName": "Git Repository URL",
+ "required": true,
+ "description": "The URL of the repository with your application source code.",
+ "value": "https://github.com/openshift/django-ex.git"
+ },
+ {
+ "name": "SOURCE_REPOSITORY_REF",
+ "displayName": "Git Reference",
+ "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch."
+ },
+ {
+ "name": "CONTEXT_DIR",
+ "displayName": "Context Directory",
+ "description": "Set this to the relative path to your project if it is not in the root of your repository."
+ },
+ {
+ "name": "APPLICATION_DOMAIN",
+ "displayName": "Application Hostname",
+ "description": "The exposed hostname that will route to the Django service, if left blank a value will be defaulted.",
+ "value": ""
+ },
+ {
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "displayName": "GitHub Webhook Secret",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{40}"
+ },
+ {
+ "name": "DATABASE_SERVICE_NAME",
+ "displayName": "Database Service Name",
+ "required": true,
+ "value": "postgresql"
+ },
+ {
+ "name": "DATABASE_ENGINE",
+ "displayName": "Database Engine",
+ "required": true,
+ "description": "Database engine: postgresql, mysql or sqlite (default).",
+ "value": "postgresql"
+ },
+ {
+ "name": "DATABASE_NAME",
+ "displayName": "Database Name",
+ "required": true,
+ "value": "default"
+ },
+ {
+ "name": "DATABASE_USER",
+ "displayName": "Database Username",
+ "required": true,
+ "value": "django"
+ },
+ {
+ "name": "DATABASE_PASSWORD",
+ "displayName": "Database User Password",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{16}"
+ },
+ {
+ "name": "APP_CONFIG",
+ "displayName": "Application Configuration File Path",
+ "description": "Relative path to Gunicorn configuration file (optional)."
+ },
+ {
+ "name": "DJANGO_SECRET_KEY",
+ "displayName": "Django Secret Key",
+ "description": "Set this to a long random string.",
+ "generate": "expression",
+ "from": "[\\w]{50}"
+ },
+ {
+ "name": "PIP_INDEX_URL",
+ "displayName": "Custom PyPi Index URL",
+ "description": "The custom PyPi index URL",
+ "value": ""
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/quickstart-templates/django-postgresql.json b/roles/openshift_examples/files/examples/v3.9/quickstart-templates/django-postgresql.json
new file mode 100644
index 000000000..b21295df2
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/quickstart-templates/django-postgresql.json
@@ -0,0 +1,514 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "django-psql-example",
+ "annotations": {
+ "openshift.io/display-name": "Django + PostgreSQL (Ephemeral)",
+ "description": "An example Django application with a PostgreSQL database. For more information about using this template, including OpenShift considerations, see https://github.com/openshift/django-ex/blob/master/README.md.\n\nWARNING: Any data stored will be lost upon pod destruction. Only use this template for testing.",
+ "tags": "quickstart,python,django",
+ "iconClass": "icon-python",
+ "openshift.io/long-description": "This template defines resources needed to develop a Django based application, including a build configuration, application deployment configuration, and database deployment configuration. The database is stored in non-persistent storage, so this configuration should be used for experimental purposes only.",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "openshift.io/documentation-url": "https://github.com/openshift/django-ex",
+ "openshift.io/support-url": "https://access.redhat.com",
+ "template.openshift.io/bindable": "false"
+ }
+ },
+ "message": "The following service(s) have been created in your project: ${NAME}, ${DATABASE_SERVICE_NAME}.\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/openshift/django-ex/blob/master/README.md.",
+ "labels": {
+ "template": "django-psql-example"
+ },
+ "objects": [
+ {
+ "kind": "Secret",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}"
+ },
+ "stringData" : {
+ "database-user" : "${DATABASE_USER}",
+ "database-password" : "${DATABASE_PASSWORD}",
+ "django-secret-key" : "${DJANGO_SECRET_KEY}"
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Exposes and load balances the application pods",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${DATABASE_SERVICE_NAME}\", \"kind\": \"Service\"}]"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "web",
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "name": "${NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}"
+ },
+ "spec": {
+ "host": "${APPLICATION_DOMAIN}",
+ "to": {
+ "kind": "Service",
+ "name": "${NAME}"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Keeps track of changes in the application image"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Defines how to build the application",
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${NAMESPACE}",
+ "name": "python:3.5"
+ },
+ "env": [
+ {
+ "name": "PIP_INDEX_URL",
+ "value": "${PIP_INDEX_URL}"
+ }
+ ]
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange"
+ },
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ }
+ ],
+ "postCommit": {
+ "script": "./manage.py test"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Defines how to deploy the application server",
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "django-psql-example"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${NAME}",
+ "labels": {
+ "name": "${NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "django-psql-example",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 8080
+ }
+ ],
+ "readinessProbe": {
+ "timeoutSeconds": 3,
+ "initialDelaySeconds": 3,
+ "httpGet": {
+ "path": "/health",
+ "port": 8080
+ }
+ },
+ "livenessProbe": {
+ "timeoutSeconds": 3,
+ "initialDelaySeconds": 30,
+ "httpGet": {
+ "path": "/health",
+ "port": 8080
+ }
+ },
+ "env": [
+ {
+ "name": "DATABASE_SERVICE_NAME",
+ "value": "${DATABASE_SERVICE_NAME}"
+ },
+ {
+ "name": "DATABASE_ENGINE",
+ "value": "${DATABASE_ENGINE}"
+ },
+ {
+ "name": "DATABASE_NAME",
+ "value": "${DATABASE_NAME}"
+ },
+ {
+ "name": "DATABASE_USER",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-user"
+ }
+ }
+ },
+ {
+ "name": "DATABASE_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-password"
+ }
+ }
+ },
+ {
+ "name": "APP_CONFIG",
+ "value": "${APP_CONFIG}"
+ },
+ {
+ "name": "DJANGO_SECRET_KEY",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "django-secret-key"
+ }
+ }
+ }
+ ],
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_LIMIT}"
+ }
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "description": "Exposes the database server"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "postgresql",
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "description": "Defines how to deploy the database",
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${NAMESPACE}",
+ "name": "postgresql:9.5"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "labels": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ }
+ },
+ "spec": {
+ "volumes": [
+ {
+ "name": "data",
+ "emptyDir": {}
+ }
+ ],
+ "containers": [
+ {
+ "name": "postgresql",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 5432
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-user"
+ }
+ }
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-password"
+ }
+ }
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DATABASE_NAME}"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "name": "data",
+ "mountPath": "/var/lib/pgsql/data"
+ }
+ ],
+ "readinessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 5,
+ "exec": {
+ "command": [ "/bin/sh", "-i", "-c", "psql -h 127.0.0.1 -U ${POSTGRESQL_USER} -q -d ${POSTGRESQL_DATABASE} -c 'SELECT 1'"]
+ }
+ },
+ "livenessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 30,
+ "tcpSocket": {
+ "port": 5432
+ }
+ },
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_POSTGRESQL_LIMIT}"
+ }
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ],
+ "parameters": [
+ {
+ "name": "NAME",
+ "displayName": "Name",
+ "description": "The name assigned to all of the frontend objects defined in this template.",
+ "required": true,
+ "value": "django-psql-example"
+ },
+ {
+ "name": "NAMESPACE",
+ "displayName": "Namespace",
+ "required": true,
+ "description": "The OpenShift Namespace where the ImageStream resides.",
+ "value": "openshift"
+ },
+ {
+ "name": "MEMORY_LIMIT",
+ "displayName": "Memory Limit",
+ "required": true,
+ "description": "Maximum amount of memory the Django container can use.",
+ "value": "512Mi"
+ },
+ {
+ "name": "MEMORY_POSTGRESQL_LIMIT",
+ "displayName": "Memory Limit (PostgreSQL)",
+ "required": true,
+ "description": "Maximum amount of memory the PostgreSQL container can use.",
+ "value": "512Mi"
+ },
+ {
+ "name": "SOURCE_REPOSITORY_URL",
+ "displayName": "Git Repository URL",
+ "required": true,
+ "description": "The URL of the repository with your application source code.",
+ "value": "https://github.com/openshift/django-ex.git"
+ },
+ {
+ "name": "SOURCE_REPOSITORY_REF",
+ "displayName": "Git Reference",
+ "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch."
+ },
+ {
+ "name": "CONTEXT_DIR",
+ "displayName": "Context Directory",
+ "description": "Set this to the relative path to your project if it is not in the root of your repository."
+ },
+ {
+ "name": "APPLICATION_DOMAIN",
+ "displayName": "Application Hostname",
+ "description": "The exposed hostname that will route to the Django service, if left blank a value will be defaulted.",
+ "value": ""
+ },
+ {
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "displayName": "GitHub Webhook Secret",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{40}"
+ },
+ {
+ "name": "DATABASE_SERVICE_NAME",
+ "displayName": "Database Service Name",
+ "required": true,
+ "value": "postgresql"
+ },
+ {
+ "name": "DATABASE_ENGINE",
+ "displayName": "Database Engine",
+ "required": true,
+ "description": "Database engine: postgresql, mysql or sqlite (default).",
+ "value": "postgresql"
+ },
+ {
+ "name": "DATABASE_NAME",
+ "displayName": "Database Name",
+ "required": true,
+ "value": "default"
+ },
+ {
+ "name": "DATABASE_USER",
+ "displayName": "Database Username",
+ "required": true,
+ "value": "django"
+ },
+ {
+ "name": "DATABASE_PASSWORD",
+ "displayName": "Database User Password",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{16}"
+ },
+ {
+ "name": "APP_CONFIG",
+ "displayName": "Application Configuration File Path",
+ "description": "Relative path to Gunicorn configuration file (optional)."
+ },
+ {
+ "name": "DJANGO_SECRET_KEY",
+ "displayName": "Django Secret Key",
+ "description": "Set this to a long random string.",
+ "generate": "expression",
+ "from": "[\\w]{50}"
+ },
+ {
+ "name": "PIP_INDEX_URL",
+ "displayName": "Custom PyPi Index URL",
+ "description": "The custom PyPi index URL",
+ "value": ""
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/quickstart-templates/dotnet-example.json b/roles/openshift_examples/files/examples/v3.9/quickstart-templates/dotnet-example.json
new file mode 100644
index 000000000..f1fef3093
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/quickstart-templates/dotnet-example.json
@@ -0,0 +1,333 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "dotnet-example",
+ "annotations": {
+ "openshift.io/display-name": ".NET Core Example",
+ "description": "An example .NET Core application.",
+ "tags": "quickstart,dotnet,.net",
+ "iconClass": "icon-dotnet",
+ "template.openshift.io/provider-display-name": "Red Hat, Inc.",
+ "template.openshift.io/documentation-url": "https://github.com/redhat-developer/s2i-dotnetcore",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ }
+ },
+ "objects": [
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}"
+ },
+ "spec": {
+ "host": "${APPLICATION_DOMAIN}",
+ "to": {
+ "kind": "Service",
+ "name": "${NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Exposes and load balances the application pods"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "web",
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "name": "${NAME}"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Keeps track of changes in the application image"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Defines how to build the application"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${NAMESPACE}",
+ "name": "${DOTNET_IMAGE_STREAM_TAG}"
+ },
+ "env": [
+ {
+ "name": "DOTNET_STARTUP_PROJECT",
+ "value": "${DOTNET_STARTUP_PROJECT}"
+ },
+ {
+ "name": "DOTNET_ASSEMBLY_NAME",
+ "value": "${DOTNET_ASSEMBLY_NAME}"
+ },
+ {
+ "name": "DOTNET_NPM_TOOLS",
+ "value": "${DOTNET_NPM_TOOLS}"
+ },
+ {
+ "name": "DOTNET_TEST_PROJECTS",
+ "value": "${DOTNET_TEST_PROJECTS}"
+ },
+ {
+ "name": "DOTNET_CONFIGURATION",
+ "value": "${DOTNET_CONFIGURATION}"
+ },
+ {
+ "name": "DOTNET_PUBLISH",
+ "value": "true"
+ },
+ {
+ "name": "DOTNET_RESTORE_SOURCES",
+ "value": "${DOTNET_RESTORE_SOURCES}"
+ }
+ ]
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange"
+ },
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Defines how to deploy the application server"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Rolling"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "dotnet-app"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${NAME}",
+ "labels": {
+ "name": "${NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "dotnet-app",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 8080
+ }
+ ],
+ "livenessProbe": {
+ "httpGet": {
+ "path": "/",
+ "port": 8080,
+ "scheme": "HTTP"
+ },
+ "initialDelaySeconds": 40,
+ "timeoutSeconds": 15
+ },
+ "readinessProbe": {
+ "httpGet": {
+ "path": "/",
+ "port": 8080,
+ "scheme": "HTTP"
+ },
+ "initialDelaySeconds": 10,
+ "timeoutSeconds": 30
+ },
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_LIMIT}"
+ }
+ },
+ "env": []
+ }
+ ]
+ }
+ }
+ }
+ }
+ ],
+ "parameters": [
+ {
+ "name": "NAME",
+ "displayName": "Name",
+ "description": "The name assigned to all of the frontend objects defined in this template.",
+ "required": true,
+ "value": "dotnet-example"
+ },
+ {
+ "name": "MEMORY_LIMIT",
+ "displayName": "Memory Limit",
+ "description": "Maximum amount of memory the container can use.",
+ "required": true,
+ "value": "512Mi"
+ },
+ {
+ "name": "DOTNET_IMAGE_STREAM_TAG",
+ "displayName": ".NET builder",
+ "required": true,
+ "description": "The image stream tag which is used to build the code.",
+ "value": "dotnet:2.0"
+ },
+ {
+ "name": "NAMESPACE",
+ "displayName": "Namespace",
+ "description": "The OpenShift Namespace where the ImageStream resides.",
+ "required": true,
+ "value": "openshift"
+ },
+ {
+ "name": "SOURCE_REPOSITORY_URL",
+ "displayName": "Git Repository URL",
+ "description": "The URL of the repository with your application source code.",
+ "required": true,
+ "value": "https://github.com/redhat-developer/s2i-dotnetcore-ex.git"
+ },
+ {
+ "name": "SOURCE_REPOSITORY_REF",
+ "displayName": "Git Reference",
+ "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch.",
+ "value": "dotnetcore-2.0"
+ },
+ {
+ "name": "CONTEXT_DIR",
+ "displayName": "Context Directory",
+ "description": "Set this to use a subdirectory of the source code repository"
+ },
+ {
+ "name": "APPLICATION_DOMAIN",
+ "displayName": "Application Hostname",
+ "description": "The exposed hostname that will route to the .NET Core service, if left blank a value will be defaulted.",
+ "value": ""
+ },
+ {
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "displayName": "GitHub Webhook Secret",
+ "description": "A secret string used to configure the GitHub webhook.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{40}"
+ },
+ {
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "displayName": "Generic Webhook Secret",
+ "description": "A secret string used to configure the Generic webhook.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{40}"
+ },
+ {
+ "name": "DOTNET_STARTUP_PROJECT",
+ "displayName": "Startup Project",
+ "description": "Set this to a project file (e.g. csproj) or a folder containing a single project file.",
+ "value": "app"
+ },
+ {
+ "name": "DOTNET_ASSEMBLY_NAME",
+ "displayName": "Startup Assembly",
+ "description": "Set this when the assembly name is overridden in the project file."
+ },
+ {
+ "name": "DOTNET_NPM_TOOLS",
+ "displayName": "Npm Tools",
+ "description": "Set this to a space separated list of npm tools needed to publish.",
+ "value": "bower gulp"
+ },
+ {
+ "name": "DOTNET_TEST_PROJECTS",
+ "displayName": "Test projects",
+ "description": "Set this to a space separated list of test projects to run before publishing."
+ },
+ {
+ "name": "DOTNET_CONFIGURATION",
+ "displayName": "Configuration",
+ "description": "Set this to configuration (Release/Debug).",
+ "value": "Release"
+ },
+ {
+ "name": "DOTNET_RESTORE_SOURCES",
+ "displayName": "NuGet package sources",
+ "description": "Set this to override the NuGet.config sources."
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/quickstart-templates/dotnet-pgsql-persistent.json b/roles/openshift_examples/files/examples/v3.9/quickstart-templates/dotnet-pgsql-persistent.json
new file mode 100644
index 000000000..c83132152
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/quickstart-templates/dotnet-pgsql-persistent.json
@@ -0,0 +1,565 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "dotnet-pgsql-persistent",
+ "annotations": {
+ "openshift.io/display-name": ".NET Core + PostgreSQL (Persistent)",
+ "description": "An example .NET Core application with a PostgreSQL database. For more information about using this template, including OpenShift considerations, see https://github.com/redhat-developer/s2i-dotnetcore.",
+ "tags": "quickstart,dotnet",
+ "iconClass": "icon-dotnet",
+ "template.openshift.io/provider-display-name": "Red Hat, Inc.",
+ "template.openshift.io/documentation-url": "https://github.com/redhat-developer/s2i-dotnetcore",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ }
+ },
+ "message": "The following service(s) have been created in your project: ${NAME}, ${DATABASE_SERVICE_NAME}.\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/redhat-developer/s2i-dotnetcore.",
+ "labels": {
+ "template": "dotnet-pgsql-persistent"
+ },
+ "objects": [
+ {
+ "kind": "Secret",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}"
+ },
+ "stringData": {
+ "database-password": "${DATABASE_PASSWORD}",
+ "connect-string": "Host=${DATABASE_SERVICE_NAME};Database=${DATABASE_NAME};Username=${DATABASE_USER};Password=${DATABASE_PASSWORD}"
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Exposes and load balances the application pods",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${DATABASE_SERVICE_NAME}\", \"kind\": \"Service\"}]"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "web",
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "name": "${NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}"
+ },
+ "spec": {
+ "host": "${APPLICATION_DOMAIN}",
+ "to": {
+ "kind": "Service",
+ "name": "${NAME}"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Keeps track of changes in the application image"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Defines how to build the application"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${NAMESPACE}",
+ "name": "${DOTNET_IMAGE_STREAM_TAG}"
+ },
+ "env": [
+ {
+ "name": "DOTNET_STARTUP_PROJECT",
+ "value": "${DOTNET_STARTUP_PROJECT}"
+ },
+ {
+ "name": "DOTNET_ASSEMBLY_NAME",
+ "value": "${DOTNET_ASSEMBLY_NAME}"
+ },
+ {
+ "name": "DOTNET_NPM_TOOLS",
+ "value": "${DOTNET_NPM_TOOLS}"
+ },
+ {
+ "name": "DOTNET_TEST_PROJECTS",
+ "value": "${DOTNET_TEST_PROJECTS}"
+ },
+ {
+ "name": "DOTNET_CONFIGURATION",
+ "value": "${DOTNET_CONFIGURATION}"
+ },
+ {
+ "name": "DOTNET_PUBLISH",
+ "value": "true"
+ },
+ {
+ "name": "DOTNET_RESTORE_SOURCES",
+ "value": "${DOTNET_RESTORE_SOURCES}"
+ }
+ ]
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange"
+ },
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ }
+ ],
+ "postCommit": {}
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Defines how to deploy the application server"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Rolling",
+ "rollingParams": {
+ "updatePeriodSeconds": 1,
+ "intervalSeconds": 1,
+ "timeoutSeconds": 600,
+ "maxUnavailable": "25%",
+ "maxSurge": "25%"
+ },
+ "resources": {}
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "dotnet-pgsql-persistent"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${NAME}",
+ "labels": {
+ "name": "${NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "dotnet-pgsql-persistent",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 8080
+ }
+ ],
+ "env": [
+ {
+ "name": "ConnectionString",
+ "valueFrom": {
+ "secretKeyRef": {
+ "name": "${NAME}",
+ "key": "connect-string"
+ }
+ }
+ }
+ ],
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_LIMIT}"
+ }
+ },
+ "livenessProbe": {
+ "httpGet": {
+ "path": "/",
+ "port": 8080,
+ "scheme": "HTTP"
+ },
+ "initialDelaySeconds": 40,
+ "timeoutSeconds": 10
+ },
+ "readinessProbe": {
+ "httpGet": {
+ "path": "/",
+ "port": 8080,
+ "scheme": "HTTP"
+ },
+ "initialDelaySeconds": 10,
+ "timeoutSeconds": 30
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "PersistentVolumeClaim",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "description": "Exposes the database server"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "postgresql",
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "description": "Defines how to deploy the database"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "openshift",
+ "name": "postgresql:9.5"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "labels": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ }
+ },
+ "spec": {
+ "volumes": [
+ {
+ "name": "${DATABASE_SERVICE_NAME}-data",
+ "persistentVolumeClaim": {
+ "claimName": "${DATABASE_SERVICE_NAME}"
+ }
+ }
+ ],
+ "containers": [
+ {
+ "name": "postgresql",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 5432
+ }
+ ],
+ "readinessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 5,
+ "exec": {
+ "command": [
+ "/bin/sh",
+ "-i",
+ "-c",
+ "psql -h 127.0.0.1 -U ${POSTGRESQL_USER} -q -d ${POSTGRESQL_DATABASE} -c 'SELECT 1'"
+ ]
+ }
+ },
+ "livenessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 30,
+ "tcpSocket": {
+ "port": 5432
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "${DATABASE_SERVICE_NAME}-data",
+ "mountPath": "/var/lib/pgsql/data"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DATABASE_USER}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef": {
+ "name": "${NAME}",
+ "key": "database-password"
+ }
+ }
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DATABASE_NAME}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ],
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_POSTGRESQL_LIMIT}"
+ }
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ],
+ "parameters": [
+ {
+ "name": "NAME",
+ "displayName": "Name",
+ "description": "The name assigned to all of the frontend objects defined in this template.",
+ "required": true,
+ "value": "musicstore"
+ },
+ {
+ "name": "MEMORY_LIMIT",
+ "displayName": "Memory Limit",
+ "required": true,
+ "description": "Maximum amount of memory the .NET Core container can use.",
+ "value": "512Mi"
+ },
+ {
+ "name": "MEMORY_POSTGRESQL_LIMIT",
+ "displayName": "Memory Limit (PostgreSQL)",
+ "required": true,
+ "description": "Maximum amount of memory the PostgreSQL container can use.",
+ "value": "512Mi"
+ },
+ {
+ "name": "VOLUME_CAPACITY",
+ "displayName": "Volume Capacity",
+ "description": "Volume space available for data, e.g. 512Mi, 2Gi",
+ "value": "1Gi",
+ "required": true
+ },
+ {
+ "name": "DOTNET_IMAGE_STREAM_TAG",
+ "displayName": ".NET builder",
+ "required": true,
+ "description": "The image stream tag which is used to build the code.",
+ "value": "dotnet:2.0"
+ },
+ {
+ "name": "NAMESPACE",
+ "displayName": "Namespace",
+ "required": true,
+ "description": "The OpenShift Namespace where the .NET builder ImageStream resides.",
+ "value": "openshift"
+ },
+ {
+ "name": "SOURCE_REPOSITORY_URL",
+ "displayName": "Git Repository URL",
+ "required": true,
+ "description": "The URL of the repository with your application source code.",
+ "value": "https://github.com/redhat-developer/s2i-aspnet-musicstore-ex.git"
+ },
+ {
+ "name": "SOURCE_REPOSITORY_REF",
+ "displayName": "Git Reference",
+ "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch.",
+ "value": "rel/2.0-example"
+ },
+ {
+ "name": "CONTEXT_DIR",
+ "displayName": "Context Directory",
+ "description": "Set this to the relative path to your project if it is not in the root of your repository."
+ },
+ {
+ "name": "DOTNET_STARTUP_PROJECT",
+ "displayName": "Startup Project",
+ "description": "Set this to a project file (e.g. csproj) or a folder containing a single project file.",
+ "value": "samples/MusicStore"
+ },
+ {
+ "name": "DOTNET_ASSEMBLY_NAME",
+ "displayName": "Startup Assembly",
+ "description": "Set this when the assembly name is overridden in the project file."
+ },
+ {
+ "name": "DOTNET_NPM_TOOLS",
+ "displayName": "Npm Tools",
+ "description": "Set this to a space separated list of npm tools needed to publish."
+ },
+ {
+ "name": "DOTNET_TEST_PROJECTS",
+ "displayName": "Test projects",
+ "description": "Set this to a space separated list of test projects to run before publishing."
+ },
+ {
+ "name": "DOTNET_CONFIGURATION",
+ "displayName": "Configuration",
+ "description": "Set this to configuration (Release/Debug).",
+ "value": "Release"
+ },
+ {
+ "name": "DOTNET_RESTORE_SOURCES",
+ "displayName": "NuGet package sources",
+ "description": "Set this to override the NuGet.config sources."
+ },
+ {
+ "name": "APPLICATION_DOMAIN",
+ "displayName": "Application Hostname",
+ "description": "The exposed hostname that will route to the .NET Core service, if left blank a value will be defaulted.",
+ "value": ""
+ },
+ {
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "displayName": "GitHub Webhook Secret",
+ "description": "A secret string used to configure the GitHub webhook.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{40}"
+ },
+ {
+ "name": "DATABASE_SERVICE_NAME",
+ "required": true,
+ "displayName": "Database Service Name",
+ "value": "postgresql"
+ },
+ {
+ "name": "DATABASE_USER",
+ "displayName": "Database Username",
+ "generate": "expression",
+ "from": "user[A-Z0-9]{3}"
+ },
+ {
+ "name": "DATABASE_PASSWORD",
+ "displayName": "Database Password",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{8}"
+ },
+ {
+ "name": "DATABASE_NAME",
+ "required": true,
+ "displayName": "Database Name",
+ "value": "musicstore"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "displayName": "Maximum Database Connections",
+ "value": "100"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "displayName": "Shared Buffer Amount",
+ "value": "12MB"
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/quickstart-templates/dotnet-runtime-example.json b/roles/openshift_examples/files/examples/v3.9/quickstart-templates/dotnet-runtime-example.json
new file mode 100644
index 000000000..e1dccf290
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/quickstart-templates/dotnet-runtime-example.json
@@ -0,0 +1,412 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "dotnet-runtime-example",
+ "annotations": {
+ "openshift.io/display-name": ".NET Core Runtime Example",
+ "description": "An example .NET Core Runtime example application.",
+ "tags": "quickstart,dotnet,.net",
+ "iconClass": "icon-dotnet",
+ "template.openshift.io/provider-display-name": "Red Hat, Inc.",
+ "template.openshift.io/documentation-url": "https://github.com/redhat-developer/s2i-dotnetcore",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ }
+ },
+ "objects": [
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}"
+ },
+ "spec": {
+ "host": "${APPLICATION_DOMAIN}",
+ "to": {
+ "kind": "Service",
+ "name": "${NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Exposes and load balances the application pods"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "web",
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "name": "${NAME}"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Keeps track of changes in the application runtime image"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}-build",
+ "annotations": {
+ "description": "Keeps track of changes in the application builder image"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}-build",
+ "annotations": {
+ "description": "Defines how to build the application"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${NAMESPACE}",
+ "name": "${DOTNET_BUILD_IMAGE_STREAM_TAG}"
+ },
+ "env": [
+ {
+ "name": "DOTNET_STARTUP_PROJECT",
+ "value": "${DOTNET_STARTUP_PROJECT}"
+ },
+ {
+ "name": "DOTNET_ASSEMBLY_NAME",
+ "value": "${DOTNET_ASSEMBLY_NAME}"
+ },
+ {
+ "name": "DOTNET_NPM_TOOLS",
+ "value": "${DOTNET_NPM_TOOLS}"
+ },
+ {
+ "name": "DOTNET_TEST_PROJECTS",
+ "value": "${DOTNET_TEST_PROJECTS}"
+ },
+ {
+ "name": "DOTNET_CONFIGURATION",
+ "value": "${DOTNET_CONFIGURATION}"
+ },
+ {
+ "name": "DOTNET_RESTORE_SOURCES",
+ "value": "${DOTNET_RESTORE_SOURCES}"
+ },
+ {
+ "name": "DOTNET_PACK",
+ "value": "true"
+ }
+ ]
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${NAME}-build:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange"
+ },
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}-runtime",
+ "annotations": {
+ "description": "Defines how to chain the runtime image from the source build image"
+ }
+ },
+ "spec": {
+ "source": {
+ "dockerfile": "FROM ${DOTNET_RUNTIME_IMAGE_STREAM_TAG}\nADD app.tar.gz .",
+ "images": [
+ {
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${NAME}-build:latest"
+ },
+ "paths": [
+ {
+ "sourcePath": "/opt/app-root/app.tar.gz",
+ "destinationDir": "."
+ }
+ ]
+ }
+ ]
+ },
+ "strategy": {
+ "type": "Docker",
+ "dockerStrategy": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${NAMESPACE}",
+ "name": "${DOTNET_RUNTIME_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange"
+ },
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${NAME}-build:latest"
+ }
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}-runtime",
+ "annotations": {
+ "description": "Defines how to deploy the application server"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Rolling"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "dotnet-runtime-app"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${NAME}",
+ "labels": {
+ "name": "${NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "dotnet-runtime-app",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 8080
+ }
+ ],
+ "livenessProbe": {
+ "httpGet": {
+ "path": "/",
+ "port": 8080,
+ "scheme": "HTTP"
+ },
+ "initialDelaySeconds": 40,
+ "timeoutSeconds": 15
+ },
+ "readinessProbe": {
+ "httpGet": {
+ "path": "/",
+ "port": 8080,
+ "scheme": "HTTP"
+ },
+ "initialDelaySeconds": 10,
+ "timeoutSeconds": 30
+ },
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_LIMIT}"
+ }
+ },
+ "env": []
+ }
+ ]
+ }
+ }
+ }
+ }
+ ],
+ "parameters": [
+ {
+ "name": "NAME",
+ "displayName": "Name",
+ "description": "The name assigned to all of the frontend objects defined in this template.",
+ "required": true,
+ "value": "dotnet-runtime-example"
+ },
+ {
+ "name": "MEMORY_LIMIT",
+ "displayName": "Memory Limit",
+ "description": "Maximum amount of memory the container can use.",
+ "required": true,
+ "value": "512Mi"
+ },
+ {
+ "name": "DOTNET_RUNTIME_IMAGE_STREAM_TAG",
+ "displayName": ".NET Runtime Imagestream Tag",
+ "description": "The image stream tag which is used to run the application.",
+ "required": true,
+ "value": "dotnet-runtime:2.0"
+ },
+ {
+ "name": "DOTNET_BUILD_IMAGE_STREAM_TAG",
+ "displayName": ".NET builder",
+ "required": true,
+ "description": "The image stream tag which is used to build the application.",
+ "value": "dotnet:2.0"
+ },
+ {
+ "name": "NAMESPACE",
+ "displayName": "Namespace",
+ "description": "The OpenShift Namespace where the ImageStream resides.",
+ "required": true,
+ "value": "openshift"
+ },
+ {
+ "name": "APPLICATION_DOMAIN",
+ "displayName": "Application Hostname",
+ "description": "The exposed hostname that will route to the .NET Core service, if left blank a value will be defaulted.",
+ "value": ""
+ },
+ {
+ "name": "SOURCE_REPOSITORY_URL",
+ "displayName": "Git Repository URL",
+ "description": "The URL of the repository with your application source code.",
+ "required": true,
+ "value": "https://github.com/redhat-developer/s2i-dotnetcore-ex.git"
+ },
+ {
+ "name": "SOURCE_REPOSITORY_REF",
+ "displayName": "Git Reference",
+ "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch.",
+ "value": "dotnetcore-2.0"
+ },
+ {
+ "name": "CONTEXT_DIR",
+ "displayName": "Context Directory",
+ "description": "Set this to use a subdirectory of the source code repository"
+ },
+ {
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "displayName": "GitHub Webhook Secret",
+ "description": "A secret string used to configure the GitHub webhook.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{40}"
+ },
+ {
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "displayName": "Generic Webhook Secret",
+ "description": "A secret string used to configure the Generic webhook.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{40}"
+ },
+ {
+ "name": "DOTNET_STARTUP_PROJECT",
+ "displayName": "Startup Project",
+ "description": "Set this to the folder containing your startup project.",
+ "value": "app"
+ },
+ {
+ "name": "DOTNET_ASSEMBLY_NAME",
+ "displayName": "Startup Assembly",
+ "description": "Set this when the assembly name is overridden in the project file."
+ },
+ {
+ "name": "DOTNET_NPM_TOOLS",
+ "displayName": "Npm Tools",
+ "description": "Set this to a space separated list of npm tools needed to publish.",
+ "value": "bower gulp"
+ },
+ {
+ "name": "DOTNET_TEST_PROJECTS",
+ "displayName": "Test projects",
+ "description": "Set this to a space separated list of test projects to run before publishing."
+ },
+ {
+ "name": "DOTNET_CONFIGURATION",
+ "displayName": "Configuration",
+ "description": "Set this to configuration (Release/Debug).",
+ "value": "Release"
+ },
+ {
+ "name": "DOTNET_RESTORE_SOURCES",
+ "displayName": "NuGet package sources",
+ "description": "Set this to override the NuGet.config sources."
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/quickstart-templates/httpd.json b/roles/openshift_examples/files/examples/v3.9/quickstart-templates/httpd.json
new file mode 100644
index 000000000..3771280bf
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/quickstart-templates/httpd.json
@@ -0,0 +1,274 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "httpd-example",
+ "annotations": {
+ "openshift.io/display-name": "Apache HTTP Server",
+ "description": "An example Apache HTTP Server (httpd) application that serves static content. For more information about using this template, including OpenShift considerations, see https://github.com/openshift/httpd-ex/blob/master/README.md.",
+ "tags": "quickstart,httpd",
+ "iconClass": "icon-apache",
+ "openshift.io/long-description": "This template defines resources needed to develop a static application served by Apache HTTP Server (httpd), including a build configuration and application deployment configuration.",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "openshift.io/documentation-url": "https://github.com/openshift/httpd-ex",
+ "openshift.io/support-url": "https://access.redhat.com",
+ "template.openshift.io/bindable": "false"
+ }
+ },
+ "message": "The following service(s) have been created in your project: ${NAME}.\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/openshift/httpd-ex/blob/master/README.md.",
+ "labels": {
+ "template": "httpd-example"
+ },
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Exposes and load balances the application pods"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "web",
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "name": "${NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}"
+ },
+ "spec": {
+ "host": "${APPLICATION_DOMAIN}",
+ "to": {
+ "kind": "Service",
+ "name": "${NAME}"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Keeps track of changes in the application image"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Defines how to build the application",
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${NAMESPACE}",
+ "name": "httpd:2.4"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange"
+ },
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Defines how to deploy the application server",
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Rolling"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "httpd-example"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${NAME}",
+ "labels": {
+ "name": "${NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "httpd-example",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 8080
+ }
+ ],
+ "readinessProbe": {
+ "timeoutSeconds": 3,
+ "initialDelaySeconds": 3,
+ "httpGet": {
+ "path": "/",
+ "port": 8080
+ }
+ },
+ "livenessProbe": {
+ "timeoutSeconds": 3,
+ "initialDelaySeconds": 30,
+ "httpGet": {
+ "path": "/",
+ "port": 8080
+ }
+ },
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_LIMIT}"
+ }
+ },
+ "env": [
+ ],
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_LIMIT}"
+ }
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ],
+ "parameters": [
+ {
+ "name": "NAME",
+ "displayName": "Name",
+ "description": "The name assigned to all of the frontend objects defined in this template.",
+ "required": true,
+ "value": "httpd-example"
+ },
+ {
+ "name": "NAMESPACE",
+ "displayName": "Namespace",
+ "description": "The OpenShift Namespace where the ImageStream resides.",
+ "required": true,
+ "value": "openshift"
+ },
+ {
+ "name": "MEMORY_LIMIT",
+ "displayName": "Memory Limit",
+ "description": "Maximum amount of memory the container can use.",
+ "required": true,
+ "value": "512Mi"
+ },
+ {
+ "name": "SOURCE_REPOSITORY_URL",
+ "displayName": "Git Repository URL",
+ "description": "The URL of the repository with your application source code.",
+ "required": true,
+ "value": "https://github.com/openshift/httpd-ex.git"
+ },
+ {
+ "name": "SOURCE_REPOSITORY_REF",
+ "displayName": "Git Reference",
+ "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch."
+ },
+ {
+ "name": "CONTEXT_DIR",
+ "displayName": "Context Directory",
+ "description": "Set this to the relative path to your project if it is not in the root of your repository."
+ },
+ {
+ "name": "APPLICATION_DOMAIN",
+ "displayName": "Application Hostname",
+ "description": "The exposed hostname that will route to the httpd service, if left blank a value will be defaulted.",
+ "value": ""
+ },
+ {
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "displayName": "GitHub Webhook Secret",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{40}"
+ },
+ {
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "displayName": "Generic Webhook Secret",
+ "description": "A secret string used to configure the Generic webhook.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{40}"
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/quickstart-templates/jenkins-ephemeral-template.json b/roles/openshift_examples/files/examples/v3.9/quickstart-templates/jenkins-ephemeral-template.json
new file mode 100644
index 000000000..28b4b9d81
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/quickstart-templates/jenkins-ephemeral-template.json
@@ -0,0 +1,284 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jenkins-ephemeral",
+ "annotations": {
+ "openshift.io/display-name": "Jenkins (Ephemeral)",
+ "description": "Jenkins service, without persistent storage.\n\nWARNING: Any data stored will be lost upon pod destruction. Only use this template for testing.",
+ "iconClass": "icon-jenkins",
+ "tags": "instant-app,jenkins",
+ "openshift.io/long-description": "This template deploys a Jenkins server capable of managing OpenShift Pipeline builds and supporting OpenShift-based oauth login. The Jenkins configuration is stored in non-persistent storage, so this configuration should be used for experimental purposes only.",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "openshift.io/documentation-url": "https://docs.openshift.org/latest/using_images/other_images/jenkins.html",
+ "openshift.io/support-url": "https://access.redhat.com"
+ }
+ },
+ "message": "A Jenkins service has been created in your project. Log into Jenkins with your OpenShift account. The tutorial at https://github.com/openshift/origin/blob/master/examples/jenkins/README.md contains more information about using this template.",
+ "objects": [
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${JENKINS_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}"
+ }
+ },
+ "spec": {
+ "to": {
+ "kind": "Service",
+ "name": "${JENKINS_SERVICE_NAME}"
+ },
+ "tls": {
+ "termination": "edge",
+ "insecureEdgeTerminationPolicy": "Redirect"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${JENKINS_SERVICE_NAME}",
+ "annotations": {
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "jenkins"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${JENKINS_IMAGE_STREAM_TAG}",
+ "namespace": "${NAMESPACE}"
+ },
+ "lastTriggeredImage": ""
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${JENKINS_SERVICE_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "labels": {
+ "name": "${JENKINS_SERVICE_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${JENKINS_SERVICE_NAME}",
+ "containers": [
+ {
+ "name": "jenkins",
+ "image": " ",
+ "readinessProbe": {
+ "timeoutSeconds": 3,
+ "initialDelaySeconds": 3,
+ "httpGet": {
+ "path": "/login",
+ "port": 8080
+ }
+ },
+ "livenessProbe": {
+ "timeoutSeconds": 3,
+ "initialDelaySeconds": 420,
+ "failureThreshold" : 30,
+ "httpGet": {
+ "path": "/login",
+ "port": 8080
+ }
+ },
+ "env": [
+ {
+ "name": "OPENSHIFT_ENABLE_OAUTH",
+ "value": "${ENABLE_OAUTH}"
+ },
+ {
+ "name": "OPENSHIFT_ENABLE_REDIRECT_PROMPT",
+ "value": "true"
+ },
+ {
+ "name": "KUBERNETES_MASTER",
+ "value": "https://kubernetes.default:443"
+ },
+ {
+ "name": "KUBERNETES_TRUST_CERTIFICATES",
+ "value": "true"
+ },
+ {
+ "name": "JENKINS_SERVICE_NAME",
+ "value": "${JENKINS_SERVICE_NAME}"
+ },
+ {
+ "name": "JNLP_SERVICE_NAME",
+ "value": "${JNLP_SERVICE_NAME}"
+ }
+ ],
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_LIMIT}"
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "${JENKINS_SERVICE_NAME}-data",
+ "mountPath": "/var/lib/jenkins"
+ }
+ ],
+ "terminationMessagePath": "/dev/termination-log",
+ "imagePullPolicy": "IfNotPresent",
+ "capabilities": {},
+ "securityContext": {
+ "capabilities": {},
+ "privileged": false
+ }
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${JENKINS_SERVICE_NAME}-data",
+ "emptyDir": {
+ "medium": ""
+ }
+ }
+ ],
+ "restartPolicy": "Always",
+ "dnsPolicy": "ClusterFirst"
+ }
+ }
+ }
+ },
+ {
+ "kind": "ServiceAccount",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${JENKINS_SERVICE_NAME}",
+ "annotations": {
+ "serviceaccounts.openshift.io/oauth-redirectreference.jenkins": "{\"kind\":\"OAuthRedirectReference\",\"apiVersion\":\"v1\",\"reference\":{\"kind\":\"Route\",\"name\":\"${JENKINS_SERVICE_NAME}\"}}"
+ }
+ }
+ },
+ {
+ "kind": "RoleBinding",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${JENKINS_SERVICE_NAME}_edit"
+ },
+ "groupNames": null,
+ "subjects": [
+ {
+ "kind": "ServiceAccount",
+ "name": "${JENKINS_SERVICE_NAME}"
+ }
+ ],
+ "roleRef": {
+ "name": "edit"
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${JNLP_SERVICE_NAME}"
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "agent",
+ "protocol": "TCP",
+ "port": 50000,
+ "targetPort": 50000,
+ "nodePort": 0
+ }
+ ],
+ "selector": {
+ "name": "${JENKINS_SERVICE_NAME}"
+ },
+ "type": "ClusterIP",
+ "sessionAffinity": "None"
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${JENKINS_SERVICE_NAME}",
+ "annotations": {
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${JNLP_SERVICE_NAME}\", \"namespace\": \"\", \"kind\": \"Service\"}]",
+ "service.openshift.io/infrastructure": "true"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "web",
+ "protocol": "TCP",
+ "port": 80,
+ "targetPort": 8080,
+ "nodePort": 0
+ }
+ ],
+ "selector": {
+ "name": "${JENKINS_SERVICE_NAME}"
+ },
+ "type": "ClusterIP",
+ "sessionAffinity": "None"
+ }
+ }
+ ],
+ "parameters": [
+ {
+ "name": "JENKINS_SERVICE_NAME",
+ "displayName": "Jenkins Service Name",
+ "description": "The name of the OpenShift Service exposed for the Jenkins container.",
+ "value": "jenkins"
+ },
+ {
+ "name": "JNLP_SERVICE_NAME",
+ "displayName": "Jenkins JNLP Service Name",
+ "description": "The name of the service used for master/slave communication.",
+ "value": "jenkins-jnlp"
+ },
+ {
+ "name": "ENABLE_OAUTH",
+ "displayName": "Enable OAuth in Jenkins",
+ "description": "Whether to enable OAuth OpenShift integration. If false, the static account 'admin' will be initialized with the password 'password'.",
+ "value": "true"
+ },
+ {
+ "name": "MEMORY_LIMIT",
+ "displayName": "Memory Limit",
+ "description": "Maximum amount of memory the container can use.",
+ "value": "512Mi"
+ },
+ {
+ "name": "NAMESPACE",
+ "displayName": "Jenkins ImageStream Namespace",
+ "description": "The OpenShift Namespace where the Jenkins ImageStream resides.",
+ "value": "openshift"
+ },
+ {
+ "name": "JENKINS_IMAGE_STREAM_TAG",
+ "displayName": "Jenkins ImageStreamTag",
+ "description": "Name of the ImageStreamTag to be used for the Jenkins image.",
+ "value": "jenkins:latest"
+ }
+ ],
+ "labels": {
+ "template": "jenkins-ephemeral-template"
+ }
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/quickstart-templates/jenkins-persistent-template.json b/roles/openshift_examples/files/examples/v3.9/quickstart-templates/jenkins-persistent-template.json
new file mode 100644
index 000000000..4915bb12c
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/quickstart-templates/jenkins-persistent-template.json
@@ -0,0 +1,308 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jenkins-persistent",
+ "annotations": {
+ "openshift.io/display-name": "Jenkins (Persistent)",
+ "description": "Jenkins service, with persistent storage.\n\nNOTE: You must have persistent volumes available in your cluster to use this template.",
+ "iconClass": "icon-jenkins",
+ "tags": "instant-app,jenkins",
+ "openshift.io/long-description": "This template deploys a Jenkins server capable of managing OpenShift Pipeline builds and supporting OpenShift-based oauth login.",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "openshift.io/documentation-url": "https://docs.openshift.org/latest/using_images/other_images/jenkins.html",
+ "openshift.io/support-url": "https://access.redhat.com"
+ }
+ },
+ "message": "A Jenkins service has been created in your project. Log into Jenkins with your OpenShift account. The tutorial at https://github.com/openshift/origin/blob/master/examples/jenkins/README.md contains more information about using this template.",
+ "objects": [
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${JENKINS_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}"
+ }
+ },
+ "spec": {
+ "to": {
+ "kind": "Service",
+ "name": "${JENKINS_SERVICE_NAME}"
+ },
+ "tls": {
+ "termination": "edge",
+ "insecureEdgeTerminationPolicy": "Redirect"
+ }
+ }
+ },
+ {
+ "kind": "PersistentVolumeClaim",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${JENKINS_SERVICE_NAME}"
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${JENKINS_SERVICE_NAME}",
+ "annotations": {
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "jenkins"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${JENKINS_IMAGE_STREAM_TAG}",
+ "namespace": "${NAMESPACE}"
+ },
+ "lastTriggeredImage": ""
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${JENKINS_SERVICE_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "labels": {
+ "name": "${JENKINS_SERVICE_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${JENKINS_SERVICE_NAME}",
+ "containers": [
+ {
+ "name": "jenkins",
+ "image": " ",
+ "readinessProbe": {
+ "timeoutSeconds": 3,
+ "initialDelaySeconds": 3,
+ "httpGet": {
+ "path": "/login",
+ "port": 8080
+ }
+ },
+ "livenessProbe": {
+ "timeoutSeconds": 3,
+ "initialDelaySeconds": 420,
+ "failureThreshold" : 30,
+ "httpGet": {
+ "path": "/login",
+ "port": 8080
+ }
+ },
+ "env": [
+ {
+ "name": "OPENSHIFT_ENABLE_OAUTH",
+ "value": "${ENABLE_OAUTH}"
+ },
+ {
+ "name": "OPENSHIFT_ENABLE_REDIRECT_PROMPT",
+ "value": "true"
+ },
+ {
+ "name": "KUBERNETES_MASTER",
+ "value": "https://kubernetes.default:443"
+ },
+ {
+ "name": "KUBERNETES_TRUST_CERTIFICATES",
+ "value": "true"
+ },
+ {
+ "name": "JENKINS_SERVICE_NAME",
+ "value": "${JENKINS_SERVICE_NAME}"
+ },
+ {
+ "name": "JNLP_SERVICE_NAME",
+ "value": "${JNLP_SERVICE_NAME}"
+ }
+ ],
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_LIMIT}"
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "${JENKINS_SERVICE_NAME}-data",
+ "mountPath": "/var/lib/jenkins"
+ }
+ ],
+ "terminationMessagePath": "/dev/termination-log",
+ "imagePullPolicy": "IfNotPresent",
+ "capabilities": {},
+ "securityContext": {
+ "capabilities": {},
+ "privileged": false
+ }
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${JENKINS_SERVICE_NAME}-data",
+ "persistentVolumeClaim": {
+ "claimName": "${JENKINS_SERVICE_NAME}"
+ }
+ }
+ ],
+ "restartPolicy": "Always",
+ "dnsPolicy": "ClusterFirst"
+ }
+ }
+ }
+ },
+ {
+ "kind": "ServiceAccount",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${JENKINS_SERVICE_NAME}",
+ "annotations": {
+ "serviceaccounts.openshift.io/oauth-redirectreference.jenkins": "{\"kind\":\"OAuthRedirectReference\",\"apiVersion\":\"v1\",\"reference\":{\"kind\":\"Route\",\"name\":\"${JENKINS_SERVICE_NAME}\"}}"
+ }
+ }
+ },
+ {
+ "kind": "RoleBinding",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${JENKINS_SERVICE_NAME}_edit"
+ },
+ "groupNames": null,
+ "subjects": [
+ {
+ "kind": "ServiceAccount",
+ "name": "${JENKINS_SERVICE_NAME}"
+ }
+ ],
+ "roleRef": {
+ "name": "edit"
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${JNLP_SERVICE_NAME}"
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "agent",
+ "protocol": "TCP",
+ "port": 50000,
+ "targetPort": 50000,
+ "nodePort": 0
+ }
+ ],
+ "selector": {
+ "name": "${JENKINS_SERVICE_NAME}"
+ },
+ "type": "ClusterIP",
+ "sessionAffinity": "None"
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${JENKINS_SERVICE_NAME}",
+ "annotations": {
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${JNLP_SERVICE_NAME}\", \"namespace\": \"\", \"kind\": \"Service\"}]",
+ "service.openshift.io/infrastructure": "true"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "web",
+ "protocol": "TCP",
+ "port": 80,
+ "targetPort": 8080,
+ "nodePort": 0
+ }
+ ],
+ "selector": {
+ "name": "${JENKINS_SERVICE_NAME}"
+ },
+ "type": "ClusterIP",
+ "sessionAffinity": "None"
+ }
+ }
+ ],
+ "parameters": [
+ {
+ "name": "JENKINS_SERVICE_NAME",
+ "displayName": "Jenkins Service Name",
+ "description": "The name of the OpenShift Service exposed for the Jenkins container.",
+ "value": "jenkins"
+ },
+ {
+ "name": "JNLP_SERVICE_NAME",
+ "displayName": "Jenkins JNLP Service Name",
+ "description": "The name of the service used for master/slave communication.",
+ "value": "jenkins-jnlp"
+ },
+ {
+ "name": "ENABLE_OAUTH",
+ "displayName": "Enable OAuth in Jenkins",
+ "description": "Whether to enable OAuth OpenShift integration. If false, the static account 'admin' will be initialized with the password 'password'.",
+ "value": "true"
+ },
+ {
+ "name": "MEMORY_LIMIT",
+ "displayName": "Memory Limit",
+ "description": "Maximum amount of memory the container can use.",
+ "value": "512Mi"
+ },
+ {
+ "name": "VOLUME_CAPACITY",
+ "displayName": "Volume Capacity",
+ "description": "Volume space available for data, e.g. 512Mi, 2Gi.",
+ "value": "1Gi",
+ "required": true
+ },
+ {
+ "name": "NAMESPACE",
+ "displayName": "Jenkins ImageStream Namespace",
+ "description": "The OpenShift Namespace where the Jenkins ImageStream resides.",
+ "value": "openshift"
+ },
+ {
+ "name": "JENKINS_IMAGE_STREAM_TAG",
+ "displayName": "Jenkins ImageStreamTag",
+ "description": "Name of the ImageStreamTag to be used for the Jenkins image.",
+ "value": "jenkins:latest"
+ }
+ ],
+ "labels": {
+ "template": "jenkins-persistent-template"
+ }
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/quickstart-templates/nodejs-mongodb-persistent.json b/roles/openshift_examples/files/examples/v3.9/quickstart-templates/nodejs-mongodb-persistent.json
new file mode 100644
index 000000000..7f2a5d804
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/quickstart-templates/nodejs-mongodb-persistent.json
@@ -0,0 +1,549 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "nodejs-mongo-persistent",
+ "annotations": {
+ "openshift.io/display-name": "Node.js + MongoDB (Persistent)",
+ "description": "An example Node.js application with a MongoDB database. For more information about using this template, including OpenShift considerations, see https://github.com/openshift/nodejs-ex/blob/master/README.md.",
+ "tags": "quickstart,nodejs",
+ "iconClass": "icon-nodejs",
+ "openshift.io/long-description": "This template defines resources needed to develop a NodeJS application, including a build configuration, application deployment configuration, and database deployment configuration.",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "openshift.io/documentation-url": "https://github.com/openshift/nodejs-ex",
+ "openshift.io/support-url": "https://access.redhat.com",
+ "template.openshift.io/bindable": "false"
+ }
+ },
+ "message": "The following service(s) have been created in your project: ${NAME}, ${DATABASE_SERVICE_NAME}.\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/openshift/nodejs-ex/blob/master/README.md.",
+ "labels": {
+ "template": "nodejs-mongo-persistent"
+ },
+ "objects": [
+ {
+ "kind": "Secret",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}"
+ },
+ "stringData": {
+ "database-user": "${DATABASE_USER}",
+ "database-password": "${DATABASE_PASSWORD}",
+ "database-admin-password" : "${DATABASE_ADMIN_PASSWORD}"
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Exposes and load balances the application pods",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${DATABASE_SERVICE_NAME}\", \"kind\": \"Service\"}]"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "web",
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "name": "${NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}"
+ },
+ "spec": {
+ "host": "${APPLICATION_DOMAIN}",
+ "to": {
+ "kind": "Service",
+ "name": "${NAME}"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Keeps track of changes in the application image"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Defines how to build the application",
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${NAMESPACE}",
+ "name": "nodejs:6"
+ },
+ "env": [
+ {
+ "name": "NPM_MIRROR",
+ "value": "${NPM_MIRROR}"
+ }
+ ]
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange"
+ },
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ }
+ ],
+ "postCommit": {
+ "script": "npm test"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Defines how to deploy the application server",
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "nodejs-mongo-persistent"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${NAME}",
+ "labels": {
+ "name": "${NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "nodejs-mongo-persistent",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 8080
+ }
+ ],
+ "env": [
+ {
+ "name": "DATABASE_SERVICE_NAME",
+ "value": "${DATABASE_SERVICE_NAME}"
+ },
+ {
+ "name": "MONGODB_USER",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-user"
+ }
+ }
+ },
+ {
+ "name": "MONGODB_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-password"
+ }
+ }
+ },
+ {
+ "name": "MONGODB_DATABASE",
+ "value": "${DATABASE_NAME}"
+ },
+ {
+ "name": "MONGODB_ADMIN_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-admin-password"
+ }
+ }
+ }
+ ],
+ "readinessProbe": {
+ "timeoutSeconds": 3,
+ "initialDelaySeconds": 3,
+ "httpGet": {
+ "path": "/pagecount",
+ "port": 8080
+ }
+ },
+ "livenessProbe": {
+ "timeoutSeconds": 3,
+ "initialDelaySeconds": 30,
+ "httpGet": {
+ "path": "/pagecount",
+ "port": 8080
+ }
+ },
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_LIMIT}"
+ }
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "PersistentVolumeClaim",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "description": "Exposes the database server"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "mongodb",
+ "port": 27017,
+ "targetPort": 27017
+ }
+ ],
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "description": "Defines how to deploy the database",
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "mongodb"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${NAMESPACE}",
+ "name": "mongodb:3.2"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "labels": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "mongodb",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 27017
+ }
+ ],
+ "env": [
+ {
+ "name": "MONGODB_USER",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-user"
+ }
+ }
+ },
+ {
+ "name": "MONGODB_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-password"
+ }
+ }
+ },
+ {
+ "name": "MONGODB_DATABASE",
+ "value": "${DATABASE_NAME}"
+ },
+ {
+ "name": "MONGODB_ADMIN_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-admin-password"
+ }
+ }
+ }
+ ],
+ "readinessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 3,
+ "exec": {
+ "command": [
+ "/bin/sh",
+ "-i",
+ "-c",
+ "mongo 127.0.0.1:27017/$MONGODB_DATABASE -u $MONGODB_USER -p $MONGODB_PASSWORD --eval=\"quit()\""
+ ]
+ }
+ },
+ "livenessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 30,
+ "tcpSocket": {
+ "port": 27017
+ }
+ },
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_MONGODB_LIMIT}"
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "${DATABASE_SERVICE_NAME}-data",
+ "mountPath": "/var/lib/mongodb/data"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${DATABASE_SERVICE_NAME}-data",
+ "persistentVolumeClaim": {
+ "claimName": "${DATABASE_SERVICE_NAME}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ],
+ "parameters": [
+ {
+ "name": "NAME",
+ "displayName": "Name",
+ "description": "The name assigned to all of the frontend objects defined in this template.",
+ "required": true,
+ "value": "nodejs-mongo-persistent"
+ },
+ {
+ "name": "NAMESPACE",
+ "displayName": "Namespace",
+ "description": "The OpenShift Namespace where the ImageStream resides.",
+ "required": true,
+ "value": "openshift"
+ },
+ {
+ "name": "MEMORY_LIMIT",
+ "displayName": "Memory Limit",
+ "description": "Maximum amount of memory the Node.js container can use.",
+ "required": true,
+ "value": "512Mi"
+ },
+ {
+ "name": "MEMORY_MONGODB_LIMIT",
+ "displayName": "Memory Limit (MongoDB)",
+ "description": "Maximum amount of memory the MongoDB container can use.",
+ "required": true,
+ "value": "512Mi"
+ },
+ {
+ "name": "VOLUME_CAPACITY",
+ "displayName": "Volume Capacity",
+ "description": "Volume space available for data, e.g. 512Mi, 2Gi",
+ "value": "1Gi",
+ "required": true
+ },
+ {
+ "name": "SOURCE_REPOSITORY_URL",
+ "displayName": "Git Repository URL",
+ "description": "The URL of the repository with your application source code.",
+ "required": true,
+ "value": "https://github.com/openshift/nodejs-ex.git"
+ },
+ {
+ "name": "SOURCE_REPOSITORY_REF",
+ "displayName": "Git Reference",
+ "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch."
+ },
+ {
+ "name": "CONTEXT_DIR",
+ "displayName": "Context Directory",
+ "description": "Set this to the relative path to your project if it is not in the root of your repository."
+ },
+ {
+ "name": "APPLICATION_DOMAIN",
+ "displayName": "Application Hostname",
+ "description": "The exposed hostname that will route to the Node.js service, if left blank a value will be defaulted.",
+ "value": ""
+ },
+ {
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "displayName": "GitHub Webhook Secret",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{40}"
+ },
+ {
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "displayName": "Generic Webhook Secret",
+ "description": "A secret string used to configure the Generic webhook.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{40}"
+ },
+ {
+ "name": "DATABASE_SERVICE_NAME",
+ "displayName": "Database Service Name",
+ "required": true,
+ "value": "mongodb"
+ },
+ {
+ "name": "DATABASE_USER",
+ "displayName": "MongoDB Username",
+ "description": "Username for MongoDB user that will be used for accessing the database.",
+ "generate": "expression",
+ "from": "user[A-Z0-9]{3}"
+ },
+ {
+ "name": "DATABASE_PASSWORD",
+ "displayName": "MongoDB Password",
+ "description": "Password for the MongoDB user.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{16}"
+ },
+ {
+ "name": "DATABASE_NAME",
+ "displayName": "Database Name",
+ "required": true,
+ "value": "sampledb"
+ },
+ {
+ "name": "DATABASE_ADMIN_PASSWORD",
+ "displayName": "Database Administrator Password",
+ "description": "Password for the database admin user.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{16}"
+ },
+ {
+ "name": "NPM_MIRROR",
+ "displayName": "Custom NPM Mirror URL",
+ "description": "The custom NPM mirror URL",
+ "value": ""
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/quickstart-templates/nodejs-mongodb.json b/roles/openshift_examples/files/examples/v3.9/quickstart-templates/nodejs-mongodb.json
new file mode 100644
index 000000000..b3afae46e
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/quickstart-templates/nodejs-mongodb.json
@@ -0,0 +1,525 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "nodejs-mongodb-example",
+ "annotations": {
+ "openshift.io/display-name": "Node.js + MongoDB (Ephemeral)",
+ "description": "An example Node.js application with a MongoDB database. For more information about using this template, including OpenShift considerations, see https://github.com/openshift/nodejs-ex/blob/master/README.md.\n\nWARNING: Any data stored will be lost upon pod destruction. Only use this template for testing.",
+ "tags": "quickstart,nodejs",
+ "iconClass": "icon-nodejs",
+ "openshift.io/long-description": "This template defines resources needed to develop a NodeJS application, including a build configuration, application deployment configuration, and database deployment configuration. The database is stored in non-persistent storage, so this configuration should be used for experimental purposes only.",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "openshift.io/documentation-url": "https://github.com/openshift/nodejs-ex",
+ "openshift.io/support-url": "https://access.redhat.com",
+ "template.openshift.io/bindable": "false"
+ }
+ },
+ "message": "The following service(s) have been created in your project: ${NAME}, ${DATABASE_SERVICE_NAME}.\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/openshift/nodejs-ex/blob/master/README.md.",
+ "labels": {
+ "template": "nodejs-mongodb-example"
+ },
+ "objects": [
+ {
+ "kind": "Secret",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}"
+ },
+ "stringData": {
+ "database-user": "${DATABASE_USER}",
+ "database-password": "${DATABASE_PASSWORD}",
+ "database-admin-password" : "${DATABASE_ADMIN_PASSWORD}"
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Exposes and load balances the application pods",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${DATABASE_SERVICE_NAME}\", \"kind\": \"Service\"}]"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "web",
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "name": "${NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}"
+ },
+ "spec": {
+ "host": "${APPLICATION_DOMAIN}",
+ "to": {
+ "kind": "Service",
+ "name": "${NAME}"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Keeps track of changes in the application image"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Defines how to build the application",
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${NAMESPACE}",
+ "name": "nodejs:6"
+ },
+ "env": [
+ {
+ "name": "NPM_MIRROR",
+ "value": "${NPM_MIRROR}"
+ }
+ ]
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange"
+ },
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ }
+ ],
+ "postCommit": {
+ "script": "npm test"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Defines how to deploy the application server",
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "nodejs-mongodb-example"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${NAME}",
+ "labels": {
+ "name": "${NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "nodejs-mongodb-example",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 8080
+ }
+ ],
+ "env": [
+ {
+ "name": "DATABASE_SERVICE_NAME",
+ "value": "${DATABASE_SERVICE_NAME}"
+ },
+ {
+ "name": "MONGODB_USER",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-user"
+ }
+ }
+ },
+ {
+ "name": "MONGODB_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-password"
+ }
+ }
+ },
+ {
+ "name": "MONGODB_DATABASE",
+ "value": "${DATABASE_NAME}"
+ },
+ {
+ "name": "MONGODB_ADMIN_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-admin-password"
+ }
+ }
+ }
+ ],
+ "readinessProbe": {
+ "timeoutSeconds": 3,
+ "initialDelaySeconds": 3,
+ "httpGet": {
+ "path": "/pagecount",
+ "port": 8080
+ }
+ },
+ "livenessProbe": {
+ "timeoutSeconds": 3,
+ "initialDelaySeconds": 30,
+ "httpGet": {
+ "path": "/pagecount",
+ "port": 8080
+ }
+ },
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_LIMIT}"
+ }
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "description": "Exposes the database server"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "mongodb",
+ "port": 27017,
+ "targetPort": 27017
+ }
+ ],
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "description": "Defines how to deploy the database",
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "mongodb"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${NAMESPACE}",
+ "name": "mongodb:3.2"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "labels": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "mongodb",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 27017
+ }
+ ],
+ "env": [
+ {
+ "name": "MONGODB_USER",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-user"
+ }
+ }
+ },
+ {
+ "name": "MONGODB_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-password"
+ }
+ }
+ },
+ {
+ "name": "MONGODB_DATABASE",
+ "value": "${DATABASE_NAME}"
+ },
+ {
+ "name": "MONGODB_ADMIN_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-admin-password"
+ }
+ }
+ }
+ ],
+ "readinessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 3,
+ "exec": {
+ "command": [
+ "/bin/sh",
+ "-i",
+ "-c",
+ "mongo 127.0.0.1:27017/$MONGODB_DATABASE -u $MONGODB_USER -p $MONGODB_PASSWORD --eval=\"quit()\""
+ ]
+ }
+ },
+ "livenessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 30,
+ "tcpSocket": {
+ "port": 27017
+ }
+ },
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_MONGODB_LIMIT}"
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "${DATABASE_SERVICE_NAME}-data",
+ "mountPath": "/var/lib/mongodb/data"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${DATABASE_SERVICE_NAME}-data",
+ "emptyDir": {
+ "medium": ""
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ],
+ "parameters": [
+ {
+ "name": "NAME",
+ "displayName": "Name",
+ "description": "The name assigned to all of the frontend objects defined in this template.",
+ "required": true,
+ "value": "nodejs-mongodb-example"
+ },
+ {
+ "name": "NAMESPACE",
+ "displayName": "Namespace",
+ "description": "The OpenShift Namespace where the ImageStream resides.",
+ "required": true,
+ "value": "openshift"
+ },
+ {
+ "name": "MEMORY_LIMIT",
+ "displayName": "Memory Limit",
+ "description": "Maximum amount of memory the Node.js container can use.",
+ "required": true,
+ "value": "512Mi"
+ },
+ {
+ "name": "MEMORY_MONGODB_LIMIT",
+ "displayName": "Memory Limit (MongoDB)",
+ "description": "Maximum amount of memory the MongoDB container can use.",
+ "required": true,
+ "value": "512Mi"
+ },
+ {
+ "name": "SOURCE_REPOSITORY_URL",
+ "displayName": "Git Repository URL",
+ "description": "The URL of the repository with your application source code.",
+ "required": true,
+ "value": "https://github.com/openshift/nodejs-ex.git"
+ },
+ {
+ "name": "SOURCE_REPOSITORY_REF",
+ "displayName": "Git Reference",
+ "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch."
+ },
+ {
+ "name": "CONTEXT_DIR",
+ "displayName": "Context Directory",
+ "description": "Set this to the relative path to your project if it is not in the root of your repository."
+ },
+ {
+ "name": "APPLICATION_DOMAIN",
+ "displayName": "Application Hostname",
+ "description": "The exposed hostname that will route to the Node.js service, if left blank a value will be defaulted.",
+ "value": ""
+ },
+ {
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "displayName": "GitHub Webhook Secret",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{40}"
+ },
+ {
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "displayName": "Generic Webhook Secret",
+ "description": "A secret string used to configure the Generic webhook.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{40}"
+ },
+ {
+ "name": "DATABASE_SERVICE_NAME",
+ "displayName": "Database Service Name",
+ "required": true,
+ "value": "mongodb"
+ },
+ {
+ "name": "DATABASE_USER",
+ "displayName": "MongoDB Username",
+ "description": "Username for MongoDB user that will be used for accessing the database.",
+ "generate": "expression",
+ "from": "user[A-Z0-9]{3}"
+ },
+ {
+ "name": "DATABASE_PASSWORD",
+ "displayName": "MongoDB Password",
+ "description": "Password for the MongoDB user.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{16}"
+ },
+ {
+ "name": "DATABASE_NAME",
+ "displayName": "Database Name",
+ "required": true,
+ "value": "sampledb"
+ },
+ {
+ "name": "DATABASE_ADMIN_PASSWORD",
+ "displayName": "Database Administrator Password",
+ "description": "Password for the database admin user.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{16}"
+ },
+ {
+ "name": "NPM_MIRROR",
+ "displayName": "Custom NPM Mirror URL",
+ "description": "The custom NPM mirror URL",
+ "value": ""
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/quickstart-templates/pvc.yml b/roles/openshift_examples/files/examples/v3.9/quickstart-templates/pvc.yml
new file mode 100644
index 000000000..0bbb8e625
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/quickstart-templates/pvc.yml
@@ -0,0 +1,49 @@
+apiVersion: v1
+kind: Template
+metadata:
+ name: "amp-pvc"
+objects:
+
+- apiVersion: "v1"
+ kind: "PersistentVolumeClaim"
+ metadata:
+ name: "system-storage"
+ spec:
+ accessModes:
+ - "ReadWriteMany"
+ resources:
+ requests:
+ storage: "100Mi"
+
+- apiVersion: "v1"
+ kind: "PersistentVolumeClaim"
+ metadata:
+ name: "mysql-storage"
+ spec:
+ accessModes:
+ - "ReadWriteOnce"
+ resources:
+ requests:
+ storage: "1Gi"
+
+- apiVersion: "v1"
+ kind: "PersistentVolumeClaim"
+ metadata:
+ name: "system-redis-storage"
+ spec:
+ accessModes:
+ - "ReadWriteOnce"
+ resources:
+ requests:
+ storage: "1Gi"
+
+- apiVersion: "v1"
+ kind: "PersistentVolumeClaim"
+ metadata:
+ name: "backend-redis-storage"
+ spec:
+ accessModes:
+ - "ReadWriteOnce"
+ resources:
+ requests:
+ storage: "1Gi"
diff --git a/roles/openshift_examples/files/examples/v3.9/quickstart-templates/rails-postgresql-persistent.json b/roles/openshift_examples/files/examples/v3.9/quickstart-templates/rails-postgresql-persistent.json
new file mode 100644
index 000000000..1c03be28a
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/quickstart-templates/rails-postgresql-persistent.json
@@ -0,0 +1,606 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "rails-pgsql-persistent",
+ "annotations": {
+ "openshift.io/display-name": "Rails + PostgreSQL (Persistent)",
+ "description": "An example Rails application with a PostgreSQL database. For more information about using this template, including OpenShift considerations, see https://github.com/openshift/rails-ex/blob/master/README.md.",
+ "tags": "quickstart,ruby,rails",
+ "iconClass": "icon-ruby",
+ "openshift.io/long-description": "This template defines resources needed to develop a Rails application, including a build configuration, application deployment configuration, and database deployment configuration.",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "openshift.io/documentation-url": "https://github.com/openshift/rails-ex",
+ "openshift.io/support-url": "https://access.redhat.com",
+ "template.openshift.io/bindable": "false"
+ }
+ },
+ "message": "The following service(s) have been created in your project: ${NAME}, ${DATABASE_SERVICE_NAME}.\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/openshift/rails-ex/blob/master/README.md.",
+ "labels": {
+ "template": "rails-pgsql-persistent"
+ },
+ "objects": [
+ {
+ "kind": "Secret",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}"
+ },
+ "stringData" : {
+ "database-user" : "${DATABASE_USER}",
+ "database-password" : "${DATABASE_PASSWORD}",
+ "application-user" : "${APPLICATION_USER}",
+ "application-password" : "${APPLICATION_PASSWORD}",
+ "keybase" : "${SECRET_KEY_BASE}"
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Exposes and load balances the application pods",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${DATABASE_SERVICE_NAME}\", \"kind\": \"Service\"}]"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "web",
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "name": "${NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}"
+ },
+ "spec": {
+ "host": "${APPLICATION_DOMAIN}",
+ "to": {
+ "kind": "Service",
+ "name": "${NAME}"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Keeps track of changes in the application image"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Defines how to build the application",
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${NAMESPACE}",
+ "name": "ruby:2.3"
+ },
+ "env": [
+ {
+ "name": "RUBYGEM_MIRROR",
+ "value": "${RUBYGEM_MIRROR}"
+ }
+ ]
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange"
+ },
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ }
+ ],
+ "postCommit": {
+ "script": "bundle exec rake test"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Defines how to deploy the application server",
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate",
+ "recreateParams": {
+ "pre": {
+ "failurePolicy": "Abort",
+ "execNewPod": {
+ "command": [
+ "./migrate-database.sh"
+ ],
+ "containerName": "${NAME}"
+ }
+ }
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${NAME}",
+ "labels": {
+ "name": "${NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "${NAME}",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 8080
+ }
+ ],
+ "readinessProbe": {
+ "timeoutSeconds": 3,
+ "initialDelaySeconds": 5,
+ "httpGet": {
+ "path": "/articles",
+ "port": 8080
+ }
+ },
+ "livenessProbe": {
+ "timeoutSeconds": 3,
+ "initialDelaySeconds": 10,
+ "httpGet": {
+ "path": "/articles",
+ "port": 8080
+ }
+ },
+ "env": [
+ {
+ "name": "DATABASE_SERVICE_NAME",
+ "value": "${DATABASE_SERVICE_NAME}"
+ },
+ {
+ "name": "POSTGRESQL_USER",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-user"
+ }
+ }
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-password"
+ }
+ }
+ },
+ {
+ "name": "SECRET_KEY_BASE",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "keybase"
+ }
+ }
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DATABASE_NAME}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ },
+ {
+ "name": "APPLICATION_DOMAIN",
+ "value": "${APPLICATION_DOMAIN}"
+ },
+ {
+ "name": "APPLICATION_USER",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "application-user"
+ }
+ }
+ },
+ {
+ "name": "APPLICATION_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "application-password"
+ }
+ }
+ },
+ {
+ "name": "RAILS_ENV",
+ "value": "${RAILS_ENV}"
+ }
+ ],
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_LIMIT}"
+ }
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "PersistentVolumeClaim",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "description": "Exposes the database server"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "postgresql",
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "description": "Defines how to deploy the database",
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${NAMESPACE}",
+ "name": "postgresql:9.5"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "labels": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ }
+ },
+ "spec": {
+ "volumes": [
+ {
+ "name": "${DATABASE_SERVICE_NAME}-data",
+ "persistentVolumeClaim": {
+ "claimName": "${DATABASE_SERVICE_NAME}"
+ }
+ }
+ ],
+ "containers": [
+ {
+ "name": "postgresql",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 5432
+ }
+ ],
+ "readinessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 5,
+ "exec": {
+ "command": [ "/bin/sh", "-i", "-c", "psql -h 127.0.0.1 -U ${POSTGRESQL_USER} -q -d ${POSTGRESQL_DATABASE} -c 'SELECT 1'"]
+ }
+ },
+ "livenessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 30,
+ "tcpSocket": {
+ "port": 5432
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "${DATABASE_SERVICE_NAME}-data",
+ "mountPath": "/var/lib/pgsql/data"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-user"
+ }
+ }
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-password"
+ }
+ }
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DATABASE_NAME}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ],
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_POSTGRESQL_LIMIT}"
+ }
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ],
+ "parameters": [
+ {
+ "name": "NAME",
+ "displayName": "Name",
+ "description": "The name assigned to all of the frontend objects defined in this template.",
+ "required": true,
+ "value": "rails-pgsql-persistent"
+ },
+ {
+ "name": "NAMESPACE",
+ "displayName": "Namespace",
+ "required": true,
+ "description": "The OpenShift Namespace where the ImageStream resides.",
+ "value": "openshift"
+ },
+ {
+ "name": "MEMORY_LIMIT",
+ "displayName": "Memory Limit",
+ "required": true,
+ "description": "Maximum amount of memory the Rails container can use.",
+ "value": "512Mi"
+ },
+ {
+ "name": "MEMORY_POSTGRESQL_LIMIT",
+ "displayName": "Memory Limit (PostgreSQL)",
+ "required": true,
+ "description": "Maximum amount of memory the PostgreSQL container can use.",
+ "value": "512Mi"
+ },
+ {
+ "name": "VOLUME_CAPACITY",
+ "displayName": "Volume Capacity",
+ "description": "Volume space available for data, e.g. 512Mi, 2Gi",
+ "value": "1Gi",
+ "required": true
+ },
+ {
+ "name": "SOURCE_REPOSITORY_URL",
+ "displayName": "Git Repository URL",
+ "required": true,
+ "description": "The URL of the repository with your application source code.",
+ "value": "https://github.com/openshift/rails-ex.git"
+ },
+ {
+ "name": "SOURCE_REPOSITORY_REF",
+ "displayName": "Git Reference",
+ "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch."
+ },
+ {
+ "name": "CONTEXT_DIR",
+ "displayName": "Context Directory",
+ "description": "Set this to the relative path to your project if it is not in the root of your repository."
+ },
+ {
+ "name": "APPLICATION_DOMAIN",
+ "displayName": "Application Hostname",
+ "description": "The exposed hostname that will route to the Rails service, if left blank a value will be defaulted.",
+ "value": ""
+ },
+ {
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "displayName": "GitHub Webhook Secret",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{40}"
+ },
+ {
+ "name": "SECRET_KEY_BASE",
+ "displayName": "Secret Key",
+ "description": "Your secret key for verifying the integrity of signed cookies.",
+ "generate": "expression",
+ "from": "[a-z0-9]{127}"
+ },
+ {
+ "name": "APPLICATION_USER",
+ "displayName": "Application Username",
+ "required": true,
+ "description": "The application user that is used within the sample application to authorize access on pages.",
+ "value": "openshift"
+ },
+ {
+ "name": "APPLICATION_PASSWORD",
+ "displayName": "Application Password",
+ "required": true,
+ "description": "The application password that is used within the sample application to authorize access on pages.",
+ "value": "secret"
+ },
+ {
+ "name": "RAILS_ENV",
+ "displayName": "Rails Environment",
+ "required": true,
+ "description": "Environment under which the sample application will run. Could be set to production, development or test.",
+ "value": "production"
+ },
+ {
+ "name": "DATABASE_SERVICE_NAME",
+ "required": true,
+ "displayName": "Database Service Name",
+ "value": "postgresql"
+ },
+ {
+ "name": "DATABASE_USER",
+ "displayName": "Database Username",
+ "generate": "expression",
+ "from": "user[A-Z0-9]{3}"
+ },
+ {
+ "name": "DATABASE_PASSWORD",
+ "displayName": "Database Password",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{8}"
+ },
+ {
+ "name": "DATABASE_NAME",
+ "required": true,
+ "displayName": "Database Name",
+ "value": "root"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "displayName": "Maximum Database Connections",
+ "value": "100"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "displayName": "Shared Buffer Amount",
+ "value": "12MB"
+ },
+ {
+ "name": "RUBYGEM_MIRROR",
+ "displayName": "Custom RubyGems Mirror URL",
+ "description": "The custom RubyGems mirror URL",
+ "value": ""
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/quickstart-templates/rails-postgresql.json b/roles/openshift_examples/files/examples/v3.9/quickstart-templates/rails-postgresql.json
new file mode 100644
index 000000000..240289d33
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/quickstart-templates/rails-postgresql.json
@@ -0,0 +1,580 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "rails-postgresql-example",
+ "annotations": {
+ "openshift.io/display-name": "Rails + PostgreSQL (Ephemeral)",
+ "description": "An example Rails application with a PostgreSQL database. For more information about using this template, including OpenShift considerations, see https://github.com/openshift/rails-ex/blob/master/README.md.\n\nWARNING: Any data stored will be lost upon pod destruction. Only use this template for testing.",
+ "tags": "quickstart,ruby,rails",
+ "iconClass": "icon-ruby",
+ "openshift.io/long-description": "This template defines resources needed to develop a Rails application, including a build configuration, application deployment configuration, and database deployment configuration. The database is stored in non-persistent storage, so this configuration should be used for experimental purposes only.",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "openshift.io/documentation-url": "https://github.com/openshift/rails-ex",
+ "openshift.io/support-url": "https://access.redhat.com",
+ "template.openshift.io/bindable": "false"
+ }
+ },
+ "message": "The following service(s) have been created in your project: ${NAME}, ${DATABASE_SERVICE_NAME}.\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/openshift/rails-ex/blob/master/README.md.",
+ "labels": {
+ "template": "rails-postgresql-example"
+ },
+ "objects": [
+ {
+ "kind": "Secret",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}"
+ },
+ "stringData" : {
+ "database-user" : "${DATABASE_USER}",
+ "database-password" : "${DATABASE_PASSWORD}",
+ "application-user" : "${APPLICATION_USER}",
+ "application-password" : "${APPLICATION_PASSWORD}",
+ "keybase" : "${SECRET_KEY_BASE}"
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Exposes and load balances the application pods",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${DATABASE_SERVICE_NAME}\", \"kind\": \"Service\"}]"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "web",
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "name": "${NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}"
+ },
+ "spec": {
+ "host": "${APPLICATION_DOMAIN}",
+ "to": {
+ "kind": "Service",
+ "name": "${NAME}"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Keeps track of changes in the application image"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Defines how to build the application",
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${NAMESPACE}",
+ "name": "ruby:2.3"
+ },
+ "env": [
+ {
+ "name": "RUBYGEM_MIRROR",
+ "value": "${RUBYGEM_MIRROR}"
+ }
+ ]
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange"
+ },
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ }
+ ],
+ "postCommit": {
+ "script": "bundle exec rake test"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Defines how to deploy the application server",
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate",
+ "recreateParams": {
+ "pre": {
+ "failurePolicy": "Abort",
+ "execNewPod": {
+ "command": [
+ "./migrate-database.sh"
+ ],
+ "containerName": "${NAME}"
+ }
+ }
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${NAME}",
+ "labels": {
+ "name": "${NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "${NAME}",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 8080
+ }
+ ],
+ "readinessProbe": {
+ "timeoutSeconds": 3,
+ "initialDelaySeconds": 5,
+ "httpGet": {
+ "path": "/articles",
+ "port": 8080
+ }
+ },
+ "livenessProbe": {
+ "timeoutSeconds": 3,
+ "initialDelaySeconds": 10,
+ "httpGet": {
+ "path": "/articles",
+ "port": 8080
+ }
+ },
+ "env": [
+ {
+ "name": "DATABASE_SERVICE_NAME",
+ "value": "${DATABASE_SERVICE_NAME}"
+ },
+ {
+ "name": "POSTGRESQL_USER",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-user"
+ }
+ }
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-password"
+ }
+ }
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DATABASE_NAME}"
+ },
+ {
+ "name": "SECRET_KEY_BASE",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "keybase"
+ }
+ }
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ },
+ {
+ "name": "APPLICATION_DOMAIN",
+ "value": "${APPLICATION_DOMAIN}"
+ },
+ {
+ "name": "APPLICATION_USER",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "application-user"
+ }
+ }
+ },
+ {
+ "name": "APPLICATION_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "application-password"
+ }
+ }
+ },
+ {
+ "name": "RAILS_ENV",
+ "value": "${RAILS_ENV}"
+ }
+ ],
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_LIMIT}"
+ }
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "description": "Exposes the database server"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "postgresql",
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "description": "Defines how to deploy the database",
+ "template.alpha.openshift.io/wait-for-ready": "true"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${NAMESPACE}",
+ "name": "postgresql:9.5"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "labels": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ }
+ },
+ "spec": {
+ "volumes": [
+ {
+ "name": "data",
+ "emptyDir": {}
+ }
+ ],
+ "containers": [
+ {
+ "name": "postgresql",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 5432
+ }
+ ],
+ "readinessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 5,
+ "exec": {
+ "command": [ "/bin/sh", "-i", "-c", "psql -h 127.0.0.1 -U ${POSTGRESQL_USER} -q -d ${POSTGRESQL_DATABASE} -c 'SELECT 1'"]
+ }
+ },
+ "livenessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 30,
+ "tcpSocket": {
+ "port": 5432
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "data",
+ "mountPath": "/var/lib/pgsql/data"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-user"
+ }
+ }
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${NAME}",
+ "key" : "database-password"
+ }
+ }
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DATABASE_NAME}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ],
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_POSTGRESQL_LIMIT}"
+ }
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ],
+ "parameters": [
+ {
+ "name": "NAME",
+ "displayName": "Name",
+ "description": "The name assigned to all of the frontend objects defined in this template.",
+ "required": true,
+ "value": "rails-postgresql-example"
+ },
+ {
+ "name": "NAMESPACE",
+ "displayName": "Namespace",
+ "required": true,
+ "description": "The OpenShift Namespace where the ImageStream resides.",
+ "value": "openshift"
+ },
+ {
+ "name": "MEMORY_LIMIT",
+ "displayName": "Memory Limit",
+ "required": true,
+ "description": "Maximum amount of memory the Rails container can use.",
+ "value": "512Mi"
+ },
+ {
+ "name": "MEMORY_POSTGRESQL_LIMIT",
+ "displayName": "Memory Limit (PostgreSQL)",
+ "required": true,
+ "description": "Maximum amount of memory the PostgreSQL container can use.",
+ "value": "512Mi"
+ },
+ {
+ "name": "SOURCE_REPOSITORY_URL",
+ "displayName": "Git Repository URL",
+ "required": true,
+ "description": "The URL of the repository with your application source code.",
+ "value": "https://github.com/openshift/rails-ex.git"
+ },
+ {
+ "name": "SOURCE_REPOSITORY_REF",
+ "displayName": "Git Reference",
+ "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch."
+ },
+ {
+ "name": "CONTEXT_DIR",
+ "displayName": "Context Directory",
+ "description": "Set this to the relative path to your project if it is not in the root of your repository."
+ },
+ {
+ "name": "APPLICATION_DOMAIN",
+ "displayName": "Application Hostname",
+ "description": "The exposed hostname that will route to the Rails service, if left blank a value will be defaulted.",
+ "value": ""
+ },
+ {
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "displayName": "GitHub Webhook Secret",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{40}"
+ },
+ {
+ "name": "SECRET_KEY_BASE",
+ "displayName": "Secret Key",
+ "description": "Your secret key for verifying the integrity of signed cookies.",
+ "generate": "expression",
+ "from": "[a-z0-9]{127}"
+ },
+ {
+ "name": "APPLICATION_USER",
+ "displayName": "Application Username",
+ "required": true,
+ "description": "The application user that is used within the sample application to authorize access on pages.",
+ "value": "openshift"
+ },
+ {
+ "name": "APPLICATION_PASSWORD",
+ "displayName": "Application Password",
+ "required": true,
+ "description": "The application password that is used within the sample application to authorize access on pages.",
+ "value": "secret"
+ },
+ {
+ "name": "RAILS_ENV",
+ "displayName": "Rails Environment",
+ "required": true,
+ "description": "Environment under which the sample application will run. Could be set to production, development or test.",
+ "value": "production"
+ },
+ {
+ "name": "DATABASE_SERVICE_NAME",
+ "required": true,
+ "displayName": "Database Service Name",
+ "value": "postgresql"
+ },
+ {
+ "name": "DATABASE_USER",
+ "displayName": "Database Username",
+ "generate": "expression",
+ "from": "user[A-Z0-9]{3}"
+ },
+ {
+ "name": "DATABASE_PASSWORD",
+ "displayName": "Database Password",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{8}"
+ },
+ {
+ "name": "DATABASE_NAME",
+ "required": true,
+ "displayName": "Database Name",
+ "value": "root"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "displayName": "Maximum Database Connections",
+ "value": "100"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "displayName": "Shared Buffer Amount",
+ "value": "12MB"
+ },
+ {
+ "name": "RUBYGEM_MIRROR",
+ "displayName": "Custom RubyGems Mirror URL",
+ "description": "The custom RubyGems mirror URL",
+ "value": ""
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/quickstart-templates/wildcard.yml b/roles/openshift_examples/files/examples/v3.9/quickstart-templates/wildcard.yml
new file mode 100644
index 000000000..00dedecd5
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/quickstart-templates/wildcard.yml
@@ -0,0 +1,158 @@
+apiVersion: v1
+kind: Template
+metadata:
+ name: "amp-apicast-wildcard-router"
+objects:
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: apicast-router
+ spec:
+ replicas: 1
+ selector:
+ deploymentconfig: apicast-router
+ strategy:
+ type: Rolling
+ template:
+ metadata:
+ labels:
+ deploymentconfig: apicast-router
+ spec:
+ volumes:
+ - name: apicast-router-config
+ configMap:
+ name: apicast-router-config
+ items:
+ - key: router.conf
+ path: router.conf
+ containers:
+ - env:
+ - name: APICAST_CONFIGURATION_LOADER
+ value: "lazy"
+ - name: APICAST_CONFIGURATION_CACHE
+ value: "0"
+ image: 3scale-amp20/apicast-gateway:1.0-3
+ imagePullPolicy: IfNotPresent
+ name: apicast-router
+ command: ['bin/apicast']
+ livenessProbe:
+ tcpSocket:
+ port: router
+ initialDelaySeconds: 5
+ timeoutSeconds: 5
+ periodSeconds: 10
+ readinessProbe:
+ httpGet:
+ path: /status/ready
+ port: management
+ initialDelaySeconds: 5
+ timeoutSeconds: 5
+ periodSeconds: 30
+ volumeMounts:
+ - name: apicast-router-config
+ mountPath: /opt/app-root/src/sites.d/
+ readOnly: true
+ ports:
+ - containerPort: 8082
+ name: router
+ protocol: TCP
+ - containerPort: 8090
+ name: management
+ protocol: TCP
+ triggers:
+ - type: ConfigChange
+
+- apiVersion: v1
+ kind: Service
+ metadata:
+ name: apicast-router
+ spec:
+ ports:
+ - name: router
+ port: 80
+ protocol: TCP
+ targetPort: router
+ selector:
+ deploymentconfig: apicast-router
+
+- apiVersion: v1
+ kind: ConfigMap
+ metadata:
+ name: apicast-router-config
+ data:
+ router.conf: |-
+ upstream wildcard {
+ server 0.0.0.1:1;
+
+ balancer_by_lua_block {
+ local round_robin = require 'resty.balancer.round_robin'
+ local balancer = round_robin.new()
+ local peers = balancer:peers(ngx.ctx.apicast)
+
+ local peer, err = balancer:set_peer(peers)
+
+ if not peer then
+ ngx.status = ngx.HTTP_SERVICE_UNAVAILABLE
+ ngx.log(ngx.ERR, "failed to set current backend peer: ", err)
+ ngx.exit(ngx.status)
+ end
+ }
+
+ keepalive 1024;
+ }
+
+ server {
+ listen 8082;
+ server_name ~-(?<apicast>apicast-(staging|production))\.;
+ access_log /dev/stdout combined;
+
+ location / {
+ access_by_lua_block {
+ local resolver = require('resty.resolver'):instance()
+ local servers = resolver:get_servers(ngx.var.apicast, { port = 8080 })
+
+ if #servers == 0 then
+ ngx.status = ngx.HTTP_BAD_GATEWAY
+ ngx.exit(ngx.HTTP_OK)
+ end
+
+ ngx.ctx.apicast = servers
+ }
+ proxy_http_version 1.1;
+ proxy_pass $scheme://wildcard;
+ proxy_set_header Host $host;
+ proxy_set_header Connection "";
+ }
+ }
+
+- apiVersion: v1
+ kind: Route
+ metadata:
+ name: apicast-wildcard-router
+ labels:
+ app: apicast-wildcard-router
+ spec:
+ host: apicast-${TENANT_NAME}.${WILDCARD_DOMAIN}
+ to:
+ kind: Service
+ name: apicast-router
+ port:
+ targetPort: router
+ wildcardPolicy: Subdomain
+ tls:
+ termination: edge
+ insecureEdgeTerminationPolicy: Allow
+
+parameters:
+- name: AMP_RELEASE
+ description: "AMP release tag."
+ value: 2.0.0-CR2-redhat-1
+ required: true
+- name: WILDCARD_DOMAIN
+ description: Root domain for the wildcard routes. Eg. example.com will generate 3scale-admin.example.com.
+ required: true
+- name: TENANT_NAME
+ description: "Domain name under the root that Admin UI will be available with -admin suffix."
+ required: true
+ value: "3scale"
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-streams/fis-image-streams.json b/roles/openshift_examples/files/examples/v3.9/xpaas-streams/fis-image-streams.json
new file mode 100644
index 000000000..9d99973be
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-streams/fis-image-streams.json
@@ -0,0 +1,76 @@
+{
+ "kind": "List",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "fis-image-streams",
+ "annotations": {
+ "description": "ImageStream definitions for JBoss Fuse Integration Services."
+ }
+ },
+ "items": [
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "fis-java-openshift"
+ },
+ "spec": {
+ "dockerImageRepository": "registry.access.redhat.com/jboss-fuse-6/fis-java-openshift",
+ "tags": [
+ {
+ "name": "1.0",
+ "annotations": {
+ "description": "JBoss Fuse Integration Services 1.0 Java S2I images.",
+ "iconClass": "icon-jboss",
+ "tags": "builder,jboss-fuse,java,xpaas",
+ "supports":"jboss-fuse:6.2.1,java:8,xpaas:1.2",
+ "version": "1.0"
+ }
+ },
+ {
+ "name": "2.0",
+ "annotations": {
+ "description": "JBoss Fuse Integration Services 2.0 Java S2I images.",
+ "iconClass": "icon-jboss",
+ "tags": "builder,jboss-fuse,java,xpaas",
+ "supports":"jboss-fuse:6.3.0,java:8,xpaas:1.2",
+ "version": "2.0"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "fis-karaf-openshift"
+ },
+ "spec": {
+ "dockerImageRepository": "registry.access.redhat.com/jboss-fuse-6/fis-karaf-openshift",
+ "tags": [
+ {
+ "name": "1.0",
+ "annotations": {
+ "description": "JBoss Fuse Integration Services 1.0 Karaf S2I images.",
+ "iconClass": "icon-jboss",
+ "tags": "builder,jboss-fuse,java,karaf,xpaas",
+ "supports":"jboss-fuse:6.2.1,java:8,xpaas:1.2",
+ "version": "1.0"
+ }
+ },
+ {
+ "name": "2.0",
+ "annotations": {
+ "description": "JBoss Fuse Integration Services 2.0 Karaf S2I images.",
+ "iconClass": "icon-jboss",
+ "tags": "builder,jboss-fuse,java,karaf,xpaas",
+ "supports":"jboss-fuse:6.3.0,java:8,xpaas:1.2",
+ "version": "2.0"
+ }
+ }
+ ]
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-streams/jboss-image-streams.json b/roles/openshift_examples/files/examples/v3.9/xpaas-streams/jboss-image-streams.json
new file mode 100644
index 000000000..ed2dbf572
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-streams/jboss-image-streams.json
@@ -0,0 +1,1480 @@
+{
+ "kind": "List",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jboss-image-streams",
+ "annotations": {
+ "description": "ImageStream definitions for JBoss Middleware products.",
+ "openshift.io/provider-display-name": "Red Hat, Inc."
+ }
+ },
+ "items": [
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jboss-webserver30-tomcat7-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Apache Tomcat 7",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "version": "1.4.7"
+ }
+ },
+ "labels": {
+ "xpaas": "1.4.7"
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "1.1",
+ "annotations": {
+ "description": "JBoss Web Server 3.0 Apache Tomcat 7 S2I images.",
+ "iconClass": "icon-rh-tomcat",
+ "tags": "builder,tomcat,tomcat7,java,jboss,hidden",
+ "supports": "tomcat7:3.0,tomcat:7,java:8",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "sampleContextDir": "tomcat-websocket-chat",
+ "version": "1.1",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Apache Tomcat 7"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-webserver-3/webserver30-tomcat7-openshift:1.1"
+ }
+ },
+ {
+ "name": "1.2",
+ "annotations": {
+ "description": "JBoss Web Server 3.0 Apache Tomcat 7 S2I images.",
+ "iconClass": "icon-rh-tomcat",
+ "tags": "builder,tomcat,tomcat7,java,jboss,hidden",
+ "supports": "tomcat7:3.0,tomcat:7,java:8",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "sampleContextDir": "tomcat-websocket-chat",
+ "version": "1.2",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Apache Tomcat 7"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-webserver-3/webserver30-tomcat7-openshift:1.2"
+ }
+ },
+ {
+ "name": "1.3",
+ "annotations": {
+ "description": "JBoss Web Server 3.0 Apache Tomcat 7 S2I images.",
+ "iconClass": "icon-rh-tomcat",
+ "tags": "builder,tomcat,tomcat7,java,jboss,hidden",
+ "supports": "tomcat7:3.0,tomcat:7,java:8",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "sampleContextDir": "tomcat-websocket-chat",
+ "version": "1.3",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 ApacheTomcat 7"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-webserver-3/webserver30-tomcat7-openshift:1.3"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jboss-webserver30-tomcat8-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Apache Tomcat 8",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "version": "1.4.7"
+ }
+ },
+ "labels": {
+ "xpaas": "1.4.7"
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "1.1",
+ "annotations": {
+ "description": "JBoss Web Server 3.0 Apache Tomcat 8 S2I images.",
+ "iconClass": "icon-rh-tomcat",
+ "tags": "builder,tomcat,tomcat8,java,jboss,hidden",
+ "supports": "tomcat8:3.0,tomcat:8,java:8",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "sampleContextDir": "tomcat-websocket-chat",
+ "version": "1.1",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Apache Tomcat 8"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-webserver-3/webserver30-tomcat8-openshift:1.1"
+ }
+ },
+ {
+ "name": "1.2",
+ "annotations": {
+ "description": "JBoss Web Server 3.0 Apache Tomcat 8 S2I images.",
+ "iconClass": "icon-rh-tomcat",
+ "tags": "builder,tomcat,tomcat8,java,jboss,hidden",
+ "supports": "tomcat8:3.0,tomcat:8,java:8",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "sampleContextDir": "tomcat-websocket-chat",
+ "version": "1.2",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Apache Tomcat 8"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-webserver-3/webserver30-tomcat8-openshift:1.2"
+ }
+ },
+ {
+ "name": "1.3",
+ "annotations": {
+ "description": "JBoss Web Server 3.0 Apache Tomcat 8 S2I images.",
+ "iconClass": "icon-rh-tomcat",
+ "tags": "builder,tomcat,tomcat8,java,jboss,hidden",
+ "supports": "tomcat8:3.0,tomcat:8,java:8",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "sampleContextDir": "tomcat-websocket-chat",
+ "version": "1.3",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Apache Tomcat 8"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-webserver-3/webserver30-tomcat8-openshift:1.3"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jboss-webserver31-tomcat7-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Apache Tomcat 7",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "version": "1.4.7"
+ }
+ },
+ "labels": {
+ "xpaas": "1.4.7"
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "1.0",
+ "annotations": {
+ "description": "JBoss Web Server 3.1 Apache Tomcat 7 S2I images.",
+ "iconClass": "icon-rh-tomcat",
+ "tags": "builder,tomcat,tomcat7,java,jboss,hidden",
+ "supports": "tomcat7:3.1,tomcat:7,java:8",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "sampleContextDir": "tomcat-websocket-chat",
+ "version": "1.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Apache Tomcat 7"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-webserver-3/webserver31-tomcat7-openshift:1.0"
+ }
+ },
+ {
+ "name": "1.1",
+ "annotations": {
+ "description": "JBoss Web Server 3.1 Apache Tomcat 7 S2I images.",
+ "iconClass": "icon-rh-tomcat",
+ "tags": "builder,tomcat,tomcat7,java,jboss,hidden",
+ "supports": "tomcat7:3.1,tomcat:7,java:8",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "sampleContextDir": "tomcat-websocket-chat",
+ "version": "1.1",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Apache Tomcat 7"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-webserver-3/webserver31-tomcat7-openshift:1.1"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jboss-webserver31-tomcat8-openshift",
+ "annotations": {
+ "openshift.io/display-name": "JBoss Web Server 3.1 Apache Tomcat 8",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "version": "1.4.7"
+ }
+ },
+ "labels": {
+ "xpaas": "1.4.7"
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "1.0",
+ "annotations": {
+ "description": "JBoss Web Server 3.1 Apache Tomcat 8 S2I images.",
+ "iconClass": "icon-rh-tomcat",
+ "tags": "builder,tomcat,tomcat8,java,jboss,hidden",
+ "supports": "tomcat8:3.1,tomcat:8,java:8",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "sampleContextDir": "tomcat-websocket-chat",
+ "version": "1.0",
+ "openshift.io/display-name": "JBoss Web Server 3.1 Apache Tomcat 8"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-webserver-3/webserver31-tomcat8-openshift:1.0"
+ }
+ },
+ {
+ "name": "1.1",
+ "annotations": {
+ "description": "JBoss Web Server 3.1 Apache Tomcat 8 S2I images.",
+ "iconClass": "icon-rh-tomcat",
+ "tags": "builder,tomcat,tomcat8,java,jboss,hidden",
+ "supports": "tomcat8:3.1,tomcat:8,java:8",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "sampleContextDir": "tomcat-websocket-chat",
+ "version": "1.1",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Apache Tomcat 8"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-webserver-3/webserver31-tomcat8-openshift:1.1"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jboss-eap64-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "version": "1.4.7"
+ }
+ },
+ "labels": {
+ "xpaas": "1.4.7"
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "1.1",
+ "annotations": {
+ "description": "JBoss EAP 6.4 S2I images.",
+ "iconClass": "icon-eap",
+ "tags": "builder,eap,javaee,java,jboss,hidden",
+ "supports": "eap:6.4,javaee:6,java:8",
+ "sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
+ "sampleContextDir": "kitchensink",
+ "sampleRef": "6.4.x",
+ "version": "1.1",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-eap-6/eap64-openshift:1.1"
+ }
+ },
+ {
+ "name": "1.2",
+ "annotations": {
+ "description": "JBoss EAP 6.4 S2I images.",
+ "iconClass": "icon-eap",
+ "tags": "builder,eap,javaee,java,jboss,hidden",
+ "supports": "eap:6.4,javaee:6,java:8",
+ "sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
+ "sampleContextDir": "kitchensink",
+ "sampleRef": "6.4.x",
+ "version": "1.2",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-eap-6/eap64-openshift:1.2"
+ }
+ },
+ {
+ "name": "1.3",
+ "annotations": {
+ "description": "JBoss EAP 6.4 S2I images.",
+ "iconClass": "icon-eap",
+ "tags": "builder,eap,javaee,java,jboss,hidden",
+ "supports": "eap:6.4,javaee:6,java:8",
+ "sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
+ "sampleContextDir": "kitchensink",
+ "sampleRef": "6.4.x",
+ "version": "1.3",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-eap-6/eap64-openshift:1.3"
+ }
+ },
+ {
+ "name": "1.4",
+ "annotations": {
+ "description": "JBoss EAP 6.4 S2I images.",
+ "iconClass": "icon-eap",
+ "tags": "builder,eap,javaee,java,jboss,hidden",
+ "supports": "eap:6.4,javaee:6,java:8",
+ "sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
+ "sampleContextDir": "kitchensink",
+ "sampleRef": "6.4.x",
+ "version": "1.4",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-eap-6/eap64-openshift:1.4"
+ }
+ },
+ {
+ "name": "1.5",
+ "annotations": {
+ "description": "JBoss EAP 6.4 S2I images.",
+ "iconClass": "icon-eap",
+ "tags": "builder,eap,javaee,java,jboss,hidden",
+ "supports": "eap:6.4,javaee:6,java:8",
+ "sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
+ "sampleContextDir": "kitchensink",
+ "sampleRef": "6.4.x",
+ "version": "1.5",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-eap-6/eap64-openshift:1.5"
+ }
+ },
+ {
+ "name": "1.6",
+ "annotations": {
+ "description": "JBoss EAP 6.4 S2I images.",
+ "iconClass": "icon-eap",
+ "tags": "builder,eap,javaee,java,jboss,hidden",
+ "supports": "eap:6.4,javaee:6,java:8",
+ "sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
+ "sampleContextDir": "kitchensink",
+ "sampleRef": "6.4.x",
+ "version": "1.6",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-eap-6/eap64-openshift:1.6"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jboss-eap70-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "version": "1.4.7"
+ }
+ },
+ "labels": {
+ "xpaas": "1.4.7"
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "1.3",
+ "annotations": {
+ "description": "JBoss EAP 7.0 S2I images.",
+ "iconClass": "icon-eap",
+ "tags": "builder,eap,javaee,java,jboss,hidden",
+ "supports": "eap:7.0,javaee:7,java:8",
+ "sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
+ "sampleContextDir": "kitchensink",
+ "sampleRef": "7.0.0.GA",
+ "version": "1.3",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-eap-7/eap70-openshift:1.3"
+ }
+ },
+ {
+ "name": "1.4",
+ "annotations": {
+ "description": "JBoss EAP 7.0 S2I images.",
+ "iconClass": "icon-eap",
+ "tags": "builder,eap,javaee,java,jboss,hidden",
+ "supports": "eap:7.0,javaee:7,java:8",
+ "sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
+ "sampleContextDir": "kitchensink",
+ "sampleRef": "7.0.0.GA",
+ "version": "1.4",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-eap-7/eap70-openshift:1.4"
+ }
+ },
+ {
+ "name": "1.5",
+ "annotations": {
+ "description": "JBoss EAP 7.0 S2I images.",
+ "iconClass": "icon-eap",
+ "tags": "builder,eap,javaee,java,jboss,hidden",
+ "supports": "eap:7.0,javaee:7,java:8",
+ "sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
+ "sampleContextDir": "kitchensink",
+ "sampleRef": "7.0.0.GA",
+ "version": "1.5",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-eap-7/eap70-openshift:1.5"
+ }
+ },
+ {
+ "name": "1.6",
+ "annotations": {
+ "description": "JBoss EAP 7.0 S2I images.",
+ "iconClass": "icon-eap",
+ "tags": "builder,eap,javaee,java,jboss,hidden",
+ "supports": "eap:7.0,javaee:7,java:8",
+ "sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
+ "sampleContextDir": "kitchensink",
+ "sampleRef": "7.0.0.GA",
+ "version": "1.6",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-eap-7/eap70-openshift:1.6"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jboss-eap71-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.1",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "version": "1.4.7"
+ }
+ },
+ "labels": {
+ "xpaas": "1.4.7"
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "TP",
+ "annotations": {
+ "description": "JBoss EAP 7.1 Tech Preview.",
+ "iconClass": "icon-eap",
+ "tags": "builder,eap,javaee,java,jboss,hidden",
+ "supports": "eap:7.1,javaee:7,java:8,xpass:1.0",
+ "sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
+ "sampleContextDir": "kitchensink",
+ "sampleRef": "7.0.0.GA",
+ "version": "TP",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.1 (Tech Preview)"
+ },
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "1.0-TP"
+ }
+ },
+ {
+ "name": "1.0-TP",
+ "annotations": {
+ "description": "JBoss EAP 7.1 Tech Preview.",
+ "iconClass": "icon-eap",
+ "tags": "builder,eap,javaee,java,jboss,hidden",
+ "supports": "eap:7.1,javaee:7,java:8",
+ "sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
+ "sampleContextDir": "kitchensink",
+ "sampleRef": "7.0.0.GA",
+ "version": "1.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.1 (Tech Preview)"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-eap-7-tech-preview/eap71-openshift:1.0"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jboss-decisionserver62-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.2 decision server",
+ "version": "1.4.7"
+ }
+ },
+ "labels": {
+ "xpaas": "1.4.7"
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "1.2",
+ "annotations": {
+ "description": "Red Hat JBoss BRMS 6.2 decision server S2I images.",
+ "iconClass": "icon-decisionserver",
+ "tags": "builder,decisionserver,hidden",
+ "supports": "decisionserver:6.2",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "sampleContextDir": "decisionserver/hellorules",
+ "sampleRef": "1.2",
+ "version": "1.2",
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.2 decision server"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-decisionserver-6/decisionserver62-openshift:1.2"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jboss-decisionserver63-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.3 decision server",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "version": "1.4.7"
+ }
+ },
+ "labels": {
+ "xpaas": "1.4.7"
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "1.3",
+ "annotations": {
+ "description": "Red Hat JBoss BRMS 6.3 decision server S2I images.",
+ "iconClass": "icon-decisionserver",
+ "tags": "builder,decisionserver,hidden",
+ "supports": "decisionserver:6.3",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "sampleContextDir": "decisionserver/hellorules",
+ "sampleRef": "1.3",
+ "version": "1.3",
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.3 decision server"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-decisionserver-6/decisionserver63-openshift:1.3"
+ }
+ },
+ {
+ "name": "1.4",
+ "annotations": {
+ "description": "Red Hat JBoss BRMS 6.3 decision server S2I images.",
+ "iconClass": "icon-decisionserver",
+ "tags": "builder,decisionserver,java,hidden",
+ "supports": "decisionserver:6.3,java:8",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "sampleContextDir": "decisionserver/hellorules",
+ "sampleRef": "1.3",
+ "version": "1.4",
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.3 decision server"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-decisionserver-6/decisionserver63-openshift:1.4"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jboss-decisionserver64-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.4 decision server",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "version": "1.4.7"
+ }
+ },
+ "labels": {
+ "xpaas": "1.4.7"
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "1.0",
+ "annotations": {
+ "description": "Red Hat JBoss BRMS 6.4 decision server S2I images.",
+ "iconClass": "icon-decisionserver",
+ "tags": "builder,decisionserver,java,hidden",
+ "supports": "decisionserver:6.4,java:8",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "sampleContextDir": "decisionserver/hellorules",
+ "sampleRef": "1.3",
+ "version": "1.0",
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.4 decision server"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-decisionserver-6/decisionserver64-openshift:1.0"
+ }
+ },
+ {
+ "name": "1.1",
+ "annotations": {
+ "description": "Red Hat JBoss BRMS 6.4 decision server S2I images.",
+ "iconClass": "icon-decisionserver",
+ "tags": "builder,decisionserver,java,hidden",
+ "supports": "decisionserver:6.4,java:8",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "sampleContextDir": "decisionserver/hellorules",
+ "sampleRef": "1.3",
+ "version": "1.1",
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.4 decision server"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-decisionserver-6/decisionserver64-openshift:1.1"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jboss-processserver63-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "version": "1.4.7"
+ }
+ },
+ "labels": {
+ "xpaas": "1.4.7"
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "1.3",
+ "annotations": {
+ "description": "Red Hat JBoss BPM Suite 6.3 intelligent process server S2I images.",
+ "iconClass": "icon-processserver",
+ "tags": "builder,processserver,hidden",
+ "supports": "processserver:6.3",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "sampleContextDir": "processserver/library",
+ "sampleRef": "1.3",
+ "version": "1.3",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-processserver-6/processserver63-openshift:1.3"
+ }
+ },
+ {
+ "name": "1.4",
+ "annotations": {
+ "description": "Red Hat JBoss BPM Suite 6.3 intelligent process server S2I images.",
+ "iconClass": "icon-processserver",
+ "tags": "builder,processserver,java,hidden",
+ "supports": "processserver:6.3,java:8",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "sampleContextDir": "processserver/library",
+ "sampleRef": "1.3",
+ "version": "1.4",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-processserver-6/processserver63-openshift:1.4"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jboss-processserver64-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.4 intelligent process server",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "version": "1.4.7"
+ }
+ },
+ "labels": {
+ "xpaas": "1.4.7"
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "1.0",
+ "annotations": {
+ "description": "Red Hat JBoss BPM Suite 6.4 intelligent process server S2I images.",
+ "iconClass": "icon-processserver",
+ "tags": "builder,processserver,java,hidden",
+ "supports": "processserver:6.4,java:8",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "sampleContextDir": "processserver/library",
+ "sampleRef": "1.3",
+ "version": "1.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.4 intelligent process server"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-processserver-6/processserver64-openshift:1.0"
+ }
+ },
+ {
+ "name": "1.1",
+ "annotations": {
+ "description": "Red Hat JBoss BPM Suite 6.4 intelligent process server S2I images.",
+ "iconClass": "icon-processserver",
+ "tags": "builder,processserver,java,hidden",
+ "supports": "processserver:6.4,java:8",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "sampleContextDir": "processserver/library",
+ "sampleRef": "1.3",
+ "version": "1.1",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.4 intelligent process server"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-processserver-6/processserver64-openshift:1.1"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jboss-datagrid65-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "version": "1.4.7"
+ }
+ },
+ "labels": {
+ "xpaas": "1.4.7"
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "1.2",
+ "annotations": {
+ "description": "JBoss Data Grid 6.5 S2I images.",
+ "iconClass": "icon-datagrid",
+ "tags": "datagrid,jboss,hidden",
+ "supports": "datagrid:6.5",
+ "version": "1.2",
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-datagrid-6/datagrid65-openshift:1.2"
+ }
+ },
+ {
+ "name": "1.3",
+ "annotations": {
+ "description": "JBoss Data Grid 6.5 S2I images.",
+ "iconClass": "icon-datagrid",
+ "tags": "datagrid,jboss,hidden",
+ "supports": "datagrid:6.5",
+ "version": "1.3",
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-datagrid-6/datagrid65-openshift:1.3"
+ }
+ },
+ {
+ "name": "1.4",
+ "annotations": {
+ "description": "JBoss Data Grid 6.5 S2I images.",
+ "iconClass": "icon-datagrid",
+ "tags": "datagrid,jboss,hidden",
+ "supports": "datagrid:6.5",
+ "version": "1.4",
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-datagrid-6/datagrid65-openshift:1.4"
+ }
+ },
+ {
+ "name": "1.5",
+ "annotations": {
+ "description": "JBoss Data Grid 6.5 S2I images.",
+ "iconClass": "icon-datagrid",
+ "tags": "datagrid,jboss,hidden",
+ "supports": "datagrid:6.5",
+ "version": "1.5",
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-datagrid-6/datagrid65-openshift:1.5"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jboss-datagrid71-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 7.1",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "version": "1.4.7"
+ }
+ },
+ "labels": {
+ "xpaas": "1.4.7"
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "1.0",
+ "annotations": {
+ "description": "JBoss Data Grid 7.1 S2I images.",
+ "iconClass": "icon-datagrid",
+ "tags": "datagrid,jboss,hidden",
+ "supports": "datagrid:7.1",
+ "version": "1.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 7.1"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-datagrid-7/datagrid71-openshift:1.0"
+ }
+ },
+ {
+ "name": "1.1",
+ "annotations": {
+ "description": "JBoss Data Grid 7.1 S2I images.",
+ "iconClass": "icon-datagrid",
+ "tags": "datagrid,jboss,hidden",
+ "supports": "datagrid:7.1",
+ "version": "1.1",
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 7.1"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-datagrid-7/datagrid71-openshift:1.1"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jboss-datagrid65-client-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5 Client Modules for EAP",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "version": "1.4.7"
+ }
+ },
+ "labels": {
+ "xpaas": "1.4.7"
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "1.0",
+ "annotations": {
+ "description": "JBoss Data Grid 6.5 Client Modules for EAP.",
+ "iconClass": "icon-datagrid",
+ "tags": "client,jboss,hidden",
+ "version": "1.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5 Client Modules for EAP"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-datagrid-6/datagrid65-client-openshift:1.0"
+ }
+ },
+ {
+ "name": "1.1",
+ "annotations": {
+ "description": "JBoss Data Grid 6.5 Client Modules for EAP.",
+ "iconClass": "icon-datagrid",
+ "tags": "client,jboss,hidden",
+ "version": "1.1",
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5 Client Modules for EAP"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-datagrid-6/datagrid65-client-openshift:1.1"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jboss-datagrid71-client-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 7.1 Client Modules for EAP",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "version": "1.4.7"
+ }
+ },
+ "labels": {
+ "xpaas": "1.4.7"
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "1.0",
+ "annotations": {
+ "description": "JBoss Data Grid 7.1 Client Modules for EAP.",
+ "iconClass": "icon-datagrid",
+ "tags": "client,jboss,hidden",
+ "version": "1.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 7.1 Client Modules for EAP"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-datagrid-7/datagrid71-client-openshift:1.0"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jboss-datavirt63-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.3",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "version": "1.4.7"
+ }
+ },
+ "labels": {
+ "xpaas": "1.4.7"
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "1.0",
+ "annotations": {
+ "description": "Red Hat JBoss Data Virtualization 6.3 S2I images.",
+ "iconClass": "icon-datavirt",
+ "tags": "datavirt,jboss,hidden",
+ "supports": "datavirt:6.3",
+ "version": "1.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.3"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-datavirt-6/datavirt63-openshift:1.0"
+ }
+ },
+ {
+ "name": "1.1",
+ "annotations": {
+ "description": "Red Hat JBoss Data Virtualization 6.3 S2I images.",
+ "iconClass": "icon-datavirt",
+ "tags": "datavirt,jboss,hidden",
+ "supports": "datavirt:6.3",
+ "version": "1.1",
+ "openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.3"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-datavirt-6/datavirt63-openshift:1.1"
+ }
+ },
+ {
+ "name": "1.2",
+ "annotations": {
+ "description": "Red Hat JBoss Data Virtualization 6.3 S2I images.",
+ "iconClass": "icon-datavirt",
+ "tags": "datavirt,jboss,hidden",
+ "supports": "datavirt:6.3",
+ "version": "1.2",
+ "openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.3"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-datavirt-6/datavirt63-openshift:1.2"
+ }
+ },
+ {
+ "name": "1.3",
+ "annotations": {
+ "description": "Red Hat JBoss Data Virtualization 6.3 S2I images.",
+ "iconClass": "icon-datavirt",
+ "tags": "datavirt,jboss,hidden",
+ "supports":"datavirt:6.3",
+ "version": "1.3",
+ "openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.3"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-datavirt-6/datavirt63-openshift:1.3"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jboss-datavirt63-driver-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.5 JDBC Driver Modules for EAP",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "version": "1.4.7"
+ }
+ },
+ "labels": {
+ "xpaas": "1.4.7"
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "1.0",
+ "annotations": {
+ "description": "JBoss Data Virtualization 6.5 JDBC Driver Modules for EAP.",
+ "iconClass": "icon-datavirt",
+ "tags": "client,jboss,hidden",
+ "version": "1.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.5 JDBC Driver Modules for EAP"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-datavirt-6/datavirt63-driver-openshift:1.0"
+ }
+ },
+ {
+ "name": "1.1",
+ "annotations": {
+ "description": "JBoss Data Virtualization 6.5 JDBC Driver Modules for EAP.",
+ "iconClass": "icon-datavirt",
+ "tags": "client,jboss,hidden",
+ "version": "1.1",
+ "openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.5 JDBC Driver Modules for EAP"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-datavirt-6/datavirt63-driver-openshift:1.1"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jboss-amq-62",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.2",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "version": "1.4.7"
+ }
+ },
+ "labels": {
+ "xpaas": "1.4.7"
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "1.1",
+ "annotations": {
+ "description": "JBoss A-MQ 6.2 broker image.",
+ "iconClass": "icon-amq",
+ "tags": "messaging,amq,jboss,hidden",
+ "supports": "amq:6.2,messaging",
+ "version": "1.1",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.2"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-amq-6/amq62-openshift:1.1"
+ }
+ },
+ {
+ "name": "1.2",
+ "annotations": {
+ "description": "JBoss A-MQ 6.2 broker image.",
+ "iconClass": "icon-amq",
+ "tags": "messaging,amq,jboss,hidden",
+ "supports": "amq:6.2,messaging",
+ "version": "1.2",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.2"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-amq-6/amq62-openshift:1.2"
+ }
+ },
+ {
+ "name": "1.3",
+ "annotations": {
+ "description": "JBoss A-MQ 6.2 broker image.",
+ "iconClass": "icon-amq",
+ "tags": "messaging,amq,jboss,hidden",
+ "supports": "amq:6.2,messaging",
+ "version": "1.3",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.2"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-amq-6/amq62-openshift:1.3"
+ }
+ },
+ {
+ "name": "1.4",
+ "annotations": {
+ "description": "JBoss A-MQ 6.2 broker image.",
+ "iconClass": "icon-amq",
+ "tags": "messaging,amq,jboss,hidden",
+ "supports": "amq:6.2,messaging",
+ "version": "1.4",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.2"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-amq-6/amq62-openshift:1.4"
+ }
+ },
+ {
+ "name": "1.5",
+ "annotations": {
+ "description": "JBoss A-MQ 6.2 broker image.",
+ "iconClass": "icon-amq",
+ "tags": "messaging,amq,jboss,hidden",
+ "supports": "amq:6.2,messaging",
+ "version": "1.5",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.2"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-amq-6/amq62-openshift:1.5"
+ }
+ },
+ {
+ "name": "1.6",
+ "annotations": {
+ "description": "JBoss A-MQ 6.2 broker image.",
+ "iconClass": "icon-amq",
+ "tags": "messaging,amq,jboss,hidden",
+ "supports":"amq:6.2,messaging",
+ "version": "1.6",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.2"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-amq-6/amq62-openshift:1.6"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jboss-amq-63",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.3",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "version": "1.4.7"
+ }
+ },
+ "labels": {
+ "xpaas": "1.4.7"
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "1.0",
+ "annotations": {
+ "description": "JBoss A-MQ 6.3 broker image.",
+ "iconClass": "icon-amq",
+ "tags": "messaging,amq,jboss,hidden",
+ "supports": "amq:6.3,messaging",
+ "version": "1.0",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.3"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-amq-6/amq63-openshift:1.0"
+ }
+ },
+ {
+ "name": "1.1",
+ "annotations": {
+ "description": "JBoss A-MQ 6.3 broker image.",
+ "iconClass": "icon-amq",
+ "tags": "messaging,amq,jboss,hidden",
+ "supports": "amq:6.3,messaging",
+ "version": "1.1",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.3"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-amq-6/amq63-openshift:1.1"
+ }
+ },
+ {
+ "name": "1.2",
+ "annotations": {
+ "description": "JBoss A-MQ 6.3 broker image.",
+ "iconClass": "icon-amq",
+ "tags": "messaging,amq,jboss,hidden",
+ "supports": "amq:6.3,messaging",
+ "version": "1.2",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.3"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/jboss-amq-6/amq63-openshift:1.2"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "redhat-sso70-openshift",
+ "annotations": {
+ "description": "Red Hat SSO 7.0",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.0",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "version": "1.4.7"
+ }
+ },
+ "labels": {
+ "xpaas": "1.4.7"
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "1.3",
+ "annotations": {
+ "description": "Red Hat SSO 7.0",
+ "iconClass": "icon-sso",
+ "tags": "sso,keycloak,redhat,hidden",
+ "supports": "sso:7.0",
+ "version": "1.3",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.0"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/redhat-sso-7/sso70-openshift:1.3"
+ }
+ },
+ {
+ "name": "1.4",
+ "annotations": {
+ "description": "Red Hat SSO 7.0",
+ "iconClass": "icon-sso",
+ "tags": "sso,keycloak,redhat,hidden",
+ "supports": "sso:7.0",
+ "version": "1.4",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.0"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/redhat-sso-7/sso70-openshift:1.4"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "redhat-sso71-openshift",
+ "annotations": {
+ "description": "Red Hat SSO 7.1",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.1",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "version": "1.4.7"
+ }
+ },
+ "labels": {
+ "xpaas": "1.4.7"
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "1.0",
+ "annotations": {
+ "description": "Red Hat SSO 7.1",
+ "iconClass": "icon-sso",
+ "tags": "sso,keycloak,redhat,hidden",
+ "supports": "sso:7.1",
+ "version": "1.0",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.1"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/redhat-sso-7/sso71-openshift:1.0"
+ }
+ },
+ {
+ "name": "1.1",
+ "annotations": {
+ "description": "Red Hat SSO 7.1",
+ "iconClass": "icon-sso",
+ "tags": "sso,keycloak,redhat,hidden",
+ "supports": "sso:7.1",
+ "version": "1.1",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.1"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/redhat-sso-7/sso71-openshift:1.1"
+ }
+ },
+ {
+ "name": "1.2",
+ "annotations": {
+ "description": "Red Hat SSO 7.1",
+ "iconClass": "icon-sso",
+ "tags": "sso,keycloak,redhat,hidden",
+ "supports": "sso:7.1",
+ "version": "1.2",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.1"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/redhat-sso-7/sso71-openshift:1.2"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "redhat-openjdk18-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat OpenJDK 8",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "version": "1.4.7"
+ }
+ },
+ "labels": {
+ "xpaas": "1.4.7"
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "1.0",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat OpenJDK 8",
+ "description": "Build and run Java applications using Maven and OpenJDK 8.",
+ "iconClass": "icon-rh-openjdk",
+ "tags": "builder,java,openjdk,hidden",
+ "supports": "java:8",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "sampleContextDir": "undertow-servlet",
+ "version": "1.0"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/redhat-openjdk-18/openjdk18-openshift:1.0"
+ }
+ },
+ {
+ "name": "1.1",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat OpenJDK 8",
+ "description": "Build and run Java applications using Maven and OpenJDK 8.",
+ "iconClass": "icon-rh-openjdk",
+ "tags": "builder,java,openjdk",
+ "supports": "java:8",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "sampleContextDir": "undertow-servlet",
+ "version": "1.1"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/redhat-openjdk-18/openjdk18-openshift:1.1"
+ }
+ },
+ {
+ "name": "1.2",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat OpenJDK 8",
+ "description": "Build and run Java applications using Maven and OpenJDK 8.",
+ "iconClass": "icon-rh-openjdk",
+ "tags": "builder,java,openjdk",
+ "supports": "java:8",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "sampleContextDir": "undertow-servlet",
+ "version": "1.2"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/redhat-openjdk-18/openjdk18-openshift:1.2"
+ }
+ }
+ ]
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/amq62-basic.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/amq62-basic.json
new file mode 100644
index 000000000..8f8e14cb6
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/amq62-basic.json
@@ -0,0 +1,346 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for JBoss A-MQ brokers. These can be deployed as standalone or in a mesh. This template doesn't feature SSL support.",
+ "iconClass": "icon-amq",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "tags": "messaging,amq,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss A-MQ 6.2 (Ephemeral, no SSL)"
+ },
+ "name": "amq62-basic"
+ },
+ "labels": {
+ "template": "amq62-basic",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new messaging service has been created in your project. It will handle the protocol(s) \"${MQ_PROTOCOL}\". The username/password for accessing the service is ${MQ_USERNAME}/${MQ_PASSWORD}.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "broker",
+ "required": true
+ },
+ {
+ "displayName": "A-MQ Protocols",
+ "description": "Protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`.",
+ "name": "MQ_PROTOCOL",
+ "value": "openwire",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. If left empty, queues will be still created dynamically.",
+ "name": "MQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. If left empty, topics will be still created dynamically.",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Serializable Packages",
+ "description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Username",
+ "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Password",
+ "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Mesh Discovery Type",
+ "description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "kube",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Storage Limit",
+ "description": "The A-MQ storage usage limit",
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "100 gb",
+ "required": false
+ },
+ {
+ "displayName": "Queue Memory Limit",
+ "description": "The queue memory limit (default is 1mb)",
+ "name": "AMQ_QUEUE_MEMORY_LIMIT",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5672,
+ "targetPort": 5672
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-amqp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's AMQP port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 1883,
+ "targetPort": 1883
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-mqtt",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's MQTT port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61613,
+ "targetPort": 61613
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-stomp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's STOMP port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61616,
+ "targetPort": 61616
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-tcp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's OpenWire port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-amqp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-mqtt\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-stomp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Rolling",
+ "rollingParams": {
+ "maxSurge": 0
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-amq"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-amq-62:1.6"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-amq",
+ "image": "jboss-amq-62",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/amq/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp",
+ "containerPort": 5672,
+ "protocol": "TCP"
+ },
+ {
+ "name": "mqtt",
+ "containerPort": 1883,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp",
+ "containerPort": 61613,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp",
+ "containerPort": 61616,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "AMQ_USER",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "AMQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "AMQ_TRANSPORTS",
+ "value": "${MQ_PROTOCOL}"
+ },
+ {
+ "name": "AMQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "AMQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "${MQ_SERIALIZABLE_PACKAGES}"
+ },
+ {
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "${AMQ_MESH_DISCOVERY_TYPE}"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-amq-tcp"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "${AMQ_STORAGE_USAGE_LIMIT}"
+ },
+ {
+ "name": "AMQ_QUEUE_MEMORY_LIMIT",
+ "value": "${AMQ_QUEUE_MEMORY_LIMIT}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/amq62-persistent-ssl.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/amq62-persistent-ssl.json
new file mode 100644
index 000000000..96f9d616f
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/amq62-persistent-ssl.json
@@ -0,0 +1,693 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-amq",
+ "tags": "messaging,amq,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss A-MQ 6.2 (with SSL)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example JBoss A-MQ application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat JBoss A-MQ 6.2 based application, including a deployment configuration, using persistence and secure communication using SSL.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-amq/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+
+ },
+ "name": "amq62-persistent-ssl"
+ },
+ "labels": {
+ "template": "amq62-persistent-ssl",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new persistent messaging service with SSL support has been created in your project. It will handle the protocol(s) \"${MQ_PROTOCOL}\". The username/password for accessing the service is ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"amq-service-account\" service account and a secret named \"${AMQ_SECRET}\" containing the trust store and key store files (\"${AMQ_TRUSTSTORE}\" and \"${AMQ_KEYSTORE}\") used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "broker",
+ "required": true
+ },
+ {
+ "displayName": "Split Data?",
+ "description": "Split the data directory for each node in a mesh, this is now the default behaviour.",
+ "name": "AMQ_SPLIT",
+ "value": "true",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Protocols",
+ "description": "Protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`.",
+ "name": "MQ_PROTOCOL",
+ "value": "openwire",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. If left empty, queues will be still created dynamically.",
+ "name": "MQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. If left empty, topics will be still created dynamically.",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Serializable Packages",
+ "description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Volume Size",
+ "description": "Size of the volume used by A-MQ for persisting messages.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "A-MQ Username",
+ "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Password",
+ "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Mesh Discovery Type",
+ "description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "kube",
+ "required": false
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "Name of a secret containing SSL related files",
+ "name": "AMQ_SECRET",
+ "value": "amq-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Trust Store Filename",
+ "description": "SSL trust store filename",
+ "name": "AMQ_TRUSTSTORE",
+ "value": "broker.ts",
+ "required": true
+ },
+ {
+ "displayName": "Trust Store Password",
+ "description": "SSL trust store password",
+ "name": "AMQ_TRUSTSTORE_PASSWORD",
+ "value": "",
+ "required": true
+ },
+ {
+ "displayName": "A-MQ Keystore Filename",
+ "description": "SSL key store filename",
+ "name": "AMQ_KEYSTORE",
+ "value": "broker.ks",
+ "required": true
+ },
+ {
+ "displayName": "A-MQ Keystore Password",
+ "description": "Password for accessing SSL keystore",
+ "name": "AMQ_KEYSTORE_PASSWORD",
+ "value": "",
+ "required": true
+ },
+ {
+ "displayName": "A-MQ Storage Limit",
+ "description": "The A-MQ storage usage limit",
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "100 gb",
+ "required": false
+ },
+ {
+ "displayName": "Queue Memory Limit",
+ "description": "The queue memory limit (default is 1mb)",
+ "name": "AMQ_QUEUE_MEMORY_LIMIT",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5672,
+ "targetPort": 5672
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-amqp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's AMQP port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5671,
+ "targetPort": 5671
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-amqp-ssl",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's AMQP SSL port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 1883,
+ "targetPort": 1883
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-mqtt",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's MQTT port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8883,
+ "targetPort": 8883
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-mqtt-ssl",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's MQTT SSL port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61613,
+ "targetPort": 61613
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-stomp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's STOMP port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61612,
+ "targetPort": 61612
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-stomp-ssl",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's STOMP SSL port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61616,
+ "targetPort": 61616
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-tcp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's OpenWire port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61617,
+ "targetPort": 61617
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-tcp-ssl",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's OpenWire (SSL) port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-amqp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-mqtt\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-stomp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-amqp-ssl\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-mqtt-ssl\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-stomp-ssl\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Rolling",
+ "rollingParams": {
+ "maxSurge": 0
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-amq"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-amq-62:1.6"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "amq-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-amq",
+ "image": "jboss-amq-62",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "broker-secret-volume",
+ "mountPath": "/etc/amq-secret-volume",
+ "readOnly": true
+ },
+ {
+ "mountPath": "/opt/amq/data",
+ "name": "${APPLICATION_NAME}-amq-pvol"
+ }
+ ],
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/amq/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp",
+ "containerPort": 5672,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp-ssl",
+ "containerPort": 5671,
+ "protocol": "TCP"
+ },
+ {
+ "name": "mqtt",
+ "containerPort": 1883,
+ "protocol": "TCP"
+ },
+ {
+ "name": "mqtt-ssl",
+ "containerPort": 8883,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp",
+ "containerPort": 61613,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp-ssl",
+ "containerPort": 61612,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp",
+ "containerPort": 61616,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp-ssl",
+ "containerPort": 61617,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "AMQ_USER",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "AMQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "AMQ_TRANSPORTS",
+ "value": "${MQ_PROTOCOL}"
+ },
+ {
+ "name": "AMQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "AMQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "${MQ_SERIALIZABLE_PACKAGES}"
+ },
+ {
+ "name": "AMQ_SPLIT",
+ "value": "${AMQ_SPLIT}"
+ },
+ {
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "${AMQ_MESH_DISCOVERY_TYPE}"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-amq-tcp"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "AMQ_KEYSTORE_TRUSTSTORE_DIR",
+ "value": "/etc/amq-secret-volume"
+ },
+ {
+ "name": "AMQ_TRUSTSTORE",
+ "value": "${AMQ_TRUSTSTORE}"
+ },
+ {
+ "name": "AMQ_TRUSTSTORE_PASSWORD",
+ "value": "${AMQ_TRUSTSTORE_PASSWORD}"
+ },
+ {
+ "name": "AMQ_KEYSTORE",
+ "value": "${AMQ_KEYSTORE}"
+ },
+ {
+ "name": "AMQ_KEYSTORE_PASSWORD",
+ "value": "${AMQ_KEYSTORE_PASSWORD}"
+ },
+ {
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "${AMQ_STORAGE_USAGE_LIMIT}"
+ },
+ {
+ "name": "AMQ_QUEUE_MEMORY_LIMIT",
+ "value": "${AMQ_QUEUE_MEMORY_LIMIT}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "broker-secret-volume",
+ "secret": {
+ "secretName": "${AMQ_SECRET}"
+ }
+ },
+ {
+ "name": "${APPLICATION_NAME}-amq-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-amq-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-drainer",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-drainer"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-amq-62:1.6"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-drainer"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-drainer",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-drainer",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-drainer",
+ "image": "jboss-amq-62",
+ "command": [
+ "/opt/amq/bin/drain.sh"
+ ],
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "mountPath": "/opt/amq/data",
+ "name": "${APPLICATION_NAME}-amq-pvol"
+ }
+ ],
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp",
+ "containerPort": 61616,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "AMQ_USER",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "AMQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-amq-tcp"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-amq-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-amq-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteMany"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/amq62-persistent.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/amq62-persistent.json
new file mode 100644
index 000000000..67c812fb4
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/amq62-persistent.json
@@ -0,0 +1,506 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for JBoss A-MQ brokers. These can be deployed as standalone and use persistent storage for saving messages, including message migration when the number of pods are reduced. This template doesn't feature SSL support.",
+ "iconClass": "icon-amq",
+ "tags": "messaging,amq,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss A-MQ 6.2 (no SSL)",
+ "openshift.io/provider-display-name": "Red Hat, Inc."
+ },
+ "name": "amq62-persistent"
+ },
+ "labels": {
+ "template": "amq62-persistent",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new persistent messaging service has been created in your project. It will handle the protocol(s) \"${MQ_PROTOCOL}\". The username/password for accessing the service is ${MQ_USERNAME}/${MQ_PASSWORD}.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "broker",
+ "required": true
+ },
+ {
+ "displayName": "Split Data?",
+ "description": "Split the data directory for each node in a mesh, this is now the default behaviour.",
+ "name": "AMQ_SPLIT",
+ "value": "true",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Protocols",
+ "description": "Protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`.",
+ "name": "MQ_PROTOCOL",
+ "value": "openwire",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. If left empty, queues will be still created dynamically.",
+ "name": "MQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. If left empty, topics will be still created dynamically.",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Serializable Packages",
+ "description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Volume Size",
+ "description": "Size of the volume used by A-MQ for persisting messages.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "A-MQ Username",
+ "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Password",
+ "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Mesh Discovery Type",
+ "description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "kube",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Storage Limit",
+ "description": "The A-MQ storage usage limit",
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "100 gb",
+ "required": false
+ },
+ {
+ "displayName": "Queue Memory Limit",
+ "description": "The queue memory limit (default is 1mb)",
+ "name": "AMQ_QUEUE_MEMORY_LIMIT",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5672,
+ "targetPort": 5672
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-amqp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's AMQP port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 1883,
+ "targetPort": 1883
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-mqtt",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's MQTT port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61613,
+ "targetPort": 61613
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-stomp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's STOMP port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61616,
+ "targetPort": 61616
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-tcp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's OpenWire port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-amqp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-mqtt\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-stomp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Rolling",
+ "rollingParams": {
+ "maxSurge": 0
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-amq"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-amq-62:1.6"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-amq",
+ "image": "jboss-amq-62",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "mountPath": "/opt/amq/data",
+ "name": "${APPLICATION_NAME}-amq-pvol"
+ }
+ ],
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/amq/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp",
+ "containerPort": 5672,
+ "protocol": "TCP"
+ },
+ {
+ "name": "mqtt",
+ "containerPort": 1883,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp",
+ "containerPort": 61613,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp",
+ "containerPort": 61616,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "AMQ_USER",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "AMQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "AMQ_TRANSPORTS",
+ "value": "${MQ_PROTOCOL}"
+ },
+ {
+ "name": "AMQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "AMQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "${MQ_SERIALIZABLE_PACKAGES}"
+ },
+ {
+ "name": "AMQ_SPLIT",
+ "value": "${AMQ_SPLIT}"
+ },
+ {
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "${AMQ_MESH_DISCOVERY_TYPE}"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-amq-tcp"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "${AMQ_STORAGE_USAGE_LIMIT}"
+ },
+ {
+ "name": "AMQ_QUEUE_MEMORY_LIMIT",
+ "value": "${AMQ_QUEUE_MEMORY_LIMIT}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-amq-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-amq-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-drainer",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-drainer"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-amq-62:1.6"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-drainer"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-drainer",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-drainer",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-drainer",
+ "image": "jboss-amq-62",
+ "command": [
+ "/opt/amq/bin/drain.sh"
+ ],
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "mountPath": "/opt/amq/data",
+ "name": "${APPLICATION_NAME}-amq-pvol"
+ }
+ ],
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp",
+ "containerPort": 61616,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "AMQ_USER",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "AMQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-amq-tcp"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-amq-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-amq-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteMany"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/amq62-ssl.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/amq62-ssl.json
new file mode 100644
index 000000000..9f488820c
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/amq62-ssl.json
@@ -0,0 +1,533 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for JBoss A-MQ brokers. These can be deployed as standalone or in a mesh. This template supports SSL and requires usage of OpenShift secrets.",
+ "iconClass": "icon-amq",
+ "tags": "messaging,amq,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss A-MQ 6.2 (Ephemeral with SSL)",
+ "openshift.io/provider-display-name": "Red Hat, Inc."
+ },
+ "name": "amq62-ssl"
+ },
+ "labels": {
+ "template": "amq62-ssl",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new messaging service with SSL support has been created in your project. It will handle the protocol(s) \"${MQ_PROTOCOL}\". The username/password for accessing the service is ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"amq-service-account\" service account and a secret named \"${AMQ_SECRET}\" containing the trust store and key store files (\"${AMQ_TRUSTSTORE}\" and \"${AMQ_KEYSTORE}\") used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "broker",
+ "required": true
+ },
+ {
+ "displayName": "A-MQ Protocols",
+ "description": "Protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. SSL variants of these protocols will be configured automaticaly.",
+ "name": "MQ_PROTOCOL",
+ "value": "openwire",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. If left empty, queues will be still created dynamically.",
+ "name": "MQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. If left empty, topics will be still created dynamically.",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Serializable Packages",
+ "description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Username",
+ "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Password",
+ "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "Name of a secret containing SSL related files",
+ "name": "AMQ_SECRET",
+ "value": "amq-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Trust Store Filename",
+ "description": "SSL trust store filename",
+ "name": "AMQ_TRUSTSTORE",
+ "value": "broker.ts",
+ "required": true
+ },
+ {
+ "displayName": "Trust Store Password",
+ "description": "SSL trust store password",
+ "name": "AMQ_TRUSTSTORE_PASSWORD",
+ "value": "",
+ "required": true
+ },
+ {
+ "displayName": "A-MQ Keystore Filename",
+ "description": "SSL key store filename",
+ "name": "AMQ_KEYSTORE",
+ "value": "broker.ks",
+ "required": true
+ },
+ {
+ "displayName": "A-MQ Keystore Password",
+ "description": "Password for accessing SSL keystore",
+ "name": "AMQ_KEYSTORE_PASSWORD",
+ "value": "",
+ "required": true
+ },
+ {
+ "displayName": "A-MQ Mesh Discovery Type",
+ "description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "kube",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Storage Limit",
+ "description": "The A-MQ storage usage limit",
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "100 gb",
+ "required": false
+ },
+ {
+ "displayName": "Queue Memory Limit",
+ "description": "The queue memory limit (default is 1mb)",
+ "name": "AMQ_QUEUE_MEMORY_LIMIT",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5672,
+ "targetPort": 5672
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-amqp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's AMQP port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5671,
+ "targetPort": 5671
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-amqp-ssl",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's AMQP SSL port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 1883,
+ "targetPort": 1883
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-mqtt",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's MQTT port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8883,
+ "targetPort": 8883
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-mqtt-ssl",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's MQTT SSL port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61613,
+ "targetPort": 61613
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-stomp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's STOMP port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61612,
+ "targetPort": 61612
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-stomp-ssl",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's STOMP SSL port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61616,
+ "targetPort": 61616
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-tcp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's OpenWire port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61617,
+ "targetPort": 61617
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-tcp-ssl",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's OpenWire (SSL) port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-amqp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-mqtt\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-stomp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-amqp-ssl\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-mqtt-ssl\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-stomp-ssl\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Rolling",
+ "rollingParams": {
+ "maxSurge": 0
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-amq"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-amq-62:1.6"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "amq-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-amq",
+ "image": "jboss-amq-62",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "broker-secret-volume",
+ "mountPath": "/etc/amq-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/amq/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp",
+ "containerPort": 5672,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp-ssl",
+ "containerPort": 5671,
+ "protocol": "TCP"
+ },
+ {
+ "name": "mqtt",
+ "containerPort": 1883,
+ "protocol": "TCP"
+ },
+ {
+ "name": "mqtt-ssl",
+ "containerPort": 8883,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp",
+ "containerPort": 61613,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp-ssl",
+ "containerPort": 61612,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp",
+ "containerPort": 61616,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp-ssl",
+ "containerPort": 61617,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "AMQ_USER",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "AMQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "AMQ_TRANSPORTS",
+ "value": "${MQ_PROTOCOL}"
+ },
+ {
+ "name": "AMQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "AMQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "${MQ_SERIALIZABLE_PACKAGES}"
+ },
+ {
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "${AMQ_MESH_DISCOVERY_TYPE}"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-amq-tcp"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "AMQ_KEYSTORE_TRUSTSTORE_DIR",
+ "value": "/etc/amq-secret-volume"
+ },
+ {
+ "name": "AMQ_TRUSTSTORE",
+ "value": "${AMQ_TRUSTSTORE}"
+ },
+ {
+ "name": "AMQ_TRUSTSTORE_PASSWORD",
+ "value": "${AMQ_TRUSTSTORE_PASSWORD}"
+ },
+ {
+ "name": "AMQ_KEYSTORE",
+ "value": "${AMQ_KEYSTORE}"
+ },
+ {
+ "name": "AMQ_KEYSTORE_PASSWORD",
+ "value": "${AMQ_KEYSTORE_PASSWORD}"
+ },
+ {
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "${AMQ_STORAGE_USAGE_LIMIT}"
+ },
+ {
+ "name": "AMQ_QUEUE_MEMORY_LIMIT",
+ "value": "${AMQ_QUEUE_MEMORY_LIMIT}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "broker-secret-volume",
+ "secret": {
+ "secretName": "${AMQ_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/amq63-basic.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/amq63-basic.json
new file mode 100644
index 000000000..e13530764
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/amq63-basic.json
@@ -0,0 +1,346 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for JBoss A-MQ brokers. These can be deployed as standalone or in a mesh. This template doesn't feature SSL support.",
+ "iconClass": "icon-amq",
+ "tags": "messaging,amq,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.3 (Ephemeral, no SSL)",
+ "openshift.io/provider-display-name": "Red Hat, Inc."
+ },
+ "name": "amq63-basic"
+ },
+ "labels": {
+ "template": "amq63-basic",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new messaging service has been created in your project. It will handle the protocol(s) \"${MQ_PROTOCOL}\". The username/password for accessing the service is ${MQ_USERNAME}/${MQ_PASSWORD}.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "broker",
+ "required": true
+ },
+ {
+ "displayName": "A-MQ Protocols",
+ "description": "Protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`.",
+ "name": "MQ_PROTOCOL",
+ "value": "openwire",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. If left empty, queues will be still created dynamically.",
+ "name": "MQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. If left empty, topics will be still created dynamically.",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Serializable Packages",
+ "description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Username",
+ "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Password",
+ "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Mesh Discovery Type",
+ "description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "kube",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Storage Limit",
+ "description": "The A-MQ storage usage limit",
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "100 gb",
+ "required": false
+ },
+ {
+ "displayName": "Queue Memory Limit",
+ "description": "The queue memory limit (default is 1mb)",
+ "name": "AMQ_QUEUE_MEMORY_LIMIT",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5672,
+ "targetPort": 5672
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-amqp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's AMQP port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 1883,
+ "targetPort": 1883
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-mqtt",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's MQTT port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61613,
+ "targetPort": 61613
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-stomp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's STOMP port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61616,
+ "targetPort": 61616
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-tcp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's OpenWire port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-amqp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-mqtt\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-stomp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Rolling",
+ "rollingParams": {
+ "maxSurge": 0
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-amq"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-amq-63:1.2"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-amq",
+ "image": "jboss-amq-63",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/amq/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp",
+ "containerPort": 5672,
+ "protocol": "TCP"
+ },
+ {
+ "name": "mqtt",
+ "containerPort": 1883,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp",
+ "containerPort": 61613,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp",
+ "containerPort": 61616,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "AMQ_USER",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "AMQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "AMQ_TRANSPORTS",
+ "value": "${MQ_PROTOCOL}"
+ },
+ {
+ "name": "AMQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "AMQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "${MQ_SERIALIZABLE_PACKAGES}"
+ },
+ {
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "${AMQ_MESH_DISCOVERY_TYPE}"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-amq-tcp"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "${AMQ_STORAGE_USAGE_LIMIT}"
+ },
+ {
+ "name": "AMQ_QUEUE_MEMORY_LIMIT",
+ "value": "${AMQ_QUEUE_MEMORY_LIMIT}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/amq63-persistent-ssl.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/amq63-persistent-ssl.json
new file mode 100644
index 000000000..3eedee933
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/amq63-persistent-ssl.json
@@ -0,0 +1,692 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-amq",
+ "tags": "messaging,amq,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss A-MQ 6.3 (with SSL)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example JBoss A-MQ application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat JBoss A-MQ 6.3 based application, including a deployment configuration, using persistence and secure communication using SSL.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-amq/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "amq63-persistent-ssl"
+ },
+ "labels": {
+ "template": "amq63-persistent-ssl",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new persistent messaging service with SSL support has been created in your project. It will handle the protocol(s) \"${MQ_PROTOCOL}\". The username/password for accessing the service is ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"amq-service-account\" service account and a secret named \"${AMQ_SECRET}\" containing the trust store and key store files (\"${AMQ_TRUSTSTORE}\" and \"${AMQ_KEYSTORE}\") used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "broker",
+ "required": true
+ },
+ {
+ "displayName": "Split Data?",
+ "description": "Split the data directory for each node in a mesh, this is now the default behaviour.",
+ "name": "AMQ_SPLIT",
+ "value": "true",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Protocols",
+ "description": "Protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`.",
+ "name": "MQ_PROTOCOL",
+ "value": "openwire",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. If left empty, queues will be still created dynamically.",
+ "name": "MQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. If left empty, topics will be still created dynamically.",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Serializable Packages",
+ "description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Volume Size",
+ "description": "Size of the volume used by A-MQ for persisting messages.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "A-MQ Username",
+ "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Password",
+ "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Mesh Discovery Type",
+ "description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "kube",
+ "required": false
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "Name of a secret containing SSL related files",
+ "name": "AMQ_SECRET",
+ "value": "amq-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Trust Store Filename",
+ "description": "SSL trust store filename",
+ "name": "AMQ_TRUSTSTORE",
+ "value": "broker.ts",
+ "required": true
+ },
+ {
+ "displayName": "Trust Store Password",
+ "description": "SSL trust store password",
+ "name": "AMQ_TRUSTSTORE_PASSWORD",
+ "value": "",
+ "required": true
+ },
+ {
+ "displayName": "A-MQ Keystore Filename",
+ "description": "SSL key store filename",
+ "name": "AMQ_KEYSTORE",
+ "value": "broker.ks",
+ "required": true
+ },
+ {
+ "displayName": "A-MQ Keystore Password",
+ "description": "Password for accessing SSL keystore",
+ "name": "AMQ_KEYSTORE_PASSWORD",
+ "value": "",
+ "required": true
+ },
+ {
+ "displayName": "A-MQ Storage Limit",
+ "description": "The A-MQ storage usage limit",
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "100 gb",
+ "required": false
+ },
+ {
+ "displayName": "Queue Memory Limit",
+ "description": "The queue memory limit (default is 1mb)",
+ "name": "AMQ_QUEUE_MEMORY_LIMIT",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5672,
+ "targetPort": 5672
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-amqp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's AMQP port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5671,
+ "targetPort": 5671
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-amqp-ssl",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's AMQP SSL port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 1883,
+ "targetPort": 1883
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-mqtt",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's MQTT port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8883,
+ "targetPort": 8883
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-mqtt-ssl",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's MQTT SSL port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61613,
+ "targetPort": 61613
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-stomp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's STOMP port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61612,
+ "targetPort": 61612
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-stomp-ssl",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's STOMP SSL port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61616,
+ "targetPort": 61616
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-tcp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's OpenWire port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61617,
+ "targetPort": 61617
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-tcp-ssl",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's OpenWire (SSL) port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-amqp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-mqtt\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-stomp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-amqp-ssl\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-mqtt-ssl\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-stomp-ssl\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Rolling",
+ "rollingParams": {
+ "maxSurge": 0
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-amq"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-amq-63:1.2"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "amq-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-amq",
+ "image": "jboss-amq-63",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "broker-secret-volume",
+ "mountPath": "/etc/amq-secret-volume",
+ "readOnly": true
+ },
+ {
+ "mountPath": "/opt/amq/data",
+ "name": "${APPLICATION_NAME}-amq-pvol"
+ }
+ ],
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/amq/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp",
+ "containerPort": 5672,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp-ssl",
+ "containerPort": 5671,
+ "protocol": "TCP"
+ },
+ {
+ "name": "mqtt",
+ "containerPort": 1883,
+ "protocol": "TCP"
+ },
+ {
+ "name": "mqtt-ssl",
+ "containerPort": 8883,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp",
+ "containerPort": 61613,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp-ssl",
+ "containerPort": 61612,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp",
+ "containerPort": 61616,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp-ssl",
+ "containerPort": 61617,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "AMQ_USER",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "AMQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "AMQ_TRANSPORTS",
+ "value": "${MQ_PROTOCOL}"
+ },
+ {
+ "name": "AMQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "AMQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "${MQ_SERIALIZABLE_PACKAGES}"
+ },
+ {
+ "name": "AMQ_SPLIT",
+ "value": "${AMQ_SPLIT}"
+ },
+ {
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "${AMQ_MESH_DISCOVERY_TYPE}"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-amq-tcp"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "AMQ_KEYSTORE_TRUSTSTORE_DIR",
+ "value": "/etc/amq-secret-volume"
+ },
+ {
+ "name": "AMQ_TRUSTSTORE",
+ "value": "${AMQ_TRUSTSTORE}"
+ },
+ {
+ "name": "AMQ_TRUSTSTORE_PASSWORD",
+ "value": "${AMQ_TRUSTSTORE_PASSWORD}"
+ },
+ {
+ "name": "AMQ_KEYSTORE",
+ "value": "${AMQ_KEYSTORE}"
+ },
+ {
+ "name": "AMQ_KEYSTORE_PASSWORD",
+ "value": "${AMQ_KEYSTORE_PASSWORD}"
+ },
+ {
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "${AMQ_STORAGE_USAGE_LIMIT}"
+ },
+ {
+ "name": "AMQ_QUEUE_MEMORY_LIMIT",
+ "value": "${AMQ_QUEUE_MEMORY_LIMIT}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "broker-secret-volume",
+ "secret": {
+ "secretName": "${AMQ_SECRET}"
+ }
+ },
+ {
+ "name": "${APPLICATION_NAME}-amq-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-amq-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-drainer",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-drainer"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-amq-63:1.2"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-drainer"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-drainer",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-drainer",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-drainer",
+ "image": "jboss-amq-63",
+ "command": [
+ "/opt/amq/bin/drain.sh"
+ ],
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "mountPath": "/opt/amq/data",
+ "name": "${APPLICATION_NAME}-amq-pvol"
+ }
+ ],
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp",
+ "containerPort": 61616,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "AMQ_USER",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "AMQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-amq-tcp"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-amq-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-amq-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteMany"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/amq63-persistent.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/amq63-persistent.json
new file mode 100644
index 000000000..7c0aec61a
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/amq63-persistent.json
@@ -0,0 +1,509 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-amq",
+ "tags": "messaging,amq,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss A-MQ 6.3 (no SSL)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example JBoss A-MQ application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat JBoss A-MQ 6.3 based application, including a deployment configuration and using persistence.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-amq/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "amq63-persistent"
+ },
+ "labels": {
+ "template": "amq63-persistent",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new persistent messaging service has been created in your project. It will handle the protocol(s) \"${MQ_PROTOCOL}\". The username/password for accessing the service is ${MQ_USERNAME}/${MQ_PASSWORD}.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "broker",
+ "required": true
+ },
+ {
+ "displayName": "Split Data?",
+ "description": "Split the data directory for each node in a mesh, this is now the default behaviour.",
+ "name": "AMQ_SPLIT",
+ "value": "true",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Protocols",
+ "description": "Protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`.",
+ "name": "MQ_PROTOCOL",
+ "value": "openwire",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. If left empty, queues will be still created dynamically.",
+ "name": "MQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. If left empty, topics will be still created dynamically.",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Serializable Packages",
+ "description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Volume Size",
+ "description": "Size of the volume used by A-MQ for persisting messages.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "A-MQ Username",
+ "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Password",
+ "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Mesh Discovery Type",
+ "description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "kube",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Storage Limit",
+ "description": "The A-MQ storage usage limit",
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "100 gb",
+ "required": false
+ },
+ {
+ "displayName": "Queue Memory Limit",
+ "description": "The queue memory limit (default is 1mb)",
+ "name": "AMQ_QUEUE_MEMORY_LIMIT",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5672,
+ "targetPort": 5672
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-amqp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's AMQP port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 1883,
+ "targetPort": 1883
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-mqtt",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's MQTT port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61613,
+ "targetPort": 61613
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-stomp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's STOMP port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61616,
+ "targetPort": 61616
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-tcp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's OpenWire port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-amqp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-mqtt\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-stomp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Rolling",
+ "rollingParams": {
+ "maxSurge": 0
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-amq"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-amq-63:1.2"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-amq",
+ "image": "jboss-amq-63",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "mountPath": "/opt/amq/data",
+ "name": "${APPLICATION_NAME}-amq-pvol"
+ }
+ ],
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/amq/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp",
+ "containerPort": 5672,
+ "protocol": "TCP"
+ },
+ {
+ "name": "mqtt",
+ "containerPort": 1883,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp",
+ "containerPort": 61613,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp",
+ "containerPort": 61616,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "AMQ_USER",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "AMQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "AMQ_TRANSPORTS",
+ "value": "${MQ_PROTOCOL}"
+ },
+ {
+ "name": "AMQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "AMQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "${MQ_SERIALIZABLE_PACKAGES}"
+ },
+ {
+ "name": "AMQ_SPLIT",
+ "value": "${AMQ_SPLIT}"
+ },
+ {
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "${AMQ_MESH_DISCOVERY_TYPE}"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-amq-tcp"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "${AMQ_STORAGE_USAGE_LIMIT}"
+ },
+ {
+ "name": "AMQ_QUEUE_MEMORY_LIMIT",
+ "value": "${AMQ_QUEUE_MEMORY_LIMIT}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-amq-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-amq-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-drainer",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-drainer"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-amq-63:1.2"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-drainer"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-drainer",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-drainer",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-drainer",
+ "image": "jboss-amq-63",
+ "command": [
+ "/opt/amq/bin/drain.sh"
+ ],
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "mountPath": "/opt/amq/data",
+ "name": "${APPLICATION_NAME}-amq-pvol"
+ }
+ ],
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp",
+ "containerPort": 61616,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "AMQ_USER",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "AMQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-amq-tcp"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-amq-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-amq-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteMany"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/amq63-ssl.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/amq63-ssl.json
new file mode 100644
index 000000000..a55403c79
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/amq63-ssl.json
@@ -0,0 +1,536 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-amq",
+ "tags": "messaging,amq,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss A-MQ 6.3 (Ephemeral with SSL)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example JBoss A-MQ application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat JBoss A-MQ 6.2 based application, including a deployment configuration, using ephemeral (temporary) storage and secure communication using SSL. These can be deployed as standalone or in a mesh.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-amq/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "amq63-ssl"
+ },
+ "labels": {
+ "template": "amq63-ssl",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new messaging service with SSL support has been created in your project. It will handle the protocol(s) \"${MQ_PROTOCOL}\". The username/password for accessing the service is ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"amq-service-account\" service account and a secret named \"${AMQ_SECRET}\" containing the trust store and key store files (\"${AMQ_TRUSTSTORE}\" and \"${AMQ_KEYSTORE}\") used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "broker",
+ "required": true
+ },
+ {
+ "displayName": "A-MQ Protocols",
+ "description": "Protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. SSL variants of these protocols will be configured automaticaly.",
+ "name": "MQ_PROTOCOL",
+ "value": "openwire",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. If left empty, queues will be still created dynamically.",
+ "name": "MQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. If left empty, topics will be still created dynamically.",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Serializable Packages",
+ "description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Username",
+ "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Password",
+ "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "Name of a secret containing SSL related files",
+ "name": "AMQ_SECRET",
+ "value": "amq-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Trust Store Filename",
+ "description": "SSL trust store filename",
+ "name": "AMQ_TRUSTSTORE",
+ "value": "broker.ts",
+ "required": true
+ },
+ {
+ "displayName": "Trust Store Password",
+ "description": "SSL trust store password",
+ "name": "AMQ_TRUSTSTORE_PASSWORD",
+ "value": "",
+ "required": true
+ },
+ {
+ "displayName": "A-MQ Keystore Filename",
+ "description": "SSL key store filename",
+ "name": "AMQ_KEYSTORE",
+ "value": "broker.ks",
+ "required": true
+ },
+ {
+ "displayName": "A-MQ Keystore Password",
+ "description": "Password for accessing SSL keystore",
+ "name": "AMQ_KEYSTORE_PASSWORD",
+ "value": "",
+ "required": true
+ },
+ {
+ "displayName": "A-MQ Mesh Discovery Type",
+ "description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "kube",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Storage Limit",
+ "description": "The A-MQ storage usage limit",
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "100 gb",
+ "required": false
+ },
+ {
+ "displayName": "Queue Memory Limit",
+ "description": "The queue memory limit (default is 1mb)",
+ "name": "AMQ_QUEUE_MEMORY_LIMIT",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5672,
+ "targetPort": 5672
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-amqp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's AMQP port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5671,
+ "targetPort": 5671
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-amqp-ssl",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's AMQP SSL port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 1883,
+ "targetPort": 1883
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-mqtt",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's MQTT port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8883,
+ "targetPort": 8883
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-mqtt-ssl",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's MQTT SSL port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61613,
+ "targetPort": 61613
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-stomp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's STOMP port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61612,
+ "targetPort": 61612
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-stomp-ssl",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's STOMP SSL port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61616,
+ "targetPort": 61616
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-tcp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's OpenWire port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61617,
+ "targetPort": 61617
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-tcp-ssl",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's OpenWire (SSL) port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-amqp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-mqtt\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-stomp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-amqp-ssl\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-mqtt-ssl\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-stomp-ssl\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Rolling",
+ "rollingParams": {
+ "maxSurge": 0
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-amq"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-amq-63:1.2"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "amq-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-amq",
+ "image": "jboss-amq-63",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "broker-secret-volume",
+ "mountPath": "/etc/amq-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/amq/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp",
+ "containerPort": 5672,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp-ssl",
+ "containerPort": 5671,
+ "protocol": "TCP"
+ },
+ {
+ "name": "mqtt",
+ "containerPort": 1883,
+ "protocol": "TCP"
+ },
+ {
+ "name": "mqtt-ssl",
+ "containerPort": 8883,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp",
+ "containerPort": 61613,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp-ssl",
+ "containerPort": 61612,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp",
+ "containerPort": 61616,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp-ssl",
+ "containerPort": 61617,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "AMQ_USER",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "AMQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "AMQ_TRANSPORTS",
+ "value": "${MQ_PROTOCOL}"
+ },
+ {
+ "name": "AMQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "AMQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "${MQ_SERIALIZABLE_PACKAGES}"
+ },
+ {
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "${AMQ_MESH_DISCOVERY_TYPE}"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-amq-tcp"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "AMQ_KEYSTORE_TRUSTSTORE_DIR",
+ "value": "/etc/amq-secret-volume"
+ },
+ {
+ "name": "AMQ_TRUSTSTORE",
+ "value": "${AMQ_TRUSTSTORE}"
+ },
+ {
+ "name": "AMQ_TRUSTSTORE_PASSWORD",
+ "value": "${AMQ_TRUSTSTORE_PASSWORD}"
+ },
+ {
+ "name": "AMQ_KEYSTORE",
+ "value": "${AMQ_KEYSTORE}"
+ },
+ {
+ "name": "AMQ_KEYSTORE_PASSWORD",
+ "value": "${AMQ_KEYSTORE_PASSWORD}"
+ },
+ {
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "${AMQ_STORAGE_USAGE_LIMIT}"
+ },
+ {
+ "name": "AMQ_QUEUE_MEMORY_LIMIT",
+ "value": "${AMQ_QUEUE_MEMORY_LIMIT}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "broker-secret-volume",
+ "secret": {
+ "secretName": "${AMQ_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/datagrid65-basic.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/datagrid65-basic.json
new file mode 100644
index 000000000..af390c13d
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/datagrid65-basic.json
@@ -0,0 +1,373 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-datagrid",
+ "description": "Application template for JDG 6.5 applications.",
+ "tags": "datagrid,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Data Grid 6.5 (Ephemeral, no https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc."
+ },
+ "name": "datagrid65-basic"
+ },
+ "labels": {
+ "template": "datagrid65-basic",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new data grid service has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\".",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "datagrid-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Username",
+ "description": "User name for JDG user.",
+ "name": "USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Password",
+ "description": "The password to access the JDG Caches. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s). (optional)",
+ "name": "PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Infinispan Connectors",
+ "description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')",
+ "name": "INFINISPAN_CONNECTORS",
+ "value": "hotrod,memcached,rest",
+ "required": false
+ },
+ {
+ "displayName": "Cache Names",
+ "description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configured for each entry.",
+ "name": "CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datavirt Cache Names",
+ "description": "Comma-separated list of caches to configure for use by Red Hat JBoss Data Virtualization for materialization of views. Three caches will be created for each named cache: <name>, <name>_staging and <name>_alias.",
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Default Cache Type",
+ "description": "Default cache type for all caches. If empty then distributed will be the default",
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Encryption Requires SSL Client Authentication?",
+ "description": "",
+ "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Memcached Cache Name",
+ "description": "The name of the cache to expose through this memcached connector (defaults to 'default')",
+ "name": "MEMCACHED_CACHE",
+ "value": "default",
+ "required": false
+ },
+ {
+ "displayName": "REST Security Domain",
+ "description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint",
+ "name": "REST_SECURITY_DOMAIN",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTP port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 11211,
+ "targetPort": 11211
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-memcached",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Memcached service for clustered applications."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 11333,
+ "targetPort": 11333
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-hotrod",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Hot Rod service for clustered applications."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTP service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-datagrid65-openshift:1.5"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "jboss-datagrid65-openshift",
+ "imagePullPolicy": "Always",
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/datagrid/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/datagrid/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ },
+ {
+ "name": "memcached",
+ "containerPort": 11211,
+ "protocol": "TCP"
+ },
+ {
+ "name": "hotrod-internal",
+ "containerPort": 11222,
+ "protocol": "TCP"
+ },
+ {
+ "name": "hotrod",
+ "containerPort": 11333,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "USERNAME",
+ "value": "${USERNAME}"
+ },
+ {
+ "name": "PASSWORD",
+ "value": "${PASSWORD}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "INFINISPAN_CONNECTORS",
+ "value": "${INFINISPAN_CONNECTORS}"
+ },
+ {
+ "name": "CACHE_NAMES",
+ "value": "${CACHE_NAMES}"
+ },
+ {
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "${DATAVIRT_CACHE_NAMES}"
+ },
+ {
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "${CACHE_TYPE_DEFAULT}"
+ },
+ {
+ "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
+ "value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}"
+ },
+ {
+ "name": "HOTROD_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-hotrod"
+ },
+ {
+ "name": "MEMCACHED_CACHE",
+ "value": "${MEMCACHED_CACHE}"
+ },
+ {
+ "name": "REST_SECURITY_DOMAIN",
+ "value": "${REST_SECURITY_DOMAIN}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/datagrid65-https.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/datagrid65-https.json
new file mode 100644
index 000000000..97d02c788
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/datagrid65-https.json
@@ -0,0 +1,555 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-datagrid",
+ "description": "Application template for JDG 6.5 applications.",
+ "tags": "datagrid,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Data Grid 6.5 (Ephemeral with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc."
+ },
+ "name": "datagrid65-https"
+ },
+ "labels": {
+ "template": "datagrid65-https",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new data grid service has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\". Please be sure to create the \"datagrid-service-account\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "datagrid-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Username",
+ "description": "User name for JDG user.",
+ "name": "USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Password",
+ "description": "The password to access the JDG Caches. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s). (optional)",
+ "name": "PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "datagrid-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Infinispan Connectors",
+ "description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')",
+ "name": "INFINISPAN_CONNECTORS",
+ "value": "hotrod,memcached,rest",
+ "required": false
+ },
+ {
+ "displayName": "Cache Names",
+ "description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configured for each entry.",
+ "name": "CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datavirt Cache Names",
+ "description": "Comma-separated list of caches to configure for use by Red Hat JBoss Data Virtualization for materialization of views. Three caches will be created for each named cache: <name>, <name>_staging and <name>_alias.",
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Default Cache Type",
+ "description": "Default cache type for all caches. If empty then distributed will be the default",
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Encryption Requires SSL Client Authentication?",
+ "description": "",
+ "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Memcached Cache Name",
+ "description": "The name of the cache to expose through this memcached connector (defaults to 'default')",
+ "name": "MEMCACHED_CACHE",
+ "value": "default",
+ "required": false
+ },
+ {
+ "displayName": "REST Security Domain",
+ "description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint",
+ "name": "REST_SECURITY_DOMAIN",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "datagrid-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTP port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTPS port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 11211,
+ "targetPort": 11211
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-memcached",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Memcached service for clustered applications."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 11333,
+ "targetPort": 11333
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-hotrod",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Hot Rod service for clustered applications."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTP service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTPS service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-datagrid65-openshift:1.5"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "datagrid-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "jboss-datagrid65-openshift",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "datagrid-keystore-volume",
+ "mountPath": "/etc/datagrid-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "datagrid-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/datagrid/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/datagrid/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ },
+ {
+ "name": "memcached",
+ "containerPort": 11211,
+ "protocol": "TCP"
+ },
+ {
+ "name": "hotrod-internal",
+ "containerPort": 11222,
+ "protocol": "TCP"
+ },
+ {
+ "name": "hotrod",
+ "containerPort": 11333,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "USERNAME",
+ "value": "${USERNAME}"
+ },
+ {
+ "name": "PASSWORD",
+ "value": "${PASSWORD}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/datagrid-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "INFINISPAN_CONNECTORS",
+ "value": "${INFINISPAN_CONNECTORS}"
+ },
+ {
+ "name": "CACHE_NAMES",
+ "value": "${CACHE_NAMES}"
+ },
+ {
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "${DATAVIRT_CACHE_NAMES}"
+ },
+ {
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "${CACHE_TYPE_DEFAULT}"
+ },
+ {
+ "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
+ "value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}"
+ },
+ {
+ "name": "HOTROD_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-hotrod"
+ },
+ {
+ "name": "MEMCACHED_CACHE",
+ "value": "${MEMCACHED_CACHE}"
+ },
+ {
+ "name": "REST_SECURITY_DOMAIN",
+ "value": "${REST_SECURITY_DOMAIN}"
+ },
+ {
+ "name": "HOTROD_ENCRYPTION",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "datagrid-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "datagrid-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/datagrid65-mysql-persistent.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/datagrid65-mysql-persistent.json
new file mode 100644
index 000000000..018132668
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/datagrid65-mysql-persistent.json
@@ -0,0 +1,860 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-datagrid",
+ "tags": "datagrid,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Data Grid 6.5 + MySQL (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example JBoss Data Grid application with a MySQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat JBoss Data Grid 6.5 based application, including a deployment configuration, using MySQL databased using persistence and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-data-grid/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "datagrid65-mysql-persistent"
+ },
+ "labels": {
+ "template": "datagrid65-mysql-persistent",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new data grid service (using MySQL with persistent storage) has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\". The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"datagrid-service-account\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "datagrid-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Username",
+ "description": "User name for JDG user.",
+ "name": "USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Password",
+ "description": "The password to access the JDG Caches. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s). (optional)",
+ "name": "PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "datagrid-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
+ "name": "DB_JNDI",
+ "value": "java:/jboss/datasources/mysql",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Lower Case Table Names",
+ "description": "Sets how the table names are stored and compared.",
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Maximum number of connections",
+ "description": "The maximum permitted number of simultaneous client connections.",
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Minimum Word Length",
+ "description": "The minimum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Maximum Word Length",
+ "description": "The maximum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL AIO",
+ "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
+ "name": "MYSQL_AIO",
+ "required": false
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Infinispan Connectors",
+ "description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')",
+ "name": "INFINISPAN_CONNECTORS",
+ "value": "hotrod,memcached,rest",
+ "required": false
+ },
+ {
+ "displayName": "Cache Names",
+ "description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configured for each entry.",
+ "name": "CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datavirt Cache Names",
+ "description": "Comma-separated list of caches to configure for use by Red Hat JBoss Data Virtualization for materialization of views. Three caches will be created for each named cache: <name>, <name>_staging and <name>_alias.",
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Default Cache Type",
+ "description": "Default cache type for all caches. If empty then distributed will be the default",
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Encryption Requires SSL Client Authentication?",
+ "description": "",
+ "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Memcached Cache Name",
+ "description": "The name of the cache to expose through this memcached connector (defaults to 'default')",
+ "name": "MEMCACHED_CACHE",
+ "value": "default",
+ "required": false
+ },
+ {
+ "displayName": "REST Security Domain",
+ "description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint",
+ "name": "REST_SECURITY_DOMAIN",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "datagrid-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 11211,
+ "targetPort": 11211
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-memcached",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Memcached service for clustered applications.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 11333,
+ "targetPort": 11333
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-hotrod",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Hot Rod service for clustered applications.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTP service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTPS service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-datagrid65-openshift:1.5"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "datagrid-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "jboss-datagrid65-openshift",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "datagrid-keystore-volume",
+ "mountPath": "/etc/datagrid-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "datagrid-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/datagrid/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/datagrid/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ },
+ {
+ "name": "memcached",
+ "containerPort": 11211,
+ "protocol": "TCP"
+ },
+ {
+ "name": "hotrod-internal",
+ "containerPort": 11222,
+ "protocol": "TCP"
+ },
+ {
+ "name": "hotrod",
+ "containerPort": 11333,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "USERNAME",
+ "value": "${USERNAME}"
+ },
+ {
+ "name": "PASSWORD",
+ "value": "${PASSWORD}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/datagrid-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "DEFAULT_JDBC_STORE_TYPE",
+ "value": "string"
+ },
+ {
+ "name": "DEFAULT_JDBC_STORE_DATASOURCE",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "MEMCACHED_JDBC_STORE_TYPE",
+ "value": "string"
+ },
+ {
+ "name": "MEMCACHED_JDBC_STORE_DATASOURCE",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "INFINISPAN_CONNECTORS",
+ "value": "${INFINISPAN_CONNECTORS}"
+ },
+ {
+ "name": "CACHE_NAMES",
+ "value": "${CACHE_NAMES}"
+ },
+ {
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "${DATAVIRT_CACHE_NAMES}"
+ },
+ {
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "${CACHE_TYPE_DEFAULT}"
+ },
+ {
+ "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
+ "value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}"
+ },
+ {
+ "name": "HOTROD_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-hotrod"
+ },
+ {
+ "name": "HOTROD_ENCRYPTION",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "MEMCACHED_CACHE",
+ "value": "${MEMCACHED_CACHE}"
+ },
+ {
+ "name": "REST_SECURITY_DOMAIN",
+ "value": "${REST_SECURITY_DOMAIN}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "datagrid-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "datagrid-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mysql",
+ "image": "mysql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/mysql/data",
+ "name": "${APPLICATION_NAME}-mysql-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
+ },
+ {
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "value": "${MYSQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "value": "${MYSQL_FT_MIN_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "value": "${MYSQL_FT_MAX_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_AIO",
+ "value": "${MYSQL_AIO}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-mysql-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-mysql-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/datagrid65-mysql.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/datagrid65-mysql.json
new file mode 100644
index 000000000..1e8ca1b51
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/datagrid65-mysql.json
@@ -0,0 +1,816 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-datagrid",
+ "description": "Application template for JDG 6.5 and MySQL applications.",
+ "tags": "datagrid,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Data Grid 6.5 + MySQL (Ephemeral with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc."
+ },
+ "name": "datagrid65-mysql"
+ },
+ "labels": {
+ "template": "datagrid65-mysql",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new data grid service (using MySQL) has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\". The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"datagrid-service-account\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "datagrid-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Username",
+ "description": "User name for JDG user.",
+ "name": "USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Password",
+ "description": "The password to access the JDG Caches. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s). (optional)",
+ "name": "PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "datagrid-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
+ "name": "DB_JNDI",
+ "value": "java:/jboss/datasources/mysql",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Lower Case Table Names",
+ "description": "Sets how the table names are stored and compared.",
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Maximum number of connections",
+ "description": "The maximum permitted number of simultaneous client connections.",
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Minimum Word Length",
+ "description": "The minimum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Maximum Word Length",
+ "description": "The maximum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL AIO",
+ "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
+ "name": "MYSQL_AIO",
+ "required": false
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Infinispan Connectors",
+ "description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')",
+ "name": "INFINISPAN_CONNECTORS",
+ "value": "hotrod,memcached,rest",
+ "required": false
+ },
+ {
+ "displayName": "Cache Names",
+ "description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configured for each entry.",
+ "name": "CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datavirt Cache Names",
+ "description": "Comma-separated list of caches to configure for use by Red Hat JBoss Data Virtualization for materialization of views. Three caches will be created for each named cache: <name>, <name>_staging and <name>_alias.",
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Default Cache Type",
+ "description": "Default cache type for all caches. If empty then distributed will be the default",
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Encryption Requires SSL Client Authentication?",
+ "description": "",
+ "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Memcached Cache Name",
+ "description": "The name of the cache to expose through this memcached connector (defaults to 'default')",
+ "name": "MEMCACHED_CACHE",
+ "value": "default",
+ "required": false
+ },
+ {
+ "displayName": "REST Security Domain",
+ "description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint",
+ "name": "REST_SECURITY_DOMAIN",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "datagrid-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 11211,
+ "targetPort": 11211
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-memcached",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Memcached service for clustered applications.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 11333,
+ "targetPort": 11333
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-hotrod",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Hot Rod service for clustered applications.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTP service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTPS service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-datagrid65-openshift:1.5"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "datagrid-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "jboss-datagrid65-openshift",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "datagrid-keystore-volume",
+ "mountPath": "/etc/datagrid-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "datagrid-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/datagrid/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/datagrid/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ },
+ {
+ "name": "memcached",
+ "containerPort": 11211,
+ "protocol": "TCP"
+ },
+ {
+ "name": "hotrod-internal",
+ "containerPort": 11222,
+ "protocol": "TCP"
+ },
+ {
+ "name": "hotrod",
+ "containerPort": 11333,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "USERNAME",
+ "value": "${USERNAME}"
+ },
+ {
+ "name": "PASSWORD",
+ "value": "${PASSWORD}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/datagrid-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "DEFAULT_JDBC_STORE_TYPE",
+ "value": "string"
+ },
+ {
+ "name": "DEFAULT_JDBC_STORE_DATASOURCE",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "MEMCACHED_JDBC_STORE_TYPE",
+ "value": "string"
+ },
+ {
+ "name": "MEMCACHED_JDBC_STORE_DATASOURCE",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "INFINISPAN_CONNECTORS",
+ "value": "${INFINISPAN_CONNECTORS}"
+ },
+ {
+ "name": "CACHE_NAMES",
+ "value": "${CACHE_NAMES}"
+ },
+ {
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "${DATAVIRT_CACHE_NAMES}"
+ },
+ {
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "${CACHE_TYPE_DEFAULT}"
+ },
+ {
+ "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
+ "value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}"
+ },
+ {
+ "name": "HOTROD_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-hotrod"
+ },
+ {
+ "name": "HOTROD_ENCRYPTION",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "MEMCACHED_CACHE",
+ "value": "${MEMCACHED_CACHE}"
+ },
+ {
+ "name": "REST_SECURITY_DOMAIN",
+ "value": "${REST_SECURITY_DOMAIN}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "datagrid-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "datagrid-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mysql",
+ "image": "mysql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
+ },
+ {
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "value": "${MYSQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "value": "${MYSQL_FT_MIN_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "value": "${MYSQL_FT_MAX_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_AIO",
+ "value": "${MYSQL_AIO}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/datagrid65-postgresql-persistent.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/datagrid65-postgresql-persistent.json
new file mode 100644
index 000000000..4a1d818c9
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/datagrid65-postgresql-persistent.json
@@ -0,0 +1,833 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-datagrid",
+ "description": "Application template for JDG 6.5 and PostgreSQL applications with persistent storage.",
+ "tags": "datagrid,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Data Grid 6.5 + PostgreSQL (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example JBoss Data Grid application with a PostgreSQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat JBoss Data Grid 6.5 based application, including a deployment configuration, using PostgreSQL database using persistence and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-data-grid/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "datagrid65-postgresql-persistent"
+ },
+ "labels": {
+ "template": "datagrid65-postgresql-persistent",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new data grid service (using PostgreSQL with persistent storage) has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\". The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"datagrid-service-account\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "datagrid-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Username",
+ "description": "User name for JDG user.",
+ "name": "USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Password",
+ "description": "The password to access the JDG Caches. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s). (optional)",
+ "name": "PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "datagrid-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/postgresql",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Maximum number of connections",
+ "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Shared Buffers",
+ "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "required": false
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Infinispan Connectors",
+ "description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')",
+ "name": "INFINISPAN_CONNECTORS",
+ "value": "hotrod,memcached,rest",
+ "required": false
+ },
+ {
+ "displayName": "Cache Names",
+ "description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configured for each entry.",
+ "name": "CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datavirt Cache Names",
+ "description": "Comma-separated list of caches to configure for use by Red Hat JBoss Data Virtualization for materialization of views. Three caches will be created for each named cache: <name>, <name>_staging and <name>_alias.",
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Default Cache Type",
+ "description": "Default cache type for all caches. If empty then distributed will be the default",
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Encryption Requires SSL Client Authentication?",
+ "description": "",
+ "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Memcached Cache Name",
+ "description": "The name of the cache to expose through this memcached connector (defaults to 'default')",
+ "name": "MEMCACHED_CACHE",
+ "value": "default",
+ "required": false
+ },
+ {
+ "displayName": "REST Security Domain",
+ "description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint",
+ "name": "REST_SECURITY_DOMAIN",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "datagrid-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 11211,
+ "targetPort": 11211
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-memcached",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Memcached service for clustered applications."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 11333,
+ "targetPort": 11333
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-hotrod",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Hot Rod service for clustered applications."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTP service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTPS service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-datagrid65-openshift:1.5"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "datagrid-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "jboss-datagrid65-openshift",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "datagrid-keystore-volume",
+ "mountPath": "/etc/datagrid-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "datagrid-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/datagrid/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/datagrid/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ },
+ {
+ "name": "memcached",
+ "containerPort": 11211,
+ "protocol": "TCP"
+ },
+ {
+ "name": "hotrod-internal",
+ "containerPort": 11222,
+ "protocol": "TCP"
+ },
+ {
+ "name": "hotrod",
+ "containerPort": 11333,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "USERNAME",
+ "value": "${USERNAME}"
+ },
+ {
+ "name": "PASSWORD",
+ "value": "${PASSWORD}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/datagrid-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "DEFAULT_JDBC_STORE_TYPE",
+ "value": "string"
+ },
+ {
+ "name": "DEFAULT_JDBC_STORE_DATASOURCE",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "MEMCACHED_JDBC_STORE_TYPE",
+ "value": "string"
+ },
+ {
+ "name": "MEMCACHED_JDBC_STORE_DATASOURCE",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "INFINISPAN_CONNECTORS",
+ "value": "${INFINISPAN_CONNECTORS}"
+ },
+ {
+ "name": "CACHE_NAMES",
+ "value": "${CACHE_NAMES}"
+ },
+ {
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "${DATAVIRT_CACHE_NAMES}"
+ },
+ {
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "${CACHE_TYPE_DEFAULT}"
+ },
+ {
+ "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
+ "value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}"
+ },
+ {
+ "name": "HOTROD_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-hotrod"
+ },
+ {
+ "name": "HOTROD_ENCRYPTION",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "MEMCACHED_CACHE",
+ "value": "${MEMCACHED_CACHE}"
+ },
+ {
+ "name": "REST_SECURITY_DOMAIN",
+ "value": "${REST_SECURITY_DOMAIN}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "datagrid-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "datagrid-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "image": "postgresql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/pgsql/data",
+ "name": "${APPLICATION_NAME}-postgresql-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_PREPARED_TRANSACTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-postgresql-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/datagrid65-postgresql.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/datagrid65-postgresql.json
new file mode 100644
index 000000000..d97bdfa75
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/datagrid65-postgresql.json
@@ -0,0 +1,788 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-datagrid",
+ "description": "Application template for JDG 6.5 and PostgreSQL applications built using.",
+ "tags": "datagrid,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Data Grid 6.5 + PostgreSQL (Ephemeral with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc."
+ },
+ "name": "datagrid65-postgresql"
+ },
+ "labels": {
+ "template": "datagrid65-postgresql",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new data grid service (using PostgreSQL) has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\". The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"datagrid-service-account\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "datagrid-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Username",
+ "description": "User name for JDG user.",
+ "name": "USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Password",
+ "description": "The password to access the JDG Caches. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s). (optional)",
+ "name": "PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "datagrid-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/postgresql",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Maximum number of connections",
+ "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Shared Buffers",
+ "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "required": false
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Infinispan Connectors",
+ "description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')",
+ "name": "INFINISPAN_CONNECTORS",
+ "value": "hotrod,memcached,rest",
+ "required": false
+ },
+ {
+ "displayName": "Cache Names",
+ "description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configurd for each entry.",
+ "name": "CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datavirt Cache Names",
+ "description": "Comma-separated list of caches to configure for use by Red Hat JBoss Data Virtualization for materialization of views. Three caches will be created for each named cache: <name>, <name>_staging and <name>_alias.",
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Default Cache Type",
+ "description": "Default cache type for all caches. If empty then distributed will be the default",
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Encryption Requires SSL Client Authentication?",
+ "description": "",
+ "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Memcached Cache Name",
+ "description": "The name of the cache to expose through this memcached connector (defaults to 'default')",
+ "name": "MEMCACHED_CACHE",
+ "value": "default",
+ "required": false
+ },
+ {
+ "displayName": "REST Security Domain",
+ "description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint",
+ "name": "REST_SECURITY_DOMAIN",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "datagrid-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 11211,
+ "targetPort": 11211
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-memcached",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Memcached service for clustered applications."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 11333,
+ "targetPort": 11333
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-hotrod",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Hot Rod service for clustered applications."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTP service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTPS service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-datagrid65-openshift:1.5"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "datagrid-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "jboss-datagrid65-openshift",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "datagrid-keystore-volume",
+ "mountPath": "/etc/datagrid-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "datagrid-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/datagrid/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/datagrid/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ },
+ {
+ "name": "memcached",
+ "containerPort": 11211,
+ "protocol": "TCP"
+ },
+ {
+ "name": "hotrod-internal",
+ "containerPort": 11222,
+ "protocol": "TCP"
+ },
+ {
+ "name": "hotrod",
+ "containerPort": 11333,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "USERNAME",
+ "value": "${USERNAME}"
+ },
+ {
+ "name": "PASSWORD",
+ "value": "${PASSWORD}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/datagrid-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "DEFAULT_JDBC_STORE_TYPE",
+ "value": "string"
+ },
+ {
+ "name": "DEFAULT_JDBC_STORE_DATASOURCE",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "MEMCACHED_JDBC_STORE_TYPE",
+ "value": "string"
+ },
+ {
+ "name": "MEMCACHED_JDBC_STORE_DATASOURCE",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "INFINISPAN_CONNECTORS",
+ "value": "${INFINISPAN_CONNECTORS}"
+ },
+ {
+ "name": "CACHE_NAMES",
+ "value": "${CACHE_NAMES}"
+ },
+ {
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "${DATAVIRT_CACHE_NAMES}"
+ },
+ {
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "${CACHE_TYPE_DEFAULT}"
+ },
+ {
+ "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
+ "value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}"
+ },
+ {
+ "name": "HOTROD_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-hotrod"
+ },
+ {
+ "name": "HOTROD_ENCRYPTION",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "MEMCACHED_CACHE",
+ "value": "${MEMCACHED_CACHE}"
+ },
+ {
+ "name": "REST_SECURITY_DOMAIN",
+ "value": "${REST_SECURITY_DOMAIN}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "datagrid-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "datagrid-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "image": "postgresql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_PREPARED_TRANSACTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/datagrid71-basic.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/datagrid71-basic.json
new file mode 100644
index 000000000..d4b83da34
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/datagrid71-basic.json
@@ -0,0 +1,420 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-datagrid",
+ "tags": "datagrid,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Data Grid 7.1 (Ephemeral, no https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example JBoss Data Grid application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat JBoss Data Grid 7.1 based application, including a deployment configuration, using using ephemeral (temporary) storage and communication using http.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-data-grid/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "datagrid71-basic"
+ },
+ "labels": {
+ "template": "datagrid71-basic",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new data grid service has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\".",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "datagrid-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Username",
+ "description": "User name for JDG user.",
+ "name": "USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Password",
+ "description": "The password to access the JDG Caches. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s). (optional)",
+ "name": "PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JDG User Roles/Groups",
+ "description": "Comma delimited list of roles/groups associated with the JDG user",
+ "name": "ADMIN_GROUP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Hotrod Authentication",
+ "description": "Enable Hotrod Authentication",
+ "name": "HOTROD_AUTHENTICATION",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Container Security Role Mapper",
+ "description": "Defines which role mapper to use for cache authentication",
+ "name": "CONTAINER_SECURITY_ROLE_MAPPER",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Container Security Roles",
+ "description": "Comma delimited list of role names and assigned permissions",
+ "name": "CONTAINER_SECURITY_ROLES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Infinispan Connectors",
+ "description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')",
+ "name": "INFINISPAN_CONNECTORS",
+ "value": "hotrod,memcached,rest",
+ "required": false
+ },
+ {
+ "displayName": "Cache Names",
+ "description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configured for each entry.",
+ "name": "CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datavirt Cache Names",
+ "description": "Comma-separated list of caches to configure for use by Red Hat JBoss Data Virtualization for materialization of views. Three caches will be created for each named cache: <name>, <name>_staging and <name>_alias.",
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Default Cache Type",
+ "description": "Default cache type for all caches. If empty then distributed will be the default",
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Encryption Requires SSL Client Authentication?",
+ "description": "",
+ "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Memcached Cache Name",
+ "description": "The name of the cache to expose through this memcached connector (defaults to 'default')",
+ "name": "MEMCACHED_CACHE",
+ "value": "default",
+ "required": false
+ },
+ {
+ "displayName": "REST Security Domain",
+ "description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint",
+ "name": "REST_SECURITY_DOMAIN",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTP port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 11211,
+ "targetPort": 11211
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-memcached",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Memcached service for clustered applications."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 11333,
+ "targetPort": 11333
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-hotrod",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Hot Rod service for clustered applications."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTP service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-datagrid71-openshift:1.1"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "jboss-datagrid71-openshift",
+ "imagePullPolicy": "Always",
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/datagrid/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/datagrid/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ },
+ {
+ "name": "memcached",
+ "containerPort": 11211,
+ "protocol": "TCP"
+ },
+ {
+ "name": "hotrod-internal",
+ "containerPort": 11222,
+ "protocol": "TCP"
+ },
+ {
+ "name": "hotrod",
+ "containerPort": 11333,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "USERNAME",
+ "value": "${USERNAME}"
+ },
+ {
+ "name": "PASSWORD",
+ "value": "${PASSWORD}"
+ },
+ {
+ "name": "ADMIN_GROUP",
+ "value": "${ADMIN_GROUP}"
+ },
+ {
+ "name": "HOTROD_AUTHENTICATION",
+ "value": "${HOTROD_AUTHENTICATION}"
+ },
+ {
+ "name": "CONTAINER_SECURITY_ROLE_MAPPER",
+ "value": "${CONTAINER_SECURITY_ROLE_MAPPER}"
+ },
+ {
+ "name": "CONTAINER_SECURITY_ROLES",
+ "value": "${CONTAINER_SECURITY_ROLES}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "INFINISPAN_CONNECTORS",
+ "value": "${INFINISPAN_CONNECTORS}"
+ },
+ {
+ "name": "CACHE_NAMES",
+ "value": "${CACHE_NAMES}"
+ },
+ {
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "${DATAVIRT_CACHE_NAMES}"
+ },
+ {
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "${CACHE_TYPE_DEFAULT}"
+ },
+ {
+ "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
+ "value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}"
+ },
+ {
+ "name": "HOTROD_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-hotrod"
+ },
+ {
+ "name": "MEMCACHED_CACHE",
+ "value": "${MEMCACHED_CACHE}"
+ },
+ {
+ "name": "REST_SECURITY_DOMAIN",
+ "value": "${REST_SECURITY_DOMAIN}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/datagrid71-https.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/datagrid71-https.json
new file mode 100644
index 000000000..2a46bd3a2
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/datagrid71-https.json
@@ -0,0 +1,602 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-datagrid",
+ "tags": "datagrid,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Data Grid 7.1 (Ephemeral with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example JBoss Data Grid application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat JBoss Data Grid 7.1 based application, including a deployment configuration, using using ephemeral (temporary) storage and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-data-grid/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "datagrid71-https"
+ },
+ "labels": {
+ "template": "datagrid71-https",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new data grid service has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\". Please be sure to create the \"datagrid-service-account\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "datagrid-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Username",
+ "description": "User name for JDG user.",
+ "name": "USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Password",
+ "description": "The password to access the JDG Caches. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s). (optional)",
+ "name": "PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JDG User Roles/Groups",
+ "description": "Comma delimited list of roles/groups associated with the JDG user",
+ "name": "ADMIN_GROUP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Hotrod Authentication",
+ "description": "Enable Hotrod Authentication",
+ "name": "HOTROD_AUTHENTICATION",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Container Security Role Mapper",
+ "description": "Defines which role mapper to use for cache authentication",
+ "name": "CONTAINER_SECURITY_ROLE_MAPPER",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Container Security Roles",
+ "description": "Comma delimited list of role names and assigned permissions",
+ "name": "CONTAINER_SECURITY_ROLES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "datagrid-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Infinispan Connectors",
+ "description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')",
+ "name": "INFINISPAN_CONNECTORS",
+ "value": "hotrod,memcached,rest",
+ "required": false
+ },
+ {
+ "displayName": "Cache Names",
+ "description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configured for each entry.",
+ "name": "CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datavirt Cache Names",
+ "description": "Comma-separated list of caches to configure for use by Red Hat JBoss Data Virtualization for materialization of views. Three caches will be created for each named cache: <name>, <name>_staging and <name>_alias.",
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Default Cache Type",
+ "description": "Default cache type for all caches. If empty then distributed will be the default",
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Encryption Requires SSL Client Authentication?",
+ "description": "",
+ "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Memcached Cache Name",
+ "description": "The name of the cache to expose through this memcached connector (defaults to 'default')",
+ "name": "MEMCACHED_CACHE",
+ "value": "default",
+ "required": false
+ },
+ {
+ "displayName": "REST Security Domain",
+ "description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint",
+ "name": "REST_SECURITY_DOMAIN",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "datagrid-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTP port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTPS port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 11211,
+ "targetPort": 11211
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-memcached",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Memcached service for clustered applications."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 11333,
+ "targetPort": 11333
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-hotrod",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Hot Rod service for clustered applications."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTP service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTPS service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-datagrid71-openshift:1.1"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "datagrid-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "jboss-datagrid71-openshift",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "datagrid-keystore-volume",
+ "mountPath": "/etc/datagrid-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "datagrid-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/datagrid/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/datagrid/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ },
+ {
+ "name": "memcached",
+ "containerPort": 11211,
+ "protocol": "TCP"
+ },
+ {
+ "name": "hotrod-internal",
+ "containerPort": 11222,
+ "protocol": "TCP"
+ },
+ {
+ "name": "hotrod",
+ "containerPort": 11333,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "USERNAME",
+ "value": "${USERNAME}"
+ },
+ {
+ "name": "PASSWORD",
+ "value": "${PASSWORD}"
+ },
+ {
+ "name": "ADMIN_GROUP",
+ "value": "${ADMIN_GROUP}"
+ },
+ {
+ "name": "HOTROD_AUTHENTICATION",
+ "value": "${HOTROD_AUTHENTICATION}"
+ },
+ {
+ "name": "CONTAINER_SECURITY_ROLE_MAPPER",
+ "value": "${CONTAINER_SECURITY_ROLE_MAPPER}"
+ },
+ {
+ "name": "CONTAINER_SECURITY_ROLES",
+ "value": "${CONTAINER_SECURITY_ROLES}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/datagrid-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "INFINISPAN_CONNECTORS",
+ "value": "${INFINISPAN_CONNECTORS}"
+ },
+ {
+ "name": "CACHE_NAMES",
+ "value": "${CACHE_NAMES}"
+ },
+ {
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "${DATAVIRT_CACHE_NAMES}"
+ },
+ {
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "${CACHE_TYPE_DEFAULT}"
+ },
+ {
+ "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
+ "value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}"
+ },
+ {
+ "name": "HOTROD_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-hotrod"
+ },
+ {
+ "name": "HOTROD_ENCRYPTION",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "MEMCACHED_CACHE",
+ "value": "${MEMCACHED_CACHE}"
+ },
+ {
+ "name": "REST_SECURITY_DOMAIN",
+ "value": "${REST_SECURITY_DOMAIN}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "datagrid-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "datagrid-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/datagrid71-mysql-persistent.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/datagrid71-mysql-persistent.json
new file mode 100644
index 000000000..72bdf2037
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/datagrid71-mysql-persistent.json
@@ -0,0 +1,904 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-datagrid",
+ "tags": "datagrid,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Data Grid 7.1 + MySQL (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example JBoss Data Grid application with a MySQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat JBoss Data Grid 7.1 based application, including a deployment configuration, using MySQL databased using persistence and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-data-grid/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "datagrid71-mysql-persistent"
+ },
+ "labels": {
+ "template": "datagrid71-mysql-persistent",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new data grid service (using MySQL with persistent storage) has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\". The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"datagrid-service-account\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "datagrid-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Username",
+ "description": "User name for JDG user.",
+ "name": "USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Password",
+ "description": "The password to access the JDG Caches. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s). (optional)",
+ "name": "PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JDG User Roles/Groups",
+ "description": "Comma delimited list of roles/groups associated with the JDG user",
+ "name": "ADMIN_GROUP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Hotrod Authentication",
+ "description": "Enable Hotrod Authentication",
+ "name": "HOTROD_AUTHENTICATION",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Container Security Role Mapper",
+ "description": "Defines which role mapper to use for cache authentication",
+ "name": "CONTAINER_SECURITY_ROLE_MAPPER",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Container Security Roles",
+ "description": "Comma delimited list of role names and assigned permissions",
+ "name": "CONTAINER_SECURITY_ROLES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "datagrid-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
+ "name": "DB_JNDI",
+ "value": "java:/jboss/datasources/mysql",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Lower Case Table Names",
+ "description": "Sets how the table names are stored and compared.",
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Maximum number of connections",
+ "description": "The maximum permitted number of simultaneous client connections.",
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Minimum Word Length",
+ "description": "The minimum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Maximum Word Length",
+ "description": "The maximum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL AIO",
+ "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
+ "name": "MYSQL_AIO",
+ "required": false
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Infinispan Connectors",
+ "description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')",
+ "name": "INFINISPAN_CONNECTORS",
+ "value": "hotrod,memcached,rest",
+ "required": false
+ },
+ {
+ "displayName": "Cache Names",
+ "description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configured for each entry.",
+ "name": "CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datavirt Cache Names",
+ "description": "Comma-separated list of caches to configure for use by Red Hat JBoss Data Virtualization for materialization of views. Three caches will be created for each named cache: <name>, <name>_staging and <name>_alias.",
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Default Cache Type",
+ "description": "Default cache type for all caches. If empty then distributed will be the default",
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Encryption Requires SSL Client Authentication?",
+ "description": "",
+ "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Memcached Cache Name",
+ "description": "The name of the cache to expose through this memcached connector (defaults to 'default')",
+ "name": "MEMCACHED_CACHE",
+ "value": "default",
+ "required": false
+ },
+ {
+ "displayName": "REST Security Domain",
+ "description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint",
+ "name": "REST_SECURITY_DOMAIN",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "datagrid-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 11211,
+ "targetPort": 11211
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-memcached",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Memcached service for clustered applications.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 11333,
+ "targetPort": 11333
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-hotrod",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Hot Rod service for clustered applications.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTP service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTPS service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-datagrid71-openshift:1.1"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "datagrid-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "jboss-datagrid71-openshift",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "datagrid-keystore-volume",
+ "mountPath": "/etc/datagrid-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "datagrid-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/datagrid/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/datagrid/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ },
+ {
+ "name": "memcached",
+ "containerPort": 11211,
+ "protocol": "TCP"
+ },
+ {
+ "name": "hotrod-internal",
+ "containerPort": 11222,
+ "protocol": "TCP"
+ },
+ {
+ "name": "hotrod",
+ "containerPort": 11333,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "USERNAME",
+ "value": "${USERNAME}"
+ },
+ {
+ "name": "PASSWORD",
+ "value": "${PASSWORD}"
+ },
+ {
+ "name": "ADMIN_GROUP",
+ "value": "${ADMIN_GROUP}"
+ },
+ {
+ "name": "HOTROD_AUTHENTICATION",
+ "value": "${HOTROD_AUTHENTICATION}"
+ },
+ {
+ "name": "CONTAINER_SECURITY_ROLE_MAPPER",
+ "value": "${CONTAINER_SECURITY_ROLE_MAPPER}"
+ },
+ {
+ "name": "CONTAINER_SECURITY_ROLES",
+ "value": "${CONTAINER_SECURITY_ROLES}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/datagrid-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "DEFAULT_JDBC_STORE_TYPE",
+ "value": "string"
+ },
+ {
+ "name": "DEFAULT_JDBC_STORE_DATASOURCE",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "MEMCACHED_JDBC_STORE_TYPE",
+ "value": "string"
+ },
+ {
+ "name": "MEMCACHED_JDBC_STORE_DATASOURCE",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "INFINISPAN_CONNECTORS",
+ "value": "${INFINISPAN_CONNECTORS}"
+ },
+ {
+ "name": "CACHE_NAMES",
+ "value": "${CACHE_NAMES}"
+ },
+ {
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "${DATAVIRT_CACHE_NAMES}"
+ },
+ {
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "${CACHE_TYPE_DEFAULT}"
+ },
+ {
+ "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
+ "value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}"
+ },
+ {
+ "name": "HOTROD_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-hotrod"
+ },
+ {
+ "name": "HOTROD_ENCRYPTION",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "MEMCACHED_CACHE",
+ "value": "${MEMCACHED_CACHE}"
+ },
+ {
+ "name": "REST_SECURITY_DOMAIN",
+ "value": "${REST_SECURITY_DOMAIN}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "datagrid-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "datagrid-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mysql",
+ "image": "mysql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/mysql/data",
+ "name": "${APPLICATION_NAME}-mysql-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
+ },
+ {
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "value": "${MYSQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "value": "${MYSQL_FT_MIN_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "value": "${MYSQL_FT_MAX_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_AIO",
+ "value": "${MYSQL_AIO}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-mysql-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-mysql-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/datagrid71-mysql.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/datagrid71-mysql.json
new file mode 100644
index 000000000..99f97a7c7
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/datagrid71-mysql.json
@@ -0,0 +1,863 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-datagrid",
+ "tags": "datagrid,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Data Grid 7.1 + MySQL (Ephemeral with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example JBoss Data Grid application with a MySQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat JBoss Data Grid 7.1 based application, including a deployment configuration, using MySQL databased using ephemeral (temporary) storage and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-data-grid/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "datagrid71-mysql"
+ },
+ "labels": {
+ "template": "datagrid71-mysql",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new data grid service (using MySQL) has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\". The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"datagrid-service-account\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "datagrid-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Username",
+ "description": "User name for JDG user.",
+ "name": "USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Password",
+ "description": "The password to access the JDG Caches. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s). (optional)",
+ "name": "PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JDG User Roles/Groups",
+ "description": "Comma delimited list of roles/groups associated with the JDG user",
+ "name": "ADMIN_GROUP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Hotrod Authentication",
+ "description": "Enable Hotrod Authentication",
+ "name": "HOTROD_AUTHENTICATION",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Container Security Role Mapper",
+ "description": "Defines which role mapper to use for cache authentication",
+ "name": "CONTAINER_SECURITY_ROLE_MAPPER",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Container Security Roles",
+ "description": "Comma delimited list of role names and assigned permissions",
+ "name": "CONTAINER_SECURITY_ROLES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "datagrid-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
+ "name": "DB_JNDI",
+ "value": "java:/jboss/datasources/mysql",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Lower Case Table Names",
+ "description": "Sets how the table names are stored and compared.",
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Maximum number of connections",
+ "description": "The maximum permitted number of simultaneous client connections.",
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Minimum Word Length",
+ "description": "The minimum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Maximum Word Length",
+ "description": "The maximum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL AIO",
+ "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
+ "name": "MYSQL_AIO",
+ "required": false
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Infinispan Connectors",
+ "description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')",
+ "name": "INFINISPAN_CONNECTORS",
+ "value": "hotrod,memcached,rest",
+ "required": false
+ },
+ {
+ "displayName": "Cache Names",
+ "description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configured for each entry.",
+ "name": "CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datavirt Cache Names",
+ "description": "Comma-separated list of caches to configure for use by Red Hat JBoss Data Virtualization for materialization of views. Three caches will be created for each named cache: <name>, <name>_staging and <name>_alias.",
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Default Cache Type",
+ "description": "Default cache type for all caches. If empty then distributed will be the default",
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Encryption Requires SSL Client Authentication?",
+ "description": "",
+ "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Memcached Cache Name",
+ "description": "The name of the cache to expose through this memcached connector (defaults to 'default')",
+ "name": "MEMCACHED_CACHE",
+ "value": "default",
+ "required": false
+ },
+ {
+ "displayName": "REST Security Domain",
+ "description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint",
+ "name": "REST_SECURITY_DOMAIN",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "datagrid-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 11211,
+ "targetPort": 11211
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-memcached",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Memcached service for clustered applications.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 11333,
+ "targetPort": 11333
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-hotrod",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Hot Rod service for clustered applications.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTP service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTPS service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-datagrid71-openshift:1.1"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "datagrid-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "jboss-datagrid71-openshift",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "datagrid-keystore-volume",
+ "mountPath": "/etc/datagrid-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "datagrid-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/datagrid/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/datagrid/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ },
+ {
+ "name": "memcached",
+ "containerPort": 11211,
+ "protocol": "TCP"
+ },
+ {
+ "name": "hotrod-internal",
+ "containerPort": 11222,
+ "protocol": "TCP"
+ },
+ {
+ "name": "hotrod",
+ "containerPort": 11333,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "USERNAME",
+ "value": "${USERNAME}"
+ },
+ {
+ "name": "PASSWORD",
+ "value": "${PASSWORD}"
+ },
+ {
+ "name": "ADMIN_GROUP",
+ "value": "${ADMIN_GROUP}"
+ },
+ {
+ "name": "HOTROD_AUTHENTICATION",
+ "value": "${HOTROD_AUTHENTICATION}"
+ },
+ {
+ "name": "CONTAINER_SECURITY_ROLE_MAPPER",
+ "value": "${CONTAINER_SECURITY_ROLE_MAPPER}"
+ },
+ {
+ "name": "CONTAINER_SECURITY_ROLES",
+ "value": "${CONTAINER_SECURITY_ROLES}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/datagrid-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "DEFAULT_JDBC_STORE_TYPE",
+ "value": "string"
+ },
+ {
+ "name": "DEFAULT_JDBC_STORE_DATASOURCE",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "MEMCACHED_JDBC_STORE_TYPE",
+ "value": "string"
+ },
+ {
+ "name": "MEMCACHED_JDBC_STORE_DATASOURCE",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "INFINISPAN_CONNECTORS",
+ "value": "${INFINISPAN_CONNECTORS}"
+ },
+ {
+ "name": "CACHE_NAMES",
+ "value": "${CACHE_NAMES}"
+ },
+ {
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "${DATAVIRT_CACHE_NAMES}"
+ },
+ {
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "${CACHE_TYPE_DEFAULT}"
+ },
+ {
+ "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
+ "value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}"
+ },
+ {
+ "name": "HOTROD_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-hotrod"
+ },
+ {
+ "name": "HOTROD_ENCRYPTION",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "MEMCACHED_CACHE",
+ "value": "${MEMCACHED_CACHE}"
+ },
+ {
+ "name": "REST_SECURITY_DOMAIN",
+ "value": "${REST_SECURITY_DOMAIN}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "datagrid-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "datagrid-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mysql",
+ "image": "mysql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
+ },
+ {
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "value": "${MYSQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "value": "${MYSQL_FT_MIN_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "value": "${MYSQL_FT_MAX_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_AIO",
+ "value": "${MYSQL_AIO}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/datagrid71-partition.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/datagrid71-partition.json
new file mode 100644
index 000000000..baf17dbbb
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/datagrid71-partition.json
@@ -0,0 +1,501 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-datagrid",
+ "tags": "datagrid,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Data Grid 7.1 (Ephemeral, no https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example JBoss Data Grid application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat JBoss Data Grid 7.1 based application, including a deployment configuration, using using ephemeral (temporary) storage and communication using http.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-data-grid/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "datagrid71-partition"
+ },
+ "labels": {
+ "template": "datagrid71-partition",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new data grid service has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\".",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "datagrid-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Username",
+ "description": "User name for JDG user.",
+ "name": "USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Password",
+ "description": "The password to access the JDG Caches. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s). (optional)",
+ "name": "PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Infinispan Connectors",
+ "description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')",
+ "name": "INFINISPAN_CONNECTORS",
+ "value": "hotrod,memcached,rest",
+ "required": false
+ },
+ {
+ "displayName": "Cache Names",
+ "description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configured for each entry.",
+ "name": "CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datavirt Cache Names",
+ "description": "Comma-separated list of caches to configure for use by Red Hat JBoss Data Virtualization for materialization of views. Three caches will be created for each named cache: <name>, <name>_staging and <name>_alias.",
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Default Cache Type",
+ "description": "Default cache type for all caches. If empty then distributed will be the default",
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Encryption Requires SSL Client Authentication?",
+ "description": "",
+ "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Memcached Cache Name",
+ "description": "The name of the cache to expose through this memcached connector (defaults to 'default')",
+ "name": "MEMCACHED_CACHE",
+ "value": "default",
+ "required": false
+ },
+ {
+ "displayName": "ADMIN_GROUP",
+ "description": "Comma delimited list of groups/roles for the Application Realm User",
+ "name": "ADMIN_GROUP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "HOTROD_AUTHENTICATION",
+ "description": "True/False for HotRod Authentication",
+ "name": "HOTROD_AUTHENTICATION",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "CONTAINER_SECURITY_ROLE_MAPPER",
+ "description": "Container Role Mapper",
+ "name": "CONTAINER_SECURITY_ROLE_MAPPER",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "CONTAINER_SECURITY_ROLES",
+ "description": "Comma Delimited List of Container Roles",
+ "name": "CONTAINER_SECURITY_ROLES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "REST Security Domain",
+ "description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint",
+ "name": "REST_SECURITY_DOMAIN",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Datagrid Volume Size",
+ "description": "Size of the volume used by Datagrid for persisting metadata.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "Split Data?",
+ "description": "Split the data directory for each node in a mesh, this is now the default behaviour.",
+ "name": "DATAGRID_SPLIT",
+ "value": "true",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTP port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 11211,
+ "targetPort": 11211
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-memcached",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Memcached service for clustered applications."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 11333,
+ "targetPort": 11333
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-hotrod",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Hot Rod service for clustered applications."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8787,
+ "targetPort": 8787
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-debug",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Hot Rod service for clustered applications."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTP service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-datagrid71-openshift:1.1"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "jboss-datagrid71-openshift",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "mountPath": "/opt/datagrid/standalone/partitioned_data",
+ "name": "${APPLICATION_NAME}-datagrid-pvol"
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/datagrid/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/datagrid/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ },
+ {
+ "name": "memcached",
+ "containerPort": 11211,
+ "protocol": "TCP"
+ },
+ {
+ "name": "hotrod-internal",
+ "containerPort": 11222,
+ "protocol": "TCP"
+ },
+ {
+ "name": "hotrod",
+ "containerPort": 11333,
+ "protocol": "TCP"
+ },
+ {
+ "name": "debug",
+ "containerPort": 8787,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "USERNAME",
+ "value": "${USERNAME}"
+ },
+ {
+ "name": "PASSWORD",
+ "value": "${PASSWORD}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "INFINISPAN_CONNECTORS",
+ "value": "${INFINISPAN_CONNECTORS}"
+ },
+ {
+ "name": "CACHE_NAMES",
+ "value": "${CACHE_NAMES}"
+ },
+ {
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "${DATAVIRT_CACHE_NAMES}"
+ },
+ {
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "${CACHE_TYPE_DEFAULT}"
+ },
+ {
+ "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
+ "value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}"
+ },
+ {
+ "name": "HOTROD_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-hotrod"
+ },
+ {
+ "name": "MEMCACHED_CACHE",
+ "value": "${MEMCACHED_CACHE}"
+ },
+ {
+ "name": "REST_SECURITY_DOMAIN",
+ "value": "${REST_SECURITY_DOMAIN}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "ADMIN_GROUP",
+ "value": "${ADMIN_GROUP}"
+ },
+ {
+ "name": "HOTROD_AUTHENTICATION",
+ "value": "${HOTROD_AUTHENTICATION}"
+ },
+ {
+ "name": "CONTAINER_SECURITY_ROLE_MAPPER",
+ "value": "${CONTAINER_SECURITY_ROLE_MAPPER}"
+ },
+ {
+ "name": "CONTAINER_SECURITY_ROLES",
+ "value": "${CONTAINER_SECURITY_ROLES}"
+ },
+ {
+ "name": "DATAGRID_SPLIT",
+ "value": "${DATAGRID_SPLIT}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-datagrid-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-datagrid-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-datagrid-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteMany"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/datagrid71-postgresql-persistent.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/datagrid71-postgresql-persistent.json
new file mode 100644
index 000000000..5cd6e854a
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/datagrid71-postgresql-persistent.json
@@ -0,0 +1,876 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-datagrid",
+ "tags": "datagrid,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Data Grid 7.1 + PostgreSQL (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example JBoss Data Grid application with a PostgreSQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat JBoss Data Grid 7.1 based application, including a deployment configuration, using PostgreSQL database using persistence and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-data-grid/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "datagrid71-postgresql-persistent"
+ },
+ "labels": {
+ "template": "datagrid71-postgresql-persistent",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new data grid service (using PostgreSQL with persistent storage) has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\". The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"datagrid-service-account\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "datagrid-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Username",
+ "description": "User name for JDG user.",
+ "name": "USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Password",
+ "description": "The password to access the JDG Caches. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s). (optional)",
+ "name": "PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JDG User Roles/Groups",
+ "description": "Comma delimited list of roles/groups associated with the JDG user",
+ "name": "ADMIN_GROUP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Hotrod Authentication",
+ "description": "Enable Hotrod Authentication",
+ "name": "HOTROD_AUTHENTICATION",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Container Security Role Mapper",
+ "description": "Defines which role mapper to use for cache authentication",
+ "name": "CONTAINER_SECURITY_ROLE_MAPPER",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Container Security Roles",
+ "description": "Comma delimited list of role names and assigned permissions",
+ "name": "CONTAINER_SECURITY_ROLES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "datagrid-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/postgresql",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Maximum number of connections",
+ "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Shared Buffers",
+ "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "required": false
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Infinispan Connectors",
+ "description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')",
+ "name": "INFINISPAN_CONNECTORS",
+ "value": "hotrod,memcached,rest",
+ "required": false
+ },
+ {
+ "displayName": "Cache Names",
+ "description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configured for each entry.",
+ "name": "CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datavirt Cache Names",
+ "description": "Comma-separated list of caches to configure for use by Red Hat JBoss Data Virtualization for materialization of views. Three caches will be created for each named cache: <name>, <name>_staging and <name>_alias.",
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Default Cache Type",
+ "description": "Default cache type for all caches. If empty then distributed will be the default",
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Encryption Requires SSL Client Authentication?",
+ "description": "",
+ "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Memcached Cache Name",
+ "description": "The name of the cache to expose through this memcached connector (defaults to 'default')",
+ "name": "MEMCACHED_CACHE",
+ "value": "default",
+ "required": false
+ },
+ {
+ "displayName": "REST Security Domain",
+ "description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint",
+ "name": "REST_SECURITY_DOMAIN",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "datagrid-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 11211,
+ "targetPort": 11211
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-memcached",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Memcached service for clustered applications."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 11333,
+ "targetPort": 11333
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-hotrod",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Hot Rod service for clustered applications."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTP service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTPS service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-datagrid71-openshift:1.1"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "datagrid-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "jboss-datagrid71-openshift",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "datagrid-keystore-volume",
+ "mountPath": "/etc/datagrid-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "datagrid-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/datagrid/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/datagrid/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ },
+ {
+ "name": "memcached",
+ "containerPort": 11211,
+ "protocol": "TCP"
+ },
+ {
+ "name": "hotrod-internal",
+ "containerPort": 11222,
+ "protocol": "TCP"
+ },
+ {
+ "name": "hotrod",
+ "containerPort": 11333,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "USERNAME",
+ "value": "${USERNAME}"
+ },
+ {
+ "name": "PASSWORD",
+ "value": "${PASSWORD}"
+ },
+ {
+ "name": "ADMIN_GROUP",
+ "value": "${ADMIN_GROUP}"
+ },
+ {
+ "name": "HOTROD_AUTHENTICATION",
+ "value": "${HOTROD_AUTHENTICATION}"
+ },
+ {
+ "name": "CONTAINER_SECURITY_ROLE_MAPPER",
+ "value": "${CONTAINER_SECURITY_ROLE_MAPPER}"
+ },
+ {
+ "name": "CONTAINER_SECURITY_ROLES",
+ "value": "${CONTAINER_SECURITY_ROLES}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/datagrid-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "DEFAULT_JDBC_STORE_TYPE",
+ "value": "string"
+ },
+ {
+ "name": "DEFAULT_JDBC_STORE_DATASOURCE",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "MEMCACHED_JDBC_STORE_TYPE",
+ "value": "string"
+ },
+ {
+ "name": "MEMCACHED_JDBC_STORE_DATASOURCE",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "INFINISPAN_CONNECTORS",
+ "value": "${INFINISPAN_CONNECTORS}"
+ },
+ {
+ "name": "CACHE_NAMES",
+ "value": "${CACHE_NAMES}"
+ },
+ {
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "${DATAVIRT_CACHE_NAMES}"
+ },
+ {
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "${CACHE_TYPE_DEFAULT}"
+ },
+ {
+ "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
+ "value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}"
+ },
+ {
+ "name": "HOTROD_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-hotrod"
+ },
+ {
+ "name": "HOTROD_ENCRYPTION",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "MEMCACHED_CACHE",
+ "value": "${MEMCACHED_CACHE}"
+ },
+ {
+ "name": "REST_SECURITY_DOMAIN",
+ "value": "${REST_SECURITY_DOMAIN}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "datagrid-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "datagrid-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "image": "postgresql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/pgsql/data",
+ "name": "${APPLICATION_NAME}-postgresql-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_PREPARED_TRANSACTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-postgresql-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/datagrid71-postgresql.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/datagrid71-postgresql.json
new file mode 100644
index 000000000..505d67750
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/datagrid71-postgresql.json
@@ -0,0 +1,835 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-datagrid",
+ "tags": "datagrid,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Data Grid 7.1 + PostgreSQL (Ephemeral with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example JBoss Data Grid application with a PostgreSQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat JBoss Data Grid 7.1 based application, including a deployment configuration, using PostgreSQL database using ephemeral (temporary) storage and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-data-grid/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "datagrid71-postgresql"
+ },
+ "labels": {
+ "template": "datagrid71-postgresql",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new data grid service (using PostgreSQL) has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\". The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"datagrid-service-account\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "datagrid-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Username",
+ "description": "User name for JDG user.",
+ "name": "USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Password",
+ "description": "The password to access the JDG Caches. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s). (optional)",
+ "name": "PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JDG User Roles/Groups",
+ "description": "Comma delimited list of roles/groups associated with the JDG user",
+ "name": "ADMIN_GROUP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Hotrod Authentication",
+ "description": "Enable Hotrod Authentication",
+ "name": "HOTROD_AUTHENTICATION",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Container Security Role Mapper",
+ "description": "Defines which role mapper to use for cache authentication",
+ "name": "CONTAINER_SECURITY_ROLE_MAPPER",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Container Security Roles",
+ "description": "Comma delimited list of role names and assigned permissions",
+ "name": "CONTAINER_SECURITY_ROLES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "datagrid-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/postgresql",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Maximum number of connections",
+ "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Shared Buffers",
+ "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "required": false
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Infinispan Connectors",
+ "description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')",
+ "name": "INFINISPAN_CONNECTORS",
+ "value": "hotrod,memcached,rest",
+ "required": false
+ },
+ {
+ "displayName": "Cache Names",
+ "description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configurd for each entry.",
+ "name": "CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datavirt Cache Names",
+ "description": "Comma-separated list of caches to configure for use by Red Hat JBoss Data Virtualization for materialization of views. Three caches will be created for each named cache: <name>, <name>_staging and <name>_alias.",
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Default Cache Type",
+ "description": "Default cache type for all caches. If empty then distributed will be the default",
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Encryption Requires SSL Client Authentication?",
+ "description": "",
+ "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Memcached Cache Name",
+ "description": "The name of the cache to expose through this memcached connector (defaults to 'default')",
+ "name": "MEMCACHED_CACHE",
+ "value": "default",
+ "required": false
+ },
+ {
+ "displayName": "REST Security Domain",
+ "description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint",
+ "name": "REST_SECURITY_DOMAIN",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "datagrid-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 11211,
+ "targetPort": 11211
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-memcached",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Memcached service for clustered applications."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 11333,
+ "targetPort": 11333
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-hotrod",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Hot Rod service for clustered applications."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTP service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTPS service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-datagrid71-openshift:1.1"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "datagrid-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "jboss-datagrid71-openshift",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "datagrid-keystore-volume",
+ "mountPath": "/etc/datagrid-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "datagrid-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/datagrid/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/datagrid/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ },
+ {
+ "name": "memcached",
+ "containerPort": 11211,
+ "protocol": "TCP"
+ },
+ {
+ "name": "hotrod-internal",
+ "containerPort": 11222,
+ "protocol": "TCP"
+ },
+ {
+ "name": "hotrod",
+ "containerPort": 11333,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "USERNAME",
+ "value": "${USERNAME}"
+ },
+ {
+ "name": "PASSWORD",
+ "value": "${PASSWORD}"
+ },
+ {
+ "name": "ADMIN_GROUP",
+ "value": "${ADMIN_GROUP}"
+ },
+ {
+ "name": "HOTROD_AUTHENTICATION",
+ "value": "${HOTROD_AUTHENTICATION}"
+ },
+ {
+ "name": "CONTAINER_SECURITY_ROLE_MAPPER",
+ "value": "${CONTAINER_SECURITY_ROLE_MAPPER}"
+ },
+ {
+ "name": "CONTAINER_SECURITY_ROLES",
+ "value": "${CONTAINER_SECURITY_ROLES}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/datagrid-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "DEFAULT_JDBC_STORE_TYPE",
+ "value": "string"
+ },
+ {
+ "name": "DEFAULT_JDBC_STORE_DATASOURCE",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "MEMCACHED_JDBC_STORE_TYPE",
+ "value": "string"
+ },
+ {
+ "name": "MEMCACHED_JDBC_STORE_DATASOURCE",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "INFINISPAN_CONNECTORS",
+ "value": "${INFINISPAN_CONNECTORS}"
+ },
+ {
+ "name": "CACHE_NAMES",
+ "value": "${CACHE_NAMES}"
+ },
+ {
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "${DATAVIRT_CACHE_NAMES}"
+ },
+ {
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "${CACHE_TYPE_DEFAULT}"
+ },
+ {
+ "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
+ "value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}"
+ },
+ {
+ "name": "HOTROD_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-hotrod"
+ },
+ {
+ "name": "HOTROD_ENCRYPTION",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "MEMCACHED_CACHE",
+ "value": "${MEMCACHED_CACHE}"
+ },
+ {
+ "name": "REST_SECURITY_DOMAIN",
+ "value": "${REST_SECURITY_DOMAIN}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "datagrid-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "datagrid-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "image": "postgresql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_PREPARED_TRANSACTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/datavirt63-basic-s2i.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/datavirt63-basic-s2i.json
new file mode 100644
index 000000000..b6885d6f6
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/datavirt63-basic-s2i.json
@@ -0,0 +1,491 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-datavirt",
+ "description": "Application template for JBoss Data Virtualization 6.3 services built using S2I.",
+ "tags": "jdv,datavirt,database,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Data Virtualization 6.3 (no SSL)",
+ "openshift.io/provider-display-name": "Red Hat, Inc."
+ },
+ "name": "datavirt63-basic-s2i"
+ },
+ "labels": {
+ "template": "datavirt63-basic-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new data service has been created in your project. The username/password for accessing the service is ${TEIID_USERNAME}/${TEIID_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the secret named ${CONFIGURATION_NAME} containing the datasource configuration details required by the deployed VDB(s).",
+ "parameters": [
+ {
+ "description": "The name for the application.",
+ "displayName": "Application Name",
+ "name": "APPLICATION_NAME",
+ "value": "datavirt-app",
+ "required": true
+ },
+ {
+ "description": "The name of the secret containing configuration properties for the data sources.",
+ "displayName": "Configuration Secret Name",
+ "name": "CONFIGURATION_NAME",
+ "value": "datavirt-app-config",
+ "required": true
+ },
+ {
+ "description": "Specify a custom hostname for the http route. Leave blank to use default hostname, e.g.: <service-name>-<project>.<default-domain-suffix>",
+ "displayName": "Custom http Route Hostname",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The URL of the repository with your application source code.",
+ "displayName": "Git Repository URL",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch.",
+ "displayName": "Git Reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "master",
+ "required": false
+ },
+ {
+ "description": "Set this to the relative path to your project if it is not in the root of your repository.",
+ "displayName": "Context Directory",
+ "name": "CONTEXT_DIR",
+ "value": "datavirt/dynamicvdb-datafederation/app",
+ "required": false
+ },
+ {
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow usage of the secret specified by CONFIGURATION_NAME.",
+ "displayName": "Service Account Name",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "datavirt-service-account",
+ "required": true
+ },
+ {
+ "description": "Username associated with Teiid data service.",
+ "displayName": "Teiid Username",
+ "name": "TEIID_USERNAME",
+ "from": "[\\a]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Password for Teiid user.",
+ "displayName": "Teiid User Password",
+ "name": "TEIID_PASSWORD",
+ "from": "[\\a\\A]{8}[\\d]{1}[\\A]{1}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Username associated with ModeShape.",
+ "displayName": "ModeShape Username",
+ "name": "MODESHAPE_USERNAME",
+ "from": "[\\a]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Password for ModeShape user.",
+ "displayName": "ModeShape User Password",
+ "name": "MODESHAPE_PASSWORD",
+ "from": "[\\a\\A]{8}[\\d]{1}[\\A]{1}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "A secret string used to configure the GitHub webhook.",
+ "displayName": "Github Webhook Secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "A secret string used to configure the Generic webhook.",
+ "displayName": "Generic Webhook Secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "displayName": "ImageStream Namespace",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "description": "Password used by JGroups to authenticate nodes in the cluster.",
+ "displayName": "JGroups Cluster Password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "displayName": "Deploy Exploded Archives",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "description": "Comma delimited list of source directories containing VDBs for deployment",
+ "displayName": "VDB Deployment Directories",
+ "name": "VDB_DIRS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Artifact Directories",
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "name": "http",
+ "port": 8080,
+ "targetPort": "http"
+ },
+ {
+ "name": "jdbc",
+ "port": 31000,
+ "targetPort": "jdbc"
+ },
+ {
+ "name": "odbc",
+ "port": 35432,
+ "targetPort": "odbc"
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The data virtualization services."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http (REST) service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "port": {
+ "targetPort": "http"
+ },
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}",
+ "images": [
+ {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-datagrid65-client-openshift:1.1"
+ },
+ "paths": [
+ {
+ "destinationDir": "./${CONTEXT_DIR}/extensions/datagrid65",
+ "sourcePath": "/extensions/."
+ }
+ ]
+ }
+ ]
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-datavirt63-openshift:1.3"
+ },
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "CUSTOM_INSTALL_DIRECTORIES",
+ "value": "extensions/*"
+ },
+ {
+ "name": "VDB_DIRS",
+ "value": "${VDB_DIRS}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ]
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "jboss-datagrid65-client-openshift:1.1"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "configuration",
+ "mountPath": "/etc/datavirt-environment",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "jdbc",
+ "containerPort": 31000,
+ "protocol": "TCP"
+ },
+ {
+ "name": "odbc",
+ "containerPort": 35432,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ },
+ {
+ "name": "TEIID_USERNAME",
+ "value": "${TEIID_USERNAME}"
+ },
+ {
+ "name": "TEIID_PASSWORD",
+ "value": "${TEIID_PASSWORD}"
+ },
+ {
+ "name": "MODESHAPE_USERNAME",
+ "value": "${MODESHAPE_USERNAME}"
+ },
+ {
+ "name": "MODESHAPE_PASSWORD",
+ "value": "${MODESHAPE_PASSWORD}"
+ },
+ {
+ "name": "ENV_FILES",
+ "value": "/etc/datavirt-environment/*"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "configuration",
+ "secret": {
+ "secretName": "${CONFIGURATION_NAME}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/datavirt63-extensions-support-s2i.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/datavirt63-extensions-support-s2i.json
new file mode 100644
index 000000000..a06f714a7
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/datavirt63-extensions-support-s2i.json
@@ -0,0 +1,844 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-datavirt",
+ "tags": "jdv,datavirt,database,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Data Virtualization 6.3 (with SSL and Extensions)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example JBoss Data Virtualization application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Data Virtualization based application, including a build configuration, application deployment configuration, support for installing extensions (e.g. third-party DB drivers) and the ability to configure certificates for serving secure content.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-data-virtualization/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "datavirt63-extensions-support-s2i"
+ },
+ "labels": {
+ "template": "datavirt63-extensions-support-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new data service has been created in your project. The username/password for accessing the service is ${TEIID_USERNAME}/${TEIID_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${CONFIGURATION_NAME}\" containing the datasource configuration details required by the deployed VDB(s); \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "description": "The name for the application.",
+ "displayName": "Application Name",
+ "name": "APPLICATION_NAME",
+ "value": "datavirt-app",
+ "required": true
+ },
+ {
+ "description": "The name of the secret containing configuration properties for the data sources.",
+ "displayName": "Configuration Secret Name",
+ "name": "CONFIGURATION_NAME",
+ "value": "datavirt-app-config",
+ "required": true
+ },
+ {
+ "description": "Specify a custom hostname for the http route. Leave blank to use default hostname, e.g.: <service-name>-<project>.<default-domain-suffix>",
+ "displayName": "Custom http Route Hostname",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "Specify a custom hostname for the https route. Leave blank to use default hostname, e.g.: secure-<service-name>-<project>.<default-domain-suffix>",
+ "displayName": "Custom https Route Hostname",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "Specify a custom hostname for the JDBC route. Leave blank to use default hostname, e.g.: secure-<service-name>-<project>.<default-domain-suffix>",
+ "displayName": "Custom JDBC Route Hostname",
+ "name": "HOSTNAME_JDBC",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The URL of the repository with your application source code.",
+ "displayName": "Git Repository URL",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch.",
+ "displayName": "Git Reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "master",
+ "required": false
+ },
+ {
+ "description": "Set this to the relative path to your project if it is not in the root of your repository.",
+ "displayName": "Context Directory",
+ "name": "CONTEXT_DIR",
+ "value": "datavirt/dynamicvdb-datafederation/app",
+ "required": false
+ },
+ {
+ "description": "The URL of the repository with source code for the extensions image. The image should have all modules, etc., placed in the \"/extensions/\" directory in the image. If the contents are in a different directory, the sourcePath for the ImageSource in the BuildConfig must be modified.",
+ "displayName": "Extensions Git Repository URL",
+ "name": "EXTENSIONS_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "description": "Set this to a branch name, tag or other ref of your extensions repository if you are not using the default branch.",
+ "displayName": "Extensions Git Reference",
+ "name": "EXTENSIONS_REPOSITORY_REF",
+ "value": "master",
+ "required": false
+ },
+ {
+ "description": "Set this to the relative path to your project if it is not in the root of your extensions repository.",
+ "displayName": "Extensions Context Directory",
+ "name": "EXTENSIONS_DIR",
+ "value": "datavirt/derby-driver-image",
+ "required": false
+ },
+ {
+ "description": "Set this to the relative path to the Dockerfile in your extensions directory.",
+ "displayName": "Extensions Dockerfile",
+ "name": "EXTENSIONS_DOCKERFILE",
+ "value": "Dockerfile",
+ "required": false
+ },
+ {
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow usage of the secret(s) specified by CONFIGURATION_NAME, HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "displayName": "Service Account Name",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "datavirt-service-account",
+ "required": true
+ },
+ {
+ "description": "The name of the secret containing the keystore to be used for serving secure content.",
+ "displayName": "Server Keystore Secret Name",
+ "name": "HTTPS_SECRET",
+ "value": "datavirt-app-secret",
+ "required": true
+ },
+ {
+ "description": "The name of the keystore file within the secret.",
+ "displayName": "Server Keystore Filename",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "description": "The type of the keystore file (JKS or JCEKS).",
+ "displayName": "Server Keystore Type",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The name associated with the server certificate.",
+ "displayName": "Server Certificate Name",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "description": "The password for the keystore and certificate",
+ "displayName": "Server Keystore Password",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "description": "Username associated with Teiid data service.",
+ "displayName": "Teiid Username",
+ "name": "TEIID_USERNAME",
+ "from": "[\\a]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Password for Teiid user.",
+ "displayName": "Teiid User Password",
+ "name": "TEIID_PASSWORD",
+ "from": "[\\a\\A]{8}[\\d]{1}[\\A]{1}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Username associated with ModeShape.",
+ "displayName": "ModeShape Username",
+ "name": "MODESHAPE_USERNAME",
+ "from": "[\\a]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Password for ModeShape user.",
+ "displayName": "ModeShape User Password",
+ "name": "MODESHAPE_PASSWORD",
+ "from": "[\\a\\A]{8}[\\d]{1}[\\A]{1}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "A secret string used to configure the GitHub webhook.",
+ "displayName": "Github Webhook Secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "A secret string used to configure the Generic webhook.",
+ "displayName": "Generic Webhook Secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "displayName": "ImageStream Namespace",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "description": "The name of the secret containing the keystore to be used for securing JGroups communications.",
+ "displayName": "JGroups Secret Name",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "datavirt-app-secret",
+ "required": false
+ },
+ {
+ "description": "The name of the keystore file within the JGroups secret.",
+ "displayName": "JGroups Keystore Filename",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "description": "The name associated with the JGroups server certificate",
+ "displayName": "JGroups Certificate Name",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "secret-key",
+ "required": false
+ },
+ {
+ "description": "The password for the keystore and certificate",
+ "displayName": "JGroups Keystore Password",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "password",
+ "required": false
+ },
+ {
+ "description": "Password used by JGroups to authenticate nodes in the cluster.",
+ "displayName": "JGroups Cluster Password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "displayName": "Deploy Exploded Archives",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "description": "Comma delimited list of source directories containing VDBs for deployment",
+ "displayName": "VDB Deployment Directories",
+ "name": "VDB_DIRS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Artifact Directories",
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "name": "http",
+ "port": 8080,
+ "targetPort": "http"
+ },
+ {
+ "name": "https",
+ "port": 8443,
+ "targetPort": "https"
+ },
+ {
+ "name": "jdbc",
+ "port": 31000,
+ "targetPort": "jdbc"
+ },
+ {
+ "name": "jdbcs",
+ "port": 31443,
+ "targetPort": "jdbcs"
+ },
+ {
+ "name": "odbc",
+ "port": 35432,
+ "targetPort": "odbc"
+ },
+ {
+ "name": "odbcs",
+ "port": 35443,
+ "targetPort": "odbcs"
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The data virtualization services."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http (REST) service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "port": {
+ "targetPort": "http"
+ },
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https (REST) service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "port": {
+ "targetPort": "https"
+ },
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-jdbc",
+ "metadata": {
+ "name": "jdbc-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's JDBC service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_JDBC}",
+ "port": {
+ "targetPort": "jdbcs"
+ },
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-ext",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-ext",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${EXTENSIONS_REPOSITORY_URL}",
+ "ref": "${EXTENSIONS_REPOSITORY_REF}"
+ },
+ "contextDir": "${EXTENSIONS_DIR}"
+ },
+ "strategy": {
+ "type": "Docker",
+ "dockerStrategy": {
+ "dockerfilePath": "${EXTENSIONS_DOCKERFILE}"
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}-ext:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}",
+ "images": [
+ {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-datagrid65-client-openshift:1.1"
+ },
+ "paths": [
+ {
+ "destinationDir": "./${CONTEXT_DIR}/extensions/datagrid65",
+ "sourcePath": "/extensions/."
+ }
+ ]
+ },
+ {
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}-ext:latest"
+ },
+ "paths": [
+ {
+ "destinationDir": "./${CONTEXT_DIR}/extensions/extras",
+ "sourcePath": "/extensions/."
+ }
+ ]
+ }
+ ]
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-datavirt63-openshift:1.3"
+ },
+ "env": [
+ {
+ "name": "CUSTOM_INSTALL_DIRECTORIES",
+ "value": "extensions/*"
+ },
+ {
+ "name": "VDB_DIRS",
+ "value": "${VDB_DIRS}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ]
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}-ext:latest"
+ }
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "jboss-datagrid65-client-openshift:1.1"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "configuration",
+ "mountPath": "/etc/datavirt-environment",
+ "readOnly": true
+ },
+ {
+ "name": "datavirt-keystore-volume",
+ "mountPath": "/etc/datavirt-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "datavirt-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "jdbc",
+ "containerPort": 31000,
+ "protocol": "TCP"
+ },
+ {
+ "name": "jdbcs",
+ "containerPort": 31443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "odbc",
+ "containerPort": 35432,
+ "protocol": "TCP"
+ },
+ {
+ "name": "odbcs",
+ "containerPort": 35443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/datavirt-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ },
+ {
+ "name": "TEIID_USERNAME",
+ "value": "${TEIID_USERNAME}"
+ },
+ {
+ "name": "TEIID_PASSWORD",
+ "value": "${TEIID_PASSWORD}"
+ },
+ {
+ "name": "MODESHAPE_USERNAME",
+ "value": "${MODESHAPE_USERNAME}"
+ },
+ {
+ "name": "MODESHAPE_PASSWORD",
+ "value": "${MODESHAPE_PASSWORD}"
+ },
+ {
+ "name": "ENV_FILES",
+ "value": "/etc/datavirt-environment/*"
+ },
+ {
+ "name": "DATAVIRT_TRANSPORT_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "DATAVIRT_TRANSPORT_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "DATAVIRT_TRANSPORT_KEY_ALIAS",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "DATAVIRT_TRANSPORT_KEYSTORE_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "QS_DB_TYPE",
+ "value": "derby",
+ "description": "Used soley by the quickstart and set here to ensure the template can be instatiated with its default parameter values, i.e. so itworks ootb."
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "configuration",
+ "secret": {
+ "secretName": "${CONFIGURATION_NAME}"
+ }
+ },
+ {
+ "name": "datavirt-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "datavirt-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/datavirt63-secure-s2i.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/datavirt63-secure-s2i.json
new file mode 100644
index 000000000..1758b1be0
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/datavirt63-secure-s2i.json
@@ -0,0 +1,964 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-datavirt",
+ "tags": "jdv,datavirt,database,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Data Virtualization 6.3 (with SSL)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example JBoss Data Virtualization application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Data Virtualization based application, including a build configuration, application deployment configuration and ability to configure certificates for serving secure content.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-data-virtualization/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "datavirt63-secure-s2i"
+ },
+ "labels": {
+ "template": "datavirt63-secure-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new data service has been created in your project. The username/password for accessing the service is ${TEIID_USERNAME}/${TEIID_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${CONFIGURATION_NAME}\" containing the datasource configuration details required by the deployed VDB(s); \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "description": "The name for the application.",
+ "displayName": "Application Name",
+ "name": "APPLICATION_NAME",
+ "value": "datavirt-app",
+ "required": true
+ },
+ {
+ "description": "The name of the secret containing configuration properties for the data sources.",
+ "displayName": "Configuration Secret Name",
+ "name": "CONFIGURATION_NAME",
+ "value": "datavirt-app-config",
+ "required": true
+ },
+ {
+ "description": "Specify a custom hostname for the http route. Leave blank to use default hostname, e.g.: <service-name>-<project>.<default-domain-suffix>",
+ "displayName": "Custom http Route Hostname",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "Specify a custom hostname for the https route. Leave blank to use default hostname, e.g.: secure-<service-name>-<project>.<default-domain-suffix>",
+ "displayName": "Custom https Route Hostname",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "Specify a custom hostname for the JDBC route. Leave blank to use default hostname, e.g.: secure-<service-name>-<project>.<default-domain-suffix>",
+ "displayName": "Custom JDBC Route Hostname",
+ "name": "HOSTNAME_JDBC",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The URL of the repository with your application source code.",
+ "displayName": "Git Repository URL",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch.",
+ "displayName": "Git Reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "master",
+ "required": false
+ },
+ {
+ "description": "Set this to the relative path to your project if it is not in the root of your repository.",
+ "displayName": "Context Directory",
+ "name": "CONTEXT_DIR",
+ "value": "datavirt/dynamicvdb-datafederation/app",
+ "required": false
+ },
+ {
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow usage of the secret(s) specified by CONFIGURATION_NAME, HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "displayName": "Service Account Name",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "datavirt-service-account",
+ "required": true
+ },
+ {
+ "description": "The name of the secret containing the keystore to be used for serving secure content.",
+ "displayName": "Server Keystore Secret Name",
+ "name": "HTTPS_SECRET",
+ "value": "datavirt-app-secret",
+ "required": true
+ },
+ {
+ "description": "The name of the keystore file within the secret.",
+ "displayName": "Server Keystore Filename",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "description": "The type of the keystore file (JKS or JCEKS).",
+ "displayName": "Server Keystore Type",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The name associated with the server certificate.",
+ "displayName": "Server Certificate Name",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "description": "The password for the keystore and certificate",
+ "displayName": "Server Keystore Password",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "description": "Username associated with Teiid data service.",
+ "displayName": "Teiid Username",
+ "name": "TEIID_USERNAME",
+ "from": "[\\a]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Password for Teiid user.",
+ "displayName": "Teiid User Password",
+ "name": "TEIID_PASSWORD",
+ "from": "[\\a\\A]{8}[\\d]{1}[\\A]{1}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Username associated with ModeShape.",
+ "displayName": "ModeShape Username",
+ "name": "MODESHAPE_USERNAME",
+ "from": "[\\a]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Password for ModeShape user.",
+ "displayName": "ModeShape User Password",
+ "name": "MODESHAPE_PASSWORD",
+ "from": "[\\a\\A]{8}[\\d]{1}[\\A]{1}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "A secret string used to configure the GitHub webhook.",
+ "displayName": "Github Webhook Secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "A secret string used to configure the Generic webhook.",
+ "displayName": "Generic Webhook Secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "displayName": "ImageStream Namespace",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "description": "The name of the secret containing the keystore to be used for securing JGroups communications.",
+ "displayName": "JGroups Secret Name",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "datavirt-app-secret",
+ "required": false
+ },
+ {
+ "description": "The name of the keystore file within the JGroups secret.",
+ "displayName": "JGroups Keystore Filename",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "description": "The name associated with the JGroups server certificate",
+ "displayName": "JGroups Certificate Name",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "secret-key",
+ "required": false
+ },
+ {
+ "description": "The password for the keystore and certificate",
+ "displayName": "JGroups Keystore Password",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "password",
+ "required": false
+ },
+ {
+ "description": "Password used by JGroups to authenticate nodes in the cluster.",
+ "displayName": "JGroups Cluster Password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "displayName": "Deploy Exploded Archives",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "description": "Comma delimited list of source directories containing VDBs for deployment",
+ "displayName": "VDB Deployment Directories",
+ "name": "VDB_DIRS",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The URL for the SSO server (e.g. https://secure-sso-myproject.example.com/auth). This is the URL through which the user will be redirected when a login or token is required by the application.",
+ "displayName": "SSO Server URL",
+ "name": "SSO_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The URL for the interal SSO service, where secure-sso is the kubernetes service exposed by the SSO server. This is used to create the application client(s) (see SSO_USERNAME). This can also be the same as SSO_URL.",
+ "displayName": "SSO Server Service URL",
+ "name": "SSO_SERVICE_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The SSO realm to which the application client(s) should be associated (e.g. demo).",
+ "displayName": "SSO Realm",
+ "name": "SSO_REALM",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The username used to access the SSO service. This is used to create the appliction client(s) within the specified SSO realm. This should match the SSO_SERVICE_USERNAME specified through one of the sso70-* templates.",
+ "displayName": "SSO Username",
+ "name": "SSO_USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The password for the SSO service user.",
+ "displayName": "SSO User's Password",
+ "name": "SSO_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "SSO Realm Public Key. Public key is recommended to be passed into the template to avoid man-in-the-middle security vulnerability. This can be retrieved from the SSO server, for the specified realm.",
+ "displayName": "SSO Realm Public Key",
+ "name": "SSO_PUBLIC_KEY",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "SSO Client Access Type. true or false",
+ "displayName": "SSO Bearer Only",
+ "name": "SSO_BEARER_ONLY",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The name of the secret containing the keystore file",
+ "displayName": "SSO SAML Keystore Secret",
+ "name": "SSO_SAML_KEYSTORE_SECRET",
+ "value": "datavirt-app-secret",
+ "required": false
+ },
+ {
+ "description": "The name of the keystore file within the secret",
+ "displayName": "SSO SAML Keystore File",
+ "name": "SSO_SAML_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "description": "The name associated with the server certificate",
+ "displayName": "SSO SAML Certificate Alias",
+ "name": "SSO_SAML_CERTIFICATE_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The password for the keystore and certificate",
+ "name": "SSO_SAML_KEYSTORE_PASSWORD",
+ "displayName": "SSO SAML Keystore Password",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The SSO Client Secret for Confidential Access",
+ "name": "SSO_SECRET",
+ "displayName": "SSO Client Secret",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "description": "Enable CORS for SSO applications. true or false",
+ "name": "SSO_ENABLE_CORS",
+ "displayName": "SSO Enable CORS",
+ "value": "false",
+ "required": false
+ },
+ {
+ "description": "SSO logout page for SAML applications",
+ "name": "SSO_SAML_LOGOUT_PAGE",
+ "displayName": "SSO SAML Logout Page",
+ "value": "/",
+ "required": false
+ },
+ {
+ "description": "If true SSL communication between EAP and the SSO Server will be insecure (i.e. certificate validation is disabled with curl)",
+ "name": "SSO_DISABLE_SSL_CERTIFICATE_VALIDATION",
+ "displayName": "SSO Disable SSL Certificate Validation",
+ "value": "true",
+ "required": false
+ },
+ {
+ "description": "The name of the truststore file within the secret (e.g. truststore.jks)",
+ "name": "SSO_TRUSTSTORE",
+ "displayName": "SSO Truststore File",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The password for the truststore and certificate (e.g. mykeystorepass)",
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "displayName": "SSO Truststore Password",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
+ "name": "SSO_TRUSTSTORE_SECRET",
+ "displayName": "SSO Truststore Secret",
+ "value": "datavirt-app-secret",
+ "required": false
+ },
+ {
+ "description": "Comma delimited list of deployments that shoulds be exploded and enabled for SSO OpenIDConnect via auth-method",
+ "name": "SSO_OPENIDCONNECT_DEPLOYMENTS",
+ "displayName": "SSO OpenIDConnect Deployments",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "Comma delimited list of deployments that shoulds be exploded and enabled for SSO SAML via auth-method",
+ "name": "SSO_SAML_DEPLOYMENTS",
+ "displayName": "SSO SAML Deployments",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Artifact Directories",
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "name": "http",
+ "port": 8080,
+ "targetPort": "http"
+ },
+ {
+ "name": "https",
+ "port": 8443,
+ "targetPort": "https"
+ },
+ {
+ "name": "jdbc",
+ "port": 31000,
+ "targetPort": "jdbc"
+ },
+ {
+ "name": "jdbcs",
+ "port": 31443,
+ "targetPort": "jdbcs"
+ },
+ {
+ "name": "odbc",
+ "port": 35432,
+ "targetPort": "odbc"
+ },
+ {
+ "name": "odbcs",
+ "port": 35443,
+ "targetPort": "odbcs"
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The data virtualization services."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http (REST) service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "port": {
+ "targetPort": "http"
+ },
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https (REST) service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "port": {
+ "targetPort": "https"
+ },
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-jdbc",
+ "metadata": {
+ "name": "jdbc-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's JDBC service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_JDBC}",
+ "port": {
+ "targetPort": "jdbcs"
+ },
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}",
+ "images": [
+ {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-datagrid65-client-openshift:1.1"
+ },
+ "paths": [
+ {
+ "destinationDir": "./${CONTEXT_DIR}/extensions/datagrid65",
+ "sourcePath": "/extensions/."
+ }
+ ]
+ }
+ ]
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-datavirt63-openshift:1.3"
+ },
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "CUSTOM_INSTALL_DIRECTORIES",
+ "value": "extensions/*"
+ },
+ {
+ "name": "VDB_DIRS",
+ "value": "${VDB_DIRS}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ]
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "jboss-datagrid65-client-openshift:1.1"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "configuration",
+ "mountPath": "/etc/datavirt-environment",
+ "readOnly": true
+ },
+ {
+ "name": "datavirt-keystore-volume",
+ "mountPath": "/etc/datavirt-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "datavirt-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "jdbc",
+ "containerPort": 31000,
+ "protocol": "TCP"
+ },
+ {
+ "name": "jdbcs",
+ "containerPort": 31443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "odbc",
+ "containerPort": 35432,
+ "protocol": "TCP"
+ },
+ {
+ "name": "odbcs",
+ "containerPort": 35443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/datavirt-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ },
+ {
+ "name": "TEIID_USERNAME",
+ "value": "${TEIID_USERNAME}"
+ },
+ {
+ "name": "TEIID_PASSWORD",
+ "value": "${TEIID_PASSWORD}"
+ },
+ {
+ "name": "MODESHAPE_USERNAME",
+ "value": "${MODESHAPE_USERNAME}"
+ },
+ {
+ "name": "MODESHAPE_PASSWORD",
+ "value": "${MODESHAPE_PASSWORD}"
+ },
+ {
+ "name": "ENV_FILES",
+ "value": "/etc/datavirt-environment/*"
+ },
+ {
+ "name": "DATAVIRT_TRANSPORT_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "DATAVIRT_TRANSPORT_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "DATAVIRT_TRANSPORT_KEY_ALIAS",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "DATAVIRT_TRANSPORT_KEYSTORE_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "SSO_URL",
+ "value": "${SSO_URL}"
+ },
+ {
+ "name": "SSO_SERVICE_URL",
+ "value": "${SSO_SERVICE_URL}"
+ },
+ {
+ "name": "SSO_REALM",
+ "value": "${SSO_REALM}"
+ },
+ {
+ "name": "SSO_USERNAME",
+ "value": "${SSO_USERNAME}"
+ },
+ {
+ "name": "SSO_PASSWORD",
+ "value": "${SSO_PASSWORD}"
+ },
+ {
+ "name": "SSO_PUBLIC_KEY",
+ "value": "${SSO_PUBLIC_KEY}"
+ },
+ {
+ "name": "SSO_BEARER_ONLY",
+ "value": "${SSO_BEARER_ONLY}"
+ },
+ {
+ "name": "SSO_SAML_KEYSTORE_SECRET",
+ "value": "${SSO_SAML_KEYSTORE_SECRET}"
+ },
+ {
+ "name": "SSO_SAML_KEYSTORE",
+ "value": "${SSO_SAML_KEYSTORE}"
+ },
+ {
+ "name": "SSO_SAML_KEYSTORE_DIR",
+ "value": "/etc/sso-saml-secret-volume"
+ },
+ {
+ "name": "SSO_SAML_CERTIFICATE_NAME",
+ "value": "${SSO_SAML_CERTIFICATE_NAME}"
+ },
+ {
+ "name": "SSO_SAML_KEYSTORE_PASSWORD",
+ "value": "${SSO_SAML_KEYSTORE_PASSWORD}"
+ },
+ {
+ "name": "SSO_SECRET",
+ "value": "${SSO_SECRET}"
+ },
+ {
+ "name": "SSO_ENABLE_CORS",
+ "value": "${SSO_ENABLE_CORS}"
+ },
+ {
+ "name": "SSO_SAML_LOGOUT_PAGE",
+ "value": "${SSO_SAML_LOGOUT_PAGE}"
+ },
+ {
+ "name": "SSO_DISABLE_SSL_CERTIFICATE_VALIDATION",
+ "value": "${SSO_DISABLE_SSL_CERTIFICATE_VALIDATION}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE",
+ "value": "${SSO_TRUSTSTORE}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_DIR",
+ "value": "/etc/sso-secret-volume"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "${SSO_TRUSTSTORE_PASSWORD}"
+ },
+ {
+ "name": "SSO_OPENIDCONNECT_DEPLOYMENTS",
+ "value": "${SSO_OPENIDCONNECT_DEPLOYMENTS}"
+ },
+ {
+ "name": "SSO_SAML_DEPLOYMENTS",
+ "value": "${SSO_SAML_DEPLOYMENTS}"
+ },
+ {
+ "name": "HOSTNAME_HTTP",
+ "value": "${HOSTNAME_HTTP}"
+ },
+ {
+ "name": "HOSTNAME_HTTPS",
+ "value": "${HOSTNAME_HTTPS}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "configuration",
+ "secret": {
+ "secretName": "${CONFIGURATION_NAME}"
+ }
+ },
+ {
+ "name": "datavirt-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "datavirt-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/decisionserver64-amq-s2i.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/decisionserver64-amq-s2i.json
new file mode 100644
index 000000000..3006a7265
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/decisionserver64-amq-s2i.json
@@ -0,0 +1,752 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-decisionserver",
+ "tags": "decisionserver,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss BRMS 6.4 decision server + A-MQ (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example BRMS decision server A-MQ application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat JBoss BRMS 6.4 decision server with A-MQ application, including a build configuration and application deployment configuration.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-brms/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "decisionserver64-amq-s2i"
+ },
+ "labels": {
+ "template": "decisionserver64-amq-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new BRMS/A-MQ application with SSL support has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the A-MQ service use the credentials ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"decisionserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "KIE Container Deployment",
+ "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "decisionserver-hellorules=org.openshift.quickstarts:decisionserver-hellorules:1.3.0.Final",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Username",
+ "description": "The user name to access the KIE Server REST or JMS interface.",
+ "name": "KIE_SERVER_USER",
+ "value": "kieserver",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Password",
+ "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
+ "name": "KIE_SERVER_PASSWORD",
+ "from": "[a-zA-Z]{6}[0-9]{1}!",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Domain",
+ "description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "other",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server JMS Queues Request",
+ "description": "JNDI name of request queue for JMS.",
+ "name": "KIE_SERVER_JMS_QUEUES_REQUEST",
+ "value": "queue/KIE.SERVER.REQUEST",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server JMS Queues Response",
+ "description": "JNDI name of response queue for JMS.",
+ "name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
+ "value": "queue/KIE.SERVER.RESPONSE",
+ "required": false
+ },
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "kie-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "decisionserver/hellorules",
+ "required": false
+ },
+ {
+ "displayName": "JMS Connection Factory JNDI Name",
+ "description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/JmsXA",
+ "name": "MQ_JNDI",
+ "value": "java:/JmsXA",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Protocols",
+ "description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
+ "name": "MQ_PROTOCOL",
+ "value": "openwire",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
+ "name": "MQ_QUEUES",
+ "value": "KIE.SERVER.REQUEST,KIE.SERVER.RESPONSE",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "decisionserver-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Username",
+ "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Password",
+ "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Mesh Discovery Type",
+ "description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "kube",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Storage Limit",
+ "description": "The A-MQ storage usage limit",
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "100 gb",
+ "required": false
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61616,
+ "targetPort": 61616
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-tcp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's OpenWire port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTP service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTPS service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-decisionserver64-openshift:1.1"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStream",
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "decisionserver-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "decisionserver-keystore-volume",
+ "mountPath": "/etc/decisionserver-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "KIE_SERVER_USER",
+ "value": "${KIE_SERVER_USER}"
+ },
+ {
+ "name": "KIE_SERVER_PASSWORD",
+ "value": "${KIE_SERVER_PASSWORD}"
+ },
+ {
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "${KIE_SERVER_DOMAIN}"
+ },
+ {
+ "name": "KIE_SERVER_JMS_QUEUES_REQUEST",
+ "value": "${KIE_SERVER_JMS_QUEUES_REQUEST}"
+ },
+ {
+ "name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
+ "value": "${KIE_SERVER_JMS_QUEUES_RESPONSE}"
+ },
+ {
+ "name": "MQ_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-amq=MQ"
+ },
+ {
+ "name": "MQ_JNDI",
+ "value": "${MQ_JNDI}"
+ },
+ {
+ "name": "MQ_USERNAME",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "MQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "MQ_PROTOCOL",
+ "value": "tcp"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/decisionserver-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "decisionserver-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-amq"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-amq-63:1.2"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-amq",
+ "image": "jboss-amq-63",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/amq/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp",
+ "containerPort": 5672,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp-ssl",
+ "containerPort": 5671,
+ "protocol": "TCP"
+ },
+ {
+ "name": "mqtt",
+ "containerPort": 1883,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp",
+ "containerPort": 61613,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp-ssl",
+ "containerPort": 61612,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp",
+ "containerPort": 61616,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp-ssl",
+ "containerPort": 61617,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "AMQ_USER",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "AMQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "AMQ_TRANSPORTS",
+ "value": "${MQ_PROTOCOL}"
+ },
+ {
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "${AMQ_MESH_DISCOVERY_TYPE}"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-amq-tcp"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "${AMQ_STORAGE_USAGE_LIMIT}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/decisionserver64-basic-s2i.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/decisionserver64-basic-s2i.json
new file mode 100644
index 000000000..eaee9c1a5
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/decisionserver64-basic-s2i.json
@@ -0,0 +1,376 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for Red Hat JBoss BRMS 6.4 decision server applications built using S2I.",
+ "iconClass": "icon-decisionserver",
+ "tags": "decisionserver,jboss,xpaas",
+ "version": "1.4.7",
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.4 decision server (no https)"
+ },
+ "name": "decisionserver64-basic-s2i"
+ },
+ "labels": {
+ "template": "decisionserver64-basic-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new BRMS application has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}.",
+ "parameters": [
+ {
+ "displayName": "KIE Container Deployment",
+ "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "decisionserver-hellorules=org.openshift.quickstarts:decisionserver-hellorules:1.3.0.Final",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Username",
+ "description": "The user name to access the KIE Server REST or JMS interface.",
+ "name": "KIE_SERVER_USER",
+ "value": "kieserver",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Password",
+ "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
+ "name": "KIE_SERVER_PASSWORD",
+ "from": "[a-zA-Z]{6}[0-9]{1}!",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "kie-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "decisionserver/hellorules",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "HORNETQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "HORNETQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "HornetQ Password",
+ "description": "HornetQ cluster admin password",
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-decisionserver64-openshift:1.1"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStream",
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "KIE_SERVER_USER",
+ "value": "${KIE_SERVER_USER}"
+ },
+ {
+ "name": "KIE_SERVER_PASSWORD",
+ "value": "${KIE_SERVER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_QUEUES",
+ "value": "${HORNETQ_QUEUES}"
+ },
+ {
+ "name": "HORNETQ_TOPICS",
+ "value": "${HORNETQ_TOPICS}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/decisionserver64-https-s2i.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/decisionserver64-https-s2i.json
new file mode 100644
index 000000000..cb6eb1706
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/decisionserver64-https-s2i.json
@@ -0,0 +1,522 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for Red Hat JBoss BRMS 6.4 decision server HTTPS applications built using S2I.",
+ "iconClass": "icon-decisionserver",
+ "tags": "decisionserver,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss BRMS 6.4 decision server (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example BRMS decision server application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat JBoss BRMS 6.4 decision server, including a build configuration, application deployment configuration and secured using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-brms/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "decisionserver64-https-s2i"
+ },
+ "labels": {
+ "template": "decisionserver64-https-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new BRMS application with SSL support has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. Please be sure to create the \"decisionserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "KIE Container Deployment",
+ "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "decisionserver-hellorules=org.openshift.quickstarts:decisionserver-hellorules:1.3.0.Final",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Protocol",
+ "description": "The protocol to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "https",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Port",
+ "description": "The port to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PORT",
+ "value": "8443",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Username",
+ "description": "The user name to access the KIE Server REST or JMS interface.",
+ "name": "KIE_SERVER_USER",
+ "value": "kieserver",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Password",
+ "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
+ "name": "KIE_SERVER_PASSWORD",
+ "from": "[a-zA-Z]{6}[0-9]{1}!",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "kie-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "decisionserver/hellorules",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "HORNETQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "HORNETQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "decisionserver-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "displayName": "HornetQ Password",
+ "description": "HornetQ cluster admin password",
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-decisionserver64-openshift:1.1"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStream",
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "decisionserver-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "decisionserver-keystore-volume",
+ "mountPath": "/etc/decisionserver-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "${KIE_SERVER_PROTOCOL}"
+ },
+ {
+ "name": "KIE_SERVER_PORT",
+ "value": "${KIE_SERVER_PORT}"
+ },
+ {
+ "name": "KIE_SERVER_USER",
+ "value": "${KIE_SERVER_USER}"
+ },
+ {
+ "name": "KIE_SERVER_PASSWORD",
+ "value": "${KIE_SERVER_PASSWORD}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/decisionserver-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_QUEUES",
+ "value": "${HORNETQ_QUEUES}"
+ },
+ {
+ "name": "HORNETQ_TOPICS",
+ "value": "${HORNETQ_TOPICS}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "decisionserver-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap64-amq-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap64-amq-persistent-s2i.json
new file mode 100644
index 000000000..9ebbfd06c
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap64-amq-persistent-s2i.json
@@ -0,0 +1,876 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 6.4 + A-MQ (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 6 A-MQ application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 6.4 based application, including a build configuration, application deployment configuration, using Red Hat JBoss A-MQ with persistence and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "eap64-amq-persistent-s2i"
+ },
+ "labels": {
+ "template": "eap64-amq-persistent-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new EAP 6 and A-MQ persistent based application with SSL support has been created in your project. The username/password for accessing the A-MQ service is ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "6.4.x",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "helloworld-mdb",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Volume Size",
+ "description": "Size of the volume used by A-MQ for persisting messages.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "JMS Connection Factory JNDI Name",
+ "description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/ConnectionFactory",
+ "name": "MQ_JNDI",
+ "value": "java:/ConnectionFactory",
+ "required": false
+ },
+ {
+ "displayName": "Split Data?",
+ "description": "Split the data directory for each node in a mesh.",
+ "name": "AMQ_SPLIT",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Protocols",
+ "description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
+ "name": "MQ_PROTOCOL",
+ "value": "openwire",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
+ "name": "MQ_QUEUES",
+ "value": "HELLOWORLDMDBQueue",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
+ "name": "MQ_TOPICS",
+ "value": "HELLOWORLDMDBTopic",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Serializable Packages",
+ "description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "eap-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Username",
+ "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Password",
+ "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Mesh Discovery Type",
+ "description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "kube",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Storage Limit",
+ "description": "The A-MQ storage usage limit",
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "100 gb",
+ "required": false
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61616,
+ "targetPort": 61616
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-tcp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's OpenWire port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTP service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTPS service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap64-openshift:1.6"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "MQ_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-amq=MQ"
+ },
+ {
+ "name": "MQ_JNDI",
+ "value": "${MQ_JNDI}"
+ },
+ {
+ "name": "MQ_USERNAME",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "MQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "MQ_PROTOCOL",
+ "value": "tcp"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "${MQ_SERIALIZABLE_PACKAGES}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Rolling",
+ "rollingParams": {
+ "maxSurge": 0
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-amq"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-amq-62:1.6"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-amq",
+ "image": "jboss-amq-62",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/amq/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp",
+ "containerPort": 5672,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp-ssl",
+ "containerPort": 5671,
+ "protocol": "TCP"
+ },
+ {
+ "name": "mqtt",
+ "containerPort": 1883,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp",
+ "containerPort": 61613,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp-ssl",
+ "containerPort": 61612,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp",
+ "containerPort": 61616,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp-ssl",
+ "containerPort": 61617,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/opt/amq/data/kahadb",
+ "name": "${APPLICATION_NAME}-amq-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "AMQ_USER",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "AMQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "AMQ_TRANSPORTS",
+ "value": "${MQ_PROTOCOL}"
+ },
+ {
+ "name": "AMQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "AMQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "${MQ_SERIALIZABLE_PACKAGES}"
+ },
+ {
+ "name": "AMQ_SPLIT",
+ "value": "${AMQ_SPLIT}"
+ },
+ {
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "${AMQ_MESH_DISCOVERY_TYPE}"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-amq-tcp"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "${AMQ_STORAGE_USAGE_LIMIT}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-amq-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-amq-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap64-amq-s2i.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap64-amq-s2i.json
new file mode 100644
index 000000000..6b0e1a30c
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap64-amq-s2i.json
@@ -0,0 +1,821 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 6.4 + A-MQ (Ephemeral with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 6 A-MQ application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 6.4 based application, including a build configuration, application deployment configuration, using Red Hat JBoss A-MQ and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "eap64-amq-s2i"
+ },
+ "labels": {
+ "template": "eap64-amq-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new EAP 6 and A-MQ based application with SSL support has been created in your project. The username/password for accessing the A-MQ service is ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "6.4.x",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "helloworld-mdb",
+ "required": false
+ },
+ {
+ "displayName": "JMS Connection Factory JNDI Name",
+ "description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/ConnectionFactory",
+ "name": "MQ_JNDI",
+ "value": "java:/ConnectionFactory",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Protocols",
+ "description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
+ "name": "MQ_PROTOCOL",
+ "value": "openwire",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
+ "name": "MQ_QUEUES",
+ "value": "HELLOWORLDMDBQueue",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
+ "name": "MQ_TOPICS",
+ "value": "HELLOWORLDMDBTopic",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Serializable Packages",
+ "description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "eap-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Username",
+ "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Password",
+ "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Mesh Discovery Type",
+ "description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "kube",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Storage Limit",
+ "description": "The A-MQ storage usage limit",
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "100 gb",
+ "required": false
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61616,
+ "targetPort": 61616
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-tcp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's OpenWire port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTP service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTPS service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap64-openshift:1.6"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "MQ_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-amq=MQ"
+ },
+ {
+ "name": "MQ_JNDI",
+ "value": "${MQ_JNDI}"
+ },
+ {
+ "name": "MQ_USERNAME",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "MQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "MQ_PROTOCOL",
+ "value": "tcp"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "${MQ_SERIALIZABLE_PACKAGES}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-amq"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-amq-62:1.6"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-amq",
+ "image": "jboss-amq-62",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/amq/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp",
+ "containerPort": 5672,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp-ssl",
+ "containerPort": 5671,
+ "protocol": "TCP"
+ },
+ {
+ "name": "mqtt",
+ "containerPort": 1883,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp",
+ "containerPort": 61613,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp-ssl",
+ "containerPort": 61612,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp",
+ "containerPort": 61616,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp-ssl",
+ "containerPort": 61617,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "AMQ_USER",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "AMQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "AMQ_TRANSPORTS",
+ "value": "${MQ_PROTOCOL}"
+ },
+ {
+ "name": "AMQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "AMQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "${MQ_SERIALIZABLE_PACKAGES}"
+ },
+ {
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "${AMQ_MESH_DISCOVERY_TYPE}"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-amq-tcp"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "${AMQ_STORAGE_USAGE_LIMIT}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap64-basic-s2i.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap64-basic-s2i.json
new file mode 100644
index 000000000..17fdd2333
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap64-basic-s2i.json
@@ -0,0 +1,382 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 6.4 (no https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 6 application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 6.4 based application, including a build configuration, application deployment configuration and insecure communication using http.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "eap64-basic-s2i"
+ },
+ "labels": {
+ "template": "eap64-basic-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new EAP 6 based application has been created in your project.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-developer/jboss-eap-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "6.4.x",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "kitchensink",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "HORNETQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "HORNETQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "HornetQ Password",
+ "description": "HornetQ cluster admin password",
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap64-openshift:1.6"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_QUEUES",
+ "value": "${HORNETQ_QUEUES}"
+ },
+ {
+ "name": "HORNETQ_TOPICS",
+ "value": "${HORNETQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap64-https-s2i.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap64-https-s2i.json
new file mode 100644
index 000000000..8616ac04f
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap64-https-s2i.json
@@ -0,0 +1,578 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 6.4 (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 6 application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 6.4 based application, including a build configuration, application deployment configuration and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "eap64-https-s2i"
+ },
+ "labels": {
+ "template": "eap64-https-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new EAP 6 based application with SSL support has been created in your project. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-developer/jboss-eap-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "6.4.x",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "kitchensink",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "HORNETQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "HORNETQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "eap-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "HornetQ Password",
+ "description": "HornetQ cluster admin password",
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap64-openshift:1.6"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_QUEUES",
+ "value": "${HORNETQ_QUEUES}"
+ },
+ {
+ "name": "HORNETQ_TOPICS",
+ "value": "${HORNETQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap64-mongodb-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap64-mongodb-persistent-s2i.json
new file mode 100644
index 000000000..ea3b46d78
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap64-mongodb-persistent-s2i.json
@@ -0,0 +1,855 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 6.4 + MongoDB (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 6 application with a MongoDB database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 6.4 based application, including a build configuration, application deployment configuration, database deployment configuration for MongoDB using persistence and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "eap64-mongodb-persistent-s2i"
+ },
+ "labels": {
+ "template": "eap64-mongodb-persistent-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new EAP 6 and MongoDB persistent based application with SSL support has been created in your project. The username/password for accessing the MongoDB database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-mongodb",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
+ "name": "DB_JNDI",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "HORNETQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "HORNETQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "eap-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB No Preallocation",
+ "description": "Disable data file preallocation.",
+ "name": "MONGODB_NOPREALLOC",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Small Files",
+ "description": "Set MongoDB to use a smaller default data file size.",
+ "name": "MONGODB_SMALLFILES",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Quiet",
+ "description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
+ "name": "MONGODB_QUIET",
+ "required": false
+ },
+ {
+ "displayName": "HornetQ Password",
+ "description": "HornetQ cluster admin password",
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database admin password",
+ "description": "Database admin password",
+ "name": "DB_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Image Stream Tag",
+ "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
+ "name": "MONGODB_IMAGE_STREAM_TAG",
+ "value": "3.2",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 27017,
+ "targetPort": 27017
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap64-openshift:1.6"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mongodb=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_ADMIN_PASSWORD",
+ "value": "${DB_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_QUEUES",
+ "value": "${HORNETQ_QUEUES}"
+ },
+ {
+ "name": "HORNETQ_TOPICS",
+ "value": "${HORNETQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mongodb"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "image": "mongodb",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 27017,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/mongodb/data",
+ "name": "${APPLICATION_NAME}-mongodb-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "MONGODB_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MONGODB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MONGODB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MONGODB_ADMIN_PASSWORD",
+ "value": "${DB_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "MONGODB_NOPREALLOC",
+ "value": "${MONGODB_NOPREALLOC}"
+ },
+ {
+ "name": "MONGODB_SMALLFILES",
+ "value": "${MONGODB_SMALLFILES}"
+ },
+ {
+ "name": "MONGODB_QUIET",
+ "value": "${MONGODB_QUIET}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-mongodb-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-mongodb-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap64-mongodb-s2i.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap64-mongodb-s2i.json
new file mode 100644
index 000000000..4aa9be281
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap64-mongodb-s2i.json
@@ -0,0 +1,814 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 6.4 + MongoDB (Ephemeral with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 6 application with a MongoDB database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 6.4 based application, including a build configuration, application deployment configuration, database deployment configuration for MongoDB using ephemeral (temporary) storage and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "eap64-mongodb-s2i"
+ },
+ "labels": {
+ "template": "eap64-mongodb-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new EAP 6 and MongoDB based application with SSL support has been created in your project. The username/password for accessing the MongoDB database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-mongodb",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
+ "name": "DB_JNDI",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "HORNETQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "HORNETQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "eap-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB No Preallocation",
+ "description": "Disable data file preallocation.",
+ "name": "MONGODB_NOPREALLOC",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Small Files",
+ "description": "Set MongoDB to use a smaller default data file size.",
+ "name": "MONGODB_SMALLFILES",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Quiet",
+ "description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
+ "name": "MONGODB_QUIET",
+ "required": false
+ },
+ {
+ "displayName": "HornetQ Password",
+ "description": "HornetQ cluster admin password",
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database admin password",
+ "description": "Database admin password",
+ "name": "DB_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Image Stream Tag",
+ "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
+ "name": "MONGODB_IMAGE_STREAM_TAG",
+ "value": "3.2",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 27017,
+ "targetPort": 27017
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap64-openshift:1.6"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mongodb=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_ADMIN_PASSWORD",
+ "value": "${DB_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_QUEUES",
+ "value": "${HORNETQ_QUEUES}"
+ },
+ {
+ "name": "HORNETQ_TOPICS",
+ "value": "${HORNETQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mongodb"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "image": "mongodb",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 27017,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "MONGODB_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MONGODB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MONGODB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MONGODB_ADMIN_PASSWORD",
+ "value": "${DB_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "MONGODB_NOPREALLOC",
+ "value": "${MONGODB_NOPREALLOC}"
+ },
+ {
+ "name": "MONGODB_SMALLFILES",
+ "value": "${MONGODB_SMALLFILES}"
+ },
+ {
+ "name": "MONGODB_QUIET",
+ "value": "${MONGODB_QUIET}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap64-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap64-mysql-persistent-s2i.json
new file mode 100644
index 000000000..304f11348
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap64-mysql-persistent-s2i.json
@@ -0,0 +1,867 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 6.4 + MySQL (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 6 application with a MySQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 6.4 based application, including a build configuration, application deployment configuration, database deployment configuration for MySQL using persistence and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "eap64-mysql-persistent-s2i"
+ },
+ "labels": {
+ "template": "eap64-mysql-persistent-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new EAP 6 and MySQL persistent based application with SSL support has been created in your project. The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-jdbc",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/TodoListDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "HORNETQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "HORNETQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "eap-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Lower Case Table Names",
+ "description": "Sets how the table names are stored and compared.",
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Maximum number of connections",
+ "description": "The maximum permitted number of simultaneous client connections.",
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Minimum Word Length",
+ "description": "The minimum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Maximum Word Length",
+ "description": "The maximum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL AIO",
+ "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
+ "name": "MYSQL_AIO",
+ "required": false
+ },
+ {
+ "displayName": "HornetQ Password",
+ "description": "HornetQ cluster admin password",
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap64-openshift:1.6"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_QUEUES",
+ "value": "${HORNETQ_QUEUES}"
+ },
+ {
+ "name": "HORNETQ_TOPICS",
+ "value": "${HORNETQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "TIMER_SERVICE_DATA_STORE",
+ "value": "${APPLICATION_NAME}-mysql"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mysql",
+ "image": "mysql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/mysql/data",
+ "name": "${APPLICATION_NAME}-mysql-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
+ },
+ {
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "value": "${MYSQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "value": "${MYSQL_FT_MIN_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "value": "${MYSQL_FT_MAX_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_AIO",
+ "value": "${MYSQL_AIO}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-mysql-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-mysql-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap64-mysql-s2i.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap64-mysql-s2i.json
new file mode 100644
index 000000000..bc1cdaca5
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap64-mysql-s2i.json
@@ -0,0 +1,826 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 6.4 + MySQL (Ephemeral with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 6 application with a MySQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 6.4 based application, including a build configuration, application deployment configuration, database deployment configuration for MySQL using ephemeral (temporary) storage and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "eap64-mysql-s2i"
+ },
+ "labels": {
+ "template": "eap64-mysql-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new EAP 6 and MySQL based application with SSL support has been created in your project. The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-jdbc",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/TodoListDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "HORNETQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "HORNETQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "eap-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Lower Case Table Names",
+ "description": "Sets how the table names are stored and compared.",
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Maximum number of connections",
+ "description": "The maximum permitted number of simultaneous client connections.",
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Minimum Word Length",
+ "description": "The minimum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Maximum Word Length",
+ "description": "The maximum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL AIO",
+ "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
+ "name": "MYSQL_AIO",
+ "required": false
+ },
+ {
+ "displayName": "HornetQ Password",
+ "description": "HornetQ cluster admin password",
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap64-openshift:1.6"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_QUEUES",
+ "value": "${HORNETQ_QUEUES}"
+ },
+ {
+ "name": "HORNETQ_TOPICS",
+ "value": "${HORNETQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "TIMER_SERVICE_DATA_STORE",
+ "value": "${APPLICATION_NAME}-mysql"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mysql",
+ "image": "mysql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
+ },
+ {
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "value": "${MYSQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "value": "${MYSQL_FT_MIN_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "value": "${MYSQL_FT_MAX_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_AIO",
+ "value": "${MYSQL_AIO}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap64-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap64-postgresql-persistent-s2i.json
new file mode 100644
index 000000000..d2e6ea25b
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap64-postgresql-persistent-s2i.json
@@ -0,0 +1,841 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4 + PostgreSQL (Persistent with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 6 application with a PostgreSQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 6.4 based application, including a build configuration, application deployment configuration, database deployment configuration for PostgreSQL using persistence and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "eap64-postgresql-persistent-s2i"
+ },
+ "labels": {
+ "template": "eap64-postgresql-persistent-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new EAP 6 and PostgreSQL persistent based application with SSL support has been created in your project. The username/password for accessing the PostgreSQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-jdbc",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/TodoListDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "HORNETQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "HORNETQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "eap-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Maximum number of connections",
+ "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Shared Buffers",
+ "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "required": false
+ },
+ {
+ "displayName": "HornetQ Password",
+ "description": "HornetQ cluster admin password",
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap64-openshift:1.6"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_QUEUES",
+ "value": "${HORNETQ_QUEUES}"
+ },
+ {
+ "name": "HORNETQ_TOPICS",
+ "value": "${HORNETQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "TIMER_SERVICE_DATA_STORE",
+ "value": "${APPLICATION_NAME}-postgresql"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "image": "postgresql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/pgsql/data",
+ "name": "${APPLICATION_NAME}-postgresql-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_PREPARED_TRANSACTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-postgresql-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap64-postgresql-s2i.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap64-postgresql-s2i.json
new file mode 100644
index 000000000..7a2d4009e
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap64-postgresql-s2i.json
@@ -0,0 +1,800 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 6.4 + PostgreSQL (Ephemeral with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 6 application with a PostgreSQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 6.4 based application, including a build configuration, application deployment configuration, database deployment configuration for PostgreSQL using ephemeral (temporary) storage and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "eap64-postgresql-s2i"
+ },
+ "labels": {
+ "template": "eap64-postgresql-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new EAP 6 and PostgreSQL based application with SSL support has been created in your project. The username/password for accessing the PostgreSQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-jdbc",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/TodoListDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "HORNETQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "HORNETQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "eap-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Maximum number of connections",
+ "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Shared Buffers",
+ "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "required": false
+ },
+ {
+ "displayName": "HornetQ Password",
+ "description": "HornetQ cluster admin password",
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap64-openshift:1.6"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_QUEUES",
+ "value": "${HORNETQ_QUEUES}"
+ },
+ {
+ "name": "HORNETQ_TOPICS",
+ "value": "${HORNETQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "TIMER_SERVICE_DATA_STORE",
+ "value": "${APPLICATION_NAME}-postgresql"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "image": "postgresql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_PREPARED_TRANSACTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap64-sso-s2i.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap64-sso-s2i.json
new file mode 100644
index 000000000..368f147f4
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap64-sso-s2i.json
@@ -0,0 +1,816 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 6.4 + Single Sign-On (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 6 Single Sign-On application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 6.4 based application, including a build configuration, application deployment configuration and integrated with Red Hat Single Sign-On.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "eap64-sso-s2i"
+ },
+ "labels": {
+ "template": "eap64-sso-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new EAP 6 based application with SSL and SSO support has been created in your project. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Hostname for http service route (e.g. eap-app-myproject.example.com). Required for SSO-enabled applications. This is added to the white list of redirects in the SSO server.",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": true
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Hostname for https service route (e.g. secure-eap-app-myproject.example.com). Required for SSO-enabled applications. This is added to the white list of redirects in the SSO server.",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": true
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/redhat-developer/redhat-sso-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "7.0.x-ose",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "HORNETQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "HORNETQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "eap-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate (e.g. jboss)",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. mykeystorepass)",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "HornetQ Password",
+ "description": "HornetQ cluster admin password",
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate (e.g. secret-key)",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. password)",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "URL for SSO",
+ "description": "The URL for the SSO server (e.g. https://secure-sso-myproject.example.com/auth). This is the URL through which the user will be redirected when a login or token is required by the application.",
+ "name": "SSO_URL",
+ "value": "",
+ "required": true
+ },
+ {
+ "displayName": "URL for SSO (internal service)",
+ "description": "The URL for the internal SSO service, where secure-sso is the kubernetes service exposed by the SSO server. This is used to create the application client(s) (see SSO_USERNAME). This can also be the same as SSO_URL.",
+ "name": "SSO_SERVICE_URL",
+ "value": "https://secure-sso:8443/auth",
+ "required": false
+ },
+ {
+ "displayName": "SSO Realm",
+ "description": "The SSO realm to which the application client(s) should be associated (e.g. demo).",
+ "name": "SSO_REALM",
+ "value": "",
+ "required": true
+ },
+ {
+ "displayName": "SSO Username",
+ "description": "The username used to access the SSO service. This is used to create the appliction client(s) within the specified SSO realm. This should match the SSO_SERVICE_USERNAME specified through one of the sso70-* templates.",
+ "name": "SSO_USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Password",
+ "description": "The password for the SSO service user.",
+ "name": "SSO_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Public Key",
+ "description": "SSO Public Key. Public key is recommended to be passed into the template to avoid man-in-the-middle security vulnerability. This can be retrieved from the SSO server, for the specified realm.",
+ "name": "SSO_PUBLIC_KEY",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Bearer Only?",
+ "description": "SSO Client Access Type",
+ "name": "SSO_BEARER_ONLY",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Artifact Directories",
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "app-jee-jsp/target,service-jee-jaxrs/target,app-profile-jee-jsp/target,app-profile-saml-jee-jsp/target",
+ "required": false
+ },
+ {
+ "displayName": "SSO SAML Keystore Secret",
+ "description": "The name of the secret containing the keystore file",
+ "name": "SSO_SAML_KEYSTORE_SECRET",
+ "value": "eap-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "SSO SAML Keystore",
+ "description": "The name of the keystore file within the secret",
+ "name": "SSO_SAML_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "SSO SAML Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "SSO_SAML_CERTIFICATE_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "displayName": "SSO SAML Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "SSO_SAML_KEYSTORE_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "displayName": "SSO Client Secret",
+ "description": "The SSO Client Secret for Confidential Access",
+ "name": "SSO_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Enable CORS for SSO?",
+ "description": "Enable CORS for SSO applications",
+ "name": "SSO_ENABLE_CORS",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "SSO SAML Logout Page",
+ "description": "SSO logout page for SAML applications",
+ "name": "SSO_SAML_LOGOUT_PAGE",
+ "value": "/",
+ "required": false
+ },
+ {
+ "displayName": "Disable SSL Validation in EAP->SSO communication",
+ "description": "If true SSL communication between EAP and the SSO Server will be insecure (i.e. certificate validation is disabled with curl)",
+ "name": "SSO_DISABLE_SSL_CERTIFICATE_VALIDATION",
+ "value": "true",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store",
+ "description": "The name of the truststore file within the secret (e.g. truststore.jks)",
+ "name": "SSO_TRUSTSTORE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Password",
+ "description": "The password for the truststore and certificate (e.g. mykeystorepass)",
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Secret",
+ "description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
+ "name": "SSO_TRUSTSTORE_SECRET",
+ "value": "eap-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap64-openshift:1.6"
+ },
+ "env": [
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ },
+ {
+ "name": "MAVEN_ARGS_APPEND",
+ "value": ""
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ }
+ ]
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "sso-saml-keystore-volume",
+ "mountPath": "/etc/sso-saml-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "sso-truststore-volume",
+ "mountPath": "/etc/sso-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HOSTNAME_HTTP",
+ "value": "${HOSTNAME_HTTP}"
+ },
+ {
+ "name": "HOSTNAME_HTTPS",
+ "value": "${HOSTNAME_HTTPS}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_QUEUES",
+ "value": "${HORNETQ_QUEUES}"
+ },
+ {
+ "name": "HORNETQ_TOPICS",
+ "value": "${HORNETQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ },
+ {
+ "name": "SSO_URL",
+ "value": "${SSO_URL}"
+ },
+ {
+ "name": "SSO_SERVICE_URL",
+ "value": "${SSO_SERVICE_URL}"
+ },
+ {
+ "name": "SSO_REALM",
+ "value": "${SSO_REALM}"
+ },
+ {
+ "name": "SSO_USERNAME",
+ "value": "${SSO_USERNAME}"
+ },
+ {
+ "name": "SSO_PASSWORD",
+ "value": "${SSO_PASSWORD}"
+ },
+ {
+ "name": "SSO_PUBLIC_KEY",
+ "value": "${SSO_PUBLIC_KEY}"
+ },
+ {
+ "name": "SSO_BEARER_ONLY",
+ "value": "${SSO_BEARER_ONLY}"
+ },
+ {
+ "name": "SSO_SAML_KEYSTORE_SECRET",
+ "value": "${SSO_SAML_KEYSTORE_SECRET}"
+ },
+ {
+ "name": "SSO_SAML_KEYSTORE",
+ "value": "${SSO_SAML_KEYSTORE}"
+ },
+ {
+ "name": "SSO_SAML_KEYSTORE_DIR",
+ "value": "/etc/sso-saml-secret-volume"
+ },
+ {
+ "name": "SSO_SAML_CERTIFICATE_NAME",
+ "value": "${SSO_SAML_CERTIFICATE_NAME}"
+ },
+ {
+ "name": "SSO_SAML_KEYSTORE_PASSWORD",
+ "value": "${SSO_SAML_KEYSTORE_PASSWORD}"
+ },
+ {
+ "name": "SSO_SECRET",
+ "value": "${SSO_SECRET}"
+ },
+ {
+ "name": "SSO_ENABLE_CORS",
+ "value": "${SSO_ENABLE_CORS}"
+ },
+ {
+ "name": "SSO_SAML_LOGOUT_PAGE",
+ "value": "${SSO_SAML_LOGOUT_PAGE}"
+ },
+ {
+ "name": "SSO_DISABLE_SSL_CERTIFICATE_VALIDATION",
+ "value": "${SSO_DISABLE_SSL_CERTIFICATE_VALIDATION}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE",
+ "value": "${SSO_TRUSTSTORE}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_DIR",
+ "value": "/etc/sso-secret-volume"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "${SSO_TRUSTSTORE_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "sso-saml-keystore-volume",
+ "secret": {
+ "secretName": "${SSO_SAML_KEYSTORE_SECRET}"
+ }
+ },
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ },
+ {
+ "name": "sso-truststore-volume",
+ "secret": {
+ "secretName": "${SSO_TRUSTSTORE_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap64-third-party-db-s2i.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap64-third-party-db-s2i.json
new file mode 100644
index 000000000..701f4eee6
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap64-third-party-db-s2i.json
@@ -0,0 +1,650 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4 (with https, DB drivers)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 6 DB application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 6.4 based application, including a build configuration, application deployment configuration, using third-party DB drivers and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "eap64-third-party-db-s2i"
+ },
+ "labels": {
+ "template": "eap64-third-party-db-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new EAP 6 based application with SSL support has been created in your project. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets:\"${CONFIGURATION_NAME}\" containing the datasource configuration details required by the deployed application(s); \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Configuration Secret Name",
+ "description": "The name of the secret containing configuration properties for the datasources.",
+ "name": "CONFIGURATION_NAME",
+ "value": "eap-app-config",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "master",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "datavirt/hibernate-webapp",
+ "required": false
+ },
+ {
+ "displayName": "Drivers ImageStreamTag",
+ "description": "ImageStreamTag definition for the image containing the drivers and configuration, e.g. jboss-datavirt63-openshift:1.0-driver",
+ "name": "EXTENSIONS_IMAGE",
+ "value": "jboss-datavirt63-driver-openshift:1.1",
+ "required": true
+ },
+ {
+ "displayName": "Drivers ImageStream Namespace",
+ "description": "Namespace within which the ImageStream definition for the image containing the drivers and configuration is located.",
+ "name": "EXTENSIONS_IMAGE_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Drivers Image Install Directory",
+ "description": "Full path to the directory within the extensions image where the extensions are located (e.g. install.sh, modules/, etc.)",
+ "name": "EXTENSIONS_INSTALL_DIR",
+ "value": "/extensions",
+ "required": true
+ },
+ {
+ "displayName": "Queue Names",
+ "description": "Queue names to preconfigure within HornetQ subsystem.",
+ "name": "HORNETQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topic Names",
+ "description": "Topic names to preconfigure within HornetQ subsystem.",
+ "name": "HORNETQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "eap-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "displayName": "HornetQ Cluster Admin Password",
+ "description": "Admin password for HornetQ cluster.",
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "A secret string used to configure the GitHub webhook.",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "A secret string used to configure the Generic webhook.",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore to be used for securing JGroups communications.",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the JGroups secret.",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the JGroups server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "secret-key",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "password",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "Password used by JGroups to authenticate nodes in the cluster.",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}",
+ "images": [
+ {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${EXTENSIONS_IMAGE_NAMESPACE}",
+ "name": "${EXTENSIONS_IMAGE}"
+ },
+ "paths": [
+ {
+ "destinationDir": "./${CONTEXT_DIR}/extensions/extras",
+ "sourcePath": "${EXTENSIONS_INSTALL_DIR}/."
+ }
+ ]
+ }
+ ]
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "CUSTOM_INSTALL_DIRECTORIES",
+ "value": "extensions/*"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap64-openshift:1.6"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${EXTENSIONS_IMAGE_NAMESPACE}",
+ "name": "${EXTENSIONS_IMAGE}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "configuration",
+ "mountPath": "/etc/eap-environment",
+ "readOnly": true
+ },
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "ENV_FILES",
+ "value": "/etc/eap-environment/*"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_QUEUES",
+ "value": "${HORNETQ_QUEUES}"
+ },
+ {
+ "name": "HORNETQ_TOPICS",
+ "value": "${HORNETQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "configuration",
+ "secret": {
+ "secretName": "${CONFIGURATION_NAME}"
+ }
+ },
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap70-amq-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap70-amq-persistent-s2i.json
new file mode 100644
index 000000000..d16756bad
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap70-amq-persistent-s2i.json
@@ -0,0 +1,876 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 7.0 + A-MQ (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 7 A-MQ application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 7.0 based application, including a build configuration, application deployment configuration, using Red Hat JBoss A-MQ with persistence and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "eap70-amq-persistent-s2i"
+ },
+ "labels": {
+ "template": "eap70-amq-persistent-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new EAP 7 and A-MQ persistent based application with SSL support has been created in your project. The username/password for accessing the A-MQ service is ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "helloworld-mdb",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Volume Size",
+ "description": "Size of the volume used by A-MQ for persisting messages.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "JMS Connection Factory JNDI Name",
+ "description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/ConnectionFactory",
+ "name": "MQ_JNDI",
+ "value": "java:/ConnectionFactory",
+ "required": false
+ },
+ {
+ "displayName": "Split Data?",
+ "description": "Split the data directory for each node in a mesh.",
+ "name": "AMQ_SPLIT",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Protocols",
+ "description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
+ "name": "MQ_PROTOCOL",
+ "value": "openwire",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
+ "name": "MQ_QUEUES",
+ "value": "HELLOWORLDMDBQueue",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
+ "name": "MQ_TOPICS",
+ "value": "HELLOWORLDMDBTopic",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Serializable Packages",
+ "description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "eap7-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap7-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Username",
+ "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Password",
+ "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Mesh Discovery Type",
+ "description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "kube",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Storage Limit",
+ "description": "The A-MQ storage usage limit",
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "100 gb",
+ "required": false
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap7-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61616,
+ "targetPort": 61616
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-tcp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's OpenWire port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTP service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTPS service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap70-openshift:1.6"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "MQ_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-amq=MQ"
+ },
+ {
+ "name": "MQ_JNDI",
+ "value": "${MQ_JNDI}"
+ },
+ {
+ "name": "MQ_USERNAME",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "MQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "MQ_PROTOCOL",
+ "value": "tcp"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "${MQ_SERIALIZABLE_PACKAGES}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Rolling",
+ "rollingParams": {
+ "maxSurge": 0
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-amq"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-amq-62:1.6"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-amq",
+ "image": "jboss-amq-62",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/amq/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp",
+ "containerPort": 5672,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp-ssl",
+ "containerPort": 5671,
+ "protocol": "TCP"
+ },
+ {
+ "name": "mqtt",
+ "containerPort": 1883,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp",
+ "containerPort": 61613,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp-ssl",
+ "containerPort": 61612,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp",
+ "containerPort": 61616,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp-ssl",
+ "containerPort": 61617,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/opt/amq/data/kahadb",
+ "name": "${APPLICATION_NAME}-amq-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "AMQ_USER",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "AMQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "AMQ_TRANSPORTS",
+ "value": "${MQ_PROTOCOL}"
+ },
+ {
+ "name": "AMQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "AMQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "${MQ_SERIALIZABLE_PACKAGES}"
+ },
+ {
+ "name": "AMQ_SPLIT",
+ "value": "${AMQ_SPLIT}"
+ },
+ {
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "${AMQ_MESH_DISCOVERY_TYPE}"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-amq-tcp"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "${AMQ_STORAGE_USAGE_LIMIT}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-amq-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-amq-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap70-amq-s2i.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap70-amq-s2i.json
new file mode 100644
index 000000000..70323214f
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap70-amq-s2i.json
@@ -0,0 +1,821 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 7.0 + A-MQ (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 7 A-MQ application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 7.0 based application, including a build configuration, application deployment configuration, using Red Hat JBoss A-MQ and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "eap70-amq-s2i"
+ },
+ "labels": {
+ "template": "eap70-amq-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new EAP 7 and A-MQ based application with SSL support has been created in your project. The username/password for accessing the A-MQ service is ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "helloworld-mdb",
+ "required": false
+ },
+ {
+ "displayName": "JMS Connection Factory JNDI Name",
+ "description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/ConnectionFactory",
+ "name": "MQ_JNDI",
+ "value": "java:/ConnectionFactory",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Protocols",
+ "description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
+ "name": "MQ_PROTOCOL",
+ "value": "openwire",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
+ "name": "MQ_QUEUES",
+ "value": "HELLOWORLDMDBQueue",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
+ "name": "MQ_TOPICS",
+ "value": "HELLOWORLDMDBTopic",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Serializable Packages",
+ "description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "eap7-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap7-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Username",
+ "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Password",
+ "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Mesh Discovery Type",
+ "description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "kube",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Storage Limit",
+ "description": "The A-MQ storage usage limit",
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "100 gb",
+ "required": false
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap7-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61616,
+ "targetPort": 61616
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-tcp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's OpenWire port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTP service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTPS service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap70-openshift:1.6"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "MQ_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-amq=MQ"
+ },
+ {
+ "name": "MQ_JNDI",
+ "value": "${MQ_JNDI}"
+ },
+ {
+ "name": "MQ_USERNAME",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "MQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "MQ_PROTOCOL",
+ "value": "tcp"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "${MQ_SERIALIZABLE_PACKAGES}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-amq"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-amq-62:1.6"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-amq",
+ "image": "jboss-amq-62",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/amq/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp",
+ "containerPort": 5672,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp-ssl",
+ "containerPort": 5671,
+ "protocol": "TCP"
+ },
+ {
+ "name": "mqtt",
+ "containerPort": 1883,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp",
+ "containerPort": 61613,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp-ssl",
+ "containerPort": 61612,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp",
+ "containerPort": 61616,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp-ssl",
+ "containerPort": 61617,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "AMQ_USER",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "AMQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "AMQ_TRANSPORTS",
+ "value": "${MQ_PROTOCOL}"
+ },
+ {
+ "name": "AMQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "AMQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "${MQ_SERIALIZABLE_PACKAGES}"
+ },
+ {
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "${AMQ_MESH_DISCOVERY_TYPE}"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-amq-tcp"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "${AMQ_STORAGE_USAGE_LIMIT}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap70-basic-s2i.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap70-basic-s2i.json
new file mode 100644
index 000000000..312db1971
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap70-basic-s2i.json
@@ -0,0 +1,382 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 7.0 (no https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 7 application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 7.0 based application, including a build configuration, application deployment configuration and insecure communication using http.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "eap70-basic-s2i"
+ },
+ "labels": {
+ "template": "eap70-basic-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new EAP 7 based application has been created in your project.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-developer/jboss-eap-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "7.0.0.GA",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "kitchensink",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "MQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ cluster password",
+ "description": "A-MQ cluster admin password",
+ "name": "MQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap70-openshift:1.6"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "MQ_CLUSTER_PASSWORD",
+ "value": "${MQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap70-https-s2i.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap70-https-s2i.json
new file mode 100644
index 000000000..7c3b35f5a
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap70-https-s2i.json
@@ -0,0 +1,578 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 7.0 (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 7 application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 7.0 based application, including a build configuration, application deployment configuration and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "eap70-https-s2i"
+ },
+ "labels": {
+ "template": "eap70-https-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new EAP 7 based application with SSL support has been created in your project. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-developer/jboss-eap-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "7.0.0.GA",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "kitchensink",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "MQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "eap7-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap7-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ cluster password",
+ "description": "A-MQ cluster admin password",
+ "name": "MQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap7-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap70-openshift:1.6"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "MQ_CLUSTER_PASSWORD",
+ "value": "${MQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap70-mongodb-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap70-mongodb-persistent-s2i.json
new file mode 100644
index 000000000..205e451c7
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap70-mongodb-persistent-s2i.json
@@ -0,0 +1,855 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 7.0 + MongoDB (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 7 application with a MongoDB database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 7.0 based application, including a build configuration, application deployment configuration, database deployment configuration for MongoDB using persistence and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "eap70-mongodb-persistent-s2i"
+ },
+ "labels": {
+ "template": "eap70-mongodb-persistent-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new EAP 7 and MongoDB persistent based application with SSL support has been created in your project. The username/password for accessing the MongoDB database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-mongodb",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
+ "name": "DB_JNDI",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "MQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "eap7-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap7-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB No Preallocation",
+ "description": "Disable data file preallocation.",
+ "name": "MONGODB_NOPREALLOC",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Small Files",
+ "description": "Set MongoDB to use a smaller default data file size.",
+ "name": "MONGODB_SMALLFILES",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Quiet",
+ "description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
+ "name": "MONGODB_QUIET",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ cluster password",
+ "description": "A-MQ cluster admin password",
+ "name": "MQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database admin password",
+ "description": "Database admin password",
+ "name": "DB_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap7-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Image Stream Tag",
+ "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
+ "name": "MONGODB_IMAGE_STREAM_TAG",
+ "value": "3.2",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 27017,
+ "targetPort": 27017
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap70-openshift:1.6"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mongodb=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_ADMIN_PASSWORD",
+ "value": "${DB_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "MQ_CLUSTER_PASSWORD",
+ "value": "${MQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mongodb"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "image": "mongodb",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 27017,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/mongodb/data",
+ "name": "${APPLICATION_NAME}-mongodb-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "MONGODB_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MONGODB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MONGODB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MONGODB_ADMIN_PASSWORD",
+ "value": "${DB_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "MONGODB_NOPREALLOC",
+ "value": "${MONGODB_NOPREALLOC}"
+ },
+ {
+ "name": "MONGODB_SMALLFILES",
+ "value": "${MONGODB_SMALLFILES}"
+ },
+ {
+ "name": "MONGODB_QUIET",
+ "value": "${MONGODB_QUIET}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-mongodb-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-mongodb-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap70-mongodb-s2i.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap70-mongodb-s2i.json
new file mode 100644
index 000000000..63b57d5dc
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap70-mongodb-s2i.json
@@ -0,0 +1,814 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "Boss EAP 7.0 + MongoDB (Ephemeral with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 7 application with a MongoDB database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 7.0 based application, including a build configuration, application deployment configuration, database deployment configuration for MongoDB using ephemeral (temporary) storage and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "eap70-mongodb-s2i"
+ },
+ "labels": {
+ "template": "eap70-mongodb-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new EAP 7 and MongoDB based application with SSL support has been created in your project. The username/password for accessing the MongoDB database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-mongodb",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
+ "name": "DB_JNDI",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "MQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "eap7-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap7-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB No Preallocation",
+ "description": "Disable data file preallocation.",
+ "name": "MONGODB_NOPREALLOC",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Small Files",
+ "description": "Set MongoDB to use a smaller default data file size.",
+ "name": "MONGODB_SMALLFILES",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Quiet",
+ "description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
+ "name": "MONGODB_QUIET",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ cluster password",
+ "description": "A-MQ cluster admin password",
+ "name": "MQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database admin password",
+ "description": "Database admin password",
+ "name": "DB_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap7-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Image Stream Tag",
+ "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
+ "name": "MONGODB_IMAGE_STREAM_TAG",
+ "value": "3.2",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 27017,
+ "targetPort": 27017
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap70-openshift:1.6"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mongodb=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_ADMIN_PASSWORD",
+ "value": "${DB_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "MQ_CLUSTER_PASSWORD",
+ "value": "${MQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mongodb"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "image": "mongodb",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 27017,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "MONGODB_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MONGODB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MONGODB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MONGODB_ADMIN_PASSWORD",
+ "value": "${DB_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "MONGODB_NOPREALLOC",
+ "value": "${MONGODB_NOPREALLOC}"
+ },
+ {
+ "name": "MONGODB_SMALLFILES",
+ "value": "${MONGODB_SMALLFILES}"
+ },
+ {
+ "name": "MONGODB_QUIET",
+ "value": "${MONGODB_QUIET}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap70-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap70-mysql-persistent-s2i.json
new file mode 100644
index 000000000..f9f77f22c
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap70-mysql-persistent-s2i.json
@@ -0,0 +1,871 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 7.0 + MySQL (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 7 application with a MySQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 7.0 based application, including a build configuration, application deployment configuration, database deployment configuration for MySQL using persistence and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "eap70-mysql-persistent-s2i"
+ },
+ "labels": {
+ "template": "eap70-mysql-persistent-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new EAP 7 and MySQL persistent based application with SSL support has been created in your project. The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-jdbc",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/TodoListDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "MQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "eap7-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap7-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Lower Case Table Names",
+ "description": "Sets how the table names are stored and compared.",
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Maximum number of connections",
+ "description": "The maximum permitted number of simultaneous client connections.",
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Minimum Word Length",
+ "description": "The minimum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Maximum Word Length",
+ "description": "The maximum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL AIO",
+ "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
+ "name": "MYSQL_AIO",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ cluster password",
+ "description": "A-MQ cluster admin password",
+ "name": "MQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap7-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap70-openshift:1.6"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "MQ_CLUSTER_PASSWORD",
+ "value": "${MQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ },
+ {
+ "name": "DEFAULT_JOB_REPOSITORY",
+ "value": "${APPLICATION_NAME}-mysql"
+ },
+ {
+ "name": "TIMER_SERVICE_DATA_STORE",
+ "value": "${APPLICATION_NAME}-mysql"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mysql",
+ "image": "mysql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/mysql/data",
+ "name": "${APPLICATION_NAME}-mysql-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
+ },
+ {
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "value": "${MYSQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "value": "${MYSQL_FT_MIN_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "value": "${MYSQL_FT_MAX_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_AIO",
+ "value": "${MYSQL_AIO}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-mysql-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-mysql-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap70-mysql-s2i.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap70-mysql-s2i.json
new file mode 100644
index 000000000..8ea433a80
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap70-mysql-s2i.json
@@ -0,0 +1,830 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 7.0 + MySQL (Ephemeral with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 7 application with a MySQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 7.1 based application, including a build configuration, application deployment configuration, database deployment configuration for MySQL using ephemeral (temporary) storage and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "eap70-mysql-s2i"
+ },
+ "labels": {
+ "template": "eap70-mysql-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new EAP 7 and MySQL based application with SSL support has been created in your project. The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-jdbc",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/TodoListDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "MQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "eap7-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap7-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Lower Case Table Names",
+ "description": "Sets how the table names are stored and compared.",
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Maximum number of connections",
+ "description": "The maximum permitted number of simultaneous client connections.",
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Minimum Word Length",
+ "description": "The minimum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Maximum Word Length",
+ "description": "The maximum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL AIO",
+ "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
+ "name": "MYSQL_AIO",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ cluster password",
+ "description": "A-MQ cluster admin password",
+ "name": "MQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap7-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap70-openshift:1.6"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "MQ_CLUSTER_PASSWORD",
+ "value": "${MQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ },
+ {
+ "name": "DEFAULT_JOB_REPOSITORY",
+ "value": "${APPLICATION_NAME}-mysql"
+ },
+ {
+ "name": "TIMER_SERVICE_DATA_STORE",
+ "value": "${APPLICATION_NAME}-mysql"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mysql",
+ "image": "mysql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
+ },
+ {
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "value": "${MYSQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "value": "${MYSQL_FT_MIN_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "value": "${MYSQL_FT_MAX_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_AIO",
+ "value": "${MYSQL_AIO}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap70-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap70-postgresql-persistent-s2i.json
new file mode 100644
index 000000000..a2bc9d3b9
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap70-postgresql-persistent-s2i.json
@@ -0,0 +1,845 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 7.0 + PostgreSQL (Persistent with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 7 application with a PostgreSQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 7.0 based application, including a build configuration, application deployment configuration, database deployment configuration for PostgreSQL using persistence and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "eap70-postgresql-persistent-s2i"
+ },
+ "labels": {
+ "template": "eap70-postgresql-persistent-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new EAP 7 and PostgreSQL persistent based application with SSL support has been created in your project. The username/password for accessing the PostgreSQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-jdbc",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/TodoListDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "MQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "eap7-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap7-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Maximum number of connections",
+ "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Shared Buffers",
+ "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ cluster password",
+ "description": "A-MQ cluster admin password",
+ "name": "MQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap7-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap70-openshift:1.6"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "MQ_CLUSTER_PASSWORD",
+ "value": "${MQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ },
+ {
+ "name": "DEFAULT_JOB_REPOSITORY",
+ "value": "${APPLICATION_NAME}-postgresql"
+ },
+ {
+ "name": "TIMER_SERVICE_DATA_STORE",
+ "value": "${APPLICATION_NAME}-postgresql"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "image": "postgresql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/pgsql/data",
+ "name": "${APPLICATION_NAME}-postgresql-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_PREPARED_TRANSACTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-postgresql-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap70-postgresql-s2i.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap70-postgresql-s2i.json
new file mode 100644
index 000000000..66b0c737d
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap70-postgresql-s2i.json
@@ -0,0 +1,804 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 7.0 + PostgreSQL (Ephemeral with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 7 application with a PostgreSQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 7.0 based application, including a build configuration, application deployment configuration, database deployment configuration for PostgreSQL using ephemeral (temporary) storage and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "eap70-postgresql-s2i"
+ },
+ "labels": {
+ "template": "eap70-postgresql-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new EAP 7 and PostgreSQL based application with SSL support has been created in your project. The username/password for accessing the PostgreSQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-jdbc",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/TodoListDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "MQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "eap7-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap7-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Maximum number of connections",
+ "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Shared Buffers",
+ "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ cluster password",
+ "description": "A-MQ cluster admin password",
+ "name": "MQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap7-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap70-openshift:1.6"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "MQ_CLUSTER_PASSWORD",
+ "value": "${MQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ },
+ {
+ "name": "DEFAULT_JOB_REPOSITORY",
+ "value": "${APPLICATION_NAME}-postgresql"
+ },
+ {
+ "name": "TIMER_SERVICE_DATA_STORE",
+ "value": "${APPLICATION_NAME}-postgresql"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "image": "postgresql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_PREPARED_TRANSACTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap70-sso-s2i.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap70-sso-s2i.json
new file mode 100644
index 000000000..2201ff7f3
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap70-sso-s2i.json
@@ -0,0 +1,816 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 7.0 + Single Sign-On (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 7 Single Sign-On application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 7.0 based application, including a build configuration, application deployment configuration and integrated with Red Hat Single Sign-On.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "eap70-sso-s2i"
+ },
+ "labels": {
+ "template": "eap70-sso-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new EAP 7 based application with SSL and SSO support has been created in your project. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Hostname for http service route (e.g. eap-app-myproject.example.com). Required for SSO-enabled applications. This is added to the white list of redirects in the SSO server.",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": true
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Hostname for https service route (e.g. secure-eap-app-myproject.example.com). Required for SSO-enabled applications. This is added to the white list of redirects in the SSO server.",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": true
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/redhat-developer/redhat-sso-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "7.0.x-ose",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "MQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ cluster password",
+ "description": "A-MQ cluster admin password",
+ "name": "MQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "eap7-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap7-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate (e.g. jboss)",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. mykeystorepass)",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap7-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate (e.g. secret-key)",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. password)",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "URL for SSO",
+ "description": "The URL for the SSO server (e.g. https://secure-sso-myproject.example.com/auth). This is the URL through which the user will be redirected when a login or token is required by the application.",
+ "name": "SSO_URL",
+ "value": "",
+ "required": true
+ },
+ {
+ "displayName": "URL for SSO (internal service)",
+ "description": "The URL for the internal SSO service, where secure-sso (the default) is the kubernetes service exposed by the SSO server. This is used to create the application client(s) (see SSO_USERNAME). This can also be the same as SSO_URL.",
+ "name": "SSO_SERVICE_URL",
+ "value": "https://secure-sso:8443/auth",
+ "required": false
+ },
+ {
+ "displayName": "SSO Realm",
+ "description": "The SSO realm to which the application client(s) should be associated (e.g. demo).",
+ "name": "SSO_REALM",
+ "value": "",
+ "required": true
+ },
+ {
+ "displayName": "SSO Username",
+ "description": "The username used to access the SSO service. This is used to create the appliction client(s) within the specified SSO realm. This should match the SSO_SERVICE_USERNAME specified through one of the sso70-* templates.",
+ "name": "SSO_USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Password",
+ "description": "The password for the SSO service user.",
+ "name": "SSO_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Public Key",
+ "description": "SSO Public Key. Public key is recommended to be passed into the template to avoid man-in-the-middle security vulnerability",
+ "name": "SSO_PUBLIC_KEY",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Bearer Only?",
+ "description": "SSO Client Access Type",
+ "name": "SSO_BEARER_ONLY",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Artifact Directories",
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "app-jee-jsp/target,service-jee-jaxrs/target,app-profile-jee-jsp/target,app-profile-saml-jee-jsp/target",
+ "required": false
+ },
+ {
+ "displayName": "SSO SAML Keystore Secret",
+ "description": "The name of the secret containing the keystore file",
+ "name": "SSO_SAML_KEYSTORE_SECRET",
+ "value": "eap7-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "SSO SAML Keystore",
+ "description": "The name of the keystore file within the secret",
+ "name": "SSO_SAML_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "SSO SAML Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "SSO_SAML_CERTIFICATE_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "displayName": "SSO SAML Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "SSO_SAML_KEYSTORE_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "displayName": "SSO Client Secret",
+ "description": "The SSO Client Secret for Confidential Access",
+ "name": "SSO_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Enable CORS for SSO?",
+ "description": "Enable CORS for SSO applications",
+ "name": "SSO_ENABLE_CORS",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "SSO SAML Logout Page",
+ "description": "SSO logout page for SAML applications",
+ "name": "SSO_SAML_LOGOUT_PAGE",
+ "value": "/",
+ "required": false
+ },
+ {
+ "displayName": "Disable SSL Validation in EAP->SSO communication",
+ "description": "If true SSL communication between EAP and the SSO Server will be insecure (i.e. certificate validation is disabled with curl)",
+ "name": "SSO_DISABLE_SSL_CERTIFICATE_VALIDATION",
+ "value": "true",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store",
+ "description": "The name of the truststore file within the secret (e.g. truststore.jks)",
+ "name": "SSO_TRUSTSTORE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Password",
+ "description": "The password for the truststore and certificate (e.g. mykeystorepass)",
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Secret",
+ "description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
+ "name": "SSO_TRUSTSTORE_SECRET",
+ "value": "eap7-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap70-openshift:1.6"
+ },
+ "env": [
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ },
+ {
+ "name": "MAVEN_ARGS_APPEND",
+ "value": ""
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ }
+ ]
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "sso-saml-keystore-volume",
+ "mountPath": "/etc/sso-saml-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "sso-truststore-volume",
+ "mountPath": "/etc/sso-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HOSTNAME_HTTP",
+ "value": "${HOSTNAME_HTTP}"
+ },
+ {
+ "name": "HOSTNAME_HTTPS",
+ "value": "${HOSTNAME_HTTPS}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "MQ_CLUSTER_PASSWORD",
+ "value": "${MQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ },
+ {
+ "name": "SSO_URL",
+ "value": "${SSO_URL}"
+ },
+ {
+ "name": "SSO_SERVICE_URL",
+ "value": "${SSO_SERVICE_URL}"
+ },
+ {
+ "name": "SSO_REALM",
+ "value": "${SSO_REALM}"
+ },
+ {
+ "name": "SSO_USERNAME",
+ "value": "${SSO_USERNAME}"
+ },
+ {
+ "name": "SSO_PASSWORD",
+ "value": "${SSO_PASSWORD}"
+ },
+ {
+ "name": "SSO_PUBLIC_KEY",
+ "value": "${SSO_PUBLIC_KEY}"
+ },
+ {
+ "name": "SSO_BEARER_ONLY",
+ "value": "${SSO_BEARER_ONLY}"
+ },
+ {
+ "name": "SSO_SAML_KEYSTORE_SECRET",
+ "value": "${SSO_SAML_KEYSTORE_SECRET}"
+ },
+ {
+ "name": "SSO_SAML_KEYSTORE",
+ "value": "${SSO_SAML_KEYSTORE}"
+ },
+ {
+ "name": "SSO_SAML_KEYSTORE_DIR",
+ "value": "/etc/sso-saml-secret-volume"
+ },
+ {
+ "name": "SSO_SAML_CERTIFICATE_NAME",
+ "value": "${SSO_SAML_CERTIFICATE_NAME}"
+ },
+ {
+ "name": "SSO_SAML_KEYSTORE_PASSWORD",
+ "value": "${SSO_SAML_KEYSTORE_PASSWORD}"
+ },
+ {
+ "name": "SSO_SECRET",
+ "value": "${SSO_SECRET}"
+ },
+ {
+ "name": "SSO_ENABLE_CORS",
+ "value": "${SSO_ENABLE_CORS}"
+ },
+ {
+ "name": "SSO_SAML_LOGOUT_PAGE",
+ "value": "${SSO_SAML_LOGOUT_PAGE}"
+ },
+ {
+ "name": "SSO_DISABLE_SSL_CERTIFICATE_VALIDATION",
+ "value": "${SSO_DISABLE_SSL_CERTIFICATE_VALIDATION}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE",
+ "value": "${SSO_TRUSTSTORE}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_DIR",
+ "value": "/etc/sso-secret-volume"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "${SSO_TRUSTSTORE_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "sso-saml-keystore-volume",
+ "secret": {
+ "secretName": "${SSO_SAML_KEYSTORE_SECRET}"
+ }
+ },
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ },
+ {
+ "name": "sso-truststore-volume",
+ "secret": {
+ "secretName": "${SSO_TRUSTSTORE_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap70-third-party-db-s2i.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap70-third-party-db-s2i.json
new file mode 100644
index 000000000..3ca69f6c7
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap70-third-party-db-s2i.json
@@ -0,0 +1,650 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 7.0 (with https, DB drivers)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 7 DB application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 7.0 based application, including a build configuration, application deployment configuration, using third-party DB drivers and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "eap70-third-party-db-s2i"
+ },
+ "labels": {
+ "template": "eap70-third-party-db-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new EAP 7 based application with SSL support has been created in your project. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets:\"${CONFIGURATION_NAME}\" containing the datasource configuration details required by the deployed application(s); \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Configuration Secret Name",
+ "description": "The name of the secret containing configuration properties for the datasources.",
+ "name": "CONFIGURATION_NAME",
+ "value": "eap-app-config",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "master",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "datavirt/hibernate-webapp",
+ "required": false
+ },
+ {
+ "displayName": "Drivers ImageStreamTag",
+ "description": "ImageStreamTag definition for the image containing the drivers and configuration, e.g. jboss-datavirt63-openshift:1.0-driver",
+ "name": "EXTENSIONS_IMAGE",
+ "value": "jboss-datavirt63-driver-openshift:1.1",
+ "required": true
+ },
+ {
+ "displayName": "Drivers ImageStream Namespace",
+ "description": "Namespace within which the ImageStream definition for the image containing the drivers and configuration is located.",
+ "name": "EXTENSIONS_IMAGE_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Drivers Image Install Directory",
+ "description": "Full path to the directory within the extensions image where the extensions are located (e.g. install.sh, modules/, etc.)",
+ "name": "EXTENSIONS_INSTALL_DIR",
+ "value": "/extensions",
+ "required": true
+ },
+ {
+ "displayName": "Queue Names",
+ "description": "Queue names to preconfigure within Messaging subsystem.",
+ "name": "MQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topic Names",
+ "description": "Topic names to preconfigure within Messaging subsystem.",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "eap-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "displayName": "Messaging Cluster Admin Password",
+ "description": "Admin password for Messaging cluster.",
+ "name": "MQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "A secret string used to configure the GitHub webhook.",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "A secret string used to configure the Generic webhook.",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore to be used for securing JGroups communications.",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the JGroups secret.",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the JGroups server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "secret-key",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "password",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "Password used by JGroups to authenticate nodes in the cluster.",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}",
+ "images": [
+ {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${EXTENSIONS_IMAGE_NAMESPACE}",
+ "name": "${EXTENSIONS_IMAGE}"
+ },
+ "paths": [
+ {
+ "destinationDir": "./${CONTEXT_DIR}/extensions/extras",
+ "sourcePath": "${EXTENSIONS_INSTALL_DIR}/."
+ }
+ ]
+ }
+ ]
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "CUSTOM_INSTALL_DIRECTORIES",
+ "value": "extensions/*"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap70-openshift:1.6"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${EXTENSIONS_IMAGE_NAMESPACE}",
+ "name": "${EXTENSIONS_IMAGE}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "configuration",
+ "mountPath": "/etc/eap-environment",
+ "readOnly": true
+ },
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "ENV_FILES",
+ "value": "/etc/eap-environment/*"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "MQ_CLUSTER_PASSWORD",
+ "value": "${MQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "configuration",
+ "secret": {
+ "secretName": "${CONFIGURATION_NAME}"
+ }
+ },
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap71-amq-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap71-amq-persistent-s2i.json
new file mode 100644
index 000000000..dbc1a8013
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap71-amq-persistent-s2i.json
@@ -0,0 +1,876 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 7.1 + A-MQ (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 7 A-MQ application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 7.1 based application, including a build configuration, application deployment configuration, using Red Hat JBoss A-MQ with persistence and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "eap71-amq-persistent-s2i"
+ },
+ "labels": {
+ "template": "eap71-amq-persistent-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new EAP 7 and A-MQ persistent based application with SSL support has been created in your project. The username/password for accessing the A-MQ service is ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "helloworld-mdb",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Volume Size",
+ "description": "Size of the volume used by A-MQ for persisting messages.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "JMS Connection Factory JNDI Name",
+ "description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/ConnectionFactory",
+ "name": "MQ_JNDI",
+ "value": "java:/ConnectionFactory",
+ "required": false
+ },
+ {
+ "displayName": "Split Data?",
+ "description": "Split the data directory for each node in a mesh.",
+ "name": "AMQ_SPLIT",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Protocols",
+ "description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
+ "name": "MQ_PROTOCOL",
+ "value": "openwire",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
+ "name": "MQ_QUEUES",
+ "value": "HELLOWORLDMDBQueue",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
+ "name": "MQ_TOPICS",
+ "value": "HELLOWORLDMDBTopic",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Serializable Packages",
+ "description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "eap7-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap7-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Username",
+ "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Password",
+ "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Mesh Discovery Type",
+ "description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "kube",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Storage Limit",
+ "description": "The A-MQ storage usage limit",
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "100 gb",
+ "required": false
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap7-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61616,
+ "targetPort": 61616
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-tcp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's OpenWire port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTP service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTPS service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap71-openshift:TP"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "MQ_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-amq=MQ"
+ },
+ {
+ "name": "MQ_JNDI",
+ "value": "${MQ_JNDI}"
+ },
+ {
+ "name": "MQ_USERNAME",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "MQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "MQ_PROTOCOL",
+ "value": "tcp"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "${MQ_SERIALIZABLE_PACKAGES}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Rolling",
+ "rollingParams": {
+ "maxSurge": 0
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-amq"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-amq-62:1.6"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-amq",
+ "image": "jboss-amq-62",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/amq/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp",
+ "containerPort": 5672,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp-ssl",
+ "containerPort": 5671,
+ "protocol": "TCP"
+ },
+ {
+ "name": "mqtt",
+ "containerPort": 1883,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp",
+ "containerPort": 61613,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp-ssl",
+ "containerPort": 61612,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp",
+ "containerPort": 61616,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp-ssl",
+ "containerPort": 61617,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/opt/amq/data/kahadb",
+ "name": "${APPLICATION_NAME}-amq-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "AMQ_USER",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "AMQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "AMQ_TRANSPORTS",
+ "value": "${MQ_PROTOCOL}"
+ },
+ {
+ "name": "AMQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "AMQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "${MQ_SERIALIZABLE_PACKAGES}"
+ },
+ {
+ "name": "AMQ_SPLIT",
+ "value": "${AMQ_SPLIT}"
+ },
+ {
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "${AMQ_MESH_DISCOVERY_TYPE}"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-amq-tcp"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "${AMQ_STORAGE_USAGE_LIMIT}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-amq-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-amq-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap71-amq-s2i.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap71-amq-s2i.json
new file mode 100644
index 000000000..6e330eae9
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap71-amq-s2i.json
@@ -0,0 +1,821 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,xpaas,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 7.1 + A-MQ (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 7 A-MQ application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 7.1 based application, including a build configuration, application deployment configuration, using Red Hat JBoss A-MQ and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "eap71-amq-s2i"
+ },
+ "labels": {
+ "template": "eap71-amq-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new EAP 7 and A-MQ based application with SSL support has been created in your project. The username/password for accessing the A-MQ service is ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "helloworld-mdb",
+ "required": false
+ },
+ {
+ "displayName": "JMS Connection Factory JNDI Name",
+ "description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/ConnectionFactory",
+ "name": "MQ_JNDI",
+ "value": "java:/ConnectionFactory",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Protocols",
+ "description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
+ "name": "MQ_PROTOCOL",
+ "value": "openwire",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
+ "name": "MQ_QUEUES",
+ "value": "HELLOWORLDMDBQueue",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
+ "name": "MQ_TOPICS",
+ "value": "HELLOWORLDMDBTopic",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Serializable Packages",
+ "description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "eap7-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap7-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Username",
+ "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Password",
+ "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Mesh Discovery Type",
+ "description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "kube",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Storage Limit",
+ "description": "The A-MQ storage usage limit",
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "100 gb",
+ "required": false
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap7-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61616,
+ "targetPort": 61616
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-tcp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's OpenWire port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTP service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTPS service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap71-openshift:TP"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "MQ_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-amq=MQ"
+ },
+ {
+ "name": "MQ_JNDI",
+ "value": "${MQ_JNDI}"
+ },
+ {
+ "name": "MQ_USERNAME",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "MQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "MQ_PROTOCOL",
+ "value": "tcp"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "${MQ_SERIALIZABLE_PACKAGES}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-amq"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-amq-62:1.6"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-amq",
+ "image": "jboss-amq-62",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/amq/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp",
+ "containerPort": 5672,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp-ssl",
+ "containerPort": 5671,
+ "protocol": "TCP"
+ },
+ {
+ "name": "mqtt",
+ "containerPort": 1883,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp",
+ "containerPort": 61613,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp-ssl",
+ "containerPort": 61612,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp",
+ "containerPort": 61616,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp-ssl",
+ "containerPort": 61617,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "AMQ_USER",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "AMQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "AMQ_TRANSPORTS",
+ "value": "${MQ_PROTOCOL}"
+ },
+ {
+ "name": "AMQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "AMQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "${MQ_SERIALIZABLE_PACKAGES}"
+ },
+ {
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "${AMQ_MESH_DISCOVERY_TYPE}"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-amq-tcp"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "${AMQ_STORAGE_USAGE_LIMIT}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap71-basic-s2i.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap71-basic-s2i.json
new file mode 100644
index 000000000..892ec468c
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap71-basic-s2i.json
@@ -0,0 +1,382 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 7.1 (no https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 7 application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 7.1 based application, including a build configuration, application deployment configuration and insecure communication using http.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "eap71-basic-s2i"
+ },
+ "labels": {
+ "template": "eap71-basic-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new EAP 7 based application has been created in your project.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-developer/jboss-eap-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "7.0.0.GA",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "kitchensink",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "MQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ cluster password",
+ "description": "A-MQ cluster admin password",
+ "name": "MQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap71-openshift:TP"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "MQ_CLUSTER_PASSWORD",
+ "value": "${MQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap71-https-s2i.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap71-https-s2i.json
new file mode 100644
index 000000000..7426830ec
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap71-https-s2i.json
@@ -0,0 +1,578 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 7.1 (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 7 application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 7.1 based application, including a build configuration, application deployment configuration and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "eap71-https-s2i"
+ },
+ "labels": {
+ "template": "eap71-https-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new EAP 7 based application with SSL support has been created in your project. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-developer/jboss-eap-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "7.0.0.GA",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "kitchensink",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "MQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "eap7-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap7-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ cluster password",
+ "description": "A-MQ cluster admin password",
+ "name": "MQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap7-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap71-openshift:TP"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "MQ_CLUSTER_PASSWORD",
+ "value": "${MQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap71-mongodb-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap71-mongodb-persistent-s2i.json
new file mode 100644
index 000000000..fb7f27acf
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap71-mongodb-persistent-s2i.json
@@ -0,0 +1,855 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 7.1 + MongoDB (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 7 application with a MongoDB database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 7.1 based application, including a build configuration, application deployment configuration, database deployment configuration for MongoDB using persistence and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "eap71-mongodb-persistent-s2i"
+ },
+ "labels": {
+ "template": "eap71-mongodb-persistent-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new EAP 7 and MongoDB persistent based application with SSL support has been created in your project. The username/password for accessing the MongoDB database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-mongodb",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
+ "name": "DB_JNDI",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "MQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "eap7-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap7-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB No Preallocation",
+ "description": "Disable data file preallocation.",
+ "name": "MONGODB_NOPREALLOC",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Small Files",
+ "description": "Set MongoDB to use a smaller default data file size.",
+ "name": "MONGODB_SMALLFILES",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Quiet",
+ "description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
+ "name": "MONGODB_QUIET",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ cluster password",
+ "description": "A-MQ cluster admin password",
+ "name": "MQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database admin password",
+ "description": "Database admin password",
+ "name": "DB_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap7-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Image Stream Tag",
+ "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
+ "name": "MONGODB_IMAGE_STREAM_TAG",
+ "value": "3.2",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 27017,
+ "targetPort": 27017
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap71-openshift:TP"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mongodb=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_ADMIN_PASSWORD",
+ "value": "${DB_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "MQ_CLUSTER_PASSWORD",
+ "value": "${MQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mongodb"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "image": "mongodb",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 27017,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/mongodb/data",
+ "name": "${APPLICATION_NAME}-mongodb-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "MONGODB_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MONGODB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MONGODB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MONGODB_ADMIN_PASSWORD",
+ "value": "${DB_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "MONGODB_NOPREALLOC",
+ "value": "${MONGODB_NOPREALLOC}"
+ },
+ {
+ "name": "MONGODB_SMALLFILES",
+ "value": "${MONGODB_SMALLFILES}"
+ },
+ {
+ "name": "MONGODB_QUIET",
+ "value": "${MONGODB_QUIET}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-mongodb-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-mongodb-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap71-mongodb-s2i.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap71-mongodb-s2i.json
new file mode 100644
index 000000000..915c9ba0a
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap71-mongodb-s2i.json
@@ -0,0 +1,814 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 7.1 + MongoDB (Ephemeral with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 7 application with a MongoDB database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 7.1 based application, including a build configuration, application deployment configuration, database deployment configuration for MongoDB using ephemeral (temporary) storage and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "eap71-mongodb-s2i"
+ },
+ "labels": {
+ "template": "eap71-mongodb-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new EAP 7 and MongoDB based application with SSL support has been created in your project. The username/password for accessing the MongoDB database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-mongodb",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
+ "name": "DB_JNDI",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "MQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "eap7-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap7-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB No Preallocation",
+ "description": "Disable data file preallocation.",
+ "name": "MONGODB_NOPREALLOC",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Small Files",
+ "description": "Set MongoDB to use a smaller default data file size.",
+ "name": "MONGODB_SMALLFILES",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Quiet",
+ "description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
+ "name": "MONGODB_QUIET",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ cluster password",
+ "description": "A-MQ cluster admin password",
+ "name": "MQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database admin password",
+ "description": "Database admin password",
+ "name": "DB_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap7-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Image Stream Tag",
+ "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
+ "name": "MONGODB_IMAGE_STREAM_TAG",
+ "value": "3.2",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 27017,
+ "targetPort": 27017
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap71-openshift:TP"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mongodb=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_ADMIN_PASSWORD",
+ "value": "${DB_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "MQ_CLUSTER_PASSWORD",
+ "value": "${MQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mongodb"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "image": "mongodb",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 27017,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "MONGODB_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MONGODB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MONGODB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MONGODB_ADMIN_PASSWORD",
+ "value": "${DB_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "MONGODB_NOPREALLOC",
+ "value": "${MONGODB_NOPREALLOC}"
+ },
+ {
+ "name": "MONGODB_SMALLFILES",
+ "value": "${MONGODB_SMALLFILES}"
+ },
+ {
+ "name": "MONGODB_QUIET",
+ "value": "${MONGODB_QUIET}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap71-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap71-mysql-persistent-s2i.json
new file mode 100644
index 000000000..6af9e5f50
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap71-mysql-persistent-s2i.json
@@ -0,0 +1,871 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 7.1 + MySQL (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 7 application with a MySQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 7.1 based application, including a build configuration, application deployment configuration, database deployment configuration for MySQL using persistence and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "eap71-mysql-persistent-s2i"
+ },
+ "labels": {
+ "template": "eap71-mysql-persistent-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new EAP 7 and MySQL persistent based application with SSL support has been created in your project. The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-jdbc",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/TodoListDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "MQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "eap7-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap7-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Lower Case Table Names",
+ "description": "Sets how the table names are stored and compared.",
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Maximum number of connections",
+ "description": "The maximum permitted number of simultaneous client connections.",
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Minimum Word Length",
+ "description": "The minimum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Maximum Word Length",
+ "description": "The maximum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL AIO",
+ "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
+ "name": "MYSQL_AIO",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ cluster password",
+ "description": "A-MQ cluster admin password",
+ "name": "MQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap7-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap71-openshift:TP"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "MQ_CLUSTER_PASSWORD",
+ "value": "${MQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ },
+ {
+ "name": "DEFAULT_JOB_REPOSITORY",
+ "value": "${APPLICATION_NAME}-mysql"
+ },
+ {
+ "name": "TIMER_SERVICE_DATA_STORE",
+ "value": "${APPLICATION_NAME}-mysql"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mysql",
+ "image": "mysql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/mysql/data",
+ "name": "${APPLICATION_NAME}-mysql-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
+ },
+ {
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "value": "${MYSQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "value": "${MYSQL_FT_MIN_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "value": "${MYSQL_FT_MAX_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_AIO",
+ "value": "${MYSQL_AIO}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-mysql-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-mysql-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap71-mysql-s2i.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap71-mysql-s2i.json
new file mode 100644
index 000000000..c7d14d3c7
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap71-mysql-s2i.json
@@ -0,0 +1,830 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 7.1 + MySQL (Ephemeral with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 7 application with a MySQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 7.1 based application, including a build configuration, application deployment configuration, database deployment configuration for MySQL using ephemeral (temporary) storage and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "eap71-mysql-s2i"
+ },
+ "labels": {
+ "template": "eap71-mysql-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new EAP 7 and MySQL based application with SSL support has been created in your project. The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-jdbc",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/TodoListDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "MQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "eap7-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap7-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Lower Case Table Names",
+ "description": "Sets how the table names are stored and compared.",
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Maximum number of connections",
+ "description": "The maximum permitted number of simultaneous client connections.",
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Minimum Word Length",
+ "description": "The minimum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Maximum Word Length",
+ "description": "The maximum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL AIO",
+ "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
+ "name": "MYSQL_AIO",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ cluster password",
+ "description": "A-MQ cluster admin password",
+ "name": "MQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap7-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap71-openshift:TP"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "MQ_CLUSTER_PASSWORD",
+ "value": "${MQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ },
+ {
+ "name": "DEFAULT_JOB_REPOSITORY",
+ "value": "${APPLICATION_NAME}-mysql"
+ },
+ {
+ "name": "TIMER_SERVICE_DATA_STORE",
+ "value": "${APPLICATION_NAME}-mysql"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mysql",
+ "image": "mysql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
+ },
+ {
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "value": "${MYSQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "value": "${MYSQL_FT_MIN_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "value": "${MYSQL_FT_MAX_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_AIO",
+ "value": "${MYSQL_AIO}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap71-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap71-postgresql-persistent-s2i.json
new file mode 100644
index 000000000..a8d77b0ab
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap71-postgresql-persistent-s2i.json
@@ -0,0 +1,845 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 7.1 + PostgreSQL (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 7 application with a PostgreSQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 7.1 based application, including a build configuration, application deployment configuration, database deployment configuration for PostgreSQL using persistence and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "eap71-postgresql-persistent-s2i"
+ },
+ "labels": {
+ "template": "eap71-postgresql-persistent-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new EAP 7 and PostgreSQL persistent based application with SSL support has been created in your project. The username/password for accessing the PostgreSQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-jdbc",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/TodoListDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "MQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "eap7-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap7-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Maximum number of connections",
+ "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Shared Buffers",
+ "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ cluster password",
+ "description": "A-MQ cluster admin password",
+ "name": "MQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap7-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap71-openshift:TP"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "MQ_CLUSTER_PASSWORD",
+ "value": "${MQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ },
+ {
+ "name": "DEFAULT_JOB_REPOSITORY",
+ "value": "${APPLICATION_NAME}-postgresql"
+ },
+ {
+ "name": "TIMER_SERVICE_DATA_STORE",
+ "value": "${APPLICATION_NAME}-postgresql"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "image": "postgresql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/pgsql/data",
+ "name": "${APPLICATION_NAME}-postgresql-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_PREPARED_TRANSACTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-postgresql-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap71-postgresql-s2i.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap71-postgresql-s2i.json
new file mode 100644
index 000000000..d87f05ea8
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap71-postgresql-s2i.json
@@ -0,0 +1,804 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 7.1 + PostgreSQL (Ephemeral with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 7 application with a PostgreSQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 7.1 based application, including a build configuration, application deployment configuration, database deployment configuration for PostgreSQL using ephemeral (temporary) storage and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "eap71-postgresql-s2i"
+ },
+ "labels": {
+ "template": "eap71-postgresql-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new EAP 7 and PostgreSQL based application with SSL support has been created in your project. The username/password for accessing the PostgreSQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-jdbc",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/TodoListDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "MQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "eap7-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap7-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Maximum number of connections",
+ "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Shared Buffers",
+ "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ cluster password",
+ "description": "A-MQ cluster admin password",
+ "name": "MQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap7-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap71-openshift:TP"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "MQ_CLUSTER_PASSWORD",
+ "value": "${MQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ },
+ {
+ "name": "DEFAULT_JOB_REPOSITORY",
+ "value": "${APPLICATION_NAME}-postgresql"
+ },
+ {
+ "name": "TIMER_SERVICE_DATA_STORE",
+ "value": "${APPLICATION_NAME}-postgresql"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "image": "postgresql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_PREPARED_TRANSACTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap71-sso-s2i.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap71-sso-s2i.json
new file mode 100644
index 000000000..96b3dffc9
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap71-sso-s2i.json
@@ -0,0 +1,816 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 7.1 + Single Sign-On (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 7 Single Sign-On application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 7.1 based application, including a build configuration, application deployment configuration and integrated with Red Hat Single Sign-On.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "eap71-sso-s2i"
+ },
+ "labels": {
+ "template": "eap71-sso-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new EAP 7 based application with SSL and SSO support has been created in your project. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Hostname for http service route (e.g. eap-app-myproject.example.com). Required for SSO-enabled applications. This is added to the white list of redirects in the SSO server.",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": true
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Hostname for https service route (e.g. secure-eap-app-myproject.example.com). Required for SSO-enabled applications. This is added to the white list of redirects in the SSO server.",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": true
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/redhat-developer/redhat-sso-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "7.0.x-ose",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "HORNETQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "HORNETQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "eap7-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap7-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate (e.g. jboss)",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. mykeystorepass)",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "HornetQ Password",
+ "description": "HornetQ cluster admin password",
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap7-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate (e.g. secret-key)",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. password)",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "URL for SSO",
+ "description": "The URL for the SSO server (e.g. https://secure-sso-myproject.example.com/auth). This is the URL through which the user will be redirected when a login or token is required by the application.",
+ "name": "SSO_URL",
+ "value": "",
+ "required": true
+ },
+ {
+ "displayName": "URL for SSO (internal service)",
+ "description": "The URL for the internal SSO service, where secure-sso (the default) is the kubernetes service exposed by the SSO server. This is used to create the application client(s) (see SSO_USERNAME). This can also be the same as SSO_URL.",
+ "name": "SSO_SERVICE_URL",
+ "value": "https://secure-sso:8443/auth",
+ "required": false
+ },
+ {
+ "displayName": "SSO Realm",
+ "description": "The SSO realm to which the application client(s) should be associated (e.g. demo).",
+ "name": "SSO_REALM",
+ "value": "",
+ "required": true
+ },
+ {
+ "displayName": "SSO Username",
+ "description": "The username used to access the SSO service. This is used to create the appliction client(s) within the specified SSO realm. This should match the SSO_SERVICE_USERNAME specified through one of the sso70-* templates.",
+ "name": "SSO_USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Password",
+ "description": "The password for the SSO service user.",
+ "name": "SSO_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Public Key",
+ "description": "SSO Public Key. Public key is recommended to be passed into the template to avoid man-in-the-middle security vulnerability",
+ "name": "SSO_PUBLIC_KEY",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Bearer Only?",
+ "description": "SSO Client Access Type",
+ "name": "SSO_BEARER_ONLY",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Artifact Directories",
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "app-jee-jsp/target,service-jee-jaxrs/target,app-profile-jee-jsp/target,app-profile-saml-jee-jsp/target",
+ "required": false
+ },
+ {
+ "displayName": "SSO SAML Keystore Secret",
+ "description": "The name of the secret containing the keystore file",
+ "name": "SSO_SAML_KEYSTORE_SECRET",
+ "value": "eap7-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "SSO SAML Keystore",
+ "description": "The name of the keystore file within the secret",
+ "name": "SSO_SAML_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "SSO SAML Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "SSO_SAML_CERTIFICATE_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "displayName": "SSO SAML Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "SSO_SAML_KEYSTORE_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "displayName": "SSO Client Secret",
+ "description": "The SSO Client Secret for Confidential Access",
+ "name": "SSO_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Enable CORS for SSO?",
+ "description": "Enable CORS for SSO applications",
+ "name": "SSO_ENABLE_CORS",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "SSO SAML Logout Page",
+ "description": "SSO logout page for SAML applications",
+ "name": "SSO_SAML_LOGOUT_PAGE",
+ "value": "/",
+ "required": false
+ },
+ {
+ "displayName": "Disable SSL Validation in EAP->SSO communication",
+ "description": "If true SSL communication between EAP and the SSO Server will be insecure (i.e. certificate validation is disabled with curl)",
+ "name": "SSO_DISABLE_SSL_CERTIFICATE_VALIDATION",
+ "value": "true",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store",
+ "description": "The name of the truststore file within the secret (e.g. truststore.jks)",
+ "name": "SSO_TRUSTSTORE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Password",
+ "description": "The password for the truststore and certificate (e.g. mykeystorepass)",
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Secret",
+ "description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
+ "name": "SSO_TRUSTSTORE_SECRET",
+ "value": "eap7-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap71-openshift:TP"
+ },
+ "env": [
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ },
+ {
+ "name": "MAVEN_ARGS_APPEND",
+ "value": ""
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ }
+ ]
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "sso-saml-keystore-volume",
+ "mountPath": "/etc/sso-saml-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "sso-truststore-volume",
+ "mountPath": "/etc/sso-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HOSTNAME_HTTP",
+ "value": "${HOSTNAME_HTTP}"
+ },
+ {
+ "name": "HOSTNAME_HTTPS",
+ "value": "${HOSTNAME_HTTPS}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_QUEUES",
+ "value": "${HORNETQ_QUEUES}"
+ },
+ {
+ "name": "HORNETQ_TOPICS",
+ "value": "${HORNETQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ },
+ {
+ "name": "SSO_URL",
+ "value": "${SSO_URL}"
+ },
+ {
+ "name": "SSO_SERVICE_URL",
+ "value": "${SSO_SERVICE_URL}"
+ },
+ {
+ "name": "SSO_REALM",
+ "value": "${SSO_REALM}"
+ },
+ {
+ "name": "SSO_USERNAME",
+ "value": "${SSO_USERNAME}"
+ },
+ {
+ "name": "SSO_PASSWORD",
+ "value": "${SSO_PASSWORD}"
+ },
+ {
+ "name": "SSO_PUBLIC_KEY",
+ "value": "${SSO_PUBLIC_KEY}"
+ },
+ {
+ "name": "SSO_BEARER_ONLY",
+ "value": "${SSO_BEARER_ONLY}"
+ },
+ {
+ "name": "SSO_SAML_KEYSTORE_SECRET",
+ "value": "${SSO_SAML_KEYSTORE_SECRET}"
+ },
+ {
+ "name": "SSO_SAML_KEYSTORE",
+ "value": "${SSO_SAML_KEYSTORE}"
+ },
+ {
+ "name": "SSO_SAML_KEYSTORE_DIR",
+ "value": "/etc/sso-saml-secret-volume"
+ },
+ {
+ "name": "SSO_SAML_CERTIFICATE_NAME",
+ "value": "${SSO_SAML_CERTIFICATE_NAME}"
+ },
+ {
+ "name": "SSO_SAML_KEYSTORE_PASSWORD",
+ "value": "${SSO_SAML_KEYSTORE_PASSWORD}"
+ },
+ {
+ "name": "SSO_SECRET",
+ "value": "${SSO_SECRET}"
+ },
+ {
+ "name": "SSO_ENABLE_CORS",
+ "value": "${SSO_ENABLE_CORS}"
+ },
+ {
+ "name": "SSO_SAML_LOGOUT_PAGE",
+ "value": "${SSO_SAML_LOGOUT_PAGE}"
+ },
+ {
+ "name": "SSO_DISABLE_SSL_CERTIFICATE_VALIDATION",
+ "value": "${SSO_DISABLE_SSL_CERTIFICATE_VALIDATION}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE",
+ "value": "${SSO_TRUSTSTORE}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_DIR",
+ "value": "/etc/sso-secret-volume"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "${SSO_TRUSTSTORE_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "sso-saml-keystore-volume",
+ "secret": {
+ "secretName": "${SSO_SAML_KEYSTORE_SECRET}"
+ }
+ },
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ },
+ {
+ "name": "sso-truststore-volume",
+ "secret": {
+ "secretName": "${SSO_TRUSTSTORE_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap71-third-party-db-s2i.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap71-third-party-db-s2i.json
new file mode 100644
index 000000000..a2a7264fb
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/eap71-third-party-db-s2i.json
@@ -0,0 +1,650 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-eap",
+ "tags": "eap,javaee,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss EAP 7.1 (with https, DB drivers)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example EAP 7 DB application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Enterprise Application Server 7.1 based application, including a build configuration, application deployment configuration, using third-party DB drivers and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "eap71-third-party-db-s2i"
+ },
+ "labels": {
+ "template": "eap71-third-party-db-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new EAP 7 based application with SSL support has been created in your project. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets:\"${CONFIGURATION_NAME}\" containing the datasource configuration details required by the deployed application(s); \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Configuration Secret Name",
+ "description": "The name of the secret containing configuration properties for the datasources.",
+ "name": "CONFIGURATION_NAME",
+ "value": "eap-app-config",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "master",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "datavirt/hibernate-webapp",
+ "required": false
+ },
+ {
+ "displayName": "Drivers ImageStreamTag",
+ "description": "ImageStreamTag definition for the image containing the drivers and configuration, e.g. jboss-datavirt63-openshift:1.0-driver",
+ "name": "EXTENSIONS_IMAGE",
+ "value": "jboss-datavirt63-driver-openshift:1.1",
+ "required": true
+ },
+ {
+ "displayName": "Drivers ImageStream Namespace",
+ "description": "Namespace within which the ImageStream definition for the image containing the drivers and configuration is located.",
+ "name": "EXTENSIONS_IMAGE_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Drivers Image Install Directory",
+ "description": "Full path to the directory within the extensions image where the extensions are located (e.g. install.sh, modules/, etc.)",
+ "name": "EXTENSIONS_INSTALL_DIR",
+ "value": "/extensions",
+ "required": true
+ },
+ {
+ "displayName": "Queue Names",
+ "description": "Queue names to preconfigure within Messaging subsystem.",
+ "name": "MQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topic Names",
+ "description": "Topic names to preconfigure within Messaging subsystem.",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "eap-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "displayName": "Messaging Cluster Admin Password",
+ "description": "Admin password for Messaging cluster.",
+ "name": "MQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "A secret string used to configure the GitHub webhook.",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "A secret string used to configure the Generic webhook.",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore to be used for securing JGroups communications.",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the JGroups secret.",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the JGroups server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "secret-key",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "password",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "Password used by JGroups to authenticate nodes in the cluster.",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}",
+ "images": [
+ {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${EXTENSIONS_IMAGE_NAMESPACE}",
+ "name": "${EXTENSIONS_IMAGE}"
+ },
+ "paths": [
+ {
+ "destinationDir": "./${CONTEXT_DIR}/extensions/extras",
+ "sourcePath": "${EXTENSIONS_INSTALL_DIR}/."
+ }
+ ]
+ }
+ ]
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "CUSTOM_INSTALL_DIRECTORIES",
+ "value": "extensions/*"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap71-openshift:TP"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${EXTENSIONS_IMAGE_NAMESPACE}",
+ "name": "${EXTENSIONS_IMAGE}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "configuration",
+ "mountPath": "/etc/eap-environment",
+ "readOnly": true
+ },
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "ENV_FILES",
+ "value": "/etc/eap-environment/*"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "MQ_CLUSTER_PASSWORD",
+ "value": "${MQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "configuration",
+ "secret": {
+ "secretName": "${CONFIGURATION_NAME}"
+ }
+ },
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/jws31-tomcat7-basic-s2i.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/jws31-tomcat7-basic-s2i.json
new file mode 100644
index 000000000..42e352538
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/jws31-tomcat7-basic-s2i.json
@@ -0,0 +1,320 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-rh-tomcat",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Application template for JWS applications built using S2I.",
+ "tags": "tomcat,tomcat7,java,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Web Server 3.1 Apache Tomcat 7 (no https)"
+ },
+ "name": "jws31-tomcat7-basic-s2i"
+ },
+ "labels": {
+ "template": "jws31-tomcat7-basic-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new JWS application for Apache Tomcat 7 has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "jws-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "tomcat-websocket-chat",
+ "required": false
+ },
+ {
+ "displayName": "JWS Admin Username",
+ "description": "JWS Admin User",
+ "name": "JWS_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Password",
+ "description": "JWS Admin Password",
+ "name": "JWS_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-webserver31-tomcat7-openshift:1.1"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "JWS_ADMIN_USERNAME",
+ "value": "${JWS_ADMIN_USERNAME}"
+ },
+ {
+ "name": "JWS_ADMIN_PASSWORD",
+ "value": "${JWS_ADMIN_PASSWORD}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/jws31-tomcat7-https-s2i.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/jws31-tomcat7-https-s2i.json
new file mode 100644
index 000000000..b0a81d9c3
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/jws31-tomcat7-https-s2i.json
@@ -0,0 +1,443 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-rh-tomcat",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example JBoss Web Server application configured for use with https. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "tags": "tomcat,tomcat7,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Web Server 3.1 Apache Tomcat 7 (with https)",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat JBoss Web Server 3.1 Apache Tomcat 7 based application, including a build configuration, and application deployment configuration. This also illustrations how to connect to the web applicaiton using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-web-server/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+
+ },
+ "name": "jws31-tomcat7-https-s2i"
+ },
+ "labels": {
+ "template": "jws31-tomcat7-https-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new JWS application for Apache Tomcat 7 has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "jws-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "tomcat-websocket-chat",
+ "required": false
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "The name of the secret containing the certificate files",
+ "name": "JWS_HTTPS_SECRET",
+ "value": "jws-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Certificate Name",
+ "description": "The name of the certificate file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "server.crt",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Key Name",
+ "description": "The name of the certificate key file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "server.key",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Password",
+ "description": "The certificate password",
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JWS Admin Username",
+ "description": "JWS Admin User",
+ "name": "JWS_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Password",
+ "description": "JWS Admin Password",
+ "name": "JWS_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-webserver31-tomcat7-openshift:1.1"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "jws-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ ]
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "jws-certificate-volume",
+ "mountPath": "/etc/jws-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_DIR",
+ "value": "/etc/jws-secret-volume"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "${JWS_HTTPS_CERTIFICATE}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
+ },
+ {
+ "name": "JWS_ADMIN_USERNAME",
+ "value": "${JWS_ADMIN_USERNAME}"
+ },
+ {
+ "name": "JWS_ADMIN_PASSWORD",
+ "value": "${JWS_ADMIN_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "jws-certificate-volume",
+ "secret": {
+ "secretName": "${JWS_HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/jws31-tomcat7-mongodb-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/jws31-tomcat7-mongodb-persistent-s2i.json
new file mode 100644
index 000000000..565f97822
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/jws31-tomcat7-mongodb-persistent-s2i.json
@@ -0,0 +1,719 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-rh-tomcat",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "tags": "tomcat,tomcat7,java,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Web Server 3.1 Apache Tomcat 7 + MongoDB (with https)",
+ "description": "An example JBoss Web Server application with a MongoDB database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat JBoss Web Server 3.1 Apache Tomcat 7 based application, including a build configuration, application deployment configuration, database deployment configuration for MongoDB using persistence and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-web-server/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "jws31-tomcat7-mongodb-persistent-s2i"
+ },
+ "labels": {
+ "template": "jws31-tomcat7-mongodb-persistent-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new persistent JWS application for Apache Tomcat 7 (using MongoDB) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MongoDB database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "jws-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-mongodb",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
+ "name": "DB_JNDI",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "The name of the secret containing the certificate files",
+ "name": "JWS_HTTPS_SECRET",
+ "value": "jws-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Certificate Name",
+ "description": "The name of the certificate file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "server.crt",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Key Name",
+ "description": "The name of the certificate key file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "server.key",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Password",
+ "description": "The certificate password",
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB No Preallocation",
+ "description": "Disable data file preallocation.",
+ "name": "MONGODB_NOPREALLOC",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Small Files",
+ "description": "Set MongoDB to use a smaller default data file size.",
+ "name": "MONGODB_SMALLFILES",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Quiet",
+ "description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
+ "name": "MONGODB_QUIET",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database admin password",
+ "description": "Database admin password",
+ "name": "DB_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Username",
+ "description": "JWS Admin User",
+ "name": "JWS_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Password",
+ "description": "JWS Admin Password",
+ "name": "JWS_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Image Stream Tag",
+ "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
+ "name": "MONGODB_IMAGE_STREAM_TAG",
+ "value": "3.2",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 27017,
+ "targetPort": 27017
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-webserver31-tomcat7-openshift:1.1"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "jws-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ ]
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "jws-certificate-volume",
+ "mountPath": "/etc/jws-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mongodb=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_ADMIN_PASSWORD",
+ "value": "${DB_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_DIR",
+ "value": "/etc/jws-secret-volume"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "${JWS_HTTPS_CERTIFICATE}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
+ },
+ {
+ "name": "JWS_ADMIN_USERNAME",
+ "value": "${JWS_ADMIN_USERNAME}"
+ },
+ {
+ "name": "JWS_ADMIN_PASSWORD",
+ "value": "${JWS_ADMIN_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "jws-certificate-volume",
+ "secret": {
+ "secretName": "${JWS_HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mongodb"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "image": "mongodb",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 27017,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/mongodb/data",
+ "name": "${APPLICATION_NAME}-mongodb-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "MONGODB_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MONGODB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MONGODB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MONGODB_ADMIN_PASSWORD",
+ "value": "${DB_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "MONGODB_NOPREALLOC",
+ "value": "${MONGODB_NOPREALLOC}"
+ },
+ {
+ "name": "MONGODB_SMALLFILES",
+ "value": "${MONGODB_SMALLFILES}"
+ },
+ {
+ "name": "MONGODB_QUIET",
+ "value": "${MONGODB_QUIET}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-mongodb-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-mongodb-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/jws31-tomcat7-mongodb-s2i.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/jws31-tomcat7-mongodb-s2i.json
new file mode 100644
index 000000000..fc473f5c3
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/jws31-tomcat7-mongodb-s2i.json
@@ -0,0 +1,675 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-rh-tomcat",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Application template for JWS MongoDB applications built using S2I.",
+ "tags": "tomcat,tomcat7,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Web Server 3.1 Apache Tomcat 7 + MongoDB (Ephemeral with https)"
+ },
+ "name": "jws31-tomcat7-mongodb-s2i"
+ },
+ "labels": {
+ "template": "jws31-tomcat7-mongodb-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new JWS application for Apache Tomcat 7 (using MongoDB) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MongoDB database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "jws-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-mongodb",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
+ "name": "DB_JNDI",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "The name of the secret containing the certificate files",
+ "name": "JWS_HTTPS_SECRET",
+ "value": "jws-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Certificate Name",
+ "description": "The name of the certificate file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "server.crt",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Key Name",
+ "description": "The name of the certificate key file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "server.key",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Password",
+ "description": "The certificate password",
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB No Preallocation",
+ "description": "Disable data file preallocation.",
+ "name": "MONGODB_NOPREALLOC",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Small Files",
+ "description": "Set MongoDB to use a smaller default data file size.",
+ "name": "MONGODB_SMALLFILES",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Quiet",
+ "description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
+ "name": "MONGODB_QUIET",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database admin password",
+ "description": "Database admin password",
+ "name": "DB_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Username",
+ "description": "JWS Admin User",
+ "name": "JWS_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Password",
+ "description": "JWS Admin Password",
+ "name": "JWS_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Image Stream Tag",
+ "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
+ "name": "MONGODB_IMAGE_STREAM_TAG",
+ "value": "3.2",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 27017,
+ "targetPort": 27017
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-webserver31-tomcat7-openshift:1.1"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "jws-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ ]
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "jws-certificate-volume",
+ "mountPath": "/etc/jws-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mongodb=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_ADMIN_PASSWORD",
+ "value": "${DB_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_DIR",
+ "value": "/etc/jws-secret-volume"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "${JWS_HTTPS_CERTIFICATE}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
+ },
+ {
+ "name": "JWS_ADMIN_USERNAME",
+ "value": "${JWS_ADMIN_USERNAME}"
+ },
+ {
+ "name": "JWS_ADMIN_PASSWORD",
+ "value": "${JWS_ADMIN_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "jws-certificate-volume",
+ "secret": {
+ "secretName": "${JWS_HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mongodb"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "image": "mongodb",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 27017,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "MONGODB_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MONGODB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MONGODB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MONGODB_ADMIN_PASSWORD",
+ "value": "${DB_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "MONGODB_NOPREALLOC",
+ "value": "${MONGODB_NOPREALLOC}"
+ },
+ {
+ "name": "MONGODB_SMALLFILES",
+ "value": "${MONGODB_SMALLFILES}"
+ },
+ {
+ "name": "MONGODB_QUIET",
+ "value": "${MONGODB_QUIET}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/jws31-tomcat7-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/jws31-tomcat7-mysql-persistent-s2i.json
new file mode 100644
index 000000000..1223acd0f
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/jws31-tomcat7-mysql-persistent-s2i.json
@@ -0,0 +1,723 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-rh-tomcat",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "tags": "tomcat,tomcat7,java,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Apache Tomcat 7 + MySQL (with https)",
+ "description": "An example JBoss Web Server application with a MySQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat JBoss Web Server 3.1 Apache Tomcat 7 based application, including a build configuration, application deployment configuration, database deployment configuration for MySQL using persistence and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-web-server/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+
+ },
+ "name": "jws31-tomcat7-mysql-persistent-s2i"
+ },
+ "labels": {
+ "template": "jws31-tomcat7-mysql-persistent-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new persistent JWS application for Apache Tomcat 7 (using MySQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "jws-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-jdbc",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/mysqlDS",
+ "name": "DB_JNDI",
+ "value": "jboss/datasources/defaultDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "The name of the secret containing the certificate files",
+ "name": "JWS_HTTPS_SECRET",
+ "value": "jws-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Certificate Name",
+ "description": "The name of the certificate file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "server.crt",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Key Name",
+ "description": "The name of the certificate key file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "server.key",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Password",
+ "description": "The certificate password",
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Lower Case Table Names",
+ "description": "Sets how the table names are stored and compared.",
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Maximum number of connections",
+ "description": "The maximum permitted number of simultaneous client connections.",
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Minimum Word Length",
+ "description": "The minimum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Maximum Word Length",
+ "description": "The maximum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL AIO",
+ "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
+ "name": "MYSQL_AIO",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Username",
+ "description": "JWS Admin User",
+ "name": "JWS_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Password",
+ "description": "JWS Admin Password",
+ "name": "JWS_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-webserver31-tomcat7-openshift:1.1"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "jws-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ ]
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "jws-certificate-volume",
+ "mountPath": "/etc/jws-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_DIR",
+ "value": "/etc/jws-secret-volume"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "${JWS_HTTPS_CERTIFICATE}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
+ },
+ {
+ "name": "JWS_ADMIN_USERNAME",
+ "value": "${JWS_ADMIN_USERNAME}"
+ },
+ {
+ "name": "JWS_ADMIN_PASSWORD",
+ "value": "${JWS_ADMIN_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "jws-certificate-volume",
+ "secret": {
+ "secretName": "${JWS_HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mysql",
+ "image": "mysql",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/mysql/data",
+ "name": "${APPLICATION_NAME}-mysql-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
+ },
+ {
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "value": "${MYSQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "value": "${MYSQL_FT_MIN_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "value": "${MYSQL_FT_MAX_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_AIO",
+ "value": "${MYSQL_AIO}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-mysql-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-mysql-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/jws31-tomcat7-mysql-s2i.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/jws31-tomcat7-mysql-s2i.json
new file mode 100644
index 000000000..39becd41e
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/jws31-tomcat7-mysql-s2i.json
@@ -0,0 +1,678 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-rh-tomcat",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Application template for JWS MySQL applications built using S2I.",
+ "tags": "tomcat,tomcat7,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Web Server 3.1 Apache Tomcat 7 + MySQL (Ephemeral with https)"
+ },
+ "name": "jws31-tomcat7-mysql-s2i"
+ },
+ "labels": {
+ "template": "jws31-tomcat7-mysql-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new JWS application for Apache Tomcat 7 (using MySQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "jws-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-jdbc",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/mysqlDS",
+ "name": "DB_JNDI",
+ "value": "jboss/datasources/defaultDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "The name of the secret containing the certificate files",
+ "name": "JWS_HTTPS_SECRET",
+ "value": "jws-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Certificate Name",
+ "description": "The name of the certificate file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "server.crt",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Key Name",
+ "description": "The name of the certificate key file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "server.key",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Password",
+ "description": "The certificate password",
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Lower Case Table Names",
+ "description": "Sets how the table names are stored and compared.",
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Maximum number of connections",
+ "description": "The maximum permitted number of simultaneous client connections.",
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Minimum Word Length",
+ "description": "The minimum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Maximum Word Length",
+ "description": "The maximum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL AIO",
+ "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
+ "name": "MYSQL_AIO",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Username",
+ "description": "JWS Admin User",
+ "name": "JWS_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Password",
+ "description": "JWS Admin Password",
+ "name": "JWS_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-webserver31-tomcat7-openshift:1.1"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "jws-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ ]
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "jws-certificate-volume",
+ "mountPath": "/etc/jws-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_DIR",
+ "value": "/etc/jws-secret-volume"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "${JWS_HTTPS_CERTIFICATE}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
+ },
+ {
+ "name": "JWS_ADMIN_USERNAME",
+ "value": "${JWS_ADMIN_USERNAME}"
+ },
+ {
+ "name": "JWS_ADMIN_PASSWORD",
+ "value": "${JWS_ADMIN_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "jws-certificate-volume",
+ "secret": {
+ "secretName": "${JWS_HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mysql",
+ "image": "mysql",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
+ },
+ {
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "value": "${MYSQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "value": "${MYSQL_FT_MIN_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "value": "${MYSQL_FT_MAX_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_AIO",
+ "value": "${MYSQL_AIO}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/jws31-tomcat7-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/jws31-tomcat7-postgresql-persistent-s2i.json
new file mode 100644
index 000000000..77f4f8c9f
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/jws31-tomcat7-postgresql-persistent-s2i.json
@@ -0,0 +1,696 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-rh-tomcat",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "tags": "tomcat,tomcat7,java,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Web Server 3.1 Apache Tomcat 7 + PostgreSQL (with https)",
+ "description": "An example JBoss Web Server application with a PostgreSQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat JBoss Web Server 3.1 Apache Tomcat 8 based application, including a build configuration, application deployment configuration, database deployment configuration for PostgreSQL using persistence and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-web-server/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "jws31-tomcat7-postgresql-persistent-s2i"
+ },
+ "labels": {
+ "template": "jws31-tomcat7-postgresql-persistent-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new persistent JWS application for Apache Tomcat 7 (using PostgreSQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the PostgreSQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "jws-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-jdbc",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/postgresqlDS",
+ "name": "DB_JNDI",
+ "value": "jboss/datasources/defaultDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "The name of the secret containing the certificate files",
+ "name": "JWS_HTTPS_SECRET",
+ "value": "jws-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Certificate Name",
+ "description": "The name of the certificate file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "server.crt",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Key Name",
+ "description": "The name of the certificate key file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "server.key",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Password",
+ "description": "The certificate password",
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Maximum number of connections",
+ "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Shared Buffers",
+ "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Username",
+ "description": "JWS Admin User",
+ "name": "JWS_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Password",
+ "description": "JWS Admin Password",
+ "name": "JWS_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-webserver31-tomcat7-openshift:1.1"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "jws-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ ]
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "jws-certificate-volume",
+ "mountPath": "/etc/jws-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_DIR",
+ "value": "/etc/jws-secret-volume"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "${JWS_HTTPS_CERTIFICATE}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
+ },
+ {
+ "name": "JWS_ADMIN_USERNAME",
+ "value": "${JWS_ADMIN_USERNAME}"
+ },
+ {
+ "name": "JWS_ADMIN_PASSWORD",
+ "value": "${JWS_ADMIN_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "jws-certificate-volume",
+ "secret": {
+ "secretName": "${JWS_HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "image": "postgresql",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/pgsql/data",
+ "name": "${APPLICATION_NAME}-postgresql-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_PREPARED_TRANSACTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-postgresql-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/jws31-tomcat7-postgresql-s2i.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/jws31-tomcat7-postgresql-s2i.json
new file mode 100644
index 000000000..6d1d7aef7
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/jws31-tomcat7-postgresql-s2i.json
@@ -0,0 +1,652 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-rh-tomcat",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Application template for JWS PostgreSQL applications built using S2I.",
+ "tags": "tomcat,tomcat7,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Web Server 3.1 Apache Tomcat 7 + PostgreSQL (Ephemeral with https)"
+ },
+ "name": "jws31-tomcat7-postgresql-s2i"
+ },
+ "labels": {
+ "template": "jws31-tomcat7-postgresql-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new JWS application for Apache Tomcat 7 (using PostgreSQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the PostgreSQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "jws-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-jdbc",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/postgresqlDS",
+ "name": "DB_JNDI",
+ "value": "jboss/datasources/defaultDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "The name of the secret containing the certificate files",
+ "name": "JWS_HTTPS_SECRET",
+ "value": "jws-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Certificate Name",
+ "description": "The name of the certificate file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "server.crt",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Key Name",
+ "description": "The name of the certificate key file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "server.key",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Password",
+ "description": "The certificate password",
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Maximum number of connections",
+ "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Shared Buffers",
+ "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Username",
+ "description": "JWS Admin User",
+ "name": "JWS_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Password",
+ "description": "JWS Admin Password",
+ "name": "JWS_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-webserver31-tomcat7-openshift:1.1"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "jws-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ ]
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "jws-certificate-volume",
+ "mountPath": "/etc/jws-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_DIR",
+ "value": "/etc/jws-secret-volume"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "${JWS_HTTPS_CERTIFICATE}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
+ },
+ {
+ "name": "JWS_ADMIN_USERNAME",
+ "value": "${JWS_ADMIN_USERNAME}"
+ },
+ {
+ "name": "JWS_ADMIN_PASSWORD",
+ "value": "${JWS_ADMIN_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "jws-certificate-volume",
+ "secret": {
+ "secretName": "${JWS_HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "image": "postgresql",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_PREPARED_TRANSACTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/jws31-tomcat8-basic-s2i.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/jws31-tomcat8-basic-s2i.json
new file mode 100644
index 000000000..9e7dc3488
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/jws31-tomcat8-basic-s2i.json
@@ -0,0 +1,323 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-rh-tomcat",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "tags": "tomcat,tomcat8,java,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Web Server 3.1 Apache Tomcat 8 (no https)",
+ "description": "An example JBoss Web Server application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat JBoss Web Server 3.1 Apache Tomcat 8 based application, including a build configuration, and an application deployment configuration.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-web-server/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "jws31-tomcat8-basic-s2i"
+ },
+ "labels": {
+ "template": "jws31-tomcat8-basic-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new JWS application for Apache Tomcat 8 has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "jws-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "tomcat-websocket-chat",
+ "required": false
+ },
+ {
+ "displayName": "JWS Admin Username",
+ "description": "JWS Admin User",
+ "name": "JWS_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Password",
+ "description": "JWS Admin Password",
+ "name": "JWS_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-webserver31-tomcat8-openshift:1.1"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "JWS_ADMIN_USERNAME",
+ "value": "${JWS_ADMIN_USERNAME}"
+ },
+ {
+ "name": "JWS_ADMIN_PASSWORD",
+ "value": "${JWS_ADMIN_PASSWORD}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/jws31-tomcat8-https-s2i.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/jws31-tomcat8-https-s2i.json
new file mode 100644
index 000000000..8fd5d9fab
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/jws31-tomcat8-https-s2i.json
@@ -0,0 +1,443 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-rh-tomcat",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "tags": "tomcat,tomcat8,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Web Server 3.1 Apache Tomcat 8 (with https)",
+ "description": "An example JBoss Web Server application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat JBoss Web Server 3.1 Apache Tomcat 8 based application, including a build configuration, application deployment configuration, and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-web-server/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+
+ },
+ "name": "jws31-tomcat8-https-s2i"
+ },
+ "labels": {
+ "template": "jws31-tomcat8-https-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new JWS application for Apache Tomcat 8 has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "jws-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "tomcat-websocket-chat",
+ "required": false
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "The name of the secret containing the certificate files",
+ "name": "JWS_HTTPS_SECRET",
+ "value": "jws-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Certificate Name",
+ "description": "The name of the certificate file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "server.crt",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Key Name",
+ "description": "The name of the certificate key file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "server.key",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Password",
+ "description": "The certificate password",
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JWS Admin Username",
+ "description": "JWS Admin User",
+ "name": "JWS_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Password",
+ "description": "JWS Admin Password",
+ "name": "JWS_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-webserver31-tomcat8-openshift:1.1"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "jws-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ ]
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "jws-certificate-volume",
+ "mountPath": "/etc/jws-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_DIR",
+ "value": "/etc/jws-secret-volume"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "${JWS_HTTPS_CERTIFICATE}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
+ },
+ {
+ "name": "JWS_ADMIN_USERNAME",
+ "value": "${JWS_ADMIN_USERNAME}"
+ },
+ {
+ "name": "JWS_ADMIN_PASSWORD",
+ "value": "${JWS_ADMIN_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "jws-certificate-volume",
+ "secret": {
+ "secretName": "${JWS_HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/jws31-tomcat8-mongodb-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/jws31-tomcat8-mongodb-persistent-s2i.json
new file mode 100644
index 000000000..f4b11ccfa
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/jws31-tomcat8-mongodb-persistent-s2i.json
@@ -0,0 +1,720 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "tags": "tomcat,tomcat8,java,jboss",
+ "version": "1.4.7",
+ "iconClass": "icon-rh-tomcat",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "openshift.io/display-name": "JBoss Web Server 3.1 Apache Tomcat 8 + MongoDB (with https)",
+ "description": "An example JBoss Web Server application with a MongoDB database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat JBoss Web Server 3.1 Apache Tomcat 8 based application, including a build configuration, application deployment configuration, database deployment configuration for MongoDB using persistence and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-web-server/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+
+ },
+ "name": "jws31-tomcat8-mongodb-persistent-s2i"
+ },
+ "message": "A new persistent JWS application for Apache Tomcat 8 (using MongoDB) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MongoDB database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "labels": {
+ "template": "jws31-tomcat8-mongodb-persistent-s2i",
+ "xpaas": "1.4.7"
+ },
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "jws-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-mongodb",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
+ "name": "DB_JNDI",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "The name of the secret containing the certificate files",
+ "name": "JWS_HTTPS_SECRET",
+ "value": "jws-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Certificate Name",
+ "description": "The name of the certificate file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "server.crt",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Key Name",
+ "description": "The name of the certificate key file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "server.key",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Password",
+ "description": "The certificate password",
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB No Preallocation",
+ "description": "Disable data file preallocation.",
+ "name": "MONGODB_NOPREALLOC",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Small Files",
+ "description": "Set MongoDB to use a smaller default data file size.",
+ "name": "MONGODB_SMALLFILES",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Quiet",
+ "description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
+ "name": "MONGODB_QUIET",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database admin password",
+ "description": "Database admin password",
+ "name": "DB_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Username",
+ "description": "JWS Admin User",
+ "name": "JWS_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Password",
+ "description": "JWS Admin Password",
+ "name": "JWS_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Image Stream Tag",
+ "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
+ "name": "MONGODB_IMAGE_STREAM_TAG",
+ "value": "3.2",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 27017,
+ "targetPort": 27017
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-webserver31-tomcat8-openshift:1.1"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "jws-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ ]
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "jws-certificate-volume",
+ "mountPath": "/etc/jws-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mongodb=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_ADMIN_PASSWORD",
+ "value": "${DB_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_DIR",
+ "value": "/etc/jws-secret-volume"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "${JWS_HTTPS_CERTIFICATE}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
+ },
+ {
+ "name": "JWS_ADMIN_USERNAME",
+ "value": "${JWS_ADMIN_USERNAME}"
+ },
+ {
+ "name": "JWS_ADMIN_PASSWORD",
+ "value": "${JWS_ADMIN_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "jws-certificate-volume",
+ "secret": {
+ "secretName": "${JWS_HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mongodb"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "image": "mongodb",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 27017,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/mongodb/data",
+ "name": "${APPLICATION_NAME}-mongodb-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "MONGODB_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MONGODB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MONGODB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MONGODB_ADMIN_PASSWORD",
+ "value": "${DB_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "MONGODB_NOPREALLOC",
+ "value": "${MONGODB_NOPREALLOC}"
+ },
+ {
+ "name": "MONGODB_SMALLFILES",
+ "value": "${MONGODB_SMALLFILES}"
+ },
+ {
+ "name": "MONGODB_QUIET",
+ "value": "${MONGODB_QUIET}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-mongodb-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-mongodb-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/jws31-tomcat8-mongodb-s2i.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/jws31-tomcat8-mongodb-s2i.json
new file mode 100644
index 000000000..e2f69f157
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/jws31-tomcat8-mongodb-s2i.json
@@ -0,0 +1,675 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-rh-tomcat",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Application template for JWS MongoDB applications built using S2I.",
+ "tags": "tomcat,tomcat8,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Web Server 3.1 Apache Tomcat 8 + MongoDB (Ephemeral with https)"
+ },
+ "name": "jws31-tomcat8-mongodb-s2i"
+ },
+ "labels": {
+ "template": "jws31-tomcat8-mongodb-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new JWS application for Apache Tomcat 8 (using MongoDB) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MongoDB database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "jws-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-mongodb",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
+ "name": "DB_JNDI",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "The name of the secret containing the certificate files",
+ "name": "JWS_HTTPS_SECRET",
+ "value": "jws-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Certificate Name",
+ "description": "The name of the certificate file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "server.crt",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Key Name",
+ "description": "The name of the certificate key file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "server.key",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Password",
+ "description": "The certificate password",
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB No Preallocation",
+ "description": "Disable data file preallocation.",
+ "name": "MONGODB_NOPREALLOC",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Small Files",
+ "description": "Set MongoDB to use a smaller default data file size.",
+ "name": "MONGODB_SMALLFILES",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Quiet",
+ "description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
+ "name": "MONGODB_QUIET",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database admin password",
+ "description": "Database admin password",
+ "name": "DB_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Username",
+ "description": "JWS Admin User",
+ "name": "JWS_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Password",
+ "description": "JWS Admin Password",
+ "name": "JWS_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Image Stream Tag",
+ "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
+ "name": "MONGODB_IMAGE_STREAM_TAG",
+ "value": "3.2",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 27017,
+ "targetPort": 27017
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-webserver31-tomcat8-openshift:1.1"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "jws-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ ]
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "jws-certificate-volume",
+ "mountPath": "/etc/jws-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mongodb=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_ADMIN_PASSWORD",
+ "value": "${DB_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_DIR",
+ "value": "/etc/jws-secret-volume"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "${JWS_HTTPS_CERTIFICATE}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
+ },
+ {
+ "name": "JWS_ADMIN_USERNAME",
+ "value": "${JWS_ADMIN_USERNAME}"
+ },
+ {
+ "name": "JWS_ADMIN_PASSWORD",
+ "value": "${JWS_ADMIN_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "jws-certificate-volume",
+ "secret": {
+ "secretName": "${JWS_HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mongodb"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "image": "mongodb",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 27017,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "MONGODB_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MONGODB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MONGODB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MONGODB_ADMIN_PASSWORD",
+ "value": "${DB_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "MONGODB_NOPREALLOC",
+ "value": "${MONGODB_NOPREALLOC}"
+ },
+ {
+ "name": "MONGODB_SMALLFILES",
+ "value": "${MONGODB_SMALLFILES}"
+ },
+ {
+ "name": "MONGODB_QUIET",
+ "value": "${MONGODB_QUIET}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/jws31-tomcat8-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/jws31-tomcat8-mysql-persistent-s2i.json
new file mode 100644
index 000000000..579071cb1
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/jws31-tomcat8-mysql-persistent-s2i.json
@@ -0,0 +1,722 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-rh-tomcat",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "tags": "tomcat,tomcat8,java,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Web Server 3.1 Apache Tomcat 8 + MySQL (with https)",
+ "description": "An example JBoss Web Server application with a MySQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat JBoss Web Server 3.1 Apache Tomcat 8 based application, including a build configuration, application deployment configuration, database deployment configuration for MySQL using persistence and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-web-server/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "jws31-tomcat8-mysql-persistent-s2i"
+ },
+ "labels": {
+ "template": "jws31-tomcat8-mysql-persistent-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new persistent JWS application for Apache Tomcat 8 (using MySQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "jws-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-jdbc",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/mysqlDS",
+ "name": "DB_JNDI",
+ "value": "jboss/datasources/defaultDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "The name of the secret containing the certificate files",
+ "name": "JWS_HTTPS_SECRET",
+ "value": "jws-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Certificate Name",
+ "description": "The name of the certificate file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "server.crt",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Key Name",
+ "description": "The name of the certificate key file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "server.key",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Password",
+ "description": "The certificate password",
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Lower Case Table Names",
+ "description": "Sets how the table names are stored and compared.",
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Maximum number of connections",
+ "description": "The maximum permitted number of simultaneous client connections.",
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Minimum Word Length",
+ "description": "The minimum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Maximum Word Length",
+ "description": "The maximum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL AIO",
+ "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
+ "name": "MYSQL_AIO",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Username",
+ "description": "JWS Admin User",
+ "name": "JWS_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Password",
+ "description": "JWS Admin Password",
+ "name": "JWS_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-webserver31-tomcat8-openshift:1.1"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "jws-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ ]
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "jws-certificate-volume",
+ "mountPath": "/etc/jws-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_DIR",
+ "value": "/etc/jws-secret-volume"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "${JWS_HTTPS_CERTIFICATE}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
+ },
+ {
+ "name": "JWS_ADMIN_USERNAME",
+ "value": "${JWS_ADMIN_USERNAME}"
+ },
+ {
+ "name": "JWS_ADMIN_PASSWORD",
+ "value": "${JWS_ADMIN_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "jws-certificate-volume",
+ "secret": {
+ "secretName": "${JWS_HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mysql",
+ "image": "mysql",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/mysql/data",
+ "name": "${APPLICATION_NAME}-mysql-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
+ },
+ {
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "value": "${MYSQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "value": "${MYSQL_FT_MIN_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "value": "${MYSQL_FT_MAX_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_AIO",
+ "value": "${MYSQL_AIO}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-mysql-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-mysql-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/jws31-tomcat8-mysql-s2i.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/jws31-tomcat8-mysql-s2i.json
new file mode 100644
index 000000000..e84d61608
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/jws31-tomcat8-mysql-s2i.json
@@ -0,0 +1,678 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-rh-tomcat",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Application template for JWS MySQL applications built using S2I.",
+ "tags": "tomcat,tomcat8,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Web Server 3.1 Apache Tomcat 8 + MySQL (Ephemeral with https)"
+ },
+ "name": "jws31-tomcat8-mysql-s2i"
+ },
+ "labels": {
+ "template": "jws31-tomcat8-mysql-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new JWS application for Apache Tomcat 8 (using MySQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "jws-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-jdbc",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/mysqlDS",
+ "name": "DB_JNDI",
+ "value": "jboss/datasources/defaultDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "The name of the secret containing the certificate files",
+ "name": "JWS_HTTPS_SECRET",
+ "value": "jws-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Certificate Name",
+ "description": "The name of the certificate file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "server.crt",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Key Name",
+ "description": "The name of the certificate key file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "server.key",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Password",
+ "description": "The certificate password",
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Lower Case Table Names",
+ "description": "Sets how the table names are stored and compared.",
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Maximum number of connections",
+ "description": "The maximum permitted number of simultaneous client connections.",
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Minimum Word Length",
+ "description": "The minimum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Maximum Word Length",
+ "description": "The maximum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL AIO",
+ "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
+ "name": "MYSQL_AIO",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Username",
+ "description": "JWS Admin User",
+ "name": "JWS_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Password",
+ "description": "JWS Admin Password",
+ "name": "JWS_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-webserver31-tomcat8-openshift:1.1"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "jws-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ ]
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "jws-certificate-volume",
+ "mountPath": "/etc/jws-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_DIR",
+ "value": "/etc/jws-secret-volume"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "${JWS_HTTPS_CERTIFICATE}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
+ },
+ {
+ "name": "JWS_ADMIN_USERNAME",
+ "value": "${JWS_ADMIN_USERNAME}"
+ },
+ {
+ "name": "JWS_ADMIN_PASSWORD",
+ "value": "${JWS_ADMIN_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "jws-certificate-volume",
+ "secret": {
+ "secretName": "${JWS_HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mysql",
+ "image": "mysql",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
+ },
+ {
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "value": "${MYSQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "value": "${MYSQL_FT_MIN_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "value": "${MYSQL_FT_MAX_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_AIO",
+ "value": "${MYSQL_AIO}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/jws31-tomcat8-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/jws31-tomcat8-postgresql-persistent-s2i.json
new file mode 100644
index 000000000..83a6ca19b
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/jws31-tomcat8-postgresql-persistent-s2i.json
@@ -0,0 +1,693 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-rh-tomcat",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Application template for JWS PostgreSQL applications with persistent storage built using S2I.",
+ "tags": "tomcat,tomcat8,java,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Web Server 3.1 Apache Tomcat 8 + PostgreSQL (with https)"
+ },
+ "name": "jws31-tomcat8-postgresql-persistent-s2i"
+ },
+ "labels": {
+ "template": "jws31-tomcat8-postgresql-persistent-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new persistent JWS application for Apache Tomcat 8 (using PostgreSQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the PostgreSQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "jws-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-jdbc",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/postgresqlDS",
+ "name": "DB_JNDI",
+ "value": "jboss/datasources/defaultDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "The name of the secret containing the certificate files",
+ "name": "JWS_HTTPS_SECRET",
+ "value": "jws-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Certificate Name",
+ "description": "The name of the certificate file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "server.crt",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Key Name",
+ "description": "The name of the certificate key file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "server.key",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Password",
+ "description": "The certificate password",
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Maximum number of connections",
+ "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Shared Buffers",
+ "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Username",
+ "description": "JWS Admin User",
+ "name": "JWS_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Password",
+ "description": "JWS Admin Password",
+ "name": "JWS_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-webserver31-tomcat8-openshift:1.1"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "jws-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ ]
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "jws-certificate-volume",
+ "mountPath": "/etc/jws-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_DIR",
+ "value": "/etc/jws-secret-volume"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "${JWS_HTTPS_CERTIFICATE}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
+ },
+ {
+ "name": "JWS_ADMIN_USERNAME",
+ "value": "${JWS_ADMIN_USERNAME}"
+ },
+ {
+ "name": "JWS_ADMIN_PASSWORD",
+ "value": "${JWS_ADMIN_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "jws-certificate-volume",
+ "secret": {
+ "secretName": "${JWS_HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "image": "postgresql",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/pgsql/data",
+ "name": "${APPLICATION_NAME}-postgresql-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_PREPARED_TRANSACTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-postgresql-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/jws31-tomcat8-postgresql-s2i.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/jws31-tomcat8-postgresql-s2i.json
new file mode 100644
index 000000000..e28cf8a04
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/jws31-tomcat8-postgresql-s2i.json
@@ -0,0 +1,650 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-rh-tomcat",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "Application template for JWS PostgreSQL applications built using S2I.",
+ "tags": "tomcat,tomcat8,java,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss Web Server 3.0 Apache Tomcat 8 + PostgreSQL (Ephemeral with https)"
+ },
+ "name": "jws31-tomcat8-postgresql-s2i"
+ },
+ "labels": {
+ "template": "jws31-tomcat8-postgresql-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new JWS application for Apache Tomcat 8 (using PostgreSQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the PostgreSQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "jws-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-jdbc",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/postgresqlDS",
+ "name": "DB_JNDI",
+ "value": "jboss/datasources/defaultDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "The name of the secret containing the certificate files",
+ "name": "JWS_HTTPS_SECRET",
+ "value": "jws-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Certificate Name",
+ "description": "The name of the certificate file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "server.crt",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Key Name",
+ "description": "The name of the certificate key file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "server.key",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Password",
+ "description": "The certificate password",
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Maximum number of connections",
+ "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Shared Buffers",
+ "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Username",
+ "description": "JWS Admin User",
+ "name": "JWS_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Password",
+ "description": "JWS Admin Password",
+ "name": "JWS_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-webserver31-tomcat8-openshift:1.1"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "jws-service-account",
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ ]
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "jws-certificate-volume",
+ "mountPath": "/etc/jws-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_DIR",
+ "value": "/etc/jws-secret-volume"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "${JWS_HTTPS_CERTIFICATE}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
+ },
+ {
+ "name": "JWS_ADMIN_USERNAME",
+ "value": "${JWS_ADMIN_USERNAME}"
+ },
+ {
+ "name": "JWS_ADMIN_PASSWORD",
+ "value": "${JWS_ADMIN_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "jws-certificate-volume",
+ "secret": {
+ "secretName": "${JWS_HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "image": "postgresql",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_PREPARED_TRANSACTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/karaf2-camel-amq-template.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/karaf2-camel-amq-template.json
new file mode 100644
index 000000000..aad649f84
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/karaf2-camel-amq-template.json
@@ -0,0 +1,362 @@
+{
+ "apiVersion": "v1",
+ "kind": "Template",
+ "metadata": {
+ "annotations": {
+ "description": "Camel route using ActiveMQ in Karaf container. This quickstart shows how to use Camel in a Karaf Container using Blueprint to connect to the A-MQ xPaaS message broker on OpenShift that should already be installed, one simple way to run a A-MQ service is following the documentation of the A-MQ xPaaS image for OpenShift related to the amq62-basic template.",
+ "tags": "quickstart,java,karaf,fis",
+ "iconClass": "icon-jboss",
+ "version": "2.0"
+ },
+ "name": "s2i-karaf2-camel-amq"
+ },
+ "labels": {
+ "template": "s2i-karaf2-camel-amq"
+ },
+ "parameters": [
+ {
+ "name": "APP_NAME",
+ "displayName": "Application Name",
+ "required": true,
+ "value": "s2i-karaf2-camel-amq",
+ "description": "The name assigned to the application."
+ },
+ {
+ "name": "GIT_REPO",
+ "displayName": "Git Repository URL",
+ "value": "https://github.com/fabric8-quickstarts/karaf2-camel-amq.git",
+ "required": true,
+ "description": "The URL of the repository with your application source code."
+ },
+ {
+ "name": "GIT_REF",
+ "displayName": "Git Reference",
+ "value": "karaf2-camel-amq-1.0.0.redhat-000019",
+ "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch."
+ },
+ {
+ "name": "SERVICE_NAME",
+ "displayName": "Service Name",
+ "value": "s2i-karaf2-camel-amq",
+ "description": "Exposed Service name."
+ },
+ {
+ "name": "BUILDER_VERSION",
+ "displayName": "Builder version",
+ "value": "2.0",
+ "description": "The version of the FIS S2I builder image to use."
+ },
+ {
+ "name": "APP_VERSION",
+ "displayName": "Application Version",
+ "value": "1.0.0.redhat-000019",
+ "description": "The application version."
+ },
+ {
+ "name": "MAVEN_ARGS",
+ "displayName": "Maven Arguments",
+ "value": "install -DskipTests -Dfabric8.skip -e -B",
+ "description": "Arguments passed to mvn in the build."
+ },
+ {
+ "name": "MAVEN_ARGS_APPEND",
+ "displayName": "Extra Maven Arguments",
+ "description": "Extra arguments passed to mvn, e.g. for multi-module builds."
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "displayName": "Maven build directory",
+ "description": "Directory of the artifact to be built, e.g. for multi-module builds."
+ },
+ {
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "displayName": "Image Stream Namespace",
+ "value": "openshift",
+ "required": true,
+ "description": "Namespace in which the Fuse ImageStreams are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project."
+ },
+ {
+ "name": "BUILD_SECRET",
+ "displayName": "Git Build Secret",
+ "generate": "expression",
+ "description": "The secret needed to trigger a build.",
+ "from": "[a-zA-Z0-9]{40}"
+ },
+ {
+ "name": "ACTIVEMQ_SERVICE_NAME",
+ "displayName": "ActiveMQ Broker Service",
+ "required": true,
+ "value": "broker-amq-tcp",
+ "description": "Set this to the name of the TCP service of the ActiveMQ broker. You may need to create a broker first."
+ },
+ {
+ "name": "ACTIVEMQ_USERNAME",
+ "displayName": "ActiveMQ Broker Username",
+ "description": "The username used to authenticate with the ActiveMQ broker. Leave it empty if authentication is disabled."
+ },
+ {
+ "name": "ACTIVEMQ_PASSWORD",
+ "displayName": "ActiveMQ Broker Password",
+ "description": "The password used to authenticate with the ActiveMQ broker. Leave it empty if authentication is disabled."
+ },
+ {
+ "name": "CPU_REQUEST",
+ "displayName": "CPU request",
+ "value": "0.2",
+ "required": true,
+ "description": "The amount of CPU to requests."
+ },
+ {
+ "name": "MEMORY_REQUEST",
+ "displayName": "Memory request",
+ "value": "1.5G",
+ "required": true,
+ "description": "The amount of memory required for the container to run."
+ },
+ {
+ "name": "CPU_LIMIT",
+ "displayName": "CPU limit",
+ "value": "1.0",
+ "required": true,
+ "description": "The amount of CPU the container is limited to use."
+ },
+ {
+ "name": "MEMORY_LIMIT",
+ "displayName": "Memory limit",
+ "value": "2G",
+ "required": true,
+ "description": "The amount of memory the container is limited to use."
+ }
+ ],
+ "objects": [
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "container": "karaf",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {},
+ "status": {
+ "dockerImageRepository": ""
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "container": "karaf",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${BUILD_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${BUILD_SECRET}"
+ }
+ },
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ }
+ ],
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${GIT_REPO}",
+ "ref": "${GIT_REF}"
+ }
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "fis-karaf-openshift:${BUILDER_VERSION}"
+ },
+ "forcePull": true,
+ "incremental": true,
+ "env": [
+ {
+ "name": "BUILD_LOGLEVEL",
+ "value": "5"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ },
+ {
+ "name": "MAVEN_ARGS",
+ "value": "${MAVEN_ARGS}"
+ },
+ {
+ "name": "MAVEN_ARGS_APPEND",
+ "value": "${MAVEN_ARGS_APPEND}"
+ }
+ ]
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APP_NAME}:latest"
+ }
+ },
+ "resources": {}
+ },
+ "status": {
+ "lastVersion": 0
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "container": "karaf",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "resources": {}
+ },
+ "triggers": [
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APP_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APP_NAME}:latest"
+ }
+ }
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "component": "${APP_NAME}",
+ "container": "karaf",
+ "deploymentconfig": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ },
+ "template": {
+ "metadata": {
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "container": "karaf",
+ "deploymentconfig": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "${APP_NAME}",
+ "image": "library/${APP_NAME}:latest",
+ "readinessProbe" : {
+ "httpGet" : {
+ "path" : "/readiness-check",
+ "port" : 8181
+ },
+ "initialDelaySeconds" : 10
+ },
+ "livenessProbe" : {
+ "httpGet" : {
+ "path" : "/health-check",
+ "port" : 8181
+ },
+ "initialDelaySeconds" : 180
+ },
+ "ports": [
+ {
+ "containerPort": 8181,
+ "name": "http"
+ },
+ {
+ "containerPort": 8778,
+ "name": "jolokia"
+ }
+ ],
+ "env" : [ {
+ "name" : "KUBERNETES_NAMESPACE",
+ "valueFrom" : {
+ "fieldRef" : {
+ "fieldPath" : "metadata.namespace"
+ }
+ }
+ }, {
+ "name": "ACTIVEMQ_SERVICE_NAME",
+ "value": "${ACTIVEMQ_SERVICE_NAME}"
+ }, {
+ "name": "ACTIVEMQ_USERNAME",
+ "value": "${ACTIVEMQ_USERNAME}"
+ }, {
+ "name": "ACTIVEMQ_PASSWORD",
+ "value": "${ACTIVEMQ_PASSWORD}"
+ } ],
+ "resources": {
+ "requests": {
+ "cpu": "${CPU_REQUEST}",
+ "memory": "${MEMORY_REQUEST}"
+ },
+ "limits": {
+ "cpu": "${CPU_LIMIT}",
+ "memory": "${MEMORY_LIMIT}"
+ }
+ }
+ }
+ ]
+ }
+ }
+ },
+ "status": {}
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/karaf2-camel-log-template.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/karaf2-camel-log-template.json
new file mode 100644
index 000000000..38b7bc249
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/karaf2-camel-log-template.json
@@ -0,0 +1,336 @@
+{
+ "apiVersion": "v1",
+ "kind": "Template",
+ "metadata": {
+ "annotations": {
+ "description": "A simple Camel route in Karaf container. This quickstart shows a simple Apache Camel application that logs a message to the server log every 5th second.",
+ "tags": "quickstart,java,karaf,fis",
+ "iconClass": "icon-jboss",
+ "version": "2.0"
+ },
+ "name": "s2i-karaf2-camel-log"
+ },
+ "labels": {
+ "template": "s2i-karaf2-camel-log"
+ },
+ "parameters": [
+ {
+ "name": "APP_NAME",
+ "displayName": "Application Name",
+ "required": true,
+ "value": "s2i-karaf2-camel-log",
+ "description": "The name assigned to the application."
+ },
+ {
+ "name": "GIT_REPO",
+ "displayName": "Git Repository URL",
+ "value": "https://github.com/fabric8-quickstarts/karaf2-camel-log.git",
+ "required": true,
+ "description": "The URL of the repository with your application source code."
+ },
+ {
+ "name": "GIT_REF",
+ "displayName": "Git Reference",
+ "value": "karaf2-camel-log-1.0.0.redhat-000019",
+ "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch."
+ },
+ {
+ "name": "SERVICE_NAME",
+ "displayName": "Service Name",
+ "value": "s2i-karaf2-camel-log",
+ "description": "Exposed Service name."
+ },
+ {
+ "name": "BUILDER_VERSION",
+ "displayName": "Builder version",
+ "value": "2.0",
+ "description": "The version of the FIS S2I builder image to use."
+ },
+ {
+ "name": "APP_VERSION",
+ "displayName": "Application Version",
+ "value": "1.0.0.redhat-000019",
+ "description": "The application version."
+ },
+ {
+ "name": "MAVEN_ARGS",
+ "displayName": "Maven Arguments",
+ "value": "install -DskipTests -Dfabric8.skip -e -B",
+ "description": "Arguments passed to mvn in the build."
+ },
+ {
+ "name": "MAVEN_ARGS_APPEND",
+ "displayName": "Extra Maven Arguments",
+ "description": "Extra arguments passed to mvn, e.g. for multi-module builds."
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "displayName": "Maven build directory",
+ "description": "Directory of the artifact to be built, e.g. for multi-module builds."
+ },
+ {
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "displayName": "Image Stream Namespace",
+ "value": "openshift",
+ "required": true,
+ "description": "Namespace in which the Fuse ImageStreams are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project."
+ },
+ {
+ "name": "BUILD_SECRET",
+ "displayName": "Git Build Secret",
+ "generate": "expression",
+ "description": "The secret needed to trigger a build.",
+ "from": "[a-zA-Z0-9]{40}"
+ },
+ {
+ "name": "CPU_REQUEST",
+ "displayName": "CPU request",
+ "value": "0.2",
+ "required": true,
+ "description": "The amount of CPU to requests."
+ },
+ {
+ "name": "MEMORY_REQUEST",
+ "displayName": "Memory request",
+ "value": "1.5G",
+ "required": true,
+ "description": "The amount of memory required for the container to run."
+ },
+ {
+ "name": "CPU_LIMIT",
+ "displayName": "CPU limit",
+ "value": "1.0",
+ "required": true,
+ "description": "The amount of CPU the container is limited to use."
+ },
+ {
+ "name": "MEMORY_LIMIT",
+ "displayName": "Memory limit",
+ "value": "2G",
+ "required": true,
+ "description": "The amount of memory the container is limited to use."
+ }
+ ],
+ "objects": [
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "container": "karaf",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {},
+ "status": {
+ "dockerImageRepository": ""
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "container": "karaf",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${BUILD_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${BUILD_SECRET}"
+ }
+ },
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ }
+ ],
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${GIT_REPO}",
+ "ref": "${GIT_REF}"
+ }
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "fis-karaf-openshift:${BUILDER_VERSION}"
+ },
+ "forcePull": true,
+ "incremental": true,
+ "env": [
+ {
+ "name": "BUILD_LOGLEVEL",
+ "value": "5"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ },
+ {
+ "name": "MAVEN_ARGS",
+ "value": "${MAVEN_ARGS}"
+ },
+ {
+ "name": "MAVEN_ARGS_APPEND",
+ "value": "${MAVEN_ARGS_APPEND}"
+ }
+ ]
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APP_NAME}:latest"
+ }
+ },
+ "resources": {}
+ },
+ "status": {
+ "lastVersion": 0
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "container": "karaf",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "resources": {}
+ },
+ "triggers": [
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APP_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APP_NAME}:latest"
+ }
+ }
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "component": "${APP_NAME}",
+ "container": "karaf",
+ "deploymentconfig": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ },
+ "template": {
+ "metadata": {
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "container": "karaf",
+ "deploymentconfig": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "${APP_NAME}",
+ "image": "library/${APP_NAME}:latest",
+ "readinessProbe" : {
+ "httpGet" : {
+ "path" : "/readiness-check",
+ "port" : 8181
+ },
+ "initialDelaySeconds" : 10
+ },
+ "livenessProbe" : {
+ "httpGet" : {
+ "path" : "/health-check",
+ "port" : 8181
+ },
+ "initialDelaySeconds" : 180
+ },
+ "ports": [
+ {
+ "containerPort": 8181,
+ "name": "http"
+ },
+ {
+ "containerPort": 8778,
+ "name": "jolokia"
+ }
+ ],
+ "env" : [ {
+ "name" : "KUBERNETES_NAMESPACE",
+ "valueFrom" : {
+ "fieldRef" : {
+ "fieldPath" : "metadata.namespace"
+ }
+ }
+ } ],
+ "resources": {
+ "requests": {
+ "cpu": "${CPU_REQUEST}",
+ "memory": "${MEMORY_REQUEST}"
+ },
+ "limits": {
+ "cpu": "${CPU_LIMIT}",
+ "memory": "${MEMORY_LIMIT}"
+ }
+ }
+ }
+ ]
+ }
+ }
+ },
+ "status": {}
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/karaf2-camel-rest-sql-template.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/karaf2-camel-rest-sql-template.json
new file mode 100644
index 000000000..6d9573e5b
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/karaf2-camel-rest-sql-template.json
@@ -0,0 +1,421 @@
+{
+ "apiVersion": "v1",
+ "kind": "Template",
+ "metadata": {
+ "annotations": {
+ "description": "Camel example using Rest DSL with SQL Database in Karaf container. This example demonstrates how to use SQL via JDBC along with Camel's REST DSL to expose a RESTful API. The OpenShift MySQL container image should already be installed and running on your OpenShift installation, one simple way to run a MySQL service is following the documentation of the Openshift MySQL container image related to the mysql-ephemeral template..",
+ "tags": "quickstart,java,karaf,fis",
+ "iconClass": "icon-jboss",
+ "version": "2.0"
+ },
+ "name": "s2i-karaf2-camel-rest-sql"
+ },
+ "labels": {
+ "template": "s2i-karaf2-camel-rest-sql"
+ },
+ "parameters": [
+ {
+ "name": "APP_NAME",
+ "displayName": "Application Name",
+ "required": true,
+ "value": "s2i-karaf2-camel-rest-sql",
+ "description": "The name assigned to the application."
+ },
+ {
+ "name": "GIT_REPO",
+ "displayName": "Git Repository URL",
+ "value": "https://github.com/fabric8-quickstarts/karaf2-camel-rest-sql.git",
+ "required": true,
+ "description": "The URL of the repository with your application source code."
+ },
+ {
+ "name": "GIT_REF",
+ "displayName": "Git Reference",
+ "value": "karaf2-camel-rest-sql-1.0.0.redhat-000019",
+ "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch."
+ },
+ {
+ "name": "SERVICE_NAME",
+ "displayName": "Service Name",
+ "value": "s2i-karaf2-camel-rest",
+ "description": "Exposed Service name."
+ },
+ {
+ "name": "MYSQL_SERVICE_NAME",
+ "displayName": "MySQL Server Service",
+ "required": true,
+ "value": "mysql",
+ "description": "Set this to the name of the TCP service of the MySQL server. You may need to create a server first."
+ },
+ {
+ "name": "MYSQL_SERVICE_DATABASE",
+ "displayName": "MySQL Server Database",
+ "required": true,
+ "value": "sampledb",
+ "description": "The database hosted by the MySQL server to be used by the application."
+ },
+ {
+ "name": "MYSQL_SERVICE_USERNAME",
+ "displayName": "MySQL Server Username",
+ "description": "The username used to authenticate with the MySQL server. Leave it empty if authentication is disabled."
+ },
+ {
+ "name": "MYSQL_SERVICE_PASSWORD",
+ "displayName": "MySQL Server Password",
+ "description": "The password used to authenticate with the MySQL server. Leave it empty if authentication is disabled."
+ },
+ {
+ "name": "BUILDER_VERSION",
+ "displayName": "Builder version",
+ "value": "2.0",
+ "description": "The version of the FIS S2I builder image to use."
+ },
+ {
+ "name": "APP_VERSION",
+ "displayName": "Application Version",
+ "value": "1.0.0.redhat-000019",
+ "description": "The application version."
+ },
+ {
+ "name": "MAVEN_ARGS",
+ "displayName": "Maven Arguments",
+ "value": "install -DskipTests -Dfabric8.skip -e -B",
+ "description": "Arguments passed to mvn in the build."
+ },
+ {
+ "name": "MAVEN_ARGS_APPEND",
+ "displayName": "Extra Maven Arguments",
+ "description": "Extra arguments passed to mvn, e.g. for multi-module builds."
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "displayName": "Maven build directory",
+ "description": "Directory of the artifact to be built, e.g. for multi-module builds."
+ },
+ {
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "displayName": "Image Stream Namespace",
+ "value": "openshift",
+ "required": true,
+ "description": "Namespace in which the Fuse ImageStreams are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project."
+ },
+ {
+ "name": "CPU_REQUEST",
+ "displayName": "CPU request",
+ "value": "0.2",
+ "required": true,
+ "description": "The amount of CPU to requests."
+ },
+ {
+ "name": "MEMORY_REQUEST",
+ "displayName": "Memory request",
+ "value": "1.5G",
+ "required": true,
+ "description": "The amount of memory required for the container to run."
+ },
+ {
+ "name": "CPU_LIMIT",
+ "displayName": "CPU limit",
+ "value": "1.0",
+ "required": true,
+ "description": "The amount of CPU the container is limited to use."
+ },
+ {
+ "name": "MEMORY_LIMIT",
+ "displayName": "Memory limit",
+ "value": "2G",
+ "required": true,
+ "description": "The amount of memory the container is limited to use."
+ }
+ ],
+ "objects": [
+ {
+ "apiVersion": "v1",
+ "kind": "Route",
+ "metadata": {
+ "labels": {
+ "container": "karaf",
+ "component": "${APP_NAME}",
+ "provider": "s2i",
+ "project": "${APP_NAME}",
+ "version": "${APP_VERSION}",
+ "group": "quickstarts"
+ },
+ "name": "${SERVICE_NAME}-route"
+ },
+ "spec": {
+ "to": {
+ "kind": "Service",
+ "name": "${SERVICE_NAME}"
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "Service",
+ "metadata": {
+ "annotations": {
+ },
+ "labels": {
+ "container": "karaf",
+ "component": "${APP_NAME}",
+ "provider": "s2i",
+ "project": "${APP_NAME}",
+ "version": "${APP_VERSION}",
+ "group": "quickstarts"
+ },
+ "name": "${SERVICE_NAME}"
+ },
+ "spec": {
+ "clusterIP": "None",
+ "deprecatedPublicIPs": [],
+ "ports": [
+ {
+ "port": 9411,
+ "protocol": "TCP",
+ "targetPort": 8181
+ }
+ ],
+ "selector": {
+ "container": "karaf",
+ "project": "${APP_NAME}",
+ "component": "${APP_NAME}",
+ "provider": "s2i",
+ "group": "quickstarts"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "container": "karaf",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {},
+ "status": {
+ "dockerImageRepository": ""
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "container": "karaf",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${BUILD_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${BUILD_SECRET}"
+ }
+ },
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ }
+ ],
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${GIT_REPO}",
+ "ref": "${GIT_REF}"
+ }
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "fis-karaf-openshift:${BUILDER_VERSION}"
+ },
+ "forcePull": true,
+ "incremental": true,
+ "env": [
+ {
+ "name": "BUILD_LOGLEVEL",
+ "value": "5"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ },
+ {
+ "name": "MAVEN_ARGS",
+ "value": "${MAVEN_ARGS}"
+ },
+ {
+ "name": "MAVEN_ARGS_APPEND",
+ "value": "${MAVEN_ARGS_APPEND}"
+ }
+ ]
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APP_NAME}:latest"
+ }
+ },
+ "resources": {}
+ },
+ "status": {
+ "lastVersion": 0
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "container": "karaf",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "resources": {}
+ },
+ "triggers": [
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APP_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APP_NAME}:latest"
+ }
+ }
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "component": "${APP_NAME}",
+ "container": "karaf",
+ "deploymentconfig": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ },
+ "template": {
+ "metadata": {
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "container": "karaf",
+ "deploymentconfig": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "${APP_NAME}",
+ "image": "library/${APP_NAME}:latest",
+ "readinessProbe" : {
+ "httpGet" : {
+ "path" : "/readiness-check",
+ "port" : 8181
+ },
+ "initialDelaySeconds" : 10
+ },
+ "livenessProbe" : {
+ "httpGet" : {
+ "path" : "/health-check",
+ "port" : 8181
+ },
+ "initialDelaySeconds" : 180
+ },
+ "ports": [
+ {
+ "containerPort": 8181,
+ "name": "http"
+ },
+ {
+ "containerPort": 8778,
+ "name": "jolokia"
+ }
+ ],
+ "env" : [ {
+ "name" : "KUBERNETES_NAMESPACE",
+ "valueFrom" : {
+ "fieldRef" : {
+ "fieldPath" : "metadata.namespace"
+ }
+ }
+ } , {
+ "name": "MYSQL_SERVICE_NAME",
+ "value": "${MYSQL_SERVICE_NAME}"
+ }, {
+ "name": "MYSQL_SERVICE_DATABASE",
+ "value": "${MYSQL_SERVICE_DATABASE}"
+ }, {
+ "name": "MYSQL_SERVICE_USERNAME",
+ "value": "${MYSQL_SERVICE_USERNAME}"
+ }, {
+ "name": "MYSQL_SERVICE_PASSWORD",
+ "value": "${MYSQL_SERVICE_PASSWORD}"
+ } ],
+ "resources": {
+ "requests": {
+ "cpu": "${CPU_REQUEST}",
+ "memory": "${MEMORY_REQUEST}"
+ },
+ "limits": {
+ "cpu": "${CPU_LIMIT}",
+ "memory": "${MEMORY_LIMIT}"
+ }
+ }
+ }
+ ]
+ }
+ }
+ },
+ "status": {}
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/karaf2-cxf-rest-template.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/karaf2-cxf-rest-template.json
new file mode 100644
index 000000000..fdc0c00e5
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/karaf2-cxf-rest-template.json
@@ -0,0 +1,385 @@
+{
+ "apiVersion": "v1",
+ "kind": "Template",
+ "metadata": {
+ "annotations": {
+ "description": "REST example using CXF in Karaf container. This quickstart demonstrates how to create a RESTful (JAX-RS) web service using CXF and expose it through the OSGi HTTP Service",
+ "tags": "quickstart,java,karaf,fis",
+ "iconClass": "icon-jboss",
+ "version": "2.0"
+ },
+ "name": "s2i-karaf2-cxf-rest"
+ },
+ "labels": {
+ "template": "s2i-karaf2-cxf-rest"
+ },
+ "parameters": [
+ {
+ "name": "APP_NAME",
+ "displayName": "Application Name",
+ "required": true,
+ "value": "s2i-karaf2-cxf-rest",
+ "description": "The name assigned to the application."
+ },
+ {
+ "name": "GIT_REPO",
+ "displayName": "Git Repository URL",
+ "value": "https://github.com/fabric8-quickstarts/karaf2-cxf-rest.git",
+ "required": true,
+ "description": "The URL of the repository with your application source code."
+ },
+ {
+ "name": "GIT_REF",
+ "displayName": "Git Reference",
+ "value": "karaf2-cxf-rest-1.0.0.redhat-000019",
+ "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch."
+ },
+ {
+ "name": "SERVICE_NAME",
+ "displayName": "Service Name",
+ "value": "s2i-karaf2-cxf-rest",
+ "description": "Exposed Service name."
+ },
+ {
+ "name": "BUILDER_VERSION",
+ "displayName": "Builder version",
+ "value": "2.0",
+ "description": "The version of the FIS S2I builder image to use."
+ },
+ {
+ "name": "APP_VERSION",
+ "displayName": "Application Version",
+ "value": "1.0.0.redhat-000019",
+ "description": "The application version."
+ },
+ {
+ "name": "MAVEN_ARGS",
+ "displayName": "Maven Arguments",
+ "value": "install -DskipTests -Dfabric8.skip -e -B",
+ "description": "Arguments passed to mvn in the build."
+ },
+ {
+ "name": "MAVEN_ARGS_APPEND",
+ "displayName": "Extra Maven Arguments",
+ "description": "Extra arguments passed to mvn, e.g. for multi-module builds."
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "displayName": "Maven build directory",
+ "description": "Directory of the artifact to be built, e.g. for multi-module builds."
+ },
+ {
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "displayName": "Image Stream Namespace",
+ "value": "openshift",
+ "required": true,
+ "description": "Namespace in which the Fuse ImageStreams are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project."
+ },
+ {
+ "name": "CPU_REQUEST",
+ "displayName": "CPU request",
+ "value": "0.2",
+ "required": true,
+ "description": "The amount of CPU to requests."
+ },
+ {
+ "name": "MEMORY_REQUEST",
+ "displayName": "Memory request",
+ "value": "1.5G",
+ "required": true,
+ "description": "The amount of memory required for the container to run."
+ },
+ {
+ "name": "CPU_LIMIT",
+ "displayName": "CPU limit",
+ "value": "1.0",
+ "required": true,
+ "description": "The amount of CPU the container is limited to use."
+ },
+ {
+ "name": "MEMORY_LIMIT",
+ "displayName": "Memory limit",
+ "value": "2G",
+ "required": true,
+ "description": "The amount of memory the container is limited to use."
+ }
+ ],
+ "objects": [
+ {
+ "apiVersion": "v1",
+ "kind": "Route",
+ "metadata": {
+ "labels": {
+ "container": "java",
+ "component": "${APP_NAME}",
+ "provider": "s2i",
+ "project": "${APP_NAME}",
+ "version": "${APP_VERSION}",
+ "group": "quickstarts"
+ },
+ "name": "${SERVICE_NAME}-route"
+ },
+ "spec": {
+ "to": {
+ "kind": "Service",
+ "name": "${SERVICE_NAME}"
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "Service",
+ "metadata": {
+ "annotations": {
+ },
+ "labels": {
+ "container": "karaf",
+ "component": "${APP_NAME}",
+ "provider": "s2i",
+ "project": "${APP_NAME}",
+ "version": "${APP_VERSION}",
+ "group": "quickstarts"
+ },
+ "name": "${SERVICE_NAME}"
+ },
+ "spec": {
+ "clusterIP": "None",
+ "deprecatedPublicIPs": [],
+ "ports": [
+ {
+ "port": 9412,
+ "protocol": "TCP",
+ "targetPort": 8181
+ }
+ ],
+ "selector": {
+ "container": "karaf",
+ "project": "${APP_NAME}",
+ "component": "${APP_NAME}",
+ "provider": "s2i",
+ "group": "quickstarts"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "container": "karaf",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {},
+ "status": {
+ "dockerImageRepository": ""
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "container": "karaf",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${BUILD_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${BUILD_SECRET}"
+ }
+ },
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ }
+ ],
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${GIT_REPO}",
+ "ref": "${GIT_REF}"
+ }
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "fis-karaf-openshift:${BUILDER_VERSION}"
+ },
+ "forcePull": true,
+ "incremental": true,
+ "env": [
+ {
+ "name": "BUILD_LOGLEVEL",
+ "value": "5"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ },
+ {
+ "name": "MAVEN_ARGS",
+ "value": "${MAVEN_ARGS}"
+ },
+ {
+ "name": "MAVEN_ARGS_APPEND",
+ "value": "${MAVEN_ARGS_APPEND}"
+ }
+ ]
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APP_NAME}:latest"
+ }
+ },
+ "resources": {}
+ },
+ "status": {
+ "lastVersion": 0
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "container": "karaf",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "resources": {}
+ },
+ "triggers": [
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APP_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APP_NAME}:latest"
+ }
+ }
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "component": "${APP_NAME}",
+ "container": "karaf",
+ "deploymentconfig": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ },
+ "template": {
+ "metadata": {
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "container": "karaf",
+ "deploymentconfig": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "${APP_NAME}",
+ "image": "library/${APP_NAME}:latest",
+ "readinessProbe" : {
+ "httpGet" : {
+ "path" : "/readiness-check",
+ "port" : 8181
+ },
+ "initialDelaySeconds" : 10
+ },
+ "livenessProbe" : {
+ "httpGet" : {
+ "path" : "/health-check",
+ "port" : 8181
+ },
+ "initialDelaySeconds" : 180
+ },
+ "ports": [
+ {
+ "containerPort": 8181,
+ "name": "http"
+ },
+ {
+ "containerPort": 8778,
+ "name": "jolokia"
+ }
+ ],
+ "env" : [ {
+ "name" : "KUBERNETES_NAMESPACE",
+ "valueFrom" : {
+ "fieldRef" : {
+ "fieldPath" : "metadata.namespace"
+ }
+ }
+ } ],
+ "resources": {
+ "requests": {
+ "cpu": "${CPU_REQUEST}",
+ "memory": "${MEMORY_REQUEST}"
+ },
+ "limits": {
+ "cpu": "${CPU_LIMIT}",
+ "memory": "${MEMORY_LIMIT}"
+ }
+ }
+ }
+ ]
+ }
+ }
+ },
+ "status": {}
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/openjdk18-web-basic-s2i.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/openjdk18-web-basic-s2i.json
new file mode 100644
index 000000000..6336f0398
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/openjdk18-web-basic-s2i.json
@@ -0,0 +1,272 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-rh-openjdk",
+ "tags": "java",
+ "version": "1.4.7",
+ "openshift.io/display-name": "OpenJDK 8",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example Java application using OpenJDK 8. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat OpenJDK Java 8 based application.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "openjdk18-web-basic-s2i"
+ },
+ "labels": {
+ "template": "openjdk18-web-basic-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new java application has been created in your project.",
+ "parameters": [
+ {
+ "description": "The name for the application.",
+ "displayName": "Application Name",
+ "name": "APPLICATION_NAME",
+ "value": "openjdk-app",
+ "required": true
+ },
+ {
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "displayName": "Custom http Route Hostname",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "Git source URI for application",
+ "displayName": "Git Repository URL",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "description": "Git branch/tag reference",
+ "displayName": "Git Reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "master",
+ "required": false
+ },
+ {
+ "description": "Path within Git project to build; empty for root project directory.",
+ "displayName": "Context Directory",
+ "name": "CONTEXT_DIR",
+ "value": "undertow-servlet",
+ "required": false
+ },
+ {
+ "description": "GitHub trigger secret",
+ "displayName": "Github Webhook Secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Generic build trigger secret",
+ "displayName": "Generic Webhook Secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "displayName": "ImageStream Namespace",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The application's http port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "redhat-openjdk18-openshift:1.2"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "env": [
+ ],
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/processserver64-amq-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/processserver64-amq-mysql-persistent-s2i.json
new file mode 100644
index 000000000..9ef04ae71
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/processserver64-amq-mysql-persistent-s2i.json
@@ -0,0 +1,1160 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-processserver",
+ "tags": "processserver,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss BPM Suite 6.4 intelligent process server + A-MQ + MySQL (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example BPM Suite application with A-MQ and a MySQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Business Process Suite intelligent process server 6.4 based application, including a build configuration, application deployment configuration, Red Hat A-MQ for messaging broker, database deployment configuration for MySQL using persistence and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-bpm-suite/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "processserver64-amq-mysql-persistent-s2i"
+ },
+ "labels": {
+ "template": "processserver64-amq-mysql-persistent-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new persistent BPMS application (using MySQL and A-MQ) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. And for the A-MQ service use the credentials ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "KIE Container Deployment",
+ "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Protocol",
+ "description": "The protocol to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "https",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Port",
+ "description": "The port to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PORT",
+ "value": "8443",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Username",
+ "description": "The user name to access the KIE Server REST or JMS interface.",
+ "name": "KIE_SERVER_USER",
+ "value": "kieserver",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Password",
+ "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
+ "name": "KIE_SERVER_PASSWORD",
+ "from": "[a-zA-Z]{6}[0-9]{1}!",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Domain",
+ "description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "other",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server JMS Queues Request",
+ "description": "JNDI name of request queue for JMS.",
+ "name": "KIE_SERVER_JMS_QUEUES_REQUEST",
+ "value": "queue/KIE.SERVER.REQUEST",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server JMS Queues Response",
+ "description": "JNDI name of response queue for JMS.",
+ "name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
+ "value": "queue/KIE.SERVER.RESPONSE",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Executor JMS Queue",
+ "description": "JNDI name of executor queue for JMS.",
+ "name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
+ "value": "queue/KIE.SERVER.EXECUTOR",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Persistence Dialect",
+ "description": "Hibernate persistence dialect.",
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "org.hibernate.dialect.MySQL5Dialect",
+ "required": false
+ },
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "kie-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "processserver/library",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/ExampleDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "JMS Connection Factory JNDI Name",
+ "description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/JmsXA",
+ "name": "MQ_JNDI",
+ "value": "java:/JmsXA",
+ "required": false
+ },
+ {
+ "displayName": "Split Data?",
+ "description": "Split the data directory for each node in a mesh.",
+ "name": "AMQ_SPLIT",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Protocols",
+ "description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
+ "name": "MQ_PROTOCOL",
+ "value": "openwire",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
+ "name": "MQ_QUEUES",
+ "value": "KIE.SERVER.REQUEST,KIE.SERVER.RESPONSE,KIE.SERVER.EXECUTOR",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "processserver-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Lower Case Table Names",
+ "description": "Sets how the table names are stored and compared.",
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Maximum number of connections",
+ "description": "The maximum permitted number of simultaneous client connections.",
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Minimum Word Length",
+ "description": "The minimum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Maximum Word Length",
+ "description": "The maximum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL AIO",
+ "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
+ "name": "MYSQL_AIO",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Username",
+ "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Password",
+ "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Mesh Discovery Type",
+ "description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "kube",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Storage Limit",
+ "description": "The A-MQ storage usage limit",
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "100 gb",
+ "required": false
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61616,
+ "targetPort": 61616
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-tcp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's OpenWire port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-processserver64-openshift:1.1"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStream",
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "processserver-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "processserver-keystore-volume",
+ "mountPath": "/etc/processserver-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "${KIE_SERVER_PROTOCOL}"
+ },
+ {
+ "name": "KIE_SERVER_PORT",
+ "value": "${KIE_SERVER_PORT}"
+ },
+ {
+ "name": "KIE_SERVER_USER",
+ "value": "${KIE_SERVER_USER}"
+ },
+ {
+ "name": "KIE_SERVER_PASSWORD",
+ "value": "${KIE_SERVER_PASSWORD}"
+ },
+ {
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "${KIE_SERVER_DOMAIN}"
+ },
+ {
+ "name": "KIE_SERVER_JMS_QUEUES_REQUEST",
+ "value": "${KIE_SERVER_JMS_QUEUES_REQUEST}"
+ },
+ {
+ "name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
+ "value": "${KIE_SERVER_JMS_QUEUES_RESPONSE}"
+ },
+ {
+ "name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
+ "value": "${KIE_SERVER_EXECUTOR_JMS_QUEUE}"
+ },
+ {
+ "name": "MQ_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-amq=MQ"
+ },
+ {
+ "name": "MQ_JNDI",
+ "value": "${MQ_JNDI}"
+ },
+ {
+ "name": "MQ_USERNAME",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "MQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "MQ_PROTOCOL",
+ "value": "tcp"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "${KIE_SERVER_PERSISTENCE_DIALECT}"
+ },
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB,${APPLICATION_NAME}-mysql=QUARTZ"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "QUARTZ_JNDI",
+ "value": "${DB_JNDI}NotManaged"
+ },
+ {
+ "name": "QUARTZ_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "QUARTZ_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "QUARTZ_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "QUARTZ_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "QUARTZ_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "QUARTZ_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "QUARTZ_JTA",
+ "value": "false"
+ },
+ {
+ "name": "QUARTZ_NONXA",
+ "value": "true"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/processserver-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "processserver-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mysql",
+ "image": "mysql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/mysql/data",
+ "name": "${APPLICATION_NAME}-mysql-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
+ },
+ {
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "value": "${MYSQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "value": "${MYSQL_FT_MIN_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "value": "${MYSQL_FT_MAX_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_AIO",
+ "value": "${MYSQL_AIO}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-mysql-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-mysql-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-amq"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-amq-63:1.2"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-amq",
+ "image": "jboss-amq-63",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "mountPath": "/opt/amq/data",
+ "name": "${APPLICATION_NAME}-amq-pvol"
+ }
+ ],
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/amq/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp",
+ "containerPort": 5672,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp-ssl",
+ "containerPort": 5671,
+ "protocol": "TCP"
+ },
+ {
+ "name": "mqtt",
+ "containerPort": 1883,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp",
+ "containerPort": 61613,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp-ssl",
+ "containerPort": 61612,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp",
+ "containerPort": 61616,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp-ssl",
+ "containerPort": 61617,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "AMQ_USER",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "AMQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "AMQ_TRANSPORTS",
+ "value": "${MQ_PROTOCOL}"
+ },
+ {
+ "name": "AMQ_SPLIT",
+ "value": "${AMQ_SPLIT}"
+ },
+ {
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "${AMQ_MESH_DISCOVERY_TYPE}"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-amq-tcp"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "${AMQ_STORAGE_USAGE_LIMIT}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-amq-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-amq-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteMany"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/processserver64-amq-mysql-s2i.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/processserver64-amq-mysql-s2i.json
new file mode 100644
index 000000000..4cb45db42
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/processserver64-amq-mysql-s2i.json
@@ -0,0 +1,1038 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-processserver",
+ "tags": "processserver,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss BPM Suite 6.4 intelligent process server + A-MQ + MySQL (Ephemeral with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example BPM Suite application with A-MQ and a MySQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Business Process Suite intelligent process server 6.4 based application, including a build configuration, application deployment configuration, Red Hat A-MQ for messaging broker, database deployment configuration for MySQL using ephemeral (temporary) storage and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-bpm-suite/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "processserver64-amq-mysql-s2i"
+ },
+ "labels": {
+ "template": "processserver64-amq-mysql-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new BPMS application (using MySQL and A-MQ) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. And for the A-MQ service use the credentials ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "KIE Container Deployment",
+ "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Protocol",
+ "description": "The protocol to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "https",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Port",
+ "description": "The port to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PORT",
+ "value": "8443",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Username",
+ "description": "The user name to access the KIE Server REST or JMS interface.",
+ "name": "KIE_SERVER_USER",
+ "value": "kieserver",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Password",
+ "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
+ "name": "KIE_SERVER_PASSWORD",
+ "from": "[a-zA-Z]{6}[0-9]{1}!",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Domain",
+ "description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "other",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server JMS Queues Request",
+ "description": "JNDI name of request queue for JMS.",
+ "name": "KIE_SERVER_JMS_QUEUES_REQUEST",
+ "value": "queue/KIE.SERVER.REQUEST",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server JMS Queues Response",
+ "description": "JNDI name of response queue for JMS.",
+ "name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
+ "value": "queue/KIE.SERVER.RESPONSE",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Executor JMS Queue",
+ "description": "JNDI name of executor queue for JMS.",
+ "name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
+ "value": "queue/KIE.SERVER.EXECUTOR",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Persistence Dialect",
+ "description": "Hibernate persistence dialect.",
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "org.hibernate.dialect.MySQL5Dialect",
+ "required": false
+ },
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "kie-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "processserver/library",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/ExampleDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "JMS Connection Factory JNDI Name",
+ "description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/JmsXA",
+ "name": "MQ_JNDI",
+ "value": "java:/JmsXA",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Protocols",
+ "description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
+ "name": "MQ_PROTOCOL",
+ "value": "openwire",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
+ "name": "MQ_QUEUES",
+ "value": "KIE.SERVER.REQUEST,KIE.SERVER.RESPONSE,KIE.SERVER.EXECUTOR",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "processserver-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Lower Case Table Names",
+ "description": "Sets how the table names are stored and compared.",
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Maximum number of connections",
+ "description": "The maximum permitted number of simultaneous client connections.",
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Minimum Word Length",
+ "description": "The minimum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Maximum Word Length",
+ "description": "The maximum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL AIO",
+ "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
+ "name": "MYSQL_AIO",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Username",
+ "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Password",
+ "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Mesh Discovery Type",
+ "description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "kube",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Storage Limit",
+ "description": "The A-MQ storage usage limit",
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "100 gb",
+ "required": false
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61616,
+ "targetPort": 61616
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-tcp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's OpenWire port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-processserver64-openshift:1.1"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStream",
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "processserver-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "processserver-keystore-volume",
+ "mountPath": "/etc/processserver-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "${KIE_SERVER_PROTOCOL}"
+ },
+ {
+ "name": "KIE_SERVER_PORT",
+ "value": "${KIE_SERVER_PORT}"
+ },
+ {
+ "name": "KIE_SERVER_USER",
+ "value": "${KIE_SERVER_USER}"
+ },
+ {
+ "name": "KIE_SERVER_PASSWORD",
+ "value": "${KIE_SERVER_PASSWORD}"
+ },
+ {
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "${KIE_SERVER_DOMAIN}"
+ },
+ {
+ "name": "KIE_SERVER_JMS_QUEUES_REQUEST",
+ "value": "${KIE_SERVER_JMS_QUEUES_REQUEST}"
+ },
+ {
+ "name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
+ "value": "${KIE_SERVER_JMS_QUEUES_RESPONSE}"
+ },
+ {
+ "name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
+ "value": "${KIE_SERVER_EXECUTOR_JMS_QUEUE}"
+ },
+ {
+ "name": "MQ_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-amq=MQ"
+ },
+ {
+ "name": "MQ_JNDI",
+ "value": "${MQ_JNDI}"
+ },
+ {
+ "name": "MQ_USERNAME",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "MQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "MQ_PROTOCOL",
+ "value": "tcp"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "${KIE_SERVER_PERSISTENCE_DIALECT}"
+ },
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/processserver-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "processserver-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mysql",
+ "image": "mysql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
+ },
+ {
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "value": "${MYSQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "value": "${MYSQL_FT_MIN_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "value": "${MYSQL_FT_MAX_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_AIO",
+ "value": "${MYSQL_AIO}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-amq"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-amq-63:1.2"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-amq",
+ "image": "jboss-amq-63",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/amq/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp",
+ "containerPort": 5672,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp-ssl",
+ "containerPort": 5671,
+ "protocol": "TCP"
+ },
+ {
+ "name": "mqtt",
+ "containerPort": 1883,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp",
+ "containerPort": 61613,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp-ssl",
+ "containerPort": 61612,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp",
+ "containerPort": 61616,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp-ssl",
+ "containerPort": 61617,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "AMQ_USER",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "AMQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "AMQ_TRANSPORTS",
+ "value": "${MQ_PROTOCOL}"
+ },
+ {
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "${AMQ_MESH_DISCOVERY_TYPE}"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-amq-tcp"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "${AMQ_STORAGE_USAGE_LIMIT}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/processserver64-amq-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/processserver64-amq-postgresql-persistent-s2i.json
new file mode 100644
index 000000000..56fefcc0a
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/processserver64-amq-postgresql-persistent-s2i.json
@@ -0,0 +1,1130 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-processserver",
+ "tags": "processserver,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss BPM Suite 6.4 intelligent process server + A-MQ + PostgreSQL (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example BPM Suite application with A-MQ and a PostgreSQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Business Process Suite intelligent process server 6.4 based application, including a build configuration, application deployment configuration, Red Hat A-MQ for messaging broker, database deployment configuration for PostgreSQL using persistence and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-bpm-suite/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "processserver64-amq-postgresql-persistent-s2i"
+ },
+ "labels": {
+ "template": "processserver64-amq-postgresql-persistent-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new persistent BPMS application (using PostgreSQL and A-MQ) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. And for the A-MQ service use the credentials ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "KIE Container Deployment",
+ "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Protocol",
+ "description": "The protocol to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "https",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Port",
+ "description": "The port to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PORT",
+ "value": "8443",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Username",
+ "description": "The user name to access the KIE Server REST or JMS interface.",
+ "name": "KIE_SERVER_USER",
+ "value": "kieserver",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Password",
+ "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
+ "name": "KIE_SERVER_PASSWORD",
+ "from": "[a-zA-Z]{6}[0-9]{1}!",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Domain",
+ "description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "other",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server JMS Queues Request",
+ "description": "JNDI name of request queue for JMS.",
+ "name": "KIE_SERVER_JMS_QUEUES_REQUEST",
+ "value": "queue/KIE.SERVER.REQUEST",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server JMS Queues Response",
+ "description": "JNDI name of response queue for JMS.",
+ "name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
+ "value": "queue/KIE.SERVER.RESPONSE",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Executor JMS Queue",
+ "description": "JNDI name of executor queue for JMS.",
+ "name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
+ "value": "queue/KIE.SERVER.EXECUTOR",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Persistence Dialect",
+ "description": "Hibernate persistence dialect.",
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "org.hibernate.dialect.PostgreSQL82Dialect",
+ "required": false
+ },
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "kie-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "processserver/library",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/ExampleDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "JMS Connection Factory JNDI Name",
+ "description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/JmsXA",
+ "name": "MQ_JNDI",
+ "value": "java:/JmsXA",
+ "required": false
+ },
+ {
+ "displayName": "Split Data?",
+ "description": "Split the data directory for each node in a mesh.",
+ "name": "AMQ_SPLIT",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Protocols",
+ "description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
+ "name": "MQ_PROTOCOL",
+ "value": "openwire",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
+ "name": "MQ_QUEUES",
+ "value": "KIE.SERVER.REQUEST,KIE.SERVER.RESPONSE,KIE.SERVER.EXECUTOR",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "processserver-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Maximum number of connections",
+ "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Shared Buffers",
+ "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Username",
+ "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Password",
+ "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Mesh Discovery Type",
+ "description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "kube",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Storage Limit",
+ "description": "The A-MQ storage usage limit",
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "100 gb",
+ "required": false
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61616,
+ "targetPort": 61616
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-tcp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's OpenWire port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-processserver64-openshift:1.1"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStream",
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "processserver-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "processserver-keystore-volume",
+ "mountPath": "/etc/processserver-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "${KIE_SERVER_PROTOCOL}"
+ },
+ {
+ "name": "KIE_SERVER_PORT",
+ "value": "${KIE_SERVER_PORT}"
+ },
+ {
+ "name": "KIE_SERVER_USER",
+ "value": "${KIE_SERVER_USER}"
+ },
+ {
+ "name": "KIE_SERVER_PASSWORD",
+ "value": "${KIE_SERVER_PASSWORD}"
+ },
+ {
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "${KIE_SERVER_DOMAIN}"
+ },
+ {
+ "name": "KIE_SERVER_JMS_QUEUES_REQUEST",
+ "value": "${KIE_SERVER_JMS_QUEUES_REQUEST}"
+ },
+ {
+ "name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
+ "value": "${KIE_SERVER_JMS_QUEUES_RESPONSE}"
+ },
+ {
+ "name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
+ "value": "${KIE_SERVER_EXECUTOR_JMS_QUEUE}"
+ },
+ {
+ "name": "MQ_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-amq=MQ"
+ },
+ {
+ "name": "MQ_JNDI",
+ "value": "${MQ_JNDI}"
+ },
+ {
+ "name": "MQ_USERNAME",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "MQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "MQ_PROTOCOL",
+ "value": "tcp"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "${KIE_SERVER_PERSISTENCE_DIALECT}"
+ },
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB,${APPLICATION_NAME}-postgresql=QUARTZ"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "QUARTZ_JNDI",
+ "value": "${DB_JNDI}NotManaged"
+ },
+ {
+ "name": "QUARTZ_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "QUARTZ_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "QUARTZ_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "QUARTZ_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "QUARTZ_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "QUARTZ_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "QUARTZ_JTA",
+ "value": "false"
+ },
+ {
+ "name": "QUARTZ_NONXA",
+ "value": "true"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/processserver-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "processserver-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "image": "postgresql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/pgsql/data",
+ "name": "${APPLICATION_NAME}-postgresql-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-postgresql-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-amq"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-amq-63:1.2"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-amq",
+ "image": "jboss-amq-63",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "mountPath": "/opt/amq/data",
+ "name": "${APPLICATION_NAME}-amq-pvol"
+ }
+ ],
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/amq/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp",
+ "containerPort": 5672,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp-ssl",
+ "containerPort": 5671,
+ "protocol": "TCP"
+ },
+ {
+ "name": "mqtt",
+ "containerPort": 1883,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp",
+ "containerPort": 61613,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp-ssl",
+ "containerPort": 61612,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp",
+ "containerPort": 61616,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp-ssl",
+ "containerPort": 61617,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "AMQ_USER",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "AMQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "AMQ_TRANSPORTS",
+ "value": "${MQ_PROTOCOL}"
+ },
+ {
+ "name": "AMQ_SPLIT",
+ "value": "${AMQ_SPLIT}"
+ },
+ {
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "${AMQ_MESH_DISCOVERY_TYPE}"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-amq-tcp"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "${AMQ_STORAGE_USAGE_LIMIT}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-amq-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-amq-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteMany"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/processserver64-amq-postgresql-s2i.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/processserver64-amq-postgresql-s2i.json
new file mode 100644
index 000000000..bb8d2df28
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/processserver64-amq-postgresql-s2i.json
@@ -0,0 +1,1009 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for Red Hat JBoss BPM Suite 6.4 intelligent process server AMQ and PostgreSQL applications built using S2I.",
+ "iconClass": "icon-processserver",
+ "tags": "processserver,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss BPM Suite 6.4 intelligent process server + A-MQ + PostgreSQL (Ephemeral with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example BPM Suite application with A-MQ and a PostgreSQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Business Process Suite intelligent process server 6.4 based application, including a build configuration, application deployment configuration, Red Hat A-MQ for messaging broker, database deployment configuration for PostgreSQL using ephemeral (temporary) storage and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-bpm-suite/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "processserver64-amq-postgresql-s2i"
+ },
+ "labels": {
+ "template": "processserver64-amq-postgresql-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new BPMS application (using PostgreSQL and A-MQ) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. And for the A-MQ service use the credentials ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "KIE Container Deployment",
+ "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Protocol",
+ "description": "The protocol to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "https",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Port",
+ "description": "The port to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PORT",
+ "value": "8443",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Username",
+ "description": "The user name to access the KIE Server REST or JMS interface.",
+ "name": "KIE_SERVER_USER",
+ "value": "kieserver",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Password",
+ "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
+ "name": "KIE_SERVER_PASSWORD",
+ "from": "[a-zA-Z]{6}[0-9]{1}!",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Domain",
+ "description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "other",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server JMS Queues Request",
+ "description": "JNDI name of request queue for JMS.",
+ "name": "KIE_SERVER_JMS_QUEUES_REQUEST",
+ "value": "queue/KIE.SERVER.REQUEST",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server JMS Queues Response",
+ "description": "JNDI name of response queue for JMS.",
+ "name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
+ "value": "queue/KIE.SERVER.RESPONSE",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Executor JMS Queue",
+ "description": "JNDI name of executor queue for JMS.",
+ "name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
+ "value": "queue/KIE.SERVER.EXECUTOR",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Persistence Dialect",
+ "description": "Hibernate persistence dialect.",
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "org.hibernate.dialect.PostgreSQL82Dialect",
+ "required": false
+ },
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "kie-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "processserver/library",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/ExampleDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "JMS Connection Factory JNDI Name",
+ "description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/JmsXA",
+ "name": "MQ_JNDI",
+ "value": "java:/JmsXA",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Protocols",
+ "description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
+ "name": "MQ_PROTOCOL",
+ "value": "openwire",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
+ "name": "MQ_QUEUES",
+ "value": "KIE.SERVER.REQUEST,KIE.SERVER.RESPONSE,KIE.SERVER.EXECUTOR",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "processserver-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Maximum number of connections",
+ "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Shared Buffers",
+ "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Username",
+ "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Password",
+ "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Mesh Discovery Type",
+ "description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "kube",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Storage Limit",
+ "description": "The A-MQ storage usage limit",
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "100 gb",
+ "required": false
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61616,
+ "targetPort": 61616
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-tcp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's OpenWire port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-processserver64-openshift:1.1"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStream",
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "processserver-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "processserver-keystore-volume",
+ "mountPath": "/etc/processserver-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "${KIE_SERVER_PROTOCOL}"
+ },
+ {
+ "name": "KIE_SERVER_PORT",
+ "value": "${KIE_SERVER_PORT}"
+ },
+ {
+ "name": "KIE_SERVER_USER",
+ "value": "${KIE_SERVER_USER}"
+ },
+ {
+ "name": "KIE_SERVER_PASSWORD",
+ "value": "${KIE_SERVER_PASSWORD}"
+ },
+ {
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "${KIE_SERVER_DOMAIN}"
+ },
+ {
+ "name": "KIE_SERVER_JMS_QUEUES_REQUEST",
+ "value": "${KIE_SERVER_JMS_QUEUES_REQUEST}"
+ },
+ {
+ "name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
+ "value": "${KIE_SERVER_JMS_QUEUES_RESPONSE}"
+ },
+ {
+ "name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
+ "value": "${KIE_SERVER_EXECUTOR_JMS_QUEUE}"
+ },
+ {
+ "name": "MQ_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-amq=MQ"
+ },
+ {
+ "name": "MQ_JNDI",
+ "value": "${MQ_JNDI}"
+ },
+ {
+ "name": "MQ_USERNAME",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "MQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "MQ_PROTOCOL",
+ "value": "tcp"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "${KIE_SERVER_PERSISTENCE_DIALECT}"
+ },
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/processserver-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "processserver-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "image": "postgresql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-amq"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-amq-63:1.2"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-amq",
+ "image": "jboss-amq-63",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/amq/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp",
+ "containerPort": 5672,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp-ssl",
+ "containerPort": 5671,
+ "protocol": "TCP"
+ },
+ {
+ "name": "mqtt",
+ "containerPort": 1883,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp",
+ "containerPort": 61613,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp-ssl",
+ "containerPort": 61612,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp",
+ "containerPort": 61616,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp-ssl",
+ "containerPort": 61617,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "AMQ_USER",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "AMQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "AMQ_TRANSPORTS",
+ "value": "${MQ_PROTOCOL}"
+ },
+ {
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "${AMQ_MESH_DISCOVERY_TYPE}"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-amq-tcp"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "${AMQ_STORAGE_USAGE_LIMIT}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/processserver64-basic-s2i.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/processserver64-basic-s2i.json
new file mode 100644
index 000000000..1b7cc8cf1
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/processserver64-basic-s2i.json
@@ -0,0 +1,387 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-processserver",
+ "tags": "processserver,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss BPM Suite 6.4 intelligent process server (no https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example BPM Suite application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Business Process Suite intelligent process server 6.4 based application, including a build configuration, application deployment configuration and insecure communication using http.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-bpm-suite/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "processserver64-basic-s2i"
+ },
+ "labels": {
+ "template": "processserver64-basic-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new BPMS application has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}.",
+ "parameters": [
+ {
+ "displayName": "KIE Container Deployment",
+ "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Username",
+ "description": "The user name to access the KIE Server REST or JMS interface.",
+ "name": "KIE_SERVER_USER",
+ "value": "kieserver",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Password",
+ "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
+ "name": "KIE_SERVER_PASSWORD",
+ "from": "[a-zA-Z]{6}[0-9]{1}!",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Persistence Dialect",
+ "description": "Hibernate persistence dialect.",
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "org.hibernate.dialect.H2Dialect",
+ "required": false
+ },
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "kie-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "processserver/library",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "HORNETQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "HORNETQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "HornetQ Password",
+ "description": "HornetQ cluster admin password",
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-processserver64-openshift:1.1"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStream",
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "KIE_SERVER_USER",
+ "value": "${KIE_SERVER_USER}"
+ },
+ {
+ "name": "KIE_SERVER_PASSWORD",
+ "value": "${KIE_SERVER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_QUEUES",
+ "value": "${HORNETQ_QUEUES}"
+ },
+ {
+ "name": "HORNETQ_TOPICS",
+ "value": "${HORNETQ_TOPICS}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/processserver64-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/processserver64-mysql-persistent-s2i.json
new file mode 100644
index 000000000..1a4d0887c
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/processserver64-mysql-persistent-s2i.json
@@ -0,0 +1,865 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for Red Hat JBoss BPM Suite 6.4 intelligent process server MySQL applications with persistent storage built using S2I.",
+ "iconClass": "icon-processserver",
+ "tags": "processserver,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss BPM Suite 6.4 intelligent process server + MySQL (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example BPM Suite application with a MySQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Business Process Suite intelligent process server 6.4 based application, including a build configuration, application deployment configuration, database deployment configuration for MySQL using persistence and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-bpm-suite/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "processserver64-mysql-persistent-s2i"
+ },
+ "labels": {
+ "template": "processserver64-mysql-persistent-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new persistent BPMS application (using MySQL) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "KIE Container Deployment",
+ "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Protocol",
+ "description": "The protocol to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "https",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Port",
+ "description": "The port to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PORT",
+ "value": "8443",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Username",
+ "description": "The user name to access the KIE Server REST or JMS interface.",
+ "name": "KIE_SERVER_USER",
+ "value": "kieserver",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Password",
+ "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
+ "name": "KIE_SERVER_PASSWORD",
+ "from": "[a-zA-Z]{6}[0-9]{1}!",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Domain",
+ "description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "other",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Persistence Dialect",
+ "description": "Hibernate persistence dialect.",
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "org.hibernate.dialect.MySQL5Dialect",
+ "required": false
+ },
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "kie-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "processserver/library",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/ExampleDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "HORNETQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "HORNETQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "processserver-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Lower Case Table Names",
+ "description": "Sets how the table names are stored and compared.",
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Maximum number of connections",
+ "description": "The maximum permitted number of simultaneous client connections.",
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Minimum Word Length",
+ "description": "The minimum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Maximum Word Length",
+ "description": "The maximum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL AIO",
+ "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
+ "name": "MYSQL_AIO",
+ "required": false
+ },
+ {
+ "displayName": "HornetQ Password",
+ "description": "HornetQ cluster admin password",
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-processserver64-openshift:1.1"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStream",
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "processserver-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "processserver-keystore-volume",
+ "mountPath": "/etc/processserver-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "${KIE_SERVER_PROTOCOL}"
+ },
+ {
+ "name": "KIE_SERVER_PORT",
+ "value": "${KIE_SERVER_PORT}"
+ },
+ {
+ "name": "KIE_SERVER_USER",
+ "value": "${KIE_SERVER_USER}"
+ },
+ {
+ "name": "KIE_SERVER_PASSWORD",
+ "value": "${KIE_SERVER_PASSWORD}"
+ },
+ {
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "${KIE_SERVER_DOMAIN}"
+ },
+ {
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "${KIE_SERVER_PERSISTENCE_DIALECT}"
+ },
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB,${APPLICATION_NAME}-mysql=QUARTZ"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "QUARTZ_JNDI",
+ "value": "${DB_JNDI}NotManaged"
+ },
+ {
+ "name": "QUARTZ_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "QUARTZ_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "QUARTZ_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "QUARTZ_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "QUARTZ_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "QUARTZ_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "QUARTZ_JTA",
+ "value": "false"
+ },
+ {
+ "name": "QUARTZ_NONXA",
+ "value": "true"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/processserver-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_QUEUES",
+ "value": "${HORNETQ_QUEUES}"
+ },
+ {
+ "name": "HORNETQ_TOPICS",
+ "value": "${HORNETQ_TOPICS}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "processserver-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mysql",
+ "image": "mysql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/mysql/data",
+ "name": "${APPLICATION_NAME}-mysql-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
+ },
+ {
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "value": "${MYSQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "value": "${MYSQL_FT_MIN_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "value": "${MYSQL_FT_MAX_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_AIO",
+ "value": "${MYSQL_AIO}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-mysql-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-mysql-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/processserver64-mysql-s2i.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/processserver64-mysql-s2i.json
new file mode 100644
index 000000000..7c491d832
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/processserver64-mysql-s2i.json
@@ -0,0 +1,787 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-processserver",
+ "tags": "processserver,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss BPM Suite 6.4 intelligent process server + MySQL (Ephemeral with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example BPM Suite application with a MySQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Business Process Suite intelligent process server 6.4 based application, including a build configuration, application deployment configuration, database deployment configuration for MySQL using ephemeral (temporary) storage and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-bpm-suite/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "processserver64-mysql-s2i"
+ },
+ "labels": {
+ "template": "processserver64-mysql-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new BPMS application (using MySQL) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "KIE Container Deployment",
+ "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Protocol",
+ "description": "The protocol to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "https",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Port",
+ "description": "The port to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PORT",
+ "value": "8443",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Username",
+ "description": "The user name to access the KIE Server REST or JMS interface.",
+ "name": "KIE_SERVER_USER",
+ "value": "kieserver",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Password",
+ "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
+ "name": "KIE_SERVER_PASSWORD",
+ "from": "[a-zA-Z]{6}[0-9]{1}!",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Domain",
+ "description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "other",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Persistence Dialect",
+ "description": "Hibernate persistence dialect.",
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "org.hibernate.dialect.MySQL5Dialect",
+ "required": false
+ },
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "kie-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "processserver/library",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/ExampleDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "HORNETQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "HORNETQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "processserver-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Lower Case Table Names",
+ "description": "Sets how the table names are stored and compared.",
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Maximum number of connections",
+ "description": "The maximum permitted number of simultaneous client connections.",
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Minimum Word Length",
+ "description": "The minimum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Maximum Word Length",
+ "description": "The maximum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL AIO",
+ "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
+ "name": "MYSQL_AIO",
+ "required": false
+ },
+ {
+ "displayName": "HornetQ Password",
+ "description": "HornetQ cluster admin password",
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-processserver64-openshift:1.1"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStream",
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "processserver-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "processserver-keystore-volume",
+ "mountPath": "/etc/processserver-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "${KIE_SERVER_PROTOCOL}"
+ },
+ {
+ "name": "KIE_SERVER_PORT",
+ "value": "${KIE_SERVER_PORT}"
+ },
+ {
+ "name": "KIE_SERVER_USER",
+ "value": "${KIE_SERVER_USER}"
+ },
+ {
+ "name": "KIE_SERVER_PASSWORD",
+ "value": "${KIE_SERVER_PASSWORD}"
+ },
+ {
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "${KIE_SERVER_DOMAIN}"
+ },
+ {
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "${KIE_SERVER_PERSISTENCE_DIALECT}"
+ },
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/processserver-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_QUEUES",
+ "value": "${HORNETQ_QUEUES}"
+ },
+ {
+ "name": "HORNETQ_TOPICS",
+ "value": "${HORNETQ_TOPICS}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "processserver-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mysql",
+ "image": "mysql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
+ },
+ {
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "value": "${MYSQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "value": "${MYSQL_FT_MIN_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "value": "${MYSQL_FT_MAX_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_AIO",
+ "value": "${MYSQL_AIO}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/processserver64-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/processserver64-postgresql-persistent-s2i.json
new file mode 100644
index 000000000..8965ea41f
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/processserver64-postgresql-persistent-s2i.json
@@ -0,0 +1,834 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-processserver",
+ "tags": "processserver,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss BPM Suite 6.4 intelligent process server + PostgreSQL (with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example BPM Suite application with a PostgreSQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Business Process Suite intelligent process server 6.4 based application, including a build configuration, application deployment configuration, database deployment configuration for PostgreSQL using persistence and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-bpm-suite/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "processserver64-postgresql-persistent-s2i"
+ },
+ "labels": {
+ "template": "processserver64-postgresql-persistent-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new persistent BPMS application (using PostgreSQL) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "KIE Container Deployment",
+ "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Protocol",
+ "description": "The protocol to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "https",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Port",
+ "description": "The port to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PORT",
+ "value": "8443",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Username",
+ "description": "The user name to access the KIE Server REST or JMS interface.",
+ "name": "KIE_SERVER_USER",
+ "value": "kieserver",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Password",
+ "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
+ "name": "KIE_SERVER_PASSWORD",
+ "from": "[a-zA-Z]{6}[0-9]{1}!",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Domain",
+ "description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "other",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Persistence Dialect",
+ "description": "Hibernate persistence dialect.",
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "org.hibernate.dialect.PostgreSQL82Dialect",
+ "required": false
+ },
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "kie-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "processserver/library",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/ExampleDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "HORNETQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "HORNETQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "processserver-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Maximum number of connections",
+ "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Shared Buffers",
+ "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "required": false
+ },
+ {
+ "displayName": "HornetQ Password",
+ "description": "HornetQ cluster admin password",
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-processserver64-openshift:1.1"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStream",
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "processserver-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "processserver-keystore-volume",
+ "mountPath": "/etc/processserver-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "${KIE_SERVER_PROTOCOL}"
+ },
+ {
+ "name": "KIE_SERVER_PORT",
+ "value": "${KIE_SERVER_PORT}"
+ },
+ {
+ "name": "KIE_SERVER_USER",
+ "value": "${KIE_SERVER_USER}"
+ },
+ {
+ "name": "KIE_SERVER_PASSWORD",
+ "value": "${KIE_SERVER_PASSWORD}"
+ },
+ {
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "${KIE_SERVER_DOMAIN}"
+ },
+ {
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "${KIE_SERVER_PERSISTENCE_DIALECT}"
+ },
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB,${APPLICATION_NAME}-postgresql=QUARTZ"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "QUARTZ_JNDI",
+ "value": "${DB_JNDI}NotManaged"
+ },
+ {
+ "name": "QUARTZ_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "QUARTZ_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "QUARTZ_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "QUARTZ_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "QUARTZ_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "QUARTZ_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "QUARTZ_JTA",
+ "value": "false"
+ },
+ {
+ "name": "QUARTZ_NONXA",
+ "value": "true"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/processserver-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_QUEUES",
+ "value": "${HORNETQ_QUEUES}"
+ },
+ {
+ "name": "HORNETQ_TOPICS",
+ "value": "${HORNETQ_TOPICS}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "processserver-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "image": "postgresql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/pgsql/data",
+ "name": "${APPLICATION_NAME}-postgresql-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-postgresql-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/processserver64-postgresql-s2i.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/processserver64-postgresql-s2i.json
new file mode 100644
index 000000000..e21f0ce4e
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/processserver64-postgresql-s2i.json
@@ -0,0 +1,757 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-processserver",
+ "tags": "processserver,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "JBoss BPM Suite 6.4 intelligent process server + PostgreSQL (Ephemeral with https)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example BPM Suite application with a PostgreSQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Business Process Suite intelligent process server 6.4 based application, including a build configuration, application deployment configuration, database deployment configuration for PostgreSQL using ephemeral (temporary) storage and secure communication using https.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-bpm-suite/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "processserver64-postgresql-s2i"
+ },
+ "labels": {
+ "template": "processserver64-postgresql-s2i",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new BPMS application (using PostgreSQL) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "KIE Container Deployment",
+ "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Protocol",
+ "description": "The protocol to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "https",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Port",
+ "description": "The port to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PORT",
+ "value": "8443",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Username",
+ "description": "The user name to access the KIE Server REST or JMS interface.",
+ "name": "KIE_SERVER_USER",
+ "value": "kieserver",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Password",
+ "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
+ "name": "KIE_SERVER_PASSWORD",
+ "from": "[a-zA-Z]{6}[0-9]{1}!",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Domain",
+ "description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "other",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Persistence Dialect",
+ "description": "Hibernate persistence dialect.",
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "org.hibernate.dialect.PostgreSQL82Dialect",
+ "required": false
+ },
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "kie-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "processserver/library",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/ExampleDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "HORNETQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "HORNETQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "processserver-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Maximum number of connections",
+ "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Shared Buffers",
+ "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "required": false
+ },
+ {
+ "displayName": "HornetQ Password",
+ "description": "HornetQ cluster admin password",
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-processserver64-openshift:1.1"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStream",
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "processserver-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "processserver-keystore-volume",
+ "mountPath": "/etc/processserver-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "${KIE_SERVER_PROTOCOL}"
+ },
+ {
+ "name": "KIE_SERVER_PORT",
+ "value": "${KIE_SERVER_PORT}"
+ },
+ {
+ "name": "KIE_SERVER_USER",
+ "value": "${KIE_SERVER_USER}"
+ },
+ {
+ "name": "KIE_SERVER_PASSWORD",
+ "value": "${KIE_SERVER_PASSWORD}"
+ },
+ {
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "${KIE_SERVER_DOMAIN}"
+ },
+ {
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "${KIE_SERVER_PERSISTENCE_DIALECT}"
+ },
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/processserver-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_QUEUES",
+ "value": "${HORNETQ_QUEUES}"
+ },
+ {
+ "name": "HORNETQ_TOPICS",
+ "value": "${HORNETQ_TOPICS}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "processserver-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "image": "postgresql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/spring-boot-camel-amq-template.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/spring-boot-camel-amq-template.json
new file mode 100644
index 000000000..2c1a73a29
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/spring-boot-camel-amq-template.json
@@ -0,0 +1,331 @@
+{
+ "apiVersion": "v1",
+ "kind": "Template",
+ "metadata": {
+ "annotations": {
+ "description": "Spring Boot, Camel and ActiveMQ QuickStart. This quickstart demonstrates how to connect a Spring-Boot application to an ActiveMQ broker and use JMS messaging between two Camel routes using OpenShift. In this example we will use two containers, one container to run as a ActiveMQ broker, and another as a client to the broker, where the Camel routes are running. This quickstart requires the ActiveMQ broker has been deployed and running first, one simple way to run a A-MQ service is following the documentation of the A-MQ xPaaS image for OpenShift related to the amq62-basic template",
+ "tags": "quickstart,java,springboot,fis",
+ "iconClass": "icon-jboss",
+ "version": "2.0"
+ },
+ "name": "s2i-spring-boot-camel-amq"
+ },
+ "labels": {
+ "template": "s2i-spring-boot-camel-amq"
+ },
+ "parameters": [
+ {
+ "name": "APP_NAME",
+ "displayName": "Application Name",
+ "required": true,
+ "value": "s2i-spring-boot-camel-amq",
+ "description": "The name assigned to the application."
+ },
+ {
+ "name": "GIT_REPO",
+ "displayName": "Git Repository URL",
+ "required": true,
+ "value": "https://github.com/fabric8-quickstarts/spring-boot-camel-amq.git",
+ "description": "The URL of the repository with your application source code."
+ },
+ {
+ "name": "GIT_REF",
+ "displayName": "Git Reference",
+ "value": "spring-boot-camel-amq-1.0.0.redhat-000064",
+ "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch."
+ },
+ {
+ "name": "ACTIVEMQ_SERVICE_NAME",
+ "displayName": "ActiveMQ Broker Service",
+ "required": true,
+ "value": "broker-amq-tcp",
+ "description": "Set this to the name of the TCP service of the ActiveMQ broker. You may need to create a broker first."
+ },
+ {
+ "name": "ACTIVEMQ_BROKER_USERNAME",
+ "displayName": "ActiveMQ Broker Username",
+ "description": "The username used to authenticate with the ActiveMQ broker. Leave it empty if authentication is disabled."
+ },
+ {
+ "name": "ACTIVEMQ_BROKER_PASSWORD",
+ "displayName": "ActiveMQ Broker Password",
+ "description": "The password used to authenticate with the ActiveMQ broker. Leave it empty if authentication is disabled."
+ },
+ {
+ "name": "BUILDER_VERSION",
+ "displayName": "Builder version",
+ "value": "2.0",
+ "description": "The version of the FIS S2I builder image to use."
+ },
+ {
+ "name": "APP_VERSION",
+ "displayName": "Application Version",
+ "value": "1.0.0.redhat-000064",
+ "description": "The application version."
+ },
+ {
+ "name": "MAVEN_ARGS",
+ "displayName": "Maven Arguments",
+ "value": "package -DskipTests -Dfabric8.skip -e -B",
+ "description": "Arguments passed to mvn in the build."
+ },
+ {
+ "name": "MAVEN_ARGS_APPEND",
+ "displayName": "Extra Maven Arguments",
+ "description": "Extra arguments passed to mvn, e.g. for multi-module builds."
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "displayName": "Maven build directory",
+ "description": "Directory of the artifact to be built, e.g. for multi-module builds."
+ },
+ {
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "displayName": "Image Stream Namespace",
+ "value": "openshift",
+ "required": true,
+ "description": "Namespace in which the Fuse ImageStreams are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project."
+ },
+ {
+ "name": "BUILD_SECRET",
+ "displayName": "Git Build Secret",
+ "generate": "expression",
+ "description": "The secret needed to trigger a build.",
+ "from": "[a-zA-Z0-9]{40}"
+ },
+ {
+ "name": "CPU_REQUEST",
+ "displayName": "CPU request",
+ "value": "0.2",
+ "required": true,
+ "description": "The amount of CPU to requests."
+ },
+ {
+ "name": "CPU_LIMIT",
+ "displayName": "CPU limit",
+ "value": "1.0",
+ "required": true,
+ "description": "The amount of CPU the container is limited to use."
+ }
+ ],
+ "objects": [
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {},
+ "status": {
+ "dockerImageRepository": ""
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${BUILD_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${BUILD_SECRET}"
+ }
+ },
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ }
+ ],
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${GIT_REPO}",
+ "ref": "${GIT_REF}"
+ }
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "fis-java-openshift:${BUILDER_VERSION}"
+ },
+ "forcePull": true,
+ "incremental": true,
+ "env": [
+ {
+ "name": "BUILD_LOGLEVEL",
+ "value": "5"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ },
+ {
+ "name": "MAVEN_ARGS",
+ "value": "${MAVEN_ARGS}"
+ },
+ {
+ "name": "MAVEN_ARGS_APPEND",
+ "value": "${MAVEN_ARGS_APPEND}"
+ }
+ ]
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APP_NAME}:latest"
+ }
+ },
+ "resources": {}
+ },
+ "status": {
+ "lastVersion": 0
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "resources": {}
+ },
+ "triggers": [
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APP_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APP_NAME}:latest"
+ }
+ }
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "component": "${APP_NAME}",
+ "deploymentconfig": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ },
+ "template": {
+ "metadata": {
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "deploymentconfig": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "${APP_NAME}",
+ "image": "library/${APP_NAME}:latest",
+ "readinessProbe" : {
+ "httpGet" : {
+ "path" : "/health",
+ "port" : 8081
+ },
+ "initialDelaySeconds" : 10
+ },
+ "livenessProbe" : {
+ "httpGet" : {
+ "path" : "/health",
+ "port" : 8081
+ },
+ "initialDelaySeconds" : 180
+ },
+ "ports": [
+ {
+ "containerPort": 8778,
+ "name": "jolokia"
+ }
+ ],
+ "env" : [ {
+ "name" : "KUBERNETES_NAMESPACE",
+ "valueFrom" : {
+ "fieldRef" : {
+ "fieldPath" : "metadata.namespace"
+ }
+ }
+ } , {
+ "name": "ACTIVEMQ_SERVICE_NAME",
+ "value": "${ACTIVEMQ_SERVICE_NAME}"
+ }, {
+ "name": "ACTIVEMQ_BROKER_USERNAME",
+ "value": "${ACTIVEMQ_BROKER_USERNAME}"
+ }, {
+ "name": "ACTIVEMQ_BROKER_PASSWORD",
+ "value": "${ACTIVEMQ_BROKER_PASSWORD}"
+ } ],
+ "resources": {
+ "requests": {
+ "cpu": "${CPU_REQUEST}"
+ },
+ "limits": {
+ "cpu": "${CPU_LIMIT}"
+ }
+ }
+ }
+ ]
+ }
+ }
+ },
+ "status": {}
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/spring-boot-camel-config-template.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/spring-boot-camel-config-template.json
new file mode 100644
index 000000000..b62e768b6
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/spring-boot-camel-config-template.json
@@ -0,0 +1,327 @@
+{
+ "apiVersion": "v1",
+ "kind": "Template",
+ "metadata": {
+ "annotations": {
+ "description": "Spring Boot and Camel using ConfigMaps and Secrets. This quickstart demonstrates how to configure a Spring-Boot application using OpenShift ConfigMaps and Secrets. This example requires that a ConfigMap named camel-config and a Secret named camel-config are present in the namespace before the application is deployed, instruction about how to manually create them can be found here: https://github.com/fabric8-quickstarts/spring-boot-camel-config/blob/fis-2.0.x.redhat/README.redhat.md ",
+ "tags": "quickstart,java,springboot,fis",
+ "iconClass": "icon-jboss",
+ "version": "2.0"
+ },
+ "name": "s2i-spring-boot-camel-config"
+ },
+ "labels": {
+ "template": "s2i-spring-boot-camel-config"
+ },
+ "parameters": [
+ {
+ "name": "APP_NAME",
+ "displayName": "Application Name",
+ "required": true,
+ "value": "s2i-spring-boot-camel-config",
+ "description": "The name assigned to the application."
+ },
+ {
+ "name": "GIT_REPO",
+ "displayName": "Git Repository URL",
+ "required": true,
+ "value": "https://github.com/fabric8-quickstarts/spring-boot-camel-config.git",
+ "description": "The URL of the repository with your application source code."
+ },
+ {
+ "name": "GIT_REF",
+ "displayName": "Git Reference",
+ "value": "spring-boot-camel-config-1.0.0.redhat-000014",
+ "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch."
+ },
+ {
+ "name": "SERVICE_ACCOUNT_NAME",
+ "displayName": "Service Account",
+ "value": "qs-camel-config",
+ "required": true,
+ "description": "The Service Account that will be used to run the container. It must be already present in Openshift and have the view role."
+ },
+ {
+ "name": "SECRET_NAME",
+ "displayName": "Secret Name",
+ "value": "camel-config",
+ "required": true,
+ "description": "The name of the Openshift Secret that will be used to configure the application. It must be already present in Openshift."
+ },
+ {
+ "name": "CONFIGMAP_NAME",
+ "displayName": "ConfigMap Name",
+ "value": "camel-config",
+ "required": true,
+ "description": "The name of the Openshift ConfigMap that will be used to configure the application. It must be already present in Openshift."
+ },
+ {
+ "name": "BUILDER_VERSION",
+ "displayName": "Builder version",
+ "value": "2.0",
+ "description": "The version of the FIS S2I builder image to use."
+ },
+ {
+ "name": "APP_VERSION",
+ "displayName": "Application Version",
+ "value": "1.0.0.redhat-000014",
+ "description": "The application version."
+ },
+ {
+ "name": "MAVEN_ARGS",
+ "displayName": "Maven Arguments",
+ "value": "package -DskipTests -Dfabric8.skip -e -B",
+ "description": "Arguments passed to mvn in the build."
+ },
+ {
+ "name": "MAVEN_ARGS_APPEND",
+ "displayName": "Extra Maven Arguments",
+ "description": "Extra arguments passed to mvn, e.g. for multi-module builds."
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "displayName": "Maven build directory",
+ "description": "Directory of the artifact to be built, e.g. for multi-module builds."
+ },
+ {
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "displayName": "Image Stream Namespace",
+ "value": "openshift",
+ "required": true,
+ "description": "Namespace in which the Fuse ImageStreams are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project."
+ },
+ {
+ "name": "BUILD_SECRET",
+ "displayName": "Git Build Secret",
+ "generate": "expression",
+ "description": "The secret needed to trigger a build.",
+ "from": "[a-zA-Z0-9]{40}"
+ }
+ ],
+ "objects": [
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {},
+ "status": {
+ "dockerImageRepository": ""
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${BUILD_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${BUILD_SECRET}"
+ }
+ },
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ }
+ ],
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${GIT_REPO}",
+ "ref": "${GIT_REF}"
+ }
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "fis-java-openshift:${BUILDER_VERSION}"
+ },
+ "forcePull": true,
+ "incremental": true,
+ "env": [
+ {
+ "name": "BUILD_LOGLEVEL",
+ "value": "5"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ },
+ {
+ "name": "MAVEN_ARGS",
+ "value": "${MAVEN_ARGS}"
+ },
+ {
+ "name": "MAVEN_ARGS_APPEND",
+ "value": "${MAVEN_ARGS_APPEND}"
+ }
+ ]
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APP_NAME}:latest"
+ }
+ },
+ "resources": {}
+ },
+ "status": {
+ "lastVersion": 0
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "resources": {}
+ },
+ "triggers": [
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APP_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APP_NAME}:latest"
+ }
+ }
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "component": "${APP_NAME}",
+ "deploymentconfig": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ },
+ "template": {
+ "metadata": {
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "deploymentconfig": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "volumes": [
+ {
+ "name": "camel-config",
+ "secret": {
+ "secretName": "${SECRET_NAME}"
+ }
+ }
+ ],
+ "containers": [
+ {
+ "name": "${APP_NAME}",
+ "image": "library/${APP_NAME}:latest",
+ "readinessProbe" : {
+ "httpGet" : {
+ "path" : "/health",
+ "port" : 8081
+ },
+ "initialDelaySeconds" : 10
+ },
+ "livenessProbe" : {
+ "httpGet" : {
+ "path" : "/health",
+ "port" : 8081
+ },
+ "initialDelaySeconds" : 180
+ },
+ "ports": [
+ {
+ "containerPort": 8778,
+ "name": "jolokia"
+ }
+ ],
+ "env" : [ {
+ "name" : "KUBERNETES_NAMESPACE",
+ "valueFrom" : {
+ "fieldRef" : {
+ "fieldPath" : "metadata.namespace"
+ }
+ }
+ }, {
+ "name": "SPRING_CLOUD_KUBERNETES_SECRETS_NAME",
+ "value": "${SECRET_NAME}"
+ }, {
+ "name": "SPRING_CLOUD_KUBERNETES_CONFIG_NAME",
+ "value": "${CONFIGMAP_NAME}"
+ } ],
+ "resources": {},
+ "volumeMounts": [
+ {
+ "name": "camel-config",
+ "readOnly": true,
+ "mountPath": "/etc/secrets/camel-config"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ },
+ "status": {}
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/spring-boot-camel-drools-template.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/spring-boot-camel-drools-template.json
new file mode 100644
index 000000000..91081e493
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/spring-boot-camel-drools-template.json
@@ -0,0 +1,334 @@
+{
+ "apiVersion": "v1",
+ "kind": "Template",
+ "metadata": {
+ "annotations": {
+ "description": "Spring-Boot, Camel and JBoss BRMS QuickStart. This example demonstrates how you can use Apache Camel and JBoss BRMS with Spring Boot on OpenShift. DRL files contain simple rules which are used to create knowledge session via Spring configuration file. Camel routes, defined via Spring as well, are then used to e.g. pass (insert) the Body of the message as a POJO to Drools engine for execution. A Kie Server should be deployed and configured before running the application, more information about how to configure it can be found at https://github.com/fabric8-quickstarts/spring-boot-camel-drools/blob/fis-2.0.x.redhat/README.redhat.md",
+ "tags": "quickstart,java,springboot,fis",
+ "iconClass": "icon-jboss",
+ "version": "2.0"
+ },
+ "name": "s2i-spring-boot-camel-drools"
+ },
+ "labels": {
+ "template": "s2i-spring-boot-camel-drools"
+ },
+ "parameters": [
+ {
+ "name": "APP_NAME",
+ "displayName": "Application Name",
+ "required": true,
+ "value": "s2i-spring-boot-camel-drools",
+ "description": "The name assigned to the application."
+ },
+ {
+ "name": "GIT_REPO",
+ "displayName": "Git Repository URL",
+ "required": true,
+ "value": "https://github.com/fabric8-quickstarts/spring-boot-camel-drools.git",
+ "description": "The URL of the repository with your application source code."
+ },
+ {
+ "name": "GIT_REF",
+ "displayName": "Git Reference",
+ "value": "spring-boot-camel-drools-1.0.0.redhat-000063",
+ "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch."
+ },
+ {
+ "name": "KIESERVER_SERVICE",
+ "displayName": "Decision Server Name",
+ "required": true,
+ "value": "kie-app",
+ "description": "Set this to the name of the Decision Server. You may need to create an instance before."
+ },
+ {
+ "name": "KIESERVER_USERNAME",
+ "displayName": "Decision Server Username",
+ "required": true,
+ "value": "kieserver",
+ "description": "The username used to authenticate with the Decision Server."
+ },
+ {
+ "name": "KIESERVER_PASSWORD",
+ "displayName": "Decision Server Password",
+ "required": true,
+ "description": "The password used to authenticate with the Decision Server."
+ },
+ {
+ "name": "BUILDER_VERSION",
+ "displayName": "Builder version",
+ "value": "2.0",
+ "description": "The version of the FIS S2I builder image to use."
+ },
+ {
+ "name": "APP_VERSION",
+ "displayName": "Application Version",
+ "value": "1.0.0.redhat-000063",
+ "description": "The application version."
+ },
+ {
+ "name": "MAVEN_ARGS",
+ "displayName": "Maven Arguments",
+ "value": "package -DskipTests -Dfabric8.skip -e -B",
+ "description": "Arguments passed to mvn in the build."
+ },
+ {
+ "name": "MAVEN_ARGS_APPEND",
+ "displayName": "Extra Maven Arguments",
+ "description": "Extra arguments passed to mvn, e.g. for multi-module builds."
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "displayName": "Maven build directory",
+ "description": "Directory of the artifact to be built, e.g. for multi-module builds."
+ },
+ {
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "displayName": "Image Stream Namespace",
+ "value": "openshift",
+ "required": true,
+ "description": "Namespace in which the Fuse ImageStreams are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project."
+ },
+ {
+ "name": "BUILD_SECRET",
+ "displayName": "Git Build Secret",
+ "generate": "expression",
+ "description": "The secret needed to trigger a build.",
+ "from": "[a-zA-Z0-9]{40}"
+ },
+ {
+ "name": "CPU_REQUEST",
+ "displayName": "CPU request",
+ "value": "0.2",
+ "required": true,
+ "description": "The amount of CPU to requests."
+ },
+ {
+ "name": "CPU_LIMIT",
+ "displayName": "CPU limit",
+ "value": "1.0",
+ "required": true,
+ "description": "The amount of CPU the container is limited to use."
+ }
+ ],
+ "objects": [
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {},
+ "status": {
+ "dockerImageRepository": ""
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${BUILD_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${BUILD_SECRET}"
+ }
+ },
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ }
+ ],
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${GIT_REPO}",
+ "ref": "${GIT_REF}"
+ }
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "fis-java-openshift:${BUILDER_VERSION}"
+ },
+ "forcePull": true,
+ "incremental": true,
+ "env": [
+ {
+ "name": "BUILD_LOGLEVEL",
+ "value": "5"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ },
+ {
+ "name": "MAVEN_ARGS",
+ "value": "${MAVEN_ARGS}"
+ },
+ {
+ "name": "MAVEN_ARGS_APPEND",
+ "value": "${MAVEN_ARGS_APPEND}"
+ }
+ ]
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APP_NAME}:latest"
+ }
+ },
+ "resources": {}
+ },
+ "status": {
+ "lastVersion": 0
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "resources": {}
+ },
+ "triggers": [
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APP_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APP_NAME}:latest"
+ }
+ }
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "component": "${APP_NAME}",
+ "deploymentconfig": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ },
+ "template": {
+ "metadata": {
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "deploymentconfig": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "${APP_NAME}",
+ "image": "library/${APP_NAME}:latest",
+ "readinessProbe" : {
+ "httpGet" : {
+ "path" : "/health",
+ "port" : 8081
+ },
+ "initialDelaySeconds" : 10
+ },
+ "livenessProbe" : {
+ "httpGet" : {
+ "path" : "/health",
+ "port" : 8081
+ },
+ "initialDelaySeconds" : 180
+ },
+ "ports": [
+ {
+ "containerPort": 8778,
+ "name": "jolokia"
+ }
+ ],
+ "env" : [ {
+ "name" : "KUBERNETES_NAMESPACE",
+ "valueFrom" : {
+ "fieldRef" : {
+ "fieldPath" : "metadata.namespace"
+ }
+ }
+ }, {
+ "name": "KIESERVER_SERVICE",
+ "value": "${KIESERVER_SERVICE}"
+ }, {
+ "name": "KIESERVER_USERNAME",
+ "value": "${KIESERVER_USERNAME}"
+ }, {
+ "name": "KIESERVER_PASSWORD",
+ "value": "${KIESERVER_PASSWORD}"
+ } ],
+ "resources": {
+ "requests": {
+ "cpu": "${CPU_REQUEST}"
+ },
+ "limits": {
+ "cpu": "${CPU_LIMIT}"
+ }
+ }
+ }
+ ]
+ }
+ }
+ },
+ "status": {}
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/spring-boot-camel-infinispan-template.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/spring-boot-camel-infinispan-template.json
new file mode 100644
index 000000000..8d97400ab
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/spring-boot-camel-infinispan-template.json
@@ -0,0 +1,315 @@
+{
+ "apiVersion": "v1",
+ "kind": "Template",
+ "metadata": {
+ "annotations": {
+ "description": "Spring Boot, Camel and JBoss Data Grid QuickStart. This quickstart demonstrates how to connect a Spring-Boot application to a JBoss Data Grid (or Infinispan) server using the Hot Rod protocol. It requires that the data grid server (or cluster) has been deployed first, one simple way to run a JDG service is following the documentation of the JDG xPaaS image for OpenShift related to the datagrid65-basic template.",
+ "tags": "quickstart,java,springboot,fis",
+ "iconClass": "icon-jboss",
+ "version": "2.0"
+ },
+ "name": "s2i-spring-boot-camel-infinispan"
+ },
+ "labels": {
+ "template": "s2i-spring-boot-camel-infinispan"
+ },
+ "parameters": [
+ {
+ "name": "APP_NAME",
+ "displayName": "Application Name",
+ "required": true,
+ "value": "s2i-spring-boot-camel-infinispan",
+ "description": "The name assigned to the application."
+ },
+ {
+ "name": "GIT_REPO",
+ "displayName": "Git Repository URL",
+ "required": true,
+ "value": "https://github.com/fabric8-quickstarts/spring-boot-camel-infinispan.git",
+ "description": "The URL of the repository with your application source code."
+ },
+ {
+ "name": "GIT_REF",
+ "displayName": "Git Reference",
+ "value": "spring-boot-camel-infinispan-1.0.0.redhat-000033",
+ "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch."
+ },
+ {
+ "name": "INFINISPAN_SERVICE",
+ "displayName": "JBoss Data Grid Service (Hot Rod)",
+ "required": true,
+ "value": "datagrid-app-hotrod",
+ "description": "Set this to the name of the Hot Rod service of the JBoss Data Grid. You may need to create the data grid first."
+ },
+ {
+ "name": "BUILDER_VERSION",
+ "displayName": "Builder version",
+ "value": "2.0",
+ "description": "The version of the FIS S2I builder image to use."
+ },
+ {
+ "name": "APP_VERSION",
+ "displayName": "Application Version",
+ "value": "1.0.0.redhat-000033",
+ "description": "The application version."
+ },
+ {
+ "name": "MAVEN_ARGS",
+ "displayName": "Maven Arguments",
+ "value": "package -DskipTests -Dfabric8.skip -e -B",
+ "description": "Arguments passed to mvn in the build."
+ },
+ {
+ "name": "MAVEN_ARGS_APPEND",
+ "displayName": "Extra Maven Arguments",
+ "description": "Extra arguments passed to mvn, e.g. for multi-module builds."
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "displayName": "Maven build directory",
+ "description": "Directory of the artifact to be built, e.g. for multi-module builds."
+ },
+ {
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "displayName": "Image Stream Namespace",
+ "value": "openshift",
+ "required": true,
+ "description": "Namespace in which the Fuse ImageStreams are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project."
+ },
+ {
+ "name": "BUILD_SECRET",
+ "displayName": "Git Build Secret",
+ "generate": "expression",
+ "description": "The secret needed to trigger a build.",
+ "from": "[a-zA-Z0-9]{40}"
+ },
+ {
+ "name": "CPU_REQUEST",
+ "displayName": "CPU request",
+ "value": "0.2",
+ "required": true,
+ "description": "The amount of CPU to requests."
+ },
+ {
+ "name": "CPU_LIMIT",
+ "displayName": "CPU limit",
+ "value": "1.0",
+ "required": true,
+ "description": "The amount of CPU the container is limited to use."
+ }
+ ],
+ "objects": [
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {},
+ "status": {
+ "dockerImageRepository": ""
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${BUILD_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${BUILD_SECRET}"
+ }
+ },
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ }
+ ],
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${GIT_REPO}",
+ "ref": "${GIT_REF}"
+ }
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "fis-java-openshift:${BUILDER_VERSION}"
+ },
+ "forcePull": true,
+ "incremental": true,
+ "env": [
+ {
+ "name": "BUILD_LOGLEVEL",
+ "value": "5"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ },
+ {
+ "name": "MAVEN_ARGS",
+ "value": "${MAVEN_ARGS}"
+ },
+ {
+ "name": "MAVEN_ARGS_APPEND",
+ "value": "${MAVEN_ARGS_APPEND}"
+ }
+ ]
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APP_NAME}:latest"
+ }
+ },
+ "resources": {}
+ },
+ "status": {
+ "lastVersion": 0
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "resources": {}
+ },
+ "triggers": [
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APP_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APP_NAME}:latest"
+ }
+ }
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "component": "${APP_NAME}",
+ "deploymentconfig": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ },
+ "template": {
+ "metadata": {
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "deploymentconfig": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "${APP_NAME}",
+ "image": "library/${APP_NAME}:latest",
+ "readinessProbe" : {
+ "httpGet" : {
+ "path" : "/health",
+ "port" : 8081
+ },
+ "initialDelaySeconds" : 10
+ },
+ "livenessProbe" : {
+ "httpGet" : {
+ "path" : "/health",
+ "port" : 8081
+ },
+ "initialDelaySeconds" : 180
+ },
+ "ports": [
+ {
+ "containerPort": 8778,
+ "name": "jolokia"
+ }
+ ],
+ "env" : [ {
+ "name" : "KUBERNETES_NAMESPACE",
+ "valueFrom" : {
+ "fieldRef" : {
+ "fieldPath" : "metadata.namespace"
+ }
+ }
+ } , {
+ "name": "INFINISPAN_SERVICE",
+ "value": "${INFINISPAN_SERVICE}"
+ } ],
+ "resources": {
+ "requests": {
+ "cpu": "${CPU_REQUEST}"
+ },
+ "limits": {
+ "cpu": "${CPU_LIMIT}"
+ }
+ }
+ }
+ ]
+ }
+ }
+ },
+ "status": {}
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/spring-boot-camel-rest-sql-template.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/spring-boot-camel-rest-sql-template.json
new file mode 100644
index 000000000..bf722844c
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/spring-boot-camel-rest-sql-template.json
@@ -0,0 +1,403 @@
+{
+ "apiVersion": "v1",
+ "kind": "Template",
+ "metadata": {
+ "annotations": {
+ "description": "Spring Boot, Camel REST DSL and MySQL QuickStart. This quickstart demonstrates how to connect a Spring Boot application to a MySQL database and expose a REST API with Camel on OpenShift. In this example we will use two containers, one container to run as a MySQL server, and another as a client to the database, where the Camel routes are running. This quickstart requires the MySQL server to be deployed and started first, one simple way to run a MySQL service is following the documentation of the OpenShift MySQL container image related to the mysql-ephemeral template.",
+ "tags": "quickstart,java,springboot,fis",
+ "iconClass": "icon-jboss",
+ "version": "2.0"
+ },
+ "name": "s2i-spring-boot-camel-rest-sql"
+ },
+ "labels": {
+ "template": "s2i-spring-boot-camel-rest-sql"
+ },
+ "parameters": [
+ {
+ "name": "APP_NAME",
+ "displayName": "Application Name",
+ "required": true,
+ "value": "s2i-spring-boot-camel-rest-sql",
+ "description": "The name assigned to the application."
+ },
+ {
+ "name": "GIT_REPO",
+ "displayName": "Git Repository URL",
+ "required": true,
+ "value": "https://github.com/fabric8-quickstarts/spring-boot-camel-rest-sql.git",
+ "description": "The URL of the repository with your application source code."
+ },
+ {
+ "name": "GIT_REF",
+ "displayName": "Git Reference",
+ "value": "spring-boot-camel-rest-sql-1.0.0.redhat-000064",
+ "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch."
+ },
+ {
+ "name": "SERVICE_NAME",
+ "displayName": "Service Name",
+ "value": "camel-rest-sql",
+ "description": "Exposed service name."
+ },
+ {
+ "name": "MYSQL_SERVICE_NAME",
+ "displayName": "MySQL Server Service",
+ "required": true,
+ "value": "mysql",
+ "description": "Set this to the name of the TCP service of the MySQL server. You may need to create a server first."
+ },
+ {
+ "name": "MYSQL_SERVICE_DATABASE",
+ "displayName": "MySQL Server Database",
+ "value": "sampledb",
+ "description": "The database hosted by the MySQL server to be used by the application."
+ },
+ {
+ "name": "MYSQL_SERVICE_USERNAME",
+ "displayName": "MySQL Server Username",
+ "description": "The username used to authenticate with the MySQL server. Leave it empty if authentication is disabled."
+ },
+ {
+ "name": "MYSQL_SERVICE_PASSWORD",
+ "displayName": "MySQL Server Password",
+ "description": "The password used to authenticate with the MySQL server. Leave it empty if authentication is disabled."
+ },
+ {
+ "name": "BUILDER_VERSION",
+ "displayName": "Builder version",
+ "value": "2.0",
+ "description": "The version of the FIS S2I builder image to use."
+ },
+ {
+ "name": "APP_VERSION",
+ "displayName": "Application Version",
+ "value": "1.0.0.redhat-000064",
+ "description": "The application version."
+ },
+ {
+ "name": "MAVEN_ARGS",
+ "displayName": "Maven Arguments",
+ "value": "package -DskipTests -Dfabric8.skip -e -B",
+ "description": "Arguments passed to mvn in the build."
+ },
+ {
+ "name": "MAVEN_ARGS_APPEND",
+ "displayName": "Extra Maven Arguments",
+ "description": "Extra arguments passed to mvn, e.g. for multi-module builds."
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "displayName": "Maven build directory",
+ "description": "Directory of the artifact to be built, e.g. for multi-module builds."
+ },
+ {
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "displayName": "Image Stream Namespace",
+ "value": "openshift",
+ "required": true,
+ "description": "Namespace in which the Fuse ImageStreams are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project."
+ },
+ {
+ "name": "BUILD_SECRET",
+ "displayName": "Git Build Secret",
+ "generate": "expression",
+ "description": "The secret needed to trigger a build.",
+ "from": "[a-zA-Z0-9]{40}"
+ },
+ {
+ "name": "CPU_REQUEST",
+ "displayName": "CPU request",
+ "value": "0.2",
+ "required": true,
+ "description": "The amount of CPU to requests."
+ },
+ {
+ "name": "CPU_LIMIT",
+ "displayName": "CPU limit",
+ "value": "1.0",
+ "required": true,
+ "description": "The amount of CPU the container is limited to use."
+ }
+ ],
+ "objects": [
+ {
+ "apiVersion": "v1",
+ "kind": "Route",
+ "metadata": {
+ "labels": {
+ "component": "${APP_NAME}",
+ "provider": "s2i",
+ "project": "${APP_NAME}",
+ "version": "${APP_VERSION}",
+ "group": "quickstarts"
+ },
+ "name": "${SERVICE_NAME}-route"
+ },
+ "spec": {
+ "to": {
+ "kind": "Service",
+ "name": "${SERVICE_NAME}"
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "Service",
+ "metadata": {
+ "annotations": {
+ },
+ "labels": {
+ "component": "${APP_NAME}",
+ "provider": "s2i",
+ "project": "${APP_NAME}",
+ "version": "${APP_VERSION}",
+ "group": "quickstarts"
+ },
+ "name": "${SERVICE_NAME}"
+ },
+ "spec": {
+ "clusterIP": "None",
+ "deprecatedPublicIPs": [],
+ "ports": [
+ {
+ "port": 9411,
+ "protocol": "TCP",
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "project": "${APP_NAME}",
+ "component": "${APP_NAME}",
+ "provider": "s2i",
+ "group": "quickstarts"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {},
+ "status": {
+ "dockerImageRepository": ""
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${BUILD_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${BUILD_SECRET}"
+ }
+ },
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ }
+ ],
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${GIT_REPO}",
+ "ref": "${GIT_REF}"
+ }
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "fis-java-openshift:${BUILDER_VERSION}"
+ },
+ "forcePull": true,
+ "incremental": true,
+ "env": [
+ {
+ "name": "BUILD_LOGLEVEL",
+ "value": "5"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ },
+ {
+ "name": "MAVEN_ARGS",
+ "value": "${MAVEN_ARGS}"
+ },
+ {
+ "name": "MAVEN_ARGS_APPEND",
+ "value": "${MAVEN_ARGS_APPEND}"
+ }
+ ]
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APP_NAME}:latest"
+ }
+ },
+ "resources": {}
+ },
+ "status": {
+ "lastVersion": 0
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "resources": {}
+ },
+ "triggers": [
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APP_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APP_NAME}:latest"
+ }
+ }
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "component": "${APP_NAME}",
+ "deploymentconfig": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ },
+ "template": {
+ "metadata": {
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "deploymentconfig": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "${APP_NAME}",
+ "image": "library/${APP_NAME}:latest",
+ "readinessProbe" : {
+ "httpGet" : {
+ "path" : "/health",
+ "port" : 8081
+ },
+ "initialDelaySeconds" : 10
+ },
+ "livenessProbe" : {
+ "httpGet" : {
+ "path" : "/health",
+ "port" : 8081
+ },
+ "initialDelaySeconds" : 180
+ },
+ "ports": [
+ {
+ "containerPort": 8080,
+ "name": "http"
+ },
+ {
+ "containerPort": 8778,
+ "name": "jolokia"
+ }
+ ],
+ "env" : [ {
+ "name" : "KUBERNETES_NAMESPACE",
+ "valueFrom" : {
+ "fieldRef" : {
+ "fieldPath" : "metadata.namespace"
+ }
+ }
+ } , {
+ "name": "MYSQL_SERVICE_NAME",
+ "value": "${MYSQL_SERVICE_NAME}"
+ }, {
+ "name": "MYSQL_SERVICE_DATABASE",
+ "value": "${MYSQL_SERVICE_DATABASE}"
+ }, {
+ "name": "MYSQL_SERVICE_USERNAME",
+ "value": "${MYSQL_SERVICE_USERNAME}"
+ }, {
+ "name": "MYSQL_SERVICE_PASSWORD",
+ "value": "${MYSQL_SERVICE_PASSWORD}"
+ } ],
+ "resources": {
+ "requests": {
+ "cpu": "${CPU_REQUEST}"
+ },
+ "limits": {
+ "cpu": "${CPU_LIMIT}"
+ }
+ }
+ }
+ ]
+ }
+ }
+ },
+ "status": {}
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/spring-boot-camel-teiid-template.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/spring-boot-camel-teiid-template.json
new file mode 100644
index 000000000..856264615
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/spring-boot-camel-teiid-template.json
@@ -0,0 +1,343 @@
+{
+ "apiVersion": "v1",
+ "kind": "Template",
+ "metadata": {
+ "annotations": {
+ "description": "Spring-Boot, Camel and JBoss Data Virtualization QuickStart. This example demonstrates how to connect Apache Camel to a remote JBoss Data Virtualization (or Teiid) Server using the JDBC protocol. This quickstart assumes that the JDV server is already running and configured on OpenShift, more information about to setup a JDV server can be found at https://github.com/fabric8-quickstarts/spring-boot-camel-teiid/blob/fis-2.0.x.redhat/README.redhat.md",
+ "tags": "quickstart,java,springboot,fis",
+ "iconClass": "icon-jboss",
+ "version": "2.0"
+ },
+ "name": "s2i-spring-boot-camel-teiid"
+ },
+ "labels": {
+ "template": "s2i-spring-boot-camel-teiid"
+ },
+ "parameters": [
+ {
+ "name": "APP_NAME",
+ "displayName": "Application Name",
+ "required": true,
+ "value": "s2i-spring-boot-camel-teiid",
+ "description": "The name assigned to the application."
+ },
+ {
+ "name": "GIT_REPO",
+ "displayName": "Git Repository URL",
+ "required": true,
+ "value": "https://github.com/fabric8-quickstarts/spring-boot-camel-teiid.git",
+ "description": "The URL of the repository with your application source code."
+ },
+ {
+ "name": "GIT_REF",
+ "displayName": "Git Reference",
+ "value": "spring-boot-camel-teiid-1.0.0.redhat-000062",
+ "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch."
+ },
+ {
+ "name": "TEIID_SERVICE_NAME",
+ "displayName": "JDV Server Name",
+ "required": true,
+ "value": "datavirt-app",
+ "description": "Set this to the name of the JDV Server. You may need to create an instance before."
+ },
+ {
+ "name": "TEIID_PORT_NAME",
+ "displayName": "JDV Port Name",
+ "value": "jdbc",
+ "description": "Set this to the name of the JDV port to use. Set this value if the JDV service contains multiple named ports."
+ },
+ {
+ "name": "TEIID_USERNAME",
+ "displayName": "JDV Server Username",
+ "required": true,
+ "description": "The username used to authenticate with the JDV Server."
+ },
+ {
+ "name": "TEIID_PASSWORD",
+ "displayName": "JDV Server Password",
+ "required": true,
+ "description": "The password used to authenticate with the JDV Server."
+ },
+ {
+ "name": "BUILDER_VERSION",
+ "displayName": "Builder version",
+ "value": "2.0",
+ "description": "The version of the FIS S2I builder image to use."
+ },
+ {
+ "name": "APP_VERSION",
+ "displayName": "Application Version",
+ "value": "1.0.0.redhat-000062",
+ "description": "The application version."
+ },
+ {
+ "name": "MAVEN_ARGS",
+ "displayName": "Maven Arguments",
+ "value": "package -DskipTests -Dfabric8.skip -e -B",
+ "description": "Arguments passed to mvn in the build."
+ },
+ {
+ "name": "MAVEN_ARGS_APPEND",
+ "displayName": "Extra Maven Arguments",
+ "description": "Extra arguments passed to mvn, e.g. for multi-module builds."
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "displayName": "Maven build directory",
+ "description": "Directory of the artifact to be built, e.g. for multi-module builds."
+ },
+ {
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "displayName": "Image Stream Namespace",
+ "value": "openshift",
+ "required": true,
+ "description": "Namespace in which the Fuse ImageStreams are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project."
+ },
+ {
+ "name": "BUILD_SECRET",
+ "displayName": "Git Build Secret",
+ "generate": "expression",
+ "description": "The secret needed to trigger a build.",
+ "from": "[a-zA-Z0-9]{40}"
+ },
+ {
+ "name": "CPU_REQUEST",
+ "displayName": "CPU request",
+ "value": "0.2",
+ "required": true,
+ "description": "The amount of CPU to requests."
+ },
+ {
+ "name": "CPU_LIMIT",
+ "displayName": "CPU limit",
+ "value": "1.0",
+ "required": true,
+ "description": "The amount of CPU the container is limited to use."
+ }
+ ],
+ "objects": [
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {},
+ "status": {
+ "dockerImageRepository": ""
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${BUILD_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${BUILD_SECRET}"
+ }
+ },
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ }
+ ],
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${GIT_REPO}",
+ "ref": "${GIT_REF}"
+ }
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "fis-java-openshift:${BUILDER_VERSION}"
+ },
+ "forcePull": true,
+ "incremental": true,
+ "env": [
+ {
+ "name": "BUILD_LOGLEVEL",
+ "value": "5"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ },
+ {
+ "name": "MAVEN_ARGS",
+ "value": "${MAVEN_ARGS}"
+ },
+ {
+ "name": "MAVEN_ARGS_APPEND",
+ "value": "${MAVEN_ARGS_APPEND}"
+ }
+ ]
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APP_NAME}:latest"
+ }
+ },
+ "resources": {}
+ },
+ "status": {
+ "lastVersion": 0
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "resources": {}
+ },
+ "triggers": [
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APP_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APP_NAME}:latest"
+ }
+ }
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "component": "${APP_NAME}",
+ "deploymentconfig": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ },
+ "template": {
+ "metadata": {
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "deploymentconfig": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "${APP_NAME}",
+ "image": "library/${APP_NAME}:latest",
+ "readinessProbe" : {
+ "httpGet" : {
+ "path" : "/health",
+ "port" : 8081
+ },
+ "initialDelaySeconds" : 10
+ },
+ "livenessProbe" : {
+ "httpGet" : {
+ "path" : "/health",
+ "port" : 8081
+ },
+ "initialDelaySeconds" : 180
+ },
+ "ports": [
+ {
+ "containerPort": 8778,
+ "name": "jolokia"
+ }
+ ],
+ "env" : [
+ {
+ "name" : "KUBERNETES_NAMESPACE",
+ "valueFrom" : {
+ "fieldRef" : {
+ "fieldPath" : "metadata.namespace"
+ }
+ }
+ }, {
+ "name": "TEIID_SERVICE_NAME",
+ "value": "${TEIID_SERVICE_NAME}"
+ }, {
+ "name": "TEIID_PORT_NAME",
+ "value": "${TEIID_PORT_NAME}"
+ }, {
+ "name": "TEIID_USERNAME",
+ "value": "${TEIID_USERNAME}"
+ }, {
+ "name": "TEIID_PASSWORD",
+ "value": "${TEIID_PASSWORD}"
+ }],
+ "resources": {
+ "requests": {
+ "cpu": "${CPU_REQUEST}"
+ },
+ "limits": {
+ "cpu": "${CPU_LIMIT}"
+ }
+ }
+ }
+ ]
+ }
+ }
+ },
+ "status": {}
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/spring-boot-camel-template.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/spring-boot-camel-template.json
new file mode 100644
index 000000000..9c0fe287e
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/spring-boot-camel-template.json
@@ -0,0 +1,305 @@
+{
+ "apiVersion": "v1",
+ "kind": "Template",
+ "metadata": {
+ "annotations": {
+ "description": "Spring-Boot and Camel QuickStart. This example demonstrates how you can use Apache Camel with Spring Boot on Openshift. The quickstart uses Spring Boot to configure a little application that includes a Camel route that triggeres a message every 5th second, and routes the message to a log.",
+ "tags": "quickstart,java,springboot,fis",
+ "iconClass": "icon-jboss",
+ "version": "2.0"
+ },
+ "name": "s2i-spring-boot-camel"
+ },
+ "labels": {
+ "template": "s2i-spring-boot-camel"
+ },
+ "parameters": [
+ {
+ "name": "APP_NAME",
+ "displayName": "Application Name",
+ "required": true,
+ "value": "s2i-spring-boot-camel",
+ "description": "The name assigned to the application."
+ },
+ {
+ "name": "GIT_REPO",
+ "displayName": "Git Repository URL",
+ "required": true,
+ "value": "https://github.com/fabric8-quickstarts/spring-boot-camel.git",
+ "description": "The URL of the repository with your application source code."
+ },
+ {
+ "name": "GIT_REF",
+ "displayName": "Git Reference",
+ "value": "spring-boot-camel-1.0.0.redhat-000064",
+ "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch."
+ },
+ {
+ "name": "BUILDER_VERSION",
+ "displayName": "Builder version",
+ "value": "2.0",
+ "description": "The version of the FIS S2I builder image to use."
+ },
+ {
+ "name": "APP_VERSION",
+ "displayName": "Application Version",
+ "value": "1.0.0.redhat-000064",
+ "description": "The application version."
+ },
+ {
+ "name": "MAVEN_ARGS",
+ "displayName": "Maven Arguments",
+ "value": "package -DskipTests -Dfabric8.skip -e -B",
+ "description": "Arguments passed to mvn in the build."
+ },
+ {
+ "name": "MAVEN_ARGS_APPEND",
+ "displayName": "Extra Maven Arguments",
+ "description": "Extra arguments passed to mvn, e.g. for multi-module builds."
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "displayName": "Maven build directory",
+ "description": "Directory of the artifact to be built, e.g. for multi-module builds."
+ },
+ {
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "displayName": "Image Stream Namespace",
+ "value": "openshift",
+ "required": true,
+ "description": "Namespace in which the Fuse ImageStreams are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project."
+ },
+ {
+ "name": "BUILD_SECRET",
+ "displayName": "Git Build Secret",
+ "generate": "expression",
+ "description": "The secret needed to trigger a build.",
+ "from": "[a-zA-Z0-9]{40}"
+ },
+ {
+ "name": "CPU_REQUEST",
+ "displayName": "CPU request",
+ "value": "0.2",
+ "required": true,
+ "description": "The amount of CPU to requests."
+ },
+ {
+ "name": "CPU_LIMIT",
+ "displayName": "CPU limit",
+ "value": "1.0",
+ "required": true,
+ "description": "The amount of CPU the container is limited to use."
+ }
+ ],
+ "objects": [
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {},
+ "status": {
+ "dockerImageRepository": ""
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${BUILD_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${BUILD_SECRET}"
+ }
+ },
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ }
+ ],
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${GIT_REPO}",
+ "ref": "${GIT_REF}"
+ }
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "fis-java-openshift:${BUILDER_VERSION}"
+ },
+ "forcePull": true,
+ "incremental": true,
+ "env": [
+ {
+ "name": "BUILD_LOGLEVEL",
+ "value": "5"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ },
+ {
+ "name": "MAVEN_ARGS",
+ "value": "${MAVEN_ARGS}"
+ },
+ {
+ "name": "MAVEN_ARGS_APPEND",
+ "value": "${MAVEN_ARGS_APPEND}"
+ }
+ ]
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APP_NAME}:latest"
+ }
+ },
+ "resources": {}
+ },
+ "status": {
+ "lastVersion": 0
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "resources": {}
+ },
+ "triggers": [
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APP_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APP_NAME}:latest"
+ }
+ }
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "component": "${APP_NAME}",
+ "deploymentconfig": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ },
+ "template": {
+ "metadata": {
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "deploymentconfig": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "${APP_NAME}",
+ "image": "library/${APP_NAME}:latest",
+ "readinessProbe" : {
+ "httpGet" : {
+ "path" : "/health",
+ "port" : 8081
+ },
+ "initialDelaySeconds" : 10
+ },
+ "livenessProbe" : {
+ "httpGet" : {
+ "path" : "/health",
+ "port" : 8081
+ },
+ "initialDelaySeconds" : 180
+ },
+ "ports": [
+ {
+ "containerPort": 8778,
+ "name": "jolokia"
+ }
+ ],
+ "env" : [ {
+ "name" : "KUBERNETES_NAMESPACE",
+ "valueFrom" : {
+ "fieldRef" : {
+ "fieldPath" : "metadata.namespace"
+ }
+ }
+ } ],
+ "resources": {
+ "requests": {
+ "cpu": "${CPU_REQUEST}"
+ },
+ "limits": {
+ "cpu": "${CPU_LIMIT}"
+ }
+ }
+ }
+ ]
+ }
+ }
+ },
+ "status": {}
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/spring-boot-camel-xml-template.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/spring-boot-camel-xml-template.json
new file mode 100644
index 000000000..87c0e347a
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/spring-boot-camel-xml-template.json
@@ -0,0 +1,305 @@
+{
+ "apiVersion": "v1",
+ "kind": "Template",
+ "metadata": {
+ "annotations": {
+ "description": "Spring-Boot and Camel Xml QuickStart. This example demonstrates how you can use Apache Camel with Spring Boot on Openshift. The quickstart uses Spring Boot to configure a little application that includes a Camel route (in Spring xml) that triggeres a message every 5th second, and routes the message to a log.",
+ "tags": "quickstart,java,springboot,fis",
+ "iconClass": "icon-jboss",
+ "version": "2.0"
+ },
+ "name": "s2i-spring-boot-camel-xml"
+ },
+ "labels": {
+ "template": "s2i-spring-boot-camel-xml"
+ },
+ "parameters": [
+ {
+ "name": "APP_NAME",
+ "displayName": "Application Name",
+ "required": true,
+ "value": "s2i-spring-boot-camel-xml",
+ "description": "The name assigned to the application."
+ },
+ {
+ "name": "GIT_REPO",
+ "displayName": "Git Repository URL",
+ "required": true,
+ "value": "https://github.com/fabric8-quickstarts/spring-boot-camel-xml.git",
+ "description": "The URL of the repository with your application source code."
+ },
+ {
+ "name": "GIT_REF",
+ "displayName": "Git Reference",
+ "value": "spring-boot-camel-xml-1.0.0.redhat-000064",
+ "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch."
+ },
+ {
+ "name": "BUILDER_VERSION",
+ "displayName": "Builder version",
+ "value": "2.0",
+ "description": "The version of the FIS S2I builder image to use."
+ },
+ {
+ "name": "APP_VERSION",
+ "displayName": "Application Version",
+ "value": "1.0.0.redhat-000064",
+ "description": "The application version."
+ },
+ {
+ "name": "MAVEN_ARGS",
+ "displayName": "Maven Arguments",
+ "value": "package -DskipTests -Dfabric8.skip -e -B",
+ "description": "Arguments passed to mvn in the build."
+ },
+ {
+ "name": "MAVEN_ARGS_APPEND",
+ "displayName": "Extra Maven Arguments",
+ "description": "Extra arguments passed to mvn, e.g. for multi-module builds."
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "displayName": "Maven build directory",
+ "description": "Directory of the artifact to be built, e.g. for multi-module builds."
+ },
+ {
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "displayName": "Image Stream Namespace",
+ "value": "openshift",
+ "required": true,
+ "description": "Namespace in which the Fuse ImageStreams are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project."
+ },
+ {
+ "name": "BUILD_SECRET",
+ "displayName": "Git Build Secret",
+ "generate": "expression",
+ "description": "The secret needed to trigger a build.",
+ "from": "[a-zA-Z0-9]{40}"
+ },
+ {
+ "name": "CPU_REQUEST",
+ "displayName": "CPU request",
+ "value": "0.2",
+ "required": true,
+ "description": "The amount of CPU to requests."
+ },
+ {
+ "name": "CPU_LIMIT",
+ "displayName": "CPU limit",
+ "value": "1.0",
+ "required": true,
+ "description": "The amount of CPU the container is limited to use."
+ }
+ ],
+ "objects": [
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {},
+ "status": {
+ "dockerImageRepository": ""
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${BUILD_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${BUILD_SECRET}"
+ }
+ },
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ }
+ ],
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${GIT_REPO}",
+ "ref": "${GIT_REF}"
+ }
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "fis-java-openshift:${BUILDER_VERSION}"
+ },
+ "forcePull": true,
+ "incremental": true,
+ "env": [
+ {
+ "name": "BUILD_LOGLEVEL",
+ "value": "5"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ },
+ {
+ "name": "MAVEN_ARGS",
+ "value": "${MAVEN_ARGS}"
+ },
+ {
+ "name": "MAVEN_ARGS_APPEND",
+ "value": "${MAVEN_ARGS_APPEND}"
+ }
+ ]
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APP_NAME}:latest"
+ }
+ },
+ "resources": {}
+ },
+ "status": {
+ "lastVersion": 0
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "resources": {}
+ },
+ "triggers": [
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APP_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APP_NAME}:latest"
+ }
+ }
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "component": "${APP_NAME}",
+ "deploymentconfig": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ },
+ "template": {
+ "metadata": {
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "deploymentconfig": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "${APP_NAME}",
+ "image": "library/${APP_NAME}:latest",
+ "readinessProbe" : {
+ "httpGet" : {
+ "path" : "/health",
+ "port" : 8081
+ },
+ "initialDelaySeconds" : 10
+ },
+ "livenessProbe" : {
+ "httpGet" : {
+ "path" : "/health",
+ "port" : 8081
+ },
+ "initialDelaySeconds" : 180
+ },
+ "ports": [
+ {
+ "containerPort": 8778,
+ "name": "jolokia"
+ }
+ ],
+ "env" : [ {
+ "name" : "KUBERNETES_NAMESPACE",
+ "valueFrom" : {
+ "fieldRef" : {
+ "fieldPath" : "metadata.namespace"
+ }
+ }
+ } ],
+ "resources": {
+ "requests": {
+ "cpu": "${CPU_REQUEST}"
+ },
+ "limits": {
+ "cpu": "${CPU_LIMIT}"
+ }
+ }
+ }
+ ]
+ }
+ }
+ },
+ "status": {}
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/spring-boot-cxf-jaxrs-template.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/spring-boot-cxf-jaxrs-template.json
new file mode 100644
index 000000000..8b0261035
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/spring-boot-cxf-jaxrs-template.json
@@ -0,0 +1,364 @@
+{
+ "apiVersion": "v1",
+ "kind": "Template",
+ "metadata": {
+ "annotations": {
+ "description": "Spring-Boot and CXF JAXRS QuickStart. This example demonstrates how you can use Apache CXF JAXRS with Spring Boot on Openshift. The quickstart uses Spring Boot to configure a little application that includes a CXF JAXRS endpoint with Swagger enabled.",
+ "tags": "quickstart,java,springboot,fis",
+ "iconClass": "icon-jboss",
+ "version": "2.0"
+ },
+ "name": "s2i-spring-boot-cxf-jaxrs"
+ },
+ "labels": {
+ "template": "s2i-spring-boot-cxf-jaxrs"
+ },
+ "parameters": [
+ {
+ "name": "APP_NAME",
+ "displayName": "Application Name",
+ "required": true,
+ "value": "s2i-spring-boot-cxf-jaxrs",
+ "description": "The name assigned to the application."
+ },
+ {
+ "name": "GIT_REPO",
+ "displayName": "Git Repository URL",
+ "required": true,
+ "value": "https://github.com/fabric8-quickstarts/spring-boot-cxf-jaxrs.git",
+ "description": "The URL of the repository with your application source code."
+ },
+ {
+ "name": "GIT_REF",
+ "displayName": "Git Reference",
+ "value": "spring-boot-cxf-jaxrs-1.0.0.redhat-000014",
+ "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch."
+ },
+ {
+ "name": "SERVICE_NAME",
+ "displayName": "Service Name",
+ "value": "cxf-jaxrs",
+ "description": "Exposed service name."
+ },
+ {
+ "name": "BUILDER_VERSION",
+ "displayName": "Builder version",
+ "value": "2.0",
+ "description": "The version of the FIS S2I builder image to use."
+ },
+ {
+ "name": "APP_VERSION",
+ "displayName": "Application Version",
+ "value": "1.0.0.redhat-000014",
+ "description": "The application version."
+ },
+ {
+ "name": "MAVEN_ARGS",
+ "displayName": "Maven Arguments",
+ "value": "package -DskipTests -Dfabric8.skip -e -B",
+ "description": "Arguments passed to mvn in the build."
+ },
+ {
+ "name": "MAVEN_ARGS_APPEND",
+ "displayName": "Extra Maven Arguments",
+ "description": "Extra arguments passed to mvn, e.g. for multi-module builds."
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "displayName": "Maven build directory",
+ "description": "Directory of the artifact to be built, e.g. for multi-module builds."
+ },
+ {
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "displayName": "Image Stream Namespace",
+ "value": "openshift",
+ "required": true,
+ "description": "Namespace in which the Fuse ImageStreams are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project."
+ },
+ {
+ "name": "BUILD_SECRET",
+ "displayName": "Git Build Secret",
+ "generate": "expression",
+ "description": "The secret needed to trigger a build.",
+ "from": "[a-zA-Z0-9]{40}"
+ },
+ {
+ "name": "CPU_REQUEST",
+ "displayName": "CPU request",
+ "value": "0.2",
+ "required": true,
+ "description": "The amount of CPU to requests."
+ },
+ {
+ "name": "CPU_LIMIT",
+ "displayName": "CPU limit",
+ "value": "1.0",
+ "required": true,
+ "description": "The amount of CPU the container is limited to use."
+ }
+ ],
+ "objects": [
+ {
+ "apiVersion": "v1",
+ "kind": "Route",
+ "metadata": {
+ "labels": {
+ "component": "${APP_NAME}",
+ "provider": "s2i",
+ "project": "${APP_NAME}",
+ "version": "${APP_VERSION}",
+ "group": "quickstarts"
+ },
+ "name": "${SERVICE_NAME}-route"
+ },
+ "spec": {
+ "to": {
+ "kind": "Service",
+ "name": "${SERVICE_NAME}"
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "Service",
+ "metadata": {
+ "annotations": {
+ },
+ "labels": {
+ "component": "${APP_NAME}",
+ "provider": "s2i",
+ "project": "${APP_NAME}",
+ "version": "${APP_VERSION}",
+ "group": "quickstarts"
+ },
+ "name": "${SERVICE_NAME}"
+ },
+ "spec": {
+ "clusterIP": "None",
+ "deprecatedPublicIPs": [],
+ "ports": [
+ {
+ "port": 9413,
+ "protocol": "TCP",
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "project": "${APP_NAME}",
+ "component": "${APP_NAME}",
+ "provider": "s2i",
+ "group": "quickstarts"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {},
+ "status": {
+ "dockerImageRepository": ""
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${BUILD_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${BUILD_SECRET}"
+ }
+ },
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ }
+ ],
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${GIT_REPO}",
+ "ref": "${GIT_REF}"
+ }
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "fis-java-openshift:${BUILDER_VERSION}"
+ },
+ "forcePull": true,
+ "incremental": true,
+ "env": [
+ {
+ "name": "BUILD_LOGLEVEL",
+ "value": "5"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ },
+ {
+ "name": "MAVEN_ARGS",
+ "value": "${MAVEN_ARGS}"
+ },
+ {
+ "name": "MAVEN_ARGS_APPEND",
+ "value": "${MAVEN_ARGS_APPEND}"
+ }
+ ]
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APP_NAME}:latest"
+ }
+ },
+ "resources": {}
+ },
+ "status": {
+ "lastVersion": 0
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "resources": {}
+ },
+ "triggers": [
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APP_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APP_NAME}:latest"
+ }
+ }
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "component": "${APP_NAME}",
+ "deploymentconfig": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ },
+ "template": {
+ "metadata": {
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "deploymentconfig": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "${APP_NAME}",
+ "image": "library/${APP_NAME}:latest",
+ "readinessProbe" : {
+ "httpGet" : {
+ "path" : "/health",
+ "port" : 8081
+ },
+ "initialDelaySeconds" : 10
+ },
+ "livenessProbe" : {
+ "httpGet" : {
+ "path" : "/health",
+ "port" : 8081
+ },
+ "initialDelaySeconds" : 180
+ },
+ "ports": [
+ {
+ "containerPort": 8778,
+ "name": "jolokia"
+ }
+ ],
+ "env" : [ {
+ "name" : "KUBERNETES_NAMESPACE",
+ "valueFrom" : {
+ "fieldRef" : {
+ "fieldPath" : "metadata.namespace"
+ }
+ }
+ } ],
+ "resources": {
+ "requests": {
+ "cpu": "${CPU_REQUEST}"
+ },
+ "limits": {
+ "cpu": "${CPU_LIMIT}"
+ }
+ }
+ }
+ ]
+ }
+ }
+ },
+ "status": {}
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/spring-boot-cxf-jaxws-template.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/spring-boot-cxf-jaxws-template.json
new file mode 100644
index 000000000..8b36f5f0b
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/spring-boot-cxf-jaxws-template.json
@@ -0,0 +1,364 @@
+{
+ "apiVersion": "v1",
+ "kind": "Template",
+ "metadata": {
+ "annotations": {
+ "description": "Spring-Boot and CXF JAXWS QuickStart. This example demonstrates how you can use Apache CXF JAXWS with Spring Boot on Openshift. The quickstart uses Spring Boot to configure a little application that includes a CXF JAXWS endpoint.",
+ "tags": "quickstart,java,springboot,fis",
+ "iconClass": "icon-jboss",
+ "version": "2.0"
+ },
+ "name": "s2i-spring-boot-cxf-jaxws"
+ },
+ "labels": {
+ "template": "s2i-spring-boot-cxf-jaxws"
+ },
+ "parameters": [
+ {
+ "name": "APP_NAME",
+ "displayName": "Application Name",
+ "required": true,
+ "value": "s2i-spring-boot-cxf-jaxws",
+ "description": "The name assigned to the application."
+ },
+ {
+ "name": "GIT_REPO",
+ "displayName": "Git Repository URL",
+ "required": true,
+ "value": "https://github.com/fabric8-quickstarts/spring-boot-cxf-jaxws.git",
+ "description": "The URL of the repository with your application source code."
+ },
+ {
+ "name": "GIT_REF",
+ "displayName": "Git Reference",
+ "value": "spring-boot-cxf-jaxws-1.0.0.redhat-000014",
+ "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch."
+ },
+ {
+ "name": "SERVICE_NAME",
+ "displayName": "Service Name",
+ "value": "cxf-jaxws",
+ "description": "Exposed service name."
+ },
+ {
+ "name": "BUILDER_VERSION",
+ "displayName": "Builder version",
+ "value": "2.0",
+ "description": "The version of the FIS S2I builder image to use."
+ },
+ {
+ "name": "APP_VERSION",
+ "displayName": "Application Version",
+ "value": "1.0.0.redhat-000014",
+ "description": "The application version."
+ },
+ {
+ "name": "MAVEN_ARGS",
+ "displayName": "Maven Arguments",
+ "value": "package -DskipTests -Dfabric8.skip -e -B",
+ "description": "Arguments passed to mvn in the build."
+ },
+ {
+ "name": "MAVEN_ARGS_APPEND",
+ "displayName": "Extra Maven Arguments",
+ "description": "Extra arguments passed to mvn, e.g. for multi-module builds."
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "displayName": "Maven build directory",
+ "description": "Directory of the artifact to be built, e.g. for multi-module builds."
+ },
+ {
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "displayName": "Image Stream Namespace",
+ "value": "openshift",
+ "required": true,
+ "description": "Namespace in which the Fuse ImageStreams are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project."
+ },
+ {
+ "name": "BUILD_SECRET",
+ "displayName": "Git Build Secret",
+ "generate": "expression",
+ "description": "The secret needed to trigger a build.",
+ "from": "[a-zA-Z0-9]{40}"
+ },
+ {
+ "name": "CPU_REQUEST",
+ "displayName": "CPU request",
+ "value": "0.2",
+ "required": true,
+ "description": "The amount of CPU to requests."
+ },
+ {
+ "name": "CPU_LIMIT",
+ "displayName": "CPU limit",
+ "value": "1.0",
+ "required": true,
+ "description": "The amount of CPU the container is limited to use."
+ }
+ ],
+ "objects": [
+ {
+ "apiVersion": "v1",
+ "kind": "Route",
+ "metadata": {
+ "labels": {
+ "component": "${APP_NAME}",
+ "provider": "s2i",
+ "project": "${APP_NAME}",
+ "version": "${APP_VERSION}",
+ "group": "quickstarts"
+ },
+ "name": "${SERVICE_NAME}-route"
+ },
+ "spec": {
+ "to": {
+ "kind": "Service",
+ "name": "${SERVICE_NAME}"
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "Service",
+ "metadata": {
+ "annotations": {
+ },
+ "labels": {
+ "component": "${APP_NAME}",
+ "provider": "s2i",
+ "project": "${APP_NAME}",
+ "version": "${APP_VERSION}",
+ "group": "quickstarts"
+ },
+ "name": "${SERVICE_NAME}"
+ },
+ "spec": {
+ "clusterIP": "None",
+ "deprecatedPublicIPs": [],
+ "ports": [
+ {
+ "port": 9414,
+ "protocol": "TCP",
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "project": "${APP_NAME}",
+ "component": "${APP_NAME}",
+ "provider": "s2i",
+ "group": "quickstarts"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {},
+ "status": {
+ "dockerImageRepository": ""
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${BUILD_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${BUILD_SECRET}"
+ }
+ },
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ }
+ ],
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${GIT_REPO}",
+ "ref": "${GIT_REF}"
+ }
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "fis-java-openshift:${BUILDER_VERSION}"
+ },
+ "forcePull": true,
+ "incremental": true,
+ "env": [
+ {
+ "name": "BUILD_LOGLEVEL",
+ "value": "5"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ },
+ {
+ "name": "MAVEN_ARGS",
+ "value": "${MAVEN_ARGS}"
+ },
+ {
+ "name": "MAVEN_ARGS_APPEND",
+ "value": "${MAVEN_ARGS_APPEND}"
+ }
+ ]
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APP_NAME}:latest"
+ }
+ },
+ "resources": {}
+ },
+ "status": {
+ "lastVersion": 0
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APP_NAME}",
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "resources": {}
+ },
+ "triggers": [
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APP_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APP_NAME}:latest"
+ }
+ }
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "component": "${APP_NAME}",
+ "deploymentconfig": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ },
+ "template": {
+ "metadata": {
+ "creationTimestamp": null,
+ "labels": {
+ "component": "${APP_NAME}",
+ "deploymentconfig": "${APP_NAME}",
+ "group": "quickstarts",
+ "project": "${APP_NAME}",
+ "provider": "s2i",
+ "version": "${APP_VERSION}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "${APP_NAME}",
+ "image": "library/${APP_NAME}:latest",
+ "readinessProbe" : {
+ "httpGet" : {
+ "path" : "/health",
+ "port" : 8081
+ },
+ "initialDelaySeconds" : 10
+ },
+ "livenessProbe" : {
+ "httpGet" : {
+ "path" : "/health",
+ "port" : 8081
+ },
+ "initialDelaySeconds" : 180
+ },
+ "ports": [
+ {
+ "containerPort": 8778,
+ "name": "jolokia"
+ }
+ ],
+ "env" : [ {
+ "name" : "KUBERNETES_NAMESPACE",
+ "valueFrom" : {
+ "fieldRef" : {
+ "fieldPath" : "metadata.namespace"
+ }
+ }
+ } ],
+ "resources": {
+ "requests": {
+ "cpu": "${CPU_REQUEST}"
+ },
+ "limits": {
+ "cpu": "${CPU_LIMIT}"
+ }
+ }
+ }
+ ]
+ }
+ }
+ },
+ "status": {}
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/sso71-https.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/sso71-https.json
new file mode 100644
index 000000000..26dd26624
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/sso71-https.json
@@ -0,0 +1,549 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass" : "icon-sso",
+ "tags" : "sso,keycloak,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "Single Sign-On 7.1",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example SSO 7 application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Single Sign-On 7.1 server based deployment.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-single-sign-on/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "sso71-https"
+ },
+ "labels": {
+ "template": "sso71-https",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new SSO service has been created in your project. The admin username/password for accessing the master realm via the SSO console is ${SSO_ADMIN_USERNAME}/${SSO_ADMIN_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications; \"${SSO_TRUSTSTORE_SECRET}\" containing the ${SSO_TRUSTSTORE} file used for securing SSO requests.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "sso",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "sso-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate (e.g. jboss)",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. mykeystorepass)",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate (e.g. secret-key)",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. password)",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "SSO Admin Username",
+ "description": "SSO Server admin username",
+ "name": "SSO_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "SSO Admin Password",
+ "description": "SSO Server admin password",
+ "name": "SSO_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "SSO Realm",
+ "description": "Realm to be created in the SSO server (e.g. demo).",
+ "name": "SSO_REALM",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Service Username",
+ "description": "The username used to access the SSO service. This is used by clients to create the appliction client(s) within the specified SSO realm.",
+ "name": "SSO_SERVICE_USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Service Password",
+ "description": "The password for the SSO service user.",
+ "name": "SSO_SERVICE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store",
+ "description": "The name of the truststore file within the secret (e.g. truststore.jks)",
+ "name": "SSO_TRUSTSTORE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Password",
+ "description": "The password for the truststore and certificate (e.g. mykeystorepass)",
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Secret",
+ "description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
+ "name": "SSO_TRUSTSTORE_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "redhat-sso71-openshift:1.2"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "sso-truststore-volume",
+ "mountPath": "/etc/sso-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "lifecycle": {
+ "preStop": {
+ "exec": {
+ "command": [
+ "/opt/eap/bin/jboss-cli.sh",
+ "-c",
+ ":shutdown(timeout=60)"
+ ]
+ }
+ }
+ },
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ },
+ "initialDelaySeconds": 10
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "SSO_ADMIN_USERNAME",
+ "value": "${SSO_ADMIN_USERNAME}"
+ },
+ {
+ "name": "SSO_ADMIN_PASSWORD",
+ "value": "${SSO_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "SSO_REALM",
+ "value": "${SSO_REALM}"
+ },
+ {
+ "name": "SSO_SERVICE_USERNAME",
+ "value": "${SSO_SERVICE_USERNAME}"
+ },
+ {
+ "name": "SSO_SERVICE_PASSWORD",
+ "value": "${SSO_SERVICE_PASSWORD}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE",
+ "value": "${SSO_TRUSTSTORE}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_DIR",
+ "value": "/etc/sso-secret-volume"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "${SSO_TRUSTSTORE_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ },
+ {
+ "name": "sso-truststore-volume",
+ "secret": {
+ "secretName": "${SSO_TRUSTSTORE_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/sso71-mysql-persistent.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/sso71-mysql-persistent.json
new file mode 100644
index 000000000..7092bb65e
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/sso71-mysql-persistent.json
@@ -0,0 +1,804 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass" : "icon-sso",
+ "tags" : "sso,keycloak,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "Single Sign-On 7.1 + MySQL",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example SSO 7 application with a MySQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Single Sign-On 7.1 server based deployment and deployment configuration for MySQL using persistence.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-single-sign-on/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "sso71-mysql-persistent"
+ },
+ "labels": {
+ "template": "sso71-mysql-persistent",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new persistent SSO service (using MySQL) has been created in your project. The admin username/password for accessing the master realm via the SSO console is ${SSO_ADMIN_USERNAME}/${SSO_ADMIN_PASSWORD}. The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications; \"${SSO_TRUSTSTORE_SECRET}\" containing the ${SSO_TRUSTSTORE} file used for securing SSO requests.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "sso",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/KeycloakDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "sso-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate (e.g. jboss)",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. mykeystorepass)",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Lower Case Table Names",
+ "description": "Sets how the table names are stored and compared.",
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Maximum number of connections",
+ "description": "The maximum permitted number of simultaneous client connections.",
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Minimum Word Length",
+ "description": "The minimum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Maximum Word Length",
+ "description": "The maximum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL AIO",
+ "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
+ "name": "MYSQL_AIO",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate (e.g. secret-key)",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. password)",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "SSO Admin Username",
+ "description": "SSO Server admin username",
+ "name": "SSO_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "SSO Admin Password",
+ "description": "SSO Server admin password",
+ "name": "SSO_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "SSO Realm",
+ "description": "Realm to be created in the SSO server (e.g. demo).",
+ "name": "SSO_REALM",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Service Username",
+ "description": "The username used to access the SSO service. This is used by clients to create the appliction client(s) within the specified SSO realm.",
+ "name": "SSO_SERVICE_USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Service Password",
+ "description": "The password for the SSO service user.",
+ "name": "SSO_SERVICE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store",
+ "description": "The name of the truststore file within the secret (e.g. truststore.jks)",
+ "name": "SSO_TRUSTSTORE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Password",
+ "description": "The password for the truststore and certificate (e.g. mykeystorepass)",
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Secret",
+ "description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
+ "name": "SSO_TRUSTSTORE_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "redhat-sso71-openshift:1.2"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "sso-truststore-volume",
+ "mountPath": "/etc/sso-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "lifecycle": {
+ "preStop": {
+ "exec": {
+ "command": [
+ "/opt/eap/bin/jboss-cli.sh",
+ "-c",
+ ":shutdown(timeout=60)"
+ ]
+ }
+ }
+ },
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ },
+ "initialDelaySeconds": 10
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "SSO_ADMIN_USERNAME",
+ "value": "${SSO_ADMIN_USERNAME}"
+ },
+ {
+ "name": "SSO_ADMIN_PASSWORD",
+ "value": "${SSO_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "SSO_REALM",
+ "value": "${SSO_REALM}"
+ },
+ {
+ "name": "SSO_SERVICE_USERNAME",
+ "value": "${SSO_SERVICE_USERNAME}"
+ },
+ {
+ "name": "SSO_SERVICE_PASSWORD",
+ "value": "${SSO_SERVICE_PASSWORD}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE",
+ "value": "${SSO_TRUSTSTORE}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_DIR",
+ "value": "/etc/sso-secret-volume"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "${SSO_TRUSTSTORE_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ },
+ {
+ "name": "sso-truststore-volume",
+ "secret": {
+ "secretName": "${SSO_TRUSTSTORE_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mysql",
+ "image": "mysql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/mysql/data",
+ "name": "${APPLICATION_NAME}-mysql-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
+ },
+ {
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "value": "${MYSQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "value": "${MYSQL_FT_MIN_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "value": "${MYSQL_FT_MAX_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_AIO",
+ "value": "${MYSQL_AIO}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-mysql-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-mysql-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/sso71-mysql.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/sso71-mysql.json
new file mode 100644
index 000000000..d90f0a0cc
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/sso71-mysql.json
@@ -0,0 +1,772 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass" : "icon-sso",
+ "tags" : "sso,keycloak,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "Single Sign-On 7.1 + MySQL (Ephemeral)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example SSO 7 application with a MySQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Single Sign-On 7.1 server based deployment and deployment configuration for MySQL using ephemeral (temporary) storage.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-single-sign-on/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "sso71-mysql"
+ },
+ "labels": {
+ "template": "sso71-mysql",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new SSO service (using MySQL) has been created in your project. The admin username/password for accessing the master realm via the SSO console is ${SSO_ADMIN_USERNAME}/${SSO_ADMIN_PASSWORD}. The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications; \"${SSO_TRUSTSTORE_SECRET}\" containing the ${SSO_TRUSTSTORE} file used for securing SSO requests.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "sso",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/KeycloakDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "sso-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate (e.g. jboss)",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. mykeystorepass)",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Lower Case Table Names",
+ "description": "Sets how the table names are stored and compared.",
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Maximum number of connections",
+ "description": "The maximum permitted number of simultaneous client connections.",
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Minimum Word Length",
+ "description": "The minimum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Maximum Word Length",
+ "description": "The maximum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL AIO",
+ "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
+ "name": "MYSQL_AIO",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate (e.g. secret-key)",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. password)",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "SSO Admin Username",
+ "description": "SSO Server admin username",
+ "name": "SSO_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "SSO Admin Password",
+ "description": "SSO Server admin password",
+ "name": "SSO_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "SSO Realm",
+ "description": "Realm to be created in the SSO server (e.g. demo).",
+ "name": "SSO_REALM",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Service Username",
+ "description": "The username used to access the SSO service. This is used by clients to create the appliction client(s) within the specified SSO realm.",
+ "name": "SSO_SERVICE_USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Service Password",
+ "description": "The password for the SSO service user.",
+ "name": "SSO_SERVICE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store",
+ "description": "The name of the truststore file within the secret (e.g. truststore.jks)",
+ "name": "SSO_TRUSTSTORE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Password",
+ "description": "The password for the truststore and certificate (e.g. mykeystorepass)",
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Secret",
+ "description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
+ "name": "SSO_TRUSTSTORE_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "database"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "redhat-sso71-openshift:1.2"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "sso-truststore-volume",
+ "mountPath": "/etc/sso-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "lifecycle": {
+ "preStop": {
+ "exec": {
+ "command": [
+ "/opt/eap/bin/jboss-cli.sh",
+ "-c",
+ ":shutdown(timeout=60)"
+ ]
+ }
+ }
+ },
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ },
+ "initialDelaySeconds": 10
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "SSO_ADMIN_USERNAME",
+ "value": "${SSO_ADMIN_USERNAME}"
+ },
+ {
+ "name": "SSO_ADMIN_PASSWORD",
+ "value": "${SSO_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "SSO_REALM",
+ "value": "${SSO_REALM}"
+ },
+ {
+ "name": "SSO_SERVICE_USERNAME",
+ "value": "${SSO_SERVICE_USERNAME}"
+ },
+ {
+ "name": "SSO_SERVICE_PASSWORD",
+ "value": "${SSO_SERVICE_PASSWORD}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE",
+ "value": "${SSO_TRUSTSTORE}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_DIR",
+ "value": "/etc/sso-secret-volume"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "${SSO_TRUSTSTORE_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ },
+ {
+ "name": "sso-truststore-volume",
+ "secret": {
+ "secretName": "${SSO_TRUSTSTORE_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "database"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql",
+ "application": "${APPLICATION_NAME}",
+ "component": "database"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mysql",
+ "image": "mysql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
+ },
+ {
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "value": "${MYSQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "value": "${MYSQL_FT_MIN_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "value": "${MYSQL_FT_MAX_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_AIO",
+ "value": "${MYSQL_AIO}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/sso71-postgresql-persistent.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/sso71-postgresql-persistent.json
new file mode 100644
index 000000000..b1077db91
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/sso71-postgresql-persistent.json
@@ -0,0 +1,778 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass" : "icon-sso",
+ "tags" : "sso,keycloak,jboss",
+ "version": "1.4.7",
+ "openshift.io/display-name": "Single Sign-On 7.1 + PostgreSQL",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example SSO 7 application with a PostgreSQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Single Sign-On 7.1 server based deployment and deployment configuration for PostgreSQL using persistence.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-single-sign-on/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "sso71-postgresql-persistent"
+ },
+ "labels": {
+ "template": "sso71-postgresql-persistent",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new persistent SSO service (using PostgreSQL) has been created in your project. The admin username/password for accessing the master realm via the SSO console is ${SSO_ADMIN_USERNAME}/${SSO_ADMIN_PASSWORD}. The username/password for accessing the PostgreSQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications; \"${SSO_TRUSTSTORE_SECRET}\" containing the ${SSO_TRUSTSTORE} file used for securing SSO requests.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "sso",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/KeycloakDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "sso-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate (e.g. jboss)",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. mykeystorepass)",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Maximum number of connections",
+ "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Shared Buffers",
+ "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate (e.g. secret-key)",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. password)",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "SSO Admin Username",
+ "description": "SSO Server admin username",
+ "name": "SSO_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "SSO Admin Password",
+ "description": "SSO Server admin password",
+ "name": "SSO_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "SSO Realm",
+ "description": "Realm to be created in the SSO server (e.g. demo).",
+ "name": "SSO_REALM",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Service Username",
+ "description": "The username used to access the SSO service. This is used by clients to create the appliction client(s) within the specified SSO realm.",
+ "name": "SSO_SERVICE_USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Service Password",
+ "description": "The password for the SSO service user.",
+ "name": "SSO_SERVICE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store",
+ "description": "The name of the truststore file within the secret (e.g. truststore.jks)",
+ "name": "SSO_TRUSTSTORE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Password",
+ "description": "The password for the truststore and certificate (e.g. mykeystorepass)",
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Secret",
+ "description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
+ "name": "SSO_TRUSTSTORE_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "redhat-sso71-openshift:1.2"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "sso-truststore-volume",
+ "mountPath": "/etc/sso-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "lifecycle": {
+ "preStop": {
+ "exec": {
+ "command": [
+ "/opt/eap/bin/jboss-cli.sh",
+ "-c",
+ ":shutdown(timeout=60)"
+ ]
+ }
+ }
+ },
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ },
+ "initialDelaySeconds": 10
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "SSO_ADMIN_USERNAME",
+ "value": "${SSO_ADMIN_USERNAME}"
+ },
+ {
+ "name": "SSO_ADMIN_PASSWORD",
+ "value": "${SSO_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "SSO_REALM",
+ "value": "${SSO_REALM}"
+ },
+ {
+ "name": "SSO_SERVICE_USERNAME",
+ "value": "${SSO_SERVICE_USERNAME}"
+ },
+ {
+ "name": "SSO_SERVICE_PASSWORD",
+ "value": "${SSO_SERVICE_PASSWORD}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE",
+ "value": "${SSO_TRUSTSTORE}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_DIR",
+ "value": "/etc/sso-secret-volume"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "${SSO_TRUSTSTORE_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ },
+ {
+ "name": "sso-truststore-volume",
+ "secret": {
+ "secretName": "${SSO_TRUSTSTORE_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "image": "postgresql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/pgsql/data",
+ "name": "${APPLICATION_NAME}-postgresql-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_PREPARED_TRANSACTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-postgresql-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.9/xpaas-templates/sso71-postgresql.json b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/sso71-postgresql.json
new file mode 100644
index 000000000..0955d712a
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.9/xpaas-templates/sso71-postgresql.json
@@ -0,0 +1,746 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass" : "icon-sso",
+ "tags" : "sso,keycloak,jboss,hidden",
+ "version": "1.4.7",
+ "openshift.io/display-name": "Single Sign-On 7.1 + PostgreSQL (Ephemeral)",
+ "openshift.io/provider-display-name": "Red Hat, Inc.",
+ "description": "An example SSO 7 application with a PostgreSQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.",
+ "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat Single Sign-On 7.1 server based deployment and deployment configuration for PostgreSQL using ephemeral (temporary) storage.",
+ "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-single-sign-on/",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ },
+ "name": "sso71-postgresql"
+ },
+ "labels": {
+ "template": "sso71-postgresql",
+ "xpaas": "1.4.7"
+ },
+ "message": "A new SSO service (using PostgreSQL) has been created in your project. The admin username/password for accessing the master realm via the SSO console is ${SSO_ADMIN_USERNAME}/${SSO_ADMIN_PASSWORD}. The username/password for accessing the PostgreSQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications; \"${SSO_TRUSTSTORE_SECRET}\" containing the ${SSO_TRUSTSTORE} file used for securing SSO requests.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "sso",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/KeycloakDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "sso-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate (e.g. jboss)",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. mykeystorepass)",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Maximum number of connections",
+ "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Shared Buffers",
+ "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate (e.g. secret-key)",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. password)",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "SSO Admin Username",
+ "description": "SSO Server admin username",
+ "name": "SSO_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "SSO Admin Password",
+ "description": "SSO Server admin password",
+ "name": "SSO_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "SSO Realm",
+ "description": "Realm to be created in the SSO server (e.g. demo).",
+ "name": "SSO_REALM",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Service Username",
+ "description": "The username used to access the SSO service. This is used by clients to create the appliction client(s) within the specified SSO realm.",
+ "name": "SSO_SERVICE_USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Service Password",
+ "description": "The password for the SSO service user.",
+ "name": "SSO_SERVICE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store",
+ "description": "The name of the truststore file within the secret (e.g. truststore.jks)",
+ "name": "SSO_TRUSTSTORE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Password",
+ "description": "The password for the truststore and certificate (e.g. mykeystorepass)",
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Secret",
+ "description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
+ "name": "SSO_TRUSTSTORE_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "database"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "redhat-sso71-openshift:1.2"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "sso-truststore-volume",
+ "mountPath": "/etc/sso-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "lifecycle": {
+ "preStop": {
+ "exec": {
+ "command": [
+ "/opt/eap/bin/jboss-cli.sh",
+ "-c",
+ ":shutdown(timeout=60)"
+ ]
+ }
+ }
+ },
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ },
+ "initialDelaySeconds": 10
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "SSO_ADMIN_USERNAME",
+ "value": "${SSO_ADMIN_USERNAME}"
+ },
+ {
+ "name": "SSO_ADMIN_PASSWORD",
+ "value": "${SSO_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "SSO_REALM",
+ "value": "${SSO_REALM}"
+ },
+ {
+ "name": "SSO_SERVICE_USERNAME",
+ "value": "${SSO_SERVICE_USERNAME}"
+ },
+ {
+ "name": "SSO_SERVICE_PASSWORD",
+ "value": "${SSO_SERVICE_PASSWORD}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE",
+ "value": "${SSO_TRUSTSTORE}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_DIR",
+ "value": "/etc/sso-secret-volume"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "${SSO_TRUSTSTORE_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ },
+ {
+ "name": "sso-truststore-volume",
+ "secret": {
+ "secretName": "${SSO_TRUSTSTORE_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "database"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql",
+ "application": "${APPLICATION_NAME}",
+ "component": "database"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "image": "postgresql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_PREPARED_TRANSACTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/meta/main.yml b/roles/openshift_examples/meta/main.yml
index f3fe2dcbe..1a34c85fc 100644
--- a/roles/openshift_examples/meta/main.yml
+++ b/roles/openshift_examples/meta/main.yml
@@ -11,4 +11,5 @@ galaxy_info:
- 7
categories:
- cloud
-dependencies: []
+dependencies:
+- role: lib_utils
diff --git a/roles/openshift_examples/tasks/main.yml b/roles/openshift_examples/tasks/main.yml
index 1a4562776..356317431 100644
--- a/roles/openshift_examples/tasks/main.yml
+++ b/roles/openshift_examples/tasks/main.yml
@@ -63,8 +63,10 @@
- name: Import Centos Image streams
command: >
- {{ openshift.common.client_binary }} {{ openshift_examples_import_command }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig -n openshift -f {{ centos_image_streams }}
+ {{ openshift.common.client_binary }} {{ openshift_examples_import_command }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig -n openshift -f {{ item }}
when: openshift_examples_load_centos | bool
+ with_items:
+ - "{{ centos_image_streams }}"
register: oex_import_centos_streams
failed_when: "'already exists' not in oex_import_centos_streams.stderr and oex_import_centos_streams.rc != 0"
changed_when: false
diff --git a/roles/openshift_excluder/README.md b/roles/openshift_excluder/README.md
index 80cb88d45..7b43d5adf 100644
--- a/roles/openshift_excluder/README.md
+++ b/roles/openshift_excluder/README.md
@@ -28,7 +28,7 @@ Role Variables
| r_openshift_excluder_verify_upgrade | false | true, false | When upgrading, this variable should be set to true when calling the role |
| r_openshift_excluder_package_state | present | present, latest | Use 'latest' to upgrade openshift_excluder package |
| r_openshift_excluder_docker_package_state | present | present, latest | Use 'latest' to upgrade docker_excluder package |
-| r_openshift_excluder_service_type | None | | (Required) Defined as openshift.common.service_type e.g. atomic-openshift |
+| r_openshift_excluder_service_type | None | | (Required) Defined as openshift_service_type e.g. atomic-openshift |
| r_openshift_excluder_upgrade_target | None | | Required when r_openshift_excluder_verify_upgrade is true, defined as openshift_upgrade_target by Upgrade playbooks e.g. '3.6'|
Dependencies
@@ -46,15 +46,12 @@ Example Playbook
# Disable all excluders
- role: openshift_excluder
r_openshift_excluder_action: disable
- r_openshift_excluder_service_type: "{{ openshift.common.service_type }}"
# Enable all excluders
- role: openshift_excluder
r_openshift_excluder_action: enable
- r_openshift_excluder_service_type: "{{ openshift.common.service_type }}"
# Disable all excluders and verify appropriate excluder packages are available for upgrade
- role: openshift_excluder
r_openshift_excluder_action: disable
- r_openshift_excluder_service_type: "{{ openshift.common.service_type }}"
r_openshift_excluder_verify_upgrade: true
r_openshift_excluder_upgrade_target: "{{ openshift_upgrade_target }}"
r_openshift_excluder_package_state: latest
diff --git a/roles/openshift_excluder/defaults/main.yml b/roles/openshift_excluder/defaults/main.yml
index d4f151142..3a910e490 100644
--- a/roles/openshift_excluder/defaults/main.yml
+++ b/roles/openshift_excluder/defaults/main.yml
@@ -2,7 +2,7 @@
# keep the 'current' package or update to 'latest' if available?
r_openshift_excluder_package_state: present
r_openshift_excluder_docker_package_state: present
-
+r_openshift_excluder_service_type: "{{ openshift_service_type }}"
# Legacy variables are included for backwards compatibility with v3.5
# Inventory variables Legacy
# openshift_enable_excluders enable_excluders
diff --git a/roles/openshift_excluder/meta/main.yml b/roles/openshift_excluder/meta/main.yml
index 871081c19..a9653edda 100644
--- a/roles/openshift_excluder/meta/main.yml
+++ b/roles/openshift_excluder/meta/main.yml
@@ -12,4 +12,5 @@ galaxy_info:
categories:
- cloud
dependencies:
+- role: openshift_facts
- role: lib_utils
diff --git a/roles/openshift_excluder/tasks/disable.yml b/roles/openshift_excluder/tasks/disable.yml
index 5add25b45..21801b994 100644
--- a/roles/openshift_excluder/tasks/disable.yml
+++ b/roles/openshift_excluder/tasks/disable.yml
@@ -2,11 +2,11 @@
- when: r_openshift_excluder_verify_upgrade
block:
- name: Include verify_upgrade.yml when upgrading
- include: verify_upgrade.yml
+ include_tasks: verify_upgrade.yml
# unexclude the current openshift/origin-excluder if it is installed so it can be updated
- name: Disable excluders before the upgrade to remove older excluding expressions
- include: unexclude.yml
+ include_tasks: unexclude.yml
vars:
# before the docker excluder can be updated, it needs to be disabled
# to remove older excluded packages that are no longer excluded
@@ -15,12 +15,12 @@
# Install any excluder that is enabled
- name: Include install.yml
- include: install.yml
+ include_tasks: install.yml
# And finally adjust an excluder in order to update host components correctly. First
# exclude then unexclude
- name: Include exclude.yml
- include: exclude.yml
+ include_tasks: exclude.yml
vars:
# Enable the docker excluder only if it is overridden
# BZ #1430612: docker excluders should be enabled even during installation and upgrade
@@ -30,7 +30,7 @@
# All excluders that are to be disabled are disabled
- name: Include unexclude.yml
- include: unexclude.yml
+ include_tasks: unexclude.yml
vars:
# If the docker override is not set, default to the generic behaviour
# BZ #1430612: docker excluders should be enabled even during installation and upgrade
diff --git a/roles/openshift_excluder/tasks/enable.yml b/roles/openshift_excluder/tasks/enable.yml
index fce44cfb5..7c3742a06 100644
--- a/roles/openshift_excluder/tasks/enable.yml
+++ b/roles/openshift_excluder/tasks/enable.yml
@@ -1,6 +1,6 @@
---
- name: Install excluders
- include: install.yml
+ include_tasks: install.yml
- name: Enable excluders
- include: exclude.yml
+ include_tasks: exclude.yml
diff --git a/roles/openshift_excluder/tasks/install.yml b/roles/openshift_excluder/tasks/install.yml
index 7a5bebf6f..12fecaff5 100644
--- a/roles/openshift_excluder/tasks/install.yml
+++ b/roles/openshift_excluder/tasks/install.yml
@@ -8,11 +8,13 @@
- name: Install docker excluder - yum
package:
- name: "{{ r_openshift_excluder_service_type }}-docker-excluder{{ openshift_pkg_version | default('') | oo_image_tag_to_rpm_version(include_dash=True) + '*' }}"
+ name: "{{ r_openshift_excluder_service_type }}-docker-excluder{{ openshift_pkg_version | default('') | lib_utils_oo_image_tag_to_rpm_version(include_dash=True) + '*' }}"
state: "{{ r_openshift_excluder_docker_package_state }}"
when:
- r_openshift_excluder_enable_docker_excluder | bool
- ansible_pkg_mgr == "yum"
+ register: result
+ until: result is succeeded
# For DNF we do not need the "*" and if we add it, it causes an error because
@@ -21,19 +23,23 @@
# https://bugzilla.redhat.com/show_bug.cgi?id=1199432
- name: Install docker excluder - dnf
package:
- name: "{{ r_openshift_excluder_service_type }}-docker-excluder{{ openshift_pkg_version | default('') | oo_image_tag_to_rpm_version(include_dash=True) }}"
+ name: "{{ r_openshift_excluder_service_type }}-docker-excluder{{ openshift_pkg_version | default('') | lib_utils_oo_image_tag_to_rpm_version(include_dash=True) }}"
state: "{{ r_openshift_excluder_docker_package_state }}"
when:
- r_openshift_excluder_enable_docker_excluder | bool
- ansible_pkg_mgr == "dnf"
+ register: result
+ until: result is succeeded
- name: Install openshift excluder - yum
package:
- name: "{{ r_openshift_excluder_service_type }}-excluder{{ openshift_pkg_version | default('') | oo_image_tag_to_rpm_version(include_dash=True) + '*' }}"
+ name: "{{ r_openshift_excluder_service_type }}-excluder{{ openshift_pkg_version | default('') | lib_utils_oo_image_tag_to_rpm_version(include_dash=True) + '*' }}"
state: "{{ r_openshift_excluder_package_state }}"
when:
- r_openshift_excluder_enable_openshift_excluder | bool
- ansible_pkg_mgr == "yum"
+ register: result
+ until: result is succeeded
# For DNF we do not need the "*" and if we add it, it causes an error because
# it's not a valid pkg_spec
@@ -41,11 +47,13 @@
# https://bugzilla.redhat.com/show_bug.cgi?id=1199432
- name: Install openshift excluder - dnf
package:
- name: "{{ r_openshift_excluder_service_type }}-excluder{{ openshift_pkg_version | default('') | oo_image_tag_to_rpm_version(include_dash=True) }}"
+ name: "{{ r_openshift_excluder_service_type }}-excluder{{ openshift_pkg_version | default('') | lib_utils_oo_image_tag_to_rpm_version(include_dash=True) }}"
state: "{{ r_openshift_excluder_package_state }}"
when:
- r_openshift_excluder_enable_openshift_excluder | bool
- ansible_pkg_mgr == "dnf"
+ register: result
+ until: result is succeeded
- set_fact:
r_openshift_excluder_install_ran: True
diff --git a/roles/openshift_excluder/tasks/main.yml b/roles/openshift_excluder/tasks/main.yml
index db20b4012..f0e87ba25 100644
--- a/roles/openshift_excluder/tasks/main.yml
+++ b/roles/openshift_excluder/tasks/main.yml
@@ -19,11 +19,6 @@
msg: "openshift_excluder role can only be called with 'enable' or 'disable'"
when: r_openshift_excluder_action not in ['enable', 'disable']
- - name: Fail if r_openshift_excluder_service_type is not defined
- fail:
- msg: "r_openshift_excluder_service_type must be specified for this role"
- when: r_openshift_excluder_service_type is not defined
-
- name: Fail if r_openshift_excluder_upgrade_target is not defined
fail:
msg: "r_openshift_excluder_upgrade_target must be provided when using this role for upgrades"
@@ -32,7 +27,7 @@
- r_openshift_excluder_upgrade_target is not defined
- name: Include main action task file
- include: "{{ r_openshift_excluder_action }}.yml"
+ include_tasks: "{{ r_openshift_excluder_action }}.yml"
when:
- not ostree_booted.stat.exists | bool
diff --git a/roles/openshift_excluder/tasks/verify_excluder.yml b/roles/openshift_excluder/tasks/verify_excluder.yml
index c35639c1b..4f5277fa2 100644
--- a/roles/openshift_excluder/tasks/verify_excluder.yml
+++ b/roles/openshift_excluder/tasks/verify_excluder.yml
@@ -29,4 +29,4 @@
msg: "Available {{ excluder }} version {{ excluder_version }} is higher than the upgrade target version"
when:
- excluder_version != ''
- - excluder_version.split('.')[0:2] | join('.') | version_compare(r_openshift_excluder_upgrade_target.split('.')[0:2] | join('.'), '>', strict=True)
+ - excluder_version.split('.')[0:2] | join('.') is version_compare(r_openshift_excluder_upgrade_target.split('.')[0:2] | join('.'), '>', strict=True)
diff --git a/roles/openshift_excluder/tasks/verify_upgrade.yml b/roles/openshift_excluder/tasks/verify_upgrade.yml
index 42026664a..b55a9af23 100644
--- a/roles/openshift_excluder/tasks/verify_upgrade.yml
+++ b/roles/openshift_excluder/tasks/verify_upgrade.yml
@@ -1,12 +1,12 @@
---
- name: Verify Docker Excluder version
- include: verify_excluder.yml
+ include_tasks: verify_excluder.yml
vars:
excluder: "{{ r_openshift_excluder_service_type }}-docker-excluder"
when: r_openshift_excluder_enable_docker_excluder | bool
- name: Verify OpenShift Excluder version
- include: verify_excluder.yml
+ include_tasks: verify_excluder.yml
vars:
excluder: "{{ r_openshift_excluder_service_type }}-excluder"
when: r_openshift_excluder_enable_openshift_excluder | bool
diff --git a/roles/openshift_expand_partition/tasks/main.yml b/roles/openshift_expand_partition/tasks/main.yml
index 4cb5418c6..c7e21ba99 100644
--- a/roles/openshift_expand_partition/tasks/main.yml
+++ b/roles/openshift_expand_partition/tasks/main.yml
@@ -2,6 +2,8 @@
- name: Ensure growpart is installed
package: name=cloud-utils-growpart state=present
when: not openshift.common.is_containerized | bool
+ register: result
+ until: result is succeeded
- name: Determine if growpart is installed
command: "rpm -q cloud-utils-growpart"
diff --git a/roles/openshift_facts/defaults/main.yml b/roles/openshift_facts/defaults/main.yml
new file mode 100644
index 000000000..804b274a2
--- /dev/null
+++ b/roles/openshift_facts/defaults/main.yml
@@ -0,0 +1,101 @@
+---
+openshift_cli_image_dict:
+ origin: 'openshift/origin'
+ openshift-enterprise: 'openshift3/ose'
+
+openshift_hosted_images_dict:
+ origin: 'openshift/origin-${component}:${version}'
+ openshift-enterprise: 'openshift3/ose-${component}:${version}'
+
+openshift_cli_image: "{{ osm_image | default(openshift_cli_image_dict[openshift_deployment_type]) }}"
+
+# osm_default_subdomain is an old migrated fact, can probably be removed.
+osm_default_subdomain: "router.default.svc.cluster.local"
+openshift_master_default_subdomain: "{{ osm_default_subdomain }}"
+
+openshift_hosted_etcd_storage_nfs_directory: '/exports'
+openshift_hosted_etcd_storage_nfs_options: '*(rw,root_squash)'
+openshift_hosted_etcd_storage_volume_name: 'etcd'
+openshift_hosted_etcd_storage_volume_size: '1Gi'
+openshift_hosted_etcd_storage_create_pv: True
+openshift_hosted_etcd_storage_create_pvc: False
+openshift_hosted_etcd_storage_access_modes:
+ - 'ReadWriteOnce'
+
+openshift_hosted_registry_namespace: 'default'
+openshift_hosted_registry_storage_volume_name: 'registry'
+openshift_hosted_registry_storage_volume_size: '5Gi'
+openshift_hosted_registry_storage_create_pv: True
+openshift_hosted_registry_storage_create_pvc: True
+openshift_hosted_registry_storage_nfs_directory: '/exports'
+openshift_hosted_registry_storage_nfs_options: '*(rw,root_squash)'
+openshift_hosted_registry_storage_glusterfs_endpoints: 'glusterfs-registry-endpoints'
+openshift_hosted_registry_storage_glusterfs_path: glusterfs-registry-volume
+openshift_hosted_registry_storage_glusterfs_readOnly: False
+openshift_hosted_registry_storage_glusterfs_swap: False
+openshift_hosted_registry_storage_glusterfs_swapcopy: True
+openshift_hosted_registry_storage_glusterfs_ips: []
+openshift_hosted_registry_storage_access_modes:
+ - 'ReadWriteMany'
+
+openshift_logging_storage_nfs_directory: '/exports'
+openshift_logging_storage_nfs_options: '*(rw,root_squash)'
+openshift_logging_storage_volume_name: 'logging-es'
+openshift_logging_storage_create_pv: True
+openshift_logging_storage_create_pvc: False
+openshift_logging_storage_access_modes:
+ - ['ReadWriteOnce']
+
+openshift_loggingops_storage_volume_name: 'logging-es-ops'
+openshift_loggingops_storage_volume_size: '10Gi'
+openshift_loggingops_storage_create_pv: True
+openshift_loggingops_storage_create_pvc: False
+openshift_loggingops_storage_nfs_directory: '/exports'
+openshift_loggingops_storage_nfs_options: '*(rw,root_squash)'
+openshift_loggingops_storage_access_modes:
+ - 'ReadWriteOnce'
+
+openshift_metrics_deploy: False
+openshift_metrics_duration: 7
+openshift_metrics_resolution: '10s'
+openshift_metrics_storage_volume_name: 'metrics'
+openshift_metrics_storage_volume_size: '10Gi'
+openshift_metrics_storage_create_pv: True
+openshift_metrics_storage_create_pvc: False
+openshift_metrics_storage_nfs_directory: '/exports'
+openshift_metrics_storage_nfs_options: '*(rw,root_squash)'
+openshift_metrics_storage_access_modes:
+ - 'ReadWriteOnce'
+
+openshift_prometheus_storage_volume_name: 'prometheus'
+openshift_prometheus_storage_volume_size: '10Gi'
+openshift_prometheus_storage_nfs_directory: '/exports'
+openshift_prometheus_storage_nfs_options: '*(rw,root_squash)'
+openshift_prometheus_storage_access_modes:
+ - 'ReadWriteOnce'
+openshift_prometheus_storage_create_pv: True
+openshift_prometheus_storage_create_pvc: False
+
+openshift_prometheus_alertmanager_storage_volume_name: 'prometheus-alertmanager'
+openshift_prometheus_alertmanager_storage_volume_size: '10Gi'
+openshift_prometheus_alertmanager_storage_nfs_directory: '/exports'
+openshift_prometheus_alertmanager_storage_nfs_options: '*(rw,root_squash)'
+openshift_prometheus_alertmanager_storage_access_modes:
+ - 'ReadWriteOnce'
+openshift_prometheus_alertmanager_storage_create_pv: True
+openshift_prometheus_alertmanager_storage_create_pvc: False
+
+openshift_prometheus_alertbuffer_storage_volume_name: 'prometheus-alertbuffer'
+openshift_prometheus_alertbuffer_storage_volume_size: '10Gi'
+openshift_prometheus_alertbuffer_storage_nfs_directory: '/exports'
+openshift_prometheus_alertbuffer_storage_nfs_options: '*(rw,root_squash)'
+openshift_prometheus_alertbuffer_storage_access_modes:
+ - 'ReadWriteOnce'
+openshift_prometheus_alertbuffer_storage_create_pv: True
+openshift_prometheus_alertbuffer_storage_create_pvc: False
+
+openshift_service_type_dict:
+ origin: origin
+ openshift-enterprise: atomic-openshift
+
+openshift_service_type: "{{ openshift_service_type_dict[openshift_deployment_type] }}"
diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py
index a88945538..6170f15d9 100755
--- a/roles/openshift_facts/library/openshift_facts.py
+++ b/roles/openshift_facts/library/openshift_facts.py
@@ -11,14 +11,13 @@ import copy
import errno
import json
import re
-import io
import os
import yaml
import struct
import socket
from distutils.util import strtobool
from distutils.version import LooseVersion
-from ansible.module_utils.six import string_types, text_type
+from ansible.module_utils.six import string_types
from ansible.module_utils.six.moves import configparser
# ignore pylint errors related to the module_utils import
@@ -51,39 +50,6 @@ EXAMPLES = '''
'''
-def migrate_docker_facts(facts):
- """ Apply migrations for docker facts """
- params = {
- 'common': (
- 'options'
- ),
- 'node': (
- 'log_driver',
- 'log_options'
- )
- }
- if 'docker' not in facts:
- facts['docker'] = {}
- # pylint: disable=consider-iterating-dictionary
- for role in params.keys():
- if role in facts:
- for param in params[role]:
- old_param = 'docker_' + param
- if old_param in facts[role]:
- facts['docker'][param] = facts[role].pop(old_param)
-
- if 'node' in facts and 'portal_net' in facts['node']:
- facts['docker']['hosted_registry_network'] = facts['node'].pop('portal_net')
-
- # log_options was originally meant to be a comma separated string, but
- # we now prefer an actual list, with backward compatibility:
- if 'log_options' in facts['docker'] and \
- isinstance(facts['docker']['log_options'], string_types):
- facts['docker']['log_options'] = facts['docker']['log_options'].split(",")
-
- return facts
-
-
# TODO: We should add a generic migration function that takes source and destination
# paths and does the right thing rather than one function for common, one for node, etc.
def migrate_common_facts(facts):
@@ -103,40 +69,6 @@ def migrate_common_facts(facts):
return facts
-def migrate_node_facts(facts):
- """ Migrate facts from various roles into node """
- params = {
- 'common': ('dns_ip'),
- }
- if 'node' not in facts:
- facts['node'] = {}
- # pylint: disable=consider-iterating-dictionary
- for role in params.keys():
- if role in facts:
- for param in params[role]:
- if param in facts[role]:
- facts['node'][param] = facts[role].pop(param)
- return facts
-
-
-def migrate_hosted_facts(facts):
- """ Apply migrations for master facts """
- if 'master' in facts:
- if 'router_selector' in facts['master']:
- if 'hosted' not in facts:
- facts['hosted'] = {}
- if 'router' not in facts['hosted']:
- facts['hosted']['router'] = {}
- facts['hosted']['router']['selector'] = facts['master'].pop('router_selector')
- if 'registry_selector' in facts['master']:
- if 'hosted' not in facts:
- facts['hosted'] = {}
- if 'registry' not in facts['hosted']:
- facts['hosted']['registry'] = {}
- facts['hosted']['registry']['selector'] = facts['master'].pop('registry_selector')
- return facts
-
-
def migrate_admission_plugin_facts(facts):
""" Apply migrations for admission plugin facts """
if 'master' in facts:
@@ -146,8 +78,7 @@ def migrate_admission_plugin_facts(facts):
# Merge existing kube_admission_plugin_config with admission_plugin_config.
facts['master']['admission_plugin_config'] = merge_facts(facts['master']['admission_plugin_config'],
facts['master']['kube_admission_plugin_config'],
- additive_facts_to_overwrite=[],
- protected_facts_to_overwrite=[])
+ additive_facts_to_overwrite=[])
# Remove kube_admission_plugin_config fact
facts['master'].pop('kube_admission_plugin_config', None)
return facts
@@ -156,10 +87,7 @@ def migrate_admission_plugin_facts(facts):
def migrate_local_facts(facts):
""" Apply migrations of local facts """
migrated_facts = copy.deepcopy(facts)
- migrated_facts = migrate_docker_facts(migrated_facts)
migrated_facts = migrate_common_facts(migrated_facts)
- migrated_facts = migrate_node_facts(migrated_facts)
- migrated_facts = migrate_hosted_facts(migrated_facts)
migrated_facts = migrate_admission_plugin_facts(migrated_facts)
return migrated_facts
@@ -446,119 +374,6 @@ def normalize_provider_facts(provider, metadata):
return facts
-def set_node_schedulability(facts):
- """ Set schedulable facts if not already present in facts dict
- Args:
- facts (dict): existing facts
- Returns:
- dict: the facts dict updated with the generated schedulable
- facts if they were not already present
-
- """
- if 'node' in facts:
- if 'schedulable' not in facts['node']:
- if 'master' in facts:
- facts['node']['schedulable'] = False
- else:
- facts['node']['schedulable'] = True
- return facts
-
-
-# pylint: disable=too-many-branches
-def set_selectors(facts):
- """ Set selectors facts if not already present in facts dict
- Args:
- facts (dict): existing facts
- Returns:
- dict: the facts dict updated with the generated selectors
- facts if they were not already present
-
- """
- selector = "region=infra"
-
- if 'hosted' not in facts:
- facts['hosted'] = {}
- if 'router' not in facts['hosted']:
- facts['hosted']['router'] = {}
- if 'selector' not in facts['hosted']['router'] or facts['hosted']['router']['selector'] in [None, 'None']:
- facts['hosted']['router']['selector'] = selector
- if 'registry' not in facts['hosted']:
- facts['hosted']['registry'] = {}
- if 'selector' not in facts['hosted']['registry'] or facts['hosted']['registry']['selector'] in [None, 'None']:
- facts['hosted']['registry']['selector'] = selector
- if 'metrics' not in facts['hosted']:
- facts['hosted']['metrics'] = {}
- if 'selector' not in facts['hosted']['metrics'] or facts['hosted']['metrics']['selector'] in [None, 'None']:
- facts['hosted']['metrics']['selector'] = None
- if 'logging' not in facts:
- facts['logging'] = {}
- if 'selector' not in facts['logging'] or facts['logging']['selector'] in [None, 'None']:
- facts['logging']['selector'] = None
- if 'etcd' not in facts['hosted']:
- facts['hosted']['etcd'] = {}
- if 'selector' not in facts['hosted']['etcd'] or facts['hosted']['etcd']['selector'] in [None, 'None']:
- facts['hosted']['etcd']['selector'] = None
- if 'prometheus' not in facts:
- facts['prometheus'] = {}
- if 'selector' not in facts['prometheus'] or facts['prometheus']['selector'] in [None, 'None']:
- facts['prometheus']['selector'] = None
- if 'alertmanager' not in facts['prometheus']:
- facts['prometheus']['alertmanager'] = {}
- # pylint: disable=line-too-long
- if 'selector' not in facts['prometheus']['alertmanager'] or facts['prometheus']['alertmanager']['selector'] in [None, 'None']:
- facts['prometheus']['alertmanager']['selector'] = None
- if 'alertbuffer' not in facts['prometheus']:
- facts['prometheus']['alertbuffer'] = {}
- # pylint: disable=line-too-long
- if 'selector' not in facts['prometheus']['alertbuffer'] or facts['prometheus']['alertbuffer']['selector'] in [None, 'None']:
- facts['prometheus']['alertbuffer']['selector'] = None
-
- return facts
-
-
-def set_dnsmasq_facts_if_unset(facts):
- """ Set dnsmasq facts if not already present in facts
- Args:
- facts (dict) existing facts
- Returns:
- facts (dict) updated facts with values set if not previously set
- """
-
- if 'common' in facts:
- if 'master' in facts and 'dns_port' not in facts['master']:
- facts['master']['dns_port'] = 8053
-
- return facts
-
-
-def set_project_cfg_facts_if_unset(facts):
- """ Set Project Configuration facts if not already present in facts dict
- dict:
- Args:
- facts (dict): existing facts
- Returns:
- dict: the facts dict updated with the generated Project Configuration
- facts if they were not already present
-
- """
-
- config = {
- 'default_node_selector': '',
- 'project_request_message': '',
- 'project_request_template': '',
- 'mcs_allocator_range': 's0:/2',
- 'mcs_labels_per_project': 5,
- 'uid_allocator_range': '1000000000-1999999999/10000'
- }
-
- if 'master' in facts:
- for key, value in config.items():
- if key not in facts['master']:
- facts['master'][key] = value
-
- return facts
-
-
def set_identity_providers_if_unset(facts):
""" Set identity_providers fact if not already present in facts dict
@@ -626,7 +441,6 @@ def set_url_facts_if_unset(facts):
etcd_urls = []
if etcd_hosts != '':
facts['master']['etcd_port'] = ports['etcd']
- facts['master']['embedded_etcd'] = False
for host in etcd_hosts:
etcd_urls.append(format_url(use_ssl['etcd'], host,
ports['etcd']))
@@ -703,64 +517,9 @@ def set_aggregate_facts(facts):
return facts
-def set_etcd_facts_if_unset(facts):
- """
- If using embedded etcd, loads the data directory from master-config.yaml.
-
- If using standalone etcd, loads ETCD_DATA_DIR from etcd.conf.
-
- If anything goes wrong parsing these, the fact will not be set.
- """
- if 'master' in facts and safe_get_bool(facts['master']['embedded_etcd']):
- etcd_facts = facts['etcd'] if 'etcd' in facts else dict()
-
- if 'etcd_data_dir' not in etcd_facts:
- try:
- # Parse master config to find actual etcd data dir:
- master_cfg_path = os.path.join(facts['common']['config_base'],
- 'master/master-config.yaml')
- master_cfg_f = open(master_cfg_path, 'r')
- config = yaml.safe_load(master_cfg_f.read())
- master_cfg_f.close()
-
- etcd_facts['etcd_data_dir'] = \
- config['etcdConfig']['storageDirectory']
-
- facts['etcd'] = etcd_facts
-
- # We don't want exceptions bubbling up here:
- # pylint: disable=broad-except
- except Exception:
- pass
- else:
- etcd_facts = facts['etcd'] if 'etcd' in facts else dict()
-
- # Read ETCD_DATA_DIR from /etc/etcd/etcd.conf:
- try:
- # Add a fake section for parsing:
- ini_str = text_type('[root]\n' + open('/etc/etcd/etcd.conf', 'r').read(), 'utf-8')
- ini_fp = io.StringIO(ini_str)
- config = configparser.RawConfigParser()
- config.readfp(ini_fp)
- etcd_data_dir = config.get('root', 'ETCD_DATA_DIR')
- if etcd_data_dir.startswith('"') and etcd_data_dir.endswith('"'):
- etcd_data_dir = etcd_data_dir[1:-1]
-
- etcd_facts['etcd_data_dir'] = etcd_data_dir
- facts['etcd'] = etcd_facts
-
- # We don't want exceptions bubbling up here:
- # pylint: disable=broad-except
- except Exception:
- pass
-
- return facts
-
-
def set_deployment_facts_if_unset(facts):
""" Set Facts that vary based on deployment_type. This currently
- includes common.service_type, master.registry_url, node.registry_url,
- node.storage_plugin_deps
+ includes master.registry_url
Args:
facts (dict): existing facts
@@ -768,37 +527,17 @@ def set_deployment_facts_if_unset(facts):
dict: the facts dict updated with the generated deployment_type
facts
"""
- # disabled to avoid breaking up facts related to deployment type into
- # multiple methods for now.
- # pylint: disable=too-many-statements, too-many-branches
- if 'common' in facts:
- deployment_type = facts['common']['deployment_type']
- if 'service_type' not in facts['common']:
- service_type = 'atomic-openshift'
- if deployment_type == 'origin':
- service_type = 'origin'
- facts['common']['service_type'] = service_type
-
- for role in ('master', 'node'):
- if role in facts:
- deployment_type = facts['common']['deployment_type']
- if 'registry_url' not in facts[role]:
- registry_url = 'openshift/origin-${component}:${version}'
- if deployment_type == 'openshift-enterprise':
- registry_url = 'openshift3/ose-${component}:${version}'
- facts[role]['registry_url'] = registry_url
-
if 'master' in facts:
deployment_type = facts['common']['deployment_type']
openshift_features = ['Builder', 'S2IBuilder', 'WebConsole']
if 'disabled_features' not in facts['master']:
if facts['common']['deployment_subtype'] == 'registry':
facts['master']['disabled_features'] = openshift_features
-
- if 'node' in facts:
- deployment_type = facts['common']['deployment_type']
- if 'storage_plugin_deps' not in facts['node']:
- facts['node']['storage_plugin_deps'] = ['ceph', 'glusterfs', 'iscsi']
+ if 'registry_url' not in facts['master']:
+ registry_url = 'openshift/origin-${component}:${version}'
+ if deployment_type == 'openshift-enterprise':
+ registry_url = 'openshift3/ose-${component}:${version}'
+ facts['master']['registry_url'] = registry_url
return facts
@@ -806,7 +545,7 @@ def set_deployment_facts_if_unset(facts):
# pylint: disable=too-many-statements
def set_version_facts_if_unset(facts):
""" Set version facts. This currently includes common.version and
- common.version_gte_3_1_or_1_1.
+ common.version_gte_3_x
Args:
facts (dict): existing facts
@@ -814,65 +553,36 @@ def set_version_facts_if_unset(facts):
dict: the facts dict updated with version facts.
"""
if 'common' in facts:
- deployment_type = facts['common']['deployment_type']
openshift_version = get_openshift_version(facts)
if openshift_version and openshift_version != "latest":
version = LooseVersion(openshift_version)
facts['common']['version'] = openshift_version
facts['common']['short_version'] = '.'.join([str(x) for x in version.version[0:2]])
- if deployment_type == 'origin':
- version_gte_3_1_or_1_1 = version >= LooseVersion('1.1.0')
- version_gte_3_1_1_or_1_1_1 = version >= LooseVersion('1.1.1')
- version_gte_3_2_or_1_2 = version >= LooseVersion('1.2.0')
- version_gte_3_3_or_1_3 = version >= LooseVersion('1.3.0')
- version_gte_3_4_or_1_4 = version >= LooseVersion('1.4')
- version_gte_3_5_or_1_5 = version >= LooseVersion('1.5')
- version_gte_3_6 = version >= LooseVersion('3.6')
- version_gte_3_7 = version >= LooseVersion('3.7')
- else:
- version_gte_3_1_or_1_1 = version >= LooseVersion('3.0.2.905')
- version_gte_3_1_1_or_1_1_1 = version >= LooseVersion('3.1.1')
- version_gte_3_2_or_1_2 = version >= LooseVersion('3.1.1.901')
- version_gte_3_3_or_1_3 = version >= LooseVersion('3.3.0')
- version_gte_3_4_or_1_4 = version >= LooseVersion('3.4')
- version_gte_3_5_or_1_5 = version >= LooseVersion('3.5')
- version_gte_3_6 = version >= LooseVersion('3.6')
- version_gte_3_7 = version >= LooseVersion('3.7')
+ version_gte_3_6 = version >= LooseVersion('3.6')
+ version_gte_3_7 = version >= LooseVersion('3.7')
+ version_gte_3_8 = version >= LooseVersion('3.8')
+ version_gte_3_9 = version >= LooseVersion('3.9')
else:
# 'Latest' version is set to True, 'Next' versions set to False
- version_gte_3_1_or_1_1 = True
- version_gte_3_1_1_or_1_1_1 = True
- version_gte_3_2_or_1_2 = True
- version_gte_3_3_or_1_3 = True
- version_gte_3_4_or_1_4 = True
- version_gte_3_5_or_1_5 = True
version_gte_3_6 = True
- version_gte_3_7 = False
- facts['common']['version_gte_3_1_or_1_1'] = version_gte_3_1_or_1_1
- facts['common']['version_gte_3_1_1_or_1_1_1'] = version_gte_3_1_1_or_1_1_1
- facts['common']['version_gte_3_2_or_1_2'] = version_gte_3_2_or_1_2
- facts['common']['version_gte_3_3_or_1_3'] = version_gte_3_3_or_1_3
- facts['common']['version_gte_3_4_or_1_4'] = version_gte_3_4_or_1_4
- facts['common']['version_gte_3_5_or_1_5'] = version_gte_3_5_or_1_5
+ version_gte_3_7 = True
+ version_gte_3_8 = False
+ version_gte_3_9 = False
facts['common']['version_gte_3_6'] = version_gte_3_6
facts['common']['version_gte_3_7'] = version_gte_3_7
-
- if version_gte_3_7:
+ facts['common']['version_gte_3_8'] = version_gte_3_8
+ facts['common']['version_gte_3_9'] = version_gte_3_9
+
+ if version_gte_3_9:
+ examples_content_version = 'v3.9'
+ elif version_gte_3_8:
+ examples_content_version = 'v3.8'
+ elif version_gte_3_7:
examples_content_version = 'v3.7'
elif version_gte_3_6:
examples_content_version = 'v3.6'
- elif version_gte_3_5_or_1_5:
- examples_content_version = 'v1.5'
- elif version_gte_3_4_or_1_4:
- examples_content_version = 'v1.4'
- elif version_gte_3_3_or_1_3:
- examples_content_version = 'v1.3'
- elif version_gte_3_2_or_1_2:
- examples_content_version = 'v1.2'
- elif version_gte_3_1_or_1_1:
- examples_content_version = 'v1.1'
else:
- examples_content_version = 'v1.0'
+ examples_content_version = 'v1.5'
facts['common']['examples_content_version'] = examples_content_version
@@ -1052,62 +762,6 @@ def get_current_config(facts):
return current_config
-def build_kubelet_args(facts):
- """Build node kubelet_args
-
-In the node-config.yaml file, kubeletArgument sub-keys have their
-values provided as a list. Hence the gratuitous use of ['foo'] below.
- """
- cloud_cfg_path = os.path.join(
- facts['common']['config_base'],
- 'cloudprovider')
-
- # We only have to do this stuff on hosts that are nodes
- if 'node' in facts:
- # Any changes to the kubeletArguments parameter are stored
- # here first.
- kubelet_args = {}
-
- if 'cloudprovider' in facts:
- # EVERY cloud is special <3
- if 'kind' in facts['cloudprovider']:
- if facts['cloudprovider']['kind'] == 'aws':
- kubelet_args['cloud-provider'] = ['aws']
- kubelet_args['cloud-config'] = [cloud_cfg_path + '/aws.conf']
- if facts['cloudprovider']['kind'] == 'openstack':
- kubelet_args['cloud-provider'] = ['openstack']
- kubelet_args['cloud-config'] = [cloud_cfg_path + '/openstack.conf']
- if facts['cloudprovider']['kind'] == 'gce':
- kubelet_args['cloud-provider'] = ['gce']
- kubelet_args['cloud-config'] = [cloud_cfg_path + '/gce.conf']
-
- # Automatically add node-labels to the kubeletArguments
- # parameter. See BZ1359848 for additional details.
- #
- # Ref: https://bugzilla.redhat.com/show_bug.cgi?id=1359848
- if 'labels' in facts['node'] and isinstance(facts['node']['labels'], dict):
- # tl;dr: os_node_labels="{'foo': 'bar', 'a': 'b'}" turns
- # into ['foo=bar', 'a=b']
- #
- # On the openshift_node_labels inventory variable we loop
- # over each key-value tuple (from .items()) and join the
- # key to the value with an '=' character, this produces a
- # list.
- #
- # map() seems to be returning an itertools.imap object
- # instead of a list. We cast it to a list ourselves.
- # pylint: disable=unnecessary-lambda
- labels_str = list(map(lambda x: '='.join(x), facts['node']['labels'].items()))
- if labels_str != '':
- kubelet_args['node-labels'] = labels_str
-
- # If we've added items to the kubelet_args dict then we need
- # to merge the new items back into the main facts object.
- if kubelet_args != {}:
- facts = merge_facts({'node': {'kubelet_args': kubelet_args}}, facts, [], [])
- return facts
-
-
def build_controller_args(facts):
""" Build master controller_args """
cloud_cfg_path = os.path.join(facts['common']['config_base'],
@@ -1126,7 +780,7 @@ def build_controller_args(facts):
controller_args['cloud-provider'] = ['gce']
controller_args['cloud-config'] = [cloud_cfg_path + '/gce.conf']
if controller_args != {}:
- facts = merge_facts({'master': {'controller_args': controller_args}}, facts, [], [])
+ facts = merge_facts({'master': {'controller_args': controller_args}}, facts, [])
return facts
@@ -1148,7 +802,7 @@ def build_api_server_args(facts):
api_server_args['cloud-provider'] = ['gce']
api_server_args['cloud-config'] = [cloud_cfg_path + '/gce.conf']
if api_server_args != {}:
- facts = merge_facts({'master': {'api_server_args': api_server_args}}, facts, [], [])
+ facts = merge_facts({'master': {'api_server_args': api_server_args}}, facts, [])
return facts
@@ -1195,6 +849,7 @@ def get_version_output(binary, version_cmd):
return output
+# We may need this in the future.
def get_docker_version_info():
""" Parses and returns the docker version info """
result = None
@@ -1208,25 +863,6 @@ def get_docker_version_info():
return result
-def get_hosted_registry_insecure():
- """ Parses OPTIONS from /etc/sysconfig/docker to determine if the
- registry is currently insecure.
- """
- hosted_registry_insecure = None
- if os.path.exists('/etc/sysconfig/docker'):
- try:
- ini_str = text_type('[root]\n' + open('/etc/sysconfig/docker', 'r').read(), 'utf-8')
- ini_fp = io.StringIO(ini_str)
- config = configparser.RawConfigParser()
- config.readfp(ini_fp)
- options = config.get('root', 'OPTIONS')
- if 'insecure-registry' in options:
- hosted_registry_insecure = True
- except Exception: # pylint: disable=broad-except
- pass
- return hosted_registry_insecure
-
-
def get_openshift_version(facts):
""" Get current version of openshift on the host.
@@ -1289,8 +925,13 @@ def get_container_openshift_version(facts):
If containerized, see if we can determine the installed version via the
systemd environment files.
"""
+ deployment_type = facts['common']['deployment_type']
+ service_type_dict = {'origin': 'origin',
+ 'openshift-enterprise': 'atomic-openshift'}
+ service_type = service_type_dict[deployment_type]
+
for filename in ['/etc/sysconfig/%s-master-controllers', '/etc/sysconfig/%s-node']:
- env_path = filename % facts['common']['service_type']
+ env_path = filename % service_type
if not os.path.exists(env_path):
continue
@@ -1353,7 +994,7 @@ def apply_provider_facts(facts, provider_facts):
# Disabling pylint too many branches. This function needs refactored
# but is a very core part of openshift_facts.
# pylint: disable=too-many-branches, too-many-nested-blocks
-def merge_facts(orig, new, additive_facts_to_overwrite, protected_facts_to_overwrite):
+def merge_facts(orig, new, additive_facts_to_overwrite):
""" Recursively merge facts dicts
Args:
@@ -1361,14 +1002,11 @@ def merge_facts(orig, new, additive_facts_to_overwrite, protected_facts_to_overw
new (dict): facts to update
additive_facts_to_overwrite (list): additive facts to overwrite in jinja
'.' notation ex: ['master.named_certificates']
- protected_facts_to_overwrite (list): protected facts to overwrite in jinja
- '.' notation ex: ['master.master_count']
Returns:
dict: the merged facts
"""
additive_facts = ['named_certificates']
- protected_facts = ['ha']
# Facts we do not ever want to merge. These originate in inventory variables
# and contain JSON dicts. We don't ever want to trigger a merge
@@ -1400,14 +1038,7 @@ def merge_facts(orig, new, additive_facts_to_overwrite, protected_facts_to_overw
if '.' in item and item.startswith(key + '.'):
relevant_additive_facts.append(item)
- # Collect the subset of protected facts to overwrite
- # if key matches. These will be passed to the
- # subsequent merge_facts call.
- relevant_protected_facts = []
- for item in protected_facts_to_overwrite:
- if '.' in item and item.startswith(key + '.'):
- relevant_protected_facts.append(item)
- facts[key] = merge_facts(value, new[key], relevant_additive_facts, relevant_protected_facts)
+ facts[key] = merge_facts(value, new[key], relevant_additive_facts)
# Key matches an additive fact and we are not overwriting
# it so we will append the new value to the existing value.
elif key in additive_facts and key not in [x.split('.')[-1] for x in additive_facts_to_overwrite]:
@@ -1417,18 +1048,6 @@ def merge_facts(orig, new, additive_facts_to_overwrite, protected_facts_to_overw
if item not in new_fact:
new_fact.append(item)
facts[key] = new_fact
- # Key matches a protected fact and we are not overwriting
- # it so we will determine if it is okay to change this
- # fact.
- elif key in protected_facts and key not in [x.split('.')[-1] for x in protected_facts_to_overwrite]:
- # ha (bool) can not change unless it has been passed
- # as a protected fact to overwrite.
- if key == 'ha':
- if safe_get_bool(value) != safe_get_bool(new[key]):
- # pylint: disable=line-too-long
- module.fail_json(msg='openshift_facts received a different value for openshift.master.ha') # noqa: F405
- else:
- facts[key] = value
# No other condition has been met. Overwrite the old fact
# with the new value.
else:
@@ -1597,7 +1216,8 @@ def set_builddefaults_facts(facts):
# Scaffold out the full expected datastructure
facts['master']['admission_plugin_config'] = {'BuildDefaults': {'configuration': {'env': {}}}}
facts['master']['admission_plugin_config'].update(builddefaults['config'])
- delete_empty_keys(facts['master']['admission_plugin_config']['BuildDefaults']['configuration']['env'])
+ if 'env' in facts['master']['admission_plugin_config']['BuildDefaults']['configuration']:
+ delete_empty_keys(facts['master']['admission_plugin_config']['BuildDefaults']['configuration']['env'])
return facts
@@ -1658,64 +1278,12 @@ def set_container_facts_if_unset(facts):
dict: the facts dict updated with the generated containerization
facts
"""
- deployment_type = facts['common']['deployment_type']
- if deployment_type == 'openshift-enterprise':
- master_image = 'openshift3/ose'
- cli_image = master_image
- node_image = 'openshift3/node'
- ovs_image = 'openshift3/openvswitch'
- etcd_image = 'registry.access.redhat.com/rhel7/etcd'
- pod_image = 'openshift3/ose-pod'
- router_image = 'openshift3/ose-haproxy-router'
- registry_image = 'openshift3/ose-docker-registry'
- deployer_image = 'openshift3/ose-deployer'
- else:
- master_image = 'openshift/origin'
- cli_image = master_image
- node_image = 'openshift/node'
- ovs_image = 'openshift/openvswitch'
- etcd_image = 'registry.access.redhat.com/rhel7/etcd'
- pod_image = 'openshift/origin-pod'
- router_image = 'openshift/origin-haproxy-router'
- registry_image = 'openshift/origin-docker-registry'
- deployer_image = 'openshift/origin-deployer'
-
facts['common']['is_atomic'] = os.path.isfile('/run/ostree-booted')
- # If openshift_docker_use_system_container is set and is True ....
- if 'use_system_container' in list(facts['docker'].keys()):
- # use safe_get_bool as the inventory variable may not be a
- # valid boolean on it's own.
- if safe_get_bool(facts['docker']['use_system_container']):
- # ... set the service name to container-engine
- facts['docker']['service_name'] = 'container-engine'
if 'is_containerized' not in facts['common']:
facts['common']['is_containerized'] = facts['common']['is_atomic']
- if 'cli_image' not in facts['common']:
- facts['common']['cli_image'] = cli_image
- if 'pod_image' not in facts['common']:
- facts['common']['pod_image'] = pod_image
- if 'router_image' not in facts['common']:
- facts['common']['router_image'] = router_image
- if 'registry_image' not in facts['common']:
- facts['common']['registry_image'] = registry_image
- if 'deployer_image' not in facts['common']:
- facts['common']['deployer_image'] = deployer_image
- if 'etcd' in facts and 'etcd_image' not in facts['etcd']:
- facts['etcd']['etcd_image'] = etcd_image
- if 'master' in facts and 'master_image' not in facts['master']:
- facts['master']['master_image'] = master_image
- facts['master']['master_system_image'] = master_image
- if 'node' in facts:
- if 'node_image' not in facts['node']:
- facts['node']['node_image'] = node_image
- facts['node']['node_system_image'] = node_image
- if 'ovs_image' not in facts['node']:
- facts['node']['ovs_image'] = ovs_image
- facts['node']['ovs_system_image'] = ovs_image
if safe_get_bool(facts['common']['is_containerized']):
- facts['common']['admin_binary'] = '/usr/local/bin/oadm'
facts['common']['client_binary'] = '/usr/local/bin/oc'
return facts
@@ -1776,8 +1344,6 @@ class OpenShiftFacts(object):
local_facts (dict): local facts to set
additive_facts_to_overwrite (list): additive facts to overwrite in jinja
'.' notation ex: ['master.named_certificates']
- protected_facts_to_overwrite (list): protected facts to overwrite in jinja
- '.' notation ex: ['master.master_count']
Raises:
OpenShiftFactsUnsupportedRoleError:
@@ -1786,23 +1352,14 @@ class OpenShiftFacts(object):
'buildoverrides',
'cloudprovider',
'common',
- 'docker',
'etcd',
- 'hosted',
'master',
- 'node',
- 'logging',
- 'loggingops',
- 'metrics',
- 'prometheus']
+ 'node']
# Disabling too-many-arguments, this should be cleaned up as a TODO item.
# pylint: disable=too-many-arguments,no-value-for-parameter
def __init__(self, role, filename, local_facts,
- additive_facts_to_overwrite=None,
- openshift_env=None,
- openshift_env_structures=None,
- protected_facts_to_overwrite=None):
+ additive_facts_to_overwrite=None):
self.changed = False
self.filename = filename
if role not in self.known_roles:
@@ -1824,34 +1381,23 @@ class OpenShiftFacts(object):
self.system_facts = get_all_facts(module)['ansible_facts'] # noqa: F405
self.facts = self.generate_facts(local_facts,
- additive_facts_to_overwrite,
- openshift_env,
- openshift_env_structures,
- protected_facts_to_overwrite)
+ additive_facts_to_overwrite)
def generate_facts(self,
local_facts,
- additive_facts_to_overwrite,
- openshift_env,
- openshift_env_structures,
- protected_facts_to_overwrite):
+ additive_facts_to_overwrite):
""" Generate facts
Args:
local_facts (dict): local_facts for overriding generated defaults
additive_facts_to_overwrite (list): additive facts to overwrite in jinja
'.' notation ex: ['master.named_certificates']
- openshift_env (dict): openshift_env facts for overriding generated defaults
- protected_facts_to_overwrite (list): protected facts to overwrite in jinja
- '.' notation ex: ['master.master_count']
Returns:
dict: The generated facts
"""
+
local_facts = self.init_local_facts(local_facts,
- additive_facts_to_overwrite,
- openshift_env,
- openshift_env_structures,
- protected_facts_to_overwrite)
+ additive_facts_to_overwrite)
roles = local_facts.keys()
if 'common' in local_facts and 'deployment_type' in local_facts['common']:
@@ -1869,25 +1415,18 @@ class OpenShiftFacts(object):
facts = apply_provider_facts(defaults, provider_facts)
facts = merge_facts(facts,
local_facts,
- additive_facts_to_overwrite,
- protected_facts_to_overwrite)
+ additive_facts_to_overwrite)
facts = migrate_oauth_template_facts(facts)
facts['current_config'] = get_current_config(facts)
facts = set_url_facts_if_unset(facts)
- facts = set_project_cfg_facts_if_unset(facts)
- facts = set_node_schedulability(facts)
- facts = set_selectors(facts)
facts = set_identity_providers_if_unset(facts)
facts = set_deployment_facts_if_unset(facts)
facts = set_sdn_facts_if_unset(facts, self.system_facts)
facts = set_container_facts_if_unset(facts)
- facts = build_kubelet_args(facts)
facts = build_controller_args(facts)
facts = build_api_server_args(facts)
facts = set_version_facts_if_unset(facts)
- facts = set_dnsmasq_facts_if_unset(facts)
facts = set_aggregate_facts(facts)
- facts = set_etcd_facts_if_unset(facts)
facts = set_proxy_facts(facts)
facts = set_builddefaults_facts(facts)
facts = set_buildoverrides_facts(facts)
@@ -1920,7 +1459,7 @@ class OpenShiftFacts(object):
hostname=hostname,
public_hostname=hostname,
portal_net='172.30.0.0/16',
- client_binary='oc', admin_binary='oadm',
+ client_binary='oc',
dns_domain='cluster.local',
config_base='/etc/origin')
@@ -1932,7 +1471,7 @@ class OpenShiftFacts(object):
console_port='8443', etcd_use_ssl=True,
etcd_hosts='', etcd_port='4001',
portal_net='172.30.0.0/16',
- embedded_etcd=True, embedded_kube=True,
+ embedded_kube=True,
embedded_dns=True,
bind_addr='0.0.0.0',
session_max_seconds=3600,
@@ -1945,204 +1484,11 @@ class OpenShiftFacts(object):
max_requests_inflight=500)
if 'node' in roles:
- defaults['node'] = dict(labels={}, annotations={},
- iptables_sync_period='30s',
- local_quota_per_fsgroup="",
- set_node_ip=False)
-
- if 'docker' in roles:
- docker = dict(disable_push_dockerhub=False,
- options='--log-driver=journald')
- # NOTE: This is a workaround for a dnf output racecondition that can occur in
- # some situations. See https://bugzilla.redhat.com/show_bug.cgi?id=918184
- if self.system_facts['ansible_pkg_mgr'] == 'dnf':
- rpm_rebuilddb()
-
- version_info = get_docker_version_info()
- if version_info is not None:
- docker['api_version'] = version_info['api_version']
- docker['version'] = version_info['version']
- docker['gte_1_10'] = LooseVersion(version_info['version']) >= LooseVersion('1.10')
- hosted_registry_insecure = get_hosted_registry_insecure()
- if hosted_registry_insecure is not None:
- docker['hosted_registry_insecure'] = hosted_registry_insecure
- docker['service_name'] = 'docker'
- defaults['docker'] = docker
+ defaults['node'] = dict(labels={})
if 'cloudprovider' in roles:
defaults['cloudprovider'] = dict(kind=None)
- if 'hosted' in roles or self.role == 'hosted':
- defaults['hosted'] = dict(
- etcd=dict(
- storage=dict(
- kind=None,
- volume=dict(
- name='etcd',
- size='1Gi'
- ),
- nfs=dict(
- directory='/exports',
- options='*(rw,root_squash)'
- ),
- host=None,
- access=dict(
- modes=['ReadWriteOnce']
- ),
- create_pv=True,
- create_pvc=False
- )
- ),
- registry=dict(
- storage=dict(
- kind=None,
- volume=dict(
- name='registry',
- size='5Gi'
- ),
- nfs=dict(
- directory='/exports',
- options='*(rw,root_squash)'),
- glusterfs=dict(
- endpoints='glusterfs-registry-endpoints',
- path='glusterfs-registry-volume',
- readOnly=False,
- swap=False,
- swapcopy=True),
- host=None,
- access=dict(
- modes=['ReadWriteMany']
- ),
- create_pv=True,
- create_pvc=True
- )
- ),
- router=dict()
- )
-
- defaults['logging'] = dict(
- storage=dict(
- kind=None,
- volume=dict(
- name='logging-es',
- size='10Gi'
- ),
- nfs=dict(
- directory='/exports',
- options='*(rw,root_squash)'
- ),
- host=None,
- access=dict(
- modes=['ReadWriteOnce']
- ),
- create_pv=True,
- create_pvc=False
- )
- )
-
- defaults['loggingops'] = dict(
- storage=dict(
- kind=None,
- volume=dict(
- name='logging-es-ops',
- size='10Gi'
- ),
- nfs=dict(
- directory='/exports',
- options='*(rw,root_squash)'
- ),
- host=None,
- access=dict(
- modes=['ReadWriteOnce']
- ),
- create_pv=True,
- create_pvc=False
- )
- )
-
- defaults['metrics'] = dict(
- deploy=False,
- duration=7,
- resolution='10s',
- storage=dict(
- kind=None,
- volume=dict(
- name='metrics',
- size='10Gi'
- ),
- nfs=dict(
- directory='/exports',
- options='*(rw,root_squash)'
- ),
- host=None,
- access=dict(
- modes=['ReadWriteOnce']
- ),
- create_pv=True,
- create_pvc=False
- )
- )
-
- defaults['prometheus'] = dict(
- storage=dict(
- kind=None,
- volume=dict(
- name='prometheus',
- size='10Gi'
- ),
- nfs=dict(
- directory='/exports',
- options='*(rw,root_squash)'
- ),
- host=None,
- access=dict(
- modes=['ReadWriteOnce']
- ),
- create_pv=True,
- create_pvc=False
- )
- )
-
- defaults['prometheus']['alertmanager'] = dict(
- storage=dict(
- kind=None,
- volume=dict(
- name='prometheus-alertmanager',
- size='10Gi'
- ),
- nfs=dict(
- directory='/exports',
- options='*(rw,root_squash)'
- ),
- host=None,
- access=dict(
- modes=['ReadWriteOnce']
- ),
- create_pv=True,
- create_pvc=False
- )
- )
-
- defaults['prometheus']['alertbuffer'] = dict(
- storage=dict(
- kind=None,
- volume=dict(
- name='prometheus-alertbuffer',
- size='10Gi'
- ),
- nfs=dict(
- directory='/exports',
- options='*(rw,root_squash)'
- ),
- host=None,
- access=dict(
- modes=['ReadWriteOnce']
- ),
- create_pv=True,
- create_pvc=False
- )
- )
-
return defaults
def guess_host_provider(self):
@@ -2215,65 +1561,17 @@ class OpenShiftFacts(object):
)
return provider_facts
- @staticmethod
- def split_openshift_env_fact_keys(openshift_env_fact, openshift_env_structures):
- """ Split openshift_env facts based on openshift_env structures.
-
- Args:
- openshift_env_fact (string): the openshift_env fact to split
- ex: 'openshift_cloudprovider_openstack_auth_url'
- openshift_env_structures (list): a list of structures to determine fact keys
- ex: ['openshift.cloudprovider.openstack.*']
- Returns:
- list: a list of keys that represent the fact
- ex: ['openshift', 'cloudprovider', 'openstack', 'auth_url']
- """
- # By default, we'll split an openshift_env fact by underscores.
- fact_keys = openshift_env_fact.split('_')
-
- # Determine if any of the provided variable structures match the fact.
- matching_structure = None
- if openshift_env_structures is not None:
- for structure in openshift_env_structures:
- if re.match(structure, openshift_env_fact):
- matching_structure = structure
- # Fact didn't match any variable structures so return the default fact keys.
- if matching_structure is None:
- return fact_keys
-
- final_keys = []
- structure_keys = matching_structure.split('.')
- for structure_key in structure_keys:
- # Matched current key. Add to final keys.
- if structure_key == fact_keys[structure_keys.index(structure_key)]:
- final_keys.append(structure_key)
- # Wildcard means we will be taking everything from here to the end of the fact.
- elif structure_key == '*':
- final_keys.append('_'.join(fact_keys[structure_keys.index(structure_key):]))
- # Shouldn't have gotten here, return the fact keys.
- else:
- return fact_keys
- return final_keys
-
# Disabling too-many-branches and too-many-locals.
# This should be cleaned up as a TODO item.
# pylint: disable=too-many-branches, too-many-locals
def init_local_facts(self, facts=None,
- additive_facts_to_overwrite=None,
- openshift_env=None,
- openshift_env_structures=None,
- protected_facts_to_overwrite=None):
+ additive_facts_to_overwrite=None):
""" Initialize the local facts
Args:
facts (dict): local facts to set
additive_facts_to_overwrite (list): additive facts to overwrite in jinja
'.' notation ex: ['master.named_certificates']
- openshift_env (dict): openshift env facts to set
- protected_facts_to_overwrite (list): protected facts to overwrite in jinja
- '.' notation ex: ['master.master_count']
-
-
Returns:
dict: The result of merging the provided facts with existing
local facts
@@ -2285,38 +1583,13 @@ class OpenShiftFacts(object):
if facts is not None:
facts_to_set[self.role] = facts
- if openshift_env != {} and openshift_env is not None:
- for fact, value in iteritems(openshift_env):
- oo_env_facts = dict()
- current_level = oo_env_facts
- keys = self.split_openshift_env_fact_keys(fact, openshift_env_structures)[1:]
- if len(keys) > 0 and keys[0] != self.role:
- continue
- for key in keys:
- if key == keys[-1]:
- current_level[key] = value
- elif key not in current_level:
- current_level[key] = dict()
- current_level = current_level[key]
- facts_to_set = merge_facts(orig=facts_to_set,
- new=oo_env_facts,
- additive_facts_to_overwrite=[],
- protected_facts_to_overwrite=[])
-
local_facts = get_local_facts_from_file(self.filename)
migrated_facts = migrate_local_facts(local_facts)
new_local_facts = merge_facts(migrated_facts,
facts_to_set,
- additive_facts_to_overwrite,
- protected_facts_to_overwrite)
-
- if 'docker' in new_local_facts:
- # Convert legacy log_options comma sep string to a list if present:
- if 'log_options' in new_local_facts['docker'] and \
- isinstance(new_local_facts['docker']['log_options'], string_types):
- new_local_facts['docker']['log_options'] = new_local_facts['docker']['log_options'].split(',')
+ additive_facts_to_overwrite)
new_local_facts = self.remove_empty_facts(new_local_facts)
@@ -2424,9 +1697,6 @@ def main():
choices=OpenShiftFacts.known_roles),
local_facts=dict(default=None, type='dict', required=False),
additive_facts_to_overwrite=dict(default=[], type='list', required=False),
- openshift_env=dict(default={}, type='dict', required=False),
- openshift_env_structures=dict(default=[], type='list', required=False),
- protected_facts_to_overwrite=dict(default=[], type='list', required=False)
),
supports_check_mode=True,
add_file_common_args=True,
@@ -2442,19 +1712,13 @@ def main():
role = module.params['role'] # noqa: F405
local_facts = module.params['local_facts'] # noqa: F405
additive_facts_to_overwrite = module.params['additive_facts_to_overwrite'] # noqa: F405
- openshift_env = module.params['openshift_env'] # noqa: F405
- openshift_env_structures = module.params['openshift_env_structures'] # noqa: F405
- protected_facts_to_overwrite = module.params['protected_facts_to_overwrite'] # noqa: F405
fact_file = '/etc/ansible/facts.d/openshift.fact'
openshift_facts = OpenShiftFacts(role,
fact_file,
local_facts,
- additive_facts_to_overwrite,
- openshift_env,
- openshift_env_structures,
- protected_facts_to_overwrite)
+ additive_facts_to_overwrite)
file_params = module.params.copy() # noqa: F405
file_params['path'] = fact_file
diff --git a/roles/openshift_health_checker/HOWTO_CHECKS.md b/roles/openshift_health_checker/HOWTO_CHECKS.md
index 6c5662a4e..94961f2d4 100644
--- a/roles/openshift_health_checker/HOWTO_CHECKS.md
+++ b/roles/openshift_health_checker/HOWTO_CHECKS.md
@@ -12,7 +12,7 @@ Checks are typically implemented as two parts:
The checks are called from Ansible playbooks via the `openshift_health_check`
action plugin. See
-[playbooks/byo/openshift-preflight/check.yml](../../playbooks/byo/openshift-preflight/check.yml)
+[playbooks/openshift-checks/pre-install.yml](../../playbooks/openshift-checks/pre-install.yml)
for an example.
The action plugin dynamically discovers all checks and executes only those
diff --git a/roles/openshift_health_checker/defaults/main.yml b/roles/openshift_health_checker/defaults/main.yml
new file mode 100644
index 000000000..f25a0dc79
--- /dev/null
+++ b/roles/openshift_health_checker/defaults/main.yml
@@ -0,0 +1,6 @@
+---
+openshift_service_type_dict:
+ origin: origin
+ openshift-enterprise: atomic-openshift
+
+openshift_service_type: "{{ openshift_service_type_dict[openshift_deployment_type] }}"
diff --git a/roles/openshift_health_checker/meta/main.yml b/roles/openshift_health_checker/meta/main.yml
index bc8e7bdcf..b8a59ee14 100644
--- a/roles/openshift_health_checker/meta/main.yml
+++ b/roles/openshift_health_checker/meta/main.yml
@@ -1,3 +1,4 @@
---
dependencies:
- role: openshift_facts
+- role: lib_utils
diff --git a/roles/openshift_health_checker/openshift_checks/docker_image_availability.py b/roles/openshift_health_checker/openshift_checks/docker_image_availability.py
index 5beb20503..4f91f6bb3 100644
--- a/roles/openshift_health_checker/openshift_checks/docker_image_availability.py
+++ b/roles/openshift_health_checker/openshift_checks/docker_image_availability.py
@@ -1,5 +1,6 @@
"""Check that required Docker images are available."""
+import re
from pipes import quote
from ansible.module_utils import six
from openshift_checks import OpenShiftCheck
@@ -11,12 +12,16 @@ DEPLOYMENT_IMAGE_INFO = {
"origin": {
"namespace": "openshift",
"name": "origin",
- "registry_console_image": "cockpit/kubernetes",
+ "registry_console_prefix": "cockpit/",
+ "registry_console_basename": "kubernetes",
+ "registry_console_default_version": "latest",
},
"openshift-enterprise": {
"namespace": "openshift3",
"name": "ose",
- "registry_console_image": "registry.access.redhat.com/openshift3/registry-console",
+ "registry_console_prefix": "openshift3/",
+ "registry_console_basename": "registry-console",
+ "registry_console_default_version": "${short_version}",
},
}
@@ -151,10 +156,8 @@ class DockerImageAvailability(DockerHostMixin, OpenShiftCheck):
if 'oo_nodes_to_config' in host_groups:
for suffix in NODE_IMAGE_SUFFIXES:
required.add(image_url.replace("${component}", suffix).replace("${version}", image_tag))
- # The registry-console is for some reason not prefixed with ose- like the other components.
- # Nor is it versioned the same, so just look for latest.
- # Also a completely different name is used for Origin.
- required.add(image_info["registry_console_image"])
+ if self.get_var("osm_use_cockpit", default=True, convert=bool):
+ required.add(self._registry_console_image(image_tag, image_info))
# images for containerized components
if self.get_var("openshift", "common", "is_containerized"):
@@ -170,6 +173,27 @@ class DockerImageAvailability(DockerHostMixin, OpenShiftCheck):
return required
+ def _registry_console_image(self, image_tag, image_info):
+ """Returns image with logic to parallel what happens with the registry-console template."""
+ # The registry-console is for some reason not prefixed with ose- like the other components.
+ # Nor is it versioned the same. Also a completely different name is used for Origin.
+ prefix = self.get_var(
+ "openshift_cockpit_deployer_prefix",
+ default=image_info["registry_console_prefix"],
+ )
+ basename = self.get_var(
+ "openshift_cockpit_deployer_basename",
+ default=image_info["registry_console_basename"],
+ )
+
+ # enterprise template just uses v3.6, v3.7, etc
+ match = re.match(r'v\d+\.\d+', image_tag)
+ short_version = match.group() if match else image_tag
+ version = image_info["registry_console_default_version"].replace("${short_version}", short_version)
+ version = self.get_var("openshift_cockpit_deployer_version", default=version)
+
+ return prefix + basename + ':' + version
+
def local_images(self, images):
"""Filter a list of images and return those available locally."""
found_images = []
diff --git a/roles/openshift_health_checker/openshift_checks/ovs_version.py b/roles/openshift_health_checker/openshift_checks/ovs_version.py
index 416805c4d..0cad19842 100644
--- a/roles/openshift_health_checker/openshift_checks/ovs_version.py
+++ b/roles/openshift_health_checker/openshift_checks/ovs_version.py
@@ -16,7 +16,8 @@ class OvsVersion(NotContainerizedMixin, OpenShiftCheck):
tags = ["health"]
openshift_to_ovs_version = {
- "3.6": ["2.6", "2.7"],
+ "3.7": ["2.6", "2.7", "2.8"],
+ "3.6": ["2.6", "2.7", "2.8"],
"3.5": ["2.6", "2.7"],
"3.4": "2.4",
}
diff --git a/roles/openshift_health_checker/openshift_checks/package_availability.py b/roles/openshift_health_checker/openshift_checks/package_availability.py
index 090e438ff..980e23f27 100644
--- a/roles/openshift_health_checker/openshift_checks/package_availability.py
+++ b/roles/openshift_health_checker/openshift_checks/package_availability.py
@@ -15,7 +15,9 @@ class PackageAvailability(NotContainerizedMixin, OpenShiftCheck):
return super(PackageAvailability, self).is_active() and self.get_var("ansible_pkg_mgr") == "yum"
def run(self):
- rpm_prefix = self.get_var("openshift", "common", "service_type")
+ rpm_prefix = self.get_var("openshift_service_type")
+ if self._templar is not None:
+ rpm_prefix = self._templar.template(rpm_prefix)
group_names = self.get_var("group_names", default=[])
packages = set()
diff --git a/roles/openshift_health_checker/openshift_checks/package_version.py b/roles/openshift_health_checker/openshift_checks/package_version.py
index 2f09b22fc..f3a628e28 100644
--- a/roles/openshift_health_checker/openshift_checks/package_version.py
+++ b/roles/openshift_health_checker/openshift_checks/package_version.py
@@ -16,7 +16,8 @@ class PackageVersion(NotContainerizedMixin, OpenShiftCheck):
openshift_to_ovs_version = {
(3, 4): "2.4",
(3, 5): ["2.6", "2.7"],
- (3, 6): ["2.6", "2.7"],
+ (3, 6): ["2.6", "2.7", "2.8"],
+ (3, 7): ["2.6", "2.7", "2.8"],
}
openshift_to_docker_version = {
@@ -40,7 +41,9 @@ class PackageVersion(NotContainerizedMixin, OpenShiftCheck):
return super(PackageVersion, self).is_active() and master_or_node
def run(self):
- rpm_prefix = self.get_var("openshift", "common", "service_type")
+ rpm_prefix = self.get_var("openshift_service_type")
+ if self._templar is not None:
+ rpm_prefix = self._templar.template(rpm_prefix)
openshift_release = self.get_var("openshift_release", default='')
deployment_type = self.get_var("openshift_deployment_type")
check_multi_minor_release = deployment_type in ['openshift-enterprise']
diff --git a/roles/openshift_health_checker/test/docker_image_availability_test.py b/roles/openshift_health_checker/test/docker_image_availability_test.py
index dec99e5db..fc333dfd4 100644
--- a/roles/openshift_health_checker/test/docker_image_availability_test.py
+++ b/roles/openshift_health_checker/test/docker_image_availability_test.py
@@ -1,6 +1,6 @@
import pytest
-from openshift_checks.docker_image_availability import DockerImageAvailability
+from openshift_checks.docker_image_availability import DockerImageAvailability, DEPLOYMENT_IMAGE_INFO
@pytest.fixture()
@@ -8,12 +8,12 @@ def task_vars():
return dict(
openshift=dict(
common=dict(
- service_type='origin',
is_containerized=False,
is_atomic=False,
),
docker=dict(),
),
+ openshift_service_type='origin',
openshift_deployment_type='origin',
openshift_image_tag='',
group_names=['oo_nodes_to_config', 'oo_masters_to_config'],
@@ -180,7 +180,7 @@ def test_registry_availability(image, registries, connection_test_failed, skopeo
'openshift/origin-deployer:vtest',
'openshift/origin-docker-registry:vtest',
'openshift/origin-haproxy-router:vtest',
- 'cockpit/kubernetes', # origin version of registry-console
+ 'cockpit/kubernetes:latest', # origin version of registry-console
])
),
( # set a different URL for images
@@ -190,7 +190,7 @@ def test_registry_availability(image, registries, connection_test_failed, skopeo
'foo.io/openshift/origin-deployer:vtest',
'foo.io/openshift/origin-docker-registry:vtest',
'foo.io/openshift/origin-haproxy-router:vtest',
- 'cockpit/kubernetes', # AFAICS this is not built from the URL
+ 'cockpit/kubernetes:latest', # AFAICS this is not built from the URL
])
),
(
@@ -201,7 +201,7 @@ def test_registry_availability(image, registries, connection_test_failed, skopeo
'openshift/origin-deployer:vtest',
'openshift/origin-docker-registry:vtest',
'openshift/origin-haproxy-router:vtest',
- 'cockpit/kubernetes',
+ 'cockpit/kubernetes:latest',
# containerized component images
'openshift/origin:vtest',
'openshift/node:vtest',
@@ -217,7 +217,7 @@ def test_registry_availability(image, registries, connection_test_failed, skopeo
'foo.io/openshift3/ose-docker-registry:f13ac45',
'foo.io/openshift3/ose-haproxy-router:f13ac45',
# registry-console is not constructed/versioned the same as the others.
- 'registry.access.redhat.com/openshift3/registry-console',
+ 'openshift3/registry-console:vtest',
# containerized images aren't built from oreg_url
'openshift3/node:vtest',
'openshift3/openvswitch:vtest',
@@ -249,6 +249,42 @@ def test_required_images(deployment_type, is_containerized, groups, oreg_url, ex
assert expected == DockerImageAvailability(task_vars=task_vars).required_images()
+@pytest.mark.parametrize("task_vars, expected", [
+ (
+ dict(
+ openshift_deployment_type="origin",
+ openshift_image_tag="vtest",
+ ),
+ "cockpit/kubernetes:latest",
+ ), (
+ dict(
+ openshift_deployment_type="openshift-enterprise",
+ openshift_image_tag="vtest",
+ ),
+ "openshift3/registry-console:vtest",
+ ), (
+ dict(
+ openshift_deployment_type="openshift-enterprise",
+ openshift_image_tag="v3.7.0-alpha.0",
+ openshift_cockpit_deployer_prefix="registry.example.com/spam/",
+ ),
+ "registry.example.com/spam/registry-console:v3.7",
+ ), (
+ dict(
+ openshift_deployment_type="origin",
+ openshift_image_tag="v3.7.0-alpha.0",
+ openshift_cockpit_deployer_prefix="registry.example.com/eggs/",
+ openshift_cockpit_deployer_version="spam",
+ ),
+ "registry.example.com/eggs/kubernetes:spam",
+ ),
+])
+def test_registry_console_image(task_vars, expected):
+ info = DEPLOYMENT_IMAGE_INFO[task_vars["openshift_deployment_type"]]
+ tag = task_vars["openshift_image_tag"]
+ assert expected == DockerImageAvailability(task_vars=task_vars)._registry_console_image(tag, info)
+
+
def test_containerized_etcd():
task_vars = dict(
openshift=dict(
diff --git a/roles/openshift_health_checker/test/etcd_traffic_test.py b/roles/openshift_health_checker/test/etcd_traffic_test.py
index dd6f4ad81..a29dc166b 100644
--- a/roles/openshift_health_checker/test/etcd_traffic_test.py
+++ b/roles/openshift_health_checker/test/etcd_traffic_test.py
@@ -37,8 +37,9 @@ def test_log_matches_high_traffic_msg(group_names, matched, failed, extra_words)
task_vars = dict(
group_names=group_names,
openshift=dict(
- common=dict(service_type="origin", is_containerized=False),
- )
+ common=dict(is_containerized=False),
+ ),
+ openshift_service_type="origin"
)
result = EtcdTraffic(execute_module, task_vars).run()
diff --git a/roles/openshift_health_checker/test/ovs_version_test.py b/roles/openshift_health_checker/test/ovs_version_test.py
index 5a82a43bf..dd98ff4d8 100644
--- a/roles/openshift_health_checker/test/ovs_version_test.py
+++ b/roles/openshift_health_checker/test/ovs_version_test.py
@@ -10,10 +10,11 @@ def test_openshift_version_not_supported():
openshift_release = '111.7.0'
task_vars = dict(
- openshift=dict(common=dict(service_type='origin')),
+ openshift=dict(common=dict()),
openshift_release=openshift_release,
openshift_image_tag='v' + openshift_release,
openshift_deployment_type='origin',
+ openshift_service_type='origin'
)
with pytest.raises(OpenShiftCheckException) as excinfo:
@@ -27,9 +28,10 @@ def test_invalid_openshift_release_format():
return {}
task_vars = dict(
- openshift=dict(common=dict(service_type='origin')),
+ openshift=dict(common=dict()),
openshift_image_tag='v0',
openshift_deployment_type='origin',
+ openshift_service_type='origin'
)
with pytest.raises(OpenShiftCheckException) as excinfo:
@@ -38,17 +40,19 @@ def test_invalid_openshift_release_format():
@pytest.mark.parametrize('openshift_release,expected_ovs_version', [
+ ("3.7", ["2.6", "2.7", "2.8"]),
("3.5", ["2.6", "2.7"]),
- ("3.6", ["2.6", "2.7"]),
+ ("3.6", ["2.6", "2.7", "2.8"]),
("3.4", "2.4"),
("3.3", "2.4"),
("1.0", "2.4"),
])
def test_ovs_package_version(openshift_release, expected_ovs_version):
task_vars = dict(
- openshift=dict(common=dict(service_type='origin')),
+ openshift=dict(common=dict()),
openshift_release=openshift_release,
openshift_image_tag='v' + openshift_release,
+ openshift_service_type='origin'
)
return_value = {} # note: check.execute_module modifies return hash contents
diff --git a/roles/openshift_health_checker/test/package_availability_test.py b/roles/openshift_health_checker/test/package_availability_test.py
index 9815acb38..a1e6e0879 100644
--- a/roles/openshift_health_checker/test/package_availability_test.py
+++ b/roles/openshift_health_checker/test/package_availability_test.py
@@ -19,13 +19,13 @@ def test_is_active(pkg_mgr, is_containerized, is_active):
@pytest.mark.parametrize('task_vars,must_have_packages,must_not_have_packages', [
(
- dict(openshift=dict(common=dict(service_type='openshift'))),
+ dict(openshift_service_type='origin'),
set(),
set(['openshift-master', 'openshift-node']),
),
(
dict(
- openshift=dict(common=dict(service_type='origin')),
+ openshift_service_type='origin',
group_names=['oo_masters_to_config'],
),
set(['origin-master']),
@@ -33,7 +33,7 @@ def test_is_active(pkg_mgr, is_containerized, is_active):
),
(
dict(
- openshift=dict(common=dict(service_type='atomic-openshift')),
+ openshift_service_type='atomic-openshift',
group_names=['oo_nodes_to_config'],
),
set(['atomic-openshift-node']),
@@ -41,7 +41,7 @@ def test_is_active(pkg_mgr, is_containerized, is_active):
),
(
dict(
- openshift=dict(common=dict(service_type='atomic-openshift')),
+ openshift_service_type='atomic-openshift',
group_names=['oo_masters_to_config', 'oo_nodes_to_config'],
),
set(['atomic-openshift-master', 'atomic-openshift-node']),
diff --git a/roles/openshift_health_checker/test/package_version_test.py b/roles/openshift_health_checker/test/package_version_test.py
index 3cf4ce033..ea8e02b97 100644
--- a/roles/openshift_health_checker/test/package_version_test.py
+++ b/roles/openshift_health_checker/test/package_version_test.py
@@ -4,9 +4,12 @@ from openshift_checks.package_version import PackageVersion, OpenShiftCheckExcep
def task_vars_for(openshift_release, deployment_type):
+ service_type_dict = {'origin': 'origin',
+ 'openshift-enterprise': 'atomic-openshift'}
+ service_type = service_type_dict[deployment_type]
return dict(
ansible_pkg_mgr='yum',
- openshift=dict(common=dict(service_type=deployment_type)),
+ openshift_service_type=service_type,
openshift_release=openshift_release,
openshift_image_tag='v' + openshift_release,
openshift_deployment_type=deployment_type,
@@ -29,7 +32,7 @@ def test_openshift_version_not_supported():
def test_invalid_openshift_release_format():
task_vars = dict(
ansible_pkg_mgr='yum',
- openshift=dict(common=dict(service_type='origin')),
+ openshift_service_type='origin',
openshift_image_tag='v0',
openshift_deployment_type='origin',
)
diff --git a/roles/openshift_hosted/README.md b/roles/openshift_hosted/README.md
index 29ae58556..3cf5d97c5 100644
--- a/roles/openshift_hosted/README.md
+++ b/roles/openshift_hosted/README.md
@@ -27,19 +27,33 @@ From this role:
| openshift_hosted_registry_replicas | Number of nodes matching selector | The number of replicas to configure. |
| openshift_hosted_registry_selector | region=infra | Node selector used when creating registry. The OpenShift registry will only be deployed to nodes matching this selector. |
| openshift_hosted_registry_cert_expire_days | `730` (2 years) | Validity of the certificates in days. Works only with OpenShift version 1.5 (3.5) and later. |
+| openshift_hosted_registry_clusterip | None | Cluster IP for registry service |
If you specify `openshift_hosted_registry_kind=glusterfs`, the following
variables also control configuration behavior:
| Name | Default value | Description |
|----------------------------------------------|---------------|------------------------------------------------------------------------------|
-| openshift_hosted_registry_glusterfs_swap | False | Whether to swap an existing registry's storage volume for a GlusterFS volume |
-| openshift_hosted_registry_glusterfs_swapcopy | True | If swapping, also copy the current contents of the registry volume |
+| openshift_hosted_registry_storage_glusterfs_endpoints | glusterfs-registry-endpoints | The name for the Endpoints resource that will point the registry to the GlusterFS nodes
+| openshift_hosted_registry_storage_glusterfs_path | glusterfs-registry-volume | The name for the GlusterFS volume that will provide registry storage
+| openshift_hosted_registry_storage_glusterfs_readonly | False | Whether the GlusterFS volume should be read-only
+| openshift_hosted_registry_storage_glusterfs_swap | False | Whether to swap an existing registry's storage volume for a GlusterFS volume
+| openshift_hosted_registry_storage_glusterfs_swapcopy | True | If swapping, copy the contents of the pre-existing registry storage to the new GlusterFS volume
+| openshift_hosted_registry_storage_glusterfs_ips | `[]` | A list of IP addresses of the nodes of the GlusterFS cluster to use for hosted registry storage
+
+**NOTE:** Configuring a value for
+`openshift_hosted_registry_storage_glusterfs_ips` with a `glusterfs_registry`
+host group is not allowed. Specifying a `glusterfs_registry` host group
+indicates that a new GlusterFS cluster should be configured, whereas
+specifying `openshift_hosted_registry_storage_glusterfs_ips` indicates wanting
+to use a pre-configured GlusterFS cluster for the registry storage.
+
+_
Dependencies
------------
-* openshift_hosted_facts
+* openshift_persistent_volumes
Example Playbook
----------------
@@ -55,6 +69,10 @@ Example Playbook
cafile: /path/to/my-router-ca.crt
openshift_hosted_router_registryurl: 'registry.access.redhat.com/openshift3/ose-haproxy-router:v3.0.2.0'
openshift_hosted_router_selector: 'type=infra'
+ openshift_hosted_registry_storage_kind=glusterfs
+ openshift_hosted_registry_storage_glusterfs_path=external_glusterfs_volume_name
+ openshift_hosted_registry_storage_glusterfs_ips=['192.168.20.239','192.168.20.96','192.168.20.114']
+
```
License
diff --git a/roles/openshift_hosted/defaults/main.yml b/roles/openshift_hosted/defaults/main.yml
index 589ad3f51..b6501d288 100644
--- a/roles/openshift_hosted/defaults/main.yml
+++ b/roles/openshift_hosted/defaults/main.yml
@@ -27,6 +27,9 @@ openshift_cluster_domain: 'cluster.local'
r_openshift_hosted_router_firewall_enabled: "{{ os_firewall_enabled | default(True) }}"
r_openshift_hosted_router_use_firewalld: "{{ os_firewall_use_firewalld | default(False) }}"
+openshift_hosted_router_selector: "{{ openshift_router_selector | default(openshift_hosted_infra_selector) }}"
+openshift_hosted_router_namespace: 'default'
+
openshift_hosted_router_wait: "{{ not (openshift_master_bootstrap_enabled | default(False)) }}"
openshift_hosted_router_edits:
@@ -40,13 +43,14 @@ openshift_hosted_router_edits:
value: 21600
action: put
+openshift_hosted_router_registryurl: "{{ openshift_hosted_images_dict[openshift_deployment_type] }}"
openshift_hosted_routers:
- name: router
replicas: "{{ replicas | default(1) }}"
namespace: default
serviceaccount: router
selector: "{{ openshift_hosted_router_selector | default(None) }}"
- images: "{{ openshift_hosted_router_image | default(None) }}"
+ images: "{{ openshift_hosted_router_registryurl }}"
edits: "{{ openshift_hosted_router_edits }}"
stats_port: 1936
ports:
@@ -64,13 +68,17 @@ r_openshift_hosted_router_os_firewall_allow: []
# Registry #
############
+openshift_hosted_registry_selector: "{{ openshift_registry_selector | default(openshift_hosted_infra_selector) }}"
+penshift_hosted_registry_registryurl: "{{ openshift_hosted_images_dict[openshift_deployment_type] }}"
+openshift_hosted_registry_routecertificates: {}
+openshift_hosted_registry_routetermination: "passthrough"
+
r_openshift_hosted_registry_firewall_enabled: "{{ os_firewall_enabled | default(True) }}"
r_openshift_hosted_registry_use_firewalld: "{{ os_firewall_use_firewalld | default(False) }}"
openshift_hosted_registry_name: docker-registry
openshift_hosted_registry_wait: "{{ not (openshift_master_bootstrap_enabled | default(False)) }}"
openshift_hosted_registry_cert_expire_days: 730
-
r_openshift_hosted_registry_os_firewall_deny: []
r_openshift_hosted_registry_os_firewall_allow:
- service: Docker Registry Port
@@ -80,6 +88,7 @@ r_openshift_hosted_registry_os_firewall_allow:
openshift_hosted_registry_serviceaccount: registry
openshift_hosted_registry_volumes: []
openshift_hosted_registry_env_vars: {}
+openshift_hosted_registry_clusterip: null
# These edits are being specified only to prevent 'changed' on rerun
openshift_hosted_registry_edits:
diff --git a/roles/openshift_hosted/filter_plugins/openshift_hosted_filters.py b/roles/openshift_hosted/filter_plugins/openshift_hosted_filters.py
index 7f41529ac..003ce5f9e 100644
--- a/roles/openshift_hosted/filter_plugins/openshift_hosted_filters.py
+++ b/roles/openshift_hosted/filter_plugins/openshift_hosted_filters.py
@@ -12,7 +12,7 @@ class FilterModule(object):
def get_router_replicas(replicas=None, router_nodes=None):
''' This function will return the number of replicas
based on the results from the defined
- openshift.hosted.router.replicas OR
+ openshift_hosted_router_replicas OR
the query from oc_obj on openshift nodes with a selector OR
default to 1
diff --git a/roles/openshift_hosted/meta/main.yml b/roles/openshift_hosted/meta/main.yml
index 1d70ef7eb..ace2d15b0 100644
--- a/roles/openshift_hosted/meta/main.yml
+++ b/roles/openshift_hosted/meta/main.yml
@@ -12,6 +12,6 @@ galaxy_info:
categories:
- cloud
dependencies:
-- role: openshift_hosted_facts
+- role: openshift_facts
- role: lib_openshift
-- role: lib_os_firewall
+- role: lib_utils
diff --git a/roles/openshift_hosted/tasks/registry.yml b/roles/openshift_hosted/tasks/registry.yml
index f1aa9c5a8..429f0c514 100644
--- a/roles/openshift_hosted/tasks/registry.yml
+++ b/roles/openshift_hosted/tasks/registry.yml
@@ -1,19 +1,25 @@
---
+- name: Create temp directory for doing work in
+ command: mktemp -d /tmp/openshift-hosted-ansible-XXXXXX
+ register: mktempHosted
+ changed_when: False
+ check_mode: no
+
- name: setup firewall
- include: firewall.yml
+ import_tasks: firewall.yml
vars:
l_openshift_hosted_firewall_enabled: "{{ r_openshift_hosted_registry_firewall_enabled }}"
l_openshift_hosted_use_firewalld: "{{ r_openshift_hosted_registry_use_firewalld }}"
l_openshift_hosted_fw_allow: "{{ r_openshift_hosted_registry_os_firewall_allow }}"
l_openshift_hosted_fw_deny: "{{ r_openshift_hosted_registry_os_firewall_deny }}"
-- when: openshift.hosted.registry.replicas | default(none) is none
+- when: openshift_hosted_registry_replicas | default(none) is none
block:
- name: Retrieve list of openshift nodes matching registry selector
oc_obj:
state: list
kind: node
- selector: "{{ openshift.hosted.registry.selector | default(omit) }}"
+ selector: "{{ openshift_hosted_registry_selector }}"
register: registry_nodes
- name: set_fact l_node_count to number of nodes matching registry selector
@@ -33,16 +39,13 @@
# just 1:
- name: set_fact l_default_replicas when l_node_count > 0
set_fact:
- l_default_replicas: "{{ l_node_count if openshift.hosted.registry.storage.kind | default(none) is not none else 1 }}"
+ l_default_replicas: "{{ l_node_count if openshift_hosted_registry_storage_kind | default(none) is not none else 1 }}"
when: l_node_count | int > 0
-
- name: set openshift_hosted facts
set_fact:
- openshift_hosted_registry_replicas: "{{ openshift.hosted.registry.replicas | default(l_default_replicas) }}"
- openshift_hosted_registry_namespace: "{{ openshift.hosted.registry.namespace | default('default') }}"
- openshift_hosted_registry_selector: "{{ openshift.hosted.registry.selector }}"
- openshift_hosted_registry_images: "{{ openshift.hosted.registry.registryurl | default('openshift3/ose-${component}:${version}')}}"
+ # This determines the gluster_ips to use for the registry by looping over the glusterfs_registry group
+ openshift_hosted_registry_storage_glusterfs_ips: "{%- set gluster_ips = [] %}{% if groups.glusterfs_registry is defined %}{% for node in groups.glusterfs_registry %}{%- set _ = gluster_ips.append(hostvars[node].glusterfs_ip | default(hostvars[node].openshift.common.ip)) %}{% endfor %}{{ gluster_ips }}{% elif groups.glusterfs is defined %}{% for node in groups.glusterfs %}{%- set _ = gluster_ips.append(hostvars[node].glusterfs_ip | default(hostvars[node].openshift.common.ip)) %}{% endfor %}{{ gluster_ips }}{% else %}{{ openshift_hosted_registry_storage_glusterfs_ips }}{% endif %}"
- name: Update registry environment variables when pushing via dns
set_fact:
@@ -89,17 +92,16 @@
docker-registry: default
session_affinity: ClientIP
service_type: ClusterIP
+ clusterip: '{{ openshift_hosted_registry_clusterip | default(omit) }}'
-- include: secure.yml
- static: no
+- include_tasks: secure.yml
run_once: true
when:
- - not (openshift.docker.hosted_registry_insecure | default(false) | bool)
+ - not (openshift_docker_hosted_registry_insecure | default(False)) | bool
-- include: storage/object_storage.yml
- static: no
+- include_tasks: storage/object_storage.yml
when:
- - openshift.hosted.registry.storage.kind | default(none) == 'object'
+ - openshift_hosted_registry_storage_kind | default(none) == 'object'
- name: Update openshift_hosted facts for persistent volumes
set_fact:
@@ -108,18 +110,23 @@
pvc_volume_mounts:
- name: registry-storage
type: persistentVolumeClaim
- claim_name: "{{ openshift.hosted.registry.storage.volume.name }}-claim"
+ claim_name: "{{ openshift_hosted_registry_storage_volume_name }}-claim"
+ when:
+ - openshift_hosted_registry_storage_kind | default(none) in ['nfs', 'openstack', 'glusterfs']
+
+- include_tasks: storage/glusterfs_endpoints.yml
when:
- - openshift.hosted.registry.storage.kind | default(none) in ['nfs', 'openstack', 'glusterfs']
+ - openshift_hosted_registry_storage_glusterfs_ips|length > 0
+ - openshift_hosted_registry_storage_kind | default(none) in ['glusterfs']
- name: Create OpenShift registry
oc_adm_registry:
name: "{{ openshift_hosted_registry_name }}"
namespace: "{{ openshift_hosted_registry_namespace }}"
selector: "{{ openshift_hosted_registry_selector }}"
- replicas: "{{ openshift_hosted_registry_replicas }}"
+ replicas: "{{ openshift_hosted_registry_replicas | default(l_default_replicas) }}"
service_account: "{{ openshift_hosted_registry_serviceaccount }}"
- images: "{{ openshift_hosted_registry_images }}"
+ images: "{{ openshift_hosted_registry_registryurl }}"
env_vars: "{{ openshift_hosted_registry_env_vars }}"
volume_mounts: "{{ openshift_hosted_registry_volumes }}"
edits: "{{ openshift_hosted_registry_edits }}"
@@ -132,11 +139,18 @@
namespace: "{{ openshift_hosted_registry_namespace }}"
- name: Wait for pod (Registry)
- include: wait_for_pod.yml
+ include_tasks: wait_for_pod.yml
vars:
l_openshift_hosted_wait_for_pod: "{{ openshift_hosted_registry_wait }}"
l_openshift_hosted_wfp_items: "{{ r_openshift_hosted_registry_list }}"
-- include: storage/glusterfs.yml
+- include_tasks: storage/glusterfs.yml
when:
- - openshift.hosted.registry.storage.kind | default(none) == 'glusterfs' or openshift.hosted.registry.storage.glusterfs.swap
+ - openshift_hosted_registry_storage_kind | default(none) == 'glusterfs' or openshift_hosted_registry_storage_glusterfs_swap
+
+- name: Delete temp directory
+ file:
+ name: "{{ mktempHosted.stdout }}"
+ state: absent
+ changed_when: False
+ check_mode: no
diff --git a/roles/openshift_hosted/tasks/router.yml b/roles/openshift_hosted/tasks/router.yml
index 2aceef9e4..8ecaacb4a 100644
--- a/roles/openshift_hosted/tasks/router.yml
+++ b/roles/openshift_hosted/tasks/router.yml
@@ -1,6 +1,6 @@
---
- name: setup firewall
- include: firewall.yml
+ import_tasks: firewall.yml
vars:
l_openshift_hosted_firewall_enabled: "{{ r_openshift_hosted_router_firewall_enabled }}"
l_openshift_hosted_use_firewalld: "{{ r_openshift_hosted_router_use_firewalld }}"
@@ -11,25 +11,25 @@
oc_obj:
state: list
kind: node
- namespace: "{{ openshift.hosted.router.namespace | default('default') }}"
- selector: "{{ openshift.hosted.router.selector | default(omit) }}"
+ namespace: "{{ openshift_hosted_router_namespace }}"
+ selector: "{{ openshift_hosted_router_selector }}"
register: router_nodes
- when: openshift.hosted.router.replicas | default(none) is none
+ when: openshift_hosted_router_replicas | default(none) is none
- name: set_fact replicas
set_fact:
- replicas: "{{ openshift.hosted.router.replicas|default(None) | get_router_replicas(router_nodes) }}"
- openshift_hosted_router_selector: "{{ openshift.hosted.router.selector | default(None) }}"
- openshift_hosted_router_image: "{{ openshift.hosted.router.registryurl }}"
+ replicas: "{{ openshift_hosted_router_replicas | default(None) | get_router_replicas(router_nodes) }}"
- name: Get the certificate contents for router
copy:
backup: True
dest: "/etc/origin/master/{{ item | basename }}"
src: "{{ item }}"
- with_items: "{{ openshift_hosted_routers | oo_collect(attribute='certificate') |
- oo_select_keys_from_list(['keyfile', 'certfile', 'cafile']) }}"
- when: ( not openshift_hosted_router_create_certificate | bool ) or openshift_hosted_router_certificate != {}
+ with_items: "{{ openshift_hosted_routers | lib_utils_oo_collect(attribute='certificate') |
+ lib_utils_oo_select_keys_from_list(['keyfile', 'certfile', 'cafile']) }}"
+ when: ( not openshift_hosted_router_create_certificate | bool ) or openshift_hosted_router_certificate != {} or
+ ( openshift_hosted_routers | lib_utils_oo_collect(attribute='certificate') | lib_utils_oo_select_keys_from_list(['keyfile', 'certfile', 'cafile'])|length > 0 )
+
# This is for when we desire a cluster signed cert
# The certificate is generated and placed in master_config_dir/
@@ -40,10 +40,10 @@
signer_key: "{{ openshift_master_config_dir }}/ca.key"
signer_serial: "{{ openshift_master_config_dir }}/ca.serial.txt"
hostnames:
- - "{{ openshift_master_default_subdomain | default('router.default.svc.cluster.local') }}"
- - "*.{{ openshift_master_default_subdomain | default('router.default.svc.cluster.local') }}"
- cert: "{{ ('/etc/origin/master/' ~ (item.certificate.certfile | basename)) if 'certfile' in item.certificate else ((openshift_master_config_dir) ~ '/openshift-router.crt') }}"
- key: "{{ ('/etc/origin/master/' ~ (item.certificate.keyfile | basename)) if 'keyfile' in item.certificate else ((openshift_master_config_dir) ~ '/openshift-router.key') }}"
+ - "{{ openshift_master_default_subdomain }}"
+ - "*.{{ openshift_master_default_subdomain }}"
+ cert: "{{ openshift_master_config_dir ~ '/openshift-router.crt' }}"
+ key: "{{ openshift_master_config_dir ~ '/openshift-router.key' }}"
with_items: "{{ openshift_hosted_routers }}"
- name: set the openshift_hosted_router_certificate
@@ -55,6 +55,7 @@
when:
- openshift_hosted_router_create_certificate | bool
- openshift_hosted_router_certificate == {}
+ - openshift_hosted_routers | lib_utils_oo_collect(attribute='certificate') | lib_utils_oo_select_keys_from_list(['keyfile', 'certfile', 'cafile'])|length == 0
- name: Create the router service account(s)
oc_serviceaccount:
@@ -99,7 +100,7 @@
with_items: "{{ openshift_hosted_routers }}"
- name: Wait for pod (Routers)
- include: wait_for_pod.yml
+ include_tasks: wait_for_pod.yml
vars:
l_openshift_hosted_wait_for_pod: "{{ openshift_hosted_router_wait }}"
l_openshift_hosted_wfp_items: "{{ openshift_hosted_routers }}"
diff --git a/roles/openshift_hosted/tasks/secure.yml b/roles/openshift_hosted/tasks/secure.yml
index 0da8ac8a7..378ae32dc 100644
--- a/roles/openshift_hosted/tasks/secure.yml
+++ b/roles/openshift_hosted/tasks/secure.yml
@@ -1,18 +1,10 @@
---
-- name: Configure facts for docker-registry
- set_fact:
- openshift_hosted_registry_routecertificates: "{{ ('routecertificates' in openshift.hosted.registry.keys()) | ternary(openshift_hosted_registry_routecertificates, {}) }}"
- openshift_hosted_registry_routehost: "{{ ('routehost' in openshift.hosted.registry.keys()) | ternary(openshift.hosted.registry.routehost, False) }}"
- openshift_hosted_registry_routetermination: "{{ ('routetermination' in openshift.hosted.registry.keys()) | ternary(openshift.hosted.registry.routetermination, 'passthrough') }}"
-
- name: Include reencrypt route configuration
- include: secure/reencrypt.yml
- static: no
+ include_tasks: secure/reencrypt.yml
when: openshift_hosted_registry_routetermination == 'reencrypt'
- name: Include passthrough route configuration
- include: secure/passthrough.yml
- static: no
+ include_tasks: secure/passthrough.yml
when: openshift_hosted_registry_routetermination == 'passthrough'
- name: Fetch the docker-registry route
@@ -39,10 +31,10 @@
- "{{ docker_registry_route.results[0].spec.host }}"
- "{{ openshift_hosted_registry_name }}.default.svc"
- "{{ openshift_hosted_registry_name }}.default.svc.{{ openshift_cluster_domain }}"
- - "{{ openshift_hosted_registry_routehost }}"
+ - "{{ openshift_hosted_registry_routehost | default(omit) }}"
cert: "{{ docker_registry_cert_path }}"
key: "{{ docker_registry_key_path }}"
- expire_days: "{{ openshift_hosted_registry_cert_expire_days if openshift_version | oo_version_gte_3_5_or_1_5(openshift_deployment_type) | bool else omit }}"
+ expire_days: "{{ openshift_hosted_registry_cert_expire_days }}"
register: registry_self_cert
when: docker_registry_self_signed
diff --git a/roles/openshift_hosted/tasks/storage/glusterfs.yml b/roles/openshift_hosted/tasks/storage/glusterfs.yml
index c2954fde1..b39c44b01 100644
--- a/roles/openshift_hosted/tasks/storage/glusterfs.yml
+++ b/roles/openshift_hosted/tasks/storage/glusterfs.yml
@@ -12,12 +12,12 @@
namespace: "{{ openshift_hosted_registry_namespace }}"
state: list
kind: pod
- selector: "{% for label, value in registry_dc.results.results[0].spec.selector.iteritems() %}{{ label }}={{ value }}{% if not loop.last %},{% endif %}{% endfor %}"
+ selector: "{% for label, value in registry_dc.results.results[0].spec.selector.items() %}{{ label }}={{ value }}{% if not loop.last %},{% endif %}{% endfor %}"
register: registry_pods
until:
- "registry_pods.results.results[0]['items'] | count > 0"
# There must be as many matching pods with 'Ready' status True as there are expected replicas
- - "registry_pods.results.results[0]['items'] | oo_collect(attribute='status.conditions') | oo_collect(attribute='status', filters={'type': 'Ready'}) | map('bool') | select | list | count == openshift_hosted_registry_replicas | int"
+ - "registry_pods.results.results[0]['items'] | lib_utils_oo_collect(attribute='status.conditions') | lib_utils_oo_collect(attribute='status', filters={'type': 'Ready'}) | map('bool') | select | list | count == openshift_hosted_registry_replicas | default(l_default_replicas) | int"
delay: 10
retries: "{{ (600 / 10) | int }}"
@@ -35,7 +35,7 @@
mount:
state: mounted
fstype: glusterfs
- src: "{% if 'glusterfs_registry' in groups %}{% set node = groups.glusterfs_registry[0] %}{% else %}{% set node = groups.glusterfs[0] %}{% endif %}{% if 'glusterfs_hostname' in hostvars[node] %}{{ hostvars[node].glusterfs_hostname }}{% elif 'openshift' in hostvars[node] %}{{ hostvars[node].openshift.node.nodename }}{% else %}{{ node }}{% endif %}:/{{ openshift.hosted.registry.storage.glusterfs.path }}"
+ src: "{% if 'glusterfs_registry' in groups %}{% set node = groups.glusterfs_registry[0] %}{% elif 'glusterfs' in groups %}{% set node = groups.glusterfs[0] %}{% endif %}{% if openshift_hosted_registry_storage_glusterfs_ips is defined and openshift_hosted_registry_storage_glusterfs_ips|length > 0 %}{{ openshift_hosted_registry_storage_glusterfs_ips[0] }}{% elif 'glusterfs_hostname' in hostvars[node] %}{{ hostvars[node].glusterfs_hostname }}{% elif 'openshift' in hostvars[node] %}{{ hostvars[node].openshift.node.nodename }}{% else %}{{ node }}{% endif %}:/{{ openshift_hosted_registry_storage_glusterfs_path }}"
name: "{{ mktemp.stdout }}"
- name: Set registry volume permissions
@@ -60,7 +60,7 @@
- name: Copy current registry contents to new GlusterFS volume
command: "oc rsync {{ registry_pod_name }}:/registry/ {{ mktemp.stdout }}/"
- when: openshift.hosted.registry.storage.glusterfs.swapcopy
+ when: openshift_hosted_registry_storage_glusterfs_swapcopy
- name: Swap new GlusterFS registry volume
oc_volume:
@@ -68,7 +68,7 @@
name: "{{ openshift_hosted_registry_name }}"
vol_name: registry-storage
mount_type: pvc
- claim_name: "{{ openshift.hosted.registry.storage.volume.name }}-glusterfs-claim"
+ claim_name: "{{ openshift_hosted_registry_storage_volume_name }}-glusterfs-claim"
- name: Deactivate registry maintenance mode
oc_env:
@@ -77,16 +77,9 @@
state: absent
env_vars:
- REGISTRY_STORAGE_MAINTENANCE_READONLY_ENABLED: 'true'
- when: openshift.hosted.registry.storage.glusterfs.swap
+ when: openshift_hosted_registry_storage_glusterfs_swap
-- name: Unmount registry volume
+- name: Unmount registry volume and clean up mount point/fstab
mount:
- state: unmounted
- name: "{{ mktemp.stdout }}"
-
-- name: Delete temp mount directory
- file:
- dest: "{{ mktemp.stdout }}"
state: absent
- changed_when: False
- check_mode: no
+ name: "{{ mktemp.stdout }}"
diff --git a/roles/openshift_hosted/tasks/storage/glusterfs_endpoints.yml b/roles/openshift_hosted/tasks/storage/glusterfs_endpoints.yml
new file mode 100644
index 000000000..bd7181c17
--- /dev/null
+++ b/roles/openshift_hosted/tasks/storage/glusterfs_endpoints.yml
@@ -0,0 +1,16 @@
+---
+- name: Generate GlusterFS registry endpoints
+ template:
+ src: "{{ openshift.common.examples_content_version }}/glusterfs-registry-endpoints.yml.j2"
+ dest: "{{ mktempHosted.stdout }}/glusterfs-registry-endpoints.yml"
+
+- name: Generate GlusterFS registry service
+ template:
+ src: "{{ openshift.common.examples_content_version }}/glusterfs-registry-service.yml.j2"
+ dest: "{{ mktempHosted.stdout }}/glusterfs-registry-service.yml"
+
+- name: Create GlusterFS registry service and endpoint
+ command: "{{ openshift.common.client_binary }} apply -f {{ item }} -n {{ openshift_hosted_registry_namespace | default('default') }}"
+ with_items:
+ - "{{ mktempHosted.stdout }}/glusterfs-registry-service.yml"
+ - "{{ mktempHosted.stdout }}/glusterfs-registry-endpoints.yml"
diff --git a/roles/openshift_hosted/tasks/storage/object_storage.yml b/roles/openshift_hosted/tasks/storage/object_storage.yml
index 8553a8098..a8c26fb51 100644
--- a/roles/openshift_hosted/tasks/storage/object_storage.yml
+++ b/roles/openshift_hosted/tasks/storage/object_storage.yml
@@ -1,6 +1,6 @@
---
-- include: s3.yml
- when: openshift.hosted.registry.storage.provider == 's3'
+- include_tasks: s3.yml
+ when: openshift_hosted_registry_storage_provider == 's3'
- name: Ensure the registry secret exists
oc_secret:
diff --git a/roles/openshift_hosted/tasks/storage/s3.yml b/roles/openshift_hosted/tasks/storage/s3.yml
index 8e905d905..4c100ee4e 100644
--- a/roles/openshift_hosted/tasks/storage/s3.yml
+++ b/roles/openshift_hosted/tasks/storage/s3.yml
@@ -2,8 +2,8 @@
- name: Assert that S3 variables are provided for registry_config template
assert:
that:
- - openshift.hosted.registry.storage.s3.bucket | default(none) is not none
- - openshift.hosted.registry.storage.s3.bucket | default(none) is not none
+ - openshift_hosted_registry_storage_s3_bucket | default(none) is not none
+ - openshift_hosted_registry_storage_s3_region | default(none) is not none
msg: |
When using S3 storage, the following variables are required:
openshift_hosted_registry_storage_s3_bucket
diff --git a/roles/openshift_hosted/templates/v3.6/glusterfs-registry-endpoints.yml.j2 b/roles/openshift_hosted/templates/v3.6/glusterfs-registry-endpoints.yml.j2
new file mode 100644
index 000000000..3c874d910
--- /dev/null
+++ b/roles/openshift_hosted/templates/v3.6/glusterfs-registry-endpoints.yml.j2
@@ -0,0 +1,12 @@
+---
+apiVersion: v1
+kind: Endpoints
+metadata:
+ name: {{ openshift_hosted_registry_storage_glusterfs_endpoints }}
+subsets:
+- addresses:
+{% for ip in openshift_hosted_registry_storage_glusterfs_ips %}
+ - ip: {{ ip }}
+{% endfor %}
+ ports:
+ - port: 1
diff --git a/roles/openshift_hosted/templates/v3.6/glusterfs-registry-service.yml.j2 b/roles/openshift_hosted/templates/v3.6/glusterfs-registry-service.yml.j2
new file mode 100644
index 000000000..f18c94a4f
--- /dev/null
+++ b/roles/openshift_hosted/templates/v3.6/glusterfs-registry-service.yml.j2
@@ -0,0 +1,10 @@
+---
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ openshift_hosted_registry_storage_glusterfs_endpoints }}
+spec:
+ ports:
+ - port: 1
+status:
+ loadBalancer: {}
diff --git a/roles/openshift_hosted/templates/v3.7/glusterfs-registry-endpoints.yml.j2 b/roles/openshift_hosted/templates/v3.7/glusterfs-registry-endpoints.yml.j2
new file mode 100644
index 000000000..3c874d910
--- /dev/null
+++ b/roles/openshift_hosted/templates/v3.7/glusterfs-registry-endpoints.yml.j2
@@ -0,0 +1,12 @@
+---
+apiVersion: v1
+kind: Endpoints
+metadata:
+ name: {{ openshift_hosted_registry_storage_glusterfs_endpoints }}
+subsets:
+- addresses:
+{% for ip in openshift_hosted_registry_storage_glusterfs_ips %}
+ - ip: {{ ip }}
+{% endfor %}
+ ports:
+ - port: 1
diff --git a/roles/openshift_hosted/templates/v3.7/glusterfs-registry-service.yml.j2 b/roles/openshift_hosted/templates/v3.7/glusterfs-registry-service.yml.j2
new file mode 100644
index 000000000..f18c94a4f
--- /dev/null
+++ b/roles/openshift_hosted/templates/v3.7/glusterfs-registry-service.yml.j2
@@ -0,0 +1,10 @@
+---
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ openshift_hosted_registry_storage_glusterfs_endpoints }}
+spec:
+ ports:
+ - port: 1
+status:
+ loadBalancer: {}
diff --git a/roles/openshift_hosted/templates/v3.8/glusterfs-registry-endpoints.yml.j2 b/roles/openshift_hosted/templates/v3.8/glusterfs-registry-endpoints.yml.j2
new file mode 100644
index 000000000..3c874d910
--- /dev/null
+++ b/roles/openshift_hosted/templates/v3.8/glusterfs-registry-endpoints.yml.j2
@@ -0,0 +1,12 @@
+---
+apiVersion: v1
+kind: Endpoints
+metadata:
+ name: {{ openshift_hosted_registry_storage_glusterfs_endpoints }}
+subsets:
+- addresses:
+{% for ip in openshift_hosted_registry_storage_glusterfs_ips %}
+ - ip: {{ ip }}
+{% endfor %}
+ ports:
+ - port: 1
diff --git a/roles/openshift_hosted/templates/v3.8/glusterfs-registry-service.yml.j2 b/roles/openshift_hosted/templates/v3.8/glusterfs-registry-service.yml.j2
new file mode 100644
index 000000000..f18c94a4f
--- /dev/null
+++ b/roles/openshift_hosted/templates/v3.8/glusterfs-registry-service.yml.j2
@@ -0,0 +1,10 @@
+---
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ openshift_hosted_registry_storage_glusterfs_endpoints }}
+spec:
+ ports:
+ - port: 1
+status:
+ loadBalancer: {}
diff --git a/roles/openshift_hosted/templates/v3.9/glusterfs-registry-endpoints.yml.j2 b/roles/openshift_hosted/templates/v3.9/glusterfs-registry-endpoints.yml.j2
new file mode 100644
index 000000000..3c874d910
--- /dev/null
+++ b/roles/openshift_hosted/templates/v3.9/glusterfs-registry-endpoints.yml.j2
@@ -0,0 +1,12 @@
+---
+apiVersion: v1
+kind: Endpoints
+metadata:
+ name: {{ openshift_hosted_registry_storage_glusterfs_endpoints }}
+subsets:
+- addresses:
+{% for ip in openshift_hosted_registry_storage_glusterfs_ips %}
+ - ip: {{ ip }}
+{% endfor %}
+ ports:
+ - port: 1
diff --git a/roles/openshift_hosted/templates/v3.9/glusterfs-registry-service.yml.j2 b/roles/openshift_hosted/templates/v3.9/glusterfs-registry-service.yml.j2
new file mode 100644
index 000000000..f18c94a4f
--- /dev/null
+++ b/roles/openshift_hosted/templates/v3.9/glusterfs-registry-service.yml.j2
@@ -0,0 +1,10 @@
+---
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ openshift_hosted_registry_storage_glusterfs_endpoints }}
+spec:
+ ports:
+ - port: 1
+status:
+ loadBalancer: {}
diff --git a/roles/openshift_hosted_facts/meta/main.yml b/roles/openshift_hosted_facts/meta/main.yml
deleted file mode 100644
index dd2de07bc..000000000
--- a/roles/openshift_hosted_facts/meta/main.yml
+++ /dev/null
@@ -1,15 +0,0 @@
----
-galaxy_info:
- author: Andrew Butcher
- description: OpenShift Hosted Facts
- company: Red Hat, Inc.
- license: Apache License, Version 2.0
- min_ansible_version: 1.9
- platforms:
- - name: EL
- versions:
- - 7
- categories:
- - cloud
-dependencies:
-- role: openshift_facts
diff --git a/roles/openshift_hosted_facts/tasks/main.yml b/roles/openshift_hosted_facts/tasks/main.yml
deleted file mode 100644
index 8fc70cecb..000000000
--- a/roles/openshift_hosted_facts/tasks/main.yml
+++ /dev/null
@@ -1,19 +0,0 @@
----
-# openshift_*_selector variables have been deprecated in favor of
-# openshift_hosted_*_selector variables.
-- set_fact:
- openshift_hosted_router_selector: "{{ openshift_router_selector | default(openshift_hosted_infra_selector) }}"
- when: openshift_hosted_router_selector is not defined and openshift_hosted_infra_selector is defined
-- set_fact:
- openshift_hosted_registry_selector: "{{ openshift_registry_selector | default(openshift_hosted_infra_selector) }}"
- when: openshift_hosted_registry_selector is not defined and openshift_hosted_infra_selector is defined
-
-- name: Set hosted facts
- openshift_facts:
- role: "{{ item }}"
- openshift_env: "{{ hostvars
- | oo_merge_hostvars(vars, inventory_hostname)
- | oo_openshift_env }}"
- openshift_env_structures:
- - 'openshift.hosted.router.*'
- with_items: [hosted, logging, loggingops, metrics, prometheus]
diff --git a/roles/openshift_hosted_metrics/README.md b/roles/openshift_hosted_metrics/README.md
deleted file mode 100644
index c2af3c494..000000000
--- a/roles/openshift_hosted_metrics/README.md
+++ /dev/null
@@ -1,54 +0,0 @@
-OpenShift Metrics with Hawkular
-====================
-
-OpenShift Metrics Installation
-
-Requirements
-------------
-
-* Ansible 2.2
-* It requires subdomain fqdn to be set.
-* If persistence is enabled, then it also requires NFS.
-
-Role Variables
---------------
-
-From this role:
-
-| Name | Default value | |
-|-------------------------------------------------|-----------------------|-------------------------------------------------------------|
-| openshift_hosted_metrics_deploy | `False` | If metrics should be deployed |
-| openshift_hosted_metrics_public_url | null | Hawkular metrics public url |
-| openshift_hosted_metrics_storage_nfs_directory | `/exports` | Root export directory. |
-| openshift_hosted_metrics_storage_volume_name | `metrics` | Metrics volume within openshift_hosted_metrics_volume_dir |
-| openshift_hosted_metrics_storage_volume_size | `10Gi` | Metrics volume size |
-| openshift_hosted_metrics_storage_nfs_options | `*(rw,root_squash)` | NFS options for configured exports. |
-| openshift_hosted_metrics_duration | `7` | Metrics query duration |
-| openshift_hosted_metrics_resolution | `10s` | Metrics resolution |
-
-
-Dependencies
-------------
-openshift_facts
-openshift_examples
-openshift_master_facts
-
-Example Playbook
-----------------
-
-```
-- name: Configure openshift-metrics
- hosts: oo_first_master
- roles:
- - role: openshift_hosted_metrics
-```
-
-License
--------
-
-Apache License, Version 2.0
-
-Author Information
-------------------
-
-Jose David Martín (j.david.nieto@gmail.com)
diff --git a/roles/openshift_hosted_metrics/defaults/main.yml b/roles/openshift_hosted_metrics/defaults/main.yml
deleted file mode 100644
index a01f24df8..000000000
--- a/roles/openshift_hosted_metrics/defaults/main.yml
+++ /dev/null
@@ -1,2 +0,0 @@
----
-hosted_base: "{{ openshift.common.config_base if openshift.common.is_containerized | bool else '/usr/share/openshift' }}/hosted"
diff --git a/roles/openshift_hosted_metrics/handlers/main.yml b/roles/openshift_hosted_metrics/handlers/main.yml
deleted file mode 100644
index ce7688581..000000000
--- a/roles/openshift_hosted_metrics/handlers/main.yml
+++ /dev/null
@@ -1,30 +0,0 @@
----
-- name: restart master api
- systemd: name={{ openshift.common.service_type }}-master-api state=restarted
- when: (not (master_api_service_status_changed | default(false) | bool)) and openshift.master.cluster_method == 'native'
- notify: Verify API Server
-
-- name: restart master controllers
- systemd: name={{ openshift.common.service_type }}-master-controllers state=restarted
- when: (not (master_controllers_service_status_changed | default(false) | bool)) and openshift.master.cluster_method == 'native'
-
-- name: Verify API Server
- # Using curl here since the uri module requires python-httplib2 and
- # wait_for port doesn't provide health information.
- command: >
- curl --silent --tlsv1.2
- {% if openshift.common.version_gte_3_2_or_1_2 | bool %}
- --cacert {{ openshift.common.config_base }}/master/ca-bundle.crt
- {% else %}
- --cacert {{ openshift.common.config_base }}/master/ca.crt
- {% endif %}
- {{ openshift.master.api_url }}/healthz/ready
- args:
- # Disables the following warning:
- # Consider using get_url or uri module rather than running curl
- warn: no
- register: api_available_output
- until: api_available_output.stdout == 'ok'
- retries: 120
- delay: 1
- changed_when: false
diff --git a/roles/openshift_hosted_metrics/meta/main.yaml b/roles/openshift_hosted_metrics/meta/main.yaml
deleted file mode 100644
index debca3ca6..000000000
--- a/roles/openshift_hosted_metrics/meta/main.yaml
+++ /dev/null
@@ -1,18 +0,0 @@
----
-galaxy_info:
- author: David Martín
- description:
- company:
- license: Apache License, Version 2.0
- min_ansible_version: 2.2
- platforms:
- - name: EL
- versions:
- - 7
- categories:
- - cloud
- - system
-dependencies:
-- { role: openshift_examples }
-- { role: openshift_facts }
-- { role: openshift_master_facts }
diff --git a/roles/openshift_hosted_metrics/tasks/install.yml b/roles/openshift_hosted_metrics/tasks/install.yml
deleted file mode 100644
index 15dd1bd54..000000000
--- a/roles/openshift_hosted_metrics/tasks/install.yml
+++ /dev/null
@@ -1,132 +0,0 @@
----
-
-- name: Test if metrics-deployer service account exists
- command: >
- {{ openshift.common.client_binary }}
- --config={{ openshift_hosted_metrics_kubeconfig }}
- --namespace=openshift-infra
- get serviceaccount metrics-deployer -o json
- register: serviceaccount
- changed_when: false
- failed_when: false
-
-- name: Create metrics-deployer Service Account
- shell: >
- echo {{ metrics_deployer_sa | to_json | quote }} |
- {{ openshift.common.client_binary }}
- --config={{ openshift_hosted_metrics_kubeconfig }}
- --namespace openshift-infra
- create -f -
- when: serviceaccount.rc == 1
-
-- name: Test edit permissions
- command: >
- {{ openshift.common.client_binary }}
- --config={{ openshift_hosted_metrics_kubeconfig }}
- --namespace openshift-infra
- get rolebindings -o jsonpath='{.items[?(@.metadata.name == "edit")].userNames}'
- register: edit_rolebindings
- changed_when: false
-
-- name: Add edit permission to the openshift-infra project to metrics-deployer SA
- command: >
- {{ openshift.common.client_binary }} adm
- --config={{ openshift_hosted_metrics_kubeconfig }}
- --namespace openshift-infra
- policy add-role-to-user edit
- system:serviceaccount:openshift-infra:metrics-deployer
- when: "'system:serviceaccount:openshift-infra:metrics-deployer' not in edit_rolebindings.stdout"
-
-- name: Test hawkular view permissions
- command: >
- {{ openshift.common.client_binary }}
- --config={{ openshift_hosted_metrics_kubeconfig }}
- --namespace openshift-infra
- get rolebindings -o jsonpath='{.items[?(@.metadata.name == "view")].userNames}'
- register: view_rolebindings
- changed_when: false
-
-- name: Add view permissions to hawkular SA
- command: >
- {{ openshift.common.client_binary }} adm
- --config={{ openshift_hosted_metrics_kubeconfig }}
- --namespace openshift-infra
- policy add-role-to-user view
- system:serviceaccount:openshift-infra:hawkular
- when: "'system:serviceaccount:openshift-infra:hawkular' not in view_rolebindings"
-
-- name: Test cluster-reader permissions
- command: >
- {{ openshift.common.client_binary }}
- --config={{ openshift_hosted_metrics_kubeconfig }}
- --namespace openshift-infra
- get clusterrolebindings -o jsonpath='{.items[?(@.metadata.name == "cluster-reader")].userNames}'
- register: cluster_reader_clusterrolebindings
- changed_when: false
-
-- name: Add cluster-reader permission to the openshift-infra project to heapster SA
- command: >
- {{ openshift.common.client_binary }} adm
- --config={{ openshift_hosted_metrics_kubeconfig }}
- --namespace openshift-infra
- policy add-cluster-role-to-user cluster-reader
- system:serviceaccount:openshift-infra:heapster
- when: "'system:serviceaccount:openshift-infra:heapster' not in cluster_reader_clusterrolebindings.stdout"
-
-- name: Create metrics-deployer secret
- command: >
- {{ openshift.common.client_binary }}
- --config={{ openshift_hosted_metrics_kubeconfig }}
- --namespace openshift-infra
- secrets new metrics-deployer nothing=/dev/null
- register: metrics_deployer_secret
- changed_when: metrics_deployer_secret.rc == 0
- failed_when: metrics_deployer_secret.rc == 1 and 'already exists' not in metrics_deployer_secret.stderr
-
-# TODO: extend this to allow user passed in certs or generating cert with
-# OpenShift CA
-- name: Build metrics deployer command
- set_fact:
- deployer_cmd: "{{ openshift.common.client_binary }} process -f \
- {{ hosted_base }}/metrics-deployer.yaml -v \
- HAWKULAR_METRICS_HOSTNAME={{ g_metrics_hostname }} \
- -v USE_PERSISTENT_STORAGE={{metrics_persistence | string | lower }} \
- -v DYNAMICALLY_PROVISION_STORAGE={{metrics_dynamic_vol | string | lower }} \
- -v METRIC_DURATION={{ openshift.hosted.metrics.duration }} \
- -v METRIC_RESOLUTION={{ openshift.hosted.metrics.resolution }}
- {{ image_prefix }} \
- {{ image_version }} \
- -v MODE={{ deployment_mode }} \
- | {{ openshift.common.client_binary }} --namespace openshift-infra \
- --config={{ openshift_hosted_metrics_kubeconfig }} \
- create -o name -f -"
-
-- name: Deploy Metrics
- shell: "{{ deployer_cmd }}"
- register: deploy_metrics
- failed_when: "'already exists' not in deploy_metrics.stderr and deploy_metrics.rc != 0"
- changed_when: deploy_metrics.rc == 0
-
-- set_fact:
- deployer_pod: "{{ deploy_metrics.stdout[1:2] }}"
-
-# TODO: re-enable this once the metrics deployer validation issue is fixed
-# when using dynamically provisioned volumes
-- name: "Wait for image pull and deployer pod"
- shell: >
- {{ openshift.common.client_binary }}
- --namespace openshift-infra
- --config={{ openshift_hosted_metrics_kubeconfig }}
- get {{ deploy_metrics.stdout }}
- register: deploy_result
- until: "{{ 'Completed' in deploy_result.stdout }}"
- failed_when: False
- retries: 60
- delay: 10
-
-- name: Configure master for metrics
- modify_yaml:
- dest: "{{ openshift.common.config_base }}/master/master-config.yaml"
- yaml_key: assetConfig.metricsPublicURL
- yaml_value: "{{ openshift_hosted_metrics_deploy_url }}"
- notify: restart master
diff --git a/roles/openshift_hosted_metrics/tasks/main.yaml b/roles/openshift_hosted_metrics/tasks/main.yaml
deleted file mode 100644
index 5ce8aa92b..000000000
--- a/roles/openshift_hosted_metrics/tasks/main.yaml
+++ /dev/null
@@ -1,75 +0,0 @@
----
-- name: Create temp directory for kubeconfig
- command: mktemp -d /tmp/openshift-ansible-XXXXXX
- register: mktemp
- changed_when: False
-
-- name: Record kubeconfig tmp dir
- set_fact:
- openshift_hosted_metrics_kubeconfig: "{{ mktemp.stdout }}/admin.kubeconfig"
-
-- name: Copy the admin client config(s)
- command: >
- cp {{ openshift_master_config_dir }}/admin.kubeconfig {{ openshift_hosted_metrics_kubeconfig }}
- changed_when: False
-
-- name: Set hosted metrics facts
- openshift_facts:
- role: hosted
- openshift_env: "{{ hostvars
- | oo_merge_hostvars(vars, inventory_hostname)
- | oo_openshift_env }}"
- openshift_env_structures:
- - 'openshift.hosted.metrics.*'
-
-- set_fact:
- metrics_persistence: "{{ openshift.hosted.metrics.storage_kind | default(none) is not none }}"
- metrics_dynamic_vol: "{{ openshift.hosted.metrics.storage_kind | default(none) == 'dynamic' }}"
- metrics_template_dir: "{{ openshift.common.config_base if openshift.common.is_containerized | bool else '/usr/share/openshift' }}/examples/infrastructure-templates/{{ 'origin' if deployment_type == 'origin' else 'enterprise' }}"
- image_prefix: "{{ '-v IMAGE_PREFIX=' ~ openshift.hosted.metrics.deployer.prefix if 'prefix' in openshift.hosted.metrics.deployer else '' }}"
- image_version: "{{ '-v IMAGE_VERSION=' ~ openshift.hosted.metrics.deployer.version if 'version' in openshift.hosted.metrics.deployer else '' }}"
-
-
-- name: Check for existing metrics pods
- shell: >
- {{ openshift.common.client_binary }}
- --config={{ openshift_hosted_metrics_kubeconfig }}
- --namespace openshift-infra
- get pods -l {{ item }} | grep -q Running
- register: metrics_pods_status
- with_items:
- - metrics-infra=hawkular-metrics
- - metrics-infra=heapster
- - metrics-infra=hawkular-cassandra
- failed_when: false
- changed_when: false
-
-- name: Check for previous deployer
- shell: >
- {{ openshift.common.client_binary }}
- --config={{ openshift_hosted_metrics_kubeconfig }}
- --namespace openshift-infra
- get pods -l metrics-infra=deployer --sort-by='{.metadata.creationTimestamp}' | tail -1 | grep metrics-deployer-
- register: metrics_deployer_status
- failed_when: false
- changed_when: false
-
-- name: Record current deployment status
- set_fact:
- greenfield: "{{ not metrics_deployer_status.rc == 0 }}"
- failed_error: "{{ True if 'Error' in metrics_deployer_status.stdout else False }}"
- metrics_running: "{{ metrics_pods_status.results | oo_collect(attribute='rc') == [0,0,0] }}"
-
-- name: Set deployment mode
- set_fact:
- deployment_mode: "{{ 'refresh' if (failed_error | bool or metrics_upgrade | bool) else 'deploy' }}"
-
-# TODO: handle non greenfield deployments in the future
-- include: install.yml
- when: greenfield
-
-- name: Delete temp directory
- file:
- name: "{{ mktemp.stdout }}"
- state: absent
- changed_when: False
diff --git a/roles/openshift_hosted_metrics/vars/main.yaml b/roles/openshift_hosted_metrics/vars/main.yaml
deleted file mode 100644
index 6c207d6ac..000000000
--- a/roles/openshift_hosted_metrics/vars/main.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
----
-hawkular_permission_oc_commands:
- - policy add-role-to-user edit system:serviceaccount:openshift-infra:metrics-deployer -n openshift-infra
- - policy add-cluster-role-to-user cluster-admin system:serviceaccount:openshift-infra:heapster
-
-metrics_deployer_sa:
- apiVersion: v1
- kind: ServiceAccount
- metadata:
- name: metrics-deployer
- secrets:
- - name: metrics-deployer
-
-
-hawkular_tmp_conf: /tmp/hawkular_admin.kubeconfig
-
-hawkular_persistence: "{% if openshift.hosted.metrics.storage.kind != None %}true{% else %}false{% endif %}"
-
-hawkular_type: "{{ 'origin' if deployment_type == 'origin' else 'enterprise' }}"
-
-metrics_upgrade: openshift.hosted.metrics.upgrade | default(False)
diff --git a/roles/openshift_hosted_templates/files/v3.6/enterprise/registry-console.yaml b/roles/openshift_hosted_templates/files/v3.6/enterprise/registry-console.yaml
index f821efd6b..cc3159a32 100644
--- a/roles/openshift_hosted_templates/files/v3.6/enterprise/registry-console.yaml
+++ b/roles/openshift_hosted_templates/files/v3.6/enterprise/registry-console.yaml
@@ -27,7 +27,7 @@ objects:
spec:
containers:
- name: registry-console
- image: ${IMAGE_PREFIX}registry-console:${IMAGE_VERSION}
+ image: ${IMAGE_PREFIX}${IMAGE_BASENAME}:${IMAGE_VERSION}
ports:
- containerPort: 9090
protocol: TCP
@@ -89,7 +89,7 @@ objects:
- annotations: null
from:
kind: DockerImage
- name: ${IMAGE_PREFIX}registry-console:${IMAGE_VERSION}
+ name: ${IMAGE_PREFIX}${IMAGE_BASENAME}:${IMAGE_VERSION}
name: ${IMAGE_VERSION}
- kind: OAuthClient
apiVersion: v1
@@ -102,7 +102,10 @@ objects:
parameters:
- description: 'Specify "registry/repository" prefix for container image; e.g. for "registry.access.redhat.com/openshift3/registry-console:latest", set prefix "registry.access.redhat.com/openshift3/"'
name: IMAGE_PREFIX
- value: "registry.access.redhat.com/openshift3/"
+ value: "openshift3/"
+ - description: 'Specify component name for container image; e.g. for "registry.access.redhat.com/openshift3/registry-console:latest", use base name "registry-console"'
+ name: IMAGE_BASENAME
+ value: "registry-console"
- description: 'Specify image version; e.g. for "registry.access.redhat.com/openshift3/registry-console:v3.6", set version "v3.6"'
name: IMAGE_VERSION
value: "v3.6"
diff --git a/roles/openshift_hosted_templates/files/v3.6/origin/registry-console.yaml b/roles/openshift_hosted_templates/files/v3.6/origin/registry-console.yaml
index 6811ece28..a75340eb7 100644
--- a/roles/openshift_hosted_templates/files/v3.6/origin/registry-console.yaml
+++ b/roles/openshift_hosted_templates/files/v3.6/origin/registry-console.yaml
@@ -27,7 +27,7 @@ objects:
spec:
containers:
- name: registry-console
- image: ${IMAGE_NAME}:${IMAGE_VERSION}
+ image: ${IMAGE_PREFIX}${IMAGE_BASENAME}:${IMAGE_VERSION}
ports:
- containerPort: 9090
protocol: TCP
@@ -89,7 +89,7 @@ objects:
- annotations: null
from:
kind: DockerImage
- name: ${IMAGE_NAME}:${IMAGE_VERSION}
+ name: ${IMAGE_PREFIX}${IMAGE_BASENAME}:${IMAGE_VERSION}
name: ${IMAGE_VERSION}
- kind: OAuthClient
apiVersion: v1
@@ -100,9 +100,12 @@ objects:
redirectURIs:
- "${COCKPIT_KUBE_URL}"
parameters:
- - description: "Container image name"
- name: IMAGE_NAME
- value: "cockpit/kubernetes"
+ - description: 'Specify "registry/namespace" prefix for container image; e.g. for "registry.example.com/cockpit/kubernetes:latest", set prefix "registry.example.com/cockpit/"'
+ name: IMAGE_PREFIX
+ value: "cockpit/"
+ - description: 'Specify component name for container image; e.g. for "registry.example.com/cockpit/kubernetes:latest", use base name "kubernetes"'
+ name: IMAGE_BASENAME
+ value: "kubernetes"
- description: 'Specify image version; e.g. for "cockpit/kubernetes:latest", set version "latest"'
name: IMAGE_VERSION
value: latest
diff --git a/roles/openshift_hosted_templates/files/v3.7/enterprise/registry-console.yaml b/roles/openshift_hosted_templates/files/v3.7/enterprise/registry-console.yaml
index 019d836fe..9f2e6125d 100644
--- a/roles/openshift_hosted_templates/files/v3.7/enterprise/registry-console.yaml
+++ b/roles/openshift_hosted_templates/files/v3.7/enterprise/registry-console.yaml
@@ -27,7 +27,7 @@ objects:
spec:
containers:
- name: registry-console
- image: ${IMAGE_PREFIX}registry-console:${IMAGE_VERSION}
+ image: ${IMAGE_PREFIX}${IMAGE_BASENAME}:${IMAGE_VERSION}
ports:
- containerPort: 9090
protocol: TCP
@@ -89,7 +89,7 @@ objects:
- annotations: null
from:
kind: DockerImage
- name: ${IMAGE_PREFIX}registry-console:${IMAGE_VERSION}
+ name: ${IMAGE_PREFIX}${IMAGE_BASENAME}:${IMAGE_VERSION}
name: ${IMAGE_VERSION}
- kind: OAuthClient
apiVersion: v1
@@ -102,7 +102,10 @@ objects:
parameters:
- description: 'Specify "registry/repository" prefix for container image; e.g. for "registry.access.redhat.com/openshift3/registry-console:latest", set prefix "registry.access.redhat.com/openshift3/"'
name: IMAGE_PREFIX
- value: "registry.access.redhat.com/openshift3/"
+ value: "openshift3/"
+ - description: 'Specify component name for container image; e.g. for "registry.access.redhat.com/openshift3/registry-console:latest", use base name "registry-console"'
+ name: IMAGE_BASENAME
+ value: "registry-console"
- description: 'Specify image version; e.g. for "registry.access.redhat.com/openshift3/registry-console:v3.7", set version "v3.7"'
name: IMAGE_VERSION
value: "v3.7"
diff --git a/roles/openshift_hosted_templates/files/v3.7/origin/registry-console.yaml b/roles/openshift_hosted_templates/files/v3.7/origin/registry-console.yaml
index 6811ece28..a75340eb7 100644
--- a/roles/openshift_hosted_templates/files/v3.7/origin/registry-console.yaml
+++ b/roles/openshift_hosted_templates/files/v3.7/origin/registry-console.yaml
@@ -27,7 +27,7 @@ objects:
spec:
containers:
- name: registry-console
- image: ${IMAGE_NAME}:${IMAGE_VERSION}
+ image: ${IMAGE_PREFIX}${IMAGE_BASENAME}:${IMAGE_VERSION}
ports:
- containerPort: 9090
protocol: TCP
@@ -89,7 +89,7 @@ objects:
- annotations: null
from:
kind: DockerImage
- name: ${IMAGE_NAME}:${IMAGE_VERSION}
+ name: ${IMAGE_PREFIX}${IMAGE_BASENAME}:${IMAGE_VERSION}
name: ${IMAGE_VERSION}
- kind: OAuthClient
apiVersion: v1
@@ -100,9 +100,12 @@ objects:
redirectURIs:
- "${COCKPIT_KUBE_URL}"
parameters:
- - description: "Container image name"
- name: IMAGE_NAME
- value: "cockpit/kubernetes"
+ - description: 'Specify "registry/namespace" prefix for container image; e.g. for "registry.example.com/cockpit/kubernetes:latest", set prefix "registry.example.com/cockpit/"'
+ name: IMAGE_PREFIX
+ value: "cockpit/"
+ - description: 'Specify component name for container image; e.g. for "registry.example.com/cockpit/kubernetes:latest", use base name "kubernetes"'
+ name: IMAGE_BASENAME
+ value: "kubernetes"
- description: 'Specify image version; e.g. for "cockpit/kubernetes:latest", set version "latest"'
name: IMAGE_VERSION
value: latest
diff --git a/roles/openshift_hosted_templates/files/v3.8/enterprise/registry-console.yaml b/roles/openshift_hosted_templates/files/v3.8/enterprise/registry-console.yaml
new file mode 100644
index 000000000..f04ce06d3
--- /dev/null
+++ b/roles/openshift_hosted_templates/files/v3.8/enterprise/registry-console.yaml
@@ -0,0 +1,127 @@
+kind: Template
+apiVersion: v1
+metadata:
+ name: "registry-console"
+ annotations:
+ description: "Template for deploying registry web console. Requires cluster-admin."
+ tags: infrastructure
+labels:
+ createdBy: "registry-console-template"
+objects:
+ - kind: DeploymentConfig
+ apiVersion: v1
+ metadata:
+ name: "registry-console"
+ labels:
+ name: "registry-console"
+ spec:
+ triggers:
+ - type: ConfigChange
+ replicas: 1
+ selector:
+ name: "registry-console"
+ template:
+ metadata:
+ labels:
+ name: "registry-console"
+ spec:
+ containers:
+ - name: registry-console
+ image: ${IMAGE_PREFIX}${IMAGE_BASENAME}:${IMAGE_VERSION}
+ ports:
+ - containerPort: 9090
+ protocol: TCP
+ livenessProbe:
+ failureThreshold: 3
+ httpGet:
+ path: /ping
+ port: 9090
+ scheme: HTTP
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ successThreshold: 1
+ timeoutSeconds: 5
+ readinessProbe:
+ failureThreshold: 3
+ httpGet:
+ path: /ping
+ port: 9090
+ scheme: HTTP
+ periodSeconds: 10
+ successThreshold: 1
+ timeoutSeconds: 5
+ env:
+ - name: OPENSHIFT_OAUTH_PROVIDER_URL
+ value: "${OPENSHIFT_OAUTH_PROVIDER_URL}"
+ - name: OPENSHIFT_OAUTH_CLIENT_ID
+ value: "${OPENSHIFT_OAUTH_CLIENT_ID}"
+ - name: KUBERNETES_INSECURE
+ value: "false"
+ - name: COCKPIT_KUBE_INSECURE
+ value: "false"
+ - name: REGISTRY_ONLY
+ value: "true"
+ - name: REGISTRY_HOST
+ value: "${REGISTRY_HOST}"
+ - kind: Service
+ apiVersion: v1
+ metadata:
+ name: "registry-console"
+ labels:
+ name: "registry-console"
+ spec:
+ type: ClusterIP
+ ports:
+ - name: registry-console
+ protocol: TCP
+ port: 9000
+ targetPort: 9090
+ selector:
+ name: "registry-console"
+ - kind: ImageStream
+ apiVersion: v1
+ metadata:
+ name: registry-console
+ annotations:
+ description: Atomic Registry console
+ spec:
+ tags:
+ - annotations: null
+ from:
+ kind: DockerImage
+ name: ${IMAGE_PREFIX}${IMAGE_BASENAME}:${IMAGE_VERSION}
+ name: ${IMAGE_VERSION}
+ - kind: OAuthClient
+ apiVersion: v1
+ metadata:
+ name: "${OPENSHIFT_OAUTH_CLIENT_ID}"
+ respondWithChallenges: false
+ secret: "${OPENSHIFT_OAUTH_CLIENT_SECRET}"
+ redirectURIs:
+ - "${COCKPIT_KUBE_URL}"
+parameters:
+ - description: 'Specify "registry/repository" prefix for container image; e.g. for "registry.access.redhat.com/openshift3/registry-console:latest", set prefix "registry.access.redhat.com/openshift3/"'
+ name: IMAGE_PREFIX
+ value: "openshift3/"
+ - description: 'Specify component name for container image; e.g. for "registry.access.redhat.com/openshift3/registry-console:latest", use base name "registry-console"'
+ name: IMAGE_BASENAME
+ value: "registry-console"
+ - description: 'Specify image version; e.g. for "registry.access.redhat.com/openshift3/registry-console:v3.8", set version "v3.8"'
+ name: IMAGE_VERSION
+ value: "v3.8"
+ - description: "The public URL for the Openshift OAuth Provider, e.g. https://openshift.example.com:8443"
+ name: OPENSHIFT_OAUTH_PROVIDER_URL
+ required: true
+ - description: "The registry console URL. This should be created beforehand using 'oc create route passthrough --service registry-console --port registry-console -n default', e.g. https://registry-console-default.example.com"
+ name: COCKPIT_KUBE_URL
+ required: true
+ - description: "Oauth client secret"
+ name: OPENSHIFT_OAUTH_CLIENT_SECRET
+ from: "user[a-zA-Z0-9]{64}"
+ generate: expression
+ - description: "Oauth client id"
+ name: OPENSHIFT_OAUTH_CLIENT_ID
+ value: "cockpit-oauth-client"
+ - description: "The integrated registry hostname exposed via route, e.g. registry.example.com"
+ name: REGISTRY_HOST
+ required: true
diff --git a/roles/openshift_hosted_templates/files/v3.8/origin/registry-console.yaml b/roles/openshift_hosted_templates/files/v3.8/origin/registry-console.yaml
new file mode 100644
index 000000000..a75340eb7
--- /dev/null
+++ b/roles/openshift_hosted_templates/files/v3.8/origin/registry-console.yaml
@@ -0,0 +1,127 @@
+kind: Template
+apiVersion: v1
+metadata:
+ name: "registry-console"
+ annotations:
+ description: "Template for deploying registry web console. Requires cluster-admin."
+ tags: infrastructure
+labels:
+ createdBy: "registry-console-template"
+objects:
+ - kind: DeploymentConfig
+ apiVersion: v1
+ metadata:
+ name: "registry-console"
+ labels:
+ name: "registry-console"
+ spec:
+ triggers:
+ - type: ConfigChange
+ replicas: 1
+ selector:
+ name: "registry-console"
+ template:
+ metadata:
+ labels:
+ name: "registry-console"
+ spec:
+ containers:
+ - name: registry-console
+ image: ${IMAGE_PREFIX}${IMAGE_BASENAME}:${IMAGE_VERSION}
+ ports:
+ - containerPort: 9090
+ protocol: TCP
+ livenessProbe:
+ failureThreshold: 3
+ httpGet:
+ path: /ping
+ port: 9090
+ scheme: HTTP
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ successThreshold: 1
+ timeoutSeconds: 5
+ readinessProbe:
+ failureThreshold: 3
+ httpGet:
+ path: /ping
+ port: 9090
+ scheme: HTTP
+ periodSeconds: 10
+ successThreshold: 1
+ timeoutSeconds: 5
+ env:
+ - name: OPENSHIFT_OAUTH_PROVIDER_URL
+ value: "${OPENSHIFT_OAUTH_PROVIDER_URL}"
+ - name: OPENSHIFT_OAUTH_CLIENT_ID
+ value: "${OPENSHIFT_OAUTH_CLIENT_ID}"
+ - name: KUBERNETES_INSECURE
+ value: "false"
+ - name: COCKPIT_KUBE_INSECURE
+ value: "false"
+ - name: REGISTRY_ONLY
+ value: "true"
+ - name: REGISTRY_HOST
+ value: "${REGISTRY_HOST}"
+ - kind: Service
+ apiVersion: v1
+ metadata:
+ name: "registry-console"
+ labels:
+ name: "registry-console"
+ spec:
+ type: ClusterIP
+ ports:
+ - name: registry-console
+ protocol: TCP
+ port: 9000
+ targetPort: 9090
+ selector:
+ name: "registry-console"
+ - kind: ImageStream
+ apiVersion: v1
+ metadata:
+ name: registry-console
+ annotations:
+ description: Atomic Registry console
+ spec:
+ tags:
+ - annotations: null
+ from:
+ kind: DockerImage
+ name: ${IMAGE_PREFIX}${IMAGE_BASENAME}:${IMAGE_VERSION}
+ name: ${IMAGE_VERSION}
+ - kind: OAuthClient
+ apiVersion: v1
+ metadata:
+ name: "${OPENSHIFT_OAUTH_CLIENT_ID}"
+ respondWithChallenges: false
+ secret: "${OPENSHIFT_OAUTH_CLIENT_SECRET}"
+ redirectURIs:
+ - "${COCKPIT_KUBE_URL}"
+parameters:
+ - description: 'Specify "registry/namespace" prefix for container image; e.g. for "registry.example.com/cockpit/kubernetes:latest", set prefix "registry.example.com/cockpit/"'
+ name: IMAGE_PREFIX
+ value: "cockpit/"
+ - description: 'Specify component name for container image; e.g. for "registry.example.com/cockpit/kubernetes:latest", use base name "kubernetes"'
+ name: IMAGE_BASENAME
+ value: "kubernetes"
+ - description: 'Specify image version; e.g. for "cockpit/kubernetes:latest", set version "latest"'
+ name: IMAGE_VERSION
+ value: latest
+ - description: "The public URL for the Openshift OAuth Provider, e.g. https://openshift.example.com:8443"
+ name: OPENSHIFT_OAUTH_PROVIDER_URL
+ required: true
+ - description: "The registry console URL. This should be created beforehand using 'oc create route passthrough --service registry-console --port registry-console -n default', e.g. https://registry-console-default.example.com"
+ name: COCKPIT_KUBE_URL
+ required: true
+ - description: "Oauth client secret"
+ name: OPENSHIFT_OAUTH_CLIENT_SECRET
+ from: "user[a-zA-Z0-9]{64}"
+ generate: expression
+ - description: "Oauth client id"
+ name: OPENSHIFT_OAUTH_CLIENT_ID
+ value: "cockpit-oauth-client"
+ - description: "The integrated registry hostname exposed via route, e.g. registry.example.com"
+ name: REGISTRY_HOST
+ required: true
diff --git a/roles/openshift_hosted_templates/files/v3.9/enterprise/registry-console.yaml b/roles/openshift_hosted_templates/files/v3.9/enterprise/registry-console.yaml
new file mode 100644
index 000000000..c178cf432
--- /dev/null
+++ b/roles/openshift_hosted_templates/files/v3.9/enterprise/registry-console.yaml
@@ -0,0 +1,127 @@
+kind: Template
+apiVersion: v1
+metadata:
+ name: "registry-console"
+ annotations:
+ description: "Template for deploying registry web console. Requires cluster-admin."
+ tags: infrastructure
+labels:
+ createdBy: "registry-console-template"
+objects:
+ - kind: DeploymentConfig
+ apiVersion: v1
+ metadata:
+ name: "registry-console"
+ labels:
+ name: "registry-console"
+ spec:
+ triggers:
+ - type: ConfigChange
+ replicas: 1
+ selector:
+ name: "registry-console"
+ template:
+ metadata:
+ labels:
+ name: "registry-console"
+ spec:
+ containers:
+ - name: registry-console
+ image: ${IMAGE_PREFIX}${IMAGE_BASENAME}:${IMAGE_VERSION}
+ ports:
+ - containerPort: 9090
+ protocol: TCP
+ livenessProbe:
+ failureThreshold: 3
+ httpGet:
+ path: /ping
+ port: 9090
+ scheme: HTTP
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ successThreshold: 1
+ timeoutSeconds: 5
+ readinessProbe:
+ failureThreshold: 3
+ httpGet:
+ path: /ping
+ port: 9090
+ scheme: HTTP
+ periodSeconds: 10
+ successThreshold: 1
+ timeoutSeconds: 5
+ env:
+ - name: OPENSHIFT_OAUTH_PROVIDER_URL
+ value: "${OPENSHIFT_OAUTH_PROVIDER_URL}"
+ - name: OPENSHIFT_OAUTH_CLIENT_ID
+ value: "${OPENSHIFT_OAUTH_CLIENT_ID}"
+ - name: KUBERNETES_INSECURE
+ value: "false"
+ - name: COCKPIT_KUBE_INSECURE
+ value: "false"
+ - name: REGISTRY_ONLY
+ value: "true"
+ - name: REGISTRY_HOST
+ value: "${REGISTRY_HOST}"
+ - kind: Service
+ apiVersion: v1
+ metadata:
+ name: "registry-console"
+ labels:
+ name: "registry-console"
+ spec:
+ type: ClusterIP
+ ports:
+ - name: registry-console
+ protocol: TCP
+ port: 9000
+ targetPort: 9090
+ selector:
+ name: "registry-console"
+ - kind: ImageStream
+ apiVersion: v1
+ metadata:
+ name: registry-console
+ annotations:
+ description: Atomic Registry console
+ spec:
+ tags:
+ - annotations: null
+ from:
+ kind: DockerImage
+ name: ${IMAGE_PREFIX}${IMAGE_BASENAME}:${IMAGE_VERSION}
+ name: ${IMAGE_VERSION}
+ - kind: OAuthClient
+ apiVersion: v1
+ metadata:
+ name: "${OPENSHIFT_OAUTH_CLIENT_ID}"
+ respondWithChallenges: false
+ secret: "${OPENSHIFT_OAUTH_CLIENT_SECRET}"
+ redirectURIs:
+ - "${COCKPIT_KUBE_URL}"
+parameters:
+ - description: 'Specify "registry/repository" prefix for container image; e.g. for "registry.access.redhat.com/openshift3/registry-console:latest", set prefix "registry.access.redhat.com/openshift3/"'
+ name: IMAGE_PREFIX
+ value: "openshift3/"
+ - description: 'Specify component name for container image; e.g. for "registry.access.redhat.com/openshift3/registry-console:latest", use base name "registry-console"'
+ name: IMAGE_BASENAME
+ value: "registry-console"
+ - description: 'Specify image version; e.g. for "registry.access.redhat.com/openshift3/registry-console:v3.9", set version "v3.9"'
+ name: IMAGE_VERSION
+ value: "v3.9"
+ - description: "The public URL for the Openshift OAuth Provider, e.g. https://openshift.example.com:8443"
+ name: OPENSHIFT_OAUTH_PROVIDER_URL
+ required: true
+ - description: "The registry console URL. This should be created beforehand using 'oc create route passthrough --service registry-console --port registry-console -n default', e.g. https://registry-console-default.example.com"
+ name: COCKPIT_KUBE_URL
+ required: true
+ - description: "Oauth client secret"
+ name: OPENSHIFT_OAUTH_CLIENT_SECRET
+ from: "user[a-zA-Z0-9]{64}"
+ generate: expression
+ - description: "Oauth client id"
+ name: OPENSHIFT_OAUTH_CLIENT_ID
+ value: "cockpit-oauth-client"
+ - description: "The integrated registry hostname exposed via route, e.g. registry.example.com"
+ name: REGISTRY_HOST
+ required: true
diff --git a/roles/openshift_hosted_templates/files/v3.9/origin/registry-console.yaml b/roles/openshift_hosted_templates/files/v3.9/origin/registry-console.yaml
new file mode 100644
index 000000000..a75340eb7
--- /dev/null
+++ b/roles/openshift_hosted_templates/files/v3.9/origin/registry-console.yaml
@@ -0,0 +1,127 @@
+kind: Template
+apiVersion: v1
+metadata:
+ name: "registry-console"
+ annotations:
+ description: "Template for deploying registry web console. Requires cluster-admin."
+ tags: infrastructure
+labels:
+ createdBy: "registry-console-template"
+objects:
+ - kind: DeploymentConfig
+ apiVersion: v1
+ metadata:
+ name: "registry-console"
+ labels:
+ name: "registry-console"
+ spec:
+ triggers:
+ - type: ConfigChange
+ replicas: 1
+ selector:
+ name: "registry-console"
+ template:
+ metadata:
+ labels:
+ name: "registry-console"
+ spec:
+ containers:
+ - name: registry-console
+ image: ${IMAGE_PREFIX}${IMAGE_BASENAME}:${IMAGE_VERSION}
+ ports:
+ - containerPort: 9090
+ protocol: TCP
+ livenessProbe:
+ failureThreshold: 3
+ httpGet:
+ path: /ping
+ port: 9090
+ scheme: HTTP
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ successThreshold: 1
+ timeoutSeconds: 5
+ readinessProbe:
+ failureThreshold: 3
+ httpGet:
+ path: /ping
+ port: 9090
+ scheme: HTTP
+ periodSeconds: 10
+ successThreshold: 1
+ timeoutSeconds: 5
+ env:
+ - name: OPENSHIFT_OAUTH_PROVIDER_URL
+ value: "${OPENSHIFT_OAUTH_PROVIDER_URL}"
+ - name: OPENSHIFT_OAUTH_CLIENT_ID
+ value: "${OPENSHIFT_OAUTH_CLIENT_ID}"
+ - name: KUBERNETES_INSECURE
+ value: "false"
+ - name: COCKPIT_KUBE_INSECURE
+ value: "false"
+ - name: REGISTRY_ONLY
+ value: "true"
+ - name: REGISTRY_HOST
+ value: "${REGISTRY_HOST}"
+ - kind: Service
+ apiVersion: v1
+ metadata:
+ name: "registry-console"
+ labels:
+ name: "registry-console"
+ spec:
+ type: ClusterIP
+ ports:
+ - name: registry-console
+ protocol: TCP
+ port: 9000
+ targetPort: 9090
+ selector:
+ name: "registry-console"
+ - kind: ImageStream
+ apiVersion: v1
+ metadata:
+ name: registry-console
+ annotations:
+ description: Atomic Registry console
+ spec:
+ tags:
+ - annotations: null
+ from:
+ kind: DockerImage
+ name: ${IMAGE_PREFIX}${IMAGE_BASENAME}:${IMAGE_VERSION}
+ name: ${IMAGE_VERSION}
+ - kind: OAuthClient
+ apiVersion: v1
+ metadata:
+ name: "${OPENSHIFT_OAUTH_CLIENT_ID}"
+ respondWithChallenges: false
+ secret: "${OPENSHIFT_OAUTH_CLIENT_SECRET}"
+ redirectURIs:
+ - "${COCKPIT_KUBE_URL}"
+parameters:
+ - description: 'Specify "registry/namespace" prefix for container image; e.g. for "registry.example.com/cockpit/kubernetes:latest", set prefix "registry.example.com/cockpit/"'
+ name: IMAGE_PREFIX
+ value: "cockpit/"
+ - description: 'Specify component name for container image; e.g. for "registry.example.com/cockpit/kubernetes:latest", use base name "kubernetes"'
+ name: IMAGE_BASENAME
+ value: "kubernetes"
+ - description: 'Specify image version; e.g. for "cockpit/kubernetes:latest", set version "latest"'
+ name: IMAGE_VERSION
+ value: latest
+ - description: "The public URL for the Openshift OAuth Provider, e.g. https://openshift.example.com:8443"
+ name: OPENSHIFT_OAUTH_PROVIDER_URL
+ required: true
+ - description: "The registry console URL. This should be created beforehand using 'oc create route passthrough --service registry-console --port registry-console -n default', e.g. https://registry-console-default.example.com"
+ name: COCKPIT_KUBE_URL
+ required: true
+ - description: "Oauth client secret"
+ name: OPENSHIFT_OAUTH_CLIENT_SECRET
+ from: "user[a-zA-Z0-9]{64}"
+ generate: expression
+ - description: "Oauth client id"
+ name: OPENSHIFT_OAUTH_CLIENT_ID
+ value: "cockpit-oauth-client"
+ - description: "The integrated registry hostname exposed via route, e.g. registry.example.com"
+ name: REGISTRY_HOST
+ required: true
diff --git a/roles/openshift_hosted_templates/meta/main.yml b/roles/openshift_hosted_templates/meta/main.yml
index 4027f524b..fca3485fd 100644
--- a/roles/openshift_hosted_templates/meta/main.yml
+++ b/roles/openshift_hosted_templates/meta/main.yml
@@ -11,4 +11,5 @@ galaxy_info:
- 7
categories:
- cloud
-dependencies: []
+dependencies:
+- role: lib_utils
diff --git a/roles/openshift_loadbalancer/defaults/main.yml b/roles/openshift_loadbalancer/defaults/main.yml
index 239b16427..6ffe3f11e 100644
--- a/roles/openshift_loadbalancer/defaults/main.yml
+++ b/roles/openshift_loadbalancer/defaults/main.yml
@@ -2,6 +2,12 @@
r_openshift_loadbalancer_firewall_enabled: "{{ os_firewall_enabled | default(True) }}"
r_openshift_loadbalancer_use_firewalld: "{{ os_firewall_use_firewalld | default(False) }}"
+openshift_router_image_default_dict:
+ origin: 'openshift/origin-haproxy-router'
+ openshift-enterprise: 'openshift3/ose-haproxy-router'
+openshift_router_image_default: "{{ openshift_router_image_default_dict[openshift_deployment_type] }}"
+openshift_router_image: "{{ openshift_router_image_default }}"
+
haproxy_frontends:
- name: main
binds:
@@ -26,6 +32,8 @@ r_openshift_loadbalancer_os_firewall_allow:
port: "{{ nuage_mon_rest_server_port | default(9443) }}/tcp"
cond: "{{ r_openshift_lb_use_nuage | bool }}"
+openshift_docker_service_name: "{{ 'container-engine' if (openshift_docker_use_system_container | default(False)) else 'docker' }}"
+
# NOTE
# r_openshift_lb_use_nuage_default may be defined external to this role.
# openshift_use_nuage, if defined, may affect other roles or play behavior.
diff --git a/roles/openshift_loadbalancer/meta/main.yml b/roles/openshift_loadbalancer/meta/main.yml
index 72298b599..3b5b45c5f 100644
--- a/roles/openshift_loadbalancer/meta/main.yml
+++ b/roles/openshift_loadbalancer/meta/main.yml
@@ -10,5 +10,5 @@ galaxy_info:
versions:
- 7
dependencies:
-- role: lib_os_firewall
+- role: lib_utils
- role: openshift_facts
diff --git a/roles/openshift_loadbalancer/tasks/main.yml b/roles/openshift_loadbalancer/tasks/main.yml
index 69b061fc5..3ca6c8cbe 100644
--- a/roles/openshift_loadbalancer/tasks/main.yml
+++ b/roles/openshift_loadbalancer/tasks/main.yml
@@ -1,15 +1,16 @@
---
- name: setup firewall
- include: firewall.yml
- static: yes
+ import_tasks: firewall.yml
- name: Install haproxy
package: name=haproxy state=present
when: not openshift.common.is_containerized | bool
+ register: result
+ until: result is succeeded
- name: Pull haproxy image
command: >
- docker pull {{ openshift.common.router_image }}:{{ openshift_image_tag }}
+ docker pull {{ openshift_router_image }}:{{ openshift_image_tag }}
when: openshift.common.is_containerized | bool
- name: Create config directory for haproxy
@@ -69,4 +70,4 @@
register: start_result
- set_fact:
- haproxy_start_result_changed: "{{ start_result | changed }}"
+ haproxy_start_result_changed: "{{ start_result is changed }}"
diff --git a/roles/openshift_loadbalancer/templates/haproxy.docker.service.j2 b/roles/openshift_loadbalancer/templates/haproxy.docker.service.j2
index 72182fcdd..90111449c 100644
--- a/roles/openshift_loadbalancer/templates/haproxy.docker.service.j2
+++ b/roles/openshift_loadbalancer/templates/haproxy.docker.service.j2
@@ -1,11 +1,11 @@
[Unit]
-After={{ openshift.docker.service_name }}.service
-Requires={{ openshift.docker.service_name }}.service
-PartOf={{ openshift.docker.service_name }}.service
+After={{ openshift_docker_service_name }}.service
+Requires={{ openshift_docker_service_name }}.service
+PartOf={{ openshift_docker_service_name }}.service
[Service]
ExecStartPre=-/usr/bin/docker rm -f openshift_loadbalancer
-ExecStart=/usr/bin/docker run --rm --name openshift_loadbalancer -p {{ openshift_master_api_port | default(8443) }}:{{ openshift_master_api_port | default(8443) }} -v /etc/haproxy/haproxy.cfg:/etc/haproxy/haproxy.cfg:ro --entrypoint=haproxy {{ openshift.common.router_image }}:{{ openshift_image_tag }} -f /etc/haproxy/haproxy.cfg
+ExecStart=/usr/bin/docker run --rm --name openshift_loadbalancer {% for frontend in openshift_loadbalancer_frontends %} {% for bind in frontend.binds %} -p {{ bind |regex_replace('^[^:]*:(\d+).*$', '\\1') }}:{{ bind |regex_replace('^[^:]*:(\d+).*$', '\\1') }} {% endfor %} {% endfor %} -v /etc/haproxy/haproxy.cfg:/etc/haproxy/haproxy.cfg:ro --entrypoint=haproxy {{ openshift_router_image }}:{{ openshift_image_tag }} -f /etc/haproxy/haproxy.cfg
ExecStartPost=/usr/bin/sleep 10
ExecStop=/usr/bin/docker stop openshift_loadbalancer
LimitNOFILE={{ openshift_loadbalancer_limit_nofile | default(100000) }}
@@ -14,4 +14,4 @@ Restart=always
RestartSec=5s
[Install]
-WantedBy={{ openshift.docker.service_name }}.service
+WantedBy={{ openshift_docker_service_name }}.service
diff --git a/roles/openshift_logging/README.md b/roles/openshift_logging/README.md
index 6c5bb8693..27cfc17d6 100644
--- a/roles/openshift_logging/README.md
+++ b/roles/openshift_logging/README.md
@@ -84,6 +84,7 @@ When `openshift_logging_install_logging` is set to `False` the `openshift_loggin
- `openshift_logging_es_memory_limit`: The amount of RAM that should be assigned to ES. Defaults to '8Gi'.
- `openshift_logging_es_log_appenders`: The list of rootLogger appenders for ES logs which can be: 'file', 'console'. Defaults to 'file'.
- `openshift_logging_es_pv_selector`: A key/value map added to a PVC in order to select specific PVs. Defaults to 'None'.
+- `openshift_logging_es_pvc_storage_class_name`: The name of the storage class to use for a static PVC. Defaults to ''.
- `openshift_logging_es_pvc_dynamic`: Whether or not to add the dynamic PVC annotation for any generated PVCs. Defaults to 'False'.
- `openshift_logging_es_pvc_size`: The requested size for the ES PVCs, when not provided the role will not generate any PVCs. Defaults to '""'.
- `openshift_logging_es_pvc_prefix`: The prefix for the generated PVCs. Defaults to 'logging-es'.
diff --git a/roles/openshift_logging/defaults/main.yml b/roles/openshift_logging/defaults/main.yml
index 626732d16..2f1aa061f 100644
--- a/roles/openshift_logging/defaults/main.yml
+++ b/roles/openshift_logging/defaults/main.yml
@@ -28,7 +28,7 @@ openshift_logging_curator_ops_memory_limit: 256Mi
openshift_logging_curator_ops_cpu_request: 100m
openshift_logging_curator_ops_nodeselector: {}
-openshift_logging_kibana_hostname: "{{ 'kibana.' ~ (openshift_master_default_subdomain | default('router.default.svc.cluster.local', true)) }}"
+openshift_logging_kibana_hostname: "{{ 'kibana.' ~ openshift_master_default_subdomain }}"
openshift_logging_kibana_cpu_limit: null
openshift_logging_kibana_memory_limit: 736Mi
openshift_logging_kibana_cpu_request: 100m
@@ -54,7 +54,7 @@ openshift_logging_kibana_key: ""
#for the public facing kibana certs
openshift_logging_kibana_ca: ""
-openshift_logging_kibana_ops_hostname: "{{ 'kibana-ops.' ~ (openshift_master_default_subdomain | default('router.default.svc.cluster.local', true)) }}"
+openshift_logging_kibana_ops_hostname: "{{ 'kibana-ops.' ~ openshift_master_default_subdomain }}"
openshift_logging_kibana_ops_cpu_limit: null
openshift_logging_kibana_ops_memory_limit: 736Mi
openshift_logging_kibana_ops_cpu_request: 100m
@@ -99,7 +99,7 @@ openshift_logging_es_log_appenders: ['file']
openshift_logging_es_memory_limit: "8Gi"
openshift_logging_es_pv_selector: "{{ openshift_logging_storage_labels | default('') }}"
openshift_logging_es_pvc_dynamic: "{{ openshift_logging_elasticsearch_pvc_dynamic | default(False) }}"
-openshift_logging_es_pvc_size: "{{ openshift_logging_elasticsearch_pvc_size | default('') }}"
+openshift_logging_es_pvc_size: ''
openshift_logging_es_pvc_prefix: "{{ openshift_logging_elasticsearch_pvc_prefix | default('logging-es') }}"
openshift_logging_es_recover_after_time: 5m
openshift_logging_es_storage_group: "65534"
@@ -109,7 +109,7 @@ openshift_logging_es_config: {}
# for exposing es to external (outside of the cluster) clients
openshift_logging_es_allow_external: False
-openshift_logging_es_hostname: "{{ 'es.' ~ (openshift_master_default_subdomain | default('router.default.svc.cluster.local', true)) }}"
+openshift_logging_es_hostname: "{{ 'es.' ~ openshift_master_default_subdomain }}"
#The absolute path on the control node to the cert file to use
#for the public facing es certs
@@ -145,7 +145,7 @@ openshift_logging_es_ops_nodeselector: {}
# for exposing es-ops to external (outside of the cluster) clients
openshift_logging_es_ops_allow_external: False
-openshift_logging_es_ops_hostname: "{{ 'es-ops.' ~ (openshift_master_default_subdomain | default('router.default.svc.cluster.local', true)) }}"
+openshift_logging_es_ops_hostname: "{{ 'es-ops.' ~ openshift_master_default_subdomain }}"
#The absolute path on the control node to the cert file to use
#for the public facing es-ops certs
@@ -165,7 +165,7 @@ openshift_logging_storage_access_modes: ['ReadWriteOnce']
# mux - secure_forward listener service
openshift_logging_mux_allow_external: False
openshift_logging_use_mux: "{{ openshift_logging_mux_allow_external | default(False) }}"
-openshift_logging_mux_hostname: "{{ 'mux.' ~ (openshift_master_default_subdomain | default('router.default.svc.cluster.local', true)) }}"
+openshift_logging_mux_hostname: "{{ 'mux.' ~ openshift_master_default_subdomain}}"
openshift_logging_mux_port: 24284
openshift_logging_mux_cpu_limit: null
openshift_logging_mux_memory_limit: 512Mi
diff --git a/roles/openshift_logging/handlers/main.yml b/roles/openshift_logging/handlers/main.yml
index ce7688581..1f4b5a116 100644
--- a/roles/openshift_logging/handlers/main.yml
+++ b/roles/openshift_logging/handlers/main.yml
@@ -1,23 +1,24 @@
---
- name: restart master api
- systemd: name={{ openshift.common.service_type }}-master-api state=restarted
- when: (not (master_api_service_status_changed | default(false) | bool)) and openshift.master.cluster_method == 'native'
+ systemd: name={{ openshift_service_type }}-master-api state=restarted
+ when: (not (master_api_service_status_changed | default(false) | bool))
notify: Verify API Server
+# We retry the controllers because the API may not be 100% initialized yet.
- name: restart master controllers
- systemd: name={{ openshift.common.service_type }}-master-controllers state=restarted
- when: (not (master_controllers_service_status_changed | default(false) | bool)) and openshift.master.cluster_method == 'native'
+ command: "systemctl restart {{ openshift_service_type }}-master-controllers"
+ retries: 3
+ delay: 5
+ register: result
+ until: result.rc == 0
+ when: (not (master_controllers_service_status_changed | default(false) | bool))
- name: Verify API Server
# Using curl here since the uri module requires python-httplib2 and
# wait_for port doesn't provide health information.
command: >
curl --silent --tlsv1.2
- {% if openshift.common.version_gte_3_2_or_1_2 | bool %}
--cacert {{ openshift.common.config_base }}/master/ca-bundle.crt
- {% else %}
- --cacert {{ openshift.common.config_base }}/master/ca.crt
- {% endif %}
{{ openshift.master.api_url }}/healthz/ready
args:
# Disables the following warning:
diff --git a/roles/openshift_logging/meta/main.yaml b/roles/openshift_logging/meta/main.yaml
index 9c480f73a..01ed4918f 100644
--- a/roles/openshift_logging/meta/main.yaml
+++ b/roles/openshift_logging/meta/main.yaml
@@ -14,3 +14,4 @@ galaxy_info:
dependencies:
- role: lib_openshift
- role: openshift_facts
+- role: lib_utils
diff --git a/roles/openshift_logging/tasks/annotate_ops_projects.yaml b/roles/openshift_logging/tasks/annotate_ops_projects.yaml
index fcb4c94d3..59d6098d4 100644
--- a/roles/openshift_logging/tasks/annotate_ops_projects.yaml
+++ b/roles/openshift_logging/tasks/annotate_ops_projects.yaml
@@ -1,17 +1,20 @@
---
-- oc_obj:
- state: list
- kind: project
- name: "{{ item }}"
- with_items: "{{ __default_logging_ops_projects }}"
+- command: >
+ {{ openshift.common.client_binary }}
+ --config={{ openshift.common.config_base }}/master/admin.kubeconfig
+ get namespaces -o jsonpath={.items[*].metadata.name} {{ __default_logging_ops_projects | join(' ') }}
register: __logging_ops_projects
- name: Annotate Operations Projects
oc_edit:
kind: ns
- name: "{{ item.item }}"
+ name: "{{ project }}"
separator: '#'
content:
metadata#annotations#openshift.io/logging.ui.hostname: "{{ openshift_logging_kibana_ops_hostname }}"
- with_items: "{{ __logging_ops_projects.results }}"
- when: item.results.stderr is not defined
+ with_items: "{{ __logging_ops_projects.stdout.split(' ') }}"
+ loop_control:
+ loop_var: project
+ when:
+ - __logging_ops_projects.stderr | length == 0
+ - openshift_logging_use_ops | default(false) | bool
diff --git a/roles/openshift_logging/tasks/delete_logging.yaml b/roles/openshift_logging/tasks/delete_logging.yaml
index ffed956a4..af36d67c6 100644
--- a/roles/openshift_logging/tasks/delete_logging.yaml
+++ b/roles/openshift_logging/tasks/delete_logging.yaml
@@ -107,6 +107,24 @@
- logging-fluentd
- logging-mux
+# remove annotations added by logging
+- command: >
+ {{ openshift.common.client_binary }}
+ --config={{ openshift.common.config_base }}/master/admin.kubeconfig
+ get namespaces -o name {{ __default_logging_ops_projects | join(' ') }}
+ register: __logging_ops_projects
+
+- name: Remove Annotation of Operations Projects
+ command: >
+ {{ openshift.common.client_binary }}
+ --config={{ openshift.common.config_base }}/master/admin.kubeconfig
+ annotate {{ project }} openshift.io/logging.ui.hostname-
+ with_items: "{{ __logging_ops_projects.stdout_lines }}"
+ loop_control:
+ loop_var: project
+ when:
+ - __logging_ops_projects.stderr | length == 0
+
## EventRouter
- include_role:
name: openshift_logging_eventrouter
diff --git a/roles/openshift_logging/tasks/generate_certs.yaml b/roles/openshift_logging/tasks/generate_certs.yaml
index f526fd734..d5cfacae3 100644
--- a/roles/openshift_logging/tasks/generate_certs.yaml
+++ b/roles/openshift_logging/tasks/generate_certs.yaml
@@ -36,7 +36,7 @@
- top_dir: '{{generated_certs_dir}}'
when: not signing_conf_file.stat.exists
-- include: procure_server_certs.yaml
+- include_tasks: procure_server_certs.yaml
loop_control:
loop_var: cert_info
with_items:
@@ -45,7 +45,7 @@
- procure_component: kibana-internal
hostnames: "kibana, kibana-ops, {{openshift_logging_kibana_hostname}}, {{openshift_logging_kibana_ops_hostname}}"
-- include: procure_server_certs.yaml
+- include_tasks: procure_server_certs.yaml
loop_control:
loop_var: cert_info
with_items:
@@ -53,14 +53,14 @@
hostnames: "logging-mux, {{openshift_logging_mux_hostname}}"
when: openshift_logging_use_mux | bool
-- include: procure_shared_key.yaml
+- include_tasks: procure_shared_key.yaml
loop_control:
loop_var: shared_key_info
with_items:
- procure_component: mux
when: openshift_logging_use_mux | bool
-- include: procure_server_certs.yaml
+- include_tasks: procure_server_certs.yaml
loop_control:
loop_var: cert_info
with_items:
@@ -68,7 +68,7 @@
hostnames: "es, {{openshift_logging_es_hostname}}"
when: openshift_logging_es_allow_external | bool
-- include: procure_server_certs.yaml
+- include_tasks: procure_server_certs.yaml
loop_control:
loop_var: cert_info
with_items:
@@ -109,7 +109,7 @@
- not ca_cert_srl_file.stat.exists
- name: Generate PEM certs
- include: generate_pems.yaml component={{node_name}}
+ include_tasks: generate_pems.yaml component={{node_name}}
with_items:
- system.logging.fluentd
- system.logging.kibana
@@ -119,7 +119,7 @@
loop_var: node_name
- name: Generate PEM cert for mux
- include: generate_pems.yaml component={{node_name}}
+ include_tasks: generate_pems.yaml component={{node_name}}
with_items:
- system.logging.mux
loop_control:
@@ -127,7 +127,7 @@
when: openshift_logging_use_mux | bool
- name: Generate PEM cert for Elasticsearch external route
- include: generate_pems.yaml component={{node_name}}
+ include_tasks: generate_pems.yaml component={{node_name}}
with_items:
- system.logging.es
loop_control:
@@ -135,14 +135,14 @@
when: openshift_logging_es_allow_external | bool
- name: Creating necessary JKS certs
- include: generate_jks.yaml
+ include_tasks: generate_jks.yaml
# TODO: make idempotent
- name: Generate proxy session
- set_fact: session_secret={{ 200 | oo_random_word}}
+ set_fact: session_secret={{ 200 | lib_utils_oo_random_word}}
check_mode: no
# TODO: make idempotent
- name: Generate oauth client secret
- set_fact: oauth_secret={{ 64 | oo_random_word}}
+ set_fact: oauth_secret={{ 64 | lib_utils_oo_random_word}}
check_mode: no
diff --git a/roles/openshift_logging/tasks/generate_jks.yaml b/roles/openshift_logging/tasks/generate_jks.yaml
index 6e3204589..d6ac88dcc 100644
--- a/roles/openshift_logging/tasks/generate_jks.yaml
+++ b/roles/openshift_logging/tasks/generate_jks.yaml
@@ -24,21 +24,25 @@
local_action: file path="{{local_tmp.stdout}}/elasticsearch.jks" state=touch mode="u=rw,g=r,o=r"
when: elasticsearch_jks.stat.exists
changed_when: False
+ become: no
- name: Create placeholder for previously created JKS certs to prevent recreating...
local_action: file path="{{local_tmp.stdout}}/logging-es.jks" state=touch mode="u=rw,g=r,o=r"
when: logging_es_jks.stat.exists
changed_when: False
+ become: no
- name: Create placeholder for previously created JKS certs to prevent recreating...
local_action: file path="{{local_tmp.stdout}}/system.admin.jks" state=touch mode="u=rw,g=r,o=r"
when: system_admin_jks.stat.exists
changed_when: False
+ become: no
- name: Create placeholder for previously created JKS certs to prevent recreating...
local_action: file path="{{local_tmp.stdout}}/truststore.jks" state=touch mode="u=rw,g=r,o=r"
when: truststore_jks.stat.exists
changed_when: False
+ become: no
- name: pulling down signing items from host
fetch:
@@ -57,10 +61,12 @@
vars:
- top_dir: "{{local_tmp.stdout}}"
when: not elasticsearch_jks.stat.exists or not logging_es_jks.stat.exists or not system_admin_jks.stat.exists or not truststore_jks.stat.exists
+ become: no
- name: Run JKS generation script
local_action: script generate-jks.sh {{local_tmp.stdout}} {{openshift_logging_namespace}}
check_mode: no
+ become: no
when: not elasticsearch_jks.stat.exists or not logging_es_jks.stat.exists or not system_admin_jks.stat.exists or not truststore_jks.stat.exists
- name: Pushing locally generated JKS certs to remote host...
diff --git a/roles/openshift_logging/tasks/install_logging.yaml b/roles/openshift_logging/tasks/install_logging.yaml
index cec295d65..bb8ebec6b 100644
--- a/roles/openshift_logging/tasks/install_logging.yaml
+++ b/roles/openshift_logging/tasks/install_logging.yaml
@@ -52,7 +52,7 @@
changed_when: False
check_mode: no
-- include: generate_certs.yaml
+- include_tasks: generate_certs.yaml
vars:
generated_certs_dir: "{{openshift.common.config_base}}/logging"
@@ -79,10 +79,12 @@
openshift_logging_elasticsearch_namespace: "{{ openshift_logging_namespace }}"
openshift_logging_elasticsearch_deployment_name: "{{ outer_item.0.name }}"
openshift_logging_elasticsearch_pvc_name: "{{ outer_item.0.volumes['elasticsearch-storage'].persistentVolumeClaim.claimName if outer_item.0.volumes['elasticsearch-storage'].persistentVolumeClaim is defined else openshift_logging_es_pvc_prefix ~ '-' ~ outer_item.2 if outer_item.1 is none else outer_item.1 }}"
+ openshift_logging_elasticsearch_pvc_size: "{{ openshift_logging_es_pvc_size }}"
openshift_logging_elasticsearch_replica_count: "{{ openshift_logging_es_cluster_size | int }}"
openshift_logging_elasticsearch_storage_type: "{{ elasticsearch_storage_type }}"
openshift_logging_elasticsearch_pvc_pv_selector: "{{ openshift_logging_es_pv_selector }}"
+ openshift_logging_elasticsearch_pvc_storage_class_name: "{{ openshift_logging_es_pvc_storage_class_name }}"
openshift_logging_elasticsearch_nodeselector: "{{ openshift_logging_es_nodeselector if outer_item.0.nodeSelector | default(None) is none else outer_item.0.nodeSelector }}"
openshift_logging_elasticsearch_storage_group: "{{ [openshift_logging_es_storage_group] if outer_item.0.storageGroups | default([]) | length == 0 else outer_item.0.storageGroups }}"
_es_containers: "{{ outer_item.0.containers}}"
@@ -104,10 +106,12 @@
generated_certs_dir: "{{openshift.common.config_base}}/logging"
openshift_logging_elasticsearch_namespace: "{{ openshift_logging_namespace }}"
openshift_logging_elasticsearch_pvc_name: "{{ openshift_logging_es_pvc_prefix }}-{{ outer_item | int + openshift_logging_facts.elasticsearch.deploymentconfigs | count - 1 }}"
+ openshift_logging_elasticsearch_pvc_size: "{{ openshift_logging_es_pvc_size }}"
openshift_logging_elasticsearch_replica_count: "{{ openshift_logging_es_cluster_size | int }}"
openshift_logging_elasticsearch_storage_type: "{{ elasticsearch_storage_type }}"
openshift_logging_elasticsearch_pvc_pv_selector: "{{ openshift_logging_es_pv_selector }}"
+ openshift_logging_elasticsearch_pvc_storage_class_name: "{{ openshift_logging_es_pvc_storage_class_name }}"
with_sequence: count={{ openshift_logging_es_cluster_size | int - openshift_logging_facts.elasticsearch.deploymentconfigs.keys() | count }}
loop_control:
@@ -144,6 +148,7 @@
openshift_logging_elasticsearch_pvc_size: "{{ openshift_logging_es_ops_pvc_size }}"
openshift_logging_elasticsearch_pvc_dynamic: "{{ openshift_logging_es_ops_pvc_dynamic }}"
openshift_logging_elasticsearch_pvc_pv_selector: "{{ openshift_logging_es_ops_pv_selector }}"
+ openshift_logging_elasticsearch_pvc_storage_class_name: "{{ openshift_logging_es_ops_pvc_storage_class_name }}"
openshift_logging_elasticsearch_memory_limit: "{{ openshift_logging_es_ops_memory_limit }}"
openshift_logging_elasticsearch_cpu_limit: "{{ openshift_logging_es_ops_cpu_limit }}"
openshift_logging_elasticsearch_cpu_request: "{{ openshift_logging_es_ops_cpu_request }}"
@@ -185,6 +190,7 @@
openshift_logging_elasticsearch_pvc_size: "{{ openshift_logging_es_ops_pvc_size }}"
openshift_logging_elasticsearch_pvc_dynamic: "{{ openshift_logging_es_ops_pvc_dynamic }}"
openshift_logging_elasticsearch_pvc_pv_selector: "{{ openshift_logging_es_ops_pv_selector }}"
+ openshift_logging_elasticsearch_pvc_storage_class_name: "{{ openshift_logging_es_ops_pvc_storage_class_name }}"
openshift_logging_elasticsearch_memory_limit: "{{ openshift_logging_es_ops_memory_limit }}"
openshift_logging_elasticsearch_cpu_limit: "{{ openshift_logging_es_ops_cpu_limit }}"
openshift_logging_elasticsearch_cpu_request: "{{ openshift_logging_es_ops_cpu_request }}"
@@ -244,7 +250,7 @@
when:
- openshift_logging_use_ops | bool
-- include: annotate_ops_projects.yaml
+- include_tasks: annotate_ops_projects.yaml
## Curator
- include_role:
@@ -305,4 +311,4 @@
openshift_logging_install_eventrouter | default(false) | bool
-- include: update_master_config.yaml
+- include_tasks: update_master_config.yaml
diff --git a/roles/openshift_logging/tasks/main.yaml b/roles/openshift_logging/tasks/main.yaml
index 15f6a23e6..9949bb95d 100644
--- a/roles/openshift_logging/tasks/main.yaml
+++ b/roles/openshift_logging/tasks/main.yaml
@@ -3,17 +3,6 @@
msg: Only one Fluentd nodeselector key pair should be provided
when: openshift_logging_fluentd_nodeselector.keys() | count > 1
-- name: Set default image variables based on deployment_type
- include_vars: "{{ item }}"
- with_first_found:
- - "{{ openshift_deployment_type | default(deployment_type) }}.yml"
- - "default_images.yml"
-
-- name: Set logging image facts
- set_fact:
- openshift_logging_image_prefix: "{{ openshift_logging_image_prefix | default(__openshift_logging_image_prefix) }}"
- openshift_logging_image_version: "{{ openshift_logging_image_version | default(__openshift_logging_image_version) }}"
-
- name: Create temp directory for doing work in
command: mktemp -d /tmp/openshift-logging-ansible-XXXXXX
register: mktemp
@@ -30,11 +19,11 @@
check_mode: no
become: no
-- include: install_logging.yaml
+- include_tasks: install_logging.yaml
when:
- openshift_logging_install_logging | default(false) | bool
-- include: delete_logging.yaml
+- include_tasks: delete_logging.yaml
when:
- not openshift_logging_install_logging | default(false) | bool
@@ -42,3 +31,4 @@
local_action: file path="{{local_tmp.stdout}}" state=absent
tags: logging_cleanup
changed_when: False
+ become: no
diff --git a/roles/openshift_logging/vars/default_images.yml b/roles/openshift_logging/vars/default_images.yml
deleted file mode 100644
index 1a77808f6..000000000
--- a/roles/openshift_logging/vars/default_images.yml
+++ /dev/null
@@ -1,3 +0,0 @@
----
-__openshift_logging_image_prefix: "{{ openshift_hosted_logging_deployer_prefix | default('docker.io/openshift/origin-') }}"
-__openshift_logging_image_version: "{{ openshift_hosted_logging_deployer_version | default('latest') }}"
diff --git a/roles/openshift_logging/vars/openshift-enterprise.yml b/roles/openshift_logging/vars/openshift-enterprise.yml
deleted file mode 100644
index f60fa8d7d..000000000
--- a/roles/openshift_logging/vars/openshift-enterprise.yml
+++ /dev/null
@@ -1,3 +0,0 @@
----
-__openshift_logging_image_prefix: "{{ openshift_hosted_logging_deployer_prefix | default('registry.access.redhat.com/openshift3/') }}"
-__openshift_logging_image_version: "{{ openshift_hosted_logging_deployer_version | default ('v3.7') }}"
diff --git a/roles/openshift_logging_curator/defaults/main.yml b/roles/openshift_logging_curator/defaults/main.yml
index 9cae9f936..a0d221c32 100644
--- a/roles/openshift_logging_curator/defaults/main.yml
+++ b/roles/openshift_logging_curator/defaults/main.yml
@@ -1,7 +1,5 @@
---
### General logging settings
-openshift_logging_curator_image_prefix: "{{ openshift_logging_image_prefix | default(__openshift_logging_image_prefix) }}"
-openshift_logging_curator_image_version: "{{ openshift_logging_image_version | default('latest') }}"
openshift_logging_curator_image_pull_secret: "{{ openshift_hosted_logging_image_pull_secret | default('') }}"
openshift_logging_curator_master_url: "https://kubernetes.default.svc.cluster.local"
diff --git a/roles/openshift_logging_curator/meta/main.yaml b/roles/openshift_logging_curator/meta/main.yaml
index 6752fb7f9..9f7c6341c 100644
--- a/roles/openshift_logging_curator/meta/main.yaml
+++ b/roles/openshift_logging_curator/meta/main.yaml
@@ -13,3 +13,5 @@ galaxy_info:
- cloud
dependencies:
- role: lib_openshift
+- role: openshift_facts
+- role: lib_utils
diff --git a/roles/openshift_logging_curator/tasks/determine_version.yaml b/roles/openshift_logging_curator/tasks/determine_version.yaml
index 94f8b4a97..2013f4e38 100644
--- a/roles/openshift_logging_curator/tasks/determine_version.yaml
+++ b/roles/openshift_logging_curator/tasks/determine_version.yaml
@@ -1,16 +1,16 @@
---
# debating making this a module instead?
- fail:
- msg: Missing version to install provided by 'openshift_logging_image_version'
- when: not openshift_logging_image_version or openshift_logging_image_version == ''
+ msg: Missing version to install provided by 'openshift_logging_curator_image_version'
+ when: not openshift_logging_curator_image_version or openshift_logging_curator_image_version == ''
- set_fact:
curator_version: "{{ __latest_curator_version }}"
- when: openshift_logging_image_version == 'latest'
+ when: openshift_logging_curator_image_version == 'latest'
# should we just assume that we will have the correct major version?
-- set_fact: curator_version="{{ openshift_logging_image_version | regex_replace('^v?(?P<major>\d)\.(?P<minor>\d).*$', '3_\\g<minor>') }}"
- when: openshift_logging_image_version != 'latest'
+- set_fact: curator_version="{{ openshift_logging_curator_image_version | regex_replace('^v?(?P<major>\d)\.(?P<minor>\d).*$', '3_\\g<minor>') }}"
+ when: openshift_logging_curator_image_version != 'latest'
- fail:
msg: Invalid version specified for Curator
diff --git a/roles/openshift_logging_curator/tasks/main.yaml b/roles/openshift_logging_curator/tasks/main.yaml
index fcaf18ed4..e7ef5ff22 100644
--- a/roles/openshift_logging_curator/tasks/main.yaml
+++ b/roles/openshift_logging_curator/tasks/main.yaml
@@ -1,5 +1,18 @@
---
-- include: determine_version.yaml
+- name: Set default image variables based on deployment_type
+ include_vars: "{{ var_file_name }}"
+ with_first_found:
+ - "{{ openshift_deployment_type | default(deployment_type) }}.yml"
+ - "default_images.yml"
+ loop_control:
+ loop_var: var_file_name
+
+- name: Set curator image facts
+ set_fact:
+ openshift_logging_curator_image_prefix: "{{ openshift_logging_curator_image_prefix | default(__openshift_logging_curator_image_prefix) }}"
+ openshift_logging_curator_image_version: "{{ openshift_logging_curator_image_version | default(__openshift_logging_curator_image_version) }}"
+
+- include_tasks: determine_version.yaml
# allow passing in a tempdir
- name: Create temp directory for doing work in
@@ -35,7 +48,7 @@
name: "aggregated-logging-curator"
namespace: "{{ openshift_logging_namespace }}"
when:
- - openshift_logging_image_pull_secret == ''
+ - openshift_logging_image_pull_secret == ''
# configmap
- copy:
@@ -65,12 +78,12 @@
name: "logging-curator"
namespace: "{{ openshift_logging_namespace }}"
files:
- - name: ca
- path: "{{ generated_certs_dir }}/ca.crt"
- - name: key
- path: "{{ generated_certs_dir }}/system.logging.curator.key"
- - name: cert
- path: "{{ generated_certs_dir }}/system.logging.curator.crt"
+ - name: ca
+ path: "{{ generated_certs_dir }}/ca.crt"
+ - name: key
+ path: "{{ generated_certs_dir }}/system.logging.curator.key"
+ - name: cert
+ path: "{{ generated_certs_dir }}/system.logging.curator.crt"
- set_fact:
curator_name: "{{ 'logging-curator' ~ ( (openshift_logging_curator_ops_deployment | default(false) | bool) | ternary('-ops', '') ) }}"
@@ -104,7 +117,7 @@
namespace: "{{ openshift_logging_namespace }}"
kind: dc
files:
- - "{{ tempdir }}/templates/curator-dc.yaml"
+ - "{{ tempdir }}/templates/curator-dc.yaml"
delete_after: true
- name: Delete temp directory
diff --git a/roles/openshift_logging_curator/templates/curator.j2 b/roles/openshift_logging_curator/templates/curator.j2
index 462128366..8acff8141 100644
--- a/roles/openshift_logging_curator/templates/curator.j2
+++ b/roles/openshift_logging_curator/templates/curator.j2
@@ -30,7 +30,7 @@ spec:
serviceAccountName: aggregated-logging-curator
{% if curator_node_selector is iterable and curator_node_selector | length > 0 %}
nodeSelector:
-{% for key, value in curator_node_selector.iteritems() %}
+{% for key, value in curator_node_selector.items() %}
{{key}}: "{{value}}"
{% endfor %}
{% endif %}
diff --git a/roles/openshift_logging_curator/vars/default_images.yml b/roles/openshift_logging_curator/vars/default_images.yml
new file mode 100644
index 000000000..208b41afa
--- /dev/null
+++ b/roles/openshift_logging_curator/vars/default_images.yml
@@ -0,0 +1,3 @@
+---
+__openshift_logging_curator_image_prefix: "{{ openshift_logging_image_prefix | default('docker.io/openshift/origin-') }}"
+__openshift_logging_curator_image_version: "{{ openshift_logging_image_version | default('latest') }}"
diff --git a/roles/openshift_logging_curator/vars/openshift-enterprise.yml b/roles/openshift_logging_curator/vars/openshift-enterprise.yml
new file mode 100644
index 000000000..79cf131fd
--- /dev/null
+++ b/roles/openshift_logging_curator/vars/openshift-enterprise.yml
@@ -0,0 +1,3 @@
+---
+__openshift_logging_curator_image_prefix: "{{ openshift_logging_image_prefix | default('registry.access.redhat.com/openshift3/') }}"
+__openshift_logging_curator_image_version: "{{ openshift_logging_image_version | default ('v3.7') }}"
diff --git a/roles/openshift_logging_elasticsearch/defaults/main.yml b/roles/openshift_logging_elasticsearch/defaults/main.yml
index 9fc6fd1d8..0ea913224 100644
--- a/roles/openshift_logging_elasticsearch/defaults/main.yml
+++ b/roles/openshift_logging_elasticsearch/defaults/main.yml
@@ -1,7 +1,5 @@
---
### Common settings
-openshift_logging_elasticsearch_image_prefix: "{{ openshift_logging_image_prefix | default(__openshift_logging_image_prefix) }}"
-openshift_logging_elasticsearch_image_version: "{{ openshift_logging_image_version | default('latest') }}"
openshift_logging_elasticsearch_image_pull_secret: "{{ openshift_hosted_logging_image_pull_secret | default('') }}"
openshift_logging_elasticsearch_namespace: logging
@@ -33,6 +31,7 @@ openshift_logging_elasticsearch_pvc_name: ""
openshift_logging_elasticsearch_pvc_size: ""
openshift_logging_elasticsearch_pvc_dynamic: false
openshift_logging_elasticsearch_pvc_pv_selector: {}
+openshift_logging_elasticsearch_pvc_storage_class_name: ""
openshift_logging_elasticsearch_pvc_access_modes: ['ReadWriteOnce']
openshift_logging_elasticsearch_storage_group: ['65534']
diff --git a/roles/openshift_logging_elasticsearch/handlers/main.yml b/roles/openshift_logging_elasticsearch/handlers/main.yml
new file mode 100644
index 000000000..fa56897d0
--- /dev/null
+++ b/roles/openshift_logging_elasticsearch/handlers/main.yml
@@ -0,0 +1,13 @@
+---
+- name: "Restarting logging-{{ _cluster_component }} cluster"
+ listen: "restart elasticsearch"
+ include_tasks: restart_cluster.yml
+ with_items: "{{ _restart_logging_components }}"
+ loop_control:
+ loop_var: _cluster_component
+ when: not logging_elasticsearch_rollout_override | bool
+
+## Stop this from running more than once
+- set_fact:
+ logging_elasticsearch_rollout_override: True
+ listen: "restart elasticsearch"
diff --git a/roles/openshift_logging_elasticsearch/meta/main.yaml b/roles/openshift_logging_elasticsearch/meta/main.yaml
index 097270772..e93d6b73e 100644
--- a/roles/openshift_logging_elasticsearch/meta/main.yaml
+++ b/roles/openshift_logging_elasticsearch/meta/main.yaml
@@ -13,3 +13,5 @@ galaxy_info:
- cloud
dependencies:
- role: lib_openshift
+- role: openshift_facts
+- role: lib_utils
diff --git a/roles/openshift_logging_elasticsearch/tasks/determine_version.yaml b/roles/openshift_logging_elasticsearch/tasks/determine_version.yaml
index 1a952b5cf..c53a06019 100644
--- a/roles/openshift_logging_elasticsearch/tasks/determine_version.yaml
+++ b/roles/openshift_logging_elasticsearch/tasks/determine_version.yaml
@@ -1,18 +1,16 @@
---
# debating making this a module instead?
- fail:
- msg: Missing version to install provided by 'openshift_logging_image_version'
- when: not openshift_logging_image_version or openshift_logging_image_version == ''
+ msg: Missing version to install provided by 'openshift_logging_elasticsearch_image_version'
+ when: not openshift_logging_elasticsearch_image_version or openshift_logging_elasticsearch_image_version == ''
- set_fact:
es_version: "{{ __latest_es_version }}"
- when: openshift_logging_image_version == 'latest'
-
-- debug: var=openshift_logging_image_version
+ when: openshift_logging_elasticsearch_image_version == 'latest'
# should we just assume that we will have the correct major version?
-- set_fact: es_version="{{ openshift_logging_image_version | regex_replace('^v?(?P<major>\d)\.(?P<minor>\d).*$', '3_\\g<minor>') }}"
- when: openshift_logging_image_version != 'latest'
+- set_fact: es_version="{{ openshift_logging_elasticsearch_image_version | regex_replace('^v?(?P<major>\d)\.(?P<minor>\d).*$', '3_\\g<minor>') }}"
+ when: openshift_logging_elasticsearch_image_version != 'latest'
- fail:
msg: Invalid version specified for Elasticsearch
diff --git a/roles/openshift_logging_elasticsearch/tasks/main.yaml b/roles/openshift_logging_elasticsearch/tasks/main.yaml
index e7ef443bd..e91248d08 100644
--- a/roles/openshift_logging_elasticsearch/tasks/main.yaml
+++ b/roles/openshift_logging_elasticsearch/tasks/main.yaml
@@ -15,18 +15,22 @@
elasticsearch_name: "{{ 'logging-elasticsearch' ~ ( (openshift_logging_elasticsearch_ops_deployment | default(false) | bool) | ternary('-ops', '')) }}"
es_component: "{{ 'es' ~ ( (openshift_logging_elasticsearch_ops_deployment | default(false) | bool) | ternary('-ops', '') ) }}"
-- include: determine_version.yaml
-
- name: Set default image variables based on deployment_type
- include_vars: "{{ item }}"
+ include_vars: "{{ var_file_name }}"
with_first_found:
- "{{ openshift_deployment_type | default(deployment_type) }}.yml"
- "default_images.yml"
+ loop_control:
+ loop_var: var_file_name
-- name: Set elasticsearch_prefix image facts
+- name: Set elasticsearch image facts
set_fact:
openshift_logging_elasticsearch_proxy_image_prefix: "{{ openshift_logging_elasticsearch_proxy_image_prefix | default(__openshift_logging_elasticsearch_proxy_image_prefix) }}"
openshift_logging_elasticsearch_proxy_image_version: "{{ openshift_logging_elasticsearch_proxy_image_version | default(__openshift_logging_elasticsearch_proxy_image_version) }}"
+ openshift_logging_elasticsearch_image_prefix: "{{ openshift_logging_elasticsearch_image_prefix | default(__openshift_logging_elasticsearch_image_prefix) }}"
+ openshift_logging_elasticsearch_image_version: "{{ openshift_logging_elasticsearch_image_version | default(__openshift_logging_elasticsearch_image_version) }}"
+
+- include_tasks: determine_version.yaml
# allow passing in a tempdir
- name: Create temp directory for doing work in
@@ -200,7 +204,21 @@
from_file:
elasticsearch.yml: "{{ tempdir }}/elasticsearch.yml"
logging.yml: "{{ tempdir }}/elasticsearch-logging.yml"
+ register: es_config_creation
+ notify: "restart elasticsearch"
+
+- when: es_config_creation.changed | bool
+ block:
+ - set_fact:
+ _restart_logging_components: "{{ _restart_logging_components | default([]) + [es_component] | unique }}"
+ - shell: >
+ oc get dc -l component="{{ es_component }}" -n "{{ openshift_logging_elasticsearch_namespace }}" -o name | cut -d'/' -f2
+ register: _es_dcs
+
+ - set_fact:
+ _restart_logging_nodes: "{{ _restart_logging_nodes | default([]) + [_es_dcs.stdout] | unique }}"
+ when: _es_dcs.stdout != ""
# secret
- name: Set ES secret
@@ -266,7 +284,7 @@
port: 443
targetPort: 4443
selector:
- component: "{{ es_component }}-prometheus"
+ component: "{{ es_component }}"
provider: openshift
- oc_edit:
@@ -334,7 +352,7 @@
delete_after: true
- set_fact:
- es_deploy_name: "logging-{{ es_component }}-{{ openshift_logging_elasticsearch_deployment_type }}-{{ 8 | oo_random_word('abcdefghijklmnopqrstuvwxyz0123456789') }}"
+ es_deploy_name: "logging-{{ es_component }}-{{ openshift_logging_elasticsearch_deployment_type }}-{{ 8 | lib_utils_oo_random_word('abcdefghijklmnopqrstuvwxyz0123456789') }}"
when: openshift_logging_elasticsearch_deployment_name == ""
- set_fact:
@@ -371,6 +389,13 @@
files:
- "{{ tempdir }}/templates/logging-es-dc.yml"
delete_after: true
+ register: es_dc_creation
+ notify: "restart elasticsearch"
+
+- set_fact:
+ _restart_logging_components: "{{ _restart_logging_components | default([]) + [es_component] | unique }}"
+ _restart_logging_nodes: "{{ _restart_logging_nodes | default([]) + [es_deploy_name] | unique }}"
+ when: es_dc_creation.changed | bool
- name: Retrieving the cert to use when generating secrets for the {{ es_component }} component
slurp:
diff --git a/roles/openshift_logging_elasticsearch/tasks/restart_cluster.yml b/roles/openshift_logging_elasticsearch/tasks/restart_cluster.yml
new file mode 100644
index 000000000..4a32453e3
--- /dev/null
+++ b/roles/openshift_logging_elasticsearch/tasks/restart_cluster.yml
@@ -0,0 +1,35 @@
+---
+## get all pods for the cluster
+- command: >
+ oc get pod -l component={{ _cluster_component }},provider=openshift -n {{ openshift_logging_elasticsearch_namespace }} -o jsonpath={.items[*].metadata.name}
+ register: _cluster_pods
+
+- name: "Disable shard balancing for logging-{{ _cluster_component }} cluster"
+ command: >
+ oc exec {{ _cluster_pods.stdout.split(' ')[0] }} -c elasticsearch -n {{ openshift_logging_elasticsearch_namespace }} -- {{ __es_local_curl }} -XPUT 'https://localhost:9200/_cluster/settings' -d '{ "transient": { "cluster.routing.allocation.enable" : "none" } }'
+ register: _disable_output
+ changed_when: "'\"acknowledged\":true' in _disable_output.stdout"
+ when: _cluster_pods.stdout_lines | count > 0
+
+- command: >
+ oc get dc -l component={{ _cluster_component }},provider=openshift -n {{ openshift_logging_elasticsearch_namespace }} -o jsonpath={.items[*].metadata.name}
+ register: _cluster_dcs
+
+## restart the node if it's dc is in the list of nodes to restart?
+- name: "Restart ES node {{ _es_node }}"
+ include_tasks: restart_es_node.yml
+ with_items: "{{ _restart_logging_nodes }}"
+ loop_control:
+ loop_var: _es_node
+ when: _es_node in _cluster_dcs.stdout
+
+## we may need a new first pod to run against -- fetch them all again
+- command: >
+ oc get pod -l component={{ _cluster_component }},provider=openshift -n {{ openshift_logging_elasticsearch_namespace }} -o jsonpath={.items[*].metadata.name}
+ register: _cluster_pods
+
+- name: "Enable shard balancing for logging-{{ _cluster_component }} cluster"
+ command: >
+ oc exec {{ _cluster_pods.stdout.split(' ')[0] }} -c elasticsearch -n {{ openshift_logging_elasticsearch_namespace }} -- {{ __es_local_curl }} -XPUT 'https://localhost:9200/_cluster/settings' -d '{ "transient": { "cluster.routing.allocation.enable" : "all" } }'
+ register: _enable_output
+ changed_when: "'\"acknowledged\":true' in _enable_output.stdout"
diff --git a/roles/openshift_logging_elasticsearch/tasks/restart_es_node.yml b/roles/openshift_logging_elasticsearch/tasks/restart_es_node.yml
new file mode 100644
index 000000000..b07b232ce
--- /dev/null
+++ b/roles/openshift_logging_elasticsearch/tasks/restart_es_node.yml
@@ -0,0 +1,35 @@
+---
+- name: "Rolling out new pod(s) for {{ _es_node }}"
+ command: >
+ oc rollout latest {{ _es_node }} -n {{ openshift_logging_elasticsearch_namespace }}
+
+- name: "Waiting for {{ _es_node }} to finish scaling up"
+ oc_obj:
+ state: list
+ name: "{{ _es_node }}"
+ namespace: "{{ openshift_logging_elasticsearch_namespace }}"
+ kind: dc
+ register: _dc_output
+ until:
+ - _dc_output.results.results[0].status is defined
+ - _dc_output.results.results[0].status.readyReplicas is defined
+ - _dc_output.results.results[0].status.readyReplicas > 0
+ retries: 60
+ delay: 30
+
+- name: Gettings name(s) of replica pod(s)
+ command: >
+ oc get pods -l deploymentconfig={{ _es_node }} -n {{ openshift_logging_elasticsearch_namespace }} -o jsonpath={.items[*].metadata.name}
+ register: _pods
+
+- name: "Waiting for ES to be ready for {{ _es_node }}"
+ shell: >
+ oc exec "{{ _pod }}" -c elasticsearch -n "{{ openshift_logging_elasticsearch_namespace }}" -- {{ __es_local_curl }} https://localhost:9200/_cat/health | cut -d' ' -f4
+ with_items: "{{ _pods.stdout.split(' ') }}"
+ loop_control:
+ loop_var: _pod
+ register: _pod_status
+ until: _pod_status.stdout in ['green', 'yellow']
+ retries: 60
+ delay: 5
+ changed_when: false
diff --git a/roles/openshift_logging_elasticsearch/templates/es.j2 b/roles/openshift_logging_elasticsearch/templates/es.j2
index 0c7d8b46e..4b189f255 100644
--- a/roles/openshift_logging_elasticsearch/templates/es.j2
+++ b/roles/openshift_logging_elasticsearch/templates/es.j2
@@ -9,6 +9,7 @@ metadata:
logging-infra: "{{logging_component}}"
spec:
replicas: {{es_replicas|default(1)}}
+ revisionHistoryLimit: 0
selector:
provider: openshift
component: "{{component}}"
@@ -16,6 +17,7 @@ spec:
logging-infra: "{{logging_component}}"
strategy:
type: Recreate
+ triggers: []
template:
metadata:
name: "{{deploy_name}}"
@@ -34,7 +36,7 @@ spec:
{% endfor %}
{% if es_node_selector is iterable and es_node_selector | length > 0 %}
nodeSelector:
-{% for key, value in es_node_selector.iteritems() %}
+{% for key, value in es_node_selector.items() %}
{{key}}: "{{value}}"
{% endfor %}
{% endif %}
@@ -48,7 +50,7 @@ spec:
- -provider=openshift
- -client-id={{openshift_logging_elasticsearch_prometheus_sa}}
- -client-secret-file=/var/run/secrets/kubernetes.io/serviceaccount/token
- - -cookie-secret={{ 16 | oo_random_word | b64encode }}
+ - -cookie-secret={{ 16 | lib_utils_oo_random_word | b64encode }}
- -upstream=https://localhost:9200
- '-openshift-sar={"namespace": "{{ openshift_logging_elasticsearch_namespace}}", "verb": "view", "resource": "prometheus", "group": "metrics.openshift.io"}'
- '-openshift-delegate-urls={"/": {"resource": "prometheus", "verb": "view", "group": "metrics.openshift.io", "namespace": "{{ openshift_logging_elasticsearch_namespace}}"}}'
diff --git a/roles/openshift_logging_elasticsearch/templates/pvc.j2 b/roles/openshift_logging_elasticsearch/templates/pvc.j2
index 063f9c5ae..3c6896df4 100644
--- a/roles/openshift_logging_elasticsearch/templates/pvc.j2
+++ b/roles/openshift_logging_elasticsearch/templates/pvc.j2
@@ -6,7 +6,7 @@ metadata:
logging-infra: support
{% if annotations is defined %}
annotations:
-{% for key,value in annotations.iteritems() %}
+{% for key,value in annotations.items() %}
{{key}}: {{value}}
{% endfor %}
{% endif %}
@@ -14,7 +14,7 @@ spec:
{% if pv_selector is defined and pv_selector is mapping %}
selector:
matchLabels:
-{% for key,value in pv_selector.iteritems() %}
+{% for key,value in pv_selector.items() %}
{{key}}: {{value}}
{% endfor %}
{% endif %}
diff --git a/roles/openshift_logging_elasticsearch/templates/route_reencrypt.j2 b/roles/openshift_logging_elasticsearch/templates/route_reencrypt.j2
index cf8a9e65f..d2e8b8bcb 100644
--- a/roles/openshift_logging_elasticsearch/templates/route_reencrypt.j2
+++ b/roles/openshift_logging_elasticsearch/templates/route_reencrypt.j2
@@ -4,7 +4,7 @@ metadata:
name: "{{obj_name}}"
{% if labels is defined%}
labels:
-{% for key, value in labels.iteritems() %}
+{% for key, value in labels.items() %}
{{key}}: {{value}}
{% endfor %}
{% endif %}
diff --git a/roles/openshift_logging_elasticsearch/vars/default_images.yml b/roles/openshift_logging_elasticsearch/vars/default_images.yml
index b7d105caf..cef49dd92 100644
--- a/roles/openshift_logging_elasticsearch/vars/default_images.yml
+++ b/roles/openshift_logging_elasticsearch/vars/default_images.yml
@@ -1,3 +1,5 @@
---
-__openshift_logging_elasticsearch_proxy_image_prefix: "docker.io/openshift/"
-__openshift_logging_elasticsearch_proxy_image_version: "v1.0.0"
+__openshift_logging_elasticsearch_image_prefix: "{{ openshift_logging_image_prefix | default('docker.io/openshift/origin-') }}"
+__openshift_logging_elasticsearch_image_version: "{{ openshift_logging_image_version | default('latest') }}"
+__openshift_logging_elasticsearch_proxy_image_prefix: "{{ openshift_logging_image_prefix | default('docker.io/openshift/') }}"
+__openshift_logging_elasticsearch_proxy_image_version: "{{ openshift_logging_image_version | default('v1.0.0') }}"
diff --git a/roles/openshift_logging_elasticsearch/vars/main.yml b/roles/openshift_logging_elasticsearch/vars/main.yml
index 09e2ee4d0..c8e995146 100644
--- a/roles/openshift_logging_elasticsearch/vars/main.yml
+++ b/roles/openshift_logging_elasticsearch/vars/main.yml
@@ -5,6 +5,8 @@ __allowed_es_types: ["data-master", "data-client", "master", "client"]
__es_log_appenders: ['file', 'console']
__kibana_index_modes: ["unique", "shared_ops"]
+__es_local_curl: "curl -s --cacert /etc/elasticsearch/secret/admin-ca --cert /etc/elasticsearch/secret/admin-cert --key /etc/elasticsearch/secret/admin-key"
+
# TODO: integrate these
openshift_master_config_dir: "{{ openshift.common.config_base }}/master"
es_node_quorum: "{{ openshift_logging_elasticsearch_replica_count | int/2 + 1 }}"
diff --git a/roles/openshift_logging_elasticsearch/vars/openshift-enterprise.yml b/roles/openshift_logging_elasticsearch/vars/openshift-enterprise.yml
index 2fd960bb5..07d92896f 100644
--- a/roles/openshift_logging_elasticsearch/vars/openshift-enterprise.yml
+++ b/roles/openshift_logging_elasticsearch/vars/openshift-enterprise.yml
@@ -1,3 +1,5 @@
---
+__openshift_logging_elasticsearch_image_prefix: "{{ openshift_logging_image_prefix | default('registry.access.redhat.com/openshift3/') }}"
+__openshift_logging_elasticsearch_image_version: "{{ openshift_logging_image_version | default ('v3.7') }}"
__openshift_logging_elasticsearch_proxy_image_prefix: "{{ openshift_logging_image_prefix | default('registry.access.redhat.com/openshift3/') }}"
-__openshift_logging_elasticsearch_proxy_image_version: "v3.7"
+__openshift_logging_elasticsearch_proxy_image_version: "{{ openshift_logging_image_version | default ('v3.7') }}"
diff --git a/roles/openshift_logging_eventrouter/defaults/main.yaml b/roles/openshift_logging_eventrouter/defaults/main.yaml
index 4c0350c98..62542f496 100644
--- a/roles/openshift_logging_eventrouter/defaults/main.yaml
+++ b/roles/openshift_logging_eventrouter/defaults/main.yaml
@@ -1,6 +1,4 @@
---
-openshift_logging_eventrouter_image_prefix: "{{ openshift_logging_image_prefix | default(__openshift_logging_image_prefix) }}"
-openshift_logging_eventrouter_image_version: "{{ openshift_logging_image_version | default('latest') }}"
openshift_logging_eventrouter_replicas: 1
openshift_logging_eventrouter_sink: stdout
openshift_logging_eventrouter_nodeselector: ""
diff --git a/roles/openshift_logging_eventrouter/meta/main.yaml b/roles/openshift_logging_eventrouter/meta/main.yaml
new file mode 100644
index 000000000..711bb8f22
--- /dev/null
+++ b/roles/openshift_logging_eventrouter/meta/main.yaml
@@ -0,0 +1,17 @@
+---
+galaxy_info:
+ author: OpenShift Red Hat
+ description: OpenShift Aggregated Logging Eventrouter
+ company: Red Hat, Inc.
+ license: Apache License, Version 2.0
+ min_ansible_version: 2.2
+ platforms:
+ - name: EL
+ versions:
+ - 7
+ categories:
+ - cloud
+dependencies:
+- role: lib_openshift
+- role: openshift_facts
+- role: lib_utils
diff --git a/roles/openshift_logging_eventrouter/tasks/main.yaml b/roles/openshift_logging_eventrouter/tasks/main.yaml
index 58e5a559f..96b181d61 100644
--- a/roles/openshift_logging_eventrouter/tasks/main.yaml
+++ b/roles/openshift_logging_eventrouter/tasks/main.yaml
@@ -1,6 +1,19 @@
---
-- include: "{{ role_path }}/tasks/install_eventrouter.yaml"
+- name: Set default image variables based on deployment_type
+ include_vars: "{{ var_file_name }}"
+ with_first_found:
+ - "{{ openshift_deployment_type | default(deployment_type) }}.yml"
+ - "default_images.yml"
+ loop_control:
+ loop_var: var_file_name
+
+- name: Set eventrouter image facts
+ set_fact:
+ openshift_logging_eventrouter_image_prefix: "{{ openshift_logging_eventrouter_image_prefix | default(__openshift_logging_eventrouter_image_prefix) }}"
+ openshift_logging_eventrouter_image_version: "{{ openshift_logging_eventrouter_image_version | default(__openshift_logging_eventrouter_image_version) }}"
+
+- include_tasks: install_eventrouter.yaml
when: openshift_logging_install_eventrouter | default(false) | bool
-- include: "{{ role_path }}/tasks/delete_eventrouter.yaml"
+- include_tasks: delete_eventrouter.yaml
when: not openshift_logging_install_eventrouter | default(false) | bool
diff --git a/roles/openshift_logging_eventrouter/templates/eventrouter-template.j2 b/roles/openshift_logging_eventrouter/templates/eventrouter-template.j2
index 5a4f7f762..3bd29163b 100644
--- a/roles/openshift_logging_eventrouter/templates/eventrouter-template.j2
+++ b/roles/openshift_logging_eventrouter/templates/eventrouter-template.j2
@@ -42,7 +42,7 @@ objects:
component: eventrouter
logging-infra: eventrouter
provider: openshift
- replicas: ${REPLICAS}
+ replicas: "${{ '{{' }}REPLICAS{{ '}}' }}"
template:
metadata:
labels:
@@ -55,7 +55,7 @@ objects:
serviceAccountName: aggregated-logging-eventrouter
{% if node_selector is iterable and node_selector | length > 0 %}
nodeSelector:
-{% for key, value in node_selector.iteritems() %}
+{% for key, value in node_selector.items() %}
{{ key }}: "{{ value }}"
{% endfor %}
{% endif %}
diff --git a/roles/openshift_logging_eventrouter/vars/default_images.yml b/roles/openshift_logging_eventrouter/vars/default_images.yml
new file mode 100644
index 000000000..dbfe2d697
--- /dev/null
+++ b/roles/openshift_logging_eventrouter/vars/default_images.yml
@@ -0,0 +1,3 @@
+---
+__openshift_logging_eventrouter_image_prefix: "{{ openshift_logging_image_prefix | default('docker.io/openshift/origin-') }}"
+__openshift_logging_eventrouter_image_version: "{{ openshift_logging_image_version | default('latest') }}"
diff --git a/roles/openshift_logging_eventrouter/vars/openshift-enterprise.yml b/roles/openshift_logging_eventrouter/vars/openshift-enterprise.yml
new file mode 100644
index 000000000..bb7dc6455
--- /dev/null
+++ b/roles/openshift_logging_eventrouter/vars/openshift-enterprise.yml
@@ -0,0 +1,3 @@
+---
+__openshift_logging_eventrouter_image_prefix: "{{ openshift_logging_image_prefix | default('registry.access.redhat.com/openshift3/') }}"
+__openshift_logging_eventrouter_image_version: "{{ openshift_logging_image_version | default ('v3.7') }}"
diff --git a/roles/openshift_logging_fluentd/defaults/main.yml b/roles/openshift_logging_fluentd/defaults/main.yml
index 861935c99..9b58e4456 100644
--- a/roles/openshift_logging_fluentd/defaults/main.yml
+++ b/roles/openshift_logging_fluentd/defaults/main.yml
@@ -1,7 +1,5 @@
---
### General logging settings
-openshift_logging_fluentd_image_prefix: "{{ openshift_logging_image_prefix | default(__openshift_logging_image_prefix) }}"
-openshift_logging_fluentd_image_version: "{{ openshift_logging_image_version | default('latest') }}"
openshift_logging_fluentd_image_pull_secret: "{{ openshift_hosted_logging_image_pull_secret | default('') }}"
openshift_logging_fluentd_master_url: "https://kubernetes.default.svc.{{ openshift.common.dns_domain }}"
openshift_logging_fluentd_namespace: logging
diff --git a/roles/openshift_logging_fluentd/files/secure-forward.conf b/roles/openshift_logging_fluentd/files/secure-forward.conf
index f4483df79..87410c1c5 100644
--- a/roles/openshift_logging_fluentd/files/secure-forward.conf
+++ b/roles/openshift_logging_fluentd/files/secure-forward.conf
@@ -1,3 +1,4 @@
+# <store>
# @type secure_forward
# self_hostname ${HOSTNAME}
@@ -22,3 +23,4 @@
# specify hostlabel for FQDN verification if ipaddress is used for host
# hostlabel server.fqdn.example.com
# </server>
+# </store>
diff --git a/roles/openshift_logging_fluentd/meta/main.yaml b/roles/openshift_logging_fluentd/meta/main.yaml
index 2003aacb2..62f076780 100644
--- a/roles/openshift_logging_fluentd/meta/main.yaml
+++ b/roles/openshift_logging_fluentd/meta/main.yaml
@@ -13,3 +13,5 @@ galaxy_info:
- cloud
dependencies:
- role: lib_openshift
+- role: openshift_facts
+- role: lib_utils
diff --git a/roles/openshift_logging_fluentd/tasks/determine_version.yaml b/roles/openshift_logging_fluentd/tasks/determine_version.yaml
index a1ba71b1b..6848eb512 100644
--- a/roles/openshift_logging_fluentd/tasks/determine_version.yaml
+++ b/roles/openshift_logging_fluentd/tasks/determine_version.yaml
@@ -1,16 +1,16 @@
---
# debating making this a module instead?
- fail:
- msg: Missing version to install provided by 'openshift_logging_image_version'
- when: not openshift_logging_image_version or openshift_logging_image_version == ''
+ msg: Missing version to install provided by 'openshift_logging_fluentd_image_version'
+ when: not openshift_logging_fluentd_image_version or openshift_logging_fluentd_image_version == ''
- set_fact:
fluentd_version: "{{ __latest_fluentd_version }}"
- when: openshift_logging_image_version == 'latest'
+ when: openshift_logging_fluentd_image_version == 'latest'
# should we just assume that we will have the correct major version?
-- set_fact: fluentd_version="{{ openshift_logging_image_version | regex_replace('^v?(?P<major>\d)\.(?P<minor>\d).*$', '3_\\g<minor>') }}"
- when: openshift_logging_image_version != 'latest'
+- set_fact: fluentd_version="{{ openshift_logging_fluentd_image_version | regex_replace('^v?(?P<major>\d)\.(?P<minor>\d).*$', '3_\\g<minor>') }}"
+ when: openshift_logging_fluentd_image_version != 'latest'
- fail:
msg: Invalid version specified for Fluentd
diff --git a/roles/openshift_logging_fluentd/tasks/label_and_wait.yaml b/roles/openshift_logging_fluentd/tasks/label_and_wait.yaml
index e92a35f27..1cef6c25e 100644
--- a/roles/openshift_logging_fluentd/tasks/label_and_wait.yaml
+++ b/roles/openshift_logging_fluentd/tasks/label_and_wait.yaml
@@ -4,7 +4,8 @@
name: "{{ node }}"
kind: node
state: add
- labels: "{{ openshift_logging_fluentd_nodeselector | oo_dict_to_list_of_dict }}"
+ labels: "{{ openshift_logging_fluentd_nodeselector | lib_utils_oo_dict_to_list_of_dict }}"
# wait half a second between labels
- local_action: command sleep {{ openshift_logging_fluentd_label_delay | default('.5') }}
+ become: no
diff --git a/roles/openshift_logging_fluentd/tasks/main.yaml b/roles/openshift_logging_fluentd/tasks/main.yaml
index 2f89c3f9f..87eedfb4b 100644
--- a/roles/openshift_logging_fluentd/tasks/main.yaml
+++ b/roles/openshift_logging_fluentd/tasks/main.yaml
@@ -34,7 +34,20 @@
msg: WARNING Use of openshift_logging_mux_client_mode=minimal is not recommended due to current scaling issues
when: openshift_logging_mux_client_mode is defined and openshift_logging_mux_client_mode == 'minimal'
-- include: determine_version.yaml
+- name: Set default image variables based on deployment_type
+ include_vars: "{{ var_file_name }}"
+ with_first_found:
+ - "{{ openshift_deployment_type | default(deployment_type) }}.yml"
+ - "default_images.yml"
+ loop_control:
+ loop_var: var_file_name
+
+- name: Set fluentd image facts
+ set_fact:
+ openshift_logging_fluentd_image_prefix: "{{ openshift_logging_fluentd_image_prefix | default(__openshift_logging_fluentd_image_prefix) }}"
+ openshift_logging_fluentd_image_version: "{{ openshift_logging_fluentd_image_version | default(__openshift_logging_fluentd_image_version) }}"
+
+- include_tasks: determine_version.yaml
# allow passing in a tempdir
- name: Create temp directory for doing work in
@@ -69,7 +82,7 @@
name: "aggregated-logging-fluentd"
namespace: "{{ openshift_logging_fluentd_namespace }}"
when:
- - openshift_logging_image_pull_secret == ''
+ - openshift_logging_image_pull_secret == ''
# set service account scc
- name: Set privileged permissions for Fluentd
@@ -146,12 +159,12 @@
name: logging-fluentd
namespace: "{{ openshift_logging_fluentd_namespace }}"
files:
- - name: ca
- path: "{{ generated_certs_dir }}/ca.crt"
- - name: key
- path: "{{ generated_certs_dir }}/system.logging.fluentd.key"
- - name: cert
- path: "{{ generated_certs_dir }}/system.logging.fluentd.crt"
+ - name: ca
+ path: "{{ generated_certs_dir }}/ca.crt"
+ - name: key
+ path: "{{ generated_certs_dir }}/system.logging.fluentd.key"
+ - name: cert
+ path: "{{ generated_certs_dir }}/system.logging.fluentd.crt"
# create Fluentd daemonset
# this should change based on the type of fluentd deployment to be done...
@@ -187,7 +200,7 @@
namespace: "{{ openshift_logging_fluentd_namespace }}"
kind: daemonset
files:
- - "{{ tempdir }}/templates/logging-fluentd.yaml"
+ - "{{ tempdir }}/templates/logging-fluentd.yaml"
delete_after: true
# Scale up Fluentd
@@ -203,7 +216,7 @@
openshift_logging_fluentd_hosts: "{{ fluentd_hosts.results.results[0]['items'] | map(attribute='metadata.name') | list }}"
when: "'--all' in openshift_logging_fluentd_hosts"
-- include: label_and_wait.yaml
+- include_tasks: label_and_wait.yaml
vars:
node: "{{ fluentd_host }}"
with_items: "{{ openshift_logging_fluentd_hosts }}"
diff --git a/roles/openshift_logging_fluentd/templates/fluentd.j2 b/roles/openshift_logging_fluentd/templates/fluentd.j2
index 10283316c..c6256cf49 100644
--- a/roles/openshift_logging_fluentd/templates/fluentd.j2
+++ b/roles/openshift_logging_fluentd/templates/fluentd.j2
@@ -130,7 +130,7 @@ spec:
containerName: "{{ daemonset_container_name }}"
resource: limits.memory
- name: "FILE_BUFFER_LIMIT"
- value: "{{ openshift_logging_fluentd_file_buffer_limit | default('256i') }}"
+ value: "{{ openshift_logging_fluentd_file_buffer_limit | default('256Mi') }}"
{% if openshift_logging_mux_client_mode is defined and
((openshift_logging_mux_allow_external is defined and openshift_logging_mux_allow_external | bool) or
(openshift_logging_use_mux is defined and openshift_logging_use_mux | bool)) %}
diff --git a/roles/openshift_logging_fluentd/vars/default_images.yml b/roles/openshift_logging_fluentd/vars/default_images.yml
new file mode 100644
index 000000000..6d127b730
--- /dev/null
+++ b/roles/openshift_logging_fluentd/vars/default_images.yml
@@ -0,0 +1,3 @@
+---
+__openshift_logging_fluentd_image_prefix: "{{ openshift_logging_image_prefix | default('docker.io/openshift/origin-') }}"
+__openshift_logging_fluentd_image_version: "{{ openshift_logging_image_version | default('latest') }}"
diff --git a/roles/openshift_logging_fluentd/vars/openshift-enterprise.yml b/roles/openshift_logging_fluentd/vars/openshift-enterprise.yml
new file mode 100644
index 000000000..d0c74f1fb
--- /dev/null
+++ b/roles/openshift_logging_fluentd/vars/openshift-enterprise.yml
@@ -0,0 +1,3 @@
+---
+__openshift_logging_fluentd_image_prefix: "{{ openshift_logging_image_prefix | default('registry.access.redhat.com/openshift3/') }}"
+__openshift_logging_fluentd_image_version: "{{ openshift_logging_image_version | default ('v3.7') }}"
diff --git a/roles/openshift_logging_kibana/defaults/main.yml b/roles/openshift_logging_kibana/defaults/main.yml
index 1366e96cd..899193838 100644
--- a/roles/openshift_logging_kibana/defaults/main.yml
+++ b/roles/openshift_logging_kibana/defaults/main.yml
@@ -2,8 +2,6 @@
### Common settings
openshift_logging_kibana_master_url: "https://kubernetes.default.svc.cluster.local"
openshift_logging_kibana_master_public_url: "https://kubernetes.default.svc.cluster.local"
-openshift_logging_kibana_image_prefix: "{{ openshift_logging_image_prefix | default(__openshift_logging_image_prefix) }}"
-openshift_logging_kibana_image_version: "{{ openshift_logging_image_version | default('latest') }}"
openshift_logging_kibana_image_pull_secret: "{{ openshift_hosted_logging_image_pull_secret | default('') }}"
openshift_logging_kibana_namespace: logging
@@ -12,7 +10,7 @@ openshift_logging_kibana_cpu_limit: null
openshift_logging_kibana_cpu_request: 100m
openshift_logging_kibana_memory_limit: 736Mi
-openshift_logging_kibana_hostname: "{{ openshift_hosted_logging_hostname | default('kibana.' ~ (openshift_master_default_subdomain | default('router.default.svc.cluster.local', true))) }}"
+openshift_logging_kibana_hostname: "{{ openshift_hosted_logging_hostname | default('kibana.' ~ openshift_master_default_subdomain) }}"
openshift_logging_kibana_es_host: "logging-es"
openshift_logging_kibana_es_port: 9200
@@ -25,8 +23,6 @@ openshift_logging_kibana_edge_term_policy: Redirect
openshift_logging_kibana_ops_deployment: false
# Proxy settings
-openshift_logging_kibana_proxy_image_prefix: "{{ openshift_logging_image_prefix | default(__openshift_logging_image_prefix) }}"
-openshift_logging_kibana_proxy_image_version: "{{ openshift_logging_image_version | default('latest') }}"
openshift_logging_kibana_proxy_debug: false
openshift_logging_kibana_proxy_cpu_limit: null
openshift_logging_kibana_proxy_cpu_request: 100m
diff --git a/roles/openshift_logging_kibana/meta/main.yaml b/roles/openshift_logging_kibana/meta/main.yaml
index 89e08abc0..d9d76dfe0 100644
--- a/roles/openshift_logging_kibana/meta/main.yaml
+++ b/roles/openshift_logging_kibana/meta/main.yaml
@@ -13,3 +13,5 @@ galaxy_info:
- cloud
dependencies:
- role: lib_openshift
+- role: openshift_facts
+- role: lib_utils
diff --git a/roles/openshift_logging_kibana/tasks/determine_version.yaml b/roles/openshift_logging_kibana/tasks/determine_version.yaml
index 53e15af5f..63e5a89f1 100644
--- a/roles/openshift_logging_kibana/tasks/determine_version.yaml
+++ b/roles/openshift_logging_kibana/tasks/determine_version.yaml
@@ -1,16 +1,16 @@
---
# debating making this a module instead?
- fail:
- msg: Missing version to install provided by 'openshift_logging_image_version'
- when: not openshift_logging_image_version or openshift_logging_image_version == ''
+ msg: Missing version to install provided by 'openshift_logging_kibana_image_version'
+ when: not openshift_logging_kibana_image_version or openshift_logging_kibana_image_version == ''
- set_fact:
kibana_version: "{{ __latest_kibana_version }}"
- when: openshift_logging_image_version == 'latest'
+ when: openshift_logging_kibana_image_version == 'latest'
# should we just assume that we will have the correct major version?
-- set_fact: kibana_version="{{ openshift_logging_image_version | regex_replace('^v?(?P<major>\d)\.(?P<minor>\d).*$', '3_\\g<minor>') }}"
- when: openshift_logging_image_version != 'latest'
+- set_fact: kibana_version="{{ openshift_logging_kibana_image_version | regex_replace('^v?(?P<major>\d)\.(?P<minor>\d).*$', '3_\\g<minor>') }}"
+ when: openshift_logging_kibana_image_version != 'latest'
- fail:
msg: Invalid version specified for Kibana
diff --git a/roles/openshift_logging_kibana/tasks/main.yaml b/roles/openshift_logging_kibana/tasks/main.yaml
index 8ef8ede9a..a00248d11 100644
--- a/roles/openshift_logging_kibana/tasks/main.yaml
+++ b/roles/openshift_logging_kibana/tasks/main.yaml
@@ -1,7 +1,21 @@
---
# fail is we don't have an endpoint for ES to connect to?
+- name: Set default image variables based on deployment_type
+ include_vars: "{{ var_file_name }}"
+ with_first_found:
+ - "{{ openshift_deployment_type | default(deployment_type) }}.yml"
+ - "default_images.yml"
+ loop_control:
+ loop_var: var_file_name
-- include: determine_version.yaml
+- name: Set kibana image facts
+ set_fact:
+ openshift_logging_kibana_image_prefix: "{{ openshift_logging_kibana_image_prefix | default(__openshift_logging_kibana_image_prefix) }}"
+ openshift_logging_kibana_image_version: "{{ openshift_logging_kibana_image_version | default(__openshift_logging_kibana_image_version) }}"
+ openshift_logging_kibana_proxy_image_prefix: "{{ openshift_logging_kibana_proxy_image_prefix | default(__openshift_logging_kibana_proxy_image_prefix) }}"
+ openshift_logging_kibana_proxy_image_version: "{{ openshift_logging_kibana_proxy_image_version | default(__openshift_logging_kibana_proxy_image_version) }}"
+
+- include_tasks: determine_version.yaml
# allow passing in a tempdir
- name: Create temp directory for doing work in
@@ -37,7 +51,7 @@
name: "aggregated-logging-kibana"
namespace: "{{ openshift_logging_namespace }}"
when:
- - openshift_logging_image_pull_secret == ''
+ - openshift_logging_image_pull_secret == ''
- set_fact:
kibana_name: "{{ 'logging-kibana' ~ ( (openshift_logging_kibana_ops_deployment | default(false) | bool) | ternary('-ops', '')) }}"
@@ -55,30 +69,30 @@
# gen session_secret if necessary
- name: Generate session secret
copy:
- content: "{{ 200 | oo_random_word }}"
+ content: "{{ 200 | lib_utils_oo_random_word }}"
dest: "{{ generated_certs_dir }}/session_secret"
when:
- - not session_secret_file.stat.exists
+ - not session_secret_file.stat.exists
# gen oauth_secret if necessary
- name: Generate oauth secret
copy:
- content: "{{ 64 | oo_random_word }}"
+ content: "{{ 64 | lib_utils_oo_random_word }}"
dest: "{{ generated_certs_dir }}/oauth_secret"
when:
- - not oauth_secret_file.stat.exists
+ - not oauth_secret_file.stat.exists
- name: Retrieving the cert to use when generating secrets for the logging components
slurp:
src: "{{ generated_certs_dir }}/{{ item.file }}"
register: key_pairs
with_items:
- - { name: "ca_file", file: "ca.crt" }
- - { name: "kibana_internal_key", file: "kibana-internal.key"}
- - { name: "kibana_internal_cert", file: "kibana-internal.crt"}
- - { name: "server_tls", file: "server-tls.json"}
- - { name: "session_secret", file: "session_secret" }
- - { name: "oauth_secret", file: "oauth_secret" }
+ - { name: "ca_file", file: "ca.crt" }
+ - { name: "kibana_internal_key", file: "kibana-internal.key"}
+ - { name: "kibana_internal_cert", file: "kibana-internal.crt"}
+ - { name: "server_tls", file: "server-tls.json"}
+ - { name: "session_secret", file: "session_secret" }
+ - { name: "oauth_secret", file: "oauth_secret" }
# services
- name: Set {{ kibana_name }} service
@@ -92,8 +106,8 @@
labels:
logging-infra: 'support'
ports:
- - port: 443
- targetPort: "oaproxy"
+ - port: 443
+ targetPort: "oaproxy"
# create routes
# TODO: set up these certs differently?
@@ -144,7 +158,7 @@
namespace: "{{ openshift_logging_namespace }}"
kind: route
files:
- - "{{ tempdir }}/templates/kibana-route.yaml"
+ - "{{ tempdir }}/templates/kibana-route.yaml"
# preserve list of current hostnames
- name: Get current oauthclient hostnames
@@ -173,7 +187,7 @@
namespace: "{{ openshift_logging_namespace }}"
kind: oauthclient
files:
- - "{{ tempdir }}/templates/oauth-client.yml"
+ - "{{ tempdir }}/templates/oauth-client.yml"
delete_after: true
# create Kibana secret
@@ -183,12 +197,12 @@
name: "logging-kibana"
namespace: "{{ openshift_logging_namespace }}"
files:
- - name: ca
- path: "{{ generated_certs_dir }}/ca.crt"
- - name: key
- path: "{{ generated_certs_dir }}/system.logging.kibana.key"
- - name: cert
- path: "{{ generated_certs_dir }}/system.logging.kibana.crt"
+ - name: ca
+ path: "{{ generated_certs_dir }}/ca.crt"
+ - name: key
+ path: "{{ generated_certs_dir }}/system.logging.kibana.key"
+ - name: cert
+ path: "{{ generated_certs_dir }}/system.logging.kibana.crt"
# create Kibana-proxy secret
- name: Set Kibana Proxy secret
@@ -205,16 +219,16 @@
#- name: server-tls.json
# path: "{{ generated_certs_dir }}/server-tls.json"
contents:
- - path: oauth-secret
- data: "{{ key_pairs | entry_from_named_pair('oauth_secret') | b64decode }}"
- - path: session-secret
- data: "{{ key_pairs | entry_from_named_pair('session_secret') | b64decode }}"
- - path: server-key
- data: "{{ key_pairs | entry_from_named_pair('kibana_internal_key') | b64decode }}"
- - path: server-cert
- data: "{{ key_pairs | entry_from_named_pair('kibana_internal_cert') | b64decode }}"
- - path: server-tls.json
- data: "{{ key_pairs | entry_from_named_pair('server_tls') | b64decode }}"
+ - path: oauth-secret
+ data: "{{ key_pairs | entry_from_named_pair('oauth_secret') | b64decode }}"
+ - path: session-secret
+ data: "{{ key_pairs | entry_from_named_pair('session_secret') | b64decode }}"
+ - path: server-key
+ data: "{{ key_pairs | entry_from_named_pair('kibana_internal_key') | b64decode }}"
+ - path: server-cert
+ data: "{{ key_pairs | entry_from_named_pair('kibana_internal_cert') | b64decode }}"
+ - path: server-tls.json
+ data: "{{ key_pairs | entry_from_named_pair('server_tls') | b64decode }}"
# create Kibana DC
- name: Generate Kibana DC template
@@ -245,7 +259,7 @@
namespace: "{{ openshift_logging_namespace }}"
kind: dc
files:
- - "{{ tempdir }}/templates/kibana-dc.yaml"
+ - "{{ tempdir }}/templates/kibana-dc.yaml"
delete_after: true
# update master configs?
diff --git a/roles/openshift_logging_kibana/templates/kibana.j2 b/roles/openshift_logging_kibana/templates/kibana.j2
index 4ff86729a..57d216373 100644
--- a/roles/openshift_logging_kibana/templates/kibana.j2
+++ b/roles/openshift_logging_kibana/templates/kibana.j2
@@ -29,7 +29,7 @@ spec:
serviceAccountName: aggregated-logging-kibana
{% if kibana_node_selector is iterable and kibana_node_selector | length > 0 %}
nodeSelector:
-{% for key, value in kibana_node_selector.iteritems() %}
+{% for key, value in kibana_node_selector.items() %}
{{ key }}: "{{ value }}"
{% endfor %}
{% endif %}
diff --git a/roles/openshift_logging_kibana/templates/route_reencrypt.j2 b/roles/openshift_logging_kibana/templates/route_reencrypt.j2
index cf8a9e65f..d2e8b8bcb 100644
--- a/roles/openshift_logging_kibana/templates/route_reencrypt.j2
+++ b/roles/openshift_logging_kibana/templates/route_reencrypt.j2
@@ -4,7 +4,7 @@ metadata:
name: "{{obj_name}}"
{% if labels is defined%}
labels:
-{% for key, value in labels.iteritems() %}
+{% for key, value in labels.items() %}
{{key}}: {{value}}
{% endfor %}
{% endif %}
diff --git a/roles/openshift_logging_kibana/vars/default_images.yml b/roles/openshift_logging_kibana/vars/default_images.yml
new file mode 100644
index 000000000..db0f9b622
--- /dev/null
+++ b/roles/openshift_logging_kibana/vars/default_images.yml
@@ -0,0 +1,5 @@
+---
+__openshift_logging_kibana_image_prefix: "{{ openshift_logging_image_prefix | default('docker.io/openshift/origin-') }}"
+__openshift_logging_kibana_image_version: "{{ openshift_logging_image_version | default('latest') }}"
+__openshift_logging_kibana_proxy_image_prefix: "{{ openshift_logging_image_prefix | default('docker.io/openshift/origin-') }}"
+__openshift_logging_kibana_proxy_image_version: "{{ openshift_logging_image_version | default('latest') }}"
diff --git a/roles/openshift_logging_kibana/vars/openshift-enterprise.yml b/roles/openshift_logging_kibana/vars/openshift-enterprise.yml
new file mode 100644
index 000000000..0be2e7252
--- /dev/null
+++ b/roles/openshift_logging_kibana/vars/openshift-enterprise.yml
@@ -0,0 +1,5 @@
+---
+__openshift_logging_kibana_image_prefix: "{{ openshift_logging_image_prefix | default('registry.access.redhat.com/openshift3/') }}"
+__openshift_logging_kibana_image_version: "{{ openshift_logging_image_version | default ('v3.7') }}"
+__openshift_logging_kibana_proxy_image_prefix: "{{ openshift_logging_image_prefix | default('registry.access.redhat.com/openshift3/') }}"
+__openshift_logging_kibana_proxy_image_version: "{{ openshift_logging_image_version | default ('v3.7') }}"
diff --git a/roles/openshift_logging_mux/defaults/main.yml b/roles/openshift_logging_mux/defaults/main.yml
index 9de686576..db6f23126 100644
--- a/roles/openshift_logging_mux/defaults/main.yml
+++ b/roles/openshift_logging_mux/defaults/main.yml
@@ -1,7 +1,5 @@
---
### General logging settings
-openshift_logging_mux_image_prefix: "{{ openshift_logging_image_prefix | default(__openshift_logging_image_prefix) }}"
-openshift_logging_mux_image_version: "{{ openshift_logging_image_version | default('latest') }}"
openshift_logging_mux_image_pull_secret: "{{ openshift_hosted_logging_image_pull_secret | default('') }}"
openshift_logging_mux_master_url: "https://kubernetes.default.svc.{{ openshift.common.dns_domain }}"
openshift_logging_mux_master_public_url: "{{ openshift_hosted_logging_master_public_url | default('https://' + openshift.common.public_hostname + ':' ~ (openshift_master_api_port | default('8443', true))) }}"
@@ -30,7 +28,7 @@ openshift_logging_mux_journal_read_from_head: "{{ openshift_hosted_logging_journ
openshift_logging_mux_allow_external: False
openshift_logging_use_mux: "{{ openshift_logging_mux_allow_external | default(False) }}"
-openshift_logging_mux_hostname: "{{ 'mux.' ~ (openshift_master_default_subdomain | default('router.default.svc.cluster.local', true)) }}"
+openshift_logging_mux_hostname: "{{ 'mux.' ~ openshift_master_default_subdomain }}"
openshift_logging_mux_port: 24284
# the namespace to use for undefined projects should come first, followed by any
# additional namespaces to create by default - users will typically not need to set this
@@ -65,4 +63,4 @@ openshift_logging_mux_file_buffer_pvc_access_modes: ['ReadWriteOnce']
openshift_logging_mux_file_buffer_storage_group: '65534'
openshift_logging_mux_file_buffer_pvc_prefix: "logging-mux"
-openshift_logging_mux_file_buffer_limit: 256Mi
+openshift_logging_mux_file_buffer_limit: 2Gi
diff --git a/roles/openshift_logging_mux/files/secure-forward.conf b/roles/openshift_logging_mux/files/secure-forward.conf
index f4483df79..87410c1c5 100644
--- a/roles/openshift_logging_mux/files/secure-forward.conf
+++ b/roles/openshift_logging_mux/files/secure-forward.conf
@@ -1,3 +1,4 @@
+# <store>
# @type secure_forward
# self_hostname ${HOSTNAME}
@@ -22,3 +23,4 @@
# specify hostlabel for FQDN verification if ipaddress is used for host
# hostlabel server.fqdn.example.com
# </server>
+# </store>
diff --git a/roles/openshift_logging_mux/meta/main.yaml b/roles/openshift_logging_mux/meta/main.yaml
index f40beb79d..969752f15 100644
--- a/roles/openshift_logging_mux/meta/main.yaml
+++ b/roles/openshift_logging_mux/meta/main.yaml
@@ -13,3 +13,5 @@ galaxy_info:
- cloud
dependencies:
- role: lib_openshift
+- role: openshift_facts
+- role: lib_utils
diff --git a/roles/openshift_logging_mux/tasks/determine_version.yaml b/roles/openshift_logging_mux/tasks/determine_version.yaml
index 229bcf3d5..769475dd5 100644
--- a/roles/openshift_logging_mux/tasks/determine_version.yaml
+++ b/roles/openshift_logging_mux/tasks/determine_version.yaml
@@ -1,16 +1,16 @@
---
# debating making this a module instead?
- fail:
- msg: Missing version to install provided by 'openshift_logging_image_version'
- when: not openshift_logging_image_version or openshift_logging_image_version == ''
+ msg: Missing version to install provided by 'openshift_logging_mux_image_version'
+ when: not openshift_logging_mux_image_version or openshift_logging_mux_image_version == ''
- set_fact:
mux_version: "{{ __latest_mux_version }}"
- when: openshift_logging_image_version == 'latest'
+ when: openshift_logging_mux_image_version == 'latest'
# should we just assume that we will have the correct major version?
-- set_fact: mux_version="{{ openshift_logging_image_version | regex_replace('^v?(?P<major>\d)\.(?P<minor>\d).*$', '3_\\g<minor>') }}"
- when: openshift_logging_image_version != 'latest'
+- set_fact: mux_version="{{ openshift_logging_mux_image_version | regex_replace('^v?(?P<major>\d)\.(?P<minor>\d).*$', '3_\\g<minor>') }}"
+ when: openshift_logging_mux_image_version != 'latest'
- fail:
msg: Invalid version specified for mux
diff --git a/roles/openshift_logging_mux/tasks/main.yaml b/roles/openshift_logging_mux/tasks/main.yaml
index 5b257139e..68948bce2 100644
--- a/roles/openshift_logging_mux/tasks/main.yaml
+++ b/roles/openshift_logging_mux/tasks/main.yaml
@@ -7,7 +7,20 @@
msg: Operations logs destination is required
when: not openshift_logging_mux_ops_host or openshift_logging_mux_ops_host == ''
-- include: determine_version.yaml
+- name: Set default image variables based on deployment_type
+ include_vars: "{{ var_file_name }}"
+ with_first_found:
+ - "{{ openshift_deployment_type | default(deployment_type) }}.yml"
+ - "default_images.yml"
+ loop_control:
+ loop_var: var_file_name
+
+- name: Set mux image facts
+ set_fact:
+ openshift_logging_mux_image_prefix: "{{ openshift_logging_mux_image_prefix | default(__openshift_logging_mux_image_prefix) }}"
+ openshift_logging_mux_image_version: "{{ openshift_logging_mux_image_version | default(__openshift_logging_mux_image_version) }}"
+
+- include_tasks: determine_version.yaml
# allow passing in a tempdir
- name: Create temp directory for doing work in
@@ -42,7 +55,7 @@
name: "aggregated-logging-mux"
namespace: "{{ openshift_logging_mux_namespace }}"
when:
- - openshift_logging_image_pull_secret == ''
+ - openshift_logging_image_pull_secret == ''
# set service account scc
- name: Set privileged permissions for Mux
@@ -112,14 +125,14 @@
name: logging-mux
namespace: "{{ openshift_logging_mux_namespace }}"
files:
- - name: ca
- path: "{{ generated_certs_dir }}/ca.crt"
- - name: key
- path: "{{ generated_certs_dir }}/system.logging.mux.key"
- - name: cert
- path: "{{ generated_certs_dir }}/system.logging.mux.crt"
- - name: shared_key
- path: "{{ generated_certs_dir }}/mux_shared_key"
+ - name: ca
+ path: "{{ generated_certs_dir }}/ca.crt"
+ - name: key
+ path: "{{ generated_certs_dir }}/system.logging.mux.key"
+ - name: cert
+ path: "{{ generated_certs_dir }}/system.logging.mux.crt"
+ - name: shared_key
+ path: "{{ generated_certs_dir }}/mux_shared_key"
# services
- name: Set logging-mux service for external communication
@@ -133,11 +146,11 @@
labels:
logging-infra: 'support'
ports:
- - name: mux-forward
- port: "{{ openshift_logging_mux_port }}"
- targetPort: "mux-forward"
+ - name: mux-forward
+ port: "{{ openshift_logging_mux_port }}"
+ targetPort: "mux-forward"
external_ips:
- - "{{ ansible_eth0.ipv4.address }}"
+ - "{{ ansible_eth0.ipv4.address }}"
when: openshift_logging_mux_allow_external | bool
- name: Set logging-mux service for internal communication
@@ -151,9 +164,9 @@
labels:
logging-infra: 'support'
ports:
- - name: mux-forward
- port: "{{ openshift_logging_mux_port }}"
- targetPort: "mux-forward"
+ - name: mux-forward
+ port: "{{ openshift_logging_mux_port }}"
+ targetPort: "mux-forward"
when: not openshift_logging_mux_allow_external | bool
# create Mux DC
@@ -188,7 +201,7 @@
selector: "{{ openshift_logging_mux_file_buffer_pvc_pv_selector }}"
storage_class_name: "{{ openshift_logging_mux_file_buffer_pvc_storage_class_name | default('', true) }}"
when:
- - openshift_logging_mux_file_buffer_storage_type == "pvc"
+ - openshift_logging_mux_file_buffer_storage_type == "pvc"
- name: Set logging-mux DC
oc_obj:
@@ -197,7 +210,7 @@
namespace: "{{ openshift_logging_mux_namespace }}"
kind: dc
files:
- - "{{ tempdir }}/templates/logging-mux-dc.yaml"
+ - "{{ tempdir }}/templates/logging-mux-dc.yaml"
delete_after: true
- name: Add mux namespaces
diff --git a/roles/openshift_logging_mux/templates/mux.j2 b/roles/openshift_logging_mux/templates/mux.j2
index cfb13d59b..2337c33d5 100644
--- a/roles/openshift_logging_mux/templates/mux.j2
+++ b/roles/openshift_logging_mux/templates/mux.j2
@@ -29,7 +29,7 @@ spec:
serviceAccountName: aggregated-logging-mux
{% if mux_node_selector is iterable and mux_node_selector | length > 0 %}
nodeSelector:
-{% for key, value in mux_node_selector.iteritems() %}
+{% for key, value in mux_node_selector.items() %}
{{key}}: "{{value}}"
{% endfor %}
{% endif %}
@@ -59,7 +59,7 @@ spec:
{% endif %}
{% endif %}
ports:
- - containerPort: "{{ openshift_logging_mux_port }}"
+ - containerPort: {{ openshift_logging_mux_port }}
name: mux-forward
volumeMounts:
- name: config
diff --git a/roles/openshift_logging_mux/vars/default_images.yml b/roles/openshift_logging_mux/vars/default_images.yml
new file mode 100644
index 000000000..bd5dc4504
--- /dev/null
+++ b/roles/openshift_logging_mux/vars/default_images.yml
@@ -0,0 +1,3 @@
+---
+__openshift_logging_mux_image_prefix: "{{ openshift_logging_image_prefix | default('docker.io/openshift/origin-') }}"
+__openshift_logging_mux_image_version: "{{ openshift_logging_image_version | default('latest') }}"
diff --git a/roles/openshift_logging_mux/vars/openshift-enterprise.yml b/roles/openshift_logging_mux/vars/openshift-enterprise.yml
new file mode 100644
index 000000000..1e7eb9d8d
--- /dev/null
+++ b/roles/openshift_logging_mux/vars/openshift-enterprise.yml
@@ -0,0 +1,3 @@
+---
+__openshift_logging_mux_image_prefix: "{{ openshift_logging_image_prefix | default('registry.access.redhat.com/openshift3/') }}"
+__openshift_logging_mux_image_version: "{{ openshift_logging_image_version | default ('v3.7') }}"
diff --git a/roles/openshift_manage_node/defaults/main.yml b/roles/openshift_manage_node/defaults/main.yml
new file mode 100644
index 000000000..f0e728a3f
--- /dev/null
+++ b/roles/openshift_manage_node/defaults/main.yml
@@ -0,0 +1,6 @@
+---
+# openshift_manage_node_is_master is set at the play level.
+openshift_manage_node_is_master: False
+
+# Default is to be schedulable except for master nodes.
+l_openshift_manage_schedulable: "{{ openshift_schedulable | default(not openshift_manage_node_is_master) }}"
diff --git a/roles/openshift_manage_node/meta/main.yml b/roles/openshift_manage_node/meta/main.yml
index d90cd28cf..a09808a39 100644
--- a/roles/openshift_manage_node/meta/main.yml
+++ b/roles/openshift_manage_node/meta/main.yml
@@ -13,3 +13,4 @@ galaxy_info:
- cloud
dependencies:
- role: lib_openshift
+- role: lib_utils
diff --git a/roles/openshift_manage_node/tasks/main.yml b/roles/openshift_manage_node/tasks/main.yml
index f67aee88b..9f315b9af 100644
--- a/roles/openshift_manage_node/tasks/main.yml
+++ b/roles/openshift_manage_node/tasks/main.yml
@@ -7,11 +7,7 @@
# wait_for port doesn't provide health information.
command: >
curl --silent --tlsv1.2
- {% if openshift.common.version_gte_3_2_or_1_2 | bool %}
--cacert {{ openshift.common.config_base }}/master/ca-bundle.crt
- {% else %}
- --cacert {{ openshift.common.config_base }}/master/ca.crt
- {% endif %}
{{ openshift_node_master_api_url }}/healthz/ready
args:
# Disables the following warning:
@@ -41,11 +37,11 @@
- name: Set node schedulability
oc_adm_manage_node:
node: "{{ openshift.node.nodename | lower }}"
- schedulable: "{{ 'true' if openshift.node.schedulable | bool else 'false' }}"
+ schedulable: "{{ 'true' if l_openshift_manage_schedulable | bool else 'false' }}"
retries: 10
delay: 5
register: node_schedulable
- until: node_schedulable|succeeded
+ until: node_schedulable is succeeded
when: "'nodename' in openshift.node"
delegate_to: "{{ openshift_master_host }}"
@@ -54,10 +50,9 @@
name: "{{ openshift.node.nodename }}"
kind: node
state: add
- labels: "{{ openshift.node.labels | oo_dict_to_list_of_dict }}"
+ labels: "{{ openshift_node_labels | lib_utils_oo_dict_to_list_of_dict }}"
namespace: default
when:
- "'nodename' in openshift.node"
- - "'labels' in openshift.node"
- - openshift.node.labels != {}
+ - openshift_node_labels | default({}) != {}
delegate_to: "{{ openshift_master_host }}"
diff --git a/roles/openshift_manageiq/meta/main.yml b/roles/openshift_manageiq/meta/main.yml
index 6c96a91bf..5c9481430 100644
--- a/roles/openshift_manageiq/meta/main.yml
+++ b/roles/openshift_manageiq/meta/main.yml
@@ -13,3 +13,4 @@ galaxy_info:
- cloud
dependencies:
- role: lib_openshift
+- role: lib_utils
diff --git a/roles/openshift_management/README.md b/roles/openshift_management/README.md
index 96de82669..974d9781a 100644
--- a/roles/openshift_management/README.md
+++ b/roles/openshift_management/README.md
@@ -164,14 +164,14 @@ away.
If you want to install CFME/MIQ at the same time you install your
OCP/Origin cluster, ensure that `openshift_management_install_management` is set
to `true` in your inventory. Call the standard
-`playbooks/byo/config.yml` playbook to begin the cluster and CFME/MIQ
+`playbooks/deploy_cluster.yml` playbook to begin the cluster and CFME/MIQ
installation.
If you are installing CFME/MIQ on an *already provisioned cluster*
then you can call the CFME/MIQ playbook directly:
```
-$ ansible-playbook -v -i <YOUR_INVENTORY> playbooks/byo/openshift-management/config.yml
+$ ansible-playbook -v -i <YOUR_INVENTORY> playbooks/openshift-management/config.yml
```
*Note: Use `miq-template` in the following examples for ManageIQ installs*
@@ -489,7 +489,7 @@ This playbook will:
```
-$ ansible-playbook -v -i <YOUR_INVENTORY> playbooks/byo/openshift-management/add_container_provider.yml
+$ ansible-playbook -v -i <YOUR_INVENTORY> playbooks/openshift-management/add_container_provider.yml
```
## Multiple Providers
@@ -567,7 +567,7 @@ the config file path.
```
$ ansible-playbook -v -e container_providers_config=/tmp/cp.yml \
- playbooks/byo/openshift-management/add_many_container_providers.yml
+ playbooks/openshift-management/add_many_container_providers.yml
```
Afterwards you will find two new container providers in your
@@ -579,7 +579,7 @@ to see an overview.
This role includes a playbook to uninstall and erase the CFME/MIQ
installation:
-* `playbooks/byo/openshift-management/uninstall.yml`
+* `playbooks/openshift-management/uninstall.yml`
NFS export definitions and data stored on NFS exports are not
automatically removed. You are urged to manually erase any data from
diff --git a/roles/openshift_management/defaults/main.yml b/roles/openshift_management/defaults/main.yml
index 8ba65b386..b5e234b7f 100644
--- a/roles/openshift_management/defaults/main.yml
+++ b/roles/openshift_management/defaults/main.yml
@@ -3,6 +3,8 @@
openshift_management_project: openshift-management
# Namespace/project description
openshift_management_project_description: CloudForms Management Engine
+# Number of retries when waiting for the app to start (retried every 30 seconds)
+openshift_management_pod_rollout_retries: 30
######################################################################
# BASE TEMPLATE AND DATABASE OPTIONS
@@ -86,7 +88,7 @@ openshift_management_storage_nfs_local_hostname: false
# name and password AND are trying to use integration scripts.
#
# For example, adding this cluster as a container provider,
-# playbooks/byo/openshift-management/add_container_provider.yml
+# playbooks/openshift-management/add_container_provider.yml
openshift_management_username: admin
openshift_management_password: smartvm
diff --git a/roles/openshift_management/meta/main.yml b/roles/openshift_management/meta/main.yml
index 07ad51126..9f19704a8 100644
--- a/roles/openshift_management/meta/main.yml
+++ b/roles/openshift_management/meta/main.yml
@@ -16,3 +16,4 @@ galaxy_info:
dependencies:
- role: lib_openshift
- role: lib_utils
+- role: openshift_facts
diff --git a/roles/openshift_management/tasks/add_container_provider.yml b/roles/openshift_management/tasks/add_container_provider.yml
index 50a5252cc..ca381b105 100644
--- a/roles/openshift_management/tasks/add_container_provider.yml
+++ b/roles/openshift_management/tasks/add_container_provider.yml
@@ -1,8 +1,4 @@
---
-- name: Ensure lib_openshift modules are available
- include_role:
- role: lib_openshift
-
- name: Ensure OpenShift facts module is available
include_role:
role: openshift_facts
@@ -31,7 +27,7 @@
- name: Ensure the management SA bearer token is identified
set_fact:
- management_token: "{{ sa.results | oo_filter_sa_secrets }}"
+ management_token: "{{ sa.results | lib_utils_oo_filter_sa_secrets }}"
- name: Ensure the SA bearer token value is read
oc_secret:
diff --git a/roles/openshift_management/tasks/main.yml b/roles/openshift_management/tasks/main.yml
index 9be923a57..f212dba7c 100644
--- a/roles/openshift_management/tasks/main.yml
+++ b/roles/openshift_management/tasks/main.yml
@@ -3,7 +3,7 @@
# Users, projects, and privileges
- name: Run pre-install Management validation checks
- include: validate.yml
+ include_tasks: validate.yml
# This creates a service account allowing Container Provider
# integration (managing OCP/Origin via MIQ/Management)
@@ -18,18 +18,18 @@
display_name: "{{ openshift_management_project_description }}"
- name: Create and Authorize Management Accounts
- include: accounts.yml
+ include_tasks: accounts.yml
######################################################################
# STORAGE - Initialize basic storage class
- name: Determine the correct NFS host if required
- include: storage/nfs_server.yml
+ include_tasks: storage/nfs_server.yml
when: openshift_management_storage_class in ['nfs', 'nfs_external']
#---------------------------------------------------------------------
# * nfs - set up NFS shares on the first master for a proof of concept
- name: Create required NFS exports for Management app storage
- include: storage/nfs.yml
+ include_tasks: storage/nfs.yml
when: openshift_management_storage_class == 'nfs'
#---------------------------------------------------------------------
@@ -56,14 +56,14 @@
######################################################################
# APPLICATION TEMPLATE
- name: Install the Management app and PV templates
- include: template.yml
+ include_tasks: template.yml
######################################################################
# APP & DB Storage
# For local/external NFS backed installations
- name: "Create the required App and DB PVs using {{ openshift_management_storage_class }}"
- include: storage/create_nfs_pvs.yml
+ include_tasks: storage/create_nfs_pvs.yml
when:
- openshift_management_storage_class in ['nfs', 'nfs_external']
@@ -88,9 +88,9 @@
create: True
params: "{{ openshift_management_template_parameters }}"
-- name: Wait for the app to come up. May take several minutes, 30s check intervals, 10m max
+- name: Wait for the app to come up. May take several minutes, 30s check intervals, {{ openshift_management_pod_rollout_retries }} retries
command: "oc logs {{ openshift_management_flavor }}-0 -n {{ openshift_management_project }}"
register: app_seeding_logs
until: app_seeding_logs.stdout.find('Server starting complete') != -1
delay: 30
- retries: 20
+ retries: "{{ openshift_management_pod_rollout_retries }}"
diff --git a/roles/openshift_management/tasks/storage/storage.yml b/roles/openshift_management/tasks/storage/storage.yml
index d8bf7aa3e..a3675b29b 100644
--- a/roles/openshift_management/tasks/storage/storage.yml
+++ b/roles/openshift_management/tasks/storage/storage.yml
@@ -1,3 +1,3 @@
---
-- include: nfs.yml
+- include_tasks: nfs.yml
when: not (openshift_cloudprovider_kind is defined and (openshift_cloudprovider_kind == 'aws' or openshift_cloudprovider_kind == 'gce'))
diff --git a/roles/openshift_master/defaults/main.yml b/roles/openshift_master/defaults/main.yml
index fe78dea66..5d292ffd0 100644
--- a/roles/openshift_master/defaults/main.yml
+++ b/roles/openshift_master/defaults/main.yml
@@ -7,6 +7,28 @@ openshift_master_debug_level: "{{ debug_level | default(2) }}"
r_openshift_master_firewall_enabled: "{{ os_firewall_enabled | default(True) }}"
r_openshift_master_use_firewalld: "{{ os_firewall_use_firewalld | default(False) }}"
+osm_image_default_dict:
+ origin: 'openshift/origin'
+ openshift-enterprise: 'openshift3/ose'
+osm_image_default: "{{ osm_image_default_dict[openshift_deployment_type] }}"
+osm_image: "{{ osm_image_default }}"
+
+system_images_registry_dict:
+ openshift-enterprise: "registry.access.redhat.com"
+ origin: "docker.io"
+
+system_images_registry: "{{ system_images_registry_dict[openshift_deployment_type | default('origin')] }}"
+
+l_is_master_system_container: "{{ (openshift_use_master_system_container | default(openshift_use_system_containers | default(false)) | bool) }}"
+
+openshift_master_dns_port: 8053
+osm_default_node_selector: ''
+osm_project_request_template: ''
+osm_mcs_allocator_range: 's0:/2'
+osm_mcs_labels_per_project: 5
+osm_uid_allocator_range: '1000000000-1999999999/10000'
+osm_project_request_message: ''
+
openshift_node_ips: []
r_openshift_master_clean_install: false
r_openshift_master_etcd3_storage: false
@@ -18,24 +40,68 @@ default_r_openshift_master_os_firewall_allow:
- service: api controllers https
port: "{{ openshift.master.controllers_port }}/tcp"
- service: skydns tcp
- port: "{{ openshift.master.dns_port }}/tcp"
+ port: "{{ openshift_master_dns_port }}/tcp"
- service: skydns udp
- port: "{{ openshift.master.dns_port }}/udp"
+ port: "{{ openshift_master_dns_port }}/udp"
- service: etcd embedded
port: 4001/tcp
cond: "{{ groups.oo_etcd_to_config | default([]) | length == 0 }}"
r_openshift_master_os_firewall_allow: "{{ default_r_openshift_master_os_firewall_allow | union(openshift_master_open_ports | default([])) }}"
-
# oreg_url is defined by user input
oreg_host: "{{ oreg_url.split('/')[0] if (oreg_url is defined and '.' in oreg_url.split('/')[0]) else '' }}"
oreg_auth_credentials_path: "{{ r_openshift_master_data_dir }}/.docker"
oreg_auth_credentials_replace: False
l_bind_docker_reg_auth: False
+openshift_docker_alternative_creds: "{{ (openshift_docker_use_system_container | default(False)) or (openshift_use_crio_only | default(False)) }}"
containerized_svc_dir: "/usr/lib/systemd/system"
ha_svc_template_path: "native-cluster"
+openshift_docker_service_name: "{{ 'container-engine' if (openshift_docker_use_system_container | default(False)) else 'docker' }}"
+
+openshift_master_loopback_config: "{{ openshift_master_config_dir }}/openshift-master.kubeconfig"
+loopback_context_string: "current-context: {{ openshift.master.loopback_context_name }}"
+openshift_master_session_secrets_file: "{{ openshift_master_config_dir }}/session-secrets.yaml"
+openshift_master_policy: "{{ openshift_master_config_dir }}/policy.json"
+
+scheduler_config:
+ kind: Policy
+ apiVersion: v1
+ predicates: "{{ openshift_master_scheduler_predicates
+ | default(openshift_master_scheduler_current_predicates
+ | default(openshift_master_scheduler_default_predicates)) }}"
+ priorities: "{{ openshift_master_scheduler_priorities
+ | default(openshift_master_scheduler_current_priorities
+ | default(openshift_master_scheduler_default_priorities)) }}"
+
+openshift_master_valid_grant_methods:
+- auto
+- prompt
+- deny
+
+openshift_master_is_scaleup_host: False
+
+# These defaults assume forcing journald persistence, fsync to disk once
+# a second, rate-limiting to 10,000 logs a second, no forwarding to
+# syslog or wall, using 8GB of disk space maximum, using 10MB journal
+# files, keeping only a days worth of logs per journal file, and
+# retaining journal files no longer than a month.
+journald_vars_to_replace:
+- { var: Storage, val: persistent }
+- { var: Compress, val: yes }
+- { var: SyncIntervalSec, val: 1s }
+- { var: RateLimitInterval, val: 1s }
+- { var: RateLimitBurst, val: 10000 }
+- { var: SystemMaxUse, val: 8G }
+- { var: SystemKeepFree, val: 20% }
+- { var: SystemMaxFileSize, val: 10M }
+- { var: MaxRetentionSec, val: 1month }
+- { var: MaxFileSec, val: 1day }
+- { var: ForwardToSyslog, val: no }
+- { var: ForwardToWall, val: no }
+
+
# NOTE
# r_openshift_master_*_default may be defined external to this role.
# openshift_use_*, if defined, may affect other roles or play behavior.
@@ -60,87 +126,13 @@ r_openshift_master_sdn_network_plugin_name: "{{ r_openshift_master_sdn_network_p
openshift_master_image_config_latest_default: "{{ openshift_image_config_latest | default(False) }}"
openshift_master_image_config_latest: "{{ openshift_master_image_config_latest_default }}"
-openshift_master_config_dir_default: "{{ (openshift.common.config_base | default('/etc/origin/master')) ~ '/master' }}"
+openshift_master_config_dir_default: "{{ openshift.common.config_base ~ '/master' if openshift is defined and 'common' in openshift else '/etc/origin/master' }}"
openshift_master_config_dir: "{{ openshift_master_config_dir_default }}"
-openshift_master_cloud_provider: "{{ openshift_cloudprovider_kind | default('aws') }}"
-
-openshift_master_node_config_networkconfig_mtu: "{{ openshift_node_sdn_mtu | default(1450) }}"
-
-openshift_master_node_config_kubeletargs_cpu: 500m
-openshift_master_node_config_kubeletargs_mem: 512M
openshift_master_bootstrap_enabled: False
-openshift_master_client_binary: "{{ openshift.common.client_binary if openshift is defined else 'oc' }}"
-
-openshift_master_config_imageconfig_format: "{{ openshift.node.registry_url }}"
-
-# these are for the default settings in a generated node-config.yaml
-openshift_master_node_config_default_edits:
-- key: nodeName
- state: absent
-- key: dnsBindAddress
- value: 127.0.0.1:53
-- key: dnsDomain
- value: cluster.local
-- key: dnsRecursiveResolvConf
- value: /etc/origin/node/resolv.conf
-- key: imageConfig.format
- value: "{{ openshift_master_config_imageconfig_format }}"
-- key: kubeletArguments.cloud-config
- value:
- - "/etc/origin/cloudprovider/{{ openshift_master_cloud_provider }}.conf"
-- key: kubeletArguments.cloud-provider
- value:
- - "{{ openshift_master_cloud_provider }}"
-- key: kubeletArguments.kube-reserved
- value:
- - "cpu={{ openshift_master_node_config_kubeletargs_cpu }},memory={{ openshift_master_node_config_kubeletargs_mem }}"
-- key: kubeletArguments.system-reserved
- value:
- - "cpu={{ openshift_master_node_config_kubeletargs_cpu }},memory={{ openshift_master_node_config_kubeletargs_mem }}"
-- key: enable-controller-attach-detach
- value:
- - 'true'
-- key: networkConfig.mtu
- value: "{{ openshift_master_node_config_networkconfig_mtu }}"
-- key: networkConfig.networkPluginName
- value: "{{ r_openshift_master_sdn_network_plugin_name }}"
-- key: networkPluginName
- value: "{{ r_openshift_master_sdn_network_plugin_name }}"
-
-
-# We support labels for all nodes here
-openshift_master_node_config_kubeletargs_default_labels: []
-# We do support overrides for node group labels
-openshift_master_node_config_kubeletargs_master_labels: []
-openshift_master_node_config_kubeletargs_infra_labels: []
-openshift_master_node_config_kubeletargs_compute_labels: []
-
-openshift_master_node_config_master:
- type: master
- edits:
- - key: kubeletArguments.node-labels
- value: "{{ openshift_master_node_config_kubeletargs_default_labels |
- union(openshift_master_node_config_kubeletargs_master_labels) |
- union(['type=master']) }}"
-openshift_master_node_config_infra:
- type: infra
- edits:
- - key: kubeletArguments.node-labels
- value: "{{ openshift_master_node_config_kubeletargs_default_labels |
- union(openshift_master_node_config_kubeletargs_infra_labels) |
- union(['type=infra']) }}"
-openshift_master_node_config_compute:
- type: compute
- edits:
- - key: kubeletArguments.node-labels
- value: "{{ openshift_master_node_config_kubeletargs_default_labels |
- union(openshift_master_node_config_kubeletargs_compute_labels) |
- union(['type=compute']) }}"
-
-openshift_master_node_configs:
-- "{{ openshift_master_node_config_infra }}"
-- "{{ openshift_master_node_config_compute }}"
-
-openshift_master_bootstrap_namespace: openshift-node
+openshift_master_csr_sa: node-bootstrapper
+openshift_master_csr_namespace: openshift-infra
+
+openshift_master_config_file: "{{ openshift_master_config_dir }}/master-config.yaml"
+openshift_master_scheduler_conf: "{{ openshift_master_config_dir }}/scheduler.json"
diff --git a/roles/openshift_master/handlers/main.yml b/roles/openshift_master/handlers/main.yml
index d5094c2c9..557bfe022 100644
--- a/roles/openshift_master/handlers/main.yml
+++ b/roles/openshift_master/handlers/main.yml
@@ -1,32 +1,29 @@
---
- name: restart master api
systemd:
- name: "{{ openshift.common.service_type }}-master-api"
+ name: "{{ openshift_service_type }}-master-api"
state: restarted
when:
- not (master_api_service_status_changed | default(false) | bool)
- - openshift.master.cluster_method == 'native'
notify:
- Verify API Server
+# We retry the controllers because the API may not be 100% initialized yet.
- name: restart master controllers
- systemd:
- name: "{{ openshift.common.service_type }}-master-controllers"
- state: restarted
+ command: "systemctl restart {{ openshift_service_type }}-master-controllers"
+ retries: 3
+ delay: 5
+ register: result
+ until: result.rc == 0
when:
- not (master_controllers_service_status_changed | default(false) | bool)
- - openshift.master.cluster_method == 'native'
- name: Verify API Server
# Using curl here since the uri module requires python-httplib2 and
# wait_for port doesn't provide health information.
command: >
curl --silent --tlsv1.2
- {% if openshift.common.version_gte_3_2_or_1_2 | bool %}
--cacert {{ openshift.common.config_base }}/master/ca-bundle.crt
- {% else %}
- --cacert {{ openshift.common.config_base }}/master/ca.crt
- {% endif %}
{{ openshift.master.api_url }}/healthz/ready
args:
# Disables the following warning:
diff --git a/roles/openshift_master/meta/main.yml b/roles/openshift_master/meta/main.yml
index a1cda2ad4..3460efec9 100644
--- a/roles/openshift_master/meta/main.yml
+++ b/roles/openshift_master/meta/main.yml
@@ -14,4 +14,4 @@ galaxy_info:
dependencies:
- role: lib_openshift
- role: lib_utils
-- role: lib_os_firewall
+- role: openshift_facts
diff --git a/roles/openshift_master/tasks/bootstrap.yml b/roles/openshift_master/tasks/bootstrap.yml
index f837a8bae..ce55e7d0c 100644
--- a/roles/openshift_master/tasks/bootstrap.yml
+++ b/roles/openshift_master/tasks/bootstrap.yml
@@ -2,7 +2,8 @@
# TODO: create a module for this command.
# oc_serviceaccounts_kubeconfig
- name: create service account kubeconfig with csr rights
- command: "oc serviceaccounts create-kubeconfig node-bootstrapper -n openshift-infra"
+ command: >
+ oc serviceaccounts create-kubeconfig {{ openshift_master_csr_sa }} -n {{ openshift_master_csr_namespace }}
register: kubeconfig_out
until: kubeconfig_out.rc == 0
retries: 24
@@ -12,67 +13,3 @@
copy:
content: "{{ kubeconfig_out.stdout }}"
dest: "{{ openshift_master_config_dir }}/bootstrap.kubeconfig"
-
-- name: create a temp dir for this work
- command: mktemp -d /tmp/openshift_node_config-XXXXXX
- register: mktempout
- run_once: true
-
-# This generate is so that we do not have to maintain
-# our own copy of the template. This is generated by
-# the product and the following settings will be
-# generated by the master
-- name: generate a node-config dynamically
- command: >
- {{ openshift_master_client_binary }} adm create-node-config
- --node-dir={{ mktempout.stdout }}/
- --node=CONFIGMAP
- --hostnames=test
- --dns-ip=0.0.0.0
- --certificate-authority={{ openshift_master_config_dir }}/ca.crt
- --signer-cert={{ openshift_master_config_dir }}/ca.crt
- --signer-key={{ openshift_master_config_dir }}/ca.key
- --signer-serial={{ openshift_master_config_dir }}/ca.serial.txt
- --node-client-certificate-authority={{ openshift_master_config_dir }}/ca.crt
- register: configgen
- run_once: true
-
-- name: remove the default settings
- yedit:
- state: "{{ item.state | default('present') }}"
- src: "{{ mktempout.stdout }}/node-config.yaml"
- key: "{{ item.key }}"
- value: "{{ item.value | default(omit) }}"
- with_items: "{{ openshift_master_node_config_default_edits }}"
- run_once: true
-
-- name: copy the generated config into each group
- copy:
- src: "{{ mktempout.stdout }}/node-config.yaml"
- remote_src: true
- dest: "{{ mktempout.stdout }}/node-config-{{ item.type }}.yaml"
- with_items: "{{ openshift_master_node_configs }}"
- run_once: true
-
-- name: "specialize the generated configs for node-config-{{ item.type }}"
- yedit:
- src: "{{ mktempout.stdout }}/node-config-{{ item.type }}.yaml"
- edits: "{{ item.edits }}"
- with_items: "{{ openshift_master_node_configs }}"
- run_once: true
-
-- name: create node-config.yaml configmap
- oc_configmap:
- name: "node-config-{{ item.type }}"
- namespace: "{{ openshift_master_bootstrap_namespace }}"
- from_file:
- node-config.yaml: "{{ mktempout.stdout }}/node-config-{{ item.type }}.yaml"
- with_items: "{{ openshift_master_node_configs }}"
- run_once: true
-
-- name: remove templated files
- file:
- dest: "{{ mktempout.stdout }}/"
- state: absent
- with_items: "{{ openshift_master_node_configs }}"
- run_once: true
diff --git a/roles/openshift_master/tasks/bootstrap_settings.yml b/roles/openshift_master/tasks/bootstrap_settings.yml
new file mode 100644
index 000000000..10e0828eb
--- /dev/null
+++ b/roles/openshift_master/tasks/bootstrap_settings.yml
@@ -0,0 +1,15 @@
+---
+- name: modify controller args
+ yedit:
+ src: /etc/origin/master/master-config.yaml
+ edits:
+ - key: kubernetesMasterConfig.controllerArguments.cluster-signing-cert-file
+ value:
+ - /etc/origin/master/ca.crt
+ - key: kubernetesMasterConfig.controllerArguments.cluster-signing-key-file
+ value:
+ - /etc/origin/master/ca.key
+ notify:
+ - restart master controllers
+ - restart master api
+ when: openshift_master_bootstrap_enabled | default(False)
diff --git a/roles/openshift_master/tasks/journald.yml b/roles/openshift_master/tasks/journald.yml
index a16cbe78e..6166062ed 100644
--- a/roles/openshift_master/tasks/journald.yml
+++ b/roles/openshift_master/tasks/journald.yml
@@ -26,4 +26,4 @@
delay: 5
register: result
until: result.rc == 0
- when: journald_update | changed
+ when: journald_update is changed
diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml
index 48b34c578..1c43d335f 100644
--- a/roles/openshift_master/tasks/main.yml
+++ b/roles/openshift_master/tasks/main.yml
@@ -11,41 +11,17 @@
- openshift_master_oauth_grant_method is defined
- openshift_master_oauth_grant_method not in openshift_master_valid_grant_methods
-# HA Variable Validation
-- fail:
- msg: "openshift_master_cluster_method must be set to either 'native' or 'pacemaker' for multi-master installations"
- when:
- - openshift.master.ha | bool
- - (openshift.master.cluster_method is not defined) or (openshift.master.cluster_method is defined and openshift.master.cluster_method not in ["native", "pacemaker"])
-- fail:
- msg: "'native' high availability is not supported for the requested OpenShift version"
- when:
- - openshift.master.ha | bool
- - openshift.master.cluster_method == "native"
- - not openshift.common.version_gte_3_1_or_1_1 | bool
-- fail:
- msg: "openshift_master_cluster_password must be set for multi-master installations"
- when:
- - openshift.master.ha | bool
- - openshift.master.cluster_method == "pacemaker"
- - openshift_master_cluster_password is not defined or not openshift_master_cluster_password
-- fail:
- msg: "Pacemaker based HA is not supported at this time when used with containerized installs"
- when:
- - openshift.master.ha | bool
- - openshift.master.cluster_method == "pacemaker"
- - openshift.common.is_containerized | bool
-
- name: Open up firewall ports
- include: firewall.yml
- static: yes
+ import_tasks: firewall.yml
- name: Install Master package
package:
- name: "{{ openshift.common.service_type }}-master{{ openshift_pkg_version | default('') | oo_image_tag_to_rpm_version(include_dash=True) }}"
+ name: "{{ openshift_service_type }}-master{{ openshift_pkg_version | default('') | lib_utils_oo_image_tag_to_rpm_version(include_dash=True) }}"
state: present
when:
- not openshift.common.is_containerized | bool
+ register: result
+ until: result is succeeded
- name: Create r_openshift_master_data_dir
file:
@@ -95,6 +71,8 @@
- item.kind == 'HTPasswdPasswordIdentityProvider'
- not openshift.common.is_atomic | bool
with_items: "{{ openshift.master.identity_providers }}"
+ register: result
+ until: result is succeeded
- name: Ensure htpasswd directory exists
file:
@@ -163,13 +141,13 @@
# The template file will stomp any other settings made.
- block:
- name: check whether our docker-registry setting exists in the env file
- command: "awk '/^OPENSHIFT_DEFAULT_REGISTRY=docker-registry.default.svc:5000/' /etc/sysconfig/{{ openshift.common.service_type }}-master"
+ command: "awk '/^OPENSHIFT_DEFAULT_REGISTRY=docker-registry.default.svc:5000/' /etc/sysconfig/{{ openshift_service_type }}-master"
failed_when: false
changed_when: false
register: l_already_set
- set_fact:
- openshift_push_via_dns: "{{ openshift.common.version_gte_3_6 or (l_already_set.stdout is defined and l_already_set.stdout | match('OPENSHIFT_DEFAULT_REGISTRY=docker-registry.default.svc:5000')) }}"
+ openshift_push_via_dns: "{{ openshift.common.version_gte_3_6 or (l_already_set.stdout is defined and l_already_set.stdout is match('OPENSHIFT_DEFAULT_REGISTRY=docker-registry.default.svc:5000')) }}"
- name: Set fact of all etcd host IPs
openshift_facts:
@@ -178,16 +156,16 @@
no_proxy_etcd_host_ips: "{{ openshift_no_proxy_etcd_host_ips }}"
- name: Update journald config
- include: journald.yml
+ include_tasks: journald.yml
- name: Install the systemd units
- include: systemd_units.yml
+ include_tasks: systemd_units.yml
- name: Install Master system container
- include: system_container.yml
+ include_tasks: system_container.yml
when:
- openshift.common.is_containerized | bool
- - openshift.common.is_master_system_container | bool
+ - l_is_master_system_container | bool
- name: Create session secrets file
template:
@@ -218,129 +196,85 @@
- restart master api
- restart master controllers
-- name: modify controller args
- yedit:
- src: /etc/origin/master/master-config.yaml
- edits:
- - key: kubernetesMasterConfig.controllerArguments.cluster-signing-cert-file
- value:
- - /etc/origin/master/ca.crt
- - key: kubernetesMasterConfig.controllerArguments.cluster-signing-key-file
- value:
- - /etc/origin/master/ca.key
- notify:
- - restart master controllers
+- include_tasks: bootstrap_settings.yml
when: openshift_master_bootstrap_enabled | default(False)
-- include: set_loopback_context.yml
- when:
- - openshift.common.version_gte_3_2_or_1_2
+- include_tasks: set_loopback_context.yml
- name: Start and enable master api on first master
systemd:
- name: "{{ openshift.common.service_type }}-master-api"
+ name: "{{ openshift_service_type }}-master-api"
enabled: yes
state: started
when:
- - openshift.master.cluster_method == 'native'
- inventory_hostname == openshift_master_hosts[0]
register: l_start_result
- until: not l_start_result | failed
+ until: not (l_start_result is failed)
retries: 1
delay: 60
- name: Dump logs from master-api if it failed
- command: journalctl --no-pager -n 100 -u {{ openshift.common.service_type }}-master-api
+ command: journalctl --no-pager -n 100 -u {{ openshift_service_type }}-master-api
when:
- - l_start_result | failed
+ - l_start_result is failed
- set_fact:
- master_api_service_status_changed: "{{ l_start_result | changed }}"
+ master_api_service_status_changed: "{{ l_start_result is changed }}"
when:
- - openshift.master.cluster_method == 'native'
- inventory_hostname == openshift_master_hosts[0]
- pause:
seconds: 15
when:
- openshift.master.ha | bool
- - openshift.master.cluster_method == 'native'
- name: Start and enable master api all masters
systemd:
- name: "{{ openshift.common.service_type }}-master-api"
+ name: "{{ openshift_service_type }}-master-api"
enabled: yes
state: started
when:
- - openshift.master.cluster_method == 'native'
- inventory_hostname != openshift_master_hosts[0]
register: l_start_result
- until: not l_start_result | failed
+ until: not (l_start_result is failed)
retries: 1
delay: 60
- name: Dump logs from master-api if it failed
- command: journalctl --no-pager -n 100 -u {{ openshift.common.service_type }}-master-api
+ command: journalctl --no-pager -n 100 -u {{ openshift_service_type }}-master-api
when:
- - l_start_result | failed
+ - l_start_result is failed
- set_fact:
- master_api_service_status_changed: "{{ l_start_result | changed }}"
+ master_api_service_status_changed: "{{ l_start_result is changed }}"
when:
- - openshift.master.cluster_method == 'native'
- inventory_hostname != openshift_master_hosts[0]
# A separate wait is required here for native HA since notifies will
# be resolved after all tasks in the role.
-- include: check_master_api_is_ready.yml
+- include_tasks: check_master_api_is_ready.yml
when:
- - openshift.master.cluster_method == 'native'
- master_api_service_status_changed | bool
- name: Start and enable master controller service
systemd:
- name: "{{ openshift.common.service_type }}-master-controllers"
+ name: "{{ openshift_service_type }}-master-controllers"
enabled: yes
state: started
- when:
- - openshift.master.cluster_method == 'native'
register: l_start_result
- until: not l_start_result | failed
+ until: not (l_start_result is failed)
retries: 1
delay: 60
- name: Dump logs from master-controllers if it failed
- command: journalctl --no-pager -n 100 -u {{ openshift.common.service_type }}-master-controllers
+ command: journalctl --no-pager -n 100 -u {{ openshift_service_type }}-master-controllers
when:
- - l_start_result | failed
+ - l_start_result is failed
- name: Set fact master_controllers_service_status_changed
set_fact:
- master_controllers_service_status_changed: "{{ l_start_result | changed }}"
- when:
- - openshift.master.cluster_method == 'native'
-
-- name: Install cluster packages
- package: name=pcs state=present
- when:
- - openshift.master.cluster_method == 'pacemaker'
- - not openshift.common.is_containerized | bool
- register: l_install_result
-
-- name: Start and enable cluster service
- systemd:
- name: pcsd
- enabled: yes
- state: started
- when:
- - openshift.master.cluster_method == 'pacemaker'
- - not openshift.common.is_containerized | bool
-
-- name: Set the cluster user password
- shell: echo {{ openshift_master_cluster_password | quote }} | passwd --stdin hacluster
- when:
- - l_install_result | changed
+ master_controllers_service_status_changed: "{{ l_start_result is changed }}"
- name: node bootstrap settings
- include: bootstrap.yml
+ include_tasks: bootstrap.yml
when: openshift_master_bootstrap_enabled | default(False)
diff --git a/roles/openshift_master/tasks/registry_auth.yml b/roles/openshift_master/tasks/registry_auth.yml
index cde01c49e..8b342a5b4 100644
--- a/roles/openshift_master/tasks/registry_auth.yml
+++ b/roles/openshift_master/tasks/registry_auth.yml
@@ -8,6 +8,7 @@
- name: Create credentials for registry auth
command: "docker --config={{ oreg_auth_credentials_path }} login -u {{ oreg_auth_user }} -p {{ oreg_auth_password }} {{ oreg_host }}"
when:
+ - not (openshift_docker_alternative_creds | default(False))
- oreg_auth_user is defined
- (not master_oreg_auth_credentials_stat.stat.exists or oreg_auth_credentials_replace) | bool
register: master_oreg_auth_credentials_create
@@ -18,6 +19,25 @@
- restart master api
- restart master controllers
+# docker_creds is a custom module from lib_utils
+# 'docker login' requires a docker.service running on the local host, this is an
+# alternative implementation for non-docker hosts. This implementation does not
+# check the registry to determine whether or not the credentials will work.
+- name: Create credentials for registry auth (alternative)
+ docker_creds:
+ path: "{{ oreg_auth_credentials_path }}"
+ registry: "{{ oreg_host }}"
+ username: "{{ oreg_auth_user }}"
+ password: "{{ oreg_auth_password }}"
+ when:
+ - openshift_docker_alternative_creds | default(False) | bool
+ - oreg_auth_user is defined
+ - (not master_oreg_auth_credentials_stat.stat.exists or oreg_auth_credentials_replace) | bool
+ register: master_oreg_auth_credentials_create_alt
+ notify:
+ - restart master api
+ - restart master controllers
+
# Container images may need the registry credentials
- name: Setup ro mount of /root/.docker for containerized hosts
set_fact:
@@ -25,4 +45,8 @@
when:
- openshift.common.is_containerized | bool
- oreg_auth_user is defined
- - (master_oreg_auth_credentials_stat.stat.exists or oreg_auth_credentials_replace or master_oreg_auth_credentials_create.changed) | bool
+ - >
+ (master_oreg_auth_credentials_stat.stat.exists
+ or oreg_auth_credentials_replace
+ or master_oreg_auth_credentials_create.changed
+ or master_oreg_auth_credentials_create_alt.changed) | bool
diff --git a/roles/openshift_master/tasks/restart.yml b/roles/openshift_master/tasks/restart.yml
new file mode 100644
index 000000000..715347101
--- /dev/null
+++ b/roles/openshift_master/tasks/restart.yml
@@ -0,0 +1,22 @@
+---
+- name: Restart master API
+ service:
+ name: "{{ openshift_service_type }}-master-api"
+ state: restarted
+ when: openshift_master_ha | bool
+- name: Wait for master API to come back online
+ wait_for:
+ host: "{{ openshift.common.hostname }}"
+ state: started
+ delay: 10
+ port: "{{ openshift.master.api_port }}"
+ timeout: 600
+ when: openshift_master_ha | bool
+- name: Restart master controllers
+ service:
+ name: "{{ openshift_service_type }}-master-controllers"
+ state: restarted
+ # Ignore errrors since it is possible that type != simple for
+ # pre-3.1.1 installations.
+ ignore_errors: true
+ when: openshift_master_ha | bool
diff --git a/roles/openshift_master/tasks/set_loopback_context.yml b/roles/openshift_master/tasks/set_loopback_context.yml
index 308b2f4cd..487fefb63 100644
--- a/roles/openshift_master/tasks/set_loopback_context.yml
+++ b/roles/openshift_master/tasks/set_loopback_context.yml
@@ -23,12 +23,12 @@
{{ openshift.master.loopback_context_name }}
--config={{ openshift_master_loopback_config }}
when:
- - set_loopback_cluster | changed
+ - set_loopback_cluster is changed
register: l_set_loopback_context
- command: >
{{ openshift.common.client_binary }} config use-context {{ openshift.master.loopback_context_name }}
--config={{ openshift_master_loopback_config }}
when:
- - l_set_loopback_context | changed
+ - l_set_loopback_context is changed
register: set_current_context
diff --git a/roles/openshift_master/tasks/system_container.yml b/roles/openshift_master/tasks/system_container.yml
index 843352532..dcbf7fd9f 100644
--- a/roles/openshift_master/tasks/system_container.yml
+++ b/roles/openshift_master/tasks/system_container.yml
@@ -1,32 +1,28 @@
---
-- name: Ensure proxies are in the atomic.conf
- include_role:
- name: openshift_atomic
- tasks_from: proxy
- name: Pre-pull master system container image
command: >
- atomic pull --storage=ostree {{ 'docker:' if openshift.common.system_images_registry == 'docker' else openshift.common.system_images_registry + '/' }}{{ openshift.master.master_system_image }}:{{ openshift_image_tag }}
+ atomic pull --storage=ostree {{ 'docker:' if system_images_registry == 'docker' else system_images_registry + '/' }}{{ osm_image }}:{{ openshift_image_tag }}
register: l_pull_result
changed_when: "'Pulling layer' in l_pull_result.stdout"
- name: Check Master system container package
command: >
- atomic containers list --no-trunc -a -f container={{ openshift.common.service_type }}-master
+ atomic containers list --no-trunc -a -f container={{ openshift_service_type }}-master
# HA
- name: Install or Update HA api master system container
oc_atomic_container:
- name: "{{ openshift.common.service_type }}-master-api"
- image: "{{ 'docker:' if openshift.common.system_images_registry == 'docker' else openshift.common.system_images_registry + '/' }}{{ openshift.master.master_system_image }}:{{ openshift_image_tag }}"
+ name: "{{ openshift_service_type }}-master-api"
+ image: "{{ 'docker:' if system_images_registry == 'docker' else system_images_registry + '/' }}{{ osm_image }}:{{ openshift_image_tag }}"
state: latest
values:
- COMMAND=api
- name: Install or Update HA controller master system container
oc_atomic_container:
- name: "{{ openshift.common.service_type }}-master-controllers"
- image: "{{ 'docker:' if openshift.common.system_images_registry == 'docker' else openshift.common.system_images_registry + '/' }}{{ openshift.master.master_system_image }}:{{ openshift_image_tag }}"
+ name: "{{ openshift_service_type }}-master-controllers"
+ image: "{{ 'docker:' if system_images_registry == 'docker' else system_images_registry + '/' }}{{ osm_image }}:{{ openshift_image_tag }}"
state: latest
values:
- COMMAND=controllers
diff --git a/roles/openshift_master/tasks/systemd_units.yml b/roles/openshift_master/tasks/systemd_units.yml
index 8420dfb8c..906ecf277 100644
--- a/roles/openshift_master/tasks/systemd_units.yml
+++ b/roles/openshift_master/tasks/systemd_units.yml
@@ -2,9 +2,6 @@
# systemd_units.yml is included both in the openshift_master role and in the upgrade
# playbooks.
-- include: upgrade_facts.yml
- when: openshift_master_defaults_in_use is not defined
-
- name: Set HA Service Info for containerized installs
set_fact:
containerized_svc_dir: "/etc/systemd/system"
@@ -12,11 +9,11 @@
when:
- openshift.common.is_containerized | bool
-- include: registry_auth.yml
+- include_tasks: registry_auth.yml
- name: Disable the legacy master service if it exists
systemd:
- name: "{{ openshift.common.service_type }}-master"
+ name: "{{ openshift_service_type }}-master"
state: stopped
enabled: no
masked: yes
@@ -24,30 +21,28 @@
- name: Remove the legacy master service if it exists
file:
- path: "{{ containerized_svc_dir }}/{{ openshift.common.service_type }}-master.service"
+ path: "{{ containerized_svc_dir }}/{{ openshift_service_type }}-master.service"
state: absent
ignore_errors: true
when:
- - openshift.master.cluster_method == "native"
- - not openshift.common.is_master_system_container | bool
+ - not l_is_master_system_container | bool
# This is the image used for both HA and non-HA clusters:
- name: Pre-pull master image
command: >
- docker pull {{ openshift.master.master_image }}:{{ openshift_image_tag }}
+ docker pull {{ osm_image }}:{{ openshift_image_tag }}
register: l_pull_result
changed_when: "'Downloaded newer image' in l_pull_result.stdout"
when:
- openshift.common.is_containerized | bool
- - not openshift.common.is_master_system_container | bool
+ - not l_is_master_system_container | bool
- name: Create the ha systemd unit files
template:
src: "{{ ha_svc_template_path }}/atomic-openshift-master-{{ item }}.service.j2"
- dest: "{{ containerized_svc_dir }}/{{ openshift.common.service_type }}-master-{{ item }}.service"
+ dest: "{{ containerized_svc_dir }}/{{ openshift_service_type }}-master-{{ item }}.service"
when:
- - openshift.master.cluster_method == "native"
- - not openshift.common.is_master_system_container | bool
+ - not l_is_master_system_container | bool
with_items:
- api
- controllers
@@ -55,111 +50,94 @@
- command: systemctl daemon-reload
when:
- - l_create_ha_unit_files | changed
+ - l_create_ha_unit_files is changed
# end workaround for missing systemd unit files
- name: enable master services
systemd:
- name: "{{ openshift.common.service_type }}-master-{{ item }}"
+ name: "{{ openshift_service_type }}-master-{{ item }}"
enabled: yes
with_items:
- api
- controllers
when:
- - openshift.master.cluster_method == "native"
- - not openshift.common.is_master_system_container | bool
+ - not l_is_master_system_container | bool
- name: Preserve Master API Proxy Config options
- command: grep PROXY /etc/sysconfig/{{ openshift.common.service_type }}-master-api
+ command: grep PROXY /etc/sysconfig/{{ openshift_service_type }}-master-api
register: l_master_api_proxy
- when:
- - openshift.master.cluster_method == "native"
failed_when: false
changed_when: false
- name: Preserve Master API AWS options
- command: grep AWS_ /etc/sysconfig/{{ openshift.common.service_type }}-master-api
+ command: grep AWS_ /etc/sysconfig/{{ openshift_service_type }}-master-api
register: master_api_aws
- when:
- - openshift.master.cluster_method == "native"
failed_when: false
changed_when: false
- name: Create the master api service env file
template:
src: "{{ ha_svc_template_path }}/atomic-openshift-master-api.j2"
- dest: /etc/sysconfig/{{ openshift.common.service_type }}-master-api
+ dest: /etc/sysconfig/{{ openshift_service_type }}-master-api
backup: true
- when:
- - openshift.master.cluster_method == "native"
notify:
- restart master api
- name: Restore Master API Proxy Config Options
when:
- - openshift.master.cluster_method == "native"
- l_master_api_proxy.rc == 0
- "'http_proxy' not in openshift.common"
- "'https_proxy' not in openshift.common"
lineinfile:
- dest: /etc/sysconfig/{{ openshift.common.service_type }}-master-api
+ dest: /etc/sysconfig/{{ openshift_service_type }}-master-api
line: "{{ item }}"
with_items: "{{ l_master_api_proxy.stdout_lines | default([]) }}"
- name: Restore Master API AWS Options
when:
- - openshift.master.cluster_method == "native"
- master_api_aws.rc == 0
- not (openshift_cloudprovider_kind is defined and openshift_cloudprovider_kind == 'aws' and openshift_cloudprovider_aws_access_key is defined and openshift_cloudprovider_aws_secret_key is defined)
lineinfile:
- dest: /etc/sysconfig/{{ openshift.common.service_type }}-master-api
+ dest: /etc/sysconfig/{{ openshift_service_type }}-master-api
line: "{{ item }}"
with_items: "{{ master_api_aws.stdout_lines | default([]) }}"
no_log: True
- name: Preserve Master Controllers Proxy Config options
- command: grep PROXY /etc/sysconfig/{{ openshift.common.service_type }}-master-controllers
+ command: grep PROXY /etc/sysconfig/{{ openshift_service_type }}-master-controllers
register: master_controllers_proxy
- when:
- - openshift.master.cluster_method == "native"
failed_when: false
changed_when: false
- name: Preserve Master Controllers AWS options
- command: grep AWS_ /etc/sysconfig/{{ openshift.common.service_type }}-master-controllers
+ command: grep AWS_ /etc/sysconfig/{{ openshift_service_type }}-master-controllers
register: master_controllers_aws
- when:
- - openshift.master.cluster_method == "native"
failed_when: false
changed_when: false
- name: Create the master controllers service env file
template:
src: "{{ ha_svc_template_path }}/atomic-openshift-master-controllers.j2"
- dest: /etc/sysconfig/{{ openshift.common.service_type }}-master-controllers
+ dest: /etc/sysconfig/{{ openshift_service_type }}-master-controllers
backup: true
- when:
- - openshift.master.cluster_method == "native"
notify:
- restart master controllers
- name: Restore Master Controllers Proxy Config Options
lineinfile:
- dest: /etc/sysconfig/{{ openshift.common.service_type }}-master-controllers
+ dest: /etc/sysconfig/{{ openshift_service_type }}-master-controllers
line: "{{ item }}"
with_items: "{{ master_controllers_proxy.stdout_lines | default([]) }}"
when:
- - openshift.master.cluster_method == "native"
- master_controllers_proxy.rc == 0
- "'http_proxy' not in openshift.common"
- "'https_proxy' not in openshift.common"
- name: Restore Master Controllers AWS Options
lineinfile:
- dest: /etc/sysconfig/{{ openshift.common.service_type }}-master-controllers
+ dest: /etc/sysconfig/{{ openshift_service_type }}-master-controllers
line: "{{ item }}"
with_items: "{{ master_controllers_aws.stdout_lines | default([]) }}"
when:
- - openshift.master.cluster_method == "native"
- master_controllers_aws.rc == 0
- not (openshift_cloudprovider_kind is defined and openshift_cloudprovider_kind == 'aws' and openshift_cloudprovider_aws_access_key is defined and openshift_cloudprovider_aws_secret_key is defined)
diff --git a/roles/openshift_master/tasks/upgrade.yml b/roles/openshift_master/tasks/upgrade.yml
new file mode 100644
index 000000000..f84cf2f6e
--- /dev/null
+++ b/roles/openshift_master/tasks/upgrade.yml
@@ -0,0 +1,45 @@
+---
+- include_tasks: upgrade/rpm_upgrade.yml
+ when: not openshift.common.is_containerized | bool
+
+- include_tasks: upgrade/upgrade_scheduler.yml
+
+# master_config_hook is passed in from upgrade play.
+- include_tasks: "upgrade/{{ master_config_hook }}"
+ when: master_config_hook is defined
+
+- include_tasks: journald.yml
+
+- include_tasks: systemd_units.yml
+
+- name: Check for ca-bundle.crt
+ stat:
+ path: "{{ openshift.common.config_base }}/master/ca-bundle.crt"
+ register: ca_bundle_stat
+ failed_when: false
+
+- name: Check for ca.crt
+ stat:
+ path: "{{ openshift.common.config_base }}/master/ca.crt"
+ register: ca_crt_stat
+ failed_when: false
+
+- name: Migrate ca.crt to ca-bundle.crt
+ command: mv ca.crt ca-bundle.crt
+ args:
+ chdir: "{{ openshift.common.config_base }}/master"
+ when: ca_crt_stat.stat.isreg and not ca_bundle_stat.stat.exists
+
+- name: Link ca.crt to ca-bundle.crt
+ file:
+ src: "{{ openshift.common.config_base }}/master/ca-bundle.crt"
+ path: "{{ openshift.common.config_base }}/master/ca.crt"
+ state: link
+ when: ca_crt_stat.stat.isreg and not ca_bundle_stat.stat.exists
+
+- name: Update oreg value
+ yedit:
+ src: "{{ openshift.common.config_base }}/master/master-config.yaml"
+ key: 'imageConfig.format'
+ value: "{{ oreg_url | default(oreg_url_master) }}"
+ when: oreg_url is defined or oreg_url_master is defined
diff --git a/roles/openshift_master/tasks/upgrade/rpm_upgrade.yml b/roles/openshift_master/tasks/upgrade/rpm_upgrade.yml
new file mode 100644
index 000000000..f72710832
--- /dev/null
+++ b/roles/openshift_master/tasks/upgrade/rpm_upgrade.yml
@@ -0,0 +1,22 @@
+---
+# When we update package "a-${version}" and a requires b >= ${version} if we
+# don't specify the version of b yum will choose the latest version of b
+# available and the whole set of dependencies end up at the latest version.
+# Since the package module, unlike the yum module, doesn't flatten a list
+# of packages into one transaction we need to do that explicitly. The ansible
+# core team tells us not to rely on yum module transaction flattening anyway.
+
+# TODO: If the sdn package isn't already installed this will install it, we
+# should fix that
+- name: Upgrade master packages
+ package: name={{ master_pkgs | join(',') }} state=present
+ vars:
+ master_pkgs:
+ - "{{ openshift_service_type }}{{ openshift_pkg_version }}"
+ - "{{ openshift_service_type }}-master{{ openshift_pkg_version }}"
+ - "{{ openshift_service_type }}-node{{ openshift_pkg_version }}"
+ - "{{ openshift_service_type }}-sdn-ovs{{ openshift_pkg_version }}"
+ - "{{ openshift_service_type }}-clients{{ openshift_pkg_version }}"
+ - "tuned-profiles-{{ openshift_service_type }}-node{{ openshift_pkg_version }}"
+ register: result
+ until: result is succeeded
diff --git a/playbooks/common/openshift-cluster/upgrades/upgrade_scheduler.yml b/roles/openshift_master/tasks/upgrade/upgrade_scheduler.yml
index 8558bf3e9..8558bf3e9 100644
--- a/playbooks/common/openshift-cluster/upgrades/upgrade_scheduler.yml
+++ b/roles/openshift_master/tasks/upgrade/upgrade_scheduler.yml
diff --git a/playbooks/common/openshift-cluster/upgrades/v3_6/master_config_upgrade.yml b/roles/openshift_master/tasks/upgrade/v3_6/master_config_upgrade.yml
index db0c8f886..db0c8f886 100644
--- a/playbooks/common/openshift-cluster/upgrades/v3_6/master_config_upgrade.yml
+++ b/roles/openshift_master/tasks/upgrade/v3_6/master_config_upgrade.yml
diff --git a/roles/openshift_master/tasks/upgrade/v3_7/master_config_upgrade.yml b/roles/openshift_master/tasks/upgrade/v3_7/master_config_upgrade.yml
new file mode 100644
index 000000000..1d4d1919c
--- /dev/null
+++ b/roles/openshift_master/tasks/upgrade/v3_7/master_config_upgrade.yml
@@ -0,0 +1,20 @@
+---
+- modify_yaml:
+ dest: "{{ openshift.common.config_base}}/master/master-config.yaml"
+ yaml_key: 'controllerConfig.election.lockName'
+ yaml_value: 'openshift-master-controllers'
+
+- modify_yaml:
+ dest: "{{ openshift.common.config_base}}/master/master-config.yaml"
+ yaml_key: 'controllerConfig.serviceServingCert.signer.certFile'
+ yaml_value: service-signer.crt
+
+- modify_yaml:
+ dest: "{{ openshift.common.config_base}}/master/master-config.yaml"
+ yaml_key: 'controllerConfig.serviceServingCert.signer.keyFile'
+ yaml_value: service-signer.key
+
+- modify_yaml:
+ dest: "{{ openshift.common.config_base }}/master/master-config.yaml"
+ yaml_key: servingInfo.clientCA
+ yaml_value: ca.crt
diff --git a/roles/openshift_master/templates/docker-cluster/atomic-openshift-master-api.service.j2 b/roles/openshift_master/templates/docker-cluster/atomic-openshift-master-api.service.j2
index 5d4a99c97..a56c0340c 100644
--- a/roles/openshift_master/templates/docker-cluster/atomic-openshift-master-api.service.j2
+++ b/roles/openshift_master/templates/docker-cluster/atomic-openshift-master-api.service.j2
@@ -3,35 +3,35 @@ Description=Atomic OpenShift Master API
Documentation=https://github.com/openshift/origin
After=etcd_container.service
Wants=etcd_container.service
-Before={{ openshift.common.service_type }}-node.service
-After={{ openshift.docker.service_name }}.service
-PartOf={{ openshift.docker.service_name }}.service
-Requires={{ openshift.docker.service_name }}.service
+Before={{ openshift_service_type }}-node.service
+After={{ openshift_docker_service_name }}.service
+PartOf={{ openshift_docker_service_name }}.service
+Requires={{ openshift_docker_service_name }}.service
[Service]
-EnvironmentFile=/etc/sysconfig/{{ openshift.common.service_type }}-master-api
+EnvironmentFile=/etc/sysconfig/{{ openshift_service_type }}-master-api
Environment=GOTRACEBACK=crash
-ExecStartPre=-/usr/bin/docker rm -f {{ openshift.common.service_type}}-master-api
+ExecStartPre=-/usr/bin/docker rm -f {{ openshift_service_type}}-master-api
ExecStart=/usr/bin/docker run --rm --privileged --net=host \
- --name {{ openshift.common.service_type }}-master-api \
- --env-file=/etc/sysconfig/{{ openshift.common.service_type }}-master-api \
+ --name {{ openshift_service_type }}-master-api \
+ --env-file=/etc/sysconfig/{{ openshift_service_type }}-master-api \
-v {{ r_openshift_master_data_dir }}:{{ r_openshift_master_data_dir }} \
-v /var/log:/var/log -v /var/run/docker.sock:/var/run/docker.sock \
-v {{ openshift.common.config_base }}:{{ openshift.common.config_base }} \
{% if openshift_cloudprovider_kind | default('') != '' -%} -v {{ openshift.common.config_base }}/cloudprovider:{{ openshift.common.config_base}}/cloudprovider {% endif -%} \
-v /etc/pki:/etc/pki:ro \
{% if l_bind_docker_reg_auth | default(False) %} -v {{ oreg_auth_credentials_path }}:/root/.docker:ro{% endif %}\
- {{ openshift.master.master_image }}:${IMAGE_VERSION} start master api \
+ {{ osm_image }}:${IMAGE_VERSION} start master api \
--config=${CONFIG_FILE} $OPTIONS
ExecStartPost=/usr/bin/sleep 10
-ExecStop=/usr/bin/docker stop {{ openshift.common.service_type }}-master-api
+ExecStop=/usr/bin/docker stop {{ openshift_service_type }}-master-api
LimitNOFILE=131072
LimitCORE=infinity
WorkingDirectory={{ r_openshift_master_data_dir }}
-SyslogIdentifier={{ openshift.common.service_type }}-master-api
+SyslogIdentifier={{ openshift_service_type }}-master-api
Restart=always
RestartSec=5s
[Install]
-WantedBy={{ openshift.docker.service_name }}.service
-WantedBy={{ openshift.common.service_type }}-node.service
+WantedBy={{ openshift_docker_service_name }}.service
+WantedBy={{ openshift_service_type }}-node.service
diff --git a/roles/openshift_master/templates/docker-cluster/atomic-openshift-master-controllers.service.j2 b/roles/openshift_master/templates/docker-cluster/atomic-openshift-master-controllers.service.j2
index f93f3b565..79171d511 100644
--- a/roles/openshift_master/templates/docker-cluster/atomic-openshift-master-controllers.service.j2
+++ b/roles/openshift_master/templates/docker-cluster/atomic-openshift-master-controllers.service.j2
@@ -1,35 +1,35 @@
[Unit]
Description=Atomic OpenShift Master Controllers
Documentation=https://github.com/openshift/origin
-Wants={{ openshift.common.service_type }}-master-api.service
-After={{ openshift.common.service_type }}-master-api.service
-After={{ openshift.docker.service_name }}.service
-Requires={{ openshift.docker.service_name }}.service
-PartOf={{ openshift.docker.service_name }}.service
+Wants={{ openshift_service_type }}-master-api.service
+After={{ openshift_service_type }}-master-api.service
+After={{ openshift_docker_service_name }}.service
+Requires={{ openshift_docker_service_name }}.service
+PartOf={{ openshift_docker_service_name }}.service
[Service]
-EnvironmentFile=/etc/sysconfig/{{ openshift.common.service_type }}-master-controllers
+EnvironmentFile=/etc/sysconfig/{{ openshift_service_type }}-master-controllers
Environment=GOTRACEBACK=crash
-ExecStartPre=-/usr/bin/docker rm -f {{ openshift.common.service_type}}-master-controllers
+ExecStartPre=-/usr/bin/docker rm -f {{ openshift_service_type}}-master-controllers
ExecStart=/usr/bin/docker run --rm --privileged --net=host \
- --name {{ openshift.common.service_type }}-master-controllers \
- --env-file=/etc/sysconfig/{{ openshift.common.service_type }}-master-controllers \
+ --name {{ openshift_service_type }}-master-controllers \
+ --env-file=/etc/sysconfig/{{ openshift_service_type }}-master-controllers \
-v {{ r_openshift_master_data_dir }}:{{ r_openshift_master_data_dir }} \
-v /var/run/docker.sock:/var/run/docker.sock \
-v {{ openshift.common.config_base }}:{{ openshift.common.config_base }} \
{% if openshift_cloudprovider_kind | default('') != '' -%} -v {{ openshift.common.config_base }}/cloudprovider:{{ openshift.common.config_base}}/cloudprovider {% endif -%} \
-v /etc/pki:/etc/pki:ro \
{% if l_bind_docker_reg_auth | default(False) %} -v {{ oreg_auth_credentials_path }}:/root/.docker:ro{% endif %}\
- {{ openshift.master.master_image }}:${IMAGE_VERSION} start master controllers \
+ {{ osm_image }}:${IMAGE_VERSION} start master controllers \
--config=${CONFIG_FILE} $OPTIONS
ExecStartPost=/usr/bin/sleep 10
-ExecStop=/usr/bin/docker stop {{ openshift.common.service_type }}-master-controllers
+ExecStop=/usr/bin/docker stop {{ openshift_service_type }}-master-controllers
LimitNOFILE=131072
LimitCORE=infinity
WorkingDirectory={{ r_openshift_master_data_dir }}
-SyslogIdentifier={{ openshift.common.service_type }}-master-controllers
+SyslogIdentifier={{ openshift_service_type }}-master-controllers
Restart=always
RestartSec=5s
[Install]
-WantedBy={{ openshift.docker.service_name }}.service
+WantedBy={{ openshift_docker_service_name }}.service
diff --git a/roles/openshift_master/templates/htpasswd.j2 b/roles/openshift_master/templates/htpasswd.j2
index ba2c02e20..7e2e05076 100644
--- a/roles/openshift_master/templates/htpasswd.j2
+++ b/roles/openshift_master/templates/htpasswd.j2
@@ -1,5 +1,5 @@
{% if 'htpasswd_users' in openshift.master %}
-{% for user,pass in openshift.master.htpasswd_users.iteritems() %}
+{% for user,pass in openshift.master.htpasswd_users.items() %}
{{ user ~ ':' ~ pass }}
{% endfor %}
{% endif %}
diff --git a/roles/openshift_master/templates/master.yaml.v1.j2 b/roles/openshift_master/templates/master.yaml.v1.j2
index c83fc9fbb..c224ad714 100644
--- a/roles/openshift_master/templates/master.yaml.v1.j2
+++ b/roles/openshift_master/templates/master.yaml.v1.j2
@@ -1,11 +1,8 @@
admissionConfig:
{% if 'admission_plugin_config' in openshift.master %}
- pluginConfig:{{ openshift.master.admission_plugin_config | to_padded_yaml(level=2) }}
+ pluginConfig:{{ openshift.master.admission_plugin_config | lib_utils_to_padded_yaml(level=2) }}
{% endif %}
apiLevels:
-{% if not openshift.common.version_gte_3_1_or_1_1 | bool %}
-- v1beta3
-{% endif %}
- v1
apiVersion: v1
assetConfig:
@@ -19,13 +16,13 @@ assetConfig:
metricsPublicURL: {{ openshift_hosted_metrics_deploy_url }}
{% endif %}
{% if 'extension_scripts' in openshift.master %}
- extensionScripts: {{ openshift.master.extension_scripts | to_padded_yaml(1, 2) }}
+ extensionScripts: {{ openshift.master.extension_scripts | lib_utils_to_padded_yaml(1, 2) }}
{% endif %}
{% if 'extension_stylesheets' in openshift.master %}
- extensionStylesheets: {{ openshift.master.extension_stylesheets | to_padded_yaml(1, 2) }}
+ extensionStylesheets: {{ openshift.master.extension_stylesheets | lib_utils_to_padded_yaml(1, 2) }}
{% endif %}
{% if 'extensions' in openshift.master %}
- extensions: {{ openshift.master.extensions | to_padded_yaml(1, 2) }}
+ extensions: {{ openshift.master.extensions | lib_utils_to_padded_yaml(1, 2) }}
{% endif %}
servingInfo:
bindAddress: {{ openshift.master.bind_addr }}:{{ openshift.master.console_port }}
@@ -44,10 +41,9 @@ assetConfig:
- {{ cipher_suite }}
{% endfor %}
{% endif %}
-{% if openshift.master.audit_config | default(none) is not none and openshift.common.version_gte_3_2_or_1_2 | bool %}
-auditConfig:{{ openshift.master.audit_config | to_padded_yaml(level=1) }}
+{% if openshift.master.audit_config | default(none) is not none %}
+auditConfig:{{ openshift.master.audit_config | lib_utils_to_padded_yaml(level=1) }}
{% endif %}
-{% if openshift.common.version_gte_3_3_or_1_3 | bool %}
controllerConfig:
election:
lockName: openshift-master-controllers
@@ -55,60 +51,31 @@ controllerConfig:
signer:
certFile: service-signer.crt
keyFile: service-signer.key
-{% endif %}
controllers: '*'
corsAllowedOrigins:
# anchor with start (\A) and end (\z) of the string, make the check case insensitive ((?i)) and escape hostname
{% for origin in ['127.0.0.1', 'localhost', openshift.common.ip, openshift.common.public_ip] | union(openshift.common.all_hostnames) | unique %}
- - (?i)\A{{ origin | regex_escape() }}\z
+ - (?i)//{{ origin | regex_escape() }}(:|\z)
{% endfor %}
{% for custom_origin in openshift.master.custom_cors_origins | default("") %}
- - (?i)\A{{ custom_origin | regex_escape() }}\z
+ - (?i)//{{ custom_origin | regex_escape() }}(:|\z)
{% endfor %}
{% if 'disabled_features' in openshift.master %}
disabledFeatures: {{ openshift.master.disabled_features | to_json }}
{% endif %}
{% if openshift.master.embedded_dns | bool %}
dnsConfig:
- bindAddress: {{ openshift.master.bind_addr }}:{{ openshift.master.dns_port }}
+ bindAddress: {{ openshift.master.bind_addr }}:{{ openshift_master_dns_port }}
bindNetwork: tcp4
{% endif %}
etcdClientInfo:
-{% if openshift.common.version_gte_3_2_or_1_2 | bool %}
- ca: {{ "ca-bundle.crt" if (openshift.master.embedded_etcd | bool) else "master.etcd-ca.crt" }}
-{% else %}
- ca: {{ "ca.crt" if (openshift.master.embedded_etcd | bool) else "master.etcd-ca.crt" }}
-{% endif %}
+ ca: master.etcd-ca.crt
certFile: master.etcd-client.crt
keyFile: master.etcd-client.key
urls:
{% for etcd_url in openshift.master.etcd_urls %}
- {{ etcd_url }}
{% endfor %}
-{% if openshift.master.embedded_etcd | bool %}
-etcdConfig:
- address: {{ openshift.common.hostname }}:{{ openshift.master.etcd_port }}
- peerAddress: {{ openshift.common.hostname }}:7001
- peerServingInfo:
- bindAddress: {{ openshift.master.bind_addr }}:7001
- certFile: etcd.server.crt
-{% if openshift.common.version_gte_3_2_or_1_2 | bool %}
- clientCA: ca-bundle.crt
-{% else %}
- clientCA: ca.crt
-{% endif %}
- keyFile: etcd.server.key
- servingInfo:
- bindAddress: {{ openshift.master.bind_addr }}:{{ openshift.master.etcd_port }}
- certFile: etcd.server.crt
-{% if openshift.common.version_gte_3_2_or_1_2 | bool %}
- clientCA: ca-bundle.crt
-{% else %}
- clientCA: ca.crt
-{% endif %}
- keyFile: etcd.server.key
- storageDirectory: {{ r_openshift_master_data_dir }}/openshift.local.etcd
-{% endif %}
etcdStorageConfig:
kubernetesStoragePrefix: kubernetes.io
kubernetesStorageVersion: v1
@@ -118,41 +85,32 @@ imageConfig:
format: {{ openshift.master.registry_url }}
latest: {{ openshift_master_image_config_latest }}
{% if 'image_policy_config' in openshift.master %}
-imagePolicyConfig:{{ openshift.master.image_policy_config | to_padded_yaml(level=1) }}
+imagePolicyConfig:{{ openshift.master.image_policy_config | lib_utils_to_padded_yaml(level=1) }}
{% endif %}
kind: MasterConfig
kubeletClientInfo:
{# TODO: allow user specified kubelet port #}
-{% if openshift.common.version_gte_3_2_or_1_2 | bool %}
ca: ca-bundle.crt
-{% else %}
- ca: ca.crt
-{% endif %}
certFile: master.kubelet-client.crt
keyFile: master.kubelet-client.key
port: 10250
{% if openshift.master.embedded_kube | bool %}
kubernetesMasterConfig:
-{% if not openshift.common.version_gte_3_1_or_1_1 | bool %}
- apiLevels:
- - v1beta3
- - v1
-{% endif %}
- apiServerArguments: {{ openshift.master.api_server_args | default(None) | to_padded_yaml( level=2 ) }}
+ apiServerArguments: {{ openshift.master.api_server_args | default(None) | lib_utils_to_padded_yaml( level=2 ) }}
{% if r_openshift_master_etcd3_storage or ( r_openshift_master_clean_install and openshift.common.version_gte_3_6 ) %}
storage-backend:
- etcd3
storage-media-type:
- application/vnd.kubernetes.protobuf
{% endif %}
- controllerArguments: {{ openshift.master.controller_args | default(None) | to_padded_yaml( level=2 ) }}
- masterCount: {{ openshift.master.master_count if openshift.master.cluster_method | default(None) == 'native' else 1 }}
+ controllerArguments: {{ openshift.master.controller_args | default(None) | lib_utils_to_padded_yaml( level=2 ) }}
+ masterCount: {{ openshift.master.master_count }}
masterIP: {{ openshift.common.ip }}
podEvictionTimeout: {{ openshift.master.pod_eviction_timeout | default("") }}
proxyClientInfo:
certFile: master.proxy-client.crt
keyFile: master.proxy-client.key
- schedulerArguments: {{ openshift_master_scheduler_args | default(None) | to_padded_yaml( level=3 ) }}
+ schedulerArguments: {{ openshift_master_scheduler_args | default(None) | lib_utils_to_padded_yaml( level=3 ) }}
schedulerConfigFile: {{ openshift_master_scheduler_conf }}
servicesNodePortRange: "{{ openshift_node_port_range | default("") }}"
servicesSubnet: {{ openshift.common.portal_net }}
@@ -160,21 +118,17 @@ kubernetesMasterConfig:
{% endif %}
masterClients:
{# TODO: allow user to set externalKubernetesKubeConfig #}
-{% if openshift.common.version_gte_3_3_or_1_3 | bool %}
externalKubernetesClientConnectionOverrides:
acceptContentTypes: application/vnd.kubernetes.protobuf,application/json
contentType: application/vnd.kubernetes.protobuf
burst: {{ openshift_master_external_ratelimit_burst | default(400) }}
qps: {{ openshift_master_external_ratelimit_qps | default(200) }}
-{% endif %}
externalKubernetesKubeConfig: ""
-{% if openshift.common.version_gte_3_3_or_1_3 | bool %}
openshiftLoopbackClientConnectionOverrides:
acceptContentTypes: application/vnd.kubernetes.protobuf,application/json
contentType: application/vnd.kubernetes.protobuf
burst: {{ openshift_master_loopback_ratelimit_burst | default(600) }}
qps: {{ openshift_master_loopback_ratelimit_qps | default(300) }}
-{% endif %}
openshiftLoopbackKubeConfig: openshift-master.kubeconfig
masterPublicURL: {{ openshift.master.public_api_url }}
networkConfig:
@@ -190,7 +144,7 @@ networkConfig:
{% endif %}
# serviceNetworkCIDR must match kubernetesMasterConfig.servicesSubnet
serviceNetworkCIDR: {{ openshift.common.portal_net }}
- externalIPNetworkCIDRs: {{ openshift_master_external_ip_network_cidrs | default(["0.0.0.0/0"]) | to_padded_yaml(1,2) }}
+ externalIPNetworkCIDRs: {{ openshift_master_external_ip_network_cidrs | default(["0.0.0.0/0"]) | lib_utils_to_padded_yaml(1,2) }}
{% if openshift_master_ingress_ip_network_cidr is defined %}
ingressIPNetworkCIDR: {{ openshift_master_ingress_ip_network_cidr }}
{% endif %}
@@ -199,7 +153,7 @@ oauthConfig:
alwaysShowProviderSelection: {{ openshift.master.oauth_always_show_provider_selection }}
{% endif %}
{% if 'oauth_templates' in openshift.master %}
- templates:{{ openshift.master.oauth_templates | to_padded_yaml(level=2) }}
+ templates:{{ openshift.master.oauth_templates | lib_utils_to_padded_yaml(level=2) }}
{% endif %}
assetPublicURL: {{ openshift.master.public_console_url }}/
grantConfig:
@@ -208,11 +162,7 @@ oauthConfig:
{% for line in translated_identity_providers.splitlines() %}
{{ line }}
{% endfor %}
-{% if openshift.common.version_gte_3_2_or_1_2 | bool %}
masterCA: ca-bundle.crt
-{% else %}
- masterCA: ca.crt
-{% endif %}
masterPublicURL: {{ openshift.master.public_api_url }}
masterURL: {{ openshift.master.api_url }}
sessionConfig:
@@ -230,26 +180,22 @@ policyConfig:
openshiftInfrastructureNamespace: openshift-infra
openshiftSharedResourcesNamespace: openshift
projectConfig:
- defaultNodeSelector: "{{ openshift.master.default_node_selector }}"
- projectRequestMessage: "{{ openshift.master.project_request_message }}"
- projectRequestTemplate: "{{ openshift.master.project_request_template }}"
+ defaultNodeSelector: "{{ osm_default_node_selector }}"
+ projectRequestMessage: "{{ osm_project_request_message }}"
+ projectRequestTemplate: "{{ osm_project_request_template }}"
securityAllocator:
- mcsAllocatorRange: "{{ openshift.master.mcs_allocator_range }}"
- mcsLabelsPerProject: {{ openshift.master.mcs_labels_per_project }}
- uidAllocatorRange: "{{ openshift.master.uid_allocator_range }}"
+ mcsAllocatorRange: "{{ osm_mcs_allocator_range }}"
+ mcsLabelsPerProject: {{ osm_mcs_labels_per_project }}
+ uidAllocatorRange: "{{ osm_uid_allocator_range }}"
routingConfig:
- subdomain: "{{ openshift_master_default_subdomain | default("") }}"
+ subdomain: "{{ openshift_master_default_subdomain }}"
serviceAccountConfig:
limitSecretReferences: {{ openshift_master_saconfig_limitsecretreferences | default(false) }}
managedNames:
- default
- builder
- deployer
-{% if openshift.common.version_gte_3_2_or_1_2 | bool %}
masterCA: ca-bundle.crt
-{% else %}
- masterCA: ca.crt
-{% endif %}
privateKeyFile: serviceaccounts.private.key
publicKeyFiles:
- serviceaccounts.public.key
diff --git a/roles/openshift_master/templates/native-cluster/atomic-openshift-master-api.service.j2 b/roles/openshift_master/templates/native-cluster/atomic-openshift-master-api.service.j2
index 02bfd6f62..ed8a47df8 100644
--- a/roles/openshift_master/templates/native-cluster/atomic-openshift-master-api.service.j2
+++ b/roles/openshift_master/templates/native-cluster/atomic-openshift-master-api.service.j2
@@ -3,12 +3,12 @@ Description=Atomic OpenShift Master API
Documentation=https://github.com/openshift/origin
After=network-online.target
After=etcd.service
-Before={{ openshift.common.service_type }}-node.service
+Before={{ openshift_service_type }}-node.service
Requires=network-online.target
[Service]
Type=notify
-EnvironmentFile=/etc/sysconfig/{{ openshift.common.service_type }}-master-api
+EnvironmentFile=/etc/sysconfig/{{ openshift_service_type }}-master-api
Environment=GOTRACEBACK=crash
ExecStart=/usr/bin/openshift start master api --config=${CONFIG_FILE} $OPTIONS
LimitNOFILE=131072
@@ -20,4 +20,4 @@ RestartSec=5s
[Install]
WantedBy=multi-user.target
-WantedBy={{ openshift.common.service_type }}-node.service
+WantedBy={{ openshift_service_type }}-node.service
diff --git a/roles/openshift_master/templates/native-cluster/atomic-openshift-master-controllers.service.j2 b/roles/openshift_master/templates/native-cluster/atomic-openshift-master-controllers.service.j2
index e284413f7..b36963f73 100644
--- a/roles/openshift_master/templates/native-cluster/atomic-openshift-master-controllers.service.j2
+++ b/roles/openshift_master/templates/native-cluster/atomic-openshift-master-controllers.service.j2
@@ -2,23 +2,19 @@
Description=Atomic OpenShift Master Controllers
Documentation=https://github.com/openshift/origin
After=network-online.target
-After={{ openshift.common.service_type }}-master-api.service
-Wants={{ openshift.common.service_type }}-master-api.service
+After={{ openshift_service_type }}-master-api.service
+Wants={{ openshift_service_type }}-master-api.service
Requires=network-online.target
[Service]
-{% if openshift.common.version_gte_3_1_1_or_1_1_1 | bool %}
Type=notify
-{% else %}
-Type=simple
-{% endif %}
-EnvironmentFile=/etc/sysconfig/{{ openshift.common.service_type }}-master-controllers
+EnvironmentFile=/etc/sysconfig/{{ openshift_service_type }}-master-controllers
Environment=GOTRACEBACK=crash
ExecStart=/usr/bin/openshift start master controllers --config=${CONFIG_FILE} $OPTIONS
LimitNOFILE=131072
LimitCORE=infinity
WorkingDirectory={{ r_openshift_master_data_dir }}
-SyslogIdentifier={{ openshift.common.service_type }}-master-controllers
+SyslogIdentifier={{ openshift_service_type }}-master-controllers
Restart=always
RestartSec=5s
diff --git a/roles/openshift_master/vars/main.yml b/roles/openshift_master/vars/main.yml
deleted file mode 100644
index 0c681c764..000000000
--- a/roles/openshift_master/vars/main.yml
+++ /dev/null
@@ -1,41 +0,0 @@
----
-openshift_master_loopback_config: "{{ openshift_master_config_dir }}/openshift-master.kubeconfig"
-loopback_context_string: "current-context: {{ openshift.master.loopback_context_name }}"
-openshift_master_session_secrets_file: "{{ openshift_master_config_dir }}/session-secrets.yaml"
-openshift_master_policy: "{{ openshift_master_config_dir }}/policy.json"
-
-scheduler_config:
- kind: Policy
- apiVersion: v1
- predicates: "{{ openshift_master_scheduler_predicates
- | default(openshift_master_scheduler_current_predicates
- | default(openshift_master_scheduler_default_predicates)) }}"
- priorities: "{{ openshift_master_scheduler_priorities
- | default(openshift_master_scheduler_current_priorities
- | default(openshift_master_scheduler_default_priorities)) }}"
-
-openshift_master_valid_grant_methods:
-- auto
-- prompt
-- deny
-
-openshift_master_is_scaleup_host: False
-
-# These defaults assume forcing journald persistence, fsync to disk once
-# a second, rate-limiting to 10,000 logs a second, no forwarding to
-# syslog or wall, using 8GB of disk space maximum, using 10MB journal
-# files, keeping only a days worth of logs per journal file, and
-# retaining journal files no longer than a month.
-journald_vars_to_replace:
-- { var: Storage, val: persistent }
-- { var: Compress, val: yes }
-- { var: SyncIntervalSec, val: 1s }
-- { var: RateLimitInterval, val: 1s }
-- { var: RateLimitBurst, val: 10000 }
-- { var: SystemMaxUse, val: 8G }
-- { var: SystemKeepFree, val: 20% }
-- { var: SystemMaxFileSize, val: 10M }
-- { var: MaxRetentionSec, val: 1month }
-- { var: MaxFileSec, val: 1day }
-- { var: ForwardToSyslog, val: no }
-- { var: ForwardToWall, val: no }
diff --git a/roles/openshift_master_certificates/meta/main.yml b/roles/openshift_master_certificates/meta/main.yml
index 300b2cbff..e7d9f5bba 100644
--- a/roles/openshift_master_certificates/meta/main.yml
+++ b/roles/openshift_master_certificates/meta/main.yml
@@ -12,4 +12,5 @@ galaxy_info:
categories:
- cloud
- system
-dependencies: []
+dependencies:
+- role: lib_utils
diff --git a/roles/openshift_master_certificates/tasks/main.yml b/roles/openshift_master_certificates/tasks/main.yml
index d9ffb1b6f..273414f8d 100644
--- a/roles/openshift_master_certificates/tasks/main.yml
+++ b/roles/openshift_master_certificates/tasks/main.yml
@@ -3,7 +3,7 @@
openshift_master_certs_no_etcd:
- admin.crt
- master.kubelet-client.crt
- - "{{ 'master.proxy-client.crt' if openshift.common.version_gte_3_1_or_1_1 else omit }}"
+ - master.proxy-client.crt
- master.server.crt
- openshift-master.crt
- openshift-registry.crt
@@ -27,7 +27,7 @@
master_certs_missing: "{{ true if openshift_certificates_redeploy | default(false) | bool
else (False in (g_master_cert_stat_result.results
| default({})
- | oo_collect(attribute='stat.exists')
+ | lib_utils_oo_collect(attribute='stat.exists')
| list)) }}"
- name: Ensure the generated_configs directory present
@@ -48,26 +48,24 @@
- name: Create the master server certificate
command: >
{{ hostvars[openshift_ca_host].openshift.common.client_binary }} adm ca create-server-cert
- {% for named_ca_certificate in openshift.master.named_certificates | default([]) | oo_collect('cafile') %}
+ {% for named_ca_certificate in openshift.master.named_certificates | default([]) | lib_utils_oo_collect('cafile') %}
--certificate-authority {{ named_ca_certificate }}
{% endfor %}
- {% for legacy_ca_certificate in g_master_legacy_ca_result.files | default([]) | oo_collect('path') %}
+ {% for legacy_ca_certificate in g_master_legacy_ca_result.files | default([]) | lib_utils_oo_collect('path') %}
--certificate-authority {{ legacy_ca_certificate }}
{% endfor %}
--hostnames={{ hostvars[item].openshift.common.all_hostnames | join(',') }}
--cert={{ openshift_generated_configs_dir }}/master-{{ hostvars[item].openshift.common.hostname }}/master.server.crt
--key={{ openshift_generated_configs_dir }}/master-{{ hostvars[item].openshift.common.hostname }}/master.server.key
- {% if openshift_version | oo_version_gte_3_5_or_1_5(openshift.common.deployment_type) | bool %}
--expire-days={{ openshift_master_cert_expire_days }}
- {% endif %}
--signer-cert={{ openshift_ca_cert }}
--signer-key={{ openshift_ca_key }}
--signer-serial={{ openshift_ca_serial }}
--overwrite=false
when: item != openshift_ca_host
with_items: "{{ hostvars
- | oo_select_keys(groups['oo_masters_to_config'])
- | oo_collect(attribute='inventory_hostname', filters={'master_certs_missing':True}) }}"
+ | lib_utils_oo_select_keys(groups['oo_masters_to_config'])
+ | lib_utils_oo_collect(attribute='inventory_hostname', filters={'master_certs_missing':True}) }}"
delegate_to: "{{ openshift_ca_host }}"
run_once: true
@@ -75,7 +73,7 @@
command: >
{{ hostvars[openshift_ca_host].openshift.common.client_binary }} adm create-api-client-config
--certificate-authority={{ openshift_ca_cert }}
- {% for named_ca_certificate in openshift.master.named_certificates | default([]) | oo_collect('cafile') %}
+ {% for named_ca_certificate in openshift.master.named_certificates | default([]) | lib_utils_oo_collect('cafile') %}
--certificate-authority {{ named_ca_certificate }}
{% endfor %}
--client-dir={{ openshift_generated_configs_dir }}/master-{{ hostvars[item].openshift.common.hostname }}
@@ -87,14 +85,12 @@
--signer-serial={{ openshift_ca_serial }}
--user=system:openshift-master
--basename=openshift-master
- {% if openshift_version | oo_version_gte_3_5_or_1_5(openshift.common.deployment_type) | bool %}
--expire-days={{ openshift_master_cert_expire_days }}
- {% endif %}
args:
creates: "{{ openshift_generated_configs_dir }}/master-{{ hostvars[item].openshift.common.hostname }}/openshift-master.kubeconfig"
with_items: "{{ hostvars
- | oo_select_keys(groups['oo_masters_to_config'])
- | oo_collect(attribute='inventory_hostname', filters={'master_certs_missing':True}) }}"
+ | lib_utils_oo_select_keys(groups['oo_masters_to_config'])
+ | lib_utils_oo_collect(attribute='inventory_hostname', filters={'master_certs_missing':True}) }}"
when: item != openshift_ca_host
delegate_to: "{{ openshift_ca_host }}"
run_once: true
diff --git a/roles/openshift_master_cluster/README.md b/roles/openshift_master_cluster/README.md
deleted file mode 100644
index 58dd19ac3..000000000
--- a/roles/openshift_master_cluster/README.md
+++ /dev/null
@@ -1,34 +0,0 @@
-OpenShift Master Cluster
-========================
-
-TODO
-
-Requirements
-------------
-
-* Ansible 2.2
-
-Role Variables
---------------
-
-TODO
-
-Dependencies
-------------
-
-TODO
-
-Example Playbook
-----------------
-
-TODO
-
-License
--------
-
-Apache License Version 2.0
-
-Author Information
-------------------
-
-Jason DeTiberus (jdetiber@redhat.com)
diff --git a/roles/openshift_master_cluster/meta/main.yml b/roles/openshift_master_cluster/meta/main.yml
deleted file mode 100644
index c452b165e..000000000
--- a/roles/openshift_master_cluster/meta/main.yml
+++ /dev/null
@@ -1,15 +0,0 @@
----
-galaxy_info:
- author: Jason DeTiberus
- description:
- company: Red Hat, Inc.
- license: Apache License, Version 2.0
- min_ansible_version: 2.2
- platforms:
- - name: EL
- versions:
- - 7
- categories:
- - cloud
- - system
-dependencies: []
diff --git a/roles/openshift_master_cluster/tasks/configure.yml b/roles/openshift_master_cluster/tasks/configure.yml
deleted file mode 100644
index 1b94598dd..000000000
--- a/roles/openshift_master_cluster/tasks/configure.yml
+++ /dev/null
@@ -1,43 +0,0 @@
----
-- fail:
- msg: This role requires that openshift_master_cluster_vip is set
- when: openshift_master_cluster_vip is not defined or not openshift_master_cluster_vip
-- fail:
- msg: This role requires that openshift_master_cluster_public_vip is set
- when: openshift_master_cluster_public_vip is not defined or not openshift_master_cluster_public_vip
-
-- name: Authenticate to the cluster
- command: pcs cluster auth -u hacluster -p {{ openshift_master_cluster_password }} {{ omc_cluster_hosts }}
-
-- name: Create the cluster
- command: pcs cluster setup --name openshift_master {{ omc_cluster_hosts }}
-
-- name: Start the cluster
- command: pcs cluster start --all
-
-- name: Enable the cluster on all nodes
- command: pcs cluster enable --all
-
-- name: Set default resource stickiness
- command: pcs resource defaults resource-stickiness=100
-
-- name: Add the cluster VIP resource
- command: pcs resource create virtual-ip IPaddr2 ip={{ openshift_master_cluster_vip }} --group {{ openshift.common.service_type }}-master
-
-- name: Add the cluster public VIP resource
- command: pcs resource create virtual-ip IPaddr2 ip={{ openshift_master_cluster_public_vip }} --group {{ openshift.common.service_type }}-master
- when: openshift_master_cluster_public_vip != openshift_master_cluster_vip
-
-- name: Add the cluster master service resource
- command: pcs resource create master systemd:{{ openshift.common.service_type }}-master op start timeout=90s stop timeout=90s --group {{ openshift.common.service_type }}-master
-
-- name: Disable stonith
- command: pcs property set stonith-enabled=false
-
-- name: Wait for the clustered master service to be available
- wait_for:
- host: "{{ openshift_master_cluster_vip }}"
- port: "{{ openshift.master.api_port }}"
- state: started
- timeout: 180
- delay: 90
diff --git a/roles/openshift_master_cluster/tasks/main.yml b/roles/openshift_master_cluster/tasks/main.yml
deleted file mode 100644
index 0543872c9..000000000
--- a/roles/openshift_master_cluster/tasks/main.yml
+++ /dev/null
@@ -1,18 +0,0 @@
----
-- fail:
- msg: "Not possible on atomic hosts for now"
- when: openshift.common.is_containerized | bool
-
-- fail:
- msg: "Pacemaker HA is unsupported on OpenShift Enterprise 3.2 and Origin 1.2"
- when: openshift.master.cluster_method == "pacemaker" and openshift.common.version_gte_3_2_or_1_2 | bool
-
-- name: Test if cluster is already configured
- command: pcs status
- register: pcs_status
- changed_when: false
- failed_when: false
- when: openshift.master.cluster_method == "pacemaker"
-
-- include: configure.yml
- when: "pcs_status | failed and 'Error: cluster is not currently running on this node' in pcs_status.stderr"
diff --git a/roles/openshift_master_facts/defaults/main.yml b/roles/openshift_master_facts/defaults/main.yml
index d0dcdae4b..a89f48afa 100644
--- a/roles/openshift_master_facts/defaults/main.yml
+++ b/roles/openshift_master_facts/defaults/main.yml
@@ -1,5 +1,4 @@
---
-openshift_master_default_subdomain: "router.default.svc.cluster.local"
openshift_master_admission_plugin_config:
openshift.io/ImagePolicy:
configuration:
diff --git a/roles/openshift_master_facts/filter_plugins/oo_filters.py b/roles/openshift_master_facts/filter_plugins/oo_filters.py
deleted file mode 120000
index 6f9bc47c1..000000000
--- a/roles/openshift_master_facts/filter_plugins/oo_filters.py
+++ /dev/null
@@ -1 +0,0 @@
-../../../filter_plugins/oo_filters.py \ No newline at end of file
diff --git a/roles/openshift_master_facts/filter_plugins/openshift_master.py b/roles/openshift_master_facts/filter_plugins/openshift_master.py
index a4f410296..ff15f693b 100644
--- a/roles/openshift_master_facts/filter_plugins/openshift_master.py
+++ b/roles/openshift_master_facts/filter_plugins/openshift_master.py
@@ -326,10 +326,8 @@ class IdentityProviderOauthBase(IdentityProviderBase):
self._required += [['clientID', 'client_id'], ['clientSecret', 'client_secret']]
def validate(self):
- ''' validate this idp instance '''
- if self.challenge:
- raise errors.AnsibleFilterError("|failed provider {0} does not "
- "allow challenge authentication".format(self.__class__.__name__))
+ ''' validate an instance of this idp class '''
+ pass
class OpenIDIdentityProvider(IdentityProviderOauthBase):
@@ -428,6 +426,12 @@ class GoogleIdentityProvider(IdentityProviderOauthBase):
IdentityProviderOauthBase.__init__(self, api_version, idp)
self._optional += [['hostedDomain', 'hosted_domain']]
+ def validate(self):
+ ''' validate this idp instance '''
+ if self.challenge:
+ raise errors.AnsibleFilterError("|failed provider {0} does not "
+ "allow challenge authentication".format(self.__class__.__name__))
+
class GitHubIdentityProvider(IdentityProviderOauthBase):
""" GitHubIdentityProvider
@@ -446,6 +450,12 @@ class GitHubIdentityProvider(IdentityProviderOauthBase):
self._optional += [['organizations'],
['teams']]
+ def validate(self):
+ ''' validate this idp instance '''
+ if self.challenge:
+ raise errors.AnsibleFilterError("|failed provider {0} does not "
+ "allow challenge authentication".format(self.__class__.__name__))
+
class FilterModule(object):
''' Custom ansible filters for use by the openshift_master role'''
@@ -475,31 +485,6 @@ class FilterModule(object):
Dumper=AnsibleDumper))
@staticmethod
- def validate_pcs_cluster(data, masters=None):
- ''' Validates output from "pcs status", ensuring that each master
- provided is online.
- Ex: data = ('...',
- 'PCSD Status:',
- 'master1.example.com: Online',
- 'master2.example.com: Online',
- 'master3.example.com: Online',
- '...')
- masters = ['master1.example.com',
- 'master2.example.com',
- 'master3.example.com']
- returns True
- '''
- if not issubclass(type(data), string_types):
- raise errors.AnsibleFilterError("|failed expects data is a string or unicode")
- if not issubclass(type(masters), list):
- raise errors.AnsibleFilterError("|failed expects masters is a list")
- valid = True
- for master in masters:
- if "{0}: Online".format(master) not in data:
- valid = False
- return valid
-
- @staticmethod
def certificates_to_synchronize(hostvars, include_keys=True, include_ca=True):
''' Return certificates to synchronize based on facts. '''
if not issubclass(type(hostvars), dict):
@@ -508,29 +493,16 @@ class FilterModule(object):
'admin.key',
'admin.kubeconfig',
'master.kubelet-client.crt',
- 'master.kubelet-client.key']
+ 'master.kubelet-client.key',
+ 'master.proxy-client.crt',
+ 'master.proxy-client.key',
+ 'service-signer.crt',
+ 'service-signer.key']
if bool(include_ca):
- certs += ['ca.crt', 'ca.key', 'ca-bundle.crt']
+ certs += ['ca.crt', 'ca.key', 'ca-bundle.crt', 'client-ca-bundle.crt']
if bool(include_keys):
certs += ['serviceaccounts.private.key',
'serviceaccounts.public.key']
- if bool(hostvars['openshift']['common']['version_gte_3_1_or_1_1']):
- certs += ['master.proxy-client.crt',
- 'master.proxy-client.key']
- if not bool(hostvars['openshift']['common']['version_gte_3_2_or_1_2']):
- certs += ['openshift-master.crt',
- 'openshift-master.key',
- 'openshift-master.kubeconfig']
- if bool(hostvars['openshift']['common']['version_gte_3_3_or_1_3']):
- certs += ['service-signer.crt',
- 'service-signer.key']
- if not bool(hostvars['openshift']['common']['version_gte_3_5_or_1_5']):
- certs += ['openshift-registry.crt',
- 'openshift-registry.key',
- 'openshift-registry.kubeconfig',
- 'openshift-router.crt',
- 'openshift-router.key',
- 'openshift-router.kubeconfig']
return certs
@staticmethod
@@ -556,6 +528,5 @@ class FilterModule(object):
def filters(self):
''' returns a mapping of filters to methods '''
return {"translate_idps": self.translate_idps,
- "validate_pcs_cluster": self.validate_pcs_cluster,
"certificates_to_synchronize": self.certificates_to_synchronize,
"oo_htpasswd_users_from_file": self.oo_htpasswd_users_from_file}
diff --git a/roles/openshift_master_facts/lookup_plugins/openshift_master_facts_default_predicates.py b/roles/openshift_master_facts/lookup_plugins/openshift_master_facts_default_predicates.py
index f27eb629d..4858c5ec6 100644
--- a/roles/openshift_master_facts/lookup_plugins/openshift_master_facts_default_predicates.py
+++ b/roles/openshift_master_facts/lookup_plugins/openshift_master_facts_default_predicates.py
@@ -40,10 +40,10 @@ class LookupModule(LookupBase):
# pylint: disable=line-too-long
raise AnsibleError("Either OpenShift needs to be installed or openshift_release needs to be specified")
if deployment_type == 'origin':
- if short_version not in ['1.1', '1.2', '1.3', '1.4', '1.5', '3.6', '3.7', 'latest']:
+ if short_version not in ['1.1', '1.2', '1.3', '1.4', '1.5', '3.6', '3.7', '3.8', '3.9', 'latest']:
raise AnsibleError("Unknown short_version %s" % short_version)
elif deployment_type == 'openshift-enterprise':
- if short_version not in ['3.1', '3.2', '3.3', '3.4', '3.5', '3.6', '3.7', 'latest']:
+ if short_version not in ['3.1', '3.2', '3.3', '3.4', '3.5', '3.6', '3.7', '3.8', '3.9', 'latest']:
raise AnsibleError("Unknown short_version %s" % short_version)
else:
raise AnsibleError("Unknown deployment_type %s" % deployment_type)
@@ -53,7 +53,7 @@ class LookupModule(LookupBase):
short_version = re.sub('^1.', '3.', short_version)
if short_version == 'latest':
- short_version = '3.7'
+ short_version = '3.9'
# Predicates ordered according to OpenShift Origin source:
# origin/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithmprovider/defaults/defaults.go
@@ -114,7 +114,7 @@ class LookupModule(LookupBase):
{'name': 'CheckNodeDiskPressure'},
])
- if short_version in ['3.7']:
+ if short_version in ['3.7', '3.8', '3.9']:
predicates.extend([
{'name': 'NoVolumeZoneConflict'},
{'name': 'MaxEBSVolumeCount'},
diff --git a/roles/openshift_master_facts/lookup_plugins/openshift_master_facts_default_priorities.py b/roles/openshift_master_facts/lookup_plugins/openshift_master_facts_default_priorities.py
index fe488f49c..18e1b2e0c 100644
--- a/roles/openshift_master_facts/lookup_plugins/openshift_master_facts_default_priorities.py
+++ b/roles/openshift_master_facts/lookup_plugins/openshift_master_facts_default_priorities.py
@@ -41,10 +41,10 @@ class LookupModule(LookupBase):
raise AnsibleError("Either OpenShift needs to be installed or openshift_release needs to be specified")
if deployment_type == 'origin':
- if short_version not in ['1.1', '1.2', '1.3', '1.4', '1.5', '3.6', '3.7', 'latest']:
+ if short_version not in ['1.1', '1.2', '1.3', '1.4', '1.5', '3.6', '3.7', '3.8', '3.9', 'latest']:
raise AnsibleError("Unknown short_version %s" % short_version)
elif deployment_type == 'openshift-enterprise':
- if short_version not in ['3.1', '3.2', '3.3', '3.4', '3.5', '3.6', '3.7', 'latest']:
+ if short_version not in ['3.1', '3.2', '3.3', '3.4', '3.5', '3.6', '3.7', '3.8', '3.9', 'latest']:
raise AnsibleError("Unknown short_version %s" % short_version)
else:
raise AnsibleError("Unknown deployment_type %s" % deployment_type)
@@ -54,7 +54,7 @@ class LookupModule(LookupBase):
short_version = re.sub('^1.', '3.', short_version)
if short_version == 'latest':
- short_version = '3.7'
+ short_version = '3.9'
if short_version == '3.1':
priorities.extend([
@@ -91,7 +91,7 @@ class LookupModule(LookupBase):
{'name': 'InterPodAffinityPriority', 'weight': 1}
])
- if short_version in ['3.5', '3.6', '3.7']:
+ if short_version in ['3.5', '3.6', '3.7', '3.8', '3.9']:
priorities.extend([
{'name': 'SelectorSpreadPriority', 'weight': 1},
{'name': 'InterPodAffinityPriority', 'weight': 1},
diff --git a/roles/openshift_master_facts/meta/main.yml b/roles/openshift_master_facts/meta/main.yml
index 9dbf719f8..0ab2311d3 100644
--- a/roles/openshift_master_facts/meta/main.yml
+++ b/roles/openshift_master_facts/meta/main.yml
@@ -13,3 +13,4 @@ galaxy_info:
- cloud
dependencies:
- role: openshift_facts
+- role: lib_utils
diff --git a/roles/openshift_master_facts/tasks/main.yml b/roles/openshift_master_facts/tasks/main.yml
index cf0be3bef..ad9a21c96 100644
--- a/roles/openshift_master_facts/tasks/main.yml
+++ b/roles/openshift_master_facts/tasks/main.yml
@@ -1,14 +1,8 @@
---
-# Ensure the default sub-domain is set:
-- name: Migrate legacy osm_default_subdomain fact
- set_fact:
- openshift_master_default_subdomain: "{{ osm_default_subdomain | default(None) }}"
- when: openshift_master_default_subdomain is not defined
-
- name: Verify required variables are set
fail:
msg: openshift_master_default_subdomain must be set to deploy metrics
- when: openshift_hosted_metrics_deploy | default(false) | bool and openshift_master_default_subdomain | default("") == ""
+ when: openshift_hosted_metrics_deploy | default(false) | bool and openshift_master_default_subdomain == ""
# NOTE: These metrics variables are unfortunately needed by both the master and the metrics roles
# to properly configure the master-config.yaml file.
@@ -20,8 +14,8 @@
- name: Set g_metrics_hostname
set_fact:
g_metrics_hostname: "{{ openshift_hosted_metrics_public_url
- | default('hawkular-metrics.' ~ (openshift_master_default_subdomain))
- | oo_hostname_from_url }}"
+ | default('hawkular-metrics.' ~ openshift_master_default_subdomain)
+ | lib_utils_oo_hostname_from_url }}"
- set_fact:
openshift_hosted_metrics_deploy_url: "https://{{ g_metrics_hostname }}/hawkular/metrics"
@@ -31,7 +25,6 @@
openshift_facts:
role: master
local_facts:
- cluster_method: "{{ openshift_master_cluster_method | default('native') }}"
cluster_hostname: "{{ openshift_master_cluster_hostname | default(None) }}"
cluster_public_hostname: "{{ openshift_master_cluster_public_hostname | default(None) }}"
api_port: "{{ openshift_master_api_port | default(None) }}"
@@ -52,11 +45,8 @@
etcd_port: "{{ openshift_master_etcd_port | default(None) }}"
etcd_use_ssl: "{{ openshift_master_etcd_use_ssl | default(None) }}"
etcd_urls: "{{ openshift_master_etcd_urls | default(None) }}"
- embedded_etcd: "{{ openshift_master_embedded_etcd | default(None) }}"
embedded_kube: "{{ openshift_master_embedded_kube | default(None) }}"
embedded_dns: "{{ openshift_master_embedded_dns | default(None) }}"
- # defaults to 8053 when using dnsmasq in 1.2/3.2
- dns_port: "{{ openshift_master_dns_port | default(None) }}"
bind_addr: "{{ openshift_master_bind_addr | default(None) }}"
pod_eviction_timeout: "{{ openshift_master_pod_eviction_timeout | default(None) }}"
session_max_seconds: "{{ openshift_master_session_max_seconds | default(None) }}"
@@ -77,18 +67,11 @@
sdn_cluster_network_cidr: "{{ osm_cluster_network_cidr | default(None) }}"
sdn_host_subnet_length: "{{ osm_host_subnet_length | default(None) }}"
custom_cors_origins: "{{ osm_custom_cors_origins | default(None) }}"
- default_node_selector: "{{ osm_default_node_selector | default(None) }}"
- project_request_message: "{{ osm_project_request_message | default(None) }}"
- project_request_template: "{{ osm_project_request_template | default(None) }}"
- mcs_allocator_range: "{{ osm_mcs_allocator_range | default(None) }}"
- mcs_labels_per_project: "{{ osm_mcs_labels_per_project | default(None) }}"
- uid_allocator_range: "{{ osm_uid_allocator_range | default(None) }}"
registry_selector: "{{ openshift_registry_selector | default(None) }}"
api_server_args: "{{ osm_api_server_args | default(None) }}"
controller_args: "{{ osm_controller_args | default(None) }}"
disabled_features: "{{ osm_disabled_features | default(None) }}"
master_count: "{{ openshift_master_count | default(None) }}"
- master_image: "{{ osm_image | default(None) }}"
admission_plugin_config: "{{openshift_master_admission_plugin_config }}"
kube_admission_plugin_config: "{{openshift_master_kube_admission_plugin_config | default(None) }}" # deprecated, merged with admission_plugin_config
oauth_template: "{{ openshift_master_oauth_template | default(None) }}" # deprecated in origin 1.2 / OSE 3.2
diff --git a/roles/openshift_master_facts/test/openshift_master_facts_default_predicates_tests.py b/roles/openshift_master_facts/test/openshift_master_facts_default_predicates_tests.py
index 38a918803..11aad9f03 100644
--- a/roles/openshift_master_facts/test/openshift_master_facts_default_predicates_tests.py
+++ b/roles/openshift_master_facts/test/openshift_master_facts_default_predicates_tests.py
@@ -71,6 +71,8 @@ DEFAULT_PREDICATES_3_7 = [
{'name': 'NoVolumeNodeConflict'},
]
+DEFAULT_PREDICATES_3_9 = DEFAULT_PREDICATES_3_8 = DEFAULT_PREDICATES_3_7
+
REGION_PREDICATE = {
'name': 'Region',
'argument': {
@@ -95,6 +97,10 @@ TEST_VARS = [
('3.6', 'openshift-enterprise', DEFAULT_PREDICATES_3_6),
('3.7', 'origin', DEFAULT_PREDICATES_3_7),
('3.7', 'openshift-enterprise', DEFAULT_PREDICATES_3_7),
+ ('3.8', 'origin', DEFAULT_PREDICATES_3_8),
+ ('3.8', 'openshift-enterprise', DEFAULT_PREDICATES_3_8),
+ ('3.9', 'origin', DEFAULT_PREDICATES_3_9),
+ ('3.9', 'openshift-enterprise', DEFAULT_PREDICATES_3_9),
]
diff --git a/roles/openshift_master_facts/test/openshift_master_facts_default_priorities_tests.py b/roles/openshift_master_facts/test/openshift_master_facts_default_priorities_tests.py
index 44b564d6f..527fc9ff4 100644
--- a/roles/openshift_master_facts/test/openshift_master_facts_default_priorities_tests.py
+++ b/roles/openshift_master_facts/test/openshift_master_facts_default_priorities_tests.py
@@ -44,7 +44,7 @@ DEFAULT_PRIORITIES_1_5 = [
DEFAULT_PRIORITIES_3_6 = DEFAULT_PRIORITIES_1_5
-DEFAULT_PRIORITIES_3_7 = DEFAULT_PRIORITIES_3_6
+DEFAULT_PRIORITIES_3_9 = DEFAULT_PRIORITIES_3_8 = DEFAULT_PRIORITIES_3_7 = DEFAULT_PRIORITIES_3_6
ZONE_PRIORITY = {
'name': 'Zone',
@@ -71,6 +71,10 @@ TEST_VARS = [
('3.6', 'openshift-enterprise', DEFAULT_PRIORITIES_3_6),
('3.7', 'origin', DEFAULT_PRIORITIES_3_7),
('3.7', 'openshift-enterprise', DEFAULT_PRIORITIES_3_7),
+ ('3.8', 'origin', DEFAULT_PRIORITIES_3_8),
+ ('3.8', 'openshift-enterprise', DEFAULT_PRIORITIES_3_8),
+ ('3.9', 'origin', DEFAULT_PRIORITIES_3_9),
+ ('3.9', 'openshift-enterprise', DEFAULT_PRIORITIES_3_9),
]
diff --git a/roles/openshift_metrics/handlers/main.yml b/roles/openshift_metrics/handlers/main.yml
index ce7688581..1f4b5a116 100644
--- a/roles/openshift_metrics/handlers/main.yml
+++ b/roles/openshift_metrics/handlers/main.yml
@@ -1,23 +1,24 @@
---
- name: restart master api
- systemd: name={{ openshift.common.service_type }}-master-api state=restarted
- when: (not (master_api_service_status_changed | default(false) | bool)) and openshift.master.cluster_method == 'native'
+ systemd: name={{ openshift_service_type }}-master-api state=restarted
+ when: (not (master_api_service_status_changed | default(false) | bool))
notify: Verify API Server
+# We retry the controllers because the API may not be 100% initialized yet.
- name: restart master controllers
- systemd: name={{ openshift.common.service_type }}-master-controllers state=restarted
- when: (not (master_controllers_service_status_changed | default(false) | bool)) and openshift.master.cluster_method == 'native'
+ command: "systemctl restart {{ openshift_service_type }}-master-controllers"
+ retries: 3
+ delay: 5
+ register: result
+ until: result.rc == 0
+ when: (not (master_controllers_service_status_changed | default(false) | bool))
- name: Verify API Server
# Using curl here since the uri module requires python-httplib2 and
# wait_for port doesn't provide health information.
command: >
curl --silent --tlsv1.2
- {% if openshift.common.version_gte_3_2_or_1_2 | bool %}
--cacert {{ openshift.common.config_base }}/master/ca-bundle.crt
- {% else %}
- --cacert {{ openshift.common.config_base }}/master/ca.crt
- {% endif %}
{{ openshift.master.api_url }}/healthz/ready
args:
# Disables the following warning:
diff --git a/roles/openshift_metrics/meta/main.yaml b/roles/openshift_metrics/meta/main.yaml
index 50214135c..675ec112f 100644
--- a/roles/openshift_metrics/meta/main.yaml
+++ b/roles/openshift_metrics/meta/main.yaml
@@ -15,5 +15,6 @@ galaxy_info:
categories:
- openshift
dependencies:
-- { role: lib_openshift }
-- { role: openshift_facts }
+- role: lib_openshift
+- role: lib_utils
+- role: openshift_facts
diff --git a/roles/openshift_metrics/tasks/generate_certificates.yaml b/roles/openshift_metrics/tasks/generate_certificates.yaml
index 3dc15d58b..bb842d710 100644
--- a/roles/openshift_metrics/tasks/generate_certificates.yaml
+++ b/roles/openshift_metrics/tasks/generate_certificates.yaml
@@ -8,4 +8,4 @@
--serial='{{ mktemp.stdout }}/ca.serial.txt'
--name="metrics-signer@{{lookup('pipe','date +%s')}}"
-- include: generate_hawkular_certificates.yaml
+- include_tasks: generate_hawkular_certificates.yaml
diff --git a/roles/openshift_metrics/tasks/generate_hawkular_certificates.yaml b/roles/openshift_metrics/tasks/generate_hawkular_certificates.yaml
index 31129a6ac..9395fceca 100644
--- a/roles/openshift_metrics/tasks/generate_hawkular_certificates.yaml
+++ b/roles/openshift_metrics/tasks/generate_hawkular_certificates.yaml
@@ -1,20 +1,20 @@
---
- name: generate hawkular-metrics certificates
- include: setup_certificate.yaml
+ include_tasks: setup_certificate.yaml
vars:
component: hawkular-metrics
hostnames: "hawkular-metrics,hawkular-metrics.{{ openshift_metrics_project }}.svc.cluster.local,{{ openshift_metrics_hawkular_hostname }}"
changed_when: no
- name: generate hawkular-cassandra certificates
- include: setup_certificate.yaml
+ include_tasks: setup_certificate.yaml
vars:
component: hawkular-cassandra
hostnames: hawkular-cassandra
changed_when: no
- name: generate password for hawkular metrics
- local_action: copy dest="{{ local_tmp.stdout }}/{{ item }}.pwd" content="{{ 15 | oo_random_word }}"
+ local_action: copy dest="{{ local_tmp.stdout }}/{{ item }}.pwd" content="{{ 15 | lib_utils_oo_random_word }}"
with_items:
- hawkular-metrics
become: false
diff --git a/roles/openshift_metrics/tasks/install_hawkular.yaml b/roles/openshift_metrics/tasks/install_hawkular.yaml
index b63f5ca8c..a4ffa1890 100644
--- a/roles/openshift_metrics/tasks/install_hawkular.yaml
+++ b/roles/openshift_metrics/tasks/install_hawkular.yaml
@@ -23,15 +23,15 @@
- block:
- set_fact: hawkular_key={{ lookup('file', openshift_metrics_hawkular_key) }}
- when: openshift_metrics_hawkular_key | exists
+ when: openshift_metrics_hawkular_key is exists
changed_when: false
- set_fact: hawkular_cert={{ lookup('file', openshift_metrics_hawkular_cert) }}
- when: openshift_metrics_hawkular_cert | exists
+ when: openshift_metrics_hawkular_cert is exists
changed_when: false
- set_fact: hawkular_ca={{ lookup('file', openshift_metrics_hawkular_ca) }}
- when: openshift_metrics_hawkular_ca | exists
+ when: openshift_metrics_hawkular_ca is exists
changed_when: false
- name: generate the hawkular-metrics route
diff --git a/roles/openshift_metrics/tasks/install_heapster.yaml b/roles/openshift_metrics/tasks/install_heapster.yaml
index 0eb852d91..a33b28ba7 100644
--- a/roles/openshift_metrics/tasks/install_heapster.yaml
+++ b/roles/openshift_metrics/tasks/install_heapster.yaml
@@ -66,4 +66,4 @@
namespace: "{{ openshift_metrics_project }}"
changed_when: no
-- include: generate_heapster_secrets.yaml
+- include_tasks: generate_heapster_secrets.yaml
diff --git a/roles/openshift_metrics/tasks/install_metrics.yaml b/roles/openshift_metrics/tasks/install_metrics.yaml
index fdf4ae57f..49d1d8cf1 100644
--- a/roles/openshift_metrics/tasks/install_metrics.yaml
+++ b/roles/openshift_metrics/tasks/install_metrics.yaml
@@ -1,8 +1,8 @@
---
-- include: pre_install.yaml
+- include_tasks: pre_install.yaml
- name: Install Metrics
- include: "{{ role_path }}/tasks/install_{{ include_file }}.yaml"
+ include_tasks: "install_{{ include_file }}.yaml"
with_items:
- support
- heapster
@@ -13,11 +13,11 @@
when: not openshift_metrics_heapster_standalone | bool
- name: Install Heapster Standalone
- include: install_heapster.yaml
+ include_tasks: install_heapster.yaml
when: openshift_metrics_heapster_standalone | bool
- name: Install Hawkular OpenShift Agent (HOSA)
- include: install_hosa.yaml
+ include_tasks: install_hosa.yaml
when: openshift_metrics_install_hawkular_agent | default(false) | bool
- find:
@@ -34,7 +34,7 @@
changed_when: no
- name: Create objects
- include: oc_apply.yaml
+ include_tasks: oc_apply.yaml
vars:
kubeconfig: "{{ mktemp.stdout }}/admin.kubeconfig"
namespace: "{{ openshift_metrics_project }}"
@@ -58,7 +58,7 @@
changed_when: no
- name: Create Hawkular Agent objects
- include: oc_apply.yaml
+ include_tasks: oc_apply.yaml
vars:
kubeconfig: "{{ mktemp.stdout }}/admin.kubeconfig"
namespace: "{{ openshift_metrics_hawkular_agent_namespace }}"
@@ -67,7 +67,7 @@
with_items: "{{ hawkular_agent_object_defs.results }}"
when: openshift_metrics_install_hawkular_agent | bool
-- include: update_master_config.yaml
+- include_tasks: update_master_config.yaml
- command: >
{{openshift.common.client_binary}}
@@ -80,11 +80,11 @@
changed_when: no
- name: Scaling down cluster to recognize changes
- include: stop_metrics.yaml
+ include_tasks: stop_metrics.yaml
when: existing_metrics_rc.stdout_lines | length > 0
- name: Scaling up cluster
- include: start_metrics.yaml
+ include_tasks: start_metrics.yaml
tags: openshift_metrics_start_cluster
when:
- openshift_metrics_start_cluster | default(true) | bool
diff --git a/roles/openshift_metrics/tasks/install_support.yaml b/roles/openshift_metrics/tasks/install_support.yaml
index 584e3be05..c3727d530 100644
--- a/roles/openshift_metrics/tasks/install_support.yaml
+++ b/roles/openshift_metrics/tasks/install_support.yaml
@@ -19,7 +19,7 @@
- fail: msg="'keytool' is unavailable. Please install java-1.8.0-openjdk-headless on the control node"
when: keytool_check.rc == 1
-- include: generate_certificates.yaml
-- include: generate_serviceaccounts.yaml
-- include: generate_services.yaml
-- include: generate_rolebindings.yaml
+- include_tasks: generate_certificates.yaml
+- include_tasks: generate_serviceaccounts.yaml
+- include_tasks: generate_services.yaml
+- include_tasks: generate_rolebindings.yaml
diff --git a/roles/openshift_metrics/tasks/main.yaml b/roles/openshift_metrics/tasks/main.yaml
index 10509fc1e..9dfe360bb 100644
--- a/roles/openshift_metrics/tasks/main.yaml
+++ b/roles/openshift_metrics/tasks/main.yaml
@@ -43,15 +43,15 @@
check_mode: no
tags: metrics_init
-- include: install_metrics.yaml
+- include_tasks: install_metrics.yaml
when:
- openshift_metrics_install_metrics | bool
-- include: uninstall_metrics.yaml
+- include_tasks: uninstall_metrics.yaml
when:
- not openshift_metrics_install_metrics | bool
-- include: uninstall_hosa.yaml
+- include_tasks: uninstall_hosa.yaml
when: not openshift_metrics_install_hawkular_agent | bool
- name: Delete temp directory
diff --git a/roles/openshift_metrics/tasks/setup_certificate.yaml b/roles/openshift_metrics/tasks/setup_certificate.yaml
index 2d880f4d6..e6081c0d3 100644
--- a/roles/openshift_metrics/tasks/setup_certificate.yaml
+++ b/roles/openshift_metrics/tasks/setup_certificate.yaml
@@ -23,7 +23,7 @@
- name: generate random password for the {{ component }} keystore
copy:
- content: "{{ 15 | oo_random_word }}"
+ content: "{{ 15 | lib_utils_oo_random_word }}"
dest: '{{ mktemp.stdout }}/{{ component }}-keystore.pwd'
- slurp: src={{ mktemp.stdout | quote }}/{{ component|quote }}-keystore.pwd
@@ -39,5 +39,5 @@
- name: generate random password for the {{ component }} truststore
copy:
- content: "{{ 15 | oo_random_word }}"
+ content: "{{ 15 | lib_utils_oo_random_word }}"
dest: '{{ mktemp.stdout | quote }}/{{ component|quote }}-truststore.pwd'
diff --git a/roles/openshift_metrics/tasks/uninstall_metrics.yaml b/roles/openshift_metrics/tasks/uninstall_metrics.yaml
index 403b1252c..1265c7bfd 100644
--- a/roles/openshift_metrics/tasks/uninstall_metrics.yaml
+++ b/roles/openshift_metrics/tasks/uninstall_metrics.yaml
@@ -1,6 +1,6 @@
---
- name: stop metrics
- include: stop_metrics.yaml
+ include_tasks: stop_metrics.yaml
- name: remove metrics components
command: >
diff --git a/roles/openshift_metrics/templates/hawkular_cassandra_rc.j2 b/roles/openshift_metrics/templates/hawkular_cassandra_rc.j2
index 6a3811598..11476bf75 100644
--- a/roles/openshift_metrics/templates/hawkular_cassandra_rc.j2
+++ b/roles/openshift_metrics/templates/hawkular_cassandra_rc.j2
@@ -24,7 +24,7 @@ spec:
- {{openshift_metrics_cassandra_storage_group}}
{% if node_selector is iterable and node_selector | length > 0 %}
nodeSelector:
-{% for key, value in node_selector.iteritems() %}
+{% for key, value in node_selector.items() %}
{{key}}: "{{value}}"
{% endfor %}
{% endif %}
diff --git a/roles/openshift_metrics/templates/hawkular_metrics_rc.j2 b/roles/openshift_metrics/templates/hawkular_metrics_rc.j2
index 0662bea53..7c75b2f97 100644
--- a/roles/openshift_metrics/templates/hawkular_metrics_rc.j2
+++ b/roles/openshift_metrics/templates/hawkular_metrics_rc.j2
@@ -19,7 +19,7 @@ spec:
serviceAccount: hawkular
{% if node_selector is iterable and node_selector | length > 0 %}
nodeSelector:
-{% for key, value in node_selector.iteritems() %}
+{% for key, value in node_selector.items() %}
{{key}}: "{{value}}"
{% endfor %}
{% endif %}
@@ -64,7 +64,7 @@ spec:
- name: MASTER_URL
value: "{{ openshift_metrics_master_url }}"
- name: JGROUPS_PASSWORD
- value: "{{ 17 | oo_random_word }}"
+ value: "{{ 17 | lib_utils_oo_random_word }}"
- name: TRUSTSTORE_AUTHORITIES
value: "/hawkular-metrics-certs/tls.truststore.crt"
- name: ENABLE_PROMETHEUS_ENDPOINT
diff --git a/roles/openshift_metrics/templates/hawkular_openshift_agent_ds.j2 b/roles/openshift_metrics/templates/hawkular_openshift_agent_ds.j2
index 40d09e9fa..04e2b2937 100644
--- a/roles/openshift_metrics/templates/hawkular_openshift_agent_ds.j2
+++ b/roles/openshift_metrics/templates/hawkular_openshift_agent_ds.j2
@@ -19,7 +19,7 @@ spec:
serviceAccount: hawkular-openshift-agent
{% if node_selector is iterable and node_selector | length > 0 %}
nodeSelector:
-{% for key, value in node_selector.iteritems() %}
+{% for key, value in node_selector.items() %}
{{key}}: "{{value}}"
{% endfor %}
{% endif %}
diff --git a/roles/openshift_metrics/templates/heapster.j2 b/roles/openshift_metrics/templates/heapster.j2
index e732c1eee..0d4dd0e2b 100644
--- a/roles/openshift_metrics/templates/heapster.j2
+++ b/roles/openshift_metrics/templates/heapster.j2
@@ -20,7 +20,7 @@ spec:
serviceAccountName: heapster
{% if node_selector is iterable and node_selector | length > 0 %}
nodeSelector:
-{% for key, value in node_selector.iteritems() %}
+{% for key, value in node_selector.items() %}
{{key}}: "{{value}}"
{% endfor %}
{% endif %}
diff --git a/roles/openshift_metrics/templates/pvc.j2 b/roles/openshift_metrics/templates/pvc.j2
index b4e6a1503..9a4b428ec 100644
--- a/roles/openshift_metrics/templates/pvc.j2
+++ b/roles/openshift_metrics/templates/pvc.j2
@@ -7,13 +7,13 @@ metadata:
metrics-infra: support
{% elif labels %}
labels:
-{% for key, value in labels.iteritems() %}
+{% for key, value in labels.items() %}
{{ key }}: {{ value }}
{% endfor %}
{% endif %}
{% if annotations is defined and annotations %}
annotations:
-{% for key,value in annotations.iteritems() %}
+{% for key,value in annotations.items() %}
{{key}}: {{value}}
{% endfor %}
{% endif %}
@@ -21,7 +21,7 @@ spec:
{% if pv_selector is defined and pv_selector is mapping %}
selector:
matchLabels:
-{% for key,value in pv_selector.iteritems() %}
+{% for key,value in pv_selector.items() %}
{{key}}: {{value}}
{% endfor %}
{% endif %}
diff --git a/roles/openshift_metrics/templates/rolebinding.j2 b/roles/openshift_metrics/templates/rolebinding.j2
index 5230f0780..a9a24c157 100644
--- a/roles/openshift_metrics/templates/rolebinding.j2
+++ b/roles/openshift_metrics/templates/rolebinding.j2
@@ -4,7 +4,7 @@ metadata:
name: {{obj_name}}
{% if labels is defined %}
labels:
-{% for k, v in labels.iteritems() %}
+{% for k, v in labels.items() %}
{{ k }}: {{ v }}
{% endfor %}
{% endif %}
diff --git a/roles/openshift_metrics/templates/route.j2 b/roles/openshift_metrics/templates/route.j2
index 253d6ecf5..9d628b666 100644
--- a/roles/openshift_metrics/templates/route.j2
+++ b/roles/openshift_metrics/templates/route.j2
@@ -7,7 +7,7 @@ metadata:
{% endif %}
{% if labels is defined and labels %}
labels:
-{% for k, v in labels.iteritems() %}
+{% for k, v in labels.items() %}
{{ k }}: {{ v }}
{% endfor %}
{% endif %}
diff --git a/roles/openshift_metrics/templates/secret.j2 b/roles/openshift_metrics/templates/secret.j2
index 5b9dba122..b788be04e 100644
--- a/roles/openshift_metrics/templates/secret.j2
+++ b/roles/openshift_metrics/templates/secret.j2
@@ -4,15 +4,15 @@ metadata:
name: "{{ name }}"
{% if annotations is defined%}
annotations:
-{% for key, value in annotations.iteritems() %}
+{% for key, value in annotations.items() %}
{{key}}: {{value}}
{% endfor %}
{% endif %}
labels:
-{% for k, v in labels.iteritems() %}
+{% for k, v in labels.items() %}
{{ k }}: {{ v }}
{% endfor %}
data:
-{% for k, v in data.iteritems() %}
+{% for k, v in data.items() %}
{{ k }}: {{ v }}
{% endfor %}
diff --git a/roles/openshift_metrics/templates/service.j2 b/roles/openshift_metrics/templates/service.j2
index ce0bc2eec..4d23982f1 100644
--- a/roles/openshift_metrics/templates/service.j2
+++ b/roles/openshift_metrics/templates/service.j2
@@ -4,13 +4,13 @@ metadata:
name: "{{obj_name}}"
{% if annotations is defined%}
annotations:
-{% for key, value in annotations.iteritems() %}
+{% for key, value in annotations.items() %}
{{key}}: {{value}}
{% endfor %}
{% endif %}
{% if labels is defined%}
labels:
-{% for key, value in labels.iteritems() %}
+{% for key, value in labels.items() %}
{{key}}: {{value}}
{% endfor %}
{% endif %}
@@ -22,7 +22,7 @@ spec:
ports:
{% for port in ports %}
-
-{% for key, value in port.iteritems() %}
+{% for key, value in port.items() %}
{{key}}: {{value}}
{% endfor %}
{% if port.targetPort is undefined %}
@@ -33,6 +33,6 @@ spec:
targetPort: {{service_targetPort}}
{% endif %}
selector:
- {% for key, value in selector.iteritems() %}
+ {% for key, value in selector.items() %}
{{key}}: {{value}}
{% endfor %}
diff --git a/roles/openshift_metrics/templates/serviceaccount.j2 b/roles/openshift_metrics/templates/serviceaccount.j2
index b22acc594..ea19f17d7 100644
--- a/roles/openshift_metrics/templates/serviceaccount.j2
+++ b/roles/openshift_metrics/templates/serviceaccount.j2
@@ -4,7 +4,7 @@ metadata:
name: {{obj_name}}
{% if labels is defined%}
labels:
-{% for key, value in labels.iteritems() %}
+{% for key, value in labels.items() %}
{{key}}: {{value}}
{% endfor %}
{% endif %}
diff --git a/roles/openshift_named_certificates/meta/main.yml b/roles/openshift_named_certificates/meta/main.yml
index 2c6e12494..e7d81df53 100644
--- a/roles/openshift_named_certificates/meta/main.yml
+++ b/roles/openshift_named_certificates/meta/main.yml
@@ -14,3 +14,4 @@ galaxy_info:
- system
dependencies:
- role: openshift_facts
+- role: lib_utils
diff --git a/roles/openshift_named_certificates/tasks/main.yml b/roles/openshift_named_certificates/tasks/main.yml
index 1bcf9ef67..ad5472445 100644
--- a/roles/openshift_named_certificates/tasks/main.yml
+++ b/roles/openshift_named_certificates/tasks/main.yml
@@ -1,6 +1,6 @@
---
- set_fact:
- parsed_named_certificates: "{{ named_certificates | oo_parse_named_certificates(named_certs_dir, internal_hostnames) }}"
+ parsed_named_certificates: "{{ named_certificates | lib_utils_oo_parse_named_certificates(named_certs_dir, internal_hostnames) }}"
when: named_certificates | length > 0
delegate_to: localhost
become: no
@@ -43,4 +43,4 @@
src: "{{ item }}"
dest: "{{ named_certs_dir }}/{{ item | basename }}"
mode: 0600
- with_items: "{{ named_certificates | oo_collect('cafile') }}"
+ with_items: "{{ named_certificates | lib_utils_oo_collect('cafile') }}"
diff --git a/roles/openshift_nfs/meta/main.yml b/roles/openshift_nfs/meta/main.yml
index d7b5910f2..17c0cf33f 100644
--- a/roles/openshift_nfs/meta/main.yml
+++ b/roles/openshift_nfs/meta/main.yml
@@ -13,4 +13,4 @@ galaxy_info:
- cloud
dependencies:
- role: lib_utils
-- role: lib_os_firewall
+- role: lib_utils
diff --git a/roles/openshift_nfs/tasks/create_export.yml b/roles/openshift_nfs/tasks/create_export.yml
index b0b888d56..5fcdbf76e 100644
--- a/roles/openshift_nfs/tasks/create_export.yml
+++ b/roles/openshift_nfs/tasks/create_export.yml
@@ -31,4 +31,4 @@
- name: Re-export NFS filesystems
command: exportfs -ar
when:
- - created_export | changed
+ - created_export is changed
diff --git a/roles/openshift_nfs/tasks/setup.yml b/roles/openshift_nfs/tasks/setup.yml
index 3070de495..bd8fb44a2 100644
--- a/roles/openshift_nfs/tasks/setup.yml
+++ b/roles/openshift_nfs/tasks/setup.yml
@@ -1,10 +1,11 @@
---
- name: setup firewall
- include: firewall.yml
- static: yes
+ import_tasks: firewall.yml
- name: Install nfs-utils
package: name=nfs-utils state=present
+ register: result
+ until: result is succeeded
- name: Configure NFS
lineinfile:
@@ -15,7 +16,7 @@
- name: Restart nfs-config
systemd: name=nfs-config state=restarted
- when: nfs_config | changed
+ when: nfs_config is changed
- name: Ensure exports directory exists
file:
diff --git a/roles/openshift_node/README.md b/roles/openshift_node/README.md
index 67f697924..87ceb8103 100644
--- a/roles/openshift_node/README.md
+++ b/roles/openshift_node/README.md
@@ -33,9 +33,9 @@ Notes
Currently we support re-labeling nodes but we don't re-schedule running pods nor remove existing labels. That means you will have to trigger the re-schedulling manually. To re-schedule your pods, just follow the steps below:
```
-oadm manage-node --schedulable=false ${NODE}
-oadm manage-node --drain ${NODE}
-oadm manage-node --schedulable=true ${NODE}
+oc adm manage-node --schedulable=false ${NODE}
+oc adm manage-node --drain ${NODE}
+oc adm manage-node --schedulable=true ${NODE}
````
> If you are using version less than 1.5/3.5 you must replace `--drain` with `--evacuate`.
diff --git a/roles/openshift_node/defaults/main.yml b/roles/openshift_node/defaults/main.yml
index 0c6d8db38..a90aad532 100644
--- a/roles/openshift_node/defaults/main.yml
+++ b/roles/openshift_node/defaults/main.yml
@@ -1,11 +1,94 @@
---
openshift_node_debug_level: "{{ debug_level | default(2) }}"
+openshift_node_iptables_sync_period: '30s'
+osn_storage_plugin_deps:
+- ceph
+- glusterfs
+- iscsi
+openshift_node_local_quota_per_fsgroup: ""
+openshift_node_proxy_mode: iptables
+openshift_set_node_ip: False
+openshift_config_base: '/etc/origin'
+
+openshift_oreg_url_default_dict:
+ origin: "openshift/origin-${component}:${version}"
+ openshift-enterprise: "openshift3/ose-${component}:${version}"
+openshift_oreg_url_default: "{{ openshift_oreg_url_default_dict[openshift_deployment_type] }}"
+oreg_url_node: "{{ oreg_url | default(openshift_oreg_url_default) }}"
+
+osn_ovs_image_default_dict:
+ origin: "openshift/openvswitch"
+ openshift-enterprise: "openshift3/openvswitch"
+osn_ovs_image_default: "{{ osn_ovs_image_default_dict[openshift_deployment_type] }}"
+osn_ovs_image: "{{ osn_ovs_image_default }}"
+
+openshift_dns_ip: "{{ ansible_default_ipv4['address'] }}"
+
+openshift_node_env_vars: {}
+
+# Create list of 'k=v' pairs.
+l_node_kubelet_node_labels: "{{ openshift_node_labels | default({}) | lib_utils_oo_dict_to_keqv_list }}"
+
+openshift_node_kubelet_args_dict:
+ aws:
+ cloud-provider:
+ - aws
+ cloud-config:
+ - "{{ openshift_config_base ~ '/aws.conf' }}"
+ node-labels: "{{ l_node_kubelet_node_labels }}"
+ openstack:
+ cloud-provider:
+ - openstack
+ cloud-config:
+ - "{{ openshift_config_base ~ '/openstack.conf' }}"
+ node-labels: "{{ l_node_kubelet_node_labels }}"
+ gce:
+ cloud-provider:
+ - gce
+ cloud-config:
+ - "{{ openshift_config_base ~ '/gce.conf' }}"
+ node-labels: "{{ l_node_kubelet_node_labels }}"
+ undefined:
+ node-labels: "{{ l_node_kubelet_node_labels }}"
+
+l_node_kubelet_args_default: "{{ openshift_node_kubelet_args_dict[openshift_cloudprovider_kind | default('undefined')] }}"
+
+l_openshift_node_kubelet_args: "{{ openshift_node_kubelet_args | default({}) }}"
+# Combine the default kubelet_args dictionary (based on cloud provider, if provided)
+# with user-supplied openshift_node_kubelet_args.
+# openshift_node_kubelet_args will override the defaults, if keys and/or subkeys
+# are present in both.
+l2_openshift_node_kubelet_args: "{{ l_node_kubelet_args_default | combine(l_openshift_node_kubelet_args, recursive=True) }}"
+openshift_node_dnsmasq_install_network_manager_hook: true
+
+# lo must always be present in this list or dnsmasq will conflict with
+# the node's dns service.
+openshift_node_dnsmasq_except_interfaces:
+- lo
r_openshift_node_firewall_enabled: "{{ os_firewall_enabled | default(True) }}"
r_openshift_node_use_firewalld: "{{ os_firewall_use_firewalld | default(False) }}"
+l_is_node_system_container: "{{ (openshift_use_node_system_container | default(openshift_use_system_containers | default(false)) | bool) }}"
+
openshift_deployment_type: "{{ openshift_deployment_type | default('origin') }}"
-openshift_service_type: "{{ 'origin' if openshift_deployment_type == 'origin' else 'atomic-openshift' }}"
+
+openshift_node_image_dict:
+ origin: 'openshift/node'
+ openshift-enterprise: 'openshift3/node'
+osn_image: "{{ openshift_node_image_dict[openshift_deployment_type] }}"
+
+openshift_service_type_dict:
+ origin: origin
+ openshift-enterprise: atomic-openshift
+openshift_service_type: "{{ openshift_service_type_dict[openshift_deployment_type] }}"
+
+system_images_registry_dict:
+ openshift-enterprise: "registry.access.redhat.com"
+ origin: "docker.io"
+
+system_images_registry: "{{ system_images_registry_dict[openshift_deployment_type | default('origin')] }}"
+l_is_openvswitch_system_container: "{{ (openshift_use_openvswitch_system_container | default(openshift_use_system_containers | default(false)) | bool) }}"
openshift_image_tag: ''
@@ -85,6 +168,10 @@ oreg_host: "{{ oreg_url.split('/')[0] if (oreg_url is defined and '.' in oreg_ur
oreg_auth_credentials_path: "{{ openshift_node_data_dir }}/.docker"
oreg_auth_credentials_replace: False
l_bind_docker_reg_auth: False
+openshift_use_crio: False
+openshift_docker_alternative_creds: "{{ (openshift_docker_use_system_container | default(False)) or (openshift_use_crio_only | default(False)) }}"
+
+openshift_docker_service_name: "{{ 'container-engine' if (openshift_docker_use_system_container | default(False)) else 'docker' }}"
# NOTE
# r_openshift_node_*_default may be defined external to this role.
@@ -115,3 +202,5 @@ openshift_node_config_dir: "{{ openshift_node_config_dir_default }}"
openshift_node_image_config_latest_default: "{{ openshift_image_config_latest | default(False) }}"
openshift_node_image_config_latest: "{{ openshift_node_image_config_latest_default }}"
+
+openshift_node_use_instance_profiles: False
diff --git a/roles/openshift_node/files/bootstrap.yml b/roles/openshift_node/files/bootstrap.yml
index ea280640f..a5545c81b 100644
--- a/roles/openshift_node/files/bootstrap.yml
+++ b/roles/openshift_node/files/bootstrap.yml
@@ -61,3 +61,11 @@
with_items:
- line: "BOOTSTRAP_CONFIG_NAME=node-config-{{ openshift_group_type }}"
regexp: "^BOOTSTRAP_CONFIG_NAME=.*"
+
+ - name: "Start the {{ openshift_service_type }}-node service"
+ systemd:
+ daemon_reload: yes
+ state: restarted
+ enabled: True
+ name: "{{ openshift_service_type }}-node"
+ no_block: true
diff --git a/roles/openshift_node_dnsmasq/files/networkmanager/99-origin-dns.sh b/roles/openshift_node/files/networkmanager/99-origin-dns.sh
index f4e48b5b7..f4e48b5b7 100755
--- a/roles/openshift_node_dnsmasq/files/networkmanager/99-origin-dns.sh
+++ b/roles/openshift_node/files/networkmanager/99-origin-dns.sh
diff --git a/roles/openshift_node/handlers/main.yml b/roles/openshift_node/handlers/main.yml
index b102c1b18..62e0e1341 100644
--- a/roles/openshift_node/handlers/main.yml
+++ b/roles/openshift_node/handlers/main.yml
@@ -1,4 +1,19 @@
---
+- name: restart NetworkManager
+ systemd:
+ name: NetworkManager
+ state: restarted
+ enabled: True
+ when:
+ - (not skip_node_svc_handlers | default(False) | bool)
+
+- name: restart dnsmasq
+ systemd:
+ name: dnsmasq
+ state: restarted
+ when:
+ - (not skip_node_svc_handlers | default(False) | bool)
+
- name: restart openvswitch
systemd:
name: openvswitch
@@ -9,7 +24,7 @@
- openshift_node_use_openshift_sdn | bool
- not openshift_node_bootstrap
register: l_openshift_node_stop_openvswitch_result
- until: not l_openshift_node_stop_openvswitch_result | failed
+ until: not (l_openshift_node_stop_openvswitch_result is failed)
retries: 3
delay: 30
notify:
@@ -23,10 +38,10 @@
- name: restart node
systemd:
- name: "{{ openshift.common.service_type }}-node"
+ name: "{{ openshift_service_type }}-node"
state: restarted
register: l_openshift_node_restart_node_result
- until: not l_openshift_node_restart_node_result | failed
+ until: not (l_openshift_node_restart_node_result is failed)
retries: 3
delay: 30
when:
@@ -36,3 +51,5 @@
- name: reload systemd units
command: systemctl daemon-reload
+ when:
+ - (not skip_node_svc_handlers | default(False) | bool)
diff --git a/roles/openshift_node/meta/main.yml b/roles/openshift_node/meta/main.yml
index 5bc7b9869..86a2ca16f 100644
--- a/roles/openshift_node/meta/main.yml
+++ b/roles/openshift_node/meta/main.yml
@@ -12,10 +12,7 @@ galaxy_info:
categories:
- cloud
dependencies:
-- role: openshift_node_facts
- role: lib_openshift
-- role: lib_os_firewall
-- role: openshift_clock
-- role: openshift_docker
- role: openshift_cloud_provider
-- role: openshift_node_dnsmasq
+ when: not (openshift_node_upgrade_in_progress | default(False))
+- role: lib_utils
diff --git a/roles/openshift_node/tasks/aws.yml b/roles/openshift_node/tasks/aws.yml
index 38c2b794d..a7f1fc116 100644
--- a/roles/openshift_node/tasks/aws.yml
+++ b/roles/openshift_node/tasks/aws.yml
@@ -1,7 +1,7 @@
---
- name: Configure AWS Cloud Provider Settings
lineinfile:
- dest: /etc/sysconfig/{{ openshift.common.service_type }}-node
+ dest: /etc/sysconfig/{{ openshift_service_type }}-node
regexp: "{{ item.regex }}"
line: "{{ item.line }}"
create: true
diff --git a/roles/openshift_node/tasks/bootstrap.yml b/roles/openshift_node/tasks/bootstrap.yml
index 8cf41ab4c..1a6f209e0 100644
--- a/roles/openshift_node/tasks/bootstrap.yml
+++ b/roles/openshift_node/tasks/bootstrap.yml
@@ -4,6 +4,8 @@
name: "{{ item }}"
state: present
with_items: "{{ r_openshift_node_image_prep_packages }}"
+ register: result
+ until: result is succeeded
- name: create the directory for node
file:
@@ -32,8 +34,8 @@
regexp: "^CONFIG_FILE=.*"
- name: include aws sysconfig credentials
- include: aws.yml
- static: yes
+ import_tasks: aws.yml
+ when: not (openshift_node_use_instance_profiles | default(False))
#- name: update the ExecStart to have bootstrap
# lineinfile:
diff --git a/roles/openshift_node/tasks/config.yml b/roles/openshift_node/tasks/config.yml
index c08f43118..8f38a47aa 100644
--- a/roles/openshift_node/tasks/config.yml
+++ b/roles/openshift_node/tasks/config.yml
@@ -1,6 +1,10 @@
---
- name: Install the systemd units
- include: systemd_units.yml
+ include_tasks: systemd_units.yml
+
+- name: Pull container images
+ include_tasks: container_images.yml
+ when: openshift.common.is_containerized | bool
- name: Start and enable openvswitch service
systemd:
@@ -12,17 +16,17 @@
- openshift.common.is_containerized | bool
- openshift_node_use_openshift_sdn | default(true) | bool
register: ovs_start_result
- until: not ovs_start_result | failed
+ until: not (ovs_start_result is failed)
retries: 3
delay: 30
- set_fact:
- ovs_service_status_changed: "{{ ovs_start_result | changed }}"
+ ovs_service_status_changed: "{{ ovs_start_result is changed }}"
- file:
- dest: "{{ (openshift_node_kubelet_args|default({'config':None})).config}}"
+ dest: "{{ l2_openshift_node_kubelet_args['config'] }}"
state: directory
- when: openshift_node_kubelet_args is defined and 'config' in openshift_node_kubelet_args
+ when: ('config' in l2_openshift_node_kubelet_args) | bool
# TODO: add the validate parameter when there is a validation command to run
- name: Create the Node config
@@ -38,17 +42,17 @@
- name: Configure Node Environment Variables
lineinfile:
- dest: /etc/sysconfig/{{ openshift.common.service_type }}-node
+ dest: /etc/sysconfig/{{ openshift_service_type }}-node
regexp: "^{{ item.key }}="
line: "{{ item.key }}={{ item.value }}"
create: true
- with_dict: "{{ openshift.node.env_vars | default({}) }}"
+ with_dict: "{{ openshift_node_env_vars }}"
notify:
- restart node
- name: include aws provider credentials
- include: aws.yml
- static: yes
+ import_tasks: aws.yml
+ when: not (openshift_node_use_instance_profiles | default(False))
# Necessary because when you're on a node that's also a master the master will be
# restarted after the node restarts docker and it will take up to 60 seconds for
@@ -76,7 +80,7 @@
- name: Start and enable node dep
systemd:
daemon_reload: yes
- name: "{{ openshift.common.service_type }}-node-dep"
+ name: "{{ openshift_service_type }}-node-dep"
enabled: yes
state: started
@@ -84,24 +88,24 @@
block:
- name: Start and enable node
systemd:
- name: "{{ openshift.common.service_type }}-node"
+ name: "{{ openshift_service_type }}-node"
enabled: yes
state: started
daemon_reload: yes
register: node_start_result
- until: not node_start_result | failed
+ until: not node_start_result is failed
retries: 1
delay: 30
ignore_errors: true
- name: Dump logs from node service if it failed
- command: journalctl --no-pager -n 100 -u {{ openshift.common.service_type }}-node
- when: node_start_result | failed
+ command: journalctl --no-pager -n 100 -u {{ openshift_service_type }}-node
+ when: node_start_result is failed
- name: Abort if node failed to start
fail:
msg: Node failed to start please inspect the logs and try again
- when: node_start_result | failed
+ when: node_start_result is failed
- set_fact:
- node_service_status_changed: "{{ node_start_result | changed }}"
+ node_service_status_changed: "{{ node_start_result is changed }}"
diff --git a/roles/openshift_node/tasks/config/configure-node-settings.yml b/roles/openshift_node/tasks/config/configure-node-settings.yml
index 527580481..ebc1426d3 100644
--- a/roles/openshift_node/tasks/config/configure-node-settings.yml
+++ b/roles/openshift_node/tasks/config/configure-node-settings.yml
@@ -1,7 +1,7 @@
---
- name: Configure Node settings
lineinfile:
- dest: /etc/sysconfig/{{ openshift.common.service_type }}-node
+ dest: /etc/sysconfig/{{ openshift_service_type }}-node
regexp: "{{ item.regex }}"
line: "{{ item.line }}"
create: true
diff --git a/roles/openshift_node/tasks/config/configure-proxy-settings.yml b/roles/openshift_node/tasks/config/configure-proxy-settings.yml
index d60794305..7ddd319d2 100644
--- a/roles/openshift_node/tasks/config/configure-proxy-settings.yml
+++ b/roles/openshift_node/tasks/config/configure-proxy-settings.yml
@@ -1,7 +1,7 @@
---
- name: Configure Proxy Settings
lineinfile:
- dest: /etc/sysconfig/{{ openshift.common.service_type }}-node
+ dest: /etc/sysconfig/{{ openshift_service_type }}-node
regexp: "{{ item.regex }}"
line: "{{ item.line }}"
create: true
diff --git a/roles/openshift_node/tasks/config/install-node-deps-docker-service-file.yml b/roles/openshift_node/tasks/config/install-node-deps-docker-service-file.yml
index ee91a88ab..9f1145d12 100644
--- a/roles/openshift_node/tasks/config/install-node-deps-docker-service-file.yml
+++ b/roles/openshift_node/tasks/config/install-node-deps-docker-service-file.yml
@@ -1,7 +1,7 @@
---
- name: Install Node dependencies docker service file
template:
- dest: "/etc/systemd/system/{{ openshift.common.service_type }}-node-dep.service"
+ dest: "/etc/systemd/system/{{ openshift_service_type }}-node-dep.service"
src: openshift.docker.node.dep.service
notify:
- reload systemd units
diff --git a/roles/openshift_node/tasks/config/install-node-docker-service-file.yml b/roles/openshift_node/tasks/config/install-node-docker-service-file.yml
new file mode 100644
index 000000000..649fc5f6b
--- /dev/null
+++ b/roles/openshift_node/tasks/config/install-node-docker-service-file.yml
@@ -0,0 +1,8 @@
+---
+- name: Install Node docker service file
+ template:
+ dest: "/etc/systemd/system/{{ openshift_service_type }}-node.service"
+ src: openshift.docker.node.service
+ notify:
+ - reload systemd units
+ - restart node
diff --git a/roles/openshift_node/tasks/container_images.yml b/roles/openshift_node/tasks/container_images.yml
new file mode 100644
index 000000000..bb788e2f1
--- /dev/null
+++ b/roles/openshift_node/tasks/container_images.yml
@@ -0,0 +1,20 @@
+---
+- name: Install Node system container
+ include_tasks: node_system_container.yml
+ when:
+ - l_is_node_system_container | bool
+
+- name: Install OpenvSwitch system containers
+ include_tasks: openvswitch_system_container.yml
+ when:
+ - openshift_node_use_openshift_sdn | bool
+ - l_is_openvswitch_system_container | bool
+
+- name: Pre-pull openvswitch image
+ command: >
+ docker pull {{ osn_ovs_image }}:{{ openshift_image_tag }}
+ register: pull_result
+ changed_when: "'Downloaded newer image' in pull_result.stdout"
+ when:
+ - openshift_node_use_openshift_sdn | bool
+ - not l_is_openvswitch_system_container | bool
diff --git a/roles/openshift_node/tasks/dnsmasq.yml b/roles/openshift_node/tasks/dnsmasq.yml
new file mode 100644
index 000000000..31ca46ec0
--- /dev/null
+++ b/roles/openshift_node/tasks/dnsmasq.yml
@@ -0,0 +1,26 @@
+---
+- name: Install dnsmasq configuration
+ template:
+ src: origin-dns.conf.j2
+ dest: /etc/dnsmasq.d/origin-dns.conf
+ notify: restart dnsmasq
+
+- name: Deploy additional dnsmasq.conf
+ template:
+ src: "{{ openshift_node_dnsmasq_additional_config_file }}"
+ dest: /etc/dnsmasq.d/openshift-ansible.conf
+ owner: root
+ group: root
+ mode: 0644
+ when: openshift_node_dnsmasq_additional_config_file is defined
+ notify: restart dnsmasq
+
+- name: Enable dnsmasq
+ systemd:
+ name: dnsmasq
+ enabled: yes
+ state: started
+
+# Dynamic NetworkManager based dispatcher
+- include_tasks: dnsmasq/network-manager.yml
+ when: network_manager_active | bool
diff --git a/roles/openshift_node_dnsmasq/tasks/network-manager.yml b/roles/openshift_node/tasks/dnsmasq/network-manager.yml
index e5a92a630..e5a92a630 100644
--- a/roles/openshift_node_dnsmasq/tasks/network-manager.yml
+++ b/roles/openshift_node/tasks/dnsmasq/network-manager.yml
diff --git a/roles/openshift_node/tasks/dnsmasq/no-network-manager.yml b/roles/openshift_node/tasks/dnsmasq/no-network-manager.yml
new file mode 100644
index 000000000..5d2c67b86
--- /dev/null
+++ b/roles/openshift_node/tasks/dnsmasq/no-network-manager.yml
@@ -0,0 +1,13 @@
+---
+- fail: msg="Currently, NetworkManager must be installed and enabled prior to installation."
+ when: not openshift_node_bootstrap | bool
+
+- name: Install NetworkManager during node_bootstrap provisioning
+ package:
+ name: NetworkManager
+ state: present
+ notify: restart NetworkManager
+ register: result
+ until: result is succeeded
+
+- include_tasks: network-manager.yml
diff --git a/roles/openshift_node/tasks/dnsmasq_install.yml b/roles/openshift_node/tasks/dnsmasq_install.yml
new file mode 100644
index 000000000..0c8857b11
--- /dev/null
+++ b/roles/openshift_node/tasks/dnsmasq_install.yml
@@ -0,0 +1,43 @@
+---
+- name: Check for NetworkManager service
+ command: >
+ systemctl show NetworkManager
+ register: nm_show
+ changed_when: false
+ ignore_errors: True
+
+- name: Set fact using_network_manager
+ set_fact:
+ network_manager_active: "{{ True if 'ActiveState=active' in nm_show.stdout else False }}"
+
+- name: Install dnsmasq
+ package: name=dnsmasq state=installed
+ when: not openshift.common.is_atomic | bool
+ register: result
+ until: result is succeeded
+
+- name: ensure origin/node directory exists
+ file:
+ state: directory
+ path: "{{ item }}"
+ owner: root
+ group: root
+ mode: '0700'
+ with_items:
+ - /etc/origin
+ - /etc/origin/node
+
+# this file is copied to /etc/dnsmasq.d/ when the node starts and is removed
+# when the node stops. A dbus-message is sent to dnsmasq to add the same entries
+# so that dnsmasq doesn't need to be restarted. Once we can use dnsmasq 2.77 or
+# newer we can use --server-file option to update the servers dynamically and
+# reload them by sending dnsmasq a SIGHUP. We write the file in case someone else
+# triggers a restart of dnsmasq but not a node restart.
+- name: Install node-dnsmasq.conf
+ template:
+ src: node-dnsmasq.conf.j2
+ dest: /etc/origin/node/node-dnsmasq.conf
+
+# Relies on ansible in order to configure static config
+- include_tasks: dnsmasq/no-network-manager.yml
+ when: not network_manager_active | bool
diff --git a/roles/openshift_node/tasks/install.yml b/roles/openshift_node/tasks/install.yml
index 6b7e40491..fb98b7550 100644
--- a/roles/openshift_node/tasks/install.yml
+++ b/roles/openshift_node/tasks/install.yml
@@ -3,27 +3,33 @@
block:
- name: Install Node package
package:
- name: "{{ openshift.common.service_type }}-node{{ (openshift_pkg_version | default('')) | oo_image_tag_to_rpm_version(include_dash=True) }}"
+ name: "{{ openshift_service_type }}-node{{ (openshift_pkg_version | default('')) | lib_utils_oo_image_tag_to_rpm_version(include_dash=True) }}"
state: present
+ register: result
+ until: result is succeeded
- name: Install sdn-ovs package
package:
- name: "{{ openshift.common.service_type }}-sdn-ovs{{ (openshift_pkg_version | default('')) | oo_image_tag_to_rpm_version(include_dash=True) }}"
+ name: "{{ openshift_service_type }}-sdn-ovs{{ (openshift_pkg_version | default('')) | lib_utils_oo_image_tag_to_rpm_version(include_dash=True) }}"
state: present
when:
- openshift_node_use_openshift_sdn | bool
+ register: result
+ until: result is succeeded
- name: Install conntrack-tools package
package:
name: "conntrack-tools"
state: present
+ register: result
+ until: result is succeeded
- when:
- openshift.common.is_containerized | bool
- - not openshift.common.is_node_system_container | bool
+ - not l_is_node_system_container | bool
block:
- name: Pre-pull node image when containerized
command: >
- docker pull {{ openshift.node.node_image }}:{{ openshift_image_tag }}
+ docker pull {{ osn_image }}:{{ openshift_image_tag }}
register: pull_result
changed_when: "'Downloaded newer image' in pull_result.stdout"
diff --git a/roles/openshift_node/tasks/main.yml b/roles/openshift_node/tasks/main.yml
index eae9ca7bc..2daa6c75f 100644
--- a/roles/openshift_node/tasks/main.yml
+++ b/roles/openshift_node/tasks/main.yml
@@ -4,11 +4,13 @@
when:
- (not ansible_selinux or ansible_selinux.status != 'enabled')
- deployment_type == 'openshift-enterprise'
- - not openshift_use_crio | default(false)
+ - not openshift_use_crio
+
+- include_tasks: dnsmasq_install.yml
+- include_tasks: dnsmasq.yml
- name: setup firewall
- include: firewall.yml
- static: yes
+ import_tasks: firewall.yml
#### Disable SWAP #####
# https://docs.openshift.com/container-platform/3.4/admin_guide/overcommit.html#disabling-swap-memory
@@ -41,14 +43,18 @@
#### End Disable Swap Block ####
- name: include node installer
- include: install.yml
+ include_tasks: install.yml
- name: Restart cri-o
systemd:
name: cri-o
enabled: yes
state: restarted
- when: openshift_use_crio | default(false)
+ when: openshift_use_crio
+ register: task_result
+ failed_when:
+ - task_result is failed
+ - ('could not find the requested service' not in task_result.msg|lower)
- name: restart NetworkManager to ensure resolv.conf is present
systemd:
@@ -66,34 +72,34 @@
sysctl_file: "/etc/sysctl.d/99-openshift.conf"
reload: yes
-- include: registry_auth.yml
+- include_tasks: registry_auth.yml
- name: include standard node config
- include: config.yml
+ include_tasks: config.yml
#### Storage class plugins here ####
- name: NFS storage plugin configuration
- include: storage_plugins/nfs.yml
+ include_tasks: storage_plugins/nfs.yml
tags:
- nfs
- name: GlusterFS storage plugin configuration
- include: storage_plugins/glusterfs.yml
- when: "'glusterfs' in openshift.node.storage_plugin_deps"
+ include_tasks: storage_plugins/glusterfs.yml
+ when: "'glusterfs' in osn_storage_plugin_deps"
- name: Ceph storage plugin configuration
- include: storage_plugins/ceph.yml
- when: "'ceph' in openshift.node.storage_plugin_deps"
+ include_tasks: storage_plugins/ceph.yml
+ when: "'ceph' in osn_storage_plugin_deps"
- name: iSCSI storage plugin configuration
- include: storage_plugins/iscsi.yml
- when: "'iscsi' in openshift.node.storage_plugin_deps"
+ include_tasks: storage_plugins/iscsi.yml
+ when: "'iscsi' in osn_storage_plugin_deps"
##### END Storage #####
-- include: config/workaround-bz1331590-ovs-oom-fix.yml
+- include_tasks: config/workaround-bz1331590-ovs-oom-fix.yml
when: openshift_node_use_openshift_sdn | default(true) | bool
- name: include bootstrap node config
- include: bootstrap.yml
+ include_tasks: bootstrap.yml
when: openshift_node_bootstrap
diff --git a/roles/openshift_node/tasks/node_system_container.yml b/roles/openshift_node/tasks/node_system_container.yml
index 164a79b39..06b879050 100644
--- a/roles/openshift_node/tasks/node_system_container.yml
+++ b/roles/openshift_node/tasks/node_system_container.yml
@@ -1,21 +1,17 @@
---
-- name: Ensure proxies are in the atomic.conf
- include_role:
- name: openshift_atomic
- tasks_from: proxy
- name: Pre-pull node system container image
command: >
- atomic pull --storage=ostree {{ 'docker:' if openshift.common.system_images_registry == 'docker' else openshift.common.system_images_registry + '/' }}{{ openshift.node.node_system_image }}:{{ openshift_image_tag }}
+ atomic pull --storage=ostree {{ 'docker:' if system_images_registry == 'docker' else system_images_registry + '/' }}{{ osn_image }}:{{ openshift_image_tag }}
register: pull_result
changed_when: "'Pulling layer' in pull_result.stdout"
- name: Install or Update node system container
oc_atomic_container:
- name: "{{ openshift.common.service_type }}-node"
- image: "{{ 'docker:' if openshift.common.system_images_registry == 'docker' else openshift.common.system_images_registry + '/' }}{{ openshift.node.node_system_image }}:{{ openshift_image_tag }}"
+ name: "{{ openshift_service_type }}-node"
+ image: "{{ 'docker:' if system_images_registry == 'docker' else system_images_registry + '/' }}{{ osn_image }}:{{ openshift_image_tag }}"
values:
- "DNS_DOMAIN={{ openshift.common.dns_domain }}"
- - "DOCKER_SERVICE={{ openshift.docker.service_name }}.service"
- - "MASTER_SERVICE={{ openshift.common.service_type }}.service"
+ - "DOCKER_SERVICE={{ openshift_docker_service_name }}.service"
+ - "MASTER_SERVICE={{ openshift_service_type }}.service"
state: latest
diff --git a/roles/openshift_node/tasks/openvswitch_system_container.yml b/roles/openshift_node/tasks/openvswitch_system_container.yml
index 0f73ce454..30ef9ef44 100644
--- a/roles/openshift_node/tasks/openvswitch_system_container.yml
+++ b/roles/openshift_node/tasks/openvswitch_system_container.yml
@@ -1,30 +1,22 @@
---
- set_fact:
- l_use_crio: "{{ openshift_use_crio | default(false) }}"
-
-- set_fact:
l_service_name: "cri-o"
- when: l_use_crio
+ when: openshift_use_crio
- set_fact:
- l_service_name: "{{ openshift.docker.service_name }}"
- when: not l_use_crio
-
-- name: Ensure proxies are in the atomic.conf
- include_role:
- name: openshift_atomic
- tasks_from: proxy
+ l_service_name: "{{ openshift_docker_service_name }}"
+ when: not openshift_use_crio
- name: Pre-pull OpenVSwitch system container image
command: >
- atomic pull --storage=ostree {{ 'docker:' if openshift.common.system_images_registry == 'docker' else openshift.common.system_images_registry + '/' }}{{ openshift.node.ovs_system_image }}:{{ openshift_image_tag }}
+ atomic pull --storage=ostree {{ 'docker:' if system_images_registry == 'docker' else system_images_registry + '/' }}{{ osn_ovs_image }}:{{ openshift_image_tag }}
register: pull_result
changed_when: "'Pulling layer' in pull_result.stdout"
- name: Install or Update OpenVSwitch system container
oc_atomic_container:
name: openvswitch
- image: "{{ 'docker:' if openshift.common.system_images_registry == 'docker' else openshift.common.system_images_registry + '/' }}{{ openshift.node.ovs_system_image }}:{{ openshift_image_tag }}"
+ image: "{{ 'docker:' if system_images_registry == 'docker' else system_images_registry + '/' }}{{ osn_ovs_image }}:{{ openshift_image_tag }}"
state: latest
values:
- "DOCKER_SERVICE={{ l_service_name }}"
diff --git a/roles/openshift_node/tasks/registry_auth.yml b/roles/openshift_node/tasks/registry_auth.yml
index 5e5e4f94a..ab43ec049 100644
--- a/roles/openshift_node/tasks/registry_auth.yml
+++ b/roles/openshift_node/tasks/registry_auth.yml
@@ -8,6 +8,7 @@
- name: Create credentials for registry auth
command: "docker --config={{ oreg_auth_credentials_path }} login -u {{ oreg_auth_user }} -p {{ oreg_auth_password }} {{ oreg_host }}"
when:
+ - not (openshift_docker_alternative_creds | default(False))
- oreg_auth_user is defined
- (not node_oreg_auth_credentials_stat.stat.exists or oreg_auth_credentials_replace) | bool
register: node_oreg_auth_credentials_create
@@ -17,6 +18,24 @@
notify:
- restart node
+# docker_creds is a custom module from lib_utils
+# 'docker login' requires a docker.service running on the local host, this is an
+# alternative implementation for non-docker hosts. This implementation does not
+# check the registry to determine whether or not the credentials will work.
+- name: Create credentials for registry auth (alternative)
+ docker_creds:
+ path: "{{ oreg_auth_credentials_path }}"
+ registry: "{{ oreg_host }}"
+ username: "{{ oreg_auth_user }}"
+ password: "{{ oreg_auth_password }}"
+ when:
+ - openshift_docker_alternative_creds | bool
+ - oreg_auth_user is defined
+ - (not node_oreg_auth_credentials_stat.stat.exists or oreg_auth_credentials_replace) | bool
+ register: node_oreg_auth_credentials_create_alt
+ notify:
+ - restart node
+
# Container images may need the registry credentials
- name: Setup ro mount of /root/.docker for containerized hosts
set_fact:
@@ -24,4 +43,8 @@
when:
- openshift.common.is_containerized | bool
- oreg_auth_user is defined
- - (node_oreg_auth_credentials_stat.stat.exists or oreg_auth_credentials_replace or node_oreg_auth_credentials_create.changed) | bool
+ - >
+ (node_oreg_auth_credentials_stat.stat.exists
+ or oreg_auth_credentials_replace
+ or node_oreg_auth_credentials_create.changed
+ or node_oreg_auth_credentials_create_alt.changed) | bool
diff --git a/roles/openshift_node/tasks/storage_plugins/ceph.yml b/roles/openshift_node/tasks/storage_plugins/ceph.yml
index 037efe81a..52d80357e 100644
--- a/roles/openshift_node/tasks/storage_plugins/ceph.yml
+++ b/roles/openshift_node/tasks/storage_plugins/ceph.yml
@@ -2,3 +2,5 @@
- name: Install Ceph storage plugin dependencies
package: name=ceph-common state=present
when: not openshift.common.is_atomic | bool
+ register: result
+ until: result is succeeded
diff --git a/roles/openshift_node/tasks/storage_plugins/glusterfs.yml b/roles/openshift_node/tasks/storage_plugins/glusterfs.yml
index 1b8a7ad50..e60f57ae7 100644
--- a/roles/openshift_node/tasks/storage_plugins/glusterfs.yml
+++ b/roles/openshift_node/tasks/storage_plugins/glusterfs.yml
@@ -2,6 +2,8 @@
- name: Install GlusterFS storage plugin dependencies
package: name=glusterfs-fuse state=present
when: not openshift.common.is_atomic | bool
+ register: result
+ until: result is succeeded
- name: Check for existence of fusefs sebooleans
command: getsebool {{ item }}
@@ -29,7 +31,7 @@
# since getsebool prints the resolved name. (At some point Ansible's seboolean module
# should learn to deal with aliases)
- item.item in item.stdout # Boolean does not have an alias.
- - ansible_python_version | version_compare('3', '<')
+ - ansible_python_version is version_compare('3', '<')
with_items: "{{ fusefs_getsebool_status.results }}"
# Workaround for https://github.com/openshift/openshift-ansible/issues/4438
@@ -50,5 +52,5 @@
# should learn to deal with aliases)
- item.item in item.stdout # Boolean does not have an alias.
- ('--> off' in item.stdout) # Boolean is currently off.
- - ansible_python_version | version_compare('3', '>=')
+ - ansible_python_version is version_compare('3', '>=')
with_items: "{{ fusefs_getsebool_status.results }}"
diff --git a/roles/openshift_node/tasks/storage_plugins/iscsi.yml b/roles/openshift_node/tasks/storage_plugins/iscsi.yml
index 1c5478c55..d3a3668d5 100644
--- a/roles/openshift_node/tasks/storage_plugins/iscsi.yml
+++ b/roles/openshift_node/tasks/storage_plugins/iscsi.yml
@@ -2,3 +2,5 @@
- name: Install iSCSI storage plugin dependencies
package: name=iscsi-initiator-utils state=present
when: not openshift.common.is_atomic | bool
+ register: result
+ until: result is succeeded
diff --git a/roles/openshift_node/tasks/storage_plugins/nfs.yml b/roles/openshift_node/tasks/storage_plugins/nfs.yml
index 7e1035893..1484aa076 100644
--- a/roles/openshift_node/tasks/storage_plugins/nfs.yml
+++ b/roles/openshift_node/tasks/storage_plugins/nfs.yml
@@ -2,6 +2,8 @@
- name: Install NFS storage plugin dependencies
package: name=nfs-utils state=present
when: not openshift.common.is_atomic | bool
+ register: result
+ until: result is succeeded
- name: Check for existence of nfs sebooleans
command: getsebool {{ item }}
@@ -29,7 +31,7 @@
# since getsebool prints the resolved name. (At some point Ansible's seboolean module
# should learn to deal with aliases)
- item.item in item.stdout # Boolean does not have an alias.
- - ansible_python_version | version_compare('3', '<')
+ - ansible_python_version is version_compare('3', '<')
with_items: "{{ nfs_getsebool_status.results }}"
# Workaround for https://github.com/openshift/openshift-ansible/issues/4438
@@ -50,5 +52,5 @@
# should learn to deal with aliases)
- item.item in item.stdout # Boolean does not have an alias.
- ('--> off' in item.stdout) # Boolean is currently off.
- - ansible_python_version | version_compare('3', '>=')
+ - ansible_python_version is version_compare('3', '>=')
with_items: "{{ nfs_getsebool_status.results }}"
diff --git a/roles/openshift_node/tasks/systemd_units.yml b/roles/openshift_node/tasks/systemd_units.yml
index 9c182ade6..262ee698b 100644
--- a/roles/openshift_node/tasks/systemd_units.yml
+++ b/roles/openshift_node/tasks/systemd_units.yml
@@ -1,9 +1,9 @@
---
- name: Install Node service file
template:
- dest: "/etc/systemd/system/{{ openshift.common.service_type }}-node.service"
+ dest: "/etc/systemd/system/{{ openshift_service_type }}-node.service"
src: "{{ openshift.common.is_containerized | bool | ternary('openshift.docker.node.service', 'node.service.j2') }}"
- when: not openshift.common.is_node_system_container | bool
+ when: not l_is_node_system_container | bool
notify:
- reload systemd units
- restart node
@@ -11,34 +11,15 @@
- when: openshift.common.is_containerized | bool
block:
- name: include node deps docker service file
- include: config/install-node-deps-docker-service-file.yml
+ include_tasks: config/install-node-deps-docker-service-file.yml
- name: include ovs service environment file
- include: config/install-ovs-service-env-file.yml
+ include_tasks: config/install-ovs-service-env-file.yml
- - name: Install Node system container
- include: node_system_container.yml
- when:
- - openshift.common.is_node_system_container | bool
-
- - name: Install OpenvSwitch system containers
- include: openvswitch_system_container.yml
+ - include_tasks: config/install-ovs-docker-service-file.yml
when:
- openshift_node_use_openshift_sdn | bool
- - openshift.common.is_openvswitch_system_container | bool
-
-- block:
- - name: Pre-pull openvswitch image
- command: >
- docker pull {{ openshift.node.ovs_image }}:{{ openshift_image_tag }}
- register: pull_result
- changed_when: "'Downloaded newer image' in pull_result.stdout"
-
- - include: config/install-ovs-docker-service-file.yml
- when:
- - openshift.common.is_containerized | bool
- - openshift_node_use_openshift_sdn | bool
- - not openshift.common.is_openvswitch_system_container | bool
+ - not l_is_openvswitch_system_container | bool
-- include: config/configure-node-settings.yml
-- include: config/configure-proxy-settings.yml
+- include_tasks: config/configure-node-settings.yml
+- include_tasks: config/configure-proxy-settings.yml
diff --git a/roles/openshift_node/tasks/upgrade.yml b/roles/openshift_node/tasks/upgrade.yml
new file mode 100644
index 000000000..f0a013e45
--- /dev/null
+++ b/roles/openshift_node/tasks/upgrade.yml
@@ -0,0 +1,55 @@
+---
+# input variables:
+# - l_docker_upgrade
+# - openshift.common.is_atomic
+# - node_config_hook
+# - openshift_pkg_version
+# - openshift.common.is_containerized
+# - deployment_type
+# - openshift_release
+
+# tasks file for openshift_node_upgrade
+
+- name: stop services for upgrade
+ include_tasks: upgrade/stop_services.yml
+
+# Ensure actually install latest package.
+- name: download docker upgrade rpm
+ command: "{{ ansible_pkg_mgr }} install -C -y docker{{ '-' + docker_version }}"
+ register: result
+ until: result is succeeded
+ when:
+ - l_docker_upgrade is defined
+ - l_docker_upgrade | bool
+
+- name: install pre-pulled rpms.
+ include_tasks: upgrade/rpm_upgrade_install.yml
+ vars:
+ openshift_version: "{{ openshift_pkg_version | default('') }}"
+ when: not openshift.common.is_containerized | bool
+
+
+- include_tasks: "{{ node_config_hook }}"
+ when: node_config_hook is defined
+
+- include_tasks: upgrade/config_changes.yml
+
+# Restart all services
+- include_tasks: upgrade/restart.yml
+
+- name: Wait for node to be ready
+ oc_obj:
+ state: list
+ kind: node
+ name: "{{ openshift.common.hostname | lower }}"
+ register: node_output
+ delegate_to: "{{ groups.oo_first_master.0 }}"
+ until: node_output.results.returncode == 0 and node_output.results.results[0].status.conditions | selectattr('type', 'match', '^Ready$') | map(attribute='status') | join | bool == True
+ # Give the node two minutes to come back online.
+ retries: 24
+ delay: 5
+
+- include_tasks: dnsmasq_install.yml
+- include_tasks: dnsmasq.yml
+
+- meta: flush_handlers
diff --git a/roles/openshift_node/tasks/upgrade/config_changes.yml b/roles/openshift_node/tasks/upgrade/config_changes.yml
new file mode 100644
index 000000000..439700df6
--- /dev/null
+++ b/roles/openshift_node/tasks/upgrade/config_changes.yml
@@ -0,0 +1,77 @@
+---
+- name: Update systemd units
+ include_tasks: ../systemd_units.yml
+ when: openshift.common.is_containerized
+
+- name: Update oreg value
+ yedit:
+ src: "{{ openshift.common.config_base }}/node/node-config.yaml"
+ key: 'imageConfig.format'
+ value: "{{ oreg_url | default(oreg_url_node) }}"
+ when: oreg_url is defined or oreg_url_node is defined
+
+- name: Remove obsolete docker-sdn-ovs.conf
+ file:
+ path: "/etc/systemd/system/docker.service.d/docker-sdn-ovs.conf"
+ state: absent
+
+# https://bugzilla.redhat.com/show_bug.cgi?id=1513054
+- name: Clean up dockershim data
+ file:
+ path: "/var/lib/dockershim/sandbox/"
+ state: absent
+
+# Disable Swap Block (pre)
+- block:
+ - name: Remove swap entries from /etc/fstab
+ replace:
+ dest: /etc/fstab
+ regexp: '(^[^#].*swap.*)'
+ replace: '# \1'
+ backup: yes
+
+ - name: Add notice about disabling swap
+ lineinfile:
+ dest: /etc/fstab
+ line: '# OpenShift-Ansible Installer disabled swap per overcommit guidelines'
+ state: present
+
+ - name: Disable swap
+ command: swapoff --all
+
+ when:
+ - openshift_node_upgrade_swap_result | default(False) | bool
+ - openshift_disable_swap | default(true) | bool
+# End Disable Swap Block
+
+- name: Apply 3.6 dns config changes
+ yedit:
+ src: /etc/origin/node/node-config.yaml
+ key: "{{ item.key }}"
+ value: "{{ item.value }}"
+ with_items:
+ - key: "dnsBindAddress"
+ value: "127.0.0.1:53"
+ - key: "dnsRecursiveResolvConf"
+ value: "/etc/origin/node/resolv.conf"
+
+- name: Install Node service file
+ template:
+ dest: "/etc/systemd/system/{{ openshift_service_type }}-node.service"
+ src: "node.service.j2"
+ register: l_node_unit
+
+- name: Reset selinux context
+ command: restorecon -RF {{ openshift_node_data_dir }}/openshift.local.volumes
+ when:
+ - ansible_selinux is defined
+ - ansible_selinux.status == 'enabled'
+
+# NOTE: This is needed to make sure we are using the correct set
+# of systemd unit files. The RPMs lay down defaults but
+# the install/upgrade may override them in /etc/systemd/system/.
+# NOTE: We don't use the systemd module as some versions of the module
+# require a service to be part of the call.
+- name: Reload systemd units
+ command: systemctl daemon-reload
+ when: l_node_unit is changed
diff --git a/roles/openshift_node/tasks/upgrade/containerized_upgrade_pull.yml b/roles/openshift_node/tasks/upgrade/containerized_upgrade_pull.yml
new file mode 100644
index 000000000..0a14e5174
--- /dev/null
+++ b/roles/openshift_node/tasks/upgrade/containerized_upgrade_pull.yml
@@ -0,0 +1,15 @@
+---
+- name: Pre-pull node image
+ command: >
+ docker pull {{ osn_image }}:{{ openshift_image_tag }}
+ register: pull_result
+ changed_when: "'Downloaded newer image' in pull_result.stdout"
+
+- name: Pre-pull openvswitch image
+ command: >
+ docker pull {{ osn_ovs_image }}:{{ openshift_image_tag }}
+ register: pull_result
+ changed_when: "'Downloaded newer image' in pull_result.stdout"
+ when: openshift_use_openshift_sdn | bool
+
+- include_tasks: ../container_images.yml
diff --git a/roles/openshift_node/tasks/upgrade/restart.yml b/roles/openshift_node/tasks/upgrade/restart.yml
new file mode 100644
index 000000000..45b0be0a0
--- /dev/null
+++ b/roles/openshift_node/tasks/upgrade/restart.yml
@@ -0,0 +1,51 @@
+---
+# input variables:
+# - openshift_service_type
+# - openshift.common.is_containerized
+# - openshift.common.hostname
+# - openshift.master.api_port
+
+# NOTE: This is needed to make sure we are using the correct set
+# of systemd unit files. The RPMs lay down defaults but
+# the install/upgrade may override them in /etc/systemd/system/.
+# NOTE: We don't use the systemd module as some versions of the module
+# require a service to be part of the call.
+- name: Reload systemd to ensure latest unit files
+ command: systemctl daemon-reload
+
+- name: Restart support services
+ service:
+ name: "{{ item }}"
+ state: restarted
+ enabled: True
+ with_items:
+ - NetworkManager
+ - dnsmasq
+
+- name: Restart container runtime
+ service:
+ name: "{{ openshift_docker_service_name }}"
+ state: started
+ register: docker_start_result
+ until: not (docker_start_result is failed)
+ retries: 3
+ delay: 30
+
+- name: Start services
+ service: name={{ item }} state=started
+ with_items:
+ - etcd_container
+ - openvswitch
+ - "{{ openshift_service_type }}-master-api"
+ - "{{ openshift_service_type }}-master-controllers"
+ - "{{ openshift_service_type }}-node"
+ failed_when: false
+
+- name: Wait for master API to come back online
+ wait_for:
+ host: "{{ openshift.common.hostname }}"
+ state: started
+ delay: 10
+ port: "{{ openshift.master.api_port }}"
+ timeout: 600
+ when: inventory_hostname in groups.oo_masters_to_config
diff --git a/roles/openshift_node/tasks/upgrade/rpm_upgrade.yml b/roles/openshift_node/tasks/upgrade/rpm_upgrade.yml
new file mode 100644
index 000000000..cc9a8f2d9
--- /dev/null
+++ b/roles/openshift_node/tasks/upgrade/rpm_upgrade.yml
@@ -0,0 +1,24 @@
+---
+# input variables:
+# - openshift_service_type
+# - component
+# - openshift_pkg_version
+# - openshift.common.is_atomic
+
+# Pre-pull new node rpm, but don't install
+- name: download new node packages
+ command: "{{ ansible_pkg_mgr }} install -y --downloadonly {{ openshift_node_upgrade_rpm_list | join(' ')}}"
+ register: result
+ until: result is succeeded
+ vars:
+ openshift_node_upgrade_rpm_list:
+ - "{{ openshift_service_type }}-node{{ openshift_pkg_version }}"
+ - "PyYAML"
+ - "dnsmasq"
+
+# Pre-pull the rpms for openvswitch, but don't install
+# openvswitch requires the latest version to be installed.
+- name: download openvswitch upgrade rpm
+ command: "{{ ansible_pkg_mgr }} update -y --downloadonly openvswitch"
+ register: result
+ until: result is succeeded
diff --git a/roles/openshift_node/tasks/upgrade/rpm_upgrade_install.yml b/roles/openshift_node/tasks/upgrade/rpm_upgrade_install.yml
new file mode 100644
index 000000000..32eeb76c6
--- /dev/null
+++ b/roles/openshift_node/tasks/upgrade/rpm_upgrade_install.yml
@@ -0,0 +1,19 @@
+---
+# input variables:
+# - openshift_service_type
+# - component
+# - openshift_pkg_version
+# - openshift.common.is_atomic
+
+# Install the pre-pulled RPM
+# Note: dnsmasq is covered in it's own play. openvswitch is included here
+# because once we have the latest rpm downloaded, it will happily be installed.
+- name: download new node packages
+ command: "{{ ansible_pkg_mgr }} install -C -y {{ openshift_node_upgrade_rpm_list | join(' ')}}"
+ register: result
+ until: result is succeeded
+ vars:
+ openshift_node_upgrade_rpm_list:
+ - "{{ openshift_service_type }}-node{{ openshift_pkg_version }}"
+ - "PyYAML"
+ - "openvswitch"
diff --git a/roles/openshift_node/tasks/upgrade/stop_services.yml b/roles/openshift_node/tasks/upgrade/stop_services.yml
new file mode 100644
index 000000000..2fff556e5
--- /dev/null
+++ b/roles/openshift_node/tasks/upgrade/stop_services.yml
@@ -0,0 +1,43 @@
+---
+- name: Stop node and openvswitch services
+ service:
+ name: "{{ item }}"
+ state: stopped
+ with_items:
+ - "{{ openshift_service_type }}-node"
+ - openvswitch
+ failed_when: false
+
+- name: Ensure containerized services stopped before Docker restart
+ service:
+ name: "{{ item }}"
+ state: stopped
+ with_items:
+ - etcd_container
+ - openvswitch
+ - "{{ openshift_service_type }}-master-api"
+ - "{{ openshift_service_type }}-master-controllers"
+ - "{{ openshift_service_type }}-node"
+ failed_when: false
+ when: openshift.common.is_containerized | bool
+
+- service:
+ name: docker
+ state: stopped
+ register: l_openshift_node_upgrade_docker_stop_result
+ until: not (l_openshift_node_upgrade_docker_stop_result is failed)
+ retries: 3
+ delay: 30
+ when:
+ - l_docker_upgrade is defined
+ - l_docker_upgrade | bool
+
+- name: Stop rpm based services
+ service:
+ name: "{{ item }}"
+ state: stopped
+ with_items:
+ - "{{ openshift_service_type }}-node"
+ - openvswitch
+ failed_when: false
+ when: not openshift.common.is_containerized | bool
diff --git a/roles/openshift_node/tasks/upgrade_pre.yml b/roles/openshift_node/tasks/upgrade_pre.yml
new file mode 100644
index 000000000..7f591996c
--- /dev/null
+++ b/roles/openshift_node/tasks/upgrade_pre.yml
@@ -0,0 +1,56 @@
+---
+# This is a hack to allow us to update various components without restarting
+# services. This will persist into the upgrade play as well, so everything
+# needs to be restarted by hand.
+- set_fact:
+ skip_node_svc_handlers: True
+
+- include_tasks: registry_auth.yml
+
+- name: update package meta data to speed install later.
+ command: "{{ ansible_pkg_mgr }} makecache"
+ register: result
+ until: result is succeeded
+ when: not openshift.common.is_containerized | bool
+
+- name: Check Docker image count
+ shell: "docker images -aq | wc -l"
+ register: docker_image_count
+ when:
+ - l_docker_upgrade is defined
+ - l_docker_upgrade | bool
+
+- debug: var=docker_image_count.stdout
+ when:
+ - l_docker_upgrade is defined
+ - l_docker_upgrade | bool
+
+- include_tasks: upgrade/containerized_upgrade_pull.yml
+ when: openshift.common.is_containerized | bool
+
+# Prepull the rpms for docker upgrade, but don't install
+- name: download docker upgrade rpm
+ command: "{{ ansible_pkg_mgr }} install -y --downloadonly docker{{ '-' + docker_version }}"
+ register: result
+ until: result is succeeded
+ when:
+ - l_docker_upgrade is defined
+ - l_docker_upgrade | bool
+
+- include_tasks: upgrade/rpm_upgrade.yml
+ vars:
+ openshift_version: "{{ openshift_pkg_version | default('') }}"
+ when: not openshift.common.is_containerized | bool
+
+# https://docs.openshift.com/container-platform/3.4/admin_guide/overcommit.html#disabling-swap-memory
+- name: Check for swap usage
+ command: grep "^[^#].*swap" /etc/fstab
+ # grep: match any lines which don't begin with '#' and contain 'swap'
+ changed_when: false
+ failed_when: false
+ register: swap_result
+
+# Set this fact here so we can use it during the next play, which is serial.
+- name: set_fact swap_result
+ set_fact:
+ openshift_node_upgrade_swap_result: "{{ swap_result.stdout_lines | length > 0 | bool }}"
diff --git a/roles/openshift_node_dnsmasq/templates/node-dnsmasq.conf.j2 b/roles/openshift_node/templates/node-dnsmasq.conf.j2
index 3caa3bd4a..3caa3bd4a 100644
--- a/roles/openshift_node_dnsmasq/templates/node-dnsmasq.conf.j2
+++ b/roles/openshift_node/templates/node-dnsmasq.conf.j2
diff --git a/roles/openshift_node/templates/node.service.j2 b/roles/openshift_node/templates/node.service.j2
index 7602d8ee6..da751bd65 100644
--- a/roles/openshift_node/templates/node.service.j2
+++ b/roles/openshift_node/templates/node.service.j2
@@ -1,14 +1,14 @@
[Unit]
Description=OpenShift Node
-After={{ openshift.docker.service_name }}.service
+After={{ openshift_docker_service_name }}.service
Wants=openvswitch.service
After=ovsdb-server.service
After=ovs-vswitchd.service
-Wants={{ openshift.docker.service_name }}.service
+Wants={{ openshift_docker_service_name }}.service
Documentation=https://github.com/openshift/origin
Requires=dnsmasq.service
After=dnsmasq.service
-{% if openshift_use_crio|default(false) %}Wants=cri-o.service{% endif %}
+{% if openshift_use_crio %}Wants=cri-o.service{% endif %}
[Service]
Type=notify
diff --git a/roles/openshift_node/templates/node.yaml.v1.j2 b/roles/openshift_node/templates/node.yaml.v1.j2
index 718d35dca..f091263f5 100644
--- a/roles/openshift_node/templates/node.yaml.v1.j2
+++ b/roles/openshift_node/templates/node.yaml.v1.j2
@@ -5,37 +5,33 @@ dnsBindAddress: 127.0.0.1:53
dnsRecursiveResolvConf: /etc/origin/node/resolv.conf
{% endif %}
dnsDomain: {{ openshift.common.dns_domain }}
-{% if 'dns_ip' in openshift.node %}
-dnsIP: {{ openshift.node.dns_ip }}
-{% endif %}
+dnsIP: {{ openshift_dns_ip }}
dockerConfig:
execHandlerName: ""
-iptablesSyncPeriod: "{{ openshift.node.iptables_sync_period }}"
+iptablesSyncPeriod: "{{ openshift_node_iptables_sync_period }}"
imageConfig:
- format: {{ openshift.node.registry_url }}
+ format: {{ oreg_url_node }}
latest: {{ openshift_node_image_config_latest }}
kind: NodeConfig
-kubeletArguments: {{ openshift.node.kubelet_args | default(None) | to_padded_yaml(level=1) }}
-{% if openshift_use_crio | default(False) %}
+kubeletArguments: {{ l2_openshift_node_kubelet_args | default(None) | lib_utils_to_padded_yaml(level=1) }}
+{% if openshift_use_crio %}
container-runtime:
- remote
container-runtime-endpoint:
- - /var/run/crio.sock
+ - /var/run/crio/crio.sock
image-service-endpoint:
- - /var/run/crio.sock
+ - /var/run/crio/crio.sock
node-labels:
- router=true
- registry=true
runtime-request-timeout:
- 10m
{% endif %}
-{% if openshift.common.version_gte_3_3_or_1_3 | bool %}
masterClientConnectionOverrides:
acceptContentTypes: application/vnd.kubernetes.protobuf,application/json
contentType: application/vnd.kubernetes.protobuf
burst: 200
qps: 100
-{% endif %}
masterKubeConfig: system:node:{{ openshift.common.hostname }}.kubeconfig
{% if openshift_node_use_openshift_sdn | bool %}
networkPluginName: {{ openshift_node_sdn_network_plugin_name }}
@@ -47,7 +43,7 @@ networkConfig:
{% if openshift_node_use_openshift_sdn | bool or openshift_node_use_nuage | bool or openshift_node_use_contiv | bool or openshift_node_use_kuryr | bool or openshift_node_sdn_network_plugin_name == 'cni' %}
networkPluginName: {{ openshift_node_sdn_network_plugin_name }}
{% endif %}
-{% if openshift.node.set_node_ip | bool %}
+{% if openshift_set_node_ip | bool %}
nodeIP: {{ openshift.common.ip }}
{% endif %}
nodeName: {{ openshift.node.nodename }}
@@ -70,8 +66,8 @@ volumeDirectory: {{ openshift_node_data_dir }}/openshift.local.volumes
{% if not (openshift_node_use_kuryr | default(False)) | bool %}
proxyArguments:
proxy-mode:
- - {{ openshift.node.proxy_mode }}
+ - {{ openshift_node_proxy_mode }}
{% endif %}
volumeConfig:
localQuota:
- perFSGroup: {{ openshift.node.local_quota_per_fsgroup }}
+ perFSGroup: {{ openshift_node_local_quota_per_fsgroup }}
diff --git a/roles/openshift_node/templates/openshift.docker.node.dep.service b/roles/openshift_node/templates/openshift.docker.node.dep.service
index fa7238849..8b43beb07 100644
--- a/roles/openshift_node/templates/openshift.docker.node.dep.service
+++ b/roles/openshift_node/templates/openshift.docker.node.dep.service
@@ -1,11 +1,11 @@
[Unit]
-Requires={{ openshift.docker.service_name }}.service
-After={{ openshift.docker.service_name }}.service
-PartOf={{ openshift.common.service_type }}-node.service
-Before={{ openshift.common.service_type }}-node.service
-{% if openshift_use_crio|default(false) %}Wants=cri-o.service{% endif %}
+Requires={{ openshift_docker_service_name }}.service
+After={{ openshift_docker_service_name }}.service
+PartOf={{ openshift_service_type }}-node.service
+Before={{ openshift_service_type }}-node.service
+{% if openshift_use_crio %}Wants=cri-o.service{% endif %}
[Service]
-ExecStart=/bin/bash -c "if [[ -f /usr/bin/docker-current ]]; then echo \"DOCKER_ADDTL_BIND_MOUNTS=--volume=/usr/bin/docker-current:/usr/bin/docker-current:ro --volume=/etc/sysconfig/docker:/etc/sysconfig/docker:ro --volume=/etc/containers/registries:/etc/containers/registries:ro\" > /etc/sysconfig/{{ openshift.common.service_type }}-node-dep; else echo \"#DOCKER_ADDTL_BIND_MOUNTS=\" > /etc/sysconfig/{{ openshift.common.service_type }}-node-dep; fi"
+ExecStart=/bin/bash -c "if [[ -f /usr/bin/docker-current ]]; then echo \"DOCKER_ADDTL_BIND_MOUNTS=--volume=/usr/bin/docker-current:/usr/bin/docker-current:ro --volume=/etc/sysconfig/docker:/etc/sysconfig/docker:ro --volume=/etc/containers/registries:/etc/containers/registries:ro\" > /etc/sysconfig/{{ openshift_service_type }}-node-dep; else echo \"#DOCKER_ADDTL_BIND_MOUNTS=\" > /etc/sysconfig/{{ openshift_service_type }}-node-dep; fi"
ExecStop=
-SyslogIdentifier={{ openshift.common.service_type }}-node-dep
+SyslogIdentifier={{ openshift_service_type }}-node-dep
diff --git a/roles/openshift_node/templates/openshift.docker.node.service b/roles/openshift_node/templates/openshift.docker.node.service
index 561aa01f4..ae7b147a6 100644
--- a/roles/openshift_node/templates/openshift.docker.node.service
+++ b/roles/openshift_node/templates/openshift.docker.node.service
@@ -1,32 +1,32 @@
[Unit]
-After={{ openshift.common.service_type }}-master.service
-After={{ openshift.docker.service_name }}.service
+After={{ openshift_service_type }}-master.service
+After={{ openshift_docker_service_name }}.service
After=openvswitch.service
-PartOf={{ openshift.docker.service_name }}.service
-Requires={{ openshift.docker.service_name }}.service
+PartOf={{ openshift_docker_service_name }}.service
+Requires={{ openshift_docker_service_name }}.service
{% if openshift_node_use_openshift_sdn %}
Wants=openvswitch.service
PartOf=openvswitch.service
After=ovsdb-server.service
After=ovs-vswitchd.service
{% endif %}
-Wants={{ openshift.common.service_type }}-master.service
-Requires={{ openshift.common.service_type }}-node-dep.service
-After={{ openshift.common.service_type }}-node-dep.service
+Wants={{ openshift_service_type }}-master.service
+Requires={{ openshift_service_type }}-node-dep.service
+After={{ openshift_service_type }}-node-dep.service
Requires=dnsmasq.service
After=dnsmasq.service
[Service]
-EnvironmentFile=/etc/sysconfig/{{ openshift.common.service_type }}-node
-EnvironmentFile=/etc/sysconfig/{{ openshift.common.service_type }}-node-dep
-ExecStartPre=-/usr/bin/docker rm -f {{ openshift.common.service_type }}-node
+EnvironmentFile=/etc/sysconfig/{{ openshift_service_type }}-node
+EnvironmentFile=/etc/sysconfig/{{ openshift_service_type }}-node-dep
+ExecStartPre=-/usr/bin/docker rm -f {{ openshift_service_type }}-node
ExecStartPre=/usr/bin/cp /etc/origin/node/node-dnsmasq.conf /etc/dnsmasq.d/
ExecStartPre=/usr/bin/dbus-send --system --dest=uk.org.thekelleys.dnsmasq /uk/org/thekelleys/dnsmasq uk.org.thekelleys.SetDomainServers array:string:/in-addr.arpa/127.0.0.1,/{{ openshift.common.dns_domain }}/127.0.0.1
-ExecStart=/usr/bin/docker run --name {{ openshift.common.service_type }}-node \
- --rm --privileged --net=host --pid=host --env-file=/etc/sysconfig/{{ openshift.common.service_type }}-node \
+ExecStart=/usr/bin/docker run --name {{ openshift_service_type }}-node \
+ --rm --privileged --net=host --pid=host --env-file=/etc/sysconfig/{{ openshift_service_type }}-node \
-v /:/rootfs:ro,rslave -e CONFIG_FILE=${CONFIG_FILE} -e OPTIONS=${OPTIONS} \
-e HOST=/rootfs -e HOST_ETC=/host-etc \
- -v {{ openshift_node_data_dir }}:{{ openshift_node_data_dir }}{{ ':rslave' if openshift.docker.gte_1_10 | default(False) | bool else '' }} \
+ -v {{ openshift_node_data_dir }}:{{ openshift_node_data_dir }}:rslave \
-v {{ openshift.common.config_base }}/node:{{ openshift.common.config_base }}/node \
{% if openshift_cloudprovider_kind | default('') != '' -%} -v {{ openshift.common.config_base }}/cloudprovider:{{ openshift.common.config_base}}/cloudprovider {% endif -%} \
-v /etc/localtime:/etc/localtime:ro -v /etc/machine-id:/etc/machine-id:ro \
@@ -38,14 +38,14 @@ ExecStart=/usr/bin/docker run --name {{ openshift.common.service_type }}-node \
{% if openshift_use_nuage | default(false) -%} $NUAGE_ADDTL_BIND_MOUNTS {% endif -%} \
-v /dev:/dev $DOCKER_ADDTL_BIND_MOUNTS -v /etc/pki:/etc/pki:ro \
{% if l_bind_docker_reg_auth %} -v {{ oreg_auth_credentials_path }}:/root/.docker:ro{% endif %}\
- {{ openshift.node.node_image }}:${IMAGE_VERSION}
+ {{ osn_image }}:${IMAGE_VERSION}
ExecStartPost=/usr/bin/sleep 10
-ExecStop=/usr/bin/docker stop {{ openshift.common.service_type }}-node
+ExecStop=/usr/bin/docker stop {{ openshift_service_type }}-node
ExecStopPost=/usr/bin/rm /etc/dnsmasq.d/node-dnsmasq.conf
ExecStopPost=/usr/bin/dbus-send --system --dest=uk.org.thekelleys.dnsmasq /uk/org/thekelleys/dnsmasq uk.org.thekelleys.SetDomainServers array:string:
-SyslogIdentifier={{ openshift.common.service_type }}-node
+SyslogIdentifier={{ openshift_service_type }}-node
Restart=always
RestartSec=5s
[Install]
-WantedBy={{ openshift.docker.service_name }}.service
+WantedBy={{ openshift_docker_service_name }}.service
diff --git a/roles/openshift_node/templates/openvswitch.docker.service b/roles/openshift_node/templates/openvswitch.docker.service
index 34aaaabd6..1fc9b6e72 100644
--- a/roles/openshift_node/templates/openvswitch.docker.service
+++ b/roles/openshift_node/templates/openvswitch.docker.service
@@ -1,12 +1,12 @@
[Unit]
-After={{ openshift.docker.service_name }}.service
-Requires={{ openshift.docker.service_name }}.service
-PartOf={{ openshift.docker.service_name }}.service
+After={{ openshift_docker_service_name }}.service
+Requires={{ openshift_docker_service_name }}.service
+PartOf={{ openshift_docker_service_name }}.service
[Service]
EnvironmentFile=/etc/sysconfig/openvswitch
ExecStartPre=-/usr/bin/docker rm -f openvswitch
-ExecStart=/usr/bin/docker run --name openvswitch --rm --privileged --net=host --pid=host -v /lib/modules:/lib/modules -v /run:/run -v /sys:/sys:ro -v /etc/origin/openvswitch:/etc/openvswitch {{ openshift.node.ovs_image }}:${IMAGE_VERSION}
+ExecStart=/usr/bin/docker run --name openvswitch --rm --privileged --net=host --pid=host -v /lib/modules:/lib/modules -v /run:/run -v /sys:/sys:ro -v /etc/origin/openvswitch:/etc/openvswitch {{ osn_ovs_image }}:${IMAGE_VERSION}
ExecStartPost=/usr/bin/sleep 5
ExecStop=/usr/bin/docker stop openvswitch
SyslogIdentifier=openvswitch
@@ -14,4 +14,4 @@ Restart=always
RestartSec=5s
[Install]
-WantedBy={{ openshift.docker.service_name }}.service
+WantedBy={{ openshift_docker_service_name }}.service
diff --git a/roles/openshift_node_dnsmasq/templates/origin-dns.conf.j2 b/roles/openshift_node/templates/origin-dns.conf.j2
index 6543c7c3e..6543c7c3e 100644
--- a/roles/openshift_node_dnsmasq/templates/origin-dns.conf.j2
+++ b/roles/openshift_node/templates/origin-dns.conf.j2
diff --git a/roles/openshift_node_certificates/defaults/main.yml b/roles/openshift_node_certificates/defaults/main.yml
index 455f26f30..b42b75be9 100644
--- a/roles/openshift_node_certificates/defaults/main.yml
+++ b/roles/openshift_node_certificates/defaults/main.yml
@@ -1,3 +1,5 @@
---
openshift_node_cert_expire_days: 730
openshift_ca_host: ''
+
+openshift_docker_service_name: "{{ 'container-engine' if (openshift_docker_use_system_container | default(False)) else 'docker' }}"
diff --git a/roles/openshift_node_certificates/handlers/main.yml b/roles/openshift_node_certificates/handlers/main.yml
index ef66bf9ca..3531e30b8 100644
--- a/roles/openshift_node_certificates/handlers/main.yml
+++ b/roles/openshift_node_certificates/handlers/main.yml
@@ -6,7 +6,7 @@
- name: check for container runtime after updating ca trust
command: >
- systemctl -q is-active {{ openshift.docker.service_name }}.service
+ systemctl -q is-active {{ openshift_docker_service_name }}.service
register: l_docker_installed
# An rc of 0 indicates that the container runtime service is
# running. We will restart it by notifying the restart handler since
@@ -18,10 +18,10 @@
- name: restart container runtime after updating ca trust
systemd:
- name: "{{ openshift.docker.service_name }}"
+ name: "{{ openshift_docker_service_name }}"
state: restarted
when: not openshift_certificates_redeploy | default(false) | bool
register: l_docker_restart_docker_in_cert_result
- until: not l_docker_restart_docker_in_cert_result | failed
+ until: not (l_docker_restart_docker_in_cert_result is failed)
retries: 3
delay: 30
diff --git a/roles/openshift_node_certificates/meta/main.yml b/roles/openshift_node_certificates/meta/main.yml
index 0440bf11a..4362c644a 100644
--- a/roles/openshift_node_certificates/meta/main.yml
+++ b/roles/openshift_node_certificates/meta/main.yml
@@ -12,4 +12,5 @@ galaxy_info:
categories:
- cloud
- system
-dependencies: []
+dependencies:
+- role: lib_utils
diff --git a/roles/openshift_node_certificates/tasks/main.yml b/roles/openshift_node_certificates/tasks/main.yml
index 1a775178d..1e5ebe98e 100644
--- a/roles/openshift_node_certificates/tasks/main.yml
+++ b/roles/openshift_node_certificates/tasks/main.yml
@@ -31,7 +31,7 @@
node_certs_missing: "{{ true if openshift_certificates_redeploy | default(false) | bool
else (False in (g_node_cert_stat_result.results
| default({})
- | oo_collect(attribute='stat.exists')
+ | lib_utils_oo_collect(attribute='stat.exists')
| list)) }}"
- name: Create openshift_generated_configs_dir if it does not exist
@@ -52,10 +52,10 @@
- name: Generate the node client config
command: >
{{ hostvars[openshift_ca_host].openshift.common.client_binary }} adm create-api-client-config
- {% for named_ca_certificate in hostvars[openshift_ca_host].openshift.master.named_certificates | default([]) | oo_collect('cafile') %}
+ {% for named_ca_certificate in hostvars[openshift_ca_host].openshift.master.named_certificates | default([]) | lib_utils_oo_collect('cafile') %}
--certificate-authority {{ named_ca_certificate }}
{% endfor %}
- {% for legacy_ca_certificate in g_master_legacy_ca_result.files | default([]) | oo_collect('path') %}
+ {% for legacy_ca_certificate in g_master_legacy_ca_result.files | default([]) | lib_utils_oo_collect('path') %}
--certificate-authority {{ legacy_ca_certificate }}
{% endfor %}
--certificate-authority={{ openshift_ca_cert }}
@@ -66,14 +66,12 @@
--signer-key={{ openshift_ca_key }}
--signer-serial={{ openshift_ca_serial }}
--user=system:node:{{ hostvars[item].openshift.common.hostname }}
- {% if openshift_version | oo_version_gte_3_5_or_1_5(openshift.common.deployment_type) | bool %}
--expire-days={{ openshift_node_cert_expire_days }}
- {% endif %}
args:
creates: "{{ openshift_generated_configs_dir }}/node-{{ hostvars[item].openshift.common.hostname }}"
with_items: "{{ hostvars
- | oo_select_keys(groups['oo_nodes_to_config'])
- | oo_collect(attribute='inventory_hostname', filters={'node_certs_missing':True}) }}"
+ | lib_utils_oo_select_keys(groups['oo_nodes_to_config'])
+ | lib_utils_oo_collect(attribute='inventory_hostname', filters={'node_certs_missing':True}) }}"
delegate_to: "{{ openshift_ca_host }}"
run_once: true
@@ -82,9 +80,7 @@
{{ hostvars[openshift_ca_host].openshift.common.client_binary }} adm ca create-server-cert
--cert={{ openshift_generated_configs_dir }}/node-{{ hostvars[item].openshift.common.hostname }}/server.crt
--key={{ openshift_generated_configs_dir }}/node-{{ hostvars[item].openshift.common.hostname }}/server.key
- {% if openshift_version | oo_version_gte_3_5_or_1_5(openshift.common.deployment_type) | bool %}
--expire-days={{ openshift_node_cert_expire_days }}
- {% endif %}
--overwrite=true
--hostnames={{ hostvars[item].openshift.common.hostname }},{{ hostvars[item].openshift.common.public_hostname }},{{ hostvars[item].openshift.common.ip }},{{ hostvars[item].openshift.common.public_ip }}
--signer-cert={{ openshift_ca_cert }}
@@ -93,8 +89,8 @@
args:
creates: "{{ openshift_generated_configs_dir }}/node-{{ hostvars[item].openshift.common.hostname }}/server.crt"
with_items: "{{ hostvars
- | oo_select_keys(groups['oo_nodes_to_config'])
- | oo_collect(attribute='inventory_hostname', filters={'node_certs_missing':True}) }}"
+ | lib_utils_oo_select_keys(groups['oo_nodes_to_config'])
+ | lib_utils_oo_collect(attribute='inventory_hostname', filters={'node_certs_missing':True}) }}"
delegate_to: "{{ openshift_ca_host }}"
run_once: true
diff --git a/roles/openshift_node_dnsmasq/README.md b/roles/openshift_node_dnsmasq/README.md
deleted file mode 100644
index 4596190d7..000000000
--- a/roles/openshift_node_dnsmasq/README.md
+++ /dev/null
@@ -1,27 +0,0 @@
-OpenShift Node DNS resolver
-===========================
-
-Configure dnsmasq to act as a DNS resolver for an OpenShift node.
-
-Requirements
-------------
-
-Role Variables
---------------
-
-From this role:
-
-| Name | Default value | Description |
-|-----------------------------------------------------|---------------|-----------------------------------------------------------------------------------|
-| openshift_node_dnsmasq_install_network_manager_hook | true | Install NetworkManager hook updating /etc/resolv.conf with local dnsmasq instance |
-
-Dependencies
-------------
-
-* openshift_common
-* openshift_node_facts
-
-License
--------
-
-Apache License Version 2.0
diff --git a/roles/openshift_node_dnsmasq/defaults/main.yml b/roles/openshift_node_dnsmasq/defaults/main.yml
deleted file mode 100644
index ebcff46b5..000000000
--- a/roles/openshift_node_dnsmasq/defaults/main.yml
+++ /dev/null
@@ -1,7 +0,0 @@
----
-openshift_node_dnsmasq_install_network_manager_hook: true
-
-# lo must always be present in this list or dnsmasq will conflict with
-# the node's dns service.
-openshift_node_dnsmasq_except_interfaces:
-- lo
diff --git a/roles/openshift_node_dnsmasq/handlers/main.yml b/roles/openshift_node_dnsmasq/handlers/main.yml
deleted file mode 100644
index 9f98126a0..000000000
--- a/roles/openshift_node_dnsmasq/handlers/main.yml
+++ /dev/null
@@ -1,11 +0,0 @@
----
-- name: restart NetworkManager
- systemd:
- name: NetworkManager
- state: restarted
- enabled: True
-
-- name: restart dnsmasq
- systemd:
- name: dnsmasq
- state: restarted
diff --git a/roles/openshift_node_dnsmasq/meta/main.yml b/roles/openshift_node_dnsmasq/meta/main.yml
deleted file mode 100644
index d80ed1b72..000000000
--- a/roles/openshift_node_dnsmasq/meta/main.yml
+++ /dev/null
@@ -1,15 +0,0 @@
----
-galaxy_info:
- author: Scott Dodson
- description: OpenShift Node DNSMasq support
- company: Red Hat, Inc.
- license: Apache License, Version 2.0
- min_ansible_version: 2.2
- platforms:
- - name: EL
- versions:
- - 7
- categories:
- - cloud
-dependencies:
-- role: openshift_node_facts
diff --git a/roles/openshift_node_dnsmasq/tasks/main.yml b/roles/openshift_node_dnsmasq/tasks/main.yml
deleted file mode 100644
index 9bbaafc29..000000000
--- a/roles/openshift_node_dnsmasq/tasks/main.yml
+++ /dev/null
@@ -1,67 +0,0 @@
----
-- name: Check for NetworkManager service
- command: >
- systemctl show NetworkManager
- register: nm_show
- changed_when: false
- ignore_errors: True
-
-- name: Set fact using_network_manager
- set_fact:
- network_manager_active: "{{ True if 'ActiveState=active' in nm_show.stdout else False }}"
-
-- name: Install dnsmasq
- package: name=dnsmasq state=installed
- when: not openshift.common.is_atomic | bool
-
-- name: ensure origin/node directory exists
- file:
- state: directory
- path: "{{ item }}"
- owner: root
- group: root
- mode: '0700'
- with_items:
- - /etc/origin
- - /etc/origin/node
-
-# this file is copied to /etc/dnsmasq.d/ when the node starts and is removed
-# when the node stops. A dbus-message is sent to dnsmasq to add the same entries
-# so that dnsmasq doesn't need to be restarted. Once we can use dnsmasq 2.77 or
-# newer we can use --server-file option to update the servers dynamically and
-# reload them by sending dnsmasq a SIGHUP. We write the file in case someone else
-# triggers a restart of dnsmasq but not a node restart.
-- name: Install node-dnsmasq.conf
- template:
- src: node-dnsmasq.conf.j2
- dest: /etc/origin/node/node-dnsmasq.conf
-
-- name: Install dnsmasq configuration
- template:
- src: origin-dns.conf.j2
- dest: /etc/dnsmasq.d/origin-dns.conf
- notify: restart dnsmasq
-
-- name: Deploy additional dnsmasq.conf
- template:
- src: "{{ openshift_node_dnsmasq_additional_config_file }}"
- dest: /etc/dnsmasq.d/openshift-ansible.conf
- owner: root
- group: root
- mode: 0644
- when: openshift_node_dnsmasq_additional_config_file is defined
- notify: restart dnsmasq
-
-- name: Enable dnsmasq
- systemd:
- name: dnsmasq
- enabled: yes
- state: started
-
-# Dynamic NetworkManager based dispatcher
-- include: ./network-manager.yml
- when: network_manager_active | bool
-
-# Relies on ansible in order to configure static config
-- include: ./no-network-manager.yml
- when: not network_manager_active | bool
diff --git a/roles/openshift_node_dnsmasq/tasks/no-network-manager.yml b/roles/openshift_node_dnsmasq/tasks/no-network-manager.yml
deleted file mode 100644
index 8a7da66c2..000000000
--- a/roles/openshift_node_dnsmasq/tasks/no-network-manager.yml
+++ /dev/null
@@ -1,11 +0,0 @@
----
-- fail: msg="Currently, NetworkManager must be installed and enabled prior to installation."
- when: not openshift_node_bootstrap | bool
-
-- name: Install NetworkManager during node_bootstrap provisioning
- package:
- name: NetworkManager
- state: present
- notify: restart NetworkManager
-
-- include: ./network-manager.yml
diff --git a/roles/openshift_node_facts/filter_plugins/openshift_node_facts_filters.py b/roles/openshift_node_facts/filter_plugins/openshift_node_facts_filters.py
deleted file mode 100644
index 69069f2dc..000000000
--- a/roles/openshift_node_facts/filter_plugins/openshift_node_facts_filters.py
+++ /dev/null
@@ -1,32 +0,0 @@
-#!/usr/bin/python
-# -*- coding: utf-8 -*-
-'''
-Custom filters for use in openshift-node
-'''
-from ansible import errors
-
-
-class FilterModule(object):
- ''' Custom ansible filters for use by openshift_node_facts role'''
-
- @staticmethod
- def node_get_dns_ip(openshift_dns_ip, hostvars):
- ''' Navigates the complicated logic of when to set dnsIP
-
- In all situations if they've set openshift_dns_ip use that
- For 1.0/3.0 installs we use the openshift_master_cluster_vip, openshift_node_first_master_ip, else None
- For 1.1/3.1 installs we use openshift_master_cluster_vip, else None (product will use kube svc ip)
- For 1.2/3.2+ installs we set to the node's default interface ip
- '''
-
- if not issubclass(type(hostvars), dict):
- raise errors.AnsibleFilterError("|failed expects hostvars is a dict")
-
- # We always use what they've specified if they've specified a value
- if openshift_dns_ip is not None:
- return openshift_dns_ip
- return hostvars['ansible_default_ipv4']['address']
-
- def filters(self):
- ''' returns a mapping of filters to methods '''
- return {'node_get_dns_ip': self.node_get_dns_ip}
diff --git a/roles/openshift_node_facts/meta/main.yml b/roles/openshift_node_facts/meta/main.yml
deleted file mode 100644
index 59bf680ce..000000000
--- a/roles/openshift_node_facts/meta/main.yml
+++ /dev/null
@@ -1,15 +0,0 @@
----
-galaxy_info:
- author: Andrew Butcher
- description: OpenShift Node Facts
- company: Red Hat, Inc.
- license: Apache License, Version 2.0
- min_ansible_version: 1.9
- platforms:
- - name: EL
- versions:
- - 7
- categories:
- - cloud
-dependencies:
-- role: openshift_facts
diff --git a/roles/openshift_node_facts/tasks/main.yml b/roles/openshift_node_facts/tasks/main.yml
deleted file mode 100644
index b45130400..000000000
--- a/roles/openshift_node_facts/tasks/main.yml
+++ /dev/null
@@ -1,27 +0,0 @@
----
-- name: Set node facts
- openshift_facts:
- role: "{{ item.role }}"
- local_facts: "{{ item.local_facts }}"
- with_items:
- # Reset node labels to an empty dictionary.
- - role: node
- local_facts:
- labels: {}
- - role: node
- local_facts:
- annotations: "{{ openshift_node_annotations | default(none) }}"
- iptables_sync_period: "{{ openshift_node_iptables_sync_period | default(None) }}"
- kubelet_args: "{{ openshift_node_kubelet_args | default(None) }}"
- labels: "{{ openshift_node_labels | default(None) }}"
- registry_url: "{{ oreg_url_node | default(oreg_url) | default(None) }}"
- schedulable: "{{ openshift_schedulable | default(openshift_scheduleable) | default(None) }}"
- sdn_mtu: "{{ openshift_node_sdn_mtu | default(None) }}"
- storage_plugin_deps: "{{ osn_storage_plugin_deps | default(None) }}"
- set_node_ip: "{{ openshift_set_node_ip | default(None) }}"
- node_image: "{{ osn_image | default(None) }}"
- ovs_image: "{{ osn_ovs_image | default(None) }}"
- proxy_mode: "{{ openshift_node_proxy_mode | default('iptables') }}"
- local_quota_per_fsgroup: "{{ openshift_node_local_quota_per_fsgroup | default(None) }}"
- dns_ip: "{{ openshift_dns_ip | default(none) | node_get_dns_ip(hostvars[inventory_hostname])}}"
- env_vars: "{{ openshift_node_env_vars | default(None) }}"
diff --git a/roles/openshift_node_group/defaults/main.yml b/roles/openshift_node_group/defaults/main.yml
new file mode 100644
index 000000000..cccdea66f
--- /dev/null
+++ b/roles/openshift_node_group/defaults/main.yml
@@ -0,0 +1,32 @@
+---
+openshift_node_groups:
+- name: node-config-master
+ labels:
+ - 'type=master'
+ edits: []
+- name: node-config-infra
+ labels:
+ - 'type=infra'
+ edits: []
+- name: node-config-compute
+ labels:
+ - 'type=compute'
+ edits: []
+
+openshift_node_group_edits: []
+openshift_node_group_namespace: openshift-node
+openshift_node_group_labels: []
+
+openshift_oreg_url_default_dict:
+ origin: "openshift/origin-${component}:${version}"
+ openshift-enterprise: openshift3/ose-${component}:${version}
+openshift_oreg_url_default: "{{ openshift_oreg_url_default_dict[openshift_deployment_type] }}"
+oreg_url_node: "{{ oreg_url | default(openshift_oreg_url_default) }}"
+
+openshift_imageconfig_format: "{{ oreg_url_node }}"
+openshift_node_group_cloud_provider: "{{ openshift_cloudprovider_kind | default('aws') }}"
+openshift_node_group_network_plugin_default: "{{ os_sdn_network_plugin_name | default('redhat/openshift-ovs-subnet') }}"
+openshift_node_group_network_plugin: "{{ openshift_node_group_network_plugin_default }}"
+openshift_node_group_node_data_dir_default: "{{ openshift_data_dir | default('/var/lib/origin') }}"
+openshift_node_group_node_data_dir: "{{ openshift_node_group_node_data_dir_default }}"
+openshift_node_group_network_mtu: "{{ openshift_node_sdn_mtu | default(8951) | int }}"
diff --git a/roles/openshift_node_group/meta/main.yml b/roles/openshift_node_group/meta/main.yml
new file mode 100644
index 000000000..14c1dd498
--- /dev/null
+++ b/roles/openshift_node_group/meta/main.yml
@@ -0,0 +1,4 @@
+---
+dependencies:
+- role: lib_openshift
+- role: lib_utils
diff --git a/roles/openshift_node_group/tasks/create_config.yml b/roles/openshift_node_group/tasks/create_config.yml
new file mode 100644
index 000000000..8b3218e7b
--- /dev/null
+++ b/roles/openshift_node_group/tasks/create_config.yml
@@ -0,0 +1,62 @@
+---
+- name: fetch node configmap
+ oc_configmap:
+ name: "{{ openshift_node_group_name }}"
+ namespace: "{{ openshift_node_group_namespace }}"
+ state: list
+ register: configout
+ run_once: true
+
+- name: debug node config
+ debug: var=configout
+ run_once: true
+
+- when:
+ - configout.results.results.0 == {} or (configout.results.results.0 != {} and openshift_node_group_edits|length > 0)
+ block:
+ - name: create a temp dir for this work
+ command: mktemp -d /tmp/openshift_node_config-XXXXXX
+ register: mktempout
+ run_once: true
+
+ - name: create node config template
+ template:
+ src: node-config.yaml.j2
+ dest: "{{ mktempout.stdout }}/node-config.yaml"
+ when:
+ - configout.results.results.0 == {}
+ run_once: true
+
+ - name: lay down the config from the existing configmap
+ copy:
+ content: "{{ configout.results.results.0.data['node-config.yaml'] }}"
+ dest: "{{ mktempout.stdout }}/node-config.yaml"
+ when:
+ - configout.results.results.0 != {}
+ run_once: true
+
+ - name: "specialize the generated configs for {{ openshift_node_group_name }}"
+ yedit:
+ content:
+ src: "{{ mktempout.stdout }}/node-config.yaml"
+ edits: "{{ openshift_node_group_edits }}"
+ register: yeditout
+ when: openshift_node_group_edits|length > 0
+ run_once: true
+
+ - debug: var=yeditout
+ run_once: true
+
+ - name: create node-config.yaml configmap
+ oc_configmap:
+ name: "{{ openshift_node_group_name }}"
+ namespace: "{{ openshift_node_group_namespace }}"
+ from_file:
+ node-config.yaml: "{{ mktempout.stdout }}/node-config.yaml"
+ run_once: true
+
+ - name: remove templated files
+ file:
+ dest: "{{ mktempout.stdout }}/"
+ state: absent
+ run_once: true
diff --git a/roles/openshift_node_group/tasks/main.yml b/roles/openshift_node_group/tasks/main.yml
new file mode 100644
index 000000000..43ecf1b8b
--- /dev/null
+++ b/roles/openshift_node_group/tasks/main.yml
@@ -0,0 +1,10 @@
+---
+- name: Build node config maps
+ include_tasks: create_config.yml
+ vars:
+ openshift_node_group_name: "{{ node_group.name }}"
+ openshift_node_group_edits: "{{ node_group.edits | default([]) }}"
+ openshift_node_group_labels: "{{ node_group.labels | default([]) }}"
+ with_items: "{{ openshift_node_groups }}"
+ loop_control:
+ loop_var: node_group
diff --git a/roles/openshift_node_group/templates/node-config.yaml.j2 b/roles/openshift_node_group/templates/node-config.yaml.j2
new file mode 100644
index 000000000..3fd16247c
--- /dev/null
+++ b/roles/openshift_node_group/templates/node-config.yaml.j2
@@ -0,0 +1,53 @@
+allowDisabledDocker: false
+apiVersion: v1
+authConfig:
+ authenticationCacheSize: 1000
+ authenticationCacheTTL: 5m
+ authorizationCacheSize: 1000
+ authorizationCacheTTL: 5m
+dnsBindAddress: "127.0.0.1:53"
+dnsDomain: cluster.local
+dnsIP: 0.0.0.0
+dnsNameservers: null
+dnsRecursiveResolvConf: /etc/origin/node/resolv.conf
+dockerConfig:
+ dockerShimRootDirectory: /var/lib/dockershim
+ dockerShimSocket: /var/run/dockershim.sock
+ execHandlerName: native
+enableUnidling: true
+imageConfig:
+ format: "{{ openshift_imageconfig_format }}"
+ latest: false
+iptablesSyncPeriod: 30s
+kind: NodeConfig
+kubeletArguments:
+ cloud-config:
+ - /etc/origin/cloudprovider/{{ openshift_node_group_cloud_provider }}.conf
+ cloud-provider:
+ - {{ openshift_node_group_cloud_provider }}
+ node-labels: {{ openshift_node_group_labels | to_json }}
+masterClientConnectionOverrides:
+ acceptContentTypes: application/vnd.kubernetes.protobuf,application/json
+ burst: 40
+ contentType: application/vnd.kubernetes.protobuf
+ qps: 20
+masterKubeConfig: node.kubeconfig
+networkConfig:
+ mtu: {{ openshift_node_group_network_mtu }}
+ networkPluginName: {{ openshift_node_group_network_plugin }}
+nodeIP: ""
+podManifestConfig: null
+servingInfo:
+ bindAddress: 0.0.0.0:10250
+ bindNetwork: tcp4
+ certFile: server.crt
+ clientCA: node-client-ca.crt
+ keyFile: server.key
+ namedCertificates: null
+volumeConfig:
+ localQuota:
+ perFSGroup: null
+volumeDirectory: {{ openshift_node_group_node_data_dir }}/openshift.local.volumes
+enable-controller-attach-detach:
+- 'true'
+networkPluginName: {{ openshift_node_group_network_plugin }}
diff --git a/roles/openshift_node_upgrade/README.md b/roles/openshift_node_upgrade/README.md
deleted file mode 100644
index 73b98ad90..000000000
--- a/roles/openshift_node_upgrade/README.md
+++ /dev/null
@@ -1,111 +0,0 @@
-OpenShift Node upgrade
-=========
-
-Role responsible for a single node upgrade.
-It is expected a node is functioning and a part of an OpenShift cluster.
-
-Requirements
-------------
-
-TODO
-
-Role Variables
---------------
-From this role:
-
-| Name | Default value | |
-|--------------------------------|-----------------------|--------------------------------------------------------|
-| deployment_type | | Inventory var |
-| docker_upgrade_nuke_images | | Optional inventory var |
-| docker_version | | Optional inventory var |
-| l_docker_upgrade | | |
-| node_config_hook | | |
-| openshift.docker.gte_1_10 | | |
-| openshift_image_tag | | Set by openshift_version role |
-| openshift_pkg_version | | Set by openshift_version role |
-| openshift_release | | Set by openshift_version role |
-| skip_docker_restart | | |
-| openshift_cloudprovider_kind | | |
-
-From openshift.common:
-
-| Name | Default Value | |
-|------------------------------------|---------------------|---------------------|
-| openshift.common.config_base |---------------------|---------------------|
-| openshift.common.hostname |---------------------|---------------------|
-| openshift.common.http_proxy |---------------------|---------------------|
-| openshift.common.is_atomic |---------------------|---------------------|
-| openshift.common.is_containerized |---------------------|---------------------|
-| openshift.common.portal_net |---------------------|---------------------|
-| openshift.common.service_type |---------------------|---------------------|
-
-From openshift.master:
-
-| Name | Default Value | |
-|------------------------------------|---------------------|---------------------|
-| openshift.master.api_port |---------------------|---------------------|
-
-From openshift.node:
-
-| Name | Default Value | |
-|------------------------------------|---------------------|---------------------|
-| openshift.node.node_image |---------------------|---------------------|
-| openshift.node.ovs_image |---------------------|---------------------|
-
-
-Dependencies
-------------
-
-
-TODO
-
-Example Playbook
-----------------
-
-Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:
-
-```
----
-- name: Upgrade nodes
- hosts: oo_nodes_to_upgrade
- serial: 1
- any_errors_fatal: true
-
- pre_tasks:
- - name: Mark unschedulable
- command: >
- {{ hostvars[groups.oo_first_master.0].openshift.common.client_binary }} adm manage-node {{ openshift.node.nodename | lower }} --schedulable=false
- delegate_to: "{{ groups.oo_first_master.0 }}"
-
- - name: Drain Node for Kubelet upgrade
- command: >
- {{ hostvars[groups.oo_first_master.0].openshift.common.admin_binary }} drain {{ openshift.node.nodename | lower }} --force --delete-local-data --ignore-daemonsets
- delegate_to: "{{ groups.oo_first_master.0 }}"
- register: l_docker_upgrade_drain_result
- until: not l_docker_upgrade_drain_result | failed
- retries: 60
- delay: 60
-
-
- roles:
- - openshift_facts
- - docker
- - openshift_node_dnsmasq
- - openshift_node_upgrade
-
- post_tasks:
- - name: Set node schedulability
- command: >
- {{ hostvars[groups.oo_first_master.0].openshift.common.client_binary }} adm manage-node {{ openshift.node.nodename | lower }} --schedulable=true
- delegate_to: "{{ groups.oo_first_master.0 }}"
-```
-
-License
--------
-
-Apache License, Version 2.0
-
-Author Information
-------------------
-
-TODO
diff --git a/roles/openshift_node_upgrade/defaults/main.yml b/roles/openshift_node_upgrade/defaults/main.yml
deleted file mode 100644
index 10b4c6977..000000000
--- a/roles/openshift_node_upgrade/defaults/main.yml
+++ /dev/null
@@ -1,14 +0,0 @@
----
-openshift_node_debug_level: "{{ debug_level | default(2) }}"
-
-openshift_use_openshift_sdn: True
-os_sdn_network_plugin_name: "redhat/openshift-ovs-subnet"
-
-openshift_node_data_dir_default: "{{ openshift_data_dir | default('/var/lib/origin') }}"
-openshift_node_data_dir: "{{ openshift_node_data_dir_default }}"
-
-# oreg_url is defined by user input
-oreg_host: "{{ oreg_url.split('/')[0] if (oreg_url is defined and '.' in oreg_url.split('/')[0]) else '' }}"
-oreg_auth_credentials_path: "{{ openshift_node_data_dir }}/.docker"
-oreg_auth_credentials_replace: False
-l_bind_docker_reg_auth: False
diff --git a/roles/openshift_node_upgrade/files/nuke_images.sh b/roles/openshift_node_upgrade/files/nuke_images.sh
deleted file mode 100644
index 8635eab0d..000000000
--- a/roles/openshift_node_upgrade/files/nuke_images.sh
+++ /dev/null
@@ -1,25 +0,0 @@
-#!/bin/bash
-
-# Stop any running containers
-running_container_ids=`docker ps -q`
-if test -n "$running_container_ids"
-then
- docker stop $running_container_ids
-fi
-
-# Delete all containers
-container_ids=`docker ps -a -q`
-if test -n "$container_ids"
-then
- docker rm -f -v $container_ids
-fi
-
-# Delete all images (forcefully)
-image_ids=`docker images -aq`
-if test -n "$image_ids"
-then
- # Some layers are deleted recursively and are no longer present
- # when docker goes to remove them:
- docker rmi -f `docker images -aq` || true
-fi
-
diff --git a/roles/openshift_node_upgrade/handlers/main.yml b/roles/openshift_node_upgrade/handlers/main.yml
deleted file mode 100644
index 90d80855e..000000000
--- a/roles/openshift_node_upgrade/handlers/main.yml
+++ /dev/null
@@ -1,36 +0,0 @@
----
-- name: restart openvswitch
- systemd:
- name: openvswitch
- state: restarted
- when:
- - not skip_node_svc_handlers | default(False) | bool
- - not (ovs_service_status_changed | default(false) | bool)
- - openshift_use_openshift_sdn | bool
- register: l_openshift_node_upgrade_stop_openvswitch_result
- until: not l_openshift_node_upgrade_stop_openvswitch_result | failed
- retries: 3
- delay: 30
- notify:
- - restart openvswitch pause
-
-- name: restart openvswitch pause
- pause: seconds=15
- when: (not skip_node_svc_handlers | default(False) | bool) and openshift.common.is_containerized | bool
-
-- name: restart node
- systemd:
- name: "{{ openshift.common.service_type }}-node"
- state: restarted
- register: l_openshift_node_upgrade_restart_node_result
- until: not l_openshift_node_upgrade_restart_node_result | failed
- retries: 3
- delay: 30
- when:
- - (not skip_node_svc_handlers | default(False) | bool)
- - not (node_service_status_changed | default(false) | bool)
-
-# TODO(jchaloup): once it is verified the systemd module works as expected
-# switch to it: http://docs.ansible.com/ansible/latest/systemd_module.html
-- name: reload systemd units
- command: systemctl daemon-reload
diff --git a/roles/openshift_node_upgrade/meta/main.yml b/roles/openshift_node_upgrade/meta/main.yml
deleted file mode 100644
index a810b01dc..000000000
--- a/roles/openshift_node_upgrade/meta/main.yml
+++ /dev/null
@@ -1,13 +0,0 @@
----
-galaxy_info:
- author: your name
- description: OpenShift Node upgrade
- company: Red Hat, Inc.
- license: Apache License, Version 2.0
- min_ansible_version: 2.1
- platforms:
- - name: EL
- versions:
- - 7
-dependencies:
-- role: lib_utils
diff --git a/roles/openshift_node_upgrade/tasks/config/configure-node-settings.yml b/roles/openshift_node_upgrade/tasks/config/configure-node-settings.yml
deleted file mode 100644
index 527580481..000000000
--- a/roles/openshift_node_upgrade/tasks/config/configure-node-settings.yml
+++ /dev/null
@@ -1,16 +0,0 @@
----
-- name: Configure Node settings
- lineinfile:
- dest: /etc/sysconfig/{{ openshift.common.service_type }}-node
- regexp: "{{ item.regex }}"
- line: "{{ item.line }}"
- create: true
- with_items:
- - regex: '^OPTIONS='
- line: "OPTIONS=--loglevel={{ openshift_node_debug_level }}"
- - regex: '^CONFIG_FILE='
- line: "CONFIG_FILE={{ openshift.common.config_base }}/node/node-config.yaml"
- - regex: '^IMAGE_VERSION='
- line: "IMAGE_VERSION={{ openshift_image_tag }}"
- notify:
- - restart node
diff --git a/roles/openshift_node_upgrade/tasks/config/configure-proxy-settings.yml b/roles/openshift_node_upgrade/tasks/config/configure-proxy-settings.yml
deleted file mode 100644
index d60794305..000000000
--- a/roles/openshift_node_upgrade/tasks/config/configure-proxy-settings.yml
+++ /dev/null
@@ -1,17 +0,0 @@
----
-- name: Configure Proxy Settings
- lineinfile:
- dest: /etc/sysconfig/{{ openshift.common.service_type }}-node
- regexp: "{{ item.regex }}"
- line: "{{ item.line }}"
- create: true
- with_items:
- - regex: '^HTTP_PROXY='
- line: "HTTP_PROXY={{ openshift.common.http_proxy | default('') }}"
- - regex: '^HTTPS_PROXY='
- line: "HTTPS_PROXY={{ openshift.common.https_proxy | default('') }}"
- - regex: '^NO_PROXY='
- line: "NO_PROXY={{ openshift.common.no_proxy | default([]) }},{{ openshift.common.portal_net }},{{ hostvars[groups.oo_first_master.0].openshift.master.sdn_cluster_network_cidr }}"
- when: ('http_proxy' in openshift.common and openshift.common.http_proxy != '')
- notify:
- - restart node
diff --git a/roles/openshift_node_upgrade/tasks/config/install-node-deps-docker-service-file.yml b/roles/openshift_node_upgrade/tasks/config/install-node-deps-docker-service-file.yml
deleted file mode 100644
index ee91a88ab..000000000
--- a/roles/openshift_node_upgrade/tasks/config/install-node-deps-docker-service-file.yml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-- name: Install Node dependencies docker service file
- template:
- dest: "/etc/systemd/system/{{ openshift.common.service_type }}-node-dep.service"
- src: openshift.docker.node.dep.service
- notify:
- - reload systemd units
- - restart node
diff --git a/roles/openshift_node_upgrade/tasks/config/install-node-docker-service-file.yml b/roles/openshift_node_upgrade/tasks/config/install-node-docker-service-file.yml
deleted file mode 100644
index f92ff79b5..000000000
--- a/roles/openshift_node_upgrade/tasks/config/install-node-docker-service-file.yml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-- name: Install Node docker service file
- template:
- dest: "/etc/systemd/system/{{ openshift.common.service_type }}-node.service"
- src: openshift.docker.node.service
- notify:
- - reload systemd units
- - restart node
diff --git a/roles/openshift_node_upgrade/tasks/config/install-ovs-docker-service-file.yml b/roles/openshift_node_upgrade/tasks/config/install-ovs-docker-service-file.yml
deleted file mode 100644
index c2c5ea1d4..000000000
--- a/roles/openshift_node_upgrade/tasks/config/install-ovs-docker-service-file.yml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-- name: Install OpenvSwitch docker service file
- template:
- dest: "/etc/systemd/system/openvswitch.service"
- src: openvswitch.docker.service
- notify:
- - reload systemd units
- - restart openvswitch
diff --git a/roles/openshift_node_upgrade/tasks/config/install-ovs-service-env-file.yml b/roles/openshift_node_upgrade/tasks/config/install-ovs-service-env-file.yml
deleted file mode 100644
index 1d75a3355..000000000
--- a/roles/openshift_node_upgrade/tasks/config/install-ovs-service-env-file.yml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-- name: Create the openvswitch service env file
- template:
- src: openvswitch.sysconfig.j2
- dest: /etc/sysconfig/openvswitch
- notify:
- - reload systemd units
- - restart openvswitch
diff --git a/roles/openshift_node_upgrade/tasks/config/workaround-bz1331590-ovs-oom-fix.yml b/roles/openshift_node_upgrade/tasks/config/workaround-bz1331590-ovs-oom-fix.yml
deleted file mode 100644
index 5df1abc79..000000000
--- a/roles/openshift_node_upgrade/tasks/config/workaround-bz1331590-ovs-oom-fix.yml
+++ /dev/null
@@ -1,13 +0,0 @@
----
-# May be a temporary workaround.
-# https://bugzilla.redhat.com/show_bug.cgi?id=1331590
-- name: Create OpenvSwitch service.d directory
- file: path=/etc/systemd/system/openvswitch.service.d/ state=directory
-
-- name: Install OpenvSwitch service OOM fix
- template:
- dest: "/etc/systemd/system/openvswitch.service.d/01-avoid-oom.conf"
- src: openvswitch-avoid-oom.conf
- notify:
- - reload systemd units
- - restart openvswitch
diff --git a/roles/openshift_node_upgrade/tasks/containerized_node_upgrade.yml b/roles/openshift_node_upgrade/tasks/containerized_node_upgrade.yml
deleted file mode 100644
index 07b0ac715..000000000
--- a/roles/openshift_node_upgrade/tasks/containerized_node_upgrade.yml
+++ /dev/null
@@ -1,14 +0,0 @@
----
-# This is a hack to allow us to use systemd_units.yml, but skip the handlers which
-# restart services. We will unconditionally restart all containerized services
-# because we have to unconditionally restart Docker:
-- set_fact:
- skip_node_svc_handlers: True
-
-- name: Update systemd units
- include: systemd_units.yml
-
-# This is a no-op because of skip_node_svc_handlers, but lets us trigger it before end of
-# play when the node has already been marked schedulable again. (this would look strange
-# in logs otherwise)
-- meta: flush_handlers
diff --git a/roles/openshift_node_upgrade/tasks/docker/upgrade.yml b/roles/openshift_node_upgrade/tasks/docker/upgrade.yml
deleted file mode 100644
index ebe87d6fd..000000000
--- a/roles/openshift_node_upgrade/tasks/docker/upgrade.yml
+++ /dev/null
@@ -1,40 +0,0 @@
----
-# input variables:
-# - openshift.common.service_type
-# - openshift.common.is_containerized
-# - docker_upgrade_nuke_images
-# - docker_version
-# - skip_docker_restart
-
-- name: Check Docker image count
- shell: "docker images -aq | wc -l"
- register: docker_image_count
-
-- debug: var=docker_image_count.stdout
-
-# TODO(jchaloup): put all docker_upgrade_nuke_images into a block with only one condition
-- name: Remove all containers and images
- script: nuke_images.sh
- register: nuke_images_result
- when: docker_upgrade_nuke_images is defined and docker_upgrade_nuke_images | bool
-
-- name: Check Docker image count
- shell: "docker images -aq | wc -l"
- register: docker_image_count
- when: docker_upgrade_nuke_images is defined and docker_upgrade_nuke_images | bool
-
-- debug: var=docker_image_count.stdout
- when: docker_upgrade_nuke_images is defined and docker_upgrade_nuke_images | bool
-
-- service:
- name: docker
- state: stopped
- register: l_openshift_node_upgrade_docker_stop_result
- until: not l_openshift_node_upgrade_docker_stop_result | failed
- retries: 3
- delay: 30
-
-- name: Upgrade Docker
- package: name=docker{{ '-' + docker_version }} state=present
-
-# starting docker happens back in ../main.yml where it calls ../restart.yml
diff --git a/roles/openshift_node_upgrade/tasks/main.yml b/roles/openshift_node_upgrade/tasks/main.yml
deleted file mode 100644
index 6bcf3072d..000000000
--- a/roles/openshift_node_upgrade/tasks/main.yml
+++ /dev/null
@@ -1,179 +0,0 @@
----
-# input variables:
-# - l_docker_upgrade
-# - openshift.common.is_atomic
-# - node_config_hook
-# - openshift_pkg_version
-# - openshift.common.is_containerized
-# - deployment_type
-# - openshift_release
-
-# tasks file for openshift_node_upgrade
-
-- include: registry_auth.yml
-
-- name: Stop node and openvswitch services
- service:
- name: "{{ item }}"
- state: stopped
- with_items:
- - "{{ openshift.common.service_type }}-node"
- - openvswitch
- failed_when: false
-
-- name: Stop additional containerized services
- service:
- name: "{{ item }}"
- state: stopped
- with_items:
- - "{{ openshift.common.service_type }}-master-controllers"
- - "{{ openshift.common.service_type }}-master-api"
- - etcd_container
- failed_when: false
- when: openshift.common.is_containerized | bool
-
-- name: Pre-pull node image
- command: >
- docker pull {{ openshift.node.node_image }}:{{ openshift_image_tag }}
- register: pull_result
- changed_when: "'Downloaded newer image' in pull_result.stdout"
- when: openshift.common.is_containerized | bool
-
-- name: Pre-pull openvswitch image
- command: >
- docker pull {{ openshift.node.ovs_image }}:{{ openshift_image_tag }}
- register: pull_result
- changed_when: "'Downloaded newer image' in pull_result.stdout"
- when:
- - openshift.common.is_containerized | bool
- - openshift_use_openshift_sdn | bool
-
-- include: docker/upgrade.yml
- vars:
- # We will restart Docker ourselves after everything is ready:
- skip_docker_restart: True
- when:
- - l_docker_upgrade is defined
- - l_docker_upgrade | bool
-
-- include: "{{ node_config_hook }}"
- when: node_config_hook is defined
-
-- include: rpm_upgrade.yml
- vars:
- component: "node"
- openshift_version: "{{ openshift_pkg_version | default('') }}"
- when: not openshift.common.is_containerized | bool
-
-- name: Remove obsolete docker-sdn-ovs.conf
- file:
- path: "/etc/systemd/system/docker.service.d/docker-sdn-ovs.conf"
- state: absent
- when: (deployment_type == 'openshift-enterprise' and openshift_release | version_compare('3.4', '>='))
- or (deployment_type == 'origin' and openshift_release | version_compare('1.4', '>='))
-
-- include: containerized_node_upgrade.yml
- when: openshift.common.is_containerized | bool
-
-- name: Ensure containerized services stopped before Docker restart
- service:
- name: "{{ item }}"
- state: stopped
- with_items:
- - etcd_container
- - openvswitch
- - "{{ openshift.common.service_type }}-master-api"
- - "{{ openshift.common.service_type }}-master-controllers"
- - "{{ openshift.common.service_type }}-node"
- failed_when: false
- when: openshift.common.is_containerized | bool
-
-- name: Stop rpm based services
- service:
- name: "{{ item }}"
- state: stopped
- with_items:
- - "{{ openshift.common.service_type }}-node"
- - openvswitch
- failed_when: false
- when: not openshift.common.is_containerized | bool
-
-- name: Upgrade openvswitch
- package:
- name: openvswitch
- state: latest
- when: not openshift.common.is_containerized | bool
-
-- name: Update oreg value
- yedit:
- src: "{{ openshift.common.config_base }}/node/node-config.yaml"
- key: 'imageConfig.format'
- value: "{{ oreg_url | default(oreg_url_node) }}"
- when: oreg_url is defined or oreg_url_node is defined
-
-# https://docs.openshift.com/container-platform/3.4/admin_guide/overcommit.html#disabling-swap-memory
-- name: Check for swap usage
- command: grep "^[^#].*swap" /etc/fstab
- # grep: match any lines which don't begin with '#' and contain 'swap'
- changed_when: false
- failed_when: false
- register: swap_result
-
- # Disable Swap Block
-- block:
-
- - name: Disable swap
- command: swapoff --all
-
- - name: Remove swap entries from /etc/fstab
- replace:
- dest: /etc/fstab
- regexp: '(^[^#].*swap.*)'
- replace: '# \1'
- backup: yes
-
- - name: Add notice about disabling swap
- lineinfile:
- dest: /etc/fstab
- line: '# OpenShift-Ansible Installer disabled swap per overcommit guidelines'
- state: present
-
- when:
- - swap_result.stdout_lines | length > 0
- - openshift_disable_swap | default(true) | bool
- # End Disable Swap Block
-
-- name: Reset selinux context
- command: restorecon -RF {{ openshift_node_data_dir }}/openshift.local.volumes
- when:
- - ansible_selinux is defined
- - ansible_selinux.status == 'enabled'
-
-- name: Apply 3.6 dns config changes
- yedit:
- src: /etc/origin/node/node-config.yaml
- key: "{{ item.key }}"
- value: "{{ item.value }}"
- with_items:
- - key: "dnsBindAddress"
- value: "127.0.0.1:53"
- - key: "dnsRecursiveResolvConf"
- value: "/etc/origin/node/resolv.conf"
-
-# Restart all services
-- include: restart.yml
-
-- name: Wait for node to be ready
- oc_obj:
- state: list
- kind: node
- name: "{{ openshift.common.hostname | lower }}"
- register: node_output
- delegate_to: "{{ groups.oo_first_master.0 }}"
- until: node_output.results.returncode == 0 and node_output.results.results[0].status.conditions | selectattr('type', 'match', '^Ready$') | map(attribute='status') | join | bool == True
- # Give the node two minutes to come back online.
- retries: 24
- delay: 5
-
-- include_role:
- name: openshift_node_dnsmasq
diff --git a/roles/openshift_node_upgrade/tasks/registry_auth.yml b/roles/openshift_node_upgrade/tasks/registry_auth.yml
deleted file mode 100644
index 5e5e4f94a..000000000
--- a/roles/openshift_node_upgrade/tasks/registry_auth.yml
+++ /dev/null
@@ -1,27 +0,0 @@
----
-- name: Check for credentials file for registry auth
- stat:
- path: "{{ oreg_auth_credentials_path }}"
- when: oreg_auth_user is defined
- register: node_oreg_auth_credentials_stat
-
-- name: Create credentials for registry auth
- command: "docker --config={{ oreg_auth_credentials_path }} login -u {{ oreg_auth_user }} -p {{ oreg_auth_password }} {{ oreg_host }}"
- when:
- - oreg_auth_user is defined
- - (not node_oreg_auth_credentials_stat.stat.exists or oreg_auth_credentials_replace) | bool
- register: node_oreg_auth_credentials_create
- retries: 3
- delay: 5
- until: node_oreg_auth_credentials_create.rc == 0
- notify:
- - restart node
-
-# Container images may need the registry credentials
-- name: Setup ro mount of /root/.docker for containerized hosts
- set_fact:
- l_bind_docker_reg_auth: True
- when:
- - openshift.common.is_containerized | bool
- - oreg_auth_user is defined
- - (node_oreg_auth_credentials_stat.stat.exists or oreg_auth_credentials_replace or node_oreg_auth_credentials_create.changed) | bool
diff --git a/roles/openshift_node_upgrade/tasks/restart.yml b/roles/openshift_node_upgrade/tasks/restart.yml
deleted file mode 100644
index a4fa51172..000000000
--- a/roles/openshift_node_upgrade/tasks/restart.yml
+++ /dev/null
@@ -1,46 +0,0 @@
----
-# input variables:
-# - openshift.common.service_type
-# - openshift.common.is_containerized
-# - openshift.common.hostname
-# - openshift.master.api_port
-
-# NOTE: This is needed to make sure we are using the correct set
-# of systemd unit files. The RPMs lay down defaults but
-# the install/upgrade may override them in /etc/systemd/system/.
-# NOTE: We don't use the systemd module as some versions of the module
-# require a service to be part of the call.
-- name: Reload systemd to ensure latest unit files
- command: systemctl daemon-reload
-
-- name: Restart docker
- service:
- name: "{{ openshift.docker.service_name }}"
- state: started
- register: docker_start_result
- until: not docker_start_result | failed
- retries: 3
- delay: 30
-
-- name: Update docker facts
- openshift_facts:
- role: docker
-
-- name: Start services
- service: name={{ item }} state=started
- with_items:
- - etcd_container
- - openvswitch
- - "{{ openshift.common.service_type }}-master-api"
- - "{{ openshift.common.service_type }}-master-controllers"
- - "{{ openshift.common.service_type }}-node"
- failed_when: false
-
-- name: Wait for master API to come back online
- wait_for:
- host: "{{ openshift.common.hostname }}"
- state: started
- delay: 10
- port: "{{ openshift.master.api_port }}"
- timeout: 600
- when: inventory_hostname in groups.oo_masters_to_config
diff --git a/roles/openshift_node_upgrade/tasks/rpm_upgrade.yml b/roles/openshift_node_upgrade/tasks/rpm_upgrade.yml
deleted file mode 100644
index a998acf21..000000000
--- a/roles/openshift_node_upgrade/tasks/rpm_upgrade.yml
+++ /dev/null
@@ -1,29 +0,0 @@
----
-# input variables:
-# - openshift.common.service_type
-# - component
-# - openshift_pkg_version
-# - openshift.common.is_atomic
-
-# We verified latest rpm available is suitable, so just yum update.
-- name: Upgrade packages
- package: "name={{ openshift.common.service_type }}-{{ component }}{{ openshift_pkg_version }} state=present"
-
-- name: Ensure python-yaml present for config upgrade
- package: name=PyYAML state=present
- when: not openshift.common.is_atomic | bool
-
-- name: Install Node service file
- template:
- dest: "/etc/systemd/system/{{ openshift.common.service_type }}-node.service"
- src: "node.service.j2"
- register: l_node_unit
-
-# NOTE: This is needed to make sure we are using the correct set
-# of systemd unit files. The RPMs lay down defaults but
-# the install/upgrade may override them in /etc/systemd/system/.
-# NOTE: We don't use the systemd module as some versions of the module
-# require a service to be part of the call.
-- name: Reload systemd units
- command: systemctl daemon-reload
- when: l_node_unit | changed
diff --git a/roles/openshift_node_upgrade/tasks/systemd_units.yml b/roles/openshift_node_upgrade/tasks/systemd_units.yml
deleted file mode 100644
index 226f5290c..000000000
--- a/roles/openshift_node_upgrade/tasks/systemd_units.yml
+++ /dev/null
@@ -1,37 +0,0 @@
----
-# input variables
-# - openshift.node.node_image
-# - openshift_image_tag
-# - openshift.common.is_containerized
-# - openshift.node.ovs_image
-# - openshift_use_openshift_sdn
-# - openshift.common.service_type
-# - openshift_node_debug_level
-# - openshift.common.config_base
-# - openshift.common.http_proxy
-# - openshift.common.portal_net
-# - openshift.common
-# - openshift.common.http_proxy
-# notify:
-# - restart openvswitch
-# - restart node
-
-# This file is included both in the openshift_master role and in the upgrade
-# playbooks.
-- include: config/install-node-deps-docker-service-file.yml
- when: openshift.common.is_containerized | bool
-
-- include: config/install-node-docker-service-file.yml
- when: openshift.common.is_containerized | bool
-
-- include: config/install-ovs-service-env-file.yml
- when: openshift.common.is_containerized | bool
-
-- include: config/workaround-bz1331590-ovs-oom-fix.yml
- when: openshift_use_openshift_sdn | bool
-
-- include: config/install-ovs-docker-service-file.yml
- when: openshift.common.is_containerized | bool and openshift_use_openshift_sdn | bool
-
-- include: config/configure-node-settings.yml
-- include: config/configure-proxy-settings.yml
diff --git a/roles/openshift_node_upgrade/templates/node.service.j2 b/roles/openshift_node_upgrade/templates/node.service.j2
deleted file mode 100644
index e12a52c15..000000000
--- a/roles/openshift_node_upgrade/templates/node.service.j2
+++ /dev/null
@@ -1,31 +0,0 @@
-[Unit]
-Description=OpenShift Node
-After={{ openshift.docker.service_name }}.service
-Wants=openvswitch.service
-After=ovsdb-server.service
-After=ovs-vswitchd.service
-Wants={{ openshift.docker.service_name }}.service
-Documentation=https://github.com/openshift/origin
-Requires=dnsmasq.service
-After=dnsmasq.service
-
-[Service]
-Type=notify
-EnvironmentFile=/etc/sysconfig/{{ openshift.common.service_type }}-node
-Environment=GOTRACEBACK=crash
-ExecStartPre=/usr/bin/cp /etc/origin/node/node-dnsmasq.conf /etc/dnsmasq.d/
-ExecStartPre=/usr/bin/dbus-send --system --dest=uk.org.thekelleys.dnsmasq /uk/org/thekelleys/dnsmasq uk.org.thekelleys.SetDomainServers array:string:/in-addr.arpa/127.0.0.1,/{{ openshift.common.dns_domain }}/127.0.0.1
-ExecStopPost=/usr/bin/rm /etc/dnsmasq.d/node-dnsmasq.conf
-ExecStopPost=/usr/bin/dbus-send --system --dest=uk.org.thekelleys.dnsmasq /uk/org/thekelleys/dnsmasq uk.org.thekelleys.SetDomainServers array:string:
-ExecStart=/usr/bin/openshift start node --config=${CONFIG_FILE} $OPTIONS
-LimitNOFILE=65536
-LimitCORE=infinity
-WorkingDirectory=/var/lib/origin/
-SyslogIdentifier={{ openshift.common.service_type }}-node
-Restart=always
-RestartSec=5s
-TimeoutStartSec=300
-OOMScoreAdjust=-999
-
-[Install]
-WantedBy=multi-user.target
diff --git a/roles/openshift_node_upgrade/templates/openshift.docker.node.dep.service b/roles/openshift_node_upgrade/templates/openshift.docker.node.dep.service
deleted file mode 100644
index aae35719c..000000000
--- a/roles/openshift_node_upgrade/templates/openshift.docker.node.dep.service
+++ /dev/null
@@ -1,11 +0,0 @@
-[Unit]
-Requires={{ openshift.docker.service_name }}.service
-After={{ openshift.docker.service_name }}.service
-PartOf={{ openshift.common.service_type }}-node.service
-Before={{ openshift.common.service_type }}-node.service
-
-
-[Service]
-ExecStart=/bin/bash -c "if [[ -f /usr/bin/docker-current ]]; then echo \"DOCKER_ADDTL_BIND_MOUNTS=--volume=/usr/bin/docker-current:/usr/bin/docker-current:ro --volume=/etc/sysconfig/docker:/etc/sysconfig/docker:ro --volume=/etc/containers/registries:/etc/containers/registries:ro\" > /etc/sysconfig/{{ openshift.common.service_type }}-node-dep; else echo \"#DOCKER_ADDTL_BIND_MOUNTS=\" > /etc/sysconfig/{{ openshift.common.service_type }}-node-dep; fi"
-ExecStop=
-SyslogIdentifier={{ openshift.common.service_type }}-node-dep
diff --git a/roles/openshift_node_upgrade/templates/openshift.docker.node.service b/roles/openshift_node_upgrade/templates/openshift.docker.node.service
deleted file mode 100644
index 07d1ebc3c..000000000
--- a/roles/openshift_node_upgrade/templates/openshift.docker.node.service
+++ /dev/null
@@ -1,50 +0,0 @@
-[Unit]
-After={{ openshift.common.service_type }}-master.service
-After={{ openshift.docker.service_name }}.service
-After=openvswitch.service
-PartOf={{ openshift.docker.service_name }}.service
-Requires={{ openshift.docker.service_name }}.service
-{% if openshift_use_openshift_sdn %}
-Wants=openvswitch.service
-PartOf=openvswitch.service
-After=ovsdb-server.service
-After=ovs-vswitchd.service
-{% endif %}
-Wants={{ openshift.common.service_type }}-master.service
-Requires={{ openshift.common.service_type }}-node-dep.service
-After={{ openshift.common.service_type }}-node-dep.service
-Requires=dnsmasq.service
-After=dnsmasq.service
-
-[Service]
-EnvironmentFile=/etc/sysconfig/{{ openshift.common.service_type }}-node
-EnvironmentFile=/etc/sysconfig/{{ openshift.common.service_type }}-node-dep
-ExecStartPre=-/usr/bin/docker rm -f {{ openshift.common.service_type }}-node
-ExecStartPre=/usr/bin/cp /etc/origin/node/node-dnsmasq.conf /etc/dnsmasq.d/
-ExecStartPre=/usr/bin/dbus-send --system --dest=uk.org.thekelleys.dnsmasq /uk/org/thekelleys/dnsmasq uk.org.thekelleys.SetDomainServers array:string:/in-addr.arpa/127.0.0.1,/{{ openshift.common.dns_domain }}/127.0.0.1
-ExecStart=/usr/bin/docker run --name {{ openshift.common.service_type }}-node \
- --rm --privileged --net=host --pid=host --env-file=/etc/sysconfig/{{ openshift.common.service_type }}-node \
- -v /:/rootfs:ro,rslave -e CONFIG_FILE=${CONFIG_FILE} -e OPTIONS=${OPTIONS} \
- -e HOST=/rootfs -e HOST_ETC=/host-etc \
- -v {{ openshift_node_data_dir }}:{{ openshift_node_data_dir }}{{ ':rslave' if openshift.docker.gte_1_10 | default(False) | bool else '' }} \
- -v {{ openshift.common.config_base }}/node:{{ openshift.common.config_base }}/node \
- {% if openshift_cloudprovider_kind | default('') != '' -%} -v {{ openshift.common.config_base }}/cloudprovider:{{ openshift.common.config_base}}/cloudprovider {% endif -%} \
- -v /etc/localtime:/etc/localtime:ro -v /etc/machine-id:/etc/machine-id:ro \
- -v /run:/run -v /sys:/sys:rw -v /sys/fs/cgroup:/sys/fs/cgroup:rw \
- -v /usr/bin/docker:/usr/bin/docker:ro -v /var/lib/docker:/var/lib/docker \
- -v /lib/modules:/lib/modules -v /etc/origin/openvswitch:/etc/openvswitch \
- -v /etc/origin/sdn:/etc/openshift-sdn -v /var/lib/cni:/var/lib/cni \
- -v /etc/systemd/system:/host-etc/systemd/system -v /var/log:/var/log \
- -v /dev:/dev $DOCKER_ADDTL_BIND_MOUNTS -v /etc/pki:/etc/pki:ro \
- {% if l_bind_docker_reg_auth %} -v {{ oreg_auth_credentials_path }}:/root/.docker:ro{% endif %}\
- {{ openshift.node.node_image }}:${IMAGE_VERSION}
-ExecStartPost=/usr/bin/sleep 10
-ExecStop=/usr/bin/docker stop {{ openshift.common.service_type }}-node
-ExecStopPost=/usr/bin/rm /etc/dnsmasq.d/node-dnsmasq.conf
-ExecStopPost=/usr/bin/dbus-send --system --dest=uk.org.thekelleys.dnsmasq /uk/org/thekelleys/dnsmasq uk.org.thekelleys.SetDomainServers array:string:
-SyslogIdentifier={{ openshift.common.service_type }}-node
-Restart=always
-RestartSec=5s
-
-[Install]
-WantedBy={{ openshift.docker.service_name }}.service
diff --git a/roles/openshift_node_upgrade/templates/openvswitch-avoid-oom.conf b/roles/openshift_node_upgrade/templates/openvswitch-avoid-oom.conf
deleted file mode 100644
index 3229bc56b..000000000
--- a/roles/openshift_node_upgrade/templates/openvswitch-avoid-oom.conf
+++ /dev/null
@@ -1,3 +0,0 @@
-# Avoid the OOM killer for openvswitch and it's children:
-[Service]
-OOMScoreAdjust=-1000
diff --git a/roles/openshift_node_upgrade/templates/openvswitch.docker.service b/roles/openshift_node_upgrade/templates/openvswitch.docker.service
deleted file mode 100644
index 34aaaabd6..000000000
--- a/roles/openshift_node_upgrade/templates/openvswitch.docker.service
+++ /dev/null
@@ -1,17 +0,0 @@
-[Unit]
-After={{ openshift.docker.service_name }}.service
-Requires={{ openshift.docker.service_name }}.service
-PartOf={{ openshift.docker.service_name }}.service
-
-[Service]
-EnvironmentFile=/etc/sysconfig/openvswitch
-ExecStartPre=-/usr/bin/docker rm -f openvswitch
-ExecStart=/usr/bin/docker run --name openvswitch --rm --privileged --net=host --pid=host -v /lib/modules:/lib/modules -v /run:/run -v /sys:/sys:ro -v /etc/origin/openvswitch:/etc/openvswitch {{ openshift.node.ovs_image }}:${IMAGE_VERSION}
-ExecStartPost=/usr/bin/sleep 5
-ExecStop=/usr/bin/docker stop openvswitch
-SyslogIdentifier=openvswitch
-Restart=always
-RestartSec=5s
-
-[Install]
-WantedBy={{ openshift.docker.service_name }}.service
diff --git a/roles/openshift_node_upgrade/templates/openvswitch.sysconfig.j2 b/roles/openshift_node_upgrade/templates/openvswitch.sysconfig.j2
deleted file mode 100644
index da7c3742a..000000000
--- a/roles/openshift_node_upgrade/templates/openvswitch.sysconfig.j2
+++ /dev/null
@@ -1 +0,0 @@
-IMAGE_VERSION={{ openshift_image_tag }}
diff --git a/roles/openshift_openstack/defaults/main.yml b/roles/openshift_openstack/defaults/main.yml
new file mode 100644
index 000000000..65a647b8f
--- /dev/null
+++ b/roles/openshift_openstack/defaults/main.yml
@@ -0,0 +1,90 @@
+---
+openshift_openstack_stack_state: 'present'
+
+openshift_openstack_ssh_ingress_cidr: 0.0.0.0/0
+openshift_openstack_node_ingress_cidr: 0.0.0.0/0
+openshift_openstack_lb_ingress_cidr: 0.0.0.0/0
+openshift_openstack_num_etcd: 0
+openshift_openstack_num_masters: 1
+openshift_openstack_num_nodes: 1
+openshift_openstack_num_infra: 1
+openshift_openstack_dns_nameservers: []
+openshift_openstack_nodes_to_remove: []
+
+
+openshift_openstack_cluster_node_labels:
+ app:
+ region: primary
+ infra:
+ region: infra
+
+openshift_openstack_install_debug_packages: false
+openshift_openstack_required_packages:
+ - docker
+ - NetworkManager
+ - wget
+ - git
+ - net-tools
+ - bind-utils
+ - bridge-utils
+openshift_openstack_debug_packages:
+ - bash-completion
+ - vim-enhanced
+
+# container-storage-setup
+openshift_openstack_container_storage_setup:
+ docker_dev: "/dev/sdb"
+ docker_vg: "docker-vol"
+ docker_data_size: "95%VG"
+ docker_dm_basesize: "3G"
+ container_root_lv_name: "dockerlv"
+ container_root_lv_mount_path: "/var/lib/docker"
+
+
+# populate-dns
+openshift_openstack_dns_records_add: []
+
+openshift_openstack_public_hostname_suffix: ""
+openshift_openstack_private_hostname_suffix: ""
+openshift_openstack_public_dns_domain: "example.com"
+openshift_openstack_full_dns_domain: "{{ (openshift_openstack_clusterid|trim == '') | ternary(openshift_openstack_public_dns_domain, openshift_openstack_clusterid + '.' + openshift_openstack_public_dns_domain) }}"
+openshift_openstack_app_subdomain: "apps"
+
+
+# heat vars
+openshift_openstack_clusterid: openshift
+openshift_openstack_stack_name: "{{ openshift_openstack_clusterid }}.{{ openshift_openstack_public_dns_domain }}"
+openshift_openstack_subnet_prefix: "192.168.99"
+openshift_openstack_master_hostname: master
+openshift_openstack_infra_hostname: infra-node
+openshift_openstack_node_hostname: app-node
+openshift_openstack_lb_hostname: lb
+openshift_openstack_etcd_hostname: etcd
+openshift_openstack_keypair_name: openshift
+openshift_openstack_lb_flavor: "{{ openshift_openstack_default_flavor }}"
+openshift_openstack_etcd_flavor: "{{ openshift_openstack_default_flavor }}"
+openshift_openstack_master_flavor: "{{ openshift_openstack_default_flavor }}"
+openshift_openstack_node_flavor: "{{ openshift_openstack_default_flavor }}"
+openshift_openstack_infra_flavor: "{{ openshift_openstack_default_flavor }}"
+openshift_openstack_master_image: "{{ openshift_openstack_default_image_name }}"
+openshift_openstack_infra_image: "{{ openshift_openstack_default_image_name }}"
+openshift_openstack_node_image: "{{ openshift_openstack_default_image_name }}"
+openshift_openstack_lb_image: "{{ openshift_openstack_default_image_name }}"
+openshift_openstack_etcd_image: "{{ openshift_openstack_default_image_name }}"
+openshift_openstack_provider_network_name: null
+openshift_openstack_external_network_name: null
+openshift_openstack_private_network: >-
+ {% if openshift_openstack_provider_network_name | default(None) -%}
+ {{ openshift_openstack_provider_network_name }}
+ {%- else -%}
+ {{ openshift_openstack_private_network_name | default ('openshift-ansible-' + openshift_openstack_stack_name + '-net') }}
+ {%- endif -%}
+openshift_openstack_master_server_group_policies: []
+openshift_openstack_infra_server_group_policies: []
+openshift_openstack_docker_volume_size: 15
+openshift_openstack_master_volume_size: "{{ openshift_openstack_docker_volume_size }}"
+openshift_openstack_infra_volume_size: "{{ openshift_openstack_docker_volume_size }}"
+openshift_openstack_node_volume_size: "{{ openshift_openstack_docker_volume_size }}"
+openshift_openstack_etcd_volume_size: 2
+openshift_openstack_lb_volume_size: 5
+openshift_openstack_ephemeral_volumes: false
diff --git a/roles/openshift_openstack/tasks/check-prerequisites.yml b/roles/openshift_openstack/tasks/check-prerequisites.yml
new file mode 100644
index 000000000..30996cc47
--- /dev/null
+++ b/roles/openshift_openstack/tasks/check-prerequisites.yml
@@ -0,0 +1,105 @@
+---
+# Check ansible
+- name: Check Ansible version
+ assert:
+ that: >
+ (ansible_version.major == 2 and ansible_version.minor >= 3) or
+ (ansible_version.major > 2)
+ msg: "Ansible version must be at least 2.3"
+
+# Check shade
+- name: Try to import python module shade
+ command: python -c "import shade"
+ ignore_errors: yes
+ register: shade_result
+- name: Check if shade is installed
+ assert:
+ that: 'shade_result.rc == 0'
+ msg: "Python module shade is not installed"
+
+# Check jmespath
+- name: Try to import python module shade
+ command: python -c "import jmespath"
+ ignore_errors: yes
+ register: jmespath_result
+- name: Check if jmespath is installed
+ assert:
+ that: 'jmespath_result.rc == 0'
+ msg: "Python module jmespath is not installed"
+
+# Check python-dns
+- name: Try to import python DNS module
+ command: python -c "import dns"
+ ignore_errors: yes
+ register: pythondns_result
+ when: openshift_openstack_external_nsupdate_keys is defined
+- name: Check if python-dns is installed
+ assert:
+ that: 'pythondns_result.rc == 0'
+ msg: "Python module python-dns is not installed"
+ when: openshift_openstack_external_nsupdate_keys is defined
+
+# Check jinja2
+- name: Try to import jinja2 module
+ command: python -c "import jinja2"
+ ignore_errors: yes
+ register: jinja_result
+- name: Check if jinja2 is installed
+ assert:
+ that: 'jinja_result.rc == 0'
+ msg: "Python module jinja2 is not installed"
+
+# Check Glance image
+- name: Try to get image facts
+ os_image_facts:
+ image: "{{ openshift_openstack_default_image_name }}"
+ register: image_result
+- name: Check that image is available
+ assert:
+ that: "image_result.ansible_facts.openstack_image"
+ msg: "Image {{ openshift_openstack_default_image_name }} is not available"
+
+# Check network name
+- name: Try to get network facts
+ os_networks_facts:
+ name: "{{ openshift_openstack_external_network_name }}"
+ register: network_result
+ when: not openshift_openstack_provider_network_name|default(None)
+- name: Check that network is available
+ assert:
+ that: "network_result.ansible_facts.openstack_networks"
+ msg: "Network {{ openshift_openstack_external_network_name }} is not available"
+ when: not openshift_openstack_provider_network_name|default(None)
+
+# Check keypair
+# TODO kpilatov: there is no Ansible module for getting OS keypairs
+# (os_keypair is not suitable for this)
+# this method does not force python-openstackclient dependency
+- name: Try to show keypair
+ command: >
+ python -c 'import shade; cloud = shade.openstack_cloud();
+ exit(cloud.get_keypair("{{ openshift_openstack_keypair_name }}") is None)'
+ ignore_errors: yes
+ register: key_result
+- name: Check that keypair is available
+ assert:
+ that: 'key_result.rc == 0'
+ msg: "Keypair {{ openshift_openstack_keypair_name }} is not available"
+
+# Check that custom images are available
+- include_tasks: custom_image_check.yaml
+ with_items:
+ - "{{ openshift_openstack_master_image }}"
+ - "{{ openshift_openstack_infra_image }}"
+ - "{{ openshift_openstack_node_image }}"
+ - "{{ openshift_openstack_lb_image }}"
+ - "{{ openshift_openstack_etcd_image }}"
+
+# Check that custom flavors are available
+- include_tasks: custom_flavor_check.yaml
+ with_items:
+ - "{{ openshift_openstack_master_flavor }}"
+ - "{{ openshift_openstack_infra_flavor }}"
+ - "{{ openshift_openstack_node_flavor }}"
+ - "{{ openshift_openstack_lb_flavor }}"
+ - "{{ openshift_openstack_etcd_flavor }}"
diff --git a/roles/openshift_openstack/tasks/cleanup.yml b/roles/openshift_openstack/tasks/cleanup.yml
new file mode 100644
index 000000000..258334a6b
--- /dev/null
+++ b/roles/openshift_openstack/tasks/cleanup.yml
@@ -0,0 +1,6 @@
+---
+
+- name: cleanup temp files
+ file:
+ path: "{{ stack_template_pre.path }}"
+ state: absent
diff --git a/roles/openshift_openstack/tasks/container-storage-setup.yml b/roles/openshift_openstack/tasks/container-storage-setup.yml
new file mode 100644
index 000000000..be73d18be
--- /dev/null
+++ b/roles/openshift_openstack/tasks/container-storage-setup.yml
@@ -0,0 +1,37 @@
+---
+- block:
+ - name: create the docker-storage config file
+ template:
+ src: docker-storage-setup-overlayfs.j2
+ dest: /etc/sysconfig/docker-storage-setup
+ owner: root
+ group: root
+ mode: 0644
+ when:
+ - ansible_distribution_version is version_compare('7.4', '>=')
+ - ansible_distribution == "RedHat"
+
+- block:
+ - name: create the docker-storage-setup config file
+ template:
+ src: docker-storage-setup-dm.j2
+ dest: /etc/sysconfig/docker-storage-setup
+ owner: root
+ group: root
+ mode: 0644
+ when:
+ - ansible_distribution_version is version_compare('7.4', '<')
+ - ansible_distribution == "RedHat"
+
+- block:
+ - name: create the docker-storage-setup config file for CentOS
+ template:
+ src: docker-storage-setup-dm.j2
+ dest: /etc/sysconfig/docker-storage-setup
+ owner: root
+ group: root
+ mode: 0644
+
+ # TODO(shadower): Find out which CentOS version supports overlayfs2
+ when:
+ - ansible_distribution == "CentOS"
diff --git a/roles/openshift_openstack/tasks/custom_flavor_check.yaml b/roles/openshift_openstack/tasks/custom_flavor_check.yaml
new file mode 100644
index 000000000..5fb7a76ff
--- /dev/null
+++ b/roles/openshift_openstack/tasks/custom_flavor_check.yaml
@@ -0,0 +1,10 @@
+---
+- name: Try to get flavor facts
+ os_flavor_facts:
+ name: "{{ item }}"
+ register: flavor_result
+
+- name: Check that custom flavor is available
+ assert:
+ that: "flavor_result.ansible_facts.openstack_flavors"
+ msg: "Flavor {{ item }} is not available."
diff --git a/roles/openshift_openstack/tasks/custom_image_check.yaml b/roles/openshift_openstack/tasks/custom_image_check.yaml
new file mode 100644
index 000000000..4ae163406
--- /dev/null
+++ b/roles/openshift_openstack/tasks/custom_image_check.yaml
@@ -0,0 +1,10 @@
+---
+- name: Try to get image facts
+ os_image_facts:
+ image: "{{ item }}"
+ register: image_result
+
+- name: Check that custom image is available
+ assert:
+ that: "image_result.ansible_facts.openstack_image"
+ msg: "Image {{ item }} is not available."
diff --git a/roles/openshift_openstack/tasks/generate-templates.yml b/roles/openshift_openstack/tasks/generate-templates.yml
new file mode 100644
index 000000000..3a8b588e9
--- /dev/null
+++ b/roles/openshift_openstack/tasks/generate-templates.yml
@@ -0,0 +1,29 @@
+---
+- name: create HOT stack template prefix
+ register: stack_template_pre
+ tempfile:
+ state: directory
+ prefix: openshift-ansible
+
+- name: set template paths
+ set_fact:
+ stack_template_path: "{{ stack_template_pre.path }}/stack.yaml"
+ user_data_template_path: "{{ stack_template_pre.path }}/user-data"
+
+- name: Print out the Heat template directory
+ debug: var=stack_template_pre
+
+- name: generate HOT stack template from jinja2 template
+ template:
+ src: heat_stack.yaml.j2
+ dest: "{{ stack_template_path }}"
+
+- name: generate HOT server template from jinja2 template
+ template:
+ src: heat_stack_server.yaml.j2
+ dest: "{{ stack_template_pre.path }}/server.yaml"
+
+- name: generate user_data from jinja2 template
+ template:
+ src: user_data.j2
+ dest: "{{ user_data_template_path }}"
diff --git a/roles/openshift_openstack/tasks/net_vars_check.yaml b/roles/openshift_openstack/tasks/net_vars_check.yaml
new file mode 100644
index 000000000..18b9b21b9
--- /dev/null
+++ b/roles/openshift_openstack/tasks/net_vars_check.yaml
@@ -0,0 +1,14 @@
+---
+- name: Check the provider network configuration
+ fail:
+ msg: "Flannel SDN requires a dedicated containers data network and can not work over a provider network"
+ when:
+ - openshift_openstack_provider_network_name is defined
+ - openstack_private_data_network_name is defined
+
+- name: Check the flannel network configuration
+ fail:
+ msg: "A dedicated containers data network is only supported with Flannel SDN"
+ when:
+ - openstack_private_data_network_name is defined
+ - not openshift_use_flannel|default(False)|bool
diff --git a/roles/openshift_openstack/tasks/node-configuration.yml b/roles/openshift_openstack/tasks/node-configuration.yml
new file mode 100644
index 000000000..59df2e396
--- /dev/null
+++ b/roles/openshift_openstack/tasks/node-configuration.yml
@@ -0,0 +1,9 @@
+---
+- name: "Verify SELinux is enforcing"
+ fail:
+ msg: "SELinux is required for OpenShift and has been detected as '{{ ansible_selinux.config_mode }}'"
+ when: ansible_selinux.config_mode != "enforcing"
+
+- include_tasks: container-storage-setup.yml
+
+- include_tasks: node-network.yml
diff --git a/roles/openshift_openstack/tasks/node-network.yml b/roles/openshift_openstack/tasks/node-network.yml
new file mode 100644
index 000000000..f494e5158
--- /dev/null
+++ b/roles/openshift_openstack/tasks/node-network.yml
@@ -0,0 +1,19 @@
+---
+- name: configure NetworkManager
+ lineinfile:
+ dest: "/etc/sysconfig/network-scripts/ifcfg-{{ ansible_default_ipv4['interface'] }}"
+ regexp: '^{{ item }}='
+ line: '{{ item }}=yes'
+ state: present
+ create: yes
+ with_items:
+ - 'USE_PEERDNS'
+ - 'NM_CONTROLLED'
+
+- name: enable and start NetworkManager
+ service:
+ name: NetworkManager
+ state: restarted
+ enabled: yes
+
+# TODO(shadower): add the flannel interface tasks from post-provision-openstack.yml
diff --git a/roles/openshift_openstack/tasks/node-packages.yml b/roles/openshift_openstack/tasks/node-packages.yml
new file mode 100644
index 000000000..c95c9e607
--- /dev/null
+++ b/roles/openshift_openstack/tasks/node-packages.yml
@@ -0,0 +1,19 @@
+---
+# TODO: subscribe to RHEL and install docker and other packages here
+
+- name: Install required packages
+ yum:
+ name: "{{ item }}"
+ state: latest
+ with_items: "{{ openshift_openstack_required_packages }}"
+ register: result
+ until: result is succeeded
+
+- name: Install debug packages (optional)
+ yum:
+ name: "{{ item }}"
+ state: latest
+ with_items: "{{ openshift_openstack_debug_packages }}"
+ when: openshift_openstack_install_debug_packages|bool
+ register: result
+ until: result is succeeded
diff --git a/roles/openshift_openstack/tasks/populate-dns.yml b/roles/openshift_openstack/tasks/populate-dns.yml
new file mode 100644
index 000000000..858dd9e57
--- /dev/null
+++ b/roles/openshift_openstack/tasks/populate-dns.yml
@@ -0,0 +1,121 @@
+---
+- name: "Generate list of private A records"
+ set_fact:
+ private_records: "{{ private_records | default([]) + [ { 'type': 'A', 'hostname': hostvars[item]['ansible_hostname'] + openshift_openstack_private_hostname_suffix, 'ip': hostvars[item]['private_v4'] } ] }}"
+ with_items: "{{ groups['cluster_hosts'] }}"
+
+- name: "Add wildcard records to the private A records for infrahosts"
+ set_fact:
+ private_records: "{{ private_records | default([]) + [ { 'type': 'A', 'hostname': '*.' + openshift_openstack_app_subdomain, 'ip': hostvars[item]['private_v4'] } ] }}"
+ with_items: "{{ groups['infra_hosts'] }}"
+
+- name: "Add public master cluster hostname records to the private A records (single master)"
+ set_fact:
+ private_records: "{{ private_records | default([]) + [ { 'type': 'A', 'hostname': (hostvars[groups.masters[0]].openshift_master_cluster_public_hostname | replace(openshift_openstack_full_dns_domain, ''))[:-1], 'ip': hostvars[groups.masters[0]].private_v4 } ] }}"
+ when:
+ - hostvars[groups.masters[0]].openshift_master_cluster_public_hostname is defined
+ - openshift_openstack_num_masters == 1
+
+- name: "Add public master cluster hostname records to the private A records (multi-master)"
+ set_fact:
+ private_records: "{{ private_records | default([]) + [ { 'type': 'A', 'hostname': (hostvars[groups.masters[0]].openshift_master_cluster_public_hostname | replace(openshift_openstack_full_dns_domain, ''))[:-1], 'ip': hostvars[groups.lb[0]].private_v4 } ] }}"
+ when:
+ - hostvars[groups.masters[0]].openshift_master_cluster_public_hostname is defined
+ - openshift_openstack_num_masters > 1
+
+- name: "Set the private DNS server to use the external value (if provided)"
+ set_fact:
+ nsupdate_server_private: "{{ openshift_openstack_external_nsupdate_keys['private']['server'] }}"
+ nsupdate_key_secret_private: "{{ openshift_openstack_external_nsupdate_keys['private']['key_secret'] }}"
+ nsupdate_key_algorithm_private: "{{ openshift_openstack_external_nsupdate_keys['private']['key_algorithm'] }}"
+ nsupdate_private_key_name: "{{ openshift_openstack_external_nsupdate_keys['private']['key_name']|default('private-' + openshift_openstack_full_dns_domain) }}"
+ when:
+ - openshift_openstack_external_nsupdate_keys['private'] is defined
+
+
+- name: "Generate the private Add section for DNS"
+ set_fact:
+ private_named_records:
+ - view: "private"
+ zone: "{{ openshift_openstack_full_dns_domain }}"
+ server: "{{ nsupdate_server_private }}"
+ key_name: "{{ nsupdate_private_key_name|default('private-' + openshift_openstack_full_dns_domain) }}"
+ key_secret: "{{ nsupdate_key_secret_private }}"
+ key_algorithm: "{{ nsupdate_key_algorithm_private | lower }}"
+ entries: "{{ private_records }}"
+ when:
+ - openshift_openstack_external_nsupdate_keys['private'] is defined
+
+- name: "Generate list of public A records"
+ set_fact:
+ public_records: "{{ public_records | default([]) + [ { 'type': 'A', 'hostname': hostvars[item]['ansible_hostname'] + openshift_openstack_public_hostname_suffix, 'ip': hostvars[item]['public_v4'] } ] }}"
+ with_items: "{{ groups['cluster_hosts'] }}"
+ when: hostvars[item]['public_v4'] is defined
+
+- name: "Add wildcard records to the public A records"
+ set_fact:
+ public_records: "{{ public_records | default([]) + [ { 'type': 'A', 'hostname': '*.' + openshift_openstack_app_subdomain, 'ip': hostvars[item]['public_v4'] } ] }}"
+ with_items: "{{ groups['infra_hosts'] }}"
+ when: hostvars[item]['public_v4'] is defined
+
+- name: "Add public master cluster hostname records to the public A records (single master)"
+ set_fact:
+ public_records: "{{ public_records | default([]) + [ { 'type': 'A', 'hostname': (hostvars[groups.masters[0]].openshift_master_cluster_public_hostname | replace(openshift_openstack_full_dns_domain, ''))[:-1], 'ip': hostvars[groups.masters[0]].public_v4 } ] }}"
+ when:
+ - hostvars[groups.masters[0]].openshift_master_cluster_public_hostname is defined
+ - openshift_openstack_num_masters == 1
+
+- name: "Add public master cluster hostname records to the public A records (multi-master)"
+ set_fact:
+ public_records: "{{ public_records | default([]) + [ { 'type': 'A', 'hostname': (hostvars[groups.masters[0]].openshift_master_cluster_public_hostname | replace(openshift_openstack_full_dns_domain, ''))[:-1], 'ip': hostvars[groups.lb[0]].public_v4 } ] }}"
+ when:
+ - hostvars[groups.masters[0]].openshift_master_cluster_public_hostname is defined
+ - openshift_openstack_num_masters > 1
+
+- name: "Set the public DNS server details to use the external value (if provided)"
+ set_fact:
+ nsupdate_server_public: "{{ openshift_openstack_external_nsupdate_keys['public']['server'] }}"
+ nsupdate_key_secret_public: "{{ openshift_openstack_external_nsupdate_keys['public']['key_secret'] }}"
+ nsupdate_key_algorithm_public: "{{ openshift_openstack_external_nsupdate_keys['public']['key_algorithm'] }}"
+ nsupdate_public_key_name: "{{ openshift_openstack_external_nsupdate_keys['public']['key_name']|default('public-' + openshift_openstack_full_dns_domain) }}"
+ when:
+ - openshift_openstack_external_nsupdate_keys['public'] is defined
+
+- name: "Generate the public Add section for DNS"
+ set_fact:
+ public_named_records:
+ - view: "public"
+ zone: "{{ openshift_openstack_full_dns_domain }}"
+ server: "{{ nsupdate_server_public }}"
+ key_name: "{{ nsupdate_public_key_name|default('public-' + openshift_openstack_full_dns_domain) }}"
+ key_secret: "{{ nsupdate_key_secret_public }}"
+ key_algorithm: "{{ nsupdate_key_algorithm_public | lower }}"
+ entries: "{{ public_records }}"
+ when:
+ - openshift_openstack_external_nsupdate_keys['public'] is defined
+
+
+- name: "Generate the final openshift_openstack_dns_records_add"
+ set_fact:
+ openshift_openstack_dns_records_add: "{{ private_named_records|default([]) + public_named_records|default([]) }}"
+
+
+- name: "Add DNS A records"
+ nsupdate:
+ key_name: "{{ item.0.key_name }}"
+ key_secret: "{{ item.0.key_secret }}"
+ key_algorithm: "{{ item.0.key_algorithm }}"
+ server: "{{ item.0.server }}"
+ zone: "{{ item.0.zone }}"
+ record: "{{ item.1.hostname }}"
+ value: "{{ item.1.ip }}"
+ type: "{{ item.1.type }}"
+ # TODO(shadower): add a cleanup playbook that removes these records, too!
+ state: present
+ with_subelements:
+ - "{{ openshift_openstack_dns_records_add | default([]) }}"
+ - entries
+ register: nsupdate_add_result
+ until: nsupdate_add_result is succeeded
+ retries: 10
+ delay: 1
diff --git a/roles/openshift_openstack/tasks/prepare-and-format-cinder-volume.yaml b/roles/openshift_openstack/tasks/prepare-and-format-cinder-volume.yaml
new file mode 100644
index 000000000..fc51f6dc2
--- /dev/null
+++ b/roles/openshift_openstack/tasks/prepare-and-format-cinder-volume.yaml
@@ -0,0 +1,59 @@
+---
+- name: Attach the volume to the VM
+ os_server_volume:
+ state: present
+ server: "{{ groups['masters'][0] }}"
+ volume: "{{ cinder_volume }}"
+ register: volume_attachment
+
+- set_fact:
+ attached_device: >-
+ {{ volume_attachment['attachments']|json_query("[?volume_id=='" + cinder_volume + "'].device | [0]") }}
+
+- delegate_to: "{{ groups['masters'][0] }}"
+ block:
+ - name: Wait for the device to appear
+ wait_for: path={{ attached_device }}
+
+ - name: Create a temp directory for mounting the volume
+ tempfile:
+ prefix: cinder-volume
+ state: directory
+ register: cinder_mount_dir
+
+ - name: Format the device
+ filesystem:
+ fstype: "{{ cinder_fs }}"
+ dev: "{{ attached_device }}"
+
+ - name: Mount the device
+ mount:
+ name: "{{ cinder_mount_dir.path }}"
+ src: "{{ attached_device }}"
+ state: mounted
+ fstype: "{{ cinder_fs }}"
+
+ - name: Change mode on the filesystem
+ file:
+ path: "{{ cinder_mount_dir.path }}"
+ state: directory
+ recurse: true
+ mode: 0777
+
+ - name: Unmount the device
+ mount:
+ name: "{{ cinder_mount_dir.path }}"
+ src: "{{ attached_device }}"
+ state: absent
+ fstype: "{{ cinder_fs }}"
+
+ - name: Delete the temp directory
+ file:
+ name: "{{ cinder_mount_dir.path }}"
+ state: absent
+
+- name: Detach the volume from the VM
+ os_server_volume:
+ state: absent
+ server: "{{ groups['masters'][0] }}"
+ volume: "{{ cinder_volume }}"
diff --git a/roles/openshift_openstack/tasks/provision.yml b/roles/openshift_openstack/tasks/provision.yml
new file mode 100644
index 000000000..b774bd620
--- /dev/null
+++ b/roles/openshift_openstack/tasks/provision.yml
@@ -0,0 +1,25 @@
+---
+- name: Generate the templates
+ include_tasks: generate-templates.yml
+ when:
+ - openshift_openstack_stack_state == 'present'
+
+- name: Handle the Stack (create/delete)
+ ignore_errors: False
+ register: stack_create
+ os_stack:
+ name: "{{ openshift_openstack_stack_name }}"
+ state: "{{ openshift_openstack_stack_state }}"
+ template: "{{ stack_template_path | default(omit) }}"
+ wait: yes
+
+- name: Add the new nodes to the inventory
+ meta: refresh_inventory
+
+- name: CleanUp
+ include_tasks: cleanup.yml
+ when:
+ - openshift_openstack_stack_state == 'present'
+
+# TODO(shadower): create the registry and PV Cinder volumes if specified
+# and include the `prepare-and-format-cinder-volume` tasks to set it up
diff --git a/roles/openshift_openstack/templates/docker-storage-setup-dm.j2 b/roles/openshift_openstack/templates/docker-storage-setup-dm.j2
new file mode 100644
index 000000000..32c6b5838
--- /dev/null
+++ b/roles/openshift_openstack/templates/docker-storage-setup-dm.j2
@@ -0,0 +1,4 @@
+DEVS="{{ openshift_openstack_container_storage_setup.docker_dev }}"
+VG="{{ openshift_openstack_container_storage_setup.docker_vg }}"
+DATA_SIZE="{{ openshift_openstack_container_storage_setup.docker_data_size }}"
+EXTRA_DOCKER_STORAGE_OPTIONS="--storage-opt dm.basesize={{ openshift_openstack_container_storage_setup.docker_dm_basesize }}"
diff --git a/roles/openshift_openstack/templates/docker-storage-setup-overlayfs.j2 b/roles/openshift_openstack/templates/docker-storage-setup-overlayfs.j2
new file mode 100644
index 000000000..1bf366bdc
--- /dev/null
+++ b/roles/openshift_openstack/templates/docker-storage-setup-overlayfs.j2
@@ -0,0 +1,7 @@
+DEVS="{{ openshift_openstack_container_storage_setup.docker_dev }}"
+VG="{{ openshift_openstack_container_storage_setup.docker_vg }}"
+DATA_SIZE="{{ openshift_openstack_container_storage_setup.docker_data_size }}"
+STORAGE_DRIVER=overlay2
+CONTAINER_ROOT_LV_NAME="{{ openshift_openstack_container_storage_setup.container_root_lv_name }}"
+CONTAINER_ROOT_LV_MOUNT_PATH="{{ openshift_openstack_container_storage_setup.container_root_lv_mount_path }}"
+CONTAINER_ROOT_LV_SIZE=100%FREE
diff --git a/roles/openshift_openstack/templates/heat_stack.yaml.j2 b/roles/openshift_openstack/templates/heat_stack.yaml.j2
new file mode 100644
index 000000000..8d13eb81e
--- /dev/null
+++ b/roles/openshift_openstack/templates/heat_stack.yaml.j2
@@ -0,0 +1,766 @@
+heat_template_version: 2016-10-14
+
+description: OpenShift cluster
+
+parameters:
+
+outputs:
+
+ etcd_names:
+ description: Name of the etcds
+ value: { get_attr: [ etcd, name ] }
+
+ etcd_ips:
+ description: IPs of the etcds
+ value: { get_attr: [ etcd, private_ip ] }
+
+ etcd_floating_ips:
+ description: Floating IPs of the etcds
+ value: { get_attr: [ etcd, floating_ip ] }
+
+ master_names:
+ description: Name of the masters
+ value: { get_attr: [ masters, name ] }
+
+ master_ips:
+ description: IPs of the masters
+ value: { get_attr: [ masters, private_ip ] }
+
+ master_floating_ips:
+ description: Floating IPs of the masters
+ value: { get_attr: [ masters, floating_ip ] }
+
+ node_names:
+ description: Name of the nodes
+ value: { get_attr: [ compute_nodes, name ] }
+
+ node_ips:
+ description: IPs of the nodes
+ value: { get_attr: [ compute_nodes, private_ip ] }
+
+ node_floating_ips:
+ description: Floating IPs of the nodes
+ value: { get_attr: [ compute_nodes, floating_ip ] }
+
+ infra_names:
+ description: Name of the nodes
+ value: { get_attr: [ infra_nodes, name ] }
+
+ infra_ips:
+ description: IPs of the nodes
+ value: { get_attr: [ infra_nodes, private_ip ] }
+
+ infra_floating_ips:
+ description: Floating IPs of the nodes
+ value: { get_attr: [ infra_nodes, floating_ip ] }
+
+conditions:
+ no_floating: {% if openshift_openstack_provider_network_name %}true{% else %}false{% endif %}
+
+resources:
+
+{% if not openshift_openstack_provider_network_name %}
+ net:
+ type: OS::Neutron::Net
+ properties:
+ name:
+ str_replace:
+ template: openshift-ansible-cluster_id-net
+ params:
+ cluster_id: {{ openshift_openstack_stack_name }}
+
+ subnet:
+ type: OS::Neutron::Subnet
+ properties:
+ name:
+ str_replace:
+ template: openshift-ansible-cluster_id-subnet
+ params:
+ cluster_id: {{ openshift_openstack_stack_name }}
+ network: { get_resource: net }
+ cidr:
+ str_replace:
+ template: subnet_24_prefix.0/24
+ params:
+ subnet_24_prefix: {{ openshift_openstack_subnet_prefix }}
+ allocation_pools:
+ - start:
+ str_replace:
+ template: subnet_24_prefix.3
+ params:
+ subnet_24_prefix: {{ openshift_openstack_subnet_prefix }}
+ end:
+ str_replace:
+ template: subnet_24_prefix.254
+ params:
+ subnet_24_prefix: {{ openshift_openstack_subnet_prefix }}
+ dns_nameservers:
+{% for nameserver in openshift_openstack_dns_nameservers %}
+ - {{ nameserver }}
+{% endfor %}
+
+{% if openshift_use_flannel|default(False)|bool %}
+ data_net:
+ type: OS::Neutron::Net
+ properties:
+ name: openshift-ansible-{{ openshift_openstack_stack_name }}-data-net
+ port_security_enabled: false
+
+ data_subnet:
+ type: OS::Neutron::Subnet
+ properties:
+ name: openshift-ansible-{{ openshift_openstack_stack_name }}-data-subnet
+ network: { get_resource: data_net }
+ cidr: {{ osm_cluster_network_cidr|default('10.128.0.0/14') }}
+ gateway_ip: null
+{% endif %}
+
+ router:
+ type: OS::Neutron::Router
+ properties:
+ name:
+ str_replace:
+ template: openshift-ansible-cluster_id-router
+ params:
+ cluster_id: {{ openshift_openstack_stack_name }}
+ external_gateway_info:
+ network: {{ openshift_openstack_external_network_name }}
+
+ interface:
+ type: OS::Neutron::RouterInterface
+ properties:
+ router_id: { get_resource: router }
+ subnet_id: { get_resource: subnet }
+
+{% endif %}
+
+# keypair:
+# type: OS::Nova::KeyPair
+# properties:
+# name:
+# str_replace:
+# template: openshift-ansible-cluster_id-keypair
+# params:
+# cluster_id: {{ openshift_openstack_stack_name }}
+# public_key: {{ openshift_openstack_keypair_name }}
+
+ common-secgrp:
+ type: OS::Neutron::SecurityGroup
+ properties:
+ name:
+ str_replace:
+ template: openshift-ansible-cluster_id-common-secgrp
+ params:
+ cluster_id: {{ openshift_openstack_stack_name }}
+ description:
+ str_replace:
+ template: Basic ssh/icmp security group for cluster_id OpenShift cluster
+ params:
+ cluster_id: {{ openshift_openstack_stack_name }}
+ rules:
+ - direction: ingress
+ protocol: tcp
+ port_range_min: 22
+ port_range_max: 22
+ remote_ip_prefix: {{ openshift_openstack_ssh_ingress_cidr }}
+ - direction: ingress
+ protocol: icmp
+ remote_ip_prefix: {{ openshift_openstack_ssh_ingress_cidr }}
+
+{% if openshift_openstack_flat_secgrp|default(False)|bool %}
+ flat-secgrp:
+ type: OS::Neutron::SecurityGroup
+ properties:
+ name:
+ str_replace:
+ template: openshift-ansible-cluster_id-flat-secgrp
+ params:
+ cluster_id: {{ openshift_openstack_stack_name }}
+ description:
+ str_replace:
+ template: Security group for cluster_id OpenShift cluster
+ params:
+ cluster_id: {{ openshift_openstack_stack_name }}
+ rules:
+ - direction: ingress
+ protocol: tcp
+ port_range_min: 4001
+ port_range_max: 4001
+ - direction: ingress
+ protocol: tcp
+ port_range_min: {{ openshift_master_api_port|default(8443) }}
+ port_range_max: {{ openshift_master_api_port|default(8443) }}
+ - direction: ingress
+ protocol: tcp
+ port_range_min: {{ openshift_master_console_port|default(8443) }}
+ port_range_max: {{ openshift_master_console_port|default(8443) }}
+ - direction: ingress
+ protocol: tcp
+ port_range_min: 8053
+ port_range_max: 8053
+ - direction: ingress
+ protocol: udp
+ port_range_min: 8053
+ port_range_max: 8053
+ - direction: ingress
+ protocol: tcp
+ port_range_min: 24224
+ port_range_max: 24224
+ - direction: ingress
+ protocol: udp
+ port_range_min: 24224
+ port_range_max: 24224
+ - direction: ingress
+ protocol: tcp
+ port_range_min: 2224
+ port_range_max: 2224
+ - direction: ingress
+ protocol: udp
+ port_range_min: 5404
+ port_range_max: 5405
+ - direction: ingress
+ protocol: tcp
+ port_range_min: 9090
+ port_range_max: 9090
+ - direction: ingress
+ protocol: tcp
+ port_range_min: 2379
+ port_range_max: 2380
+ remote_mode: remote_group_id
+ - direction: ingress
+ protocol: tcp
+ port_range_min: 10250
+ port_range_max: 10250
+ remote_mode: remote_group_id
+ - direction: ingress
+ protocol: udp
+ port_range_min: 10250
+ port_range_max: 10250
+ remote_mode: remote_group_id
+ - direction: ingress
+ protocol: tcp
+ port_range_min: 10255
+ port_range_max: 10255
+ remote_mode: remote_group_id
+ - direction: ingress
+ protocol: udp
+ port_range_min: 10255
+ port_range_max: 10255
+ remote_mode: remote_group_id
+ - direction: ingress
+ protocol: udp
+ port_range_min: 4789
+ port_range_max: 4789
+ remote_mode: remote_group_id
+ - direction: ingress
+ protocol: tcp
+ port_range_min: 30000
+ port_range_max: 32767
+ remote_ip_prefix: {{ openshift_openstack_node_ingress_cidr }}
+ - direction: ingress
+ protocol: tcp
+ port_range_min: 30000
+ port_range_max: 32767
+ remote_ip_prefix: "{{ openshift_openstack_subnet_prefix }}.0/24"
+{% else %}
+ master-secgrp:
+ type: OS::Neutron::SecurityGroup
+ properties:
+ name:
+ str_replace:
+ template: openshift-ansible-cluster_id-master-secgrp
+ params:
+ cluster_id: {{ openshift_openstack_stack_name }}
+ description:
+ str_replace:
+ template: Security group for cluster_id OpenShift cluster master
+ params:
+ cluster_id: {{ openshift_openstack_stack_name }}
+ rules:
+ - direction: ingress
+ protocol: tcp
+ port_range_min: 4001
+ port_range_max: 4001
+ - direction: ingress
+ protocol: tcp
+ port_range_min: {{ openshift_master_api_port|default(8443) }}
+ port_range_max: {{ openshift_master_api_port|default(8443) }}
+ - direction: ingress
+ protocol: tcp
+ port_range_min: {{ openshift_master_console_port|default(8443) }}
+ port_range_max: {{ openshift_master_console_port|default(8443) }}
+ - direction: ingress
+ protocol: tcp
+ port_range_min: 8053
+ port_range_max: 8053
+ - direction: ingress
+ protocol: udp
+ port_range_min: 8053
+ port_range_max: 8053
+ - direction: ingress
+ protocol: tcp
+ port_range_min: 24224
+ port_range_max: 24224
+ - direction: ingress
+ protocol: udp
+ port_range_min: 24224
+ port_range_max: 24224
+ - direction: ingress
+ protocol: tcp
+ port_range_min: 2224
+ port_range_max: 2224
+ - direction: ingress
+ protocol: udp
+ port_range_min: 5404
+ port_range_max: 5405
+ - direction: ingress
+ protocol: tcp
+ port_range_min: 9090
+ port_range_max: 9090
+{% if openshift_use_flannel|default(False)|bool %}
+ - direction: ingress
+ protocol: tcp
+ port_range_min: 2379
+ port_range_max: 2379
+{% endif %}
+
+ etcd-secgrp:
+ type: OS::Neutron::SecurityGroup
+ properties:
+ name:
+ str_replace:
+ template: openshift-ansible-cluster_id-etcd-secgrp
+ params:
+ cluster_id: {{ openshift_openstack_stack_name }}
+ description:
+ str_replace:
+ template: Security group for cluster_id etcd cluster
+ params:
+ cluster_id: {{ openshift_openstack_stack_name }}
+ rules:
+ - direction: ingress
+ protocol: tcp
+ port_range_min: 2379
+ port_range_max: 2379
+ remote_mode: remote_group_id
+ remote_group_id: { get_resource: master-secgrp }
+ - direction: ingress
+ protocol: tcp
+ port_range_min: 2380
+ port_range_max: 2380
+ remote_mode: remote_group_id
+
+ node-secgrp:
+ type: OS::Neutron::SecurityGroup
+ properties:
+ name:
+ str_replace:
+ template: openshift-ansible-cluster_id-node-secgrp
+ params:
+ cluster_id: {{ openshift_openstack_stack_name }}
+ description:
+ str_replace:
+ template: Security group for cluster_id OpenShift cluster nodes
+ params:
+ cluster_id: {{ openshift_openstack_stack_name }}
+ rules:
+ - direction: ingress
+ protocol: tcp
+ port_range_min: 10250
+ port_range_max: 10250
+ remote_mode: remote_group_id
+ - direction: ingress
+ protocol: tcp
+ port_range_min: 10255
+ port_range_max: 10255
+ remote_mode: remote_group_id
+ - direction: ingress
+ protocol: udp
+ port_range_min: 10255
+ port_range_max: 10255
+ remote_mode: remote_group_id
+ - direction: ingress
+ protocol: udp
+ port_range_min: 4789
+ port_range_max: 4789
+ remote_mode: remote_group_id
+ - direction: ingress
+ protocol: tcp
+ port_range_min: 30000
+ port_range_max: 32767
+ remote_ip_prefix: {{ openshift_openstack_node_ingress_cidr }}
+ - direction: ingress
+ protocol: tcp
+ port_range_min: 30000
+ port_range_max: 32767
+ remote_ip_prefix: "{{ openshift_openstack_subnet_prefix }}.0/24"
+{% endif %}
+
+ infra-secgrp:
+ type: OS::Neutron::SecurityGroup
+ properties:
+ name:
+ str_replace:
+ template: openshift-ansible-cluster_id-infra-secgrp
+ params:
+ cluster_id: {{ openshift_openstack_stack_name }}
+ description:
+ str_replace:
+ template: Security group for cluster_id OpenShift infrastructure cluster nodes
+ params:
+ cluster_id: {{ openshift_openstack_stack_name }}
+ rules:
+ - direction: ingress
+ protocol: tcp
+ port_range_min: 80
+ port_range_max: 80
+ - direction: ingress
+ protocol: tcp
+ port_range_min: 443
+ port_range_max: 443
+
+{% if openshift_openstack_num_masters|int > 1 %}
+ lb-secgrp:
+ type: OS::Neutron::SecurityGroup
+ properties:
+ name: openshift-ansible-{{ openshift_openstack_stack_name }}-lb-secgrp
+ description: Security group for {{ openshift_openstack_stack_name }} cluster Load Balancer
+ rules:
+ - direction: ingress
+ protocol: tcp
+ port_range_min: {{ openshift_master_api_port | default(8443) }}
+ port_range_max: {{ openshift_master_api_port | default(8443) }}
+ remote_ip_prefix: {{ openshift_openstack_lb_ingress_cidr }}
+{% if openshift_master_console_port is defined and openshift_master_console_port != openshift_master_api_port %}
+ - direction: ingress
+ protocol: tcp
+ port_range_min: {{ openshift_master_console_port | default(8443) }}
+ port_range_max: {{ openshift_master_console_port | default(8443) }}
+ remote_ip_prefix: {{ openshift_openstack_lb_ingress_cidr }}
+{% endif %}
+{% endif %}
+
+ etcd:
+ type: OS::Heat::ResourceGroup
+ properties:
+ count: {{ openshift_openstack_num_etcd }}
+ resource_def:
+ type: server.yaml
+ properties:
+ name:
+ str_replace:
+ template: k8s_type-%index%.cluster_id
+ params:
+ cluster_id: {{ openshift_openstack_stack_name }}
+ k8s_type: {{ openshift_openstack_etcd_hostname }}
+ cluster_env: {{ openshift_openstack_public_dns_domain }}
+ cluster_id: {{ openshift_openstack_stack_name }}
+ group:
+ str_replace:
+ template: k8s_type.cluster_id
+ params:
+ k8s_type: etcds
+ cluster_id: {{ openshift_openstack_stack_name }}
+ type: etcd
+ image: {{ openshift_openstack_etcd_image }}
+ flavor: {{ openshift_openstack_etcd_flavor }}
+ key_name: {{ openshift_openstack_keypair_name }}
+{% if openshift_openstack_provider_network_name %}
+ net: {{ openshift_openstack_provider_network_name }}
+ net_name: {{ openshift_openstack_provider_network_name }}
+{% else %}
+ net: { get_resource: net }
+ subnet: { get_resource: subnet }
+ net_name:
+ str_replace:
+ template: openshift-ansible-cluster_id-net
+ params:
+ cluster_id: {{ openshift_openstack_stack_name }}
+{% endif %}
+ secgrp:
+ - { get_resource: {% if openshift_openstack_flat_secgrp|default(False)|bool %}flat-secgrp{% else %}etcd-secgrp{% endif %} }
+ - { get_resource: common-secgrp }
+ floating_network:
+ if:
+ - no_floating
+ - null
+ - {{ openshift_openstack_external_network_name }}
+{% if openshift_openstack_provider_network_name %}
+ attach_float_net: false
+{% endif %}
+ volume_size: {{ openshift_openstack_etcd_volume_size }}
+{% if not openshift_openstack_provider_network_name %}
+ depends_on:
+ - interface
+{% endif %}
+
+{% if openshift_openstack_master_server_group_policies|length > 0 %}
+ master_server_group:
+ type: OS::Nova::ServerGroup
+ properties:
+ name: master_server_group
+ policies: {{ openshift_openstack_master_server_group_policies }}
+{% endif %}
+{% if openshift_openstack_infra_server_group_policies|length > 0 %}
+ infra_server_group:
+ type: OS::Nova::ServerGroup
+ properties:
+ name: infra_server_group
+ policies: {{ openshift_openstack_infra_server_group_policies }}
+{% endif %}
+{% if openshift_openstack_num_masters|int > 1 %}
+ loadbalancer:
+ type: OS::Heat::ResourceGroup
+ properties:
+ count: 1
+ resource_def:
+ type: server.yaml
+ properties:
+ name:
+ str_replace:
+ template: k8s_type-%index%.cluster_id
+ params:
+ cluster_id: {{ openshift_openstack_stack_name }}
+ k8s_type: {{ openshift_openstack_lb_hostname }}
+ cluster_env: {{ openshift_openstack_public_dns_domain }}
+ cluster_id: {{ openshift_openstack_stack_name }}
+ group:
+ str_replace:
+ template: k8s_type.cluster_id
+ params:
+ k8s_type: lb
+ cluster_id: {{ openshift_openstack_stack_name }}
+ type: lb
+ image: {{ openshift_openstack_lb_image }}
+ flavor: {{ openshift_openstack_lb_flavor }}
+ key_name: {{ openshift_openstack_keypair_name }}
+{% if openshift_openstack_provider_network_name %}
+ net: {{ openshift_openstack_provider_network_name }}
+ net_name: {{ openshift_openstack_provider_network_name }}
+{% else %}
+ net: { get_resource: net }
+ subnet: { get_resource: subnet }
+ net_name:
+ str_replace:
+ template: openshift-ansible-cluster_id-net
+ params:
+ cluster_id: {{ openshift_openstack_stack_name }}
+{% endif %}
+ secgrp:
+ - { get_resource: lb-secgrp }
+ - { get_resource: common-secgrp }
+{% if not openshift_openstack_provider_network_name %}
+ floating_network: {{ openshift_openstack_external_network_name }}
+{% endif %}
+ volume_size: {{ openshift_openstack_lb_volume_size }}
+{% if not openshift_openstack_provider_network_name %}
+ depends_on:
+ - interface
+{% endif %}
+{% endif %}
+
+ masters:
+ type: OS::Heat::ResourceGroup
+ properties:
+ count: {{ openshift_openstack_num_masters }}
+ resource_def:
+ type: server.yaml
+ properties:
+ name:
+ str_replace:
+ template: k8s_type-%index%.cluster_id
+ params:
+ cluster_id: {{ openshift_openstack_stack_name }}
+ k8s_type: {{ openshift_openstack_master_hostname }}
+ cluster_env: {{ openshift_openstack_public_dns_domain }}
+ cluster_id: {{ openshift_openstack_stack_name }}
+ group:
+ str_replace:
+ template: k8s_type.cluster_id
+ params:
+ k8s_type: masters
+ cluster_id: {{ openshift_openstack_stack_name }}
+ type: master
+ image: {{ openshift_openstack_master_image }}
+ flavor: {{ openshift_openstack_master_flavor }}
+ key_name: {{ openshift_openstack_keypair_name }}
+{% if openshift_openstack_provider_network_name %}
+ net: {{ openshift_openstack_provider_network_name }}
+ net_name: {{ openshift_openstack_provider_network_name }}
+{% else %}
+ net: { get_resource: net }
+ subnet: { get_resource: subnet }
+ net_name:
+ str_replace:
+ template: openshift-ansible-cluster_id-net
+ params:
+ cluster_id: {{ openshift_openstack_stack_name }}
+{% if openshift_use_flannel|default(False)|bool %}
+ attach_data_net: true
+ data_net: { get_resource: data_net }
+ data_subnet: { get_resource: data_subnet }
+{% endif %}
+{% endif %}
+ secgrp:
+{% if openshift_openstack_flat_secgrp|default(False)|bool %}
+ - { get_resource: flat-secgrp }
+{% else %}
+ - { get_resource: master-secgrp }
+ - { get_resource: node-secgrp }
+{% if openshift_openstack_num_etcd|int == 0 %}
+ - { get_resource: etcd-secgrp }
+{% endif %}
+{% endif %}
+ - { get_resource: common-secgrp }
+ floating_network:
+ if:
+ - no_floating
+ - null
+ - {{ openshift_openstack_external_network_name }}
+{% if openshift_openstack_provider_network_name %}
+ attach_float_net: false
+{% endif %}
+ volume_size: {{ openshift_openstack_master_volume_size }}
+{% if openshift_openstack_master_server_group_policies|length > 0 %}
+ scheduler_hints:
+ group: { get_resource: master_server_group }
+{% endif %}
+{% if not openshift_openstack_provider_network_name %}
+ depends_on:
+ - interface
+{% endif %}
+
+ compute_nodes:
+ type: OS::Heat::ResourceGroup
+ properties:
+ count: {{ openshift_openstack_num_nodes }}
+ removal_policies:
+ - resource_list: {{ openshift_openstack_nodes_to_remove }}
+ resource_def:
+ type: server.yaml
+ properties:
+ name:
+ str_replace:
+ template: sub_type_k8s_type-%index%.cluster_id
+ params:
+ cluster_id: {{ openshift_openstack_stack_name }}
+ sub_type_k8s_type: {{ openshift_openstack_node_hostname }}
+ cluster_env: {{ openshift_openstack_public_dns_domain }}
+ cluster_id: {{ openshift_openstack_stack_name }}
+ group:
+ str_replace:
+ template: k8s_type.cluster_id
+ params:
+ k8s_type: nodes
+ cluster_id: {{ openshift_openstack_stack_name }}
+ type: node
+ subtype: app
+ node_labels:
+{% for k, v in openshift_openstack_cluster_node_labels.app.items() %}
+ {{ k|e }}: {{ v|e }}
+{% endfor %}
+ image: {{ openshift_openstack_node_image }}
+ flavor: {{ openshift_openstack_node_flavor }}
+ key_name: {{ openshift_openstack_keypair_name }}
+{% if openshift_openstack_provider_network_name %}
+ net: {{ openshift_openstack_provider_network_name }}
+ net_name: {{ openshift_openstack_provider_network_name }}
+{% else %}
+ net: { get_resource: net }
+ subnet: { get_resource: subnet }
+ net_name:
+ str_replace:
+ template: openshift-ansible-cluster_id-net
+ params:
+ cluster_id: {{ openshift_openstack_stack_name }}
+{% if openshift_use_flannel|default(False)|bool %}
+ attach_data_net: true
+ data_net: { get_resource: data_net }
+ data_subnet: { get_resource: data_subnet }
+{% endif %}
+{% endif %}
+ secgrp:
+ - { get_resource: {% if openshift_openstack_flat_secgrp|default(False)|bool %}flat-secgrp{% else %}node-secgrp{% endif %} }
+ - { get_resource: common-secgrp }
+ floating_network:
+ if:
+ - no_floating
+ - null
+ - {{ openshift_openstack_external_network_name }}
+{% if openshift_openstack_provider_network_name %}
+ attach_float_net: false
+{% endif %}
+ volume_size: {{ openshift_openstack_node_volume_size }}
+{% if not openshift_openstack_provider_network_name %}
+ depends_on:
+ - interface
+{% endif %}
+
+ infra_nodes:
+ type: OS::Heat::ResourceGroup
+ properties:
+ count: {{ openshift_openstack_num_infra }}
+ resource_def:
+ type: server.yaml
+ properties:
+ name:
+ str_replace:
+ template: sub_type_k8s_type-%index%.cluster_id
+ params:
+ cluster_id: {{ openshift_openstack_stack_name }}
+ sub_type_k8s_type: {{ openshift_openstack_infra_hostname }}
+ cluster_env: {{ openshift_openstack_public_dns_domain }}
+ cluster_id: {{ openshift_openstack_stack_name }}
+ group:
+ str_replace:
+ template: k8s_type.cluster_id
+ params:
+ k8s_type: infra
+ cluster_id: {{ openshift_openstack_stack_name }}
+ type: node
+ subtype: infra
+ node_labels:
+{% for k, v in openshift_openstack_cluster_node_labels.infra.items() %}
+ {{ k|e }}: {{ v|e }}
+{% endfor %}
+ image: {{ openshift_openstack_infra_image }}
+ flavor: {{ openshift_openstack_infra_flavor }}
+ key_name: {{ openshift_openstack_keypair_name }}
+{% if openshift_openstack_provider_network_name %}
+ net: {{ openshift_openstack_provider_network_name }}
+ net_name: {{ openshift_openstack_provider_network_name }}
+{% else %}
+ net: { get_resource: net }
+ subnet: { get_resource: subnet }
+ net_name:
+ str_replace:
+ template: openshift-ansible-cluster_id-net
+ params:
+ cluster_id: {{ openshift_openstack_stack_name }}
+{% if openshift_use_flannel|default(False)|bool %}
+ attach_data_net: true
+ data_net: { get_resource: data_net }
+ data_subnet: { get_resource: data_subnet }
+{% endif %}
+{% endif %}
+ secgrp:
+# TODO(bogdando) filter only required node rules into infra-secgrp
+{% if openshift_openstack_flat_secgrp|default(False)|bool %}
+ - { get_resource: flat-secgrp }
+{% else %}
+ - { get_resource: node-secgrp }
+{% endif %}
+ - { get_resource: infra-secgrp }
+ - { get_resource: common-secgrp }
+{% if not openshift_openstack_provider_network_name %}
+ floating_network: {{ openshift_openstack_external_network_name }}
+{% endif %}
+ volume_size: {{ openshift_openstack_infra_volume_size }}
+{% if openshift_openstack_infra_server_group_policies|length > 0 %}
+ scheduler_hints:
+ group: { get_resource: infra_server_group }
+{% endif %}
+{% if not openshift_openstack_provider_network_name %}
+ depends_on:
+ - interface
+{% endif %}
diff --git a/roles/openshift_openstack/templates/heat_stack_server.yaml.j2 b/roles/openshift_openstack/templates/heat_stack_server.yaml.j2
new file mode 100644
index 000000000..a829da34f
--- /dev/null
+++ b/roles/openshift_openstack/templates/heat_stack_server.yaml.j2
@@ -0,0 +1,270 @@
+heat_template_version: 2016-10-14
+
+description: OpenShift cluster server
+
+parameters:
+
+ name:
+ type: string
+ label: Name
+ description: Name
+
+ group:
+ type: string
+ label: Host Group
+ description: The Primary Ansible Host Group
+ default: host
+
+ cluster_env:
+ type: string
+ label: Cluster environment
+ description: Environment of the cluster
+
+ cluster_id:
+ type: string
+ label: Cluster ID
+ description: Identifier of the cluster
+
+ type:
+ type: string
+ label: Type
+ description: Type master or node
+
+ subtype:
+ type: string
+ label: Sub-type
+ description: Sub-type compute or infra for nodes, default otherwise
+ default: default
+
+ key_name:
+ type: string
+ label: Key name
+ description: Key name of keypair
+
+ image:
+ type: string
+ label: Image
+ description: Name of the image
+
+ flavor:
+ type: string
+ label: Flavor
+ description: Name of the flavor
+
+ net:
+ type: string
+ label: Net ID
+ description: Net resource
+
+ net_name:
+ type: string
+ label: Net name
+ description: Net name
+
+{% if not openshift_openstack_provider_network_name %}
+ subnet:
+ type: string
+ label: Subnet ID
+ description: Subnet resource
+{% endif %}
+
+{% if openshift_use_flannel|default(False)|bool %}
+ attach_data_net:
+ type: boolean
+ default: false
+ label: Attach-data-net
+ description: A switch for data port connection
+
+ data_net:
+ type: string
+ default: ''
+ label: Net ID
+ description: Net resource
+
+{% if not openshift_openstack_provider_network_name %}
+ data_subnet:
+ type: string
+ default: ''
+ label: Subnet ID
+ description: Subnet resource
+{% endif %}
+{% endif %}
+
+ secgrp:
+ type: comma_delimited_list
+ label: Security groups
+ description: Security group resources
+
+ attach_float_net:
+ type: boolean
+ default: true
+
+ label: Attach-float-net
+ description: A switch for floating network port connection
+
+{% if not openshift_openstack_provider_network_name %}
+ floating_network:
+ type: string
+ default: ''
+ label: Floating network
+ description: Network to allocate floating IP from
+{% endif %}
+
+ availability_zone:
+ type: string
+ description: The Availability Zone to launch the instance.
+ default: nova
+
+ volume_size:
+ type: number
+ description: Size of the volume to be created.
+ default: 1
+ constraints:
+ - range: { min: 1, max: 1024 }
+ description: must be between 1 and 1024 Gb.
+
+ node_labels:
+ type: json
+ description: OpenShift Node Labels
+ default: {"region": "default" }
+
+ scheduler_hints:
+ type: json
+ description: Server scheduler hints.
+ default: {}
+
+outputs:
+
+ name:
+ description: Name of the server
+ value: { get_attr: [ server, name ] }
+
+ private_ip:
+ description: Private IP of the server
+ value:
+ get_attr:
+ - server
+ - addresses
+ - { get_param: net_name }
+ - 0
+ - addr
+
+ floating_ip:
+ description: Floating IP of the server
+ value:
+ get_attr:
+ - server
+ - addresses
+ - { get_param: net_name }
+{% if openshift_openstack_provider_network_name %}
+ - 0
+{% else %}
+ - 1
+{% endif %}
+ - addr
+
+conditions:
+ no_floating: {not: { get_param: attach_float_net} }
+{% if openshift_use_flannel|default(False)|bool %}
+ no_data_subnet: {not: { get_param: attach_data_net} }
+{% endif %}
+
+resources:
+
+ server:
+ type: OS::Nova::Server
+ properties:
+ name: { get_param: name }
+ key_name: { get_param: key_name }
+ image: { get_param: image }
+ flavor: { get_param: flavor }
+ networks:
+{% if openshift_use_flannel|default(False)|bool %}
+ if:
+ - no_data_subnet
+{% if use_trunk_ports|default(false)|bool %}
+ - - port: { get_attr: [trunk-port, port_id] }
+{% else %}
+ - - port: { get_resource: port }
+{% endif %}
+{% if use_trunk_ports|default(false)|bool %}
+ - - port: { get_attr: [trunk-port, port_id] }
+{% else %}
+ - - port: { get_resource: port }
+ - port: { get_resource: data_port }
+{% endif %}
+
+{% else %}
+{% if use_trunk_ports|default(false)|bool %}
+ - port: { get_attr: [trunk-port, port_id] }
+{% else %}
+ - port: { get_resource: port }
+{% endif %}
+{% endif %}
+ user_data:
+ get_file: user-data
+ user_data_format: RAW
+ user_data_update_policy: IGNORE
+ metadata:
+ group: { get_param: group }
+ environment: { get_param: cluster_env }
+ clusterid: { get_param: cluster_id }
+ host-type: { get_param: type }
+ sub-host-type: { get_param: subtype }
+ node_labels: { get_param: node_labels }
+ scheduler_hints: { get_param: scheduler_hints }
+
+{% if use_trunk_ports|default(false)|bool %}
+ trunk-port:
+ type: OS::Neutron::Trunk
+ properties:
+ name: { get_param: name }
+ port: { get_resource: port }
+{% endif %}
+
+ port:
+ type: OS::Neutron::Port
+ properties:
+ network: { get_param: net }
+{% if not openshift_openstack_provider_network_name %}
+ fixed_ips:
+ - subnet: { get_param: subnet }
+{% endif %}
+ security_groups: { get_param: secgrp }
+
+{% if openshift_use_flannel|default(False)|bool %}
+ data_port:
+ type: OS::Neutron::Port
+ condition: { not: no_data_subnet }
+ properties:
+ network: { get_param: data_net }
+ port_security_enabled: false
+{% if not openshift_openstack_provider_network_name %}
+ fixed_ips:
+ - subnet: { get_param: data_subnet }
+{% endif %}
+{% endif %}
+
+{% if not openshift_openstack_provider_network_name %}
+ floating-ip:
+ condition: { not: no_floating }
+ type: OS::Neutron::FloatingIP
+ properties:
+ floating_network: { get_param: floating_network }
+ port_id: { get_resource: port }
+{% endif %}
+
+{% if not openshift_openstack_ephemeral_volumes|default(false)|bool %}
+ cinder_volume:
+ type: OS::Cinder::Volume
+ properties:
+ size: { get_param: volume_size }
+ availability_zone: { get_param: availability_zone }
+
+ volume_attachment:
+ type: OS::Cinder::VolumeAttachment
+ properties:
+ volume_id: { get_resource: cinder_volume }
+ instance_uuid: { get_resource: server }
+ mountpoint: /dev/sdb
+{% endif %}
diff --git a/roles/openshift_openstack/templates/user_data.j2 b/roles/openshift_openstack/templates/user_data.j2
new file mode 100644
index 000000000..eb65f7cec
--- /dev/null
+++ b/roles/openshift_openstack/templates/user_data.j2
@@ -0,0 +1,13 @@
+#cloud-config
+disable_root: true
+
+system_info:
+ default_user:
+ name: openshift
+ sudo: ["ALL=(ALL) NOPASSWD: ALL"]
+
+write_files:
+ - path: /etc/sudoers.d/00-openshift-no-requiretty
+ permissions: 440
+ content: |
+ Defaults:openshift !requiretty
diff --git a/roles/openshift_persistent_volumes/action_plugins/generate_pv_pvcs_list.py b/roles/openshift_persistent_volumes/action_plugins/generate_pv_pvcs_list.py
new file mode 100644
index 000000000..eb13a58ba
--- /dev/null
+++ b/roles/openshift_persistent_volumes/action_plugins/generate_pv_pvcs_list.py
@@ -0,0 +1,157 @@
+"""
+Ansible action plugin to generate pv and pvc dictionaries lists
+"""
+
+from ansible.plugins.action import ActionBase
+from ansible import errors
+
+
+class ActionModule(ActionBase):
+ """Action plugin to execute health checks."""
+
+ def get_templated(self, var_to_template):
+ """Return a properly templated ansible variable"""
+ return self._templar.template(self.task_vars.get(var_to_template))
+
+ def build_common(self, varname=None):
+ """Retrieve common variables for each pv and pvc type"""
+ volume = self.get_templated(str(varname) + '_volume_name')
+ size = self.get_templated(str(varname) + '_volume_size')
+ labels = self.task_vars.get(str(varname) + '_labels')
+ if labels:
+ labels = self._templar.template(labels)
+ else:
+ labels = dict()
+ access_modes = self.get_templated(str(varname) + '_access_modes')
+ return (volume, size, labels, access_modes)
+
+ def build_pv_nfs(self, varname=None):
+ """Build pv dictionary for nfs storage type"""
+ host = self.task_vars.get(str(varname) + '_host')
+ if host:
+ self._templar.template(host)
+ elif host is None:
+ groups = self.task_vars.get('groups')
+ default_group_name = self.get_templated('openshift_persistent_volumes_default_nfs_group')
+ if groups and default_group_name and default_group_name in groups and len(groups[default_group_name]) > 0:
+ host = groups['oo_nfs_to_config'][0]
+ else:
+ raise errors.AnsibleModuleError("|failed no storage host detected")
+ volume, size, labels, access_modes = self.build_common(varname=varname)
+ directory = self.get_templated(str(varname) + '_nfs_directory')
+ path = directory + '/' + volume
+ return dict(
+ name="{0}-volume".format(volume),
+ capacity=size,
+ labels=labels,
+ access_modes=access_modes,
+ storage=dict(
+ nfs=dict(
+ server=host,
+ path=path)))
+
+ def build_pv_openstack(self, varname=None):
+ """Build pv dictionary for openstack storage type"""
+ volume, size, labels, access_modes = self.build_common(varname=varname)
+ filesystem = self.get_templated(str(varname) + '_openstack_filesystem')
+ volume_id = self.get_templated(str(varname) + '_openstack_volumeID')
+ return dict(
+ name="{0}-volume".format(volume),
+ capacity=size,
+ labels=labels,
+ access_modes=access_modes,
+ storage=dict(
+ cinder=dict(
+ fsType=filesystem,
+ volumeID=volume_id)))
+
+ def build_pv_glusterfs(self, varname=None):
+ """Build pv dictionary for glusterfs storage type"""
+ volume, size, labels, access_modes = self.build_common(varname=varname)
+ endpoints = self.get_templated(str(varname) + '_glusterfs_endpoints')
+ path = self.get_templated(str(varname) + '_glusterfs_path')
+ read_only = self.get_templated(str(varname) + '_glusterfs_readOnly')
+ return dict(
+ name="{0}-volume".format(volume),
+ capacity=size,
+ labels=labels,
+ access_modes=access_modes,
+ storage=dict(
+ glusterfs=dict(
+ endpoints=endpoints,
+ path=path,
+ readOnly=read_only)))
+
+ def build_pv_dict(self, varname=None):
+ """Check for the existence of PV variables"""
+ kind = self.task_vars.get(str(varname) + '_kind')
+ if kind:
+ kind = self._templar.template(kind)
+ create_pv = self.task_vars.get(str(varname) + '_create_pv')
+ if create_pv and self._templar.template(create_pv):
+ if kind == 'nfs':
+ return self.build_pv_nfs(varname=varname)
+
+ elif kind == 'openstack':
+ return self.build_pv_openstack(varname=varname)
+
+ elif kind == 'glusterfs':
+ return self.build_pv_glusterfs(varname=varname)
+
+ elif not (kind == 'object' or kind == 'dynamic'):
+ msg = "|failed invalid storage kind '{0}' for component '{1}'".format(
+ kind,
+ varname)
+ raise errors.AnsibleModuleError(msg)
+ return None
+
+ def build_pvc_dict(self, varname=None):
+ """Check for the existence of PVC variables"""
+ kind = self.task_vars.get(str(varname) + '_kind')
+ if kind:
+ kind = self._templar.template(kind)
+ create_pv = self.task_vars.get(str(varname) + '_create_pv')
+ if create_pv:
+ create_pv = self._templar.template(create_pv)
+ create_pvc = self.task_vars.get(str(varname) + '_create_pvc')
+ if create_pvc:
+ create_pvc = self._templar.template(create_pvc)
+ if kind != 'object' and create_pv and create_pvc:
+ volume, size, _, access_modes = self.build_common(varname=varname)
+ return dict(
+ name="{0}-claim".format(volume),
+ capacity=size,
+ access_modes=access_modes)
+ return None
+
+ def run(self, tmp=None, task_vars=None):
+ """Run generate_pv_pvcs_list action plugin"""
+ result = super(ActionModule, self).run(tmp, task_vars)
+ # Ignore settting self.task_vars outside of init.
+ # pylint: disable=W0201
+ self.task_vars = task_vars or {}
+
+ result["changed"] = False
+ result["failed"] = False
+ result["msg"] = "persistent_volumes list and persistent_volume_claims list created"
+ vars_to_check = ['openshift_hosted_registry_storage',
+ 'openshift_hosted_router_storage',
+ 'openshift_hosted_etcd_storage',
+ 'openshift_logging_storage',
+ 'openshift_loggingops_storage',
+ 'openshift_metrics_storage',
+ 'openshift_prometheus_storage',
+ 'openshift_prometheus_alertmanager_storage',
+ 'openshift_prometheus_alertbuffer_storage']
+ persistent_volumes = []
+ persistent_volume_claims = []
+ for varname in vars_to_check:
+ pv_dict = self.build_pv_dict(varname)
+ if pv_dict:
+ persistent_volumes.append(pv_dict)
+ pvc_dict = self.build_pvc_dict(varname)
+ if pvc_dict:
+ persistent_volume_claims.append(pvc_dict)
+ result["persistent_volumes"] = persistent_volumes
+ result["persistent_volume_claims"] = persistent_volume_claims
+ return result
diff --git a/roles/openshift_persistent_volumes/defaults/main.yml b/roles/openshift_persistent_volumes/defaults/main.yml
new file mode 100644
index 000000000..b16e164e6
--- /dev/null
+++ b/roles/openshift_persistent_volumes/defaults/main.yml
@@ -0,0 +1,9 @@
+---
+
+openshift_persistent_volumes_default_nfs_group: 'oo_nfs_to_config'
+
+openshift_persistent_volume_extras: []
+openshift_persistent_volume_claims_extras: []
+
+glusterfs_pv: []
+glusterfs_pvc: []
diff --git a/roles/openshift_persistent_volumes/meta/main.yml b/roles/openshift_persistent_volumes/meta/main.yml
index 19e9a56b7..aea7616bf 100644
--- a/roles/openshift_persistent_volumes/meta/main.yml
+++ b/roles/openshift_persistent_volumes/meta/main.yml
@@ -9,4 +9,6 @@ galaxy_info:
- name: EL
versions:
- 7
-dependencies: {}
+dependencies:
+- role: openshift_facts
+- role: lib_utils
diff --git a/roles/openshift_persistent_volumes/tasks/main.yml b/roles/openshift_persistent_volumes/tasks/main.yml
index e431e978c..0b4dd7d1f 100644
--- a/roles/openshift_persistent_volumes/tasks/main.yml
+++ b/roles/openshift_persistent_volumes/tasks/main.yml
@@ -9,39 +9,36 @@
cp {{ openshift_master_config_dir }}/admin.kubeconfig {{ mktemp.stdout }}/admin.kubeconfig
changed_when: False
-- name: Deploy PersistentVolume definitions
- template:
- dest: "{{ mktemp.stdout }}/persistent-volumes.yml"
- src: persistent-volume.yml.j2
- when: persistent_volumes | length > 0
- changed_when: False
+- set_fact:
+ glusterfs_pv:
+ - name: "{{ openshift_hosted_registry_storage_volume_name }}-glusterfs-volume"
+ capacity: "{{ openshift_hosted_registry_storage_volume_size }}"
+ access_modes: "{{ openshift_hosted_registry_storage_access_modes }}"
+ storage:
+ glusterfs:
+ endpoints: "{{ openshift_hosted_registry_storage_glusterfs_endpoints }}"
+ path: "{{ openshift_hosted_registry_storage_glusterfs_path }}"
+ readOnly: "{{ openshift_hosted_registry_storage_glusterfs_readOnly }}"
+ glusterfs_pvc:
+ - name: "{{ openshift_hosted_registry_storage_volume_name }}-glusterfs-claim"
+ capacity: "{{ openshift_hosted_registry_storage_volume_size }}"
+ access_modes: "{{ openshift_hosted_registry_storage_access_modes }}"
+ when: openshift_hosted_registry_storage_glusterfs_swap | default(False)
-- name: Create PersistentVolumes
- command: >
- {{ openshift.common.client_binary }} create
- -f {{ mktemp.stdout }}/persistent-volumes.yml
- --config={{ mktemp.stdout }}/admin.kubeconfig
- register: pv_create_output
- when: persistent_volumes | length > 0
- failed_when: ('already exists' not in pv_create_output.stderr) and ('created' not in pv_create_output.stdout)
- changed_when: ('created' in pv_create_output.stdout)
+- name: create standard pv and pvc lists
+ # generate_pv_pvcs_list is a custom action module defined in ../action_plugins
+ generate_pv_pvcs_list: {}
+ register: l_pv_pvcs_list
-- name: Deploy PersistentVolumeClaim definitions
- template:
- dest: "{{ mktemp.stdout }}/persistent-volume-claims.yml"
- src: persistent-volume-claim.yml.j2
- when: persistent_volume_claims | length > 0
- changed_when: False
+- include_tasks: pv.yml
+ vars:
+ l_extra_persistent_volumes: "{{ openshift_persistent_volume_extras | union(glusterfs_pv) }}"
+ persistent_volumes: "{{ l_pv_pvcs_list.persistent_volumes | union(l_extra_persistent_volumes) }}"
-- name: Create PersistentVolumeClaims
- command: >
- {{ openshift.common.client_binary }} create
- -f {{ mktemp.stdout }}/persistent-volume-claims.yml
- --config={{ mktemp.stdout }}/admin.kubeconfig
- register: pvc_create_output
- when: persistent_volume_claims | length > 0
- failed_when: ('already exists' not in pvc_create_output.stderr) and ('created' not in pvc_create_output.stdout)
- changed_when: ('created' in pvc_create_output.stdout)
+- include_tasks: pvc.yml
+ vars:
+ l_extra_persistent_volume_claims: "{{ openshift_persistent_volume_claims_extras | union(glusterfs_pvc) }}"
+ persistent_volume_claims: "{{ l_pv_pvcs_list.persistent_volume_claims | union(l_extra_persistent_volume_claims) }}"
- name: Delete temp directory
file:
diff --git a/roles/openshift_persistent_volumes/tasks/pv.yml b/roles/openshift_persistent_volumes/tasks/pv.yml
new file mode 100644
index 000000000..346605ff7
--- /dev/null
+++ b/roles/openshift_persistent_volumes/tasks/pv.yml
@@ -0,0 +1,17 @@
+---
+- name: Deploy PersistentVolume definitions
+ template:
+ dest: "{{ mktemp.stdout }}/persistent-volumes.yml"
+ src: persistent-volume.yml.j2
+ when: persistent_volumes | length > 0
+ changed_when: False
+
+- name: Create PersistentVolumes
+ command: >
+ {{ openshift.common.client_binary }} create
+ -f {{ mktemp.stdout }}/persistent-volumes.yml
+ --config={{ mktemp.stdout }}/admin.kubeconfig
+ register: pv_create_output
+ when: persistent_volumes | length > 0
+ failed_when: ('already exists' not in pv_create_output.stderr) and ('created' not in pv_create_output.stdout)
+ changed_when: ('created' in pv_create_output.stdout)
diff --git a/roles/openshift_persistent_volumes/tasks/pvc.yml b/roles/openshift_persistent_volumes/tasks/pvc.yml
new file mode 100644
index 000000000..e44f9b18f
--- /dev/null
+++ b/roles/openshift_persistent_volumes/tasks/pvc.yml
@@ -0,0 +1,17 @@
+---
+- name: Deploy PersistentVolumeClaim definitions
+ template:
+ dest: "{{ mktemp.stdout }}/persistent-volume-claims.yml"
+ src: persistent-volume-claim.yml.j2
+ when: persistent_volume_claims | length > 0
+ changed_when: False
+
+- name: Create PersistentVolumeClaims
+ command: >
+ {{ openshift.common.client_binary }} create
+ -f {{ mktemp.stdout }}/persistent-volume-claims.yml
+ --config={{ mktemp.stdout }}/admin.kubeconfig
+ register: pvc_create_output
+ when: persistent_volume_claims | length > 0
+ failed_when: ('already exists' not in pvc_create_output.stderr) and ('created' not in pvc_create_output.stdout)
+ changed_when: ('created' in pvc_create_output.stdout)
diff --git a/roles/openshift_persistent_volumes/templates/persistent-volume-claim.yml.j2 b/roles/openshift_persistent_volumes/templates/persistent-volume-claim.yml.j2
index d40417a9a..fac589a92 100644
--- a/roles/openshift_persistent_volumes/templates/persistent-volume-claim.yml.j2
+++ b/roles/openshift_persistent_volumes/templates/persistent-volume-claim.yml.j2
@@ -8,7 +8,7 @@ items:
metadata:
name: "{{ claim.name }}"
spec:
- accessModes: {{ claim.access_modes | to_padded_yaml(2, 2) }}
+ accessModes: {{ claim.access_modes | lib_utils_to_padded_yaml(2, 2) }}
resources:
requests:
storage: "{{ claim.capacity }}"
diff --git a/roles/openshift_persistent_volumes/templates/persistent-volume.yml.j2 b/roles/openshift_persistent_volumes/templates/persistent-volume.yml.j2
index 9c5103597..354561432 100644
--- a/roles/openshift_persistent_volumes/templates/persistent-volume.yml.j2
+++ b/roles/openshift_persistent_volumes/templates/persistent-volume.yml.j2
@@ -9,13 +9,13 @@ items:
name: "{{ volume.name }}"
{% if volume.labels is defined and volume.labels is mapping %}
labels:
-{% for key,value in volume.labels.iteritems() %}
+{% for key,value in volume.labels.items() %}
{{ key }}: {{ value }}
{% endfor %}
{% endif %}
spec:
capacity:
storage: "{{ volume.capacity }}"
- accessModes: {{ volume.access_modes | to_padded_yaml(2, 2) }}
- {{ volume.storage.keys()[0] }}: {{ volume.storage[volume.storage.keys()[0]] | to_padded_yaml(3, 2) }}
+ accessModes: {{ volume.access_modes | lib_utils_to_padded_yaml(2, 2) }}
+ {{ (volume.storage.keys() | list)[0] }}: {{ volume.storage[(volume.storage.keys() | list)[0]] | lib_utils_to_padded_yaml(3, 2) }}
{% endfor %}
diff --git a/roles/openshift_project_request_template/README.md b/roles/openshift_project_request_template/README.md
new file mode 100644
index 000000000..81c3aca5c
--- /dev/null
+++ b/roles/openshift_project_request_template/README.md
@@ -0,0 +1,33 @@
+OpenShift Project Request Template
+==================================
+
+Configure template used when creating new projects. If enabled only the template is managed. It must still be enabled in the OpenShift master configuration. The base template is created using `oc adm create-bootstrap-project-template` and can be modified by setting `openshift_project_request_template_edits`.
+
+
+Requirements
+------------
+
+
+Role Variables
+--------------
+
+From this role:
+
+| Name | Default value | Description |
+|----------------------------------------------|-----------------|------------------------------------------------|
+| openshift_project_request_template_manage | false | Whether to manage the project request template |
+| openshift_project_request_template_namespace | default | Namespace for template |
+| openshift_project_request_template_name | project-request | Template name |
+| openshift_project_request_template_edits | [] | Changes for template |
+
+
+Dependencies
+------------
+
+* lib_utils
+
+
+License
+-------
+
+Apache License Version 2.0
diff --git a/roles/openshift_project_request_template/defaults/main.yml b/roles/openshift_project_request_template/defaults/main.yml
new file mode 100644
index 000000000..2dab6f99e
--- /dev/null
+++ b/roles/openshift_project_request_template/defaults/main.yml
@@ -0,0 +1,5 @@
+---
+openshift_project_request_template_manage: false
+openshift_project_request_template_namespace: default
+openshift_project_request_template_name: project-request
+openshift_project_request_template_edits: []
diff --git a/roles/openshift_project_request_template/meta/main.yml b/roles/openshift_project_request_template/meta/main.yml
new file mode 100644
index 000000000..3bc6dfb45
--- /dev/null
+++ b/roles/openshift_project_request_template/meta/main.yml
@@ -0,0 +1,15 @@
+---
+galaxy_info:
+ author: Michael Hanselmann
+ description: Configure project request template
+ company: VSHN AG
+ license: Apache License, Version 2.0
+ min_ansible_version: 2.2
+ platforms:
+ - name: EL
+ versions:
+ - 7
+ categories:
+ - cloud
+dependencies:
+- role: lib_utils
diff --git a/roles/openshift_project_request_template/tasks/main.yml b/roles/openshift_project_request_template/tasks/main.yml
new file mode 100644
index 000000000..c31ee5795
--- /dev/null
+++ b/roles/openshift_project_request_template/tasks/main.yml
@@ -0,0 +1,40 @@
+---
+- name: Create temp file for template
+ command: mktemp /tmp/openshift-ansible-XXXXXX.yaml
+ register: mktemp
+ changed_when: False
+
+- name: Generate default project template
+ command: |
+ {{ openshift.common.client_binary | quote }} \
+ --config {{ openshift.common.config_base | quote }}/master/admin.kubeconfig \
+ --output yaml \
+ adm create-bootstrap-project-template \
+ --name {{ openshift_project_request_template_name | quote }}
+ register: default_project_template
+
+- name: Write default project template to file
+ copy:
+ mode=0600
+ content="{{ default_project_template.stdout }}"
+ dest="{{ mktemp.stdout }}"
+
+- name: Apply template modifications
+ yedit:
+ state: present
+ src: "{{ mktemp.stdout }}"
+ edits: "{{ openshift_project_request_template_edits }}"
+ when: "openshift_project_request_template_edits | length > 0"
+
+- name: Create or update project request template
+ command: |
+ {{ openshift.common.client_binary }} \
+ --config {{ openshift.common.config_base }}/master/admin.kubeconfig \
+ --namespace {{ openshift_project_request_template_namespace | quote }} \
+ apply --filename {{ mktemp.stdout }}
+
+- name: Delete temp file
+ file:
+ name: "{{ mktemp.stdout }}"
+ state: absent
+ changed_when: False
diff --git a/roles/openshift_prometheus/README.md b/roles/openshift_prometheus/README.md
index 92f74928c..1ebeacabf 100644
--- a/roles/openshift_prometheus/README.md
+++ b/roles/openshift_prometheus/README.md
@@ -23,15 +23,28 @@ For default values, see [`defaults/main.yaml`](defaults/main.yaml).
- `openshift_prometheus_<COMPONENT>_image_version`: specify image version for the component
+- `openshift_prometheus_args`: Modify or add arguments for prometheus application
+
+- `openshift_prometheus_hostname`: specify the hostname for the route to prometheus `prometheus-{{openshift_prometheus_namespace}}.{{openshift_master_default_subdomain}}`
+
+- `openshift_prometheus_alerts_hostname`: specify the hostname for the route to prometheus-alerts `prometheus_alerts-{{openshift_prometheus_namespace}}.{{openshift_master_default_subdomain}}`
+
+e.g
+```
+openshift_prometheus_args=['--storage.tsdb.retention=6h', '--storage.tsdb.min-block-duration=5s', '--storage.tsdb.max-block-duration=6m']
+```
+
## PVC related variables
Each prometheus component (prometheus, alertmanager, alertbuffer) can set pv claim by setting corresponding role variable:
```
openshift_prometheus_<COMPONENT>_storage_type: <VALUE> (pvc, emptydir)
+openshift_prometheus_<COMPONENT>_storage_class: <VALUE>
openshift_prometheus_<COMPONENT>_pvc_(name|size|access_modes|pv_selector): <VALUE>
```
e.g
```
openshift_prometheus_storage_type: pvc
+openshift_prometheus_storage_class: glusterfs-storage
openshift_prometheus_alertmanager_pvc_name: alertmanager
openshift_prometheus_alertbuffer_pvc_size: 10G
openshift_prometheus_pvc_access_modes: [ReadWriteOnce]
diff --git a/roles/openshift_prometheus/defaults/main.yaml b/roles/openshift_prometheus/defaults/main.yaml
index d217b90fb..e30108d2c 100644
--- a/roles/openshift_prometheus/defaults/main.yaml
+++ b/roles/openshift_prometheus/defaults/main.yaml
@@ -2,13 +2,20 @@
# defaults file for openshift_prometheus
openshift_prometheus_state: present
-openshift_prometheus_namespace: prometheus
+openshift_prometheus_namespace: openshift-metrics
+
+# defaults hosts for routes
+openshift_prometheus_hostname: prometheus-{{openshift_prometheus_namespace}}.{{openshift_master_default_subdomain}}
+openshift_prometheus_alerts_hostname: alerts-{{openshift_prometheus_namespace}}.{{openshift_master_default_subdomain}}
openshift_prometheus_node_selector: {"region":"infra"}
# additional prometheus rules file
openshift_prometheus_additional_rules_file: null
+#prometheus application arguments
+openshift_prometheus_args: ['--storage.tsdb.retention=6h', '--storage.tsdb.min-block-duration=2m']
+
# storage
# One of ['emptydir', 'pvc']
openshift_prometheus_storage_type: "emptydir"
@@ -16,6 +23,7 @@ openshift_prometheus_pvc_name: prometheus
openshift_prometheus_pvc_size: "{{ openshift_prometheus_storage_volume_size | default('10Gi') }}"
openshift_prometheus_pvc_access_modes: [ReadWriteOnce]
openshift_prometheus_pvc_pv_selector: "{{ openshift_prometheus_storage_labels | default({}) }}"
+openshift_prometheus_sc_name: "{{ openshift_prometheus_storage_class | default(None) }}"
# One of ['emptydir', 'pvc']
openshift_prometheus_alertmanager_storage_type: "emptydir"
@@ -23,6 +31,7 @@ openshift_prometheus_alertmanager_pvc_name: prometheus-alertmanager
openshift_prometheus_alertmanager_pvc_size: "{{ openshift_prometheus_alertmanager_storage_volume_size | default('10Gi') }}"
openshift_prometheus_alertmanager_pvc_access_modes: [ReadWriteOnce]
openshift_prometheus_alertmanager_pvc_pv_selector: "{{ openshift_prometheus_alertmanager_storage_labels | default({}) }}"
+openshift_prometheus_alertmanager_sc_name: "{{ openshift_prometheus_alertmanager_storage_class | default(None) }}"
# One of ['emptydir', 'pvc']
openshift_prometheus_alertbuffer_storage_type: "emptydir"
@@ -30,6 +39,7 @@ openshift_prometheus_alertbuffer_pvc_name: prometheus-alertbuffer
openshift_prometheus_alertbuffer_pvc_size: "{{ openshift_prometheus_alertbuffer_storage_volume_size | default('10Gi') }}"
openshift_prometheus_alertbuffer_pvc_access_modes: [ReadWriteOnce]
openshift_prometheus_alertbuffer_pvc_pv_selector: "{{ openshift_prometheus_alertbuffer_storage_labels | default({}) }}"
+openshift_prometheus_alertbuffer_sc_name: "{{ openshift_prometheus_alertbuffer_storage_class | default(None) }}"
# container resources
openshift_prometheus_cpu_limit: null
diff --git a/roles/openshift_prometheus/meta/main.yaml b/roles/openshift_prometheus/meta/main.yaml
index 33188bb7e..69c5e0ee2 100644
--- a/roles/openshift_prometheus/meta/main.yaml
+++ b/roles/openshift_prometheus/meta/main.yaml
@@ -15,5 +15,6 @@ galaxy_info:
categories:
- openshift
dependencies:
-- { role: lib_openshift }
-- { role: openshift_facts }
+- role: lib_openshift
+- role: openshift_facts
+- role: lib_utils
diff --git a/roles/openshift_prometheus/tasks/install_prometheus.yaml b/roles/openshift_prometheus/tasks/install_prometheus.yaml
index 00c3c1987..2fb1c08e5 100644
--- a/roles/openshift_prometheus/tasks/install_prometheus.yaml
+++ b/roles/openshift_prometheus/tasks/install_prometheus.yaml
@@ -3,20 +3,20 @@
# namespace
- name: Add prometheus project
oc_project:
- state: "{{ state }}"
+ state: present
name: "{{ openshift_prometheus_namespace }}"
- node_selector: "{{ openshift_prometheus_node_selector | oo_selector_to_string_list() }}"
+ node_selector: "{{ openshift_prometheus_node_selector | lib_utils_oo_selector_to_string_list() }}"
description: Prometheus
# secrets
- name: Set alert and prometheus secrets
oc_secret:
- state: "{{ state }}"
+ state: present
name: "{{ item }}-proxy"
namespace: "{{ openshift_prometheus_namespace }}"
contents:
- path: session_secret
- data: "{{ 43 | oo_random_word }}="
+ data: "{{ 43 | lib_utils_oo_random_word }}="
with_items:
- prometheus
- alerts
@@ -24,7 +24,7 @@
# serviceaccount
- name: create prometheus serviceaccount
oc_serviceaccount:
- state: "{{ state }}"
+ state: present
name: prometheus
namespace: "{{ openshift_prometheus_namespace }}"
# TODO add annotations when supproted
@@ -48,7 +48,7 @@
# create clusterrolebinding for prometheus serviceaccount
- name: Set cluster-reader permissions for prometheus
oc_adm_policy_user:
- state: "{{ state }}"
+ state: present
namespace: "{{ openshift_prometheus_namespace }}"
resource_kind: cluster-role
resource_name: cluster-reader
@@ -58,7 +58,7 @@
# TODO join into 1 task with loop
- name: Create prometheus service
oc_service:
- state: "{{ state }}"
+ state: present
name: "{{ item.name }}"
namespace: "{{ openshift_prometheus_namespace }}"
selector:
@@ -76,7 +76,7 @@
- name: Create alerts service
oc_service:
- state: "{{ state }}"
+ state: present
name: "{{ item.name }}"
namespace: "{{ openshift_prometheus_namespace }}"
selector:
@@ -111,14 +111,17 @@
# create prometheus and alerts routes
- name: create prometheus and alerts routes
oc_route:
- state: "{{ state }}"
+ state: present
name: "{{ item.name }}"
+ host: "{{ item.host }}"
namespace: "{{ openshift_prometheus_namespace }}"
service_name: "{{ item.name }}"
tls_termination: reencrypt
with_items:
- name: prometheus
+ host: "{{ openshift_prometheus_hostname }}"
- name: alerts
+ host: "{{ openshift_prometheus_alerts_hostname }}"
# Storage
- name: create prometheus pvc
@@ -128,6 +131,7 @@
access_modes: "{{ openshift_prometheus_pvc_access_modes }}"
volume_capacity: "{{ openshift_prometheus_pvc_size }}"
selector: "{{ openshift_prometheus_pvc_pv_selector }}"
+ storage_class_name: "{{ openshift_prometheus_sc_name }}"
when: openshift_prometheus_storage_type == 'pvc'
- name: create alertmanager pvc
@@ -137,6 +141,7 @@
access_modes: "{{ openshift_prometheus_alertmanager_pvc_access_modes }}"
volume_capacity: "{{ openshift_prometheus_alertmanager_pvc_size }}"
selector: "{{ openshift_prometheus_alertmanager_pvc_pv_selector }}"
+ storage_class_name: "{{ openshift_prometheus_alertmanager_sc_name }}"
when: openshift_prometheus_alertmanager_storage_type == 'pvc'
- name: create alertbuffer pvc
@@ -146,27 +151,9 @@
access_modes: "{{ openshift_prometheus_alertbuffer_pvc_access_modes }}"
volume_capacity: "{{ openshift_prometheus_alertbuffer_pvc_size }}"
selector: "{{ openshift_prometheus_alertbuffer_pvc_pv_selector }}"
+ storage_class_name: "{{ openshift_prometheus_alertbuffer_sc_name }}"
when: openshift_prometheus_alertbuffer_storage_type == 'pvc'
-# create prometheus stateful set
-- name: Set prometheus template
- template:
- src: prometheus.j2
- dest: "{{ tempdir }}/templates/prometheus.yaml"
- vars:
- namespace: "{{ openshift_prometheus_namespace }}"
-# prom_replicas: "{{ openshift_prometheus_replicas }}"
-
-- name: Set prometheus stateful set
- oc_obj:
- state: "{{ state }}"
- name: "prometheus"
- namespace: "{{ openshift_prometheus_namespace }}"
- kind: statefulset
- files:
- - "{{ tempdir }}/templates/prometheus.yaml"
- delete_after: true
-
# prometheus configmap
# Copy the additional rules file if it is defined
- name: Copy additional rules file to host
@@ -204,7 +191,7 @@
# In prometheus configmap create "additional.rules" section if file exists
- name: Set prometheus configmap
oc_configmap:
- state: "{{ state }}"
+ state: present
name: "prometheus"
namespace: "{{ openshift_prometheus_namespace }}"
from_file:
@@ -215,7 +202,7 @@
- name: Set prometheus configmap
oc_configmap:
- state: "{{ state }}"
+ state: present
name: "prometheus"
namespace: "{{ openshift_prometheus_namespace }}"
from_file:
@@ -231,8 +218,27 @@
- name: Set alertmanager configmap
oc_configmap:
- state: "{{ state }}"
+ state: present
name: "prometheus-alerts"
namespace: "{{ openshift_prometheus_namespace }}"
from_file:
alertmanager.yml: "{{ tempdir }}/alertmanager.yml"
+
+# create prometheus stateful set
+- name: Set prometheus template
+ template:
+ src: prometheus.j2
+ dest: "{{ tempdir }}/templates/prometheus.yaml"
+ vars:
+ namespace: "{{ openshift_prometheus_namespace }}"
+# prom_replicas: "{{ openshift_prometheus_replicas }}"
+
+- name: Set prometheus stateful set
+ oc_obj:
+ state: present
+ name: "prometheus"
+ namespace: "{{ openshift_prometheus_namespace }}"
+ kind: statefulset
+ files:
+ - "{{ tempdir }}/templates/prometheus.yaml"
+ delete_after: true
diff --git a/roles/openshift_prometheus/tasks/main.yaml b/roles/openshift_prometheus/tasks/main.yaml
index 332104d77..38798e1f5 100644
--- a/roles/openshift_prometheus/tasks/main.yaml
+++ b/roles/openshift_prometheus/tasks/main.yaml
@@ -2,20 +2,9 @@
- name: Set default image variables based on deployment_type
include_vars: "{{ item }}"
with_first_found:
- - "{{ openshift_deployment_type | default(deployment_type) }}.yml"
+ - "{{ openshift_deployment_type }}.yml"
- "default_images.yml"
-- name: Set image facts
- set_fact:
- openshift_prometheus_image_prefix: "{{ openshift_prometheus_image_prefix | default(__openshift_prometheus_image_prefix) }}"
- openshift_prometheus_image_version: "{{ openshift_prometheus_image_version | default(__openshift_prometheus_image_version) }}"
- openshift_prometheus_proxy_image_prefix: "{{ openshift_prometheus_proxy_image_prefix | default(openshift_prometheus_image_prefix) }}"
- openshift_prometheus_proxy_image_version: "{{ openshift_prometheus_proxy_image_version | default(__openshift_prometheus_proxy_image_version) }}"
- openshift_prometheus_alertmanager_image_prefix: "{{ openshift_prometheus_altermanager_image_prefix | default(openshift_prometheus_image_prefix) }}"
- openshift_prometheus_alertmanager_image_version: "{{ openshift_prometheus_alertmanager_image_version | default(__openshift_prometheus_alertmanager_image_version) }}"
- openshift_prometheus_alertbuffer_image_prefix: "{{ openshift_prometheus_alertbuffer_image_prefix | default(openshift_prometheus_image_prefix) }}"
- openshift_prometheus_alertbuffer_image_version: "{{ openshift_prometheus_alertbuffer_image_version | default(__openshift_prometheus_alertbuffer_image_version) }}"
-
- name: Create temp directory for doing work in on target
command: mktemp -td openshift-prometheus-ansible-XXXXXX
register: mktemp
@@ -31,9 +20,11 @@
mode: 0755
changed_when: False
-- include: install_prometheus.yaml
- vars:
- state: "{{ openshift_prometheus_state }}"
+- include_tasks: install_prometheus.yaml
+ when: openshift_prometheus_state == 'present'
+
+- include_tasks: uninstall_prometheus.yaml
+ when: openshift_prometheus_state == 'absent'
- name: Delete temp directory
file:
diff --git a/roles/openshift_prometheus/tasks/uninstall_prometheus.yaml b/roles/openshift_prometheus/tasks/uninstall_prometheus.yaml
new file mode 100644
index 000000000..d746402db
--- /dev/null
+++ b/roles/openshift_prometheus/tasks/uninstall_prometheus.yaml
@@ -0,0 +1,7 @@
+---
+
+# remove namespace - This will delete all the objects inside the namespace
+- name: Remove prometheus project
+ oc_project:
+ state: absent
+ name: "{{ openshift_prometheus_namespace }}"
diff --git a/roles/openshift_prometheus/templates/prometheus.j2 b/roles/openshift_prometheus/templates/prometheus.j2
index 916c57aa2..d780550b8 100644
--- a/roles/openshift_prometheus/templates/prometheus.j2
+++ b/roles/openshift_prometheus/templates/prometheus.j2
@@ -22,29 +22,29 @@ spec:
serviceAccountName: prometheus
{% if openshift_prometheus_node_selector is iterable and openshift_prometheus_node_selector | length > 0 %}
nodeSelector:
-{% for key, value in openshift_prometheus_node_selector.iteritems() %}
- {{key}}: "{{value}}"
+{% for key, value in openshift_prometheus_node_selector.items() %}
+ {{ key }}: "{{ value }}"
{% endfor %}
{% endif %}
containers:
# Deploy Prometheus behind an oauth proxy
- name: prom-proxy
- image: "{{openshift_prometheus_proxy_image_prefix}}oauth-proxy:{{openshift_prometheus_proxy_image_version}}"
+ image: "{{ l_openshift_prometheus_proxy_image_prefix }}oauth-proxy:{{ l_openshift_prometheus_proxy_image_version }}"
imagePullPolicy: IfNotPresent
resources:
requests:
{% if openshift_prometheus_oauth_proxy_memory_requests is defined and openshift_prometheus_oauth_proxy_memory_requests is not none %}
- memory: "{{openshift_prometheus_oauth_proxy_memory_requests}}"
+ memory: "{{ openshift_prometheus_oauth_proxy_memory_requests }}"
{% endif %}
{% if openshift_prometheus_oauth_proxy_cpu_requests is defined and openshift_prometheus_oauth_proxy_cpu_requests is not none %}
- cpu: "{{openshift_prometheus_oauth_proxy_cpu_requests}}"
+ cpu: "{{ openshift_prometheus_oauth_proxy_cpu_requests }}"
{% endif %}
limits:
{% if openshift_prometheus_oauth_proxy_memory_limit is defined and openshift_prometheus_oauth_proxy_memory_limit is not none %}
- memory: "{{openshift_prometheus_oauth_proxy_memory_limit}}"
+ memory: "{{ openshift_prometheus_oauth_proxy_memory_limit }}"
{% endif %}
{% if openshift_prometheus_oauth_proxy_cpu_limit is defined and openshift_prometheus_oauth_proxy_cpu_limit is not none %}
- cpu: "{{openshift_prometheus_oauth_proxy_cpu_limit}}"
+ cpu: "{{ openshift_prometheus_oauth_proxy_cpu_limit }}"
{% endif %}
ports:
- containerPort: 8443
@@ -75,26 +75,27 @@ spec:
- name: prometheus
args:
- - --storage.tsdb.retention=6h
- - --storage.tsdb.min-block-duration=2m
+{% for arg in openshift_prometheus_args %}
+ - {{ arg }}
+{% endfor %}
- --config.file=/etc/prometheus/prometheus.yml
- --web.listen-address=localhost:9090
- image: "{{openshift_prometheus_image_prefix}}prometheus:{{openshift_prometheus_image_version}}"
+ image: "{{ l_openshift_prometheus_image_prefix }}prometheus:{{ l_openshift_prometheus_image_version }}"
imagePullPolicy: IfNotPresent
resources:
requests:
{% if openshift_prometheus_memory_requests is defined and openshift_prometheus_memory_requests is not none %}
- memory: "{{openshift_prometheus_memory_requests}}"
+ memory: "{{ openshift_prometheus_memory_requests }}"
{% endif %}
{% if openshift_prometheus_cpu_requests is defined and openshift_prometheus_cpu_requests is not none %}
- cpu: "{{openshift_prometheus_cpu_requests}}"
+ cpu: "{{ openshift_prometheus_cpu_requests }}"
{% endif %}
limits:
{% if openshift_prometheus_memory_limit is defined and openshift_prometheus_memory_limit is not none %}
memory: "{{ openshift_prometheus_memory_limit }}"
{% endif %}
{% if openshift_prometheus_cpu_limit is defined and openshift_prometheus_cpu_limit is not none %}
- cpu: "{{openshift_prometheus_cpu_limit}}"
+ cpu: "{{ openshift_prometheus_cpu_limit }}"
{% endif %}
volumeMounts:
@@ -105,22 +106,22 @@ spec:
# Deploy alertmanager behind prometheus-alert-buffer behind an oauth proxy
- name: alerts-proxy
- image: "{{openshift_prometheus_proxy_image_prefix}}oauth-proxy:{{openshift_prometheus_proxy_image_version}}"
+ image: "{{ l_openshift_prometheus_proxy_image_prefix }}oauth-proxy:{{ l_openshift_prometheus_proxy_image_version }}"
imagePullPolicy: IfNotPresent
resources:
requests:
{% if openshift_prometheus_oauth_proxy_memory_requests is defined and openshift_prometheus_oauth_proxy_memory_requests is not none %}
- memory: "{{openshift_prometheus_oauth_proxy_memory_requests}}"
+ memory: "{{ openshift_prometheus_oauth_proxy_memory_requests }}"
{% endif %}
{% if openshift_prometheus_oauth_proxy_cpu_requests is defined and openshift_prometheus_oauth_proxy_cpu_requests is not none %}
- cpu: "{{openshift_prometheus_oauth_proxy_cpu_requests}}"
+ cpu: "{{ openshift_prometheus_oauth_proxy_cpu_requests }}"
{% endif %}
limits:
{% if openshift_prometheus_oauth_proxy_memory_limit is defined and openshift_prometheus_oauth_proxy_memory_limit is not none %}
- memory: "{{openshift_prometheus_oauth_proxy_memory_limit}}"
+ memory: "{{ openshift_prometheus_oauth_proxy_memory_limit }}"
{% endif %}
{% if openshift_prometheus_oauth_proxy_cpu_limit is defined and openshift_prometheus_oauth_proxy_cpu_limit is not none %}
- cpu: "{{openshift_prometheus_oauth_proxy_cpu_limit}}"
+ cpu: "{{ openshift_prometheus_oauth_proxy_cpu_limit }}"
{% endif %}
ports:
- containerPort: 9443
@@ -149,22 +150,22 @@ spec:
- name: alert-buffer
args:
- --storage-path=/alert-buffer/messages.db
- image: "{{openshift_prometheus_alertbuffer_image_prefix}}prometheus-alert-buffer:{{openshift_prometheus_alertbuffer_image_version}}"
+ image: "{{ l_openshift_prometheus_alertbuffer_image_prefix }}prometheus-alert-buffer:{{ l_openshift_prometheus_alertbuffer_image_version }}"
imagePullPolicy: IfNotPresent
resources:
requests:
{% if openshift_prometheus_alertbuffer_memory_requests is defined and openshift_prometheus_alertbuffer_memory_requests is not none %}
- memory: "{{openshift_prometheus_alertbuffer_memory_requests}}"
+ memory: "{{ openshift_prometheus_alertbuffer_memory_requests }}"
{% endif %}
{% if openshift_prometheus_alertbuffer_cpu_requests is defined and openshift_prometheus_alertbuffer_cpu_requests is not none %}
- cpu: "{{openshift_prometheus_alertbuffer_cpu_requests}}"
+ cpu: "{{ openshift_prometheus_alertbuffer_cpu_requests }}"
{% endif %}
limits:
{% if openshift_prometheus_alertbuffer_memory_limit is defined and openshift_prometheus_alertbuffer_memory_limit is not none %}
- memory: "{{openshift_prometheus_alertbuffer_memory_limit}}"
+ memory: "{{ openshift_prometheus_alertbuffer_memory_limit }}"
{% endif %}
{% if openshift_prometheus_alertbuffer_cpu_limit is defined and openshift_prometheus_alertbuffer_cpu_limit is not none %}
- cpu: "{{openshift_prometheus_alertbuffer_cpu_limit}}"
+ cpu: "{{ openshift_prometheus_alertbuffer_cpu_limit }}"
{% endif %}
volumeMounts:
- mountPath: /alert-buffer
@@ -176,22 +177,22 @@ spec:
- name: alertmanager
args:
- -config.file=/etc/alertmanager/alertmanager.yml
- image: "{{openshift_prometheus_alertmanager_image_prefix}}prometheus-alertmanager:{{openshift_prometheus_alertmanager_image_version}}"
+ image: "{{ l_openshift_prometheus_alertmanager_image_prefix }}prometheus-alertmanager:{{ l_openshift_prometheus_alertmanager_image_version }}"
imagePullPolicy: IfNotPresent
resources:
requests:
{% if openshift_prometheus_alertmanager_memory_requests is defined and openshift_prometheus_alertmanager_memory_requests is not none %}
- memory: "{{openshift_prometheus_alertmanager_memory_requests}}"
+ memory: "{{ openshift_prometheus_alertmanager_memory_requests }}"
{% endif %}
{% if openshift_prometheus_alertmanager_cpu_requests is defined and openshift_prometheus_alertmanager_cpu_requests is not none %}
- cpu: "{{openshift_prometheus_alertmanager_cpu_requests}}"
+ cpu: "{{ openshift_prometheus_alertmanager_cpu_requests }}"
{% endif %}
limits:
{% if openshift_prometheus_alertmanager_memory_limit is defined and openshift_prometheus_alertmanager_memory_limit is not none %}
- memory: "{{openshift_prometheus_alertmanager_memory_limit}}"
+ memory: "{{ openshift_prometheus_alertmanager_memory_limit }}"
{% endif %}
{% if openshift_prometheus_alertmanager_cpu_limit is defined and openshift_prometheus_alertmanager_cpu_limit is not none %}
- cpu: "{{openshift_prometheus_alertmanager_cpu_limit}}"
+ cpu: "{{ openshift_prometheus_alertmanager_cpu_limit }}"
{% endif %}
ports:
- containerPort: 9093
diff --git a/roles/openshift_prometheus/vars/default_images.yml b/roles/openshift_prometheus/vars/default_images.yml
index 4092eb2d4..31f6c1bb1 100644
--- a/roles/openshift_prometheus/vars/default_images.yml
+++ b/roles/openshift_prometheus/vars/default_images.yml
@@ -1,7 +1,12 @@
---
-# image defaults
-__openshift_prometheus_image_prefix: "openshift/"
-__openshift_prometheus_image_version: "v2.0.0-dev.3"
-__openshift_prometheus_proxy_image_version: "v1.0.0"
-__openshift_prometheus_alertmanager_image_version: "v0.9.1"
-__openshift_prometheus_alertbuffer_image_version: "v0.0.2"
+# image prefix defaults
+l_openshift_prometheus_image_prefix: "{{ openshift_prometheus_image_prefix | default('openshift/') }}"
+l_openshift_prometheus_proxy_image_prefix: "{{ openshift_prometheus_proxy_image_prefix | default(l_openshift_prometheus_image_prefix) }}"
+l_openshift_prometheus_alertmanager_image_prefix: "{{ openshift_prometheus_altermanager_image_prefix | default(l_openshift_prometheus_image_prefix) }}"
+l_openshift_prometheus_alertbuffer_image_prefix: "{{ openshift_prometheus_alertbuffer_image_prefix | default(l_openshift_prometheus_image_prefix) }}"
+
+# image version defaults
+l_openshift_prometheus_image_version: "{{ openshift_prometheus_image_version | default('v2.0.0') }}"
+l_openshift_prometheus_proxy_image_version: "{{ openshift_prometheus_proxy_image_version | default('v1.0.0') }}"
+l_openshift_prometheus_alertmanager_image_version: "{{ openshift_prometheus_alertmanager_image_version | default('v0.9.1') }}"
+l_openshift_prometheus_alertbuffer_image_version: "{{ openshift_prometheus_alertbuffer_image_version | default('v0.0.2') }}"
diff --git a/roles/openshift_prometheus/vars/openshift-enterprise.yml b/roles/openshift_prometheus/vars/openshift-enterprise.yml
index 0b45e03d3..9bb4c99bb 100644
--- a/roles/openshift_prometheus/vars/openshift-enterprise.yml
+++ b/roles/openshift_prometheus/vars/openshift-enterprise.yml
@@ -1,7 +1,12 @@
---
-# image defaults
-__openshift_prometheus_image_prefix: "registry.access.redhat.com/openshift3/"
-__openshift_prometheus_image_version: "v3.7"
-__openshift_prometheus_proxy_image_version: "v3.7"
-__openshift_prometheus_alertmanager_image_version: "v3.7"
-__openshift_prometheus_alertbuffer_image_version: "v3.7"
+# image prefix defaults
+l_openshift_prometheus_image_prefix: "{{ openshift_prometheus_image_prefix | default('registry.access.redhat.com/openshift3/') }}"
+l_openshift_prometheus_proxy_image_prefix: "{{ openshift_prometheus_proxy_image_prefix | default(l_openshift_prometheus_image_prefix) }}"
+l_openshift_prometheus_alertmanager_image_prefix: "{{ openshift_prometheus_altermanager_image_prefix | default(l_openshift_prometheus_image_prefix) }}"
+l_openshift_prometheus_alertbuffer_image_prefix: "{{ openshift_prometheus_alertbuffer_image_prefix | default(l_openshift_prometheus_image_prefix) }}"
+
+# image version defaults
+l_openshift_prometheus_image_version: "{{ openshift_prometheus_image_version | default('v3.7') }}"
+l_openshift_prometheus_proxy_image_version: "{{ openshift_prometheus_proxy_image_version | default('v3.7') }}"
+l_openshift_prometheus_alertmanager_image_version: "{{ openshift_prometheus_alertmanager_image_version | default('v3.7') }}"
+l_openshift_prometheus_alertbuffer_image_version: "{{ openshift_prometheus_alertbuffer_image_version | default('v3.7') }}"
diff --git a/roles/openshift_provisioners/meta/main.yaml b/roles/openshift_provisioners/meta/main.yaml
index cb9278eb7..5ef352bcd 100644
--- a/roles/openshift_provisioners/meta/main.yaml
+++ b/roles/openshift_provisioners/meta/main.yaml
@@ -14,3 +14,4 @@ galaxy_info:
dependencies:
- role: lib_openshift
- role: openshift_facts
+- role: lib_utils
diff --git a/roles/openshift_provisioners/tasks/install_efs.yaml b/roles/openshift_provisioners/tasks/install_efs.yaml
index 6e8792446..e543d753c 100644
--- a/roles/openshift_provisioners/tasks/install_efs.yaml
+++ b/roles/openshift_provisioners/tasks/install_efs.yaml
@@ -66,7 +66,7 @@
- name: "Set anyuid permissions for efs"
command: >
- {{ openshift.common.admin_binary}} --config={{ mktemp.stdout }}/admin.kubeconfig policy
+ {{ openshift.common.client_binary}} adm --config={{ mktemp.stdout }}/admin.kubeconfig policy
add-scc-to-user anyuid system:serviceaccount:{{openshift_provisioners_project}}:provisioners-efs
register: efs_output
failed_when: efs_output.rc == 1 and 'exists' not in efs_output.stderr
diff --git a/roles/openshift_provisioners/tasks/install_provisioners.yaml b/roles/openshift_provisioners/tasks/install_provisioners.yaml
index 324fdcc82..2d1217c74 100644
--- a/roles/openshift_provisioners/tasks/install_provisioners.yaml
+++ b/roles/openshift_provisioners/tasks/install_provisioners.yaml
@@ -16,10 +16,10 @@
when: (openshift_provisioners_efs | bool) and openshift_provisioners_efs_aws_secret_access_key is not defined
- name: Install support
- include: install_support.yaml
+ include_tasks: install_support.yaml
- name: Install EFS
- include: install_efs.yaml
+ include_tasks: install_efs.yaml
when: openshift_provisioners_efs | bool
- find: paths={{ mktemp.stdout }}/templates patterns=*.yaml
@@ -32,7 +32,7 @@
changed_when: no
- name: Create objects
- include: oc_apply.yaml
+ include_tasks: oc_apply.yaml
vars:
- kubeconfig: "{{ mktemp.stdout }}/admin.kubeconfig"
- namespace: "{{ openshift_provisioners_project }}"
@@ -51,5 +51,5 @@
when: ansible_check_mode
- name: Scaling up cluster
- include: start_cluster.yaml
+ include_tasks: start_cluster.yaml
when: start_cluster | default(true) | bool
diff --git a/roles/openshift_provisioners/tasks/install_support.yaml b/roles/openshift_provisioners/tasks/install_support.yaml
index d6db81ab9..93c4c394d 100644
--- a/roles/openshift_provisioners/tasks/install_support.yaml
+++ b/roles/openshift_provisioners/tasks/install_support.yaml
@@ -10,8 +10,8 @@
changed_when: False
check_mode: no
-- include: generate_secrets.yaml
+- include_tasks: generate_secrets.yaml
-- include: generate_clusterrolebindings.yaml
+- include_tasks: generate_clusterrolebindings.yaml
-- include: generate_serviceaccounts.yaml
+- include_tasks: generate_serviceaccounts.yaml
diff --git a/roles/openshift_provisioners/tasks/main.yaml b/roles/openshift_provisioners/tasks/main.yaml
index a50c78c97..4ba26b2b8 100644
--- a/roles/openshift_provisioners/tasks/main.yaml
+++ b/roles/openshift_provisioners/tasks/main.yaml
@@ -12,10 +12,10 @@
check_mode: no
tags: provisioners_init
-- include: "{{ role_path }}/tasks/install_provisioners.yaml"
+- include_tasks: install_provisioners.yaml
when: openshift_provisioners_install_provisioners | default(false) | bool
-- include: "{{ role_path }}/tasks/uninstall_provisioners.yaml"
+- include_tasks: uninstall_provisioners.yaml
when: not openshift_provisioners_install_provisioners | default(false) | bool
- name: Delete temp directory
diff --git a/roles/openshift_provisioners/tasks/uninstall_provisioners.yaml b/roles/openshift_provisioners/tasks/uninstall_provisioners.yaml
index 0be4bc7d2..602dee773 100644
--- a/roles/openshift_provisioners/tasks/uninstall_provisioners.yaml
+++ b/roles/openshift_provisioners/tasks/uninstall_provisioners.yaml
@@ -1,6 +1,6 @@
---
- name: stop provisioners
- include: stop_cluster.yaml
+ include_tasks: stop_cluster.yaml
# delete the deployment objects that we had created
- name: delete provisioner api objects
diff --git a/roles/openshift_provisioners/templates/clusterrolebinding.j2 b/roles/openshift_provisioners/templates/clusterrolebinding.j2
index 994afa32d..1f26c93a4 100644
--- a/roles/openshift_provisioners/templates/clusterrolebinding.j2
+++ b/roles/openshift_provisioners/templates/clusterrolebinding.j2
@@ -4,7 +4,7 @@ metadata:
name: {{obj_name}}
{% if labels is defined%}
labels:
-{% for key, value in labels.iteritems() %}
+{% for key, value in labels.items() %}
{{key}}: {{value}}
{% endfor %}
{% endif %}
diff --git a/roles/openshift_provisioners/templates/efs.j2 b/roles/openshift_provisioners/templates/efs.j2
index 81b9ccca5..37fd02977 100644
--- a/roles/openshift_provisioners/templates/efs.j2
+++ b/roles/openshift_provisioners/templates/efs.j2
@@ -22,7 +22,7 @@ spec:
serviceAccountName: "{{deploy_serviceAccount}}"
{% if node_selector is iterable and node_selector | length > 0 %}
nodeSelector:
-{% for key, value in node_selector.iteritems() %}
+{% for key, value in node_selector.items() %}
{{key}}: "{{value}}"
{% endfor %}
{% endif %}
diff --git a/roles/openshift_provisioners/templates/pv.j2 b/roles/openshift_provisioners/templates/pv.j2
index f81b1617a..b648cd15e 100644
--- a/roles/openshift_provisioners/templates/pv.j2
+++ b/roles/openshift_provisioners/templates/pv.j2
@@ -4,13 +4,13 @@ metadata:
name: {{obj_name}}
{% if annotations is defined %}
annotations:
-{% for key,value in annotations.iteritems() %}
+{% for key,value in annotations.items() %}
{{key}}: {{value}}
{% endfor %}
{% endif %}
{% if labels is defined%}
labels:
-{% for key, value in labels.iteritems() %}
+{% for key, value in labels.items() %}
{{key}}: {{value}}
{% endfor %}
{% endif %}
diff --git a/roles/openshift_provisioners/templates/pvc.j2 b/roles/openshift_provisioners/templates/pvc.j2
index 0dd8772eb..0a88b7c88 100644
--- a/roles/openshift_provisioners/templates/pvc.j2
+++ b/roles/openshift_provisioners/templates/pvc.j2
@@ -4,7 +4,7 @@ metadata:
name: {{obj_name}}
{% if annotations is defined %}
annotations:
-{% for key,value in annotations.iteritems() %}
+{% for key,value in annotations.items() %}
{{key}}: {{value}}
{% endfor %}
{% endif %}
@@ -12,7 +12,7 @@ spec:
{% if pv_selector is defined and pv_selector is mapping %}
selector:
matchLabels:
-{% for key,value in pv_selector.iteritems() %}
+{% for key,value in pv_selector.items() %}
{{key}}: {{value}}
{% endfor %}
{% endif %}
diff --git a/roles/openshift_provisioners/templates/secret.j2 b/roles/openshift_provisioners/templates/secret.j2
index 78824095b..2fbb28829 100644
--- a/roles/openshift_provisioners/templates/secret.j2
+++ b/roles/openshift_provisioners/templates/secret.j2
@@ -4,7 +4,7 @@ metadata:
name: {{obj_name}}
{% if labels is defined%}
labels:
-{% for key, value in labels.iteritems() %}
+{% for key, value in labels.items() %}
{{key}}: {{value}}
{% endfor %}
{% endif %}
diff --git a/roles/openshift_provisioners/templates/serviceaccount.j2 b/roles/openshift_provisioners/templates/serviceaccount.j2
index b22acc594..ea19f17d7 100644
--- a/roles/openshift_provisioners/templates/serviceaccount.j2
+++ b/roles/openshift_provisioners/templates/serviceaccount.j2
@@ -4,7 +4,7 @@ metadata:
name: {{obj_name}}
{% if labels is defined%}
labels:
-{% for key, value in labels.iteritems() %}
+{% for key, value in labels.items() %}
{{key}}: {{value}}
{% endfor %}
{% endif %}
diff --git a/roles/openshift_repos/tasks/main.yaml b/roles/openshift_repos/tasks/main.yaml
index 95ba9fe4c..35206049f 100644
--- a/roles/openshift_repos/tasks/main.yaml
+++ b/roles/openshift_repos/tasks/main.yaml
@@ -9,6 +9,8 @@
# TODO: This needs to be removed and placed into a role
- name: Ensure libselinux-python is installed
package: name=libselinux-python state=present
+ register: result
+ until: result is succeeded
- name: Remove openshift_additional.repo file
file:
@@ -35,7 +37,14 @@
- when: r_openshift_repos_has_run is not defined
block:
- - include: centos_repos.yml
+ - include_tasks: rhel_repos.yml
+ when:
+ - ansible_distribution == 'RedHat'
+ - deployment_type == 'openshift-enterprise'
+ - rhsub_user is defined
+ - rhsub_pass is defined
+
+ - include_tasks: centos_repos.yml
when:
- ansible_os_family == "RedHat"
- ansible_distribution != "Fedora"
diff --git a/roles/openshift_repos/tasks/rhel_repos.yml b/roles/openshift_repos/tasks/rhel_repos.yml
new file mode 100644
index 000000000..8d16629cc
--- /dev/null
+++ b/roles/openshift_repos/tasks/rhel_repos.yml
@@ -0,0 +1,33 @@
+---
+- name: Ensure RHEL rhui repositories are disabled
+ command: bash -c "yum -q --noplugins repolist | grep -v 'repo id' | grep 'rhui'"
+ register: repo_rhui
+ changed_when: "repo_rhui.rc != 1"
+ failed_when: repo_rhui.rc == 11
+
+- name: Disable RHEL rhui repositories
+ command: yum-config-manager \
+ --disable 'rhui-REGION-client-config-server-7' \
+ --disable 'rhui-REGION-rhel-server-rh-common' \
+ --disable 'rhui-REGION-rhel-server-releases'
+ when: repo_rhui.changed
+
+- name: Ensure RHEL repositories are enabled
+ command: bash -c "yum -q --noplugins repolist | grep -v 'repo id' | grep 'Red Hat' | wc -l"
+ register: repo_rhel
+ changed_when: "'4' not in repo_rhel.stdout"
+ failed_when: repo_rhel.rc == 11
+
+- name: Disable all repositories
+ command: bash -c "subscription-manager repos --disable='*'"
+ when: repo_rhel.changed
+
+- name: Enable RHEL repositories
+ command: subscription-manager repos \
+ --enable="rhel-7-server-rpms" \
+ --enable="rhel-7-server-extras-rpms" \
+ --enable="rhel-7-server-ose-{{ (openshift_release | default('')).split('.')[0:2] | join('.') }}-rpms" \
+ --enable="rhel-7-fast-datapath-rpms"
+ register: subscribe_repos
+ until: subscribe_repos | succeeded
+ when: repo_rhel.changed
diff --git a/roles/openshift_repos/templates/CentOS-OpenShift-Origin37.repo.j2 b/roles/openshift_repos/templates/CentOS-OpenShift-Origin37.repo.j2
new file mode 100644
index 000000000..db214af2c
--- /dev/null
+++ b/roles/openshift_repos/templates/CentOS-OpenShift-Origin37.repo.j2
@@ -0,0 +1,27 @@
+[centos-openshift-origin37]
+name=CentOS OpenShift Origin
+baseurl=http://mirror.centos.org/centos/7/paas/x86_64/openshift-origin37/
+enabled=1
+gpgcheck=1
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-PaaS
+
+[centos-openshift-origin37-testing]
+name=CentOS OpenShift Origin Testing
+baseurl=http://buildlogs.centos.org/centos/7/paas/x86_64/openshift-origin37/
+enabled={{ 1 if openshift_repos_enable_testing else 0 }}
+gpgcheck=0
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-PaaS
+
+[centos-openshift-origin37-debuginfo]
+name=CentOS OpenShift Origin DebugInfo
+baseurl=http://debuginfo.centos.org/centos/7/paas/x86_64/
+enabled=0
+gpgcheck=1
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-PaaS
+
+[centos-openshift-origin37-source]
+name=CentOS OpenShift Origin Source
+baseurl=http://vault.centos.org/centos/7/paas/Source/openshift-origin37/
+enabled=0
+gpgcheck=1
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-PaaS
diff --git a/roles/openshift_sanitize_inventory/meta/main.yml b/roles/openshift_sanitize_inventory/meta/main.yml
index f5b37186e..324ba06d8 100644
--- a/roles/openshift_sanitize_inventory/meta/main.yml
+++ b/roles/openshift_sanitize_inventory/meta/main.yml
@@ -12,4 +12,5 @@ galaxy_info:
categories:
- cloud
- system
-dependencies: []
+dependencies:
+- role: lib_utils
diff --git a/roles/openshift_sanitize_inventory/tasks/deprecations.yml b/roles/openshift_sanitize_inventory/tasks/deprecations.yml
index 94d3acffc..795b8ee60 100644
--- a/roles/openshift_sanitize_inventory/tasks/deprecations.yml
+++ b/roles/openshift_sanitize_inventory/tasks/deprecations.yml
@@ -16,6 +16,6 @@
# for with_fileglob Ansible resolves the path relative to the roles/<rolename>/files directory
- name: Assign deprecated variables to correct counterparts
- include: "{{ item }}"
+ include_tasks: "{{ item }}"
with_fileglob:
- "../tasks/__deprecations_*.yml"
diff --git a/roles/openshift_sanitize_inventory/tasks/main.yml b/roles/openshift_sanitize_inventory/tasks/main.yml
index 70b236033..651d896cf 100644
--- a/roles/openshift_sanitize_inventory/tasks/main.yml
+++ b/roles/openshift_sanitize_inventory/tasks/main.yml
@@ -1,7 +1,7 @@
---
# We should print out deprecations prior to any failures so that if a play does fail for other reasons
# the user would also be aware of any deprecated variables they should note to adjust
-- include: deprecations.yml
+- include_tasks: deprecations.yml
- name: Abort when conflicting deployment type variables are set
when:
@@ -47,13 +47,13 @@
- name: Abort when openshift_release is invalid
when:
- openshift_release is defined
- - not openshift_release | match('^\d+(\.\d+){1,3}$')
+ - not (openshift_release is match('^\d+(\.\d+){1,3}$'))
fail:
msg: |-
openshift_release is "{{ openshift_release }}" which is not a valid version string.
Please set it to a version string like "3.4".
-- include: unsupported.yml
+- include_tasks: unsupported.yml
when:
- not openshift_enable_unsupported_configurations | default(false) | bool
diff --git a/roles/openshift_sanitize_inventory/tasks/unsupported.yml b/roles/openshift_sanitize_inventory/tasks/unsupported.yml
index b70ab90a1..1c4984467 100644
--- a/roles/openshift_sanitize_inventory/tasks/unsupported.yml
+++ b/roles/openshift_sanitize_inventory/tasks/unsupported.yml
@@ -40,3 +40,27 @@
openshift_master_dynamic_provisioning_enabled to True and set an
openshift_cloudprovider_kind. You can disable this check with
'dynamic_volumes_check=False'.
+
+#if we have registry backend as glusterfs, and we have clashing configuration.
+- name: Ensure the hosted registry's GlusterFS storage is configured correctly
+ when:
+ - openshift_hosted_registry_storage_kind | default(none) in ['glusterfs']
+ - openshift_hosted_registry_storage_glusterfs_ips is defined and openshift_hosted_registry_storage_glusterfs_ips != ''
+ - "'glusterfs_registry' in groups | default([])"
+ fail:
+ msg: |-
+ Configuring a value for openshift_hosted_registry_storage_glusterfs_ips and with a glusterfs_registry host group is not allowed.
+ Specifying a glusterfs_registry host group indicates that a new GlusterFS cluster should be configured, whereas
+ specifying openshift_hosted_registry_storage_glusterfs_ips indicates wanting to use a pre-configured GlusterFS cluster for the registry storage.
+
+#if we have registry backend as glusterfs and no gluster specified.
+- name: Ensure the hosted registry's GlusterFS storage is configured correctly
+ when:
+ - openshift_hosted_registry_storage_kind | default(none) in ['glusterfs']
+ - not openshift_hosted_registry_storage_glusterfs_ips is defined
+ - not 'glusterfs_registry' in groups | default([])
+ - not 'glusterfs' in groups | default([])
+ fail:
+ msg: |-
+ Configuring a value for openshift_hosted_registry_storage_kind=glusterfs without a any glusterfs option is not allowed.
+ Specify either openshift_hosted_registry_storage_glusterfs_ips variable or glusterfs, glusterfs_registry host groups.
diff --git a/roles/openshift_service_catalog/files/kubeservicecatalog_roles_bindings.yml b/roles/openshift_service_catalog/files/kubeservicecatalog_roles_bindings.yml
index f449fba2b..a0b41a4eb 100644
--- a/roles/openshift_service_catalog/files/kubeservicecatalog_roles_bindings.yml
+++ b/roles/openshift_service_catalog/files/kubeservicecatalog_roles_bindings.yml
@@ -118,6 +118,8 @@ objects:
- servicecatalog.k8s.io
resources:
- clusterservicebrokers/status
+ - clusterserviceclasses/status
+ - clusterserviceplans/status
- serviceinstances/status
- servicebindings/status
- servicebindings/finalizers
diff --git a/roles/openshift_service_catalog/tasks/install.yml b/roles/openshift_service_catalog/tasks/install.yml
index 3507330e3..4b842c166 100644
--- a/roles/openshift_service_catalog/tasks/install.yml
+++ b/roles/openshift_service_catalog/tasks/install.yml
@@ -40,7 +40,7 @@
command: >
{{ openshift.common.client_binary }} --config=/etc/origin/master/admin.kubeconfig adm pod-network make-projects-global kube-service-catalog
-- include: generate_certs.yml
+- include_tasks: generate_certs.yml
- copy:
src: kubeservicecatalog_roles_bindings.yml
@@ -88,14 +88,14 @@
vars:
original_content: "{{ edit_yaml.results.results[0] | to_yaml }}"
when:
- - not edit_yaml.results.results[0] | oo_contains_rule(['servicecatalog.k8s.io'], ['serviceinstances', 'servicebindings'], ['create', 'update', 'delete', 'get', 'list', 'watch', 'patch']) or not edit_yaml.results.results[0] | oo_contains_rule(['settings.k8s.io'], ['podpresets'], ['create', 'update', 'delete', 'get', 'list', 'watch'])
+ - not edit_yaml.results.results[0] | lib_utils_oo_contains_rule(['servicecatalog.k8s.io'], ['serviceinstances', 'servicebindings'], ['create', 'update', 'delete', 'get', 'list', 'watch', 'patch']) or not edit_yaml.results.results[0] | lib_utils_oo_contains_rule(['settings.k8s.io'], ['podpresets'], ['create', 'update', 'delete', 'get', 'list', 'watch'])
# only do this if we don't already have the updated role info
- name: update edit role for service catalog and pod preset access
command: >
{{ openshift.common.client_binary }} --config=/etc/origin/master/admin.kubeconfig replace -f {{ mktemp.stdout }}/edit_sc_patch.yml
when:
- - not edit_yaml.results.results[0] | oo_contains_rule(['servicecatalog.k8s.io'], ['serviceinstances', 'servicebindings'], ['create', 'update', 'delete', 'get', 'list', 'watch', 'patch']) or not edit_yaml.results.results[0] | oo_contains_rule(['settings.k8s.io'], ['podpresets'], ['create', 'update', 'delete', 'get', 'list', 'watch'])
+ - not edit_yaml.results.results[0] | lib_utils_oo_contains_rule(['servicecatalog.k8s.io'], ['serviceinstances', 'servicebindings'], ['create', 'update', 'delete', 'get', 'list', 'watch', 'patch']) or not edit_yaml.results.results[0] | lib_utils_oo_contains_rule(['settings.k8s.io'], ['podpresets'], ['create', 'update', 'delete', 'get', 'list', 'watch'])
- oc_obj:
name: admin
@@ -111,14 +111,14 @@
vars:
original_content: "{{ admin_yaml.results.results[0] | to_yaml }}"
when:
- - not admin_yaml.results.results[0] | oo_contains_rule(['servicecatalog.k8s.io'], ['serviceinstances', 'servicebindings'], ['create', 'update', 'delete', 'get', 'list', 'watch', 'patch']) or not admin_yaml.results.results[0] | oo_contains_rule(['settings.k8s.io'], ['podpresets'], ['create', 'update', 'delete', 'get', 'list', 'watch'])
+ - not admin_yaml.results.results[0] | lib_utils_oo_contains_rule(['servicecatalog.k8s.io'], ['serviceinstances', 'servicebindings'], ['create', 'update', 'delete', 'get', 'list', 'watch', 'patch']) or not admin_yaml.results.results[0] | lib_utils_oo_contains_rule(['settings.k8s.io'], ['podpresets'], ['create', 'update', 'delete', 'get', 'list', 'watch'])
# only do this if we don't already have the updated role info
- name: update admin role for service catalog and pod preset access
command: >
{{ openshift.common.client_binary }} --config=/etc/origin/master/admin.kubeconfig replace -f {{ mktemp.stdout }}/admin_sc_patch.yml
when:
- - not admin_yaml.results.results[0] | oo_contains_rule(['servicecatalog.k8s.io'], ['serviceinstances', 'servicebindings'], ['create', 'update', 'delete', 'get', 'list', 'watch', 'patch']) or not admin_yaml.results.results[0] | oo_contains_rule(['settings.k8s.io'], ['podpresets'], ['create', 'update', 'delete', 'get', 'list', 'watch'])
+ - not admin_yaml.results.results[0] | lib_utils_oo_contains_rule(['servicecatalog.k8s.io'], ['serviceinstances', 'servicebindings'], ['create', 'update', 'delete', 'get', 'list', 'watch', 'patch']) or not admin_yaml.results.results[0] | lib_utils_oo_contains_rule(['settings.k8s.io'], ['podpresets'], ['create', 'update', 'delete', 'get', 'list', 'watch'])
- oc_obj:
name: view
@@ -134,14 +134,14 @@
vars:
original_content: "{{ view_yaml.results.results[0] | to_yaml }}"
when:
- - not view_yaml.results.results[0] | oo_contains_rule(['servicecatalog.k8s.io'], ['serviceinstances', 'servicebindings'], ['get', 'list', 'watch'])
+ - not view_yaml.results.results[0] | lib_utils_oo_contains_rule(['servicecatalog.k8s.io'], ['serviceinstances', 'servicebindings'], ['get', 'list', 'watch'])
# only do this if we don't already have the updated role info
- name: update view role for service catalog access
command: >
{{ openshift.common.client_binary }} --config=/etc/origin/master/admin.kubeconfig replace -f {{ mktemp.stdout }}/view_sc_patch.yml
when:
- - not view_yaml.results.results[0] | oo_contains_rule(['servicecatalog.k8s.io'], ['serviceinstances', 'servicebindings'], ['get', 'list', 'watch'])
+ - not view_yaml.results.results[0] | lib_utils_oo_contains_rule(['servicecatalog.k8s.io'], ['serviceinstances', 'servicebindings'], ['get', 'list', 'watch'])
- oc_adm_policy_user:
namespace: kube-service-catalog
@@ -252,7 +252,7 @@
session_affinity: None
service_type: ClusterIP
-- include: start_api_server.yml
+- include_tasks: start_api_server.yml
- name: Delete temp directory
file:
diff --git a/roles/openshift_service_catalog/tasks/main.yml b/roles/openshift_service_catalog/tasks/main.yml
index dc0d6a370..ffdbe2b11 100644
--- a/roles/openshift_service_catalog/tasks/main.yml
+++ b/roles/openshift_service_catalog/tasks/main.yml
@@ -1,8 +1,8 @@
---
# do any asserts here
-- include: install.yml
+- include_tasks: install.yml
when: not openshift_service_catalog_remove | default(false) | bool
-- include: remove.yml
+- include_tasks: remove.yml
when: openshift_service_catalog_remove | default(false) | bool
diff --git a/roles/openshift_service_catalog/tasks/start_api_server.yml b/roles/openshift_service_catalog/tasks/start_api_server.yml
index b143292b6..84e542eaf 100644
--- a/roles/openshift_service_catalog/tasks/start_api_server.yml
+++ b/roles/openshift_service_catalog/tasks/start_api_server.yml
@@ -5,7 +5,7 @@
name: "{{ openshift.node.nodename }}"
kind: node
state: add
- labels: "{{ openshift_service_catalog_nodeselector | default ({'openshift-infra': 'apiserver'}) | oo_dict_to_list_of_dict }}"
+ labels: "{{ openshift_service_catalog_nodeselector | default ({'openshift-infra': 'apiserver'}) | lib_utils_oo_dict_to_list_of_dict }}"
# wait to see that the apiserver is available
- name: wait for api server to be ready
diff --git a/roles/openshift_service_catalog/templates/api_server.j2 b/roles/openshift_service_catalog/templates/api_server.j2
index 0e5bb7230..4f51b8c3c 100644
--- a/roles/openshift_service_catalog/templates/api_server.j2
+++ b/roles/openshift_service_catalog/templates/api_server.j2
@@ -19,7 +19,7 @@ spec:
spec:
serviceAccountName: service-catalog-apiserver
nodeSelector:
-{% for key, value in node_selector.iteritems() %}
+{% for key, value in node_selector.items() %}
{{key}}: "{{value}}"
{% endfor %}
containers:
diff --git a/roles/openshift_service_catalog/templates/controller_manager.j2 b/roles/openshift_service_catalog/templates/controller_manager.j2
index e5e5f6b50..137222f04 100644
--- a/roles/openshift_service_catalog/templates/controller_manager.j2
+++ b/roles/openshift_service_catalog/templates/controller_manager.j2
@@ -19,7 +19,7 @@ spec:
spec:
serviceAccountName: service-catalog-controller
nodeSelector:
-{% for key, value in node_selector.iteritems() %}
+{% for key, value in node_selector.items() %}
{{key}}: "{{value}}"
{% endfor %}
containers:
diff --git a/roles/openshift_storage_glusterfs/README.md b/roles/openshift_storage_glusterfs/README.md
index abe411f67..f7bd58db3 100644
--- a/roles/openshift_storage_glusterfs/README.md
+++ b/roles/openshift_storage_glusterfs/README.md
@@ -82,8 +82,25 @@ GlusterFS cluster into a new or existing OpenShift cluster:
| openshift_storage_glusterfs_nodeselector | 'glusterfs=storage-host'| Selector to determine which nodes will host GlusterFS pods in native mode. **NOTE:** The label value is taken from the cluster name
| openshift_storage_glusterfs_use_default_selector | False | Whether to use a default node selector for the GlusterFS namespace/project. If False, the namespace/project will have no restricting node selector. If True, uses pre-existing or default (e.g. osm_default_node_selector) node selectors. **NOTE:** If True, nodes which will host GlusterFS pods must already have the additional labels.
| openshift_storage_glusterfs_storageclass | True | Automatically create a StorageClass for each GlusterFS cluster
+| openshift_storage_glusterfs_storageclass_default | False | Sets the StorageClass for each GlusterFS cluster as default
| openshift_storage_glusterfs_image | 'gluster/gluster-centos'| Container image to use for GlusterFS pods, enterprise default is 'rhgs3/rhgs-server-rhel7'
| openshift_storage_glusterfs_version | 'latest' | Container image version to use for GlusterFS pods
+| openshift_storage_glusterfs_block_deploy | True | Deploy glusterblock provisioner service
+| openshift_storage_glusterfs_block_image | 'gluster/glusterblock-provisioner'| Container image to use for glusterblock-provisioner pod, enterprise default is 'rhgs3/rhgs-gluster-block-prov-rhel7'
+| openshift_storage_glusterfs_block_version | 'latest' | Container image version to use for glusterblock-provisioner pod
+| openshift_storage_glusterfs_block_host_vol_create| True | Automatically create GlusterFS volumes to host glusterblock volumes. **NOTE:** If this is False, block-hosting volumes will need to be manually created before glusterblock volumes can be provisioned
+| openshift_storage_glusterfs_block_host_vol_size | 100 | Size, in GB, of GlusterFS volumes that will be automatically create to host glusterblock volumes if not enough space is available for a glusterblock volume create request. **NOTE:** This value is effectively an upper limit on the size of glusterblock volumes unless you manually create larger GlusterFS block-hosting volumes
+| openshift_storage_glusterfs_block_host_vol_max | 15 | Max number of GlusterFS volumes to host glusterblock volumes
+| openshift_storage_glusterfs_s3_deploy | True | Deploy gluster-s3 service
+| openshift_storage_glusterfs_s3_image | 'gluster/gluster-object'| Container image to use for gluster-s3 pod, enterprise default is 'rhgs3/rhgs-gluster-s3-server-rhel7'
+| openshift_storage_glusterfs_s3_version | 'latest' | Container image version to use for gluster=s3 pod
+| openshift_storage_glusterfs_s3_account | Undefined | S3 account name for the S3 service, required for S3 service deployment
+| openshift_storage_glusterfs_s3_user | Undefined | S3 user name for the S3 service, required for S3 service deployment
+| openshift_storage_glusterfs_s3_password | Undefined | S3 user password for the S3 service, required for S3 service deployment
+| openshift_storage_glusterfs_s3_pvc | Dynamic | Name of the GlusterFS-backed PVC which will be used for S3 object data storage, generated from the cluster name and S3 account by default
+| openshift_storage_glusterfs_s3_pvc_size | "2Gi" | Size, in Gi, of the GlusterFS-backed PVC which will be used for S3 object data storage
+| openshift_storage_glusterfs_s3_meta_pvc | Dynamic | Name of the GlusterFS-backed PVC which will be used for S3 object metadata storage, generated from the cluster name and S3 account by default
+| openshift_storage_glusterfs_s3_meta_pvc_size | "1Gi" | Size, in Gi, of the GlusterFS-backed PVC which will be used for S3 object metadata storage
| openshift_storage_glusterfs_wipe | False | Destroy any existing GlusterFS resources and wipe storage devices. **WARNING: THIS WILL DESTROY ANY DATA ON THOSE DEVICES.**
| openshift_storage_glusterfs_heketi_is_native | True | heketi should be containerized
| openshift_storage_glusterfs_heketi_cli | 'heketi-cli' | Command/Path to invoke the heketi-cli tool **NOTE:** Change this only for **non-native heketi** if heketi-cli is not in the global `$PATH` of the machine running openshift-ansible
@@ -99,6 +116,7 @@ GlusterFS cluster into a new or existing OpenShift cluster:
| openshift_storage_glusterfs_heketi_ssh_user | 'root' | SSH user for external GlusterFS nodes via native heketi
| openshift_storage_glusterfs_heketi_ssh_sudo | False | Whether to sudo (if non-root user) for SSH to external GlusterFS nodes via native heketi
| openshift_storage_glusterfs_heketi_ssh_keyfile | Undefined | Path to a private key file for use with SSH connections to external GlusterFS nodes via native heketi **NOTE:** This must be an absolute path
+| openshift_storage_glusterfs_heketi_fstab | '/var/lib/heketi/fstab' | When heketi is native, sets the path to the fstab file on the GlusterFS nodes to update on LVM volume mounts, changes to '/etc/fstab/' when the heketi executor is 'ssh' **NOTE:** This should not need to be changed
| openshift_storage_glusterfs_heketi_wipe | False | Destroy any existing heketi resources, defaults to the value of `openshift_storage_glusterfs_wipe`
Each role variable also has a corresponding variable to optionally configure a
@@ -108,16 +126,16 @@ registry. These variables start with the prefix
values in their corresponding non-registry variables. The following variables
are an exception:
-| Name | Default value | Description |
-|-------------------------------------------------------|-----------------------|-----------------------------------------|
-| openshift_storage_glusterfs_registry_namespace | registry namespace | Default is to use the hosted registry's namespace, otherwise 'glusterfs'
-| openshift_storage_glusterfs_registry_name | 'registry' | This allows for the logical separation of the registry GlusterFS cluster from other GlusterFS clusters
-| openshift_storage_glusterfs_registry_storageclass | False | It is recommended to not create a StorageClass for GlusterFS clusters serving registry storage, so as to avoid performance penalties
-| openshift_storage_glusterfs_registry_heketi_admin_key | auto-generated | Separate from the above
-| openshift_storage_glusterfs_registry_heketi_user_key | auto-generated | Separate from the above
+| Name | Default value | Description |
+|-----------------------------------------------------------|-----------------------|-----------------------------------------|
+| openshift_storage_glusterfs_registry_namespace | registry namespace | Default is to use the hosted registry's namespace, otherwise 'glusterfs'
+| openshift_storage_glusterfs_registry_name | 'registry' | This allows for the logical separation of the registry GlusterFS cluster from other GlusterFS clusters
+| openshift_storage_glusterfs_registry_storageclass | False | It is recommended to not create a StorageClass for GlusterFS clusters serving registry storage, so as to avoid performance penalties
+| openshift_storage_glusterfs_registry_storageclass_default | False | Sets the StorageClass for each GlusterFS cluster as default
+| openshift_storage_glusterfs_registry_heketi_admin_key | auto-generated | Separate from the above
+| openshift_storage_glusterfs_registry_heketi_user_key | auto-generated | Separate from the above
-Additionally, this role's behavior responds to the following registry-specific
-variables:
+Additionally, this role's behavior responds to several registry-specific variables in the [openshift_hosted role](../openshift_hosted/README.md):
| Name | Default value | Description |
|-------------------------------------------------------|------------------------------|-----------------------------------------|
@@ -131,7 +149,6 @@ Dependencies
------------
* os_firewall
-* openshift_hosted_facts
* openshift_repos
* lib_openshift
diff --git a/roles/openshift_storage_glusterfs/defaults/main.yml b/roles/openshift_storage_glusterfs/defaults/main.yml
index 148549887..da34fab2a 100644
--- a/roles/openshift_storage_glusterfs/defaults/main.yml
+++ b/roles/openshift_storage_glusterfs/defaults/main.yml
@@ -5,8 +5,25 @@ openshift_storage_glusterfs_name: 'storage'
openshift_storage_glusterfs_nodeselector: "glusterfs={{ openshift_storage_glusterfs_name }}-host"
openshift_storage_glusterfs_use_default_selector: False
openshift_storage_glusterfs_storageclass: True
+openshift_storage_glusterfs_storageclass_default: False
openshift_storage_glusterfs_image: "{{ 'rhgs3/rhgs-server-rhel7' | quote if deployment_type == 'openshift-enterprise' else 'gluster/gluster-centos' | quote }}"
openshift_storage_glusterfs_version: 'latest'
+openshift_storage_glusterfs_block_deploy: True
+openshift_storage_glusterfs_block_image: "{{ 'rhgs3/rhgs-gluster-block-prov-rhel7' | quote if deployment_type == 'openshift-enterprise' else 'gluster/glusterblock-provisioner' | quote }}"
+openshift_storage_glusterfs_block_version: 'latest'
+openshift_storage_glusterfs_block_host_vol_create: True
+openshift_storage_glusterfs_block_host_vol_size: 100
+openshift_storage_glusterfs_block_host_vol_max: 15
+openshift_storage_glusterfs_s3_deploy: True
+openshift_storage_glusterfs_s3_image: "{{ 'rhgs3/rhgs-gluster-s3-server-rhel7' | quote if deployment_type == 'openshift-enterprise' else 'gluster/gluster-object' | quote }}"
+openshift_storage_glusterfs_s3_version: 'latest'
+openshift_storage_glusterfs_s3_account: "{{ omit }}"
+openshift_storage_glusterfs_s3_user: "{{ omit }}"
+openshift_storage_glusterfs_s3_password: "{{ omit }}"
+openshift_storage_glusterfs_s3_pvc: "gluster-s3-{{ openshift_storage_glusterfs_name }}-{{ openshift_storage_glusterfs_s3_account }}-claim"
+openshift_storage_glusterfs_s3_pvc_size: "2Gi"
+openshift_storage_glusterfs_s3_meta_pvc: "gluster-s3-{{ openshift_storage_glusterfs_name }}-{{ openshift_storage_glusterfs_s3_account }}-meta-claim"
+openshift_storage_glusterfs_s3_meta_pvc_size: "1Gi"
openshift_storage_glusterfs_wipe: False
openshift_storage_glusterfs_heketi_is_native: "{{ openshift_storage_glusterfs_is_native }}"
openshift_storage_glusterfs_heketi_is_missing: True
@@ -25,17 +42,35 @@ openshift_storage_glusterfs_heketi_ssh_port: 22
openshift_storage_glusterfs_heketi_ssh_user: 'root'
openshift_storage_glusterfs_heketi_ssh_sudo: False
openshift_storage_glusterfs_heketi_ssh_keyfile: "{{ omit }}"
+openshift_storage_glusterfs_heketi_fstab: "{{ '/var/lib/heketi/fstab' | quote if openshift_storage_glusterfs_heketi_executor == 'kubernetes' else '/etc/fstab' | quote }}"
openshift_storage_glusterfs_namespace: "{{ 'glusterfs' | quote if openshift_storage_glusterfs_is_native or openshift_storage_glusterfs_heketi_is_native else 'default' | quote }}"
openshift_storage_glusterfs_registry_timeout: "{{ openshift_storage_glusterfs_timeout }}"
-openshift_storage_glusterfs_registry_namespace: "{{ openshift.hosted.registry.namespace | default(openshift_storage_glusterfs_namespace) }}"
+openshift_storage_glusterfs_registry_namespace: "{{ openshift_hosted_registry_namespace | default(openshift_storage_glusterfs_namespace) }}"
openshift_storage_glusterfs_registry_is_native: "{{ openshift_storage_glusterfs_is_native }}"
openshift_storage_glusterfs_registry_name: 'registry'
openshift_storage_glusterfs_registry_nodeselector: "glusterfs={{ openshift_storage_glusterfs_registry_name }}-host"
openshift_storage_glusterfs_registry_use_default_selector: "{{ openshift_storage_glusterfs_use_default_selector }}"
openshift_storage_glusterfs_registry_storageclass: False
+openshift_storage_glusterfs_registry_storageclass_default: False
openshift_storage_glusterfs_registry_image: "{{ openshift_storage_glusterfs_image }}"
openshift_storage_glusterfs_registry_version: "{{ openshift_storage_glusterfs_version }}"
+openshift_storage_glusterfs_registry_block_deploy: "{{ openshift_storage_glusterfs_block_deploy }}"
+openshift_storage_glusterfs_registry_block_image: "{{ openshift_storage_glusterfs_block_image }}"
+openshift_storage_glusterfs_registry_block_version: "{{ openshift_storage_glusterfs_block_version }}"
+openshift_storage_glusterfs_registry_block_host_vol_create: "{{ openshift_storage_glusterfs_block_host_vol_create }}"
+openshift_storage_glusterfs_registry_block_host_vol_size: "{{ openshift_storage_glusterfs_block_host_vol_size }}"
+openshift_storage_glusterfs_registry_block_host_vol_max: "{{ openshift_storage_glusterfs_block_host_vol_max }}"
+openshift_storage_glusterfs_registry_s3_deploy: "{{ openshift_storage_glusterfs_s3_deploy }}"
+openshift_storage_glusterfs_registry_s3_image: "{{ openshift_storage_glusterfs_s3_image }}"
+openshift_storage_glusterfs_registry_s3_version: "{{ openshift_storage_glusterfs_s3_version }}"
+openshift_storage_glusterfs_registry_s3_account: "{{ openshift_storage_glusterfs_s3_account }}"
+openshift_storage_glusterfs_registry_s3_user: "{{ openshift_storage_glusterfs_s3_user }}"
+openshift_storage_glusterfs_registry_s3_password: "{{ openshift_storage_glusterfs_s3_password }}"
+openshift_storage_glusterfs_registry_s3_pvc: "gluster-s3-{{ openshift_storage_glusterfs_registry_name }}-{{ openshift_storage_glusterfs_registry_s3_account }}-claim"
+openshift_storage_glusterfs_registry_s3_pvc_size: "{{ openshift_storage_glusterfs_s3_pvc_size }}"
+openshift_storage_glusterfs_registry_s3_meta_pvc: "gluster-s3-{{ openshift_storage_glusterfs_registry_name }}-{{ openshift_storage_glusterfs_registry_s3_account }}-meta-claim"
+openshift_storage_glusterfs_registry_s3_meta_pvc_size: "{{ openshift_storage_glusterfs_s3_meta_pvc_size }}"
openshift_storage_glusterfs_registry_wipe: "{{ openshift_storage_glusterfs_wipe }}"
openshift_storage_glusterfs_registry_heketi_is_native: "{{ openshift_storage_glusterfs_registry_is_native }}"
openshift_storage_glusterfs_registry_heketi_is_missing: "{{ openshift_storage_glusterfs_heketi_is_missing }}"
@@ -54,6 +89,8 @@ openshift_storage_glusterfs_registry_heketi_ssh_port: "{{ openshift_storage_glus
openshift_storage_glusterfs_registry_heketi_ssh_user: "{{ openshift_storage_glusterfs_heketi_ssh_user }}"
openshift_storage_glusterfs_registry_heketi_ssh_sudo: "{{ openshift_storage_glusterfs_heketi_ssh_sudo }}"
openshift_storage_glusterfs_registry_heketi_ssh_keyfile: "{{ openshift_storage_glusterfs_heketi_ssh_keyfile | default(omit) }}"
+openshift_storage_glusterfs_registry_heketi_fstab: "{{ '/var/lib/heketi/fstab' | quote if openshift_storage_glusterfs_registry_heketi_executor == 'kubernetes' else '/etc/fstab' | quote }}"
+
r_openshift_storage_glusterfs_firewall_enabled: "{{ os_firewall_enabled | default(True) }}"
r_openshift_storage_glusterfs_use_firewalld: "{{ os_firewall_use_firewalld | default(False) }}"
r_openshift_storage_glusterfs_os_firewall_deny: []
diff --git a/roles/openshift_storage_glusterfs/files/v3.7/deploy-heketi-template.yml b/roles/openshift_storage_glusterfs/files/v3.7/deploy-heketi-template.yml
index 7b705c2d4..34af652c2 100644
--- a/roles/openshift_storage_glusterfs/files/v3.7/deploy-heketi-template.yml
+++ b/roles/openshift_storage_glusterfs/files/v3.7/deploy-heketi-template.yml
@@ -73,13 +73,11 @@ objects:
- name: HEKETI_EXECUTOR
value: ${HEKETI_EXECUTOR}
- name: HEKETI_FSTAB
- value: /var/lib/heketi/fstab
+ value: ${HEKETI_FSTAB}
- name: HEKETI_SNAPSHOT_LIMIT
value: '14'
- name: HEKETI_KUBE_GLUSTER_DAEMONSET
value: '1'
- - name: HEKETI_KUBE_NAMESPACE
- value: ${HEKETI_KUBE_NAMESPACE}
ports:
- containerPort: 8080
volumeMounts:
@@ -115,10 +113,10 @@ parameters:
displayName: heketi executor type
description: Set the executor type, kubernetes or ssh
value: kubernetes
-- name: HEKETI_KUBE_NAMESPACE
- displayName: Namespace
- description: Set the namespace where the GlusterFS pods reside
- value: default
+- name: HEKETI_FSTAB
+ displayName: heketi fstab path
+ description: Set the fstab path, file that is populated with bricks that heketi creates
+ value: /var/lib/heketi/fstab
- name: HEKETI_ROUTE
displayName: heketi route name
description: Set the hostname for the route URL
diff --git a/roles/openshift_storage_glusterfs/files/v3.7/gluster-s3-pvcs-template.yml b/roles/openshift_storage_glusterfs/files/v3.7/gluster-s3-pvcs-template.yml
new file mode 100644
index 000000000..064b51473
--- /dev/null
+++ b/roles/openshift_storage_glusterfs/files/v3.7/gluster-s3-pvcs-template.yml
@@ -0,0 +1,67 @@
+---
+kind: Template
+apiVersion: v1
+metadata:
+ name: gluster-s3-pvcs
+ labels:
+ glusterfs: s3-pvcs-template
+ gluster-s3: pvcs-template
+ annotations:
+ description: Gluster S3 service template
+ tags: glusterfs,heketi,gluster-s3
+objects:
+- kind: PersistentVolumeClaim
+ apiVersion: v1
+ metadata:
+ name: "${PVC}"
+ labels:
+ glusterfs: s3-${CLUSTER_NAME}-${S3_ACCOUNT}-storage
+ gluster-s3: ${CLUSTER_NAME}-${S3_ACCOUNT}-pvc
+ annotations:
+ volume.beta.kubernetes.io/storage-class: "glusterfs-${CLUSTER_NAME}"
+ spec:
+ accessModes:
+ - ReadWriteMany
+ resources:
+ requests:
+ storage: "${PVC_SIZE}"
+- kind: PersistentVolumeClaim
+ apiVersion: v1
+ metadata:
+ name: "${META_PVC}"
+ labels:
+ glusterfs: s3-${CLUSTER_NAME}-${S3_ACCOUNT}-storage
+ gluster-s3: ${CLUSTER_NAME}-${S3_ACCOUNT}-meta-pvc
+ annotations:
+ volume.beta.kubernetes.io/storage-class: "glusterfs-${CLUSTER_NAME}"
+ spec:
+ accessModes:
+ - ReadWriteMany
+ resources:
+ requests:
+ storage: "${META_PVC_SIZE}"
+parameters:
+- name: S3_ACCOUNT
+ displayName: S3 Account Name
+ description: S3 storage account which will provide storage on GlusterFS volumes
+ required: true
+- name: PVC
+ displayName: Primary GlusterFS-backed PVC
+ description: GlusterFS-backed PVC for object storage
+ required: true
+- name: PVC_SIZE
+ displayName: Primary GlusterFS-backed PVC capacity
+ description: Capacity for GlusterFS-backed PVC for object storage
+ value: 2Gi
+- name: META_PVC
+ displayName: Metadata GlusterFS-backed PVC
+ description: GlusterFS-backed PVC for object storage metadata
+ required: true
+- name: META_PVC_SIZE
+ displayName: Metadata GlusterFS-backed PVC capacity
+ description: Capacity for GlusterFS-backed PVC for object storage metadata
+ value: 1Gi
+- name: CLUSTER_NAME
+ displayName: GlusterFS cluster name
+ description: A unique name to identify which heketi service manages this cluster, useful for running multiple heketi instances
+ value: storage
diff --git a/roles/openshift_storage_glusterfs/files/v3.7/gluster-s3-template.yml b/roles/openshift_storage_glusterfs/files/v3.7/gluster-s3-template.yml
new file mode 100644
index 000000000..896a1b226
--- /dev/null
+++ b/roles/openshift_storage_glusterfs/files/v3.7/gluster-s3-template.yml
@@ -0,0 +1,140 @@
+---
+kind: Template
+apiVersion: v1
+metadata:
+ name: gluster-s3
+ labels:
+ glusterfs: s3-template
+ gluster-s3: template
+ annotations:
+ description: Gluster S3 service template
+ tags: glusterfs,heketi,gluster-s3
+objects:
+- kind: Service
+ apiVersion: v1
+ metadata:
+ name: gluster-s3-${CLUSTER_NAME}-${S3_ACCOUNT}-service
+ labels:
+ glusterfs: s3-${CLUSTER_NAME}-${S3_ACCOUNT}-service
+ gluster-s3: ${CLUSTER_NAME}-${S3_ACCOUNT}-service
+ spec:
+ ports:
+ - protocol: TCP
+ port: 8080
+ targetPort: 8080
+ selector:
+ glusterfs: s3-pod
+ type: ClusterIP
+ sessionAffinity: None
+ status:
+ loadBalancer: {}
+- kind: Route
+ apiVersion: v1
+ metadata:
+ name: gluster-s3-${CLUSTER_NAME}-${S3_ACCOUNT}-route
+ labels:
+ glusterfs: s3-${CLUSTER_NAME}-${S3_ACCOUNT}-route
+ gluster-s3: ${CLUSTER_NAME}-${S3_ACCOUNT}-route
+ spec:
+ to:
+ kind: Service
+ name: gluster-s3-${CLUSTER_NAME}-${S3_ACCOUNT}-service
+- kind: DeploymentConfig
+ apiVersion: v1
+ metadata:
+ name: gluster-s3-${CLUSTER_NAME}-${S3_ACCOUNT}-dc
+ labels:
+ glusterfs: s3-${CLUSTER_NAME}-${S3_ACCOUNT}-dc
+ gluster-s3: ${CLUSTER_NAME}-${S3_ACCOUNT}-dc
+ annotations:
+ openshift.io/scc: privileged
+ description: Defines how to deploy gluster s3 object storage
+ spec:
+ replicas: 1
+ selector:
+ glusterfs: s3-${CLUSTER_NAME}-${S3_ACCOUNT}-pod
+ template:
+ metadata:
+ name: gluster-${CLUSTER_NAME}-${S3_ACCOUNT}-s3
+ labels:
+ glusterfs: s3-${CLUSTER_NAME}-${S3_ACCOUNT}-pod
+ gluster-s3: ${CLUSTER_NAME}-${S3_ACCOUNT}-pod
+ spec:
+ containers:
+ - name: gluster-s3
+ image: ${IMAGE_NAME}:${IMAGE_VERSION}
+ imagePullPolicy: IfNotPresent
+ ports:
+ - name: gluster
+ containerPort: 8080
+ protocol: TCP
+ env:
+ - name: S3_ACCOUNT
+ value: "${S3_ACCOUNT}"
+ - name: S3_USER
+ value: "${S3_USER}"
+ - name: S3_PASSWORD
+ value: "${S3_PASSWORD}"
+ resources: {}
+ volumeMounts:
+ - name: gluster-vol1
+ mountPath: "/mnt/gluster-object/${S3_ACCOUNT}"
+ - name: gluster-vol2
+ mountPath: "/mnt/gluster-object/gsmetadata"
+ - name: glusterfs-cgroup
+ readOnly: true
+ mountPath: "/sys/fs/cgroup"
+ terminationMessagePath: "/dev/termination-log"
+ securityContext:
+ privileged: true
+ volumes:
+ - name: glusterfs-cgroup
+ hostPath:
+ path: "/sys/fs/cgroup"
+ - name: gluster-vol1
+ persistentVolumeClaim:
+ claimName: ${PVC}
+ - name: gluster-vol2
+ persistentVolumeClaim:
+ claimName: ${META_PVC}
+ restartPolicy: Always
+ terminationGracePeriodSeconds: 30
+ dnsPolicy: ClusterFirst
+ serviceAccountName: default
+ serviceAccount: default
+ securityContext: {}
+parameters:
+- name: IMAGE_NAME
+ displayName: glusterblock provisioner container image name
+ required: True
+- name: IMAGE_VERSION
+ displayName: glusterblock provisioner container image version
+ required: True
+- name: CLUSTER_NAME
+ displayName: GlusterFS cluster name
+ description: A unique name to identify which heketi service manages this cluster, useful for running multiple heketi instances
+ value: storage
+- name: S3_ACCOUNT
+ displayName: S3 Account Name
+ description: S3 storage account which will provide storage on GlusterFS volumes
+ required: true
+- name: S3_USER
+ displayName: S3 User
+ description: S3 user who can access the S3 storage account
+ required: true
+- name: S3_PASSWORD
+ displayName: S3 User Password
+ description: Password for the S3 user
+ required: true
+- name: PVC
+ displayName: Primary GlusterFS-backed PVC
+ description: GlusterFS-backed PVC for object storage
+ value: gluster-s3-claim
+- name: META_PVC
+ displayName: Metadata GlusterFS-backed PVC
+ description: GlusterFS-backed PVC for object storage metadata
+ value: gluster-s3-meta-claim
+- name: CLUSTER_NAME
+ displayName: GlusterFS cluster name
+ description: A unique name to identify which heketi service manages this cluster, useful for running multiple heketi instances
+ value: storage
diff --git a/roles/openshift_storage_glusterfs/files/v3.7/glusterblock-provisioner.yml b/roles/openshift_storage_glusterfs/files/v3.7/glusterblock-provisioner.yml
new file mode 100644
index 000000000..63dd5cce6
--- /dev/null
+++ b/roles/openshift_storage_glusterfs/files/v3.7/glusterblock-provisioner.yml
@@ -0,0 +1,104 @@
+---
+kind: Template
+apiVersion: v1
+metadata:
+ name: glusterblock-provisioner
+ labels:
+ glusterfs: block-template
+ glusterblock: template
+ annotations:
+ description: glusterblock provisioner template
+ tags: glusterfs
+objects:
+- kind: ClusterRole
+ apiVersion: v1
+ metadata:
+ name: glusterblock-provisioner-runner
+ labels:
+ glusterfs: block-provisioner-runner-clusterrole
+ glusterblock: provisioner-runner-clusterrole
+ rules:
+ - apiGroups: [""]
+ resources: ["persistentvolumes"]
+ verbs: ["get", "list", "watch", "create", "delete"]
+ - apiGroups: [""]
+ resources: ["persistentvolumeclaims"]
+ verbs: ["get", "list", "watch", "update"]
+ - apiGroups: ["storage.k8s.io"]
+ resources: ["storageclasses"]
+ verbs: ["get", "list", "watch"]
+ - apiGroups: [""]
+ resources: ["events"]
+ verbs: ["list", "watch", "create", "update", "patch"]
+ - apiGroups: [""]
+ resources: ["services"]
+ verbs: ["get"]
+ - apiGroups: [""]
+ resources: ["secrets"]
+ verbs: ["get", "create", "delete"]
+ - apiGroups: [""]
+ resources: ["routes"]
+ verbs: ["get", "list"]
+- apiVersion: v1
+ kind: ServiceAccount
+ metadata:
+ name: glusterblock-${CLUSTER_NAME}-provisioner
+ labels:
+ glusterfs: block-${CLUSTER_NAME}-provisioner-sa
+ glusterblock: ${CLUSTER_NAME}-provisioner-sa
+- apiVersion: v1
+ kind: ClusterRoleBinding
+ metadata:
+ name: glusterblock-${CLUSTER_NAME}-provisioner
+ roleRef:
+ name: glusterblock-provisioner-runner
+ subjects:
+ - kind: ServiceAccount
+ name: glusterblock-${CLUSTER_NAME}-provisioner
+ namespace: ${NAMESPACE}
+- kind: DeploymentConfig
+ apiVersion: v1
+ metadata:
+ name: glusterblock-${CLUSTER_NAME}-provisioner-dc
+ labels:
+ glusterfs: block-${CLUSTER_NAME}-provisioner-dc
+ glusterblock: ${CLUSTER_NAME}-provisioner-dc
+ annotations:
+ description: Defines how to deploy the glusterblock provisioner pod.
+ spec:
+ replicas: 1
+ selector:
+ glusterfs: block-${CLUSTER_NAME}-provisioner-pod
+ triggers:
+ - type: ConfigChange
+ strategy:
+ type: Recreate
+ template:
+ metadata:
+ name: glusterblock-provisioner
+ labels:
+ glusterfs: block-${CLUSTER_NAME}-provisioner-pod
+ spec:
+ serviceAccountName: glusterblock-${CLUSTER_NAME}-provisioner
+ containers:
+ - name: glusterblock-provisioner
+ image: ${IMAGE_NAME}:${IMAGE_VERSION}
+ imagePullPolicy: IfNotPresent
+ env:
+ - name: PROVISIONER_NAME
+ value: gluster.org/glusterblock
+parameters:
+- name: IMAGE_NAME
+ displayName: glusterblock provisioner container image name
+ required: True
+- name: IMAGE_VERSION
+ displayName: glusterblock provisioner container image version
+ required: True
+- name: NAMESPACE
+ displayName: glusterblock provisioner namespace
+ description: The namespace in which these resources are being created
+ required: True
+- name: CLUSTER_NAME
+ displayName: GlusterFS cluster name
+ description: A unique name to identify which heketi service manages this cluster, useful for running multiple heketi instances
+ value: storage
diff --git a/roles/openshift_storage_glusterfs/files/v3.7/glusterfs-template.yml b/roles/openshift_storage_glusterfs/files/v3.7/glusterfs-template.yml
index 8c5e1ded3..09850a2c2 100644
--- a/roles/openshift_storage_glusterfs/files/v3.7/glusterfs-template.yml
+++ b/roles/openshift_storage_glusterfs/files/v3.7/glusterfs-template.yml
@@ -35,6 +35,15 @@ objects:
- name: glusterfs
image: ${IMAGE_NAME}:${IMAGE_VERSION}
imagePullPolicy: IfNotPresent
+ env:
+ - name: GB_GLFS_LRU_COUNT
+ value: "${GB_GLFS_LRU_COUNT}"
+ - name: TCMU_LOGDIR
+ value: "${TCMU_LOGDIR}"
+ resources:
+ requests:
+ memory: 100Mi
+ cpu: 100m
volumeMounts:
- name: glusterfs-heketi
mountPath: "/var/lib/heketi"
@@ -83,7 +92,6 @@ objects:
periodSeconds: 25
successThreshold: 1
failureThreshold: 15
- resources: {}
terminationMessagePath: "/dev/termination-log"
volumes:
- name: glusterfs-heketi
@@ -134,3 +142,13 @@ parameters:
displayName: GlusterFS cluster name
description: A unique name to identify which heketi service manages this cluster, useful for running multiple heketi instances
value: storage
+- name: GB_GLFS_LRU_COUNT
+ displayName: Maximum number of block hosting volumes
+ description: This value is to set maximum number of block hosting volumes.
+ value: "15"
+ required: true
+- name: TCMU_LOGDIR
+ displayName: Tcmu runner log directory
+ description: This value is to set tcmu runner log directory
+ value: "/var/log/glusterfs/gluster-block"
+ required: true
diff --git a/roles/openshift_storage_glusterfs/files/v3.7/heketi-template.yml b/roles/openshift_storage_glusterfs/files/v3.7/heketi-template.yml
index 61b6a8c13..28cdb2982 100644
--- a/roles/openshift_storage_glusterfs/files/v3.7/heketi-template.yml
+++ b/roles/openshift_storage_glusterfs/files/v3.7/heketi-template.yml
@@ -15,6 +15,7 @@ objects:
name: heketi-${CLUSTER_NAME}
labels:
glusterfs: heketi-${CLUSTER_NAME}-service
+ heketi: ${CLUSTER_NAME}-service
annotations:
description: Exposes Heketi service
spec:
@@ -30,6 +31,7 @@ objects:
name: ${HEKETI_ROUTE}
labels:
glusterfs: heketi-${CLUSTER_NAME}-route
+ heketi: ${CLUSTER_NAME}-route
spec:
to:
kind: Service
@@ -40,6 +42,7 @@ objects:
name: heketi-${CLUSTER_NAME}
labels:
glusterfs: heketi-${CLUSTER_NAME}-dc
+ heketi: ${CLUSTER_NAME}-dc
annotations:
description: Defines how to deploy Heketi
spec:
@@ -55,6 +58,7 @@ objects:
name: heketi-${CLUSTER_NAME}
labels:
glusterfs: heketi-${CLUSTER_NAME}-pod
+ heketi: ${CLUSTER_NAME}-pod
spec:
serviceAccountName: heketi-${CLUSTER_NAME}-service-account
containers:
@@ -69,13 +73,11 @@ objects:
- name: HEKETI_EXECUTOR
value: ${HEKETI_EXECUTOR}
- name: HEKETI_FSTAB
- value: /var/lib/heketi/fstab
+ value: ${HEKETI_FSTAB}
- name: HEKETI_SNAPSHOT_LIMIT
value: '14'
- name: HEKETI_KUBE_GLUSTER_DAEMONSET
value: '1'
- - name: HEKETI_KUBE_NAMESPACE
- value: ${HEKETI_KUBE_NAMESPACE}
ports:
- containerPort: 8080
volumeMounts:
@@ -114,10 +116,10 @@ parameters:
displayName: heketi executor type
description: Set the executor type, kubernetes or ssh
value: kubernetes
-- name: HEKETI_KUBE_NAMESPACE
- displayName: Namespace
- description: Set the namespace where the GlusterFS pods reside
- value: default
+- name: HEKETI_FSTAB
+ displayName: heketi fstab path
+ description: Set the fstab path, file that is populated with bricks that heketi creates
+ value: /var/lib/heketi/fstab
- name: HEKETI_ROUTE
displayName: heketi route name
description: Set the hostname for the route URL
diff --git a/roles/openshift_storage_glusterfs/files/v3.8/deploy-heketi-template.yml b/roles/openshift_storage_glusterfs/files/v3.8/deploy-heketi-template.yml
new file mode 100644
index 000000000..34af652c2
--- /dev/null
+++ b/roles/openshift_storage_glusterfs/files/v3.8/deploy-heketi-template.yml
@@ -0,0 +1,133 @@
+---
+kind: Template
+apiVersion: v1
+metadata:
+ name: deploy-heketi
+ labels:
+ glusterfs: heketi-template
+ deploy-heketi: support
+ annotations:
+ description: Bootstrap Heketi installation
+ tags: glusterfs,heketi,installation
+objects:
+- kind: Service
+ apiVersion: v1
+ metadata:
+ name: deploy-heketi-${CLUSTER_NAME}
+ labels:
+ glusterfs: deploy-heketi-${CLUSTER_NAME}-service
+ deploy-heketi: support
+ annotations:
+ description: Exposes Heketi service
+ spec:
+ ports:
+ - name: deploy-heketi-${CLUSTER_NAME}
+ port: 8080
+ targetPort: 8080
+ selector:
+ glusterfs: deploy-heketi-${CLUSTER_NAME}-pod
+- kind: Route
+ apiVersion: v1
+ metadata:
+ name: ${HEKETI_ROUTE}
+ labels:
+ glusterfs: deploy-heketi-${CLUSTER_NAME}-route
+ deploy-heketi: support
+ spec:
+ to:
+ kind: Service
+ name: deploy-heketi-${CLUSTER_NAME}
+- kind: DeploymentConfig
+ apiVersion: v1
+ metadata:
+ name: deploy-heketi-${CLUSTER_NAME}
+ labels:
+ glusterfs: deploy-heketi-${CLUSTER_NAME}-dc
+ deploy-heketi: support
+ annotations:
+ description: Defines how to deploy Heketi
+ spec:
+ replicas: 1
+ selector:
+ glusterfs: deploy-heketi-${CLUSTER_NAME}-pod
+ triggers:
+ - type: ConfigChange
+ strategy:
+ type: Recreate
+ template:
+ metadata:
+ name: deploy-heketi
+ labels:
+ glusterfs: deploy-heketi-${CLUSTER_NAME}-pod
+ deploy-heketi: support
+ spec:
+ serviceAccountName: heketi-${CLUSTER_NAME}-service-account
+ containers:
+ - name: heketi
+ image: ${IMAGE_NAME}:${IMAGE_VERSION}
+ env:
+ - name: HEKETI_USER_KEY
+ value: ${HEKETI_USER_KEY}
+ - name: HEKETI_ADMIN_KEY
+ value: ${HEKETI_ADMIN_KEY}
+ - name: HEKETI_EXECUTOR
+ value: ${HEKETI_EXECUTOR}
+ - name: HEKETI_FSTAB
+ value: ${HEKETI_FSTAB}
+ - name: HEKETI_SNAPSHOT_LIMIT
+ value: '14'
+ - name: HEKETI_KUBE_GLUSTER_DAEMONSET
+ value: '1'
+ ports:
+ - containerPort: 8080
+ volumeMounts:
+ - name: db
+ mountPath: /var/lib/heketi
+ - name: config
+ mountPath: /etc/heketi
+ readinessProbe:
+ timeoutSeconds: 3
+ initialDelaySeconds: 3
+ httpGet:
+ path: /hello
+ port: 8080
+ livenessProbe:
+ timeoutSeconds: 3
+ initialDelaySeconds: 30
+ httpGet:
+ path: /hello
+ port: 8080
+ volumes:
+ - name: db
+ - name: config
+ secret:
+ secretName: heketi-${CLUSTER_NAME}-config-secret
+parameters:
+- name: HEKETI_USER_KEY
+ displayName: Heketi User Secret
+ description: Set secret for those creating volumes as type _user_
+- name: HEKETI_ADMIN_KEY
+ displayName: Heketi Administrator Secret
+ description: Set secret for administration of the Heketi service as user _admin_
+- name: HEKETI_EXECUTOR
+ displayName: heketi executor type
+ description: Set the executor type, kubernetes or ssh
+ value: kubernetes
+- name: HEKETI_FSTAB
+ displayName: heketi fstab path
+ description: Set the fstab path, file that is populated with bricks that heketi creates
+ value: /var/lib/heketi/fstab
+- name: HEKETI_ROUTE
+ displayName: heketi route name
+ description: Set the hostname for the route URL
+ value: "heketi-glusterfs"
+- name: IMAGE_NAME
+ displayName: heketi container image name
+ required: True
+- name: IMAGE_VERSION
+ displayName: heketi container image version
+ required: True
+- name: CLUSTER_NAME
+ displayName: GlusterFS cluster name
+ description: A unique name to identify this heketi service, useful for running multiple heketi instances
+ value: glusterfs
diff --git a/roles/openshift_storage_glusterfs/files/v3.8/gluster-s3-pvcs-template.yml b/roles/openshift_storage_glusterfs/files/v3.8/gluster-s3-pvcs-template.yml
new file mode 100644
index 000000000..064b51473
--- /dev/null
+++ b/roles/openshift_storage_glusterfs/files/v3.8/gluster-s3-pvcs-template.yml
@@ -0,0 +1,67 @@
+---
+kind: Template
+apiVersion: v1
+metadata:
+ name: gluster-s3-pvcs
+ labels:
+ glusterfs: s3-pvcs-template
+ gluster-s3: pvcs-template
+ annotations:
+ description: Gluster S3 service template
+ tags: glusterfs,heketi,gluster-s3
+objects:
+- kind: PersistentVolumeClaim
+ apiVersion: v1
+ metadata:
+ name: "${PVC}"
+ labels:
+ glusterfs: s3-${CLUSTER_NAME}-${S3_ACCOUNT}-storage
+ gluster-s3: ${CLUSTER_NAME}-${S3_ACCOUNT}-pvc
+ annotations:
+ volume.beta.kubernetes.io/storage-class: "glusterfs-${CLUSTER_NAME}"
+ spec:
+ accessModes:
+ - ReadWriteMany
+ resources:
+ requests:
+ storage: "${PVC_SIZE}"
+- kind: PersistentVolumeClaim
+ apiVersion: v1
+ metadata:
+ name: "${META_PVC}"
+ labels:
+ glusterfs: s3-${CLUSTER_NAME}-${S3_ACCOUNT}-storage
+ gluster-s3: ${CLUSTER_NAME}-${S3_ACCOUNT}-meta-pvc
+ annotations:
+ volume.beta.kubernetes.io/storage-class: "glusterfs-${CLUSTER_NAME}"
+ spec:
+ accessModes:
+ - ReadWriteMany
+ resources:
+ requests:
+ storage: "${META_PVC_SIZE}"
+parameters:
+- name: S3_ACCOUNT
+ displayName: S3 Account Name
+ description: S3 storage account which will provide storage on GlusterFS volumes
+ required: true
+- name: PVC
+ displayName: Primary GlusterFS-backed PVC
+ description: GlusterFS-backed PVC for object storage
+ required: true
+- name: PVC_SIZE
+ displayName: Primary GlusterFS-backed PVC capacity
+ description: Capacity for GlusterFS-backed PVC for object storage
+ value: 2Gi
+- name: META_PVC
+ displayName: Metadata GlusterFS-backed PVC
+ description: GlusterFS-backed PVC for object storage metadata
+ required: true
+- name: META_PVC_SIZE
+ displayName: Metadata GlusterFS-backed PVC capacity
+ description: Capacity for GlusterFS-backed PVC for object storage metadata
+ value: 1Gi
+- name: CLUSTER_NAME
+ displayName: GlusterFS cluster name
+ description: A unique name to identify which heketi service manages this cluster, useful for running multiple heketi instances
+ value: storage
diff --git a/roles/openshift_storage_glusterfs/files/v3.8/gluster-s3-template.yml b/roles/openshift_storage_glusterfs/files/v3.8/gluster-s3-template.yml
new file mode 100644
index 000000000..896a1b226
--- /dev/null
+++ b/roles/openshift_storage_glusterfs/files/v3.8/gluster-s3-template.yml
@@ -0,0 +1,140 @@
+---
+kind: Template
+apiVersion: v1
+metadata:
+ name: gluster-s3
+ labels:
+ glusterfs: s3-template
+ gluster-s3: template
+ annotations:
+ description: Gluster S3 service template
+ tags: glusterfs,heketi,gluster-s3
+objects:
+- kind: Service
+ apiVersion: v1
+ metadata:
+ name: gluster-s3-${CLUSTER_NAME}-${S3_ACCOUNT}-service
+ labels:
+ glusterfs: s3-${CLUSTER_NAME}-${S3_ACCOUNT}-service
+ gluster-s3: ${CLUSTER_NAME}-${S3_ACCOUNT}-service
+ spec:
+ ports:
+ - protocol: TCP
+ port: 8080
+ targetPort: 8080
+ selector:
+ glusterfs: s3-pod
+ type: ClusterIP
+ sessionAffinity: None
+ status:
+ loadBalancer: {}
+- kind: Route
+ apiVersion: v1
+ metadata:
+ name: gluster-s3-${CLUSTER_NAME}-${S3_ACCOUNT}-route
+ labels:
+ glusterfs: s3-${CLUSTER_NAME}-${S3_ACCOUNT}-route
+ gluster-s3: ${CLUSTER_NAME}-${S3_ACCOUNT}-route
+ spec:
+ to:
+ kind: Service
+ name: gluster-s3-${CLUSTER_NAME}-${S3_ACCOUNT}-service
+- kind: DeploymentConfig
+ apiVersion: v1
+ metadata:
+ name: gluster-s3-${CLUSTER_NAME}-${S3_ACCOUNT}-dc
+ labels:
+ glusterfs: s3-${CLUSTER_NAME}-${S3_ACCOUNT}-dc
+ gluster-s3: ${CLUSTER_NAME}-${S3_ACCOUNT}-dc
+ annotations:
+ openshift.io/scc: privileged
+ description: Defines how to deploy gluster s3 object storage
+ spec:
+ replicas: 1
+ selector:
+ glusterfs: s3-${CLUSTER_NAME}-${S3_ACCOUNT}-pod
+ template:
+ metadata:
+ name: gluster-${CLUSTER_NAME}-${S3_ACCOUNT}-s3
+ labels:
+ glusterfs: s3-${CLUSTER_NAME}-${S3_ACCOUNT}-pod
+ gluster-s3: ${CLUSTER_NAME}-${S3_ACCOUNT}-pod
+ spec:
+ containers:
+ - name: gluster-s3
+ image: ${IMAGE_NAME}:${IMAGE_VERSION}
+ imagePullPolicy: IfNotPresent
+ ports:
+ - name: gluster
+ containerPort: 8080
+ protocol: TCP
+ env:
+ - name: S3_ACCOUNT
+ value: "${S3_ACCOUNT}"
+ - name: S3_USER
+ value: "${S3_USER}"
+ - name: S3_PASSWORD
+ value: "${S3_PASSWORD}"
+ resources: {}
+ volumeMounts:
+ - name: gluster-vol1
+ mountPath: "/mnt/gluster-object/${S3_ACCOUNT}"
+ - name: gluster-vol2
+ mountPath: "/mnt/gluster-object/gsmetadata"
+ - name: glusterfs-cgroup
+ readOnly: true
+ mountPath: "/sys/fs/cgroup"
+ terminationMessagePath: "/dev/termination-log"
+ securityContext:
+ privileged: true
+ volumes:
+ - name: glusterfs-cgroup
+ hostPath:
+ path: "/sys/fs/cgroup"
+ - name: gluster-vol1
+ persistentVolumeClaim:
+ claimName: ${PVC}
+ - name: gluster-vol2
+ persistentVolumeClaim:
+ claimName: ${META_PVC}
+ restartPolicy: Always
+ terminationGracePeriodSeconds: 30
+ dnsPolicy: ClusterFirst
+ serviceAccountName: default
+ serviceAccount: default
+ securityContext: {}
+parameters:
+- name: IMAGE_NAME
+ displayName: glusterblock provisioner container image name
+ required: True
+- name: IMAGE_VERSION
+ displayName: glusterblock provisioner container image version
+ required: True
+- name: CLUSTER_NAME
+ displayName: GlusterFS cluster name
+ description: A unique name to identify which heketi service manages this cluster, useful for running multiple heketi instances
+ value: storage
+- name: S3_ACCOUNT
+ displayName: S3 Account Name
+ description: S3 storage account which will provide storage on GlusterFS volumes
+ required: true
+- name: S3_USER
+ displayName: S3 User
+ description: S3 user who can access the S3 storage account
+ required: true
+- name: S3_PASSWORD
+ displayName: S3 User Password
+ description: Password for the S3 user
+ required: true
+- name: PVC
+ displayName: Primary GlusterFS-backed PVC
+ description: GlusterFS-backed PVC for object storage
+ value: gluster-s3-claim
+- name: META_PVC
+ displayName: Metadata GlusterFS-backed PVC
+ description: GlusterFS-backed PVC for object storage metadata
+ value: gluster-s3-meta-claim
+- name: CLUSTER_NAME
+ displayName: GlusterFS cluster name
+ description: A unique name to identify which heketi service manages this cluster, useful for running multiple heketi instances
+ value: storage
diff --git a/roles/openshift_storage_glusterfs/files/v3.8/glusterblock-provisioner.yml b/roles/openshift_storage_glusterfs/files/v3.8/glusterblock-provisioner.yml
new file mode 100644
index 000000000..63dd5cce6
--- /dev/null
+++ b/roles/openshift_storage_glusterfs/files/v3.8/glusterblock-provisioner.yml
@@ -0,0 +1,104 @@
+---
+kind: Template
+apiVersion: v1
+metadata:
+ name: glusterblock-provisioner
+ labels:
+ glusterfs: block-template
+ glusterblock: template
+ annotations:
+ description: glusterblock provisioner template
+ tags: glusterfs
+objects:
+- kind: ClusterRole
+ apiVersion: v1
+ metadata:
+ name: glusterblock-provisioner-runner
+ labels:
+ glusterfs: block-provisioner-runner-clusterrole
+ glusterblock: provisioner-runner-clusterrole
+ rules:
+ - apiGroups: [""]
+ resources: ["persistentvolumes"]
+ verbs: ["get", "list", "watch", "create", "delete"]
+ - apiGroups: [""]
+ resources: ["persistentvolumeclaims"]
+ verbs: ["get", "list", "watch", "update"]
+ - apiGroups: ["storage.k8s.io"]
+ resources: ["storageclasses"]
+ verbs: ["get", "list", "watch"]
+ - apiGroups: [""]
+ resources: ["events"]
+ verbs: ["list", "watch", "create", "update", "patch"]
+ - apiGroups: [""]
+ resources: ["services"]
+ verbs: ["get"]
+ - apiGroups: [""]
+ resources: ["secrets"]
+ verbs: ["get", "create", "delete"]
+ - apiGroups: [""]
+ resources: ["routes"]
+ verbs: ["get", "list"]
+- apiVersion: v1
+ kind: ServiceAccount
+ metadata:
+ name: glusterblock-${CLUSTER_NAME}-provisioner
+ labels:
+ glusterfs: block-${CLUSTER_NAME}-provisioner-sa
+ glusterblock: ${CLUSTER_NAME}-provisioner-sa
+- apiVersion: v1
+ kind: ClusterRoleBinding
+ metadata:
+ name: glusterblock-${CLUSTER_NAME}-provisioner
+ roleRef:
+ name: glusterblock-provisioner-runner
+ subjects:
+ - kind: ServiceAccount
+ name: glusterblock-${CLUSTER_NAME}-provisioner
+ namespace: ${NAMESPACE}
+- kind: DeploymentConfig
+ apiVersion: v1
+ metadata:
+ name: glusterblock-${CLUSTER_NAME}-provisioner-dc
+ labels:
+ glusterfs: block-${CLUSTER_NAME}-provisioner-dc
+ glusterblock: ${CLUSTER_NAME}-provisioner-dc
+ annotations:
+ description: Defines how to deploy the glusterblock provisioner pod.
+ spec:
+ replicas: 1
+ selector:
+ glusterfs: block-${CLUSTER_NAME}-provisioner-pod
+ triggers:
+ - type: ConfigChange
+ strategy:
+ type: Recreate
+ template:
+ metadata:
+ name: glusterblock-provisioner
+ labels:
+ glusterfs: block-${CLUSTER_NAME}-provisioner-pod
+ spec:
+ serviceAccountName: glusterblock-${CLUSTER_NAME}-provisioner
+ containers:
+ - name: glusterblock-provisioner
+ image: ${IMAGE_NAME}:${IMAGE_VERSION}
+ imagePullPolicy: IfNotPresent
+ env:
+ - name: PROVISIONER_NAME
+ value: gluster.org/glusterblock
+parameters:
+- name: IMAGE_NAME
+ displayName: glusterblock provisioner container image name
+ required: True
+- name: IMAGE_VERSION
+ displayName: glusterblock provisioner container image version
+ required: True
+- name: NAMESPACE
+ displayName: glusterblock provisioner namespace
+ description: The namespace in which these resources are being created
+ required: True
+- name: CLUSTER_NAME
+ displayName: GlusterFS cluster name
+ description: A unique name to identify which heketi service manages this cluster, useful for running multiple heketi instances
+ value: storage
diff --git a/roles/openshift_storage_glusterfs/files/v3.8/glusterfs-template.yml b/roles/openshift_storage_glusterfs/files/v3.8/glusterfs-template.yml
new file mode 100644
index 000000000..09850a2c2
--- /dev/null
+++ b/roles/openshift_storage_glusterfs/files/v3.8/glusterfs-template.yml
@@ -0,0 +1,154 @@
+---
+kind: Template
+apiVersion: v1
+metadata:
+ name: glusterfs
+ labels:
+ glusterfs: template
+ annotations:
+ description: GlusterFS DaemonSet template
+ tags: glusterfs
+objects:
+- kind: DaemonSet
+ apiVersion: extensions/v1beta1
+ metadata:
+ name: glusterfs-${CLUSTER_NAME}
+ labels:
+ glusterfs: ${CLUSTER_NAME}-daemonset
+ annotations:
+ description: GlusterFS DaemonSet
+ tags: glusterfs
+ spec:
+ selector:
+ matchLabels:
+ glusterfs: ${CLUSTER_NAME}-pod
+ template:
+ metadata:
+ name: glusterfs-${CLUSTER_NAME}
+ labels:
+ glusterfs: ${CLUSTER_NAME}-pod
+ glusterfs-node: pod
+ spec:
+ nodeSelector: "${{NODE_LABELS}}"
+ hostNetwork: true
+ containers:
+ - name: glusterfs
+ image: ${IMAGE_NAME}:${IMAGE_VERSION}
+ imagePullPolicy: IfNotPresent
+ env:
+ - name: GB_GLFS_LRU_COUNT
+ value: "${GB_GLFS_LRU_COUNT}"
+ - name: TCMU_LOGDIR
+ value: "${TCMU_LOGDIR}"
+ resources:
+ requests:
+ memory: 100Mi
+ cpu: 100m
+ volumeMounts:
+ - name: glusterfs-heketi
+ mountPath: "/var/lib/heketi"
+ - name: glusterfs-run
+ mountPath: "/run"
+ - name: glusterfs-lvm
+ mountPath: "/run/lvm"
+ - name: glusterfs-etc
+ mountPath: "/etc/glusterfs"
+ - name: glusterfs-logs
+ mountPath: "/var/log/glusterfs"
+ - name: glusterfs-config
+ mountPath: "/var/lib/glusterd"
+ - name: glusterfs-dev
+ mountPath: "/dev"
+ - name: glusterfs-misc
+ mountPath: "/var/lib/misc/glusterfsd"
+ - name: glusterfs-cgroup
+ mountPath: "/sys/fs/cgroup"
+ readOnly: true
+ - name: glusterfs-ssl
+ mountPath: "/etc/ssl"
+ readOnly: true
+ securityContext:
+ capabilities: {}
+ privileged: true
+ readinessProbe:
+ timeoutSeconds: 3
+ initialDelaySeconds: 40
+ exec:
+ command:
+ - "/bin/bash"
+ - "-c"
+ - systemctl status glusterd.service
+ periodSeconds: 25
+ successThreshold: 1
+ failureThreshold: 15
+ livenessProbe:
+ timeoutSeconds: 3
+ initialDelaySeconds: 40
+ exec:
+ command:
+ - "/bin/bash"
+ - "-c"
+ - systemctl status glusterd.service
+ periodSeconds: 25
+ successThreshold: 1
+ failureThreshold: 15
+ terminationMessagePath: "/dev/termination-log"
+ volumes:
+ - name: glusterfs-heketi
+ hostPath:
+ path: "/var/lib/heketi"
+ - name: glusterfs-run
+ emptyDir: {}
+ - name: glusterfs-lvm
+ hostPath:
+ path: "/run/lvm"
+ - name: glusterfs-etc
+ hostPath:
+ path: "/etc/glusterfs"
+ - name: glusterfs-logs
+ hostPath:
+ path: "/var/log/glusterfs"
+ - name: glusterfs-config
+ hostPath:
+ path: "/var/lib/glusterd"
+ - name: glusterfs-dev
+ hostPath:
+ path: "/dev"
+ - name: glusterfs-misc
+ hostPath:
+ path: "/var/lib/misc/glusterfsd"
+ - name: glusterfs-cgroup
+ hostPath:
+ path: "/sys/fs/cgroup"
+ - name: glusterfs-ssl
+ hostPath:
+ path: "/etc/ssl"
+ restartPolicy: Always
+ terminationGracePeriodSeconds: 30
+ dnsPolicy: ClusterFirst
+ securityContext: {}
+parameters:
+- name: NODE_LABELS
+ displayName: Daemonset Node Labels
+ description: Labels which define the daemonset node selector. Must contain at least one label of the format \'glusterfs=<CLUSTER_NAME>-host\'
+ value: '{ "glusterfs": "storage-host" }'
+- name: IMAGE_NAME
+ displayName: GlusterFS container image name
+ required: True
+- name: IMAGE_VERSION
+ displayName: GlusterFS container image version
+ required: True
+- name: CLUSTER_NAME
+ displayName: GlusterFS cluster name
+ description: A unique name to identify which heketi service manages this cluster, useful for running multiple heketi instances
+ value: storage
+- name: GB_GLFS_LRU_COUNT
+ displayName: Maximum number of block hosting volumes
+ description: This value is to set maximum number of block hosting volumes.
+ value: "15"
+ required: true
+- name: TCMU_LOGDIR
+ displayName: Tcmu runner log directory
+ description: This value is to set tcmu runner log directory
+ value: "/var/log/glusterfs/gluster-block"
+ required: true
diff --git a/roles/openshift_storage_glusterfs/files/v3.8/heketi-template.yml b/roles/openshift_storage_glusterfs/files/v3.8/heketi-template.yml
new file mode 100644
index 000000000..28cdb2982
--- /dev/null
+++ b/roles/openshift_storage_glusterfs/files/v3.8/heketi-template.yml
@@ -0,0 +1,136 @@
+---
+kind: Template
+apiVersion: v1
+metadata:
+ name: heketi
+ labels:
+ glusterfs: heketi-template
+ annotations:
+ description: Heketi service deployment template
+ tags: glusterfs,heketi
+objects:
+- kind: Service
+ apiVersion: v1
+ metadata:
+ name: heketi-${CLUSTER_NAME}
+ labels:
+ glusterfs: heketi-${CLUSTER_NAME}-service
+ heketi: ${CLUSTER_NAME}-service
+ annotations:
+ description: Exposes Heketi service
+ spec:
+ ports:
+ - name: heketi
+ port: 8080
+ targetPort: 8080
+ selector:
+ glusterfs: heketi-${CLUSTER_NAME}-pod
+- kind: Route
+ apiVersion: v1
+ metadata:
+ name: ${HEKETI_ROUTE}
+ labels:
+ glusterfs: heketi-${CLUSTER_NAME}-route
+ heketi: ${CLUSTER_NAME}-route
+ spec:
+ to:
+ kind: Service
+ name: heketi-${CLUSTER_NAME}
+- kind: DeploymentConfig
+ apiVersion: v1
+ metadata:
+ name: heketi-${CLUSTER_NAME}
+ labels:
+ glusterfs: heketi-${CLUSTER_NAME}-dc
+ heketi: ${CLUSTER_NAME}-dc
+ annotations:
+ description: Defines how to deploy Heketi
+ spec:
+ replicas: 1
+ selector:
+ glusterfs: heketi-${CLUSTER_NAME}-pod
+ triggers:
+ - type: ConfigChange
+ strategy:
+ type: Recreate
+ template:
+ metadata:
+ name: heketi-${CLUSTER_NAME}
+ labels:
+ glusterfs: heketi-${CLUSTER_NAME}-pod
+ heketi: ${CLUSTER_NAME}-pod
+ spec:
+ serviceAccountName: heketi-${CLUSTER_NAME}-service-account
+ containers:
+ - name: heketi
+ image: ${IMAGE_NAME}:${IMAGE_VERSION}
+ imagePullPolicy: IfNotPresent
+ env:
+ - name: HEKETI_USER_KEY
+ value: ${HEKETI_USER_KEY}
+ - name: HEKETI_ADMIN_KEY
+ value: ${HEKETI_ADMIN_KEY}
+ - name: HEKETI_EXECUTOR
+ value: ${HEKETI_EXECUTOR}
+ - name: HEKETI_FSTAB
+ value: ${HEKETI_FSTAB}
+ - name: HEKETI_SNAPSHOT_LIMIT
+ value: '14'
+ - name: HEKETI_KUBE_GLUSTER_DAEMONSET
+ value: '1'
+ ports:
+ - containerPort: 8080
+ volumeMounts:
+ - name: db
+ mountPath: /var/lib/heketi
+ - name: config
+ mountPath: /etc/heketi
+ readinessProbe:
+ timeoutSeconds: 3
+ initialDelaySeconds: 3
+ httpGet:
+ path: /hello
+ port: 8080
+ livenessProbe:
+ timeoutSeconds: 3
+ initialDelaySeconds: 30
+ httpGet:
+ path: /hello
+ port: 8080
+ volumes:
+ - name: db
+ glusterfs:
+ endpoints: heketi-db-${CLUSTER_NAME}-endpoints
+ path: heketidbstorage
+ - name: config
+ secret:
+ secretName: heketi-${CLUSTER_NAME}-config-secret
+parameters:
+- name: HEKETI_USER_KEY
+ displayName: Heketi User Secret
+ description: Set secret for those creating volumes as type _user_
+- name: HEKETI_ADMIN_KEY
+ displayName: Heketi Administrator Secret
+ description: Set secret for administration of the Heketi service as user _admin_
+- name: HEKETI_EXECUTOR
+ displayName: heketi executor type
+ description: Set the executor type, kubernetes or ssh
+ value: kubernetes
+- name: HEKETI_FSTAB
+ displayName: heketi fstab path
+ description: Set the fstab path, file that is populated with bricks that heketi creates
+ value: /var/lib/heketi/fstab
+- name: HEKETI_ROUTE
+ displayName: heketi route name
+ description: Set the hostname for the route URL
+ value: "heketi-glusterfs"
+- name: IMAGE_NAME
+ displayName: heketi container image name
+ required: True
+- name: IMAGE_VERSION
+ displayName: heketi container image version
+ required: True
+- name: CLUSTER_NAME
+ displayName: GlusterFS cluster name
+ description: A unique name to identify this heketi service, useful for running multiple heketi instances
+ value: glusterfs
diff --git a/roles/openshift_storage_glusterfs/meta/main.yml b/roles/openshift_storage_glusterfs/meta/main.yml
index 0cdd33880..aa20245d5 100644
--- a/roles/openshift_storage_glusterfs/meta/main.yml
+++ b/roles/openshift_storage_glusterfs/meta/main.yml
@@ -10,6 +10,6 @@ galaxy_info:
versions:
- 7
dependencies:
-- role: openshift_hosted_facts
+- role: openshift_facts
- role: lib_openshift
-- role: lib_os_firewall
+- role: lib_utils
diff --git a/roles/openshift_storage_glusterfs/tasks/gluster_s3_deploy.yml b/roles/openshift_storage_glusterfs/tasks/gluster_s3_deploy.yml
new file mode 100644
index 000000000..5b4c16740
--- /dev/null
+++ b/roles/openshift_storage_glusterfs/tasks/gluster_s3_deploy.yml
@@ -0,0 +1,113 @@
+---
+- name: Delete pre-existing gluster-s3 resources
+ oc_obj:
+ namespace: "{{ glusterfs_namespace }}"
+ kind: "{{ item.kind }}"
+ name: "{{ item.name | default(omit) }}"
+ selector: "{{ item.selector | default(omit) }}"
+ state: absent
+ with_items:
+ - kind: "all,svc,deploy,secret,sc,pvc"
+ selector: "gluster-s3"
+ failed_when: False
+ when: glusterfs_wipe
+
+- name: Wait for gluster-s3 pods to terminate
+ oc_obj:
+ namespace: "{{ glusterfs_namespace }}"
+ kind: pod
+ state: list
+ selector: "glusterfs=s3-{{ glusterfs_name }}-provisioner-pod"
+ register: gluster_s3_pod
+ until: "gluster_s3_pod.results.results[0]['items'] | count == 0"
+ delay: 10
+ retries: "{{ (glusterfs_timeout | int / 10) | int }}"
+ when: glusterfs_wipe
+
+- name: Copy gluster-s3 PVCs template file
+ copy:
+ src: "{{ openshift.common.examples_content_version }}/{{ item }}"
+ dest: "{{ mktemp.stdout }}/{{ item }}"
+ with_items:
+ - "gluster-s3-pvcs-template.yml"
+
+- name: Create gluster-s3 PVCs template
+ oc_obj:
+ namespace: "{{ glusterfs_namespace }}"
+ kind: template
+ name: "gluster-s3-pvcs"
+ state: present
+ files:
+ - "{{ mktemp.stdout }}/gluster-s3-pvcs-template.yml"
+
+- name: Create gluster-s3 PVCs
+ oc_process:
+ namespace: "{{ glusterfs_namespace }}"
+ template_name: "gluster-s3-pvcs"
+ create: True
+ params:
+ S3_ACCOUNT: "{{ glusterfs_s3_account }}"
+ PVC: "{{ glusterfs_s3_pvc }}"
+ PVC_SIZE: "{{ glusterfs_s3_pvc_size }}"
+ META_PVC: "{{ glusterfs_s3_meta_pvc }}"
+ META_PVC_SIZE: "{{ glusterfs_s3_meta_pvc_size }}"
+ CLUSTER_NAME: "{{ glusterfs_name }}"
+
+- name: Wait for gluster-s3 PVCs
+ oc_obj:
+ namespace: "{{ glusterfs_namespace }}"
+ kind: pvc
+ state: list
+ selector: "glusterfs=s3-{{ glusterfs_name }}-{{ glusterfs_s3_account }}-storage"
+ register: gluster_s3_pvcs
+ until:
+ - "gluster_s3_pvcs.results.results[0]['items'] | count > 0"
+ # Pod's 'Bound' status must be True
+ - "gluster_s3_pvcs.results.results[0]['items'] | lib_utils_oo_collect(attribute='status.conditions') | lib_utils_oo_collect(attribute='status', filters={'type': 'Bound'}) | map('bool') | select | list | count == 2"
+ delay: 10
+ retries: "{{ (glusterfs_timeout | int / 10) | int }}"
+
+- name: Copy gluster-s3 template file
+ copy:
+ src: "{{ openshift.common.examples_content_version }}/{{ item }}"
+ dest: "{{ mktemp.stdout }}/{{ item }}"
+ with_items:
+ - "gluster-s3-template.yml"
+
+- name: Create gluster-s3 template
+ oc_obj:
+ namespace: "{{ glusterfs_namespace }}"
+ kind: template
+ name: "gluster-s3"
+ state: present
+ files:
+ - "{{ mktemp.stdout }}/gluster-s3-template.yml"
+
+- name: Deploy gluster-s3 service
+ oc_process:
+ namespace: "{{ glusterfs_namespace }}"
+ template_name: "gluster-s3"
+ create: True
+ params:
+ IMAGE_NAME: "{{ glusterfs_s3_image }}"
+ IMAGE_VERSION: "{{ glusterfs_s3_version }}"
+ S3_ACCOUNT: "{{ glusterfs_s3_account }}"
+ S3_USER: "{{ glusterfs_s3_user }}"
+ S3_PASSWORD: "{{ glusterfs_s3_password }}"
+ PVC: "{{ glusterfs_s3_pvc }}"
+ META_PVC: "{{ glusterfs_s3_meta_pvc }}"
+ CLUSTER_NAME: "{{ glusterfs_name }}"
+
+- name: Wait for gluster-s3 pod
+ oc_obj:
+ namespace: "{{ glusterfs_namespace }}"
+ kind: pod
+ state: list
+ selector: "glusterfs=s3-{{ glusterfs_name }}-{{ glusterfs_s3_account }}-pod"
+ register: gluster_s3_pod
+ until:
+ - "gluster_s3_pod.results.results[0]['items'] | count > 0"
+ # Pod's 'Ready' status must be True
+ - "gluster_s3_pod.results.results[0]['items'] | lib_utils_oo_collect(attribute='status.conditions') | lib_utils_oo_collect(attribute='status', filters={'type': 'Ready'}) | map('bool') | select | list | count == 1"
+ delay: 10
+ retries: "{{ (glusterfs_timeout | int / 10) | int }}"
diff --git a/roles/openshift_storage_glusterfs/tasks/glusterblock_deploy.yml b/roles/openshift_storage_glusterfs/tasks/glusterblock_deploy.yml
new file mode 100644
index 000000000..e5dcdcab7
--- /dev/null
+++ b/roles/openshift_storage_glusterfs/tasks/glusterblock_deploy.yml
@@ -0,0 +1,66 @@
+---
+- name: Delete pre-existing glusterblock provisioner resources
+ oc_obj:
+ namespace: "{{ glusterfs_namespace }}"
+ kind: "{{ item.kind }}"
+ name: "{{ item.name | default(omit) }}"
+ selector: "{{ item.selector | default(omit) }}"
+ state: absent
+ with_items:
+ - kind: "all,deploy,sa,clusterrole,clusterrolebinding"
+ selector: "glusterblock"
+ failed_when: False
+ when: glusterfs_wipe
+
+- name: Wait for glusterblock provisioner pods to terminate
+ oc_obj:
+ namespace: "{{ glusterfs_namespace }}"
+ kind: pod
+ state: list
+ selector: "glusterfs=block-{{ glusterfs_name }}-provisioner-pod"
+ register: glusterblock_pod
+ until: "glusterblock_pod.results.results[0]['items'] | count == 0"
+ delay: 10
+ retries: "{{ (glusterfs_timeout | int / 10) | int }}"
+ when: glusterfs_wipe
+
+- name: Copy initial glusterblock provisioner resource file
+ copy:
+ src: "{{ openshift.common.examples_content_version }}/{{ item }}"
+ dest: "{{ mktemp.stdout }}/{{ item }}"
+ with_items:
+ - "glusterblock-provisioner.yml"
+
+- name: Create glusterblock provisioner template
+ oc_obj:
+ namespace: "{{ glusterfs_namespace }}"
+ kind: template
+ name: "glusterblock-provisioner"
+ state: present
+ files:
+ - "{{ mktemp.stdout }}/glusterblock-provisioner.yml"
+
+- name: Deploy glusterblock provisioner
+ oc_process:
+ namespace: "{{ glusterfs_namespace }}"
+ template_name: "glusterblock-provisioner"
+ create: True
+ params:
+ IMAGE_NAME: "{{ glusterfs_block_image }}"
+ IMAGE_VERSION: "{{ glusterfs_block_version }}"
+ NAMESPACE: "{{ glusterfs_namespace }}"
+ CLUSTER_NAME: "{{ glusterfs_name }}"
+
+- name: Wait for glusterblock provisioner pod
+ oc_obj:
+ namespace: "{{ glusterfs_namespace }}"
+ kind: pod
+ state: list
+ selector: "glusterfs=block-{{ glusterfs_name }}-provisioner-pod"
+ register: glusterblock_pod
+ until:
+ - "glusterblock_pod.results.results[0]['items'] | count > 0"
+ # Pod's 'Ready' status must be True
+ - "glusterblock_pod.results.results[0]['items'] | lib_utils_oo_collect(attribute='status.conditions') | lib_utils_oo_collect(attribute='status', filters={'type': 'Ready'}) | map('bool') | select | list | count == 1"
+ delay: 10
+ retries: "{{ (glusterfs_timeout | int / 10) | int }}"
diff --git a/roles/openshift_storage_glusterfs/tasks/glusterfs_common.yml b/roles/openshift_storage_glusterfs/tasks/glusterfs_common.yml
index 51724f979..9307cb957 100644
--- a/roles/openshift_storage_glusterfs/tasks/glusterfs_common.yml
+++ b/roles/openshift_storage_glusterfs/tasks/glusterfs_common.yml
@@ -4,6 +4,8 @@
when:
- not openshift.common.is_atomic | bool
- not glusterfs_heketi_is_native | bool
+ register: result
+ until: result is succeeded
- name: Verify heketi-cli is installed
shell: "command -v {{ glusterfs_heketi_cli }} >/dev/null 2>&1 || { echo >&2 'ERROR: Make sure heketi-cli is available, then re-run the installer'; exit 1; }"
@@ -80,7 +82,7 @@
retries: "{{ (glusterfs_timeout | int / 10) | int }}"
when: glusterfs_heketi_wipe
-- include: glusterfs_deploy.yml
+- include_tasks: glusterfs_deploy.yml
when: glusterfs_is_native
- name: Create heketi service account
@@ -124,7 +126,7 @@
- "glusterfs_heketi_is_native"
- "deploy_heketi_pod.results.results[0]['items'] | count > 0"
# deploy-heketi is not missing when there are one or more pods with matching labels whose 'Ready' status is True
- - "deploy_heketi_pod.results.results[0]['items'] | oo_collect(attribute='status.conditions') | oo_collect(attribute='status', filters={'type': 'Ready'}) | map('bool') | select | list | count > 0"
+ - "deploy_heketi_pod.results.results[0]['items'] | lib_utils_oo_collect(attribute='status.conditions') | lib_utils_oo_collect(attribute='status', filters={'type': 'Ready'}) | map('bool') | select | list | count > 0"
- name: Check for existing heketi pod
oc_obj:
@@ -142,7 +144,7 @@
- "glusterfs_heketi_is_native"
- "heketi_pod.results.results[0]['items'] | count > 0"
# heketi is not missing when there are one or more pods with matching labels whose 'Ready' status is True
- - "heketi_pod.results.results[0]['items'] | oo_collect(attribute='status.conditions') | oo_collect(attribute='status', filters={'type': 'Ready'}) | map('bool') | select | list | count > 0"
+ - "heketi_pod.results.results[0]['items'] | lib_utils_oo_collect(attribute='status.conditions') | lib_utils_oo_collect(attribute='status', filters={'type': 'Ready'}) | map('bool') | select | list | count > 0"
- name: Generate topology file
template:
@@ -175,14 +177,14 @@
- name: Generate heketi admin key
set_fact:
- glusterfs_heketi_admin_key: "{{ 32 | oo_generate_secret }}"
+ glusterfs_heketi_admin_key: "{{ 32 | lib_utils_oo_generate_secret }}"
when:
- glusterfs_heketi_is_native
- glusterfs_heketi_admin_key is undefined
- name: Generate heketi user key
set_fact:
- glusterfs_heketi_user_key: "{{ 32 | oo_generate_secret }}"
+ glusterfs_heketi_user_key: "{{ 32 | lib_utils_oo_generate_secret }}"
until: "glusterfs_heketi_user_key != glusterfs_heketi_admin_key"
delay: 1
retries: 10
@@ -210,7 +212,7 @@
when:
- glusterfs_heketi_is_native
-- include: heketi_deploy_part1.yml
+- include_tasks: heketi_deploy_part1.yml
when:
- glusterfs_heketi_is_native
- glusterfs_heketi_deploy_is_missing
@@ -226,7 +228,7 @@
until:
- "deploy_heketi_pod.results.results[0]['items'] | count > 0"
# Pod's 'Ready' status must be True
- - "deploy_heketi_pod.results.results[0]['items'] | oo_collect(attribute='status.conditions') | oo_collect(attribute='status', filters={'type': 'Ready'}) | map('bool') | select | list | count == 1"
+ - "deploy_heketi_pod.results.results[0]['items'] | lib_utils_oo_collect(attribute='status.conditions') | lib_utils_oo_collect(attribute='status', filters={'type': 'Ready'}) | map('bool') | select | list | count == 1"
delay: 10
retries: "{{ (glusterfs_timeout | int / 10) | int }}"
when:
@@ -254,56 +256,64 @@
when:
- glusterfs_heketi_topology_load
-- include: heketi_deploy_part2.yml
+- include_tasks: heketi_deploy_part2.yml
when:
- glusterfs_heketi_is_native
- glusterfs_heketi_is_missing
-- name: Create heketi secret
- oc_secret:
- namespace: "{{ glusterfs_namespace }}"
- state: present
- name: "heketi-{{ glusterfs_name }}-admin-secret"
- type: "kubernetes.io/glusterfs"
- force: True
- contents:
- - path: key
- data: "{{ glusterfs_heketi_admin_key }}"
- when:
- - glusterfs_storageclass
- - glusterfs_heketi_admin_key is defined
-
-- name: Get heketi route
- oc_obj:
- namespace: "{{ glusterfs_namespace }}"
- kind: route
- state: list
- name: "heketi-{{ glusterfs_name }}"
- register: heketi_route
- when:
- - glusterfs_storageclass
- - glusterfs_heketi_is_native
-
-- name: Determine StorageClass heketi URL
+- name: Check if gluster-s3 can't be deployed
set_fact:
- glusterfs_heketi_route: "{{ heketi_route.results.results[0]['spec']['host'] }}"
+ glusterfs_s3_deploy: False
when:
- - glusterfs_storageclass
- - glusterfs_heketi_is_native
-
-- name: Generate GlusterFS StorageClass file
- template:
- src: "{{ openshift.common.examples_content_version }}/glusterfs-storageclass.yml.j2"
- dest: "{{ mktemp.stdout }}/glusterfs-storageclass.yml"
+ - "glusterfs_s3_account is not defined or glusterfs_s3_user is not defined or glusterfs_s3_password is not defined"
+
+- block:
+ - name: Create heketi secret
+ oc_secret:
+ namespace: "{{ glusterfs_namespace }}"
+ state: present
+ name: "heketi-{{ glusterfs_name }}-admin-secret"
+ type: "kubernetes.io/glusterfs"
+ force: True
+ contents:
+ - path: key
+ data: "{{ glusterfs_heketi_admin_key }}"
+ when:
+ - glusterfs_heketi_admin_key is defined
+
+ - name: Get heketi route
+ oc_obj:
+ namespace: "{{ glusterfs_namespace }}"
+ kind: route
+ state: list
+ name: "heketi-{{ glusterfs_name }}"
+ register: heketi_route
+ when:
+ - glusterfs_heketi_is_native
+
+ - name: Determine StorageClass heketi URL
+ set_fact:
+ glusterfs_heketi_route: "{{ heketi_route.results.results[0]['spec']['host'] }}"
+ when:
+ - glusterfs_heketi_is_native
+
+ - name: Generate GlusterFS StorageClass file
+ template:
+ src: "{{ openshift.common.examples_content_version }}/glusterfs-storageclass.yml.j2"
+ dest: "{{ mktemp.stdout }}/glusterfs-storageclass.yml"
+
+ - name: Create GlusterFS StorageClass
+ oc_obj:
+ state: present
+ kind: storageclass
+ name: "glusterfs-{{ glusterfs_name }}"
+ files:
+ - "{{ mktemp.stdout }}/glusterfs-storageclass.yml"
when:
- - glusterfs_storageclass
+ - glusterfs_storageclass or glusterfs_s3_deploy
-- name: Create GlusterFS StorageClass
- oc_obj:
- state: present
- kind: storageclass
- name: "glusterfs-{{ glusterfs_name }}"
- files:
- - "{{ mktemp.stdout }}/glusterfs-storageclass.yml"
- when:
- - glusterfs_storageclass
+- include_tasks: glusterblock_deploy.yml
+ when: glusterfs_block_deploy
+
+- include_tasks: gluster_s3_deploy.yml
+ when: glusterfs_s3_deploy
diff --git a/roles/openshift_storage_glusterfs/tasks/glusterfs_config.yml b/roles/openshift_storage_glusterfs/tasks/glusterfs_config.yml
index 012c722ff..2ea7286f3 100644
--- a/roles/openshift_storage_glusterfs/tasks/glusterfs_config.yml
+++ b/roles/openshift_storage_glusterfs/tasks/glusterfs_config.yml
@@ -7,8 +7,25 @@
glusterfs_nodeselector: "{{ openshift_storage_glusterfs_nodeselector | default(['storagenode', openshift_storage_glusterfs_name] | join('=')) | map_from_pairs }}"
glusterfs_use_default_selector: "{{ openshift_storage_glusterfs_use_default_selector }}"
glusterfs_storageclass: "{{ openshift_storage_glusterfs_storageclass }}"
+ glusterfs_storageclass_default: "{{ openshift_storage_glusterfs_storageclass_default | bool }}"
glusterfs_image: "{{ openshift_storage_glusterfs_image }}"
glusterfs_version: "{{ openshift_storage_glusterfs_version }}"
+ glusterfs_block_deploy: "{{ openshift_storage_glusterfs_block_deploy | bool }}"
+ glusterfs_block_image: "{{ openshift_storage_glusterfs_block_image }}"
+ glusterfs_block_version: "{{ openshift_storage_glusterfs_block_version }}"
+ glusterfs_block_host_vol_create: "{{ openshift_storage_glusterfs_block_host_vol_create }}"
+ glusterfs_block_host_vol_size: "{{ openshift_storage_glusterfs_block_host_vol_size }}"
+ glusterfs_block_host_vol_max: "{{ openshift_storage_glusterfs_block_host_vol_max }}"
+ glusterfs_s3_deploy: "{{ openshift_storage_glusterfs_s3_deploy | bool }}"
+ glusterfs_s3_image: "{{ openshift_storage_glusterfs_s3_image }}"
+ glusterfs_s3_version: "{{ openshift_storage_glusterfs_s3_version }}"
+ glusterfs_s3_account: "{{ openshift_storage_glusterfs_s3_account }}"
+ glusterfs_s3_user: "{{ openshift_storage_glusterfs_s3_user }}"
+ glusterfs_s3_password: "{{ openshift_storage_glusterfs_s3_password }}"
+ glusterfs_s3_pvc: "{{ openshift_storage_glusterfs_s3_pvc }}"
+ glusterfs_s3_pvc_size: "{{ openshift_storage_glusterfs_s3_pvc_size }}"
+ glusterfs_s3_meta_pvc: "{{ openshift_storage_glusterfs_s3_meta_pvc }}"
+ glusterfs_s3_meta_pvc_size: "{{ openshift_storage_glusterfs_s3_meta_pvc_size }}"
glusterfs_wipe: "{{ openshift_storage_glusterfs_wipe | bool }}"
glusterfs_heketi_is_native: "{{ openshift_storage_glusterfs_heketi_is_native | bool }}"
glusterfs_heketi_is_missing: "{{ openshift_storage_glusterfs_heketi_is_missing | bool }}"
@@ -27,6 +44,7 @@
glusterfs_heketi_ssh_user: "{{ openshift_storage_glusterfs_heketi_ssh_user }}"
glusterfs_heketi_ssh_sudo: "{{ openshift_storage_glusterfs_heketi_ssh_sudo | bool }}"
glusterfs_heketi_ssh_keyfile: "{{ openshift_storage_glusterfs_heketi_ssh_keyfile }}"
- glusterfs_nodes: "{{ groups.glusterfs }}"
+ glusterfs_heketi_fstab: "{{ openshift_storage_glusterfs_heketi_fstab }}"
+ glusterfs_nodes: "{{ groups.glusterfs | default([]) }}"
-- include: glusterfs_common.yml
+- include_tasks: glusterfs_common.yml
diff --git a/roles/openshift_storage_glusterfs/tasks/glusterfs_deploy.yml b/roles/openshift_storage_glusterfs/tasks/glusterfs_deploy.yml
index 932d06038..4cc82f1ad 100644
--- a/roles/openshift_storage_glusterfs/tasks/glusterfs_deploy.yml
+++ b/roles/openshift_storage_glusterfs/tasks/glusterfs_deploy.yml
@@ -21,9 +21,9 @@
name: "{{ hostvars[item].openshift.node.nodename }}"
kind: node
state: absent
- labels: "{{ glusterfs_nodeselector | oo_dict_to_list_of_dict }}"
+ labels: "{{ glusterfs_nodeselector | lib_utils_oo_dict_to_list_of_dict }}"
with_items: "{{ groups.all }}"
- when: glusterfs_wipe
+ when: "'openshift' in hostvars[item] and glusterfs_wipe"
- name: Delete pre-existing GlusterFS config
file:
@@ -60,7 +60,7 @@
name: "{{ hostvars[item].openshift.node.nodename }}"
kind: node
state: add
- labels: "{{ glusterfs_nodeselector | oo_dict_to_list_of_dict }}"
+ labels: "{{ glusterfs_nodeselector | lib_utils_oo_dict_to_list_of_dict }}"
with_items: "{{ glusterfs_nodes | default([]) }}"
- name: Copy GlusterFS DaemonSet template
@@ -77,6 +77,14 @@
files:
- "{{ mktemp.stdout }}/glusterfs-template.yml"
+- name: Check GlusterFS DaemonSet status
+ oc_obj:
+ namespace: "{{ glusterfs_namespace }}"
+ kind: daemonset
+ name: glusterfs-{{ glusterfs_name }}
+ state: list
+ register: glusterfs_ds
+
- name: Deploy GlusterFS pods
oc_process:
namespace: "{{ glusterfs_namespace }}"
@@ -87,6 +95,9 @@
IMAGE_VERSION: "{{ glusterfs_version }}"
NODE_LABELS: "{{ glusterfs_nodeselector }}"
CLUSTER_NAME: "{{ glusterfs_name }}"
+ GB_GLFS_LRU_COUNT: "{{ glusterfs_block_host_vol_max }}"
+ when: (glusterfs_ds.results.results[0].status is not defined) or
+ (glusterfs_ds.results.results[0].status.numberReady | default(0) < glusterfs_ds.results.results[0].status.desiredNumberScheduled | default(glusterfs_nodes | count))
- name: Wait for GlusterFS pods
oc_obj:
@@ -98,6 +109,6 @@
until:
- "glusterfs_pods.results.results[0]['items'] | count > 0"
# There must be as many pods with 'Ready' staus True as there are nodes expecting those pods
- - "glusterfs_pods.results.results[0]['items'] | oo_collect(attribute='status.conditions') | oo_collect(attribute='status', filters={'type': 'Ready'}) | map('bool') | select | list | count == glusterfs_nodes | count"
+ - "glusterfs_pods.results.results[0]['items'] | lib_utils_oo_collect(attribute='status.conditions') | lib_utils_oo_collect(attribute='status', filters={'type': 'Ready'}) | map('bool') | select | list | count == glusterfs_nodes | count"
delay: 10
retries: "{{ (glusterfs_timeout | int / 10) | int }}"
diff --git a/roles/openshift_storage_glusterfs/tasks/glusterfs_registry.yml b/roles/openshift_storage_glusterfs/tasks/glusterfs_registry.yml
index 1bcab8e49..b7cff6514 100644
--- a/roles/openshift_storage_glusterfs/tasks/glusterfs_registry.yml
+++ b/roles/openshift_storage_glusterfs/tasks/glusterfs_registry.yml
@@ -7,8 +7,25 @@
glusterfs_nodeselector: "{{ openshift_storage_glusterfs_registry_nodeselector | default(['storagenode', openshift_storage_glusterfs_registry_name] | join('=')) | map_from_pairs }}"
glusterfs_use_default_selector: "{{ openshift_storage_glusterfs_registry_use_default_selector }}"
glusterfs_storageclass: "{{ openshift_storage_glusterfs_registry_storageclass }}"
+ glusterfs_storageclass_default: "{{ openshift_storage_glusterfs_registry_storageclass_default | bool }}"
glusterfs_image: "{{ openshift_storage_glusterfs_registry_image }}"
glusterfs_version: "{{ openshift_storage_glusterfs_registry_version }}"
+ glusterfs_block_deploy: "{{ openshift_storage_glusterfs_registry_block_deploy | bool }}"
+ glusterfs_block_image: "{{ openshift_storage_glusterfs_registry_block_image }}"
+ glusterfs_block_version: "{{ openshift_storage_glusterfs_registry_block_version }}"
+ glusterfs_block_host_vol_create: "{{ openshift_storage_glusterfs_registry_block_host_vol_create }}"
+ glusterfs_block_host_vol_size: "{{ openshift_storage_glusterfs_registry_block_host_vol_size }}"
+ glusterfs_block_host_vol_max: "{{ openshift_storage_glusterfs_registry_block_host_vol_max }}"
+ glusterfs_s3_deploy: "{{ openshift_storage_glusterfs_registry_s3_deploy | bool }}"
+ glusterfs_s3_image: "{{ openshift_storage_glusterfs_registry_s3_image }}"
+ glusterfs_s3_version: "{{ openshift_storage_glusterfs_registry_s3_version }}"
+ glusterfs_s3_account: "{{ openshift_storage_glusterfs_registry_s3_account }}"
+ glusterfs_s3_user: "{{ openshift_storage_glusterfs_registry_s3_user }}"
+ glusterfs_s3_password: "{{ openshift_storage_glusterfs_registry_s3_password }}"
+ glusterfs_s3_pvc: "{{ openshift_storage_glusterfs_registry_s3_pvc }}"
+ glusterfs_s3_pvc_size: "{{ openshift_storage_glusterfs_registry_s3_pvc_size }}"
+ glusterfs_s3_meta_pvc: "{{ openshift_storage_glusterfs_registry_s3_meta_pvc }}"
+ glusterfs_s3_meta_pvc_size: "{{ openshift_storage_glusterfs_registry_s3_meta_pvc_size }}"
glusterfs_wipe: "{{ openshift_storage_glusterfs_registry_wipe | bool }}"
glusterfs_heketi_is_native: "{{ openshift_storage_glusterfs_registry_heketi_is_native | bool }}"
glusterfs_heketi_is_missing: "{{ openshift_storage_glusterfs_registry_heketi_is_missing | bool }}"
@@ -27,56 +44,18 @@
glusterfs_heketi_ssh_user: "{{ openshift_storage_glusterfs_registry_heketi_ssh_user }}"
glusterfs_heketi_ssh_sudo: "{{ openshift_storage_glusterfs_registry_heketi_ssh_sudo | bool }}"
glusterfs_heketi_ssh_keyfile: "{{ openshift_storage_glusterfs_registry_heketi_ssh_keyfile }}"
- glusterfs_nodes: "{{ groups.glusterfs_registry | default(groups.glusterfs) }}"
+ glusterfs_heketi_fstab: "{{ openshift_storage_glusterfs_registry_heketi_fstab }}"
+ glusterfs_nodes: "{% if groups.glusterfs_registry is defined %}{% set nodes = groups.glusterfs_registry %}{% elif 'groups.glusterfs' is defined %}{% set nodes = groups.glusterfs %}{% else %}{% set nodes = '[]' %}{% endif %}{{ nodes }}"
-- include: glusterfs_common.yml
+- include_tasks: glusterfs_common.yml
when:
- glusterfs_nodes | default([]) | count > 0
- "'glusterfs' not in groups or glusterfs_nodes != groups.glusterfs"
-- name: Delete pre-existing GlusterFS registry resources
- oc_obj:
- namespace: "{{ glusterfs_namespace }}"
- kind: "{{ item.kind }}"
- name: "{{ item.name }}"
- state: absent
- with_items:
- - kind: "svc"
- name: "glusterfs-{{ glusterfs_name | default }}-endpoints"
- failed_when: False
-
-- name: Generate GlusterFS registry endpoints
- template:
- src: "{{ openshift.common.examples_content_version }}/glusterfs-registry-endpoints.yml.j2"
- dest: "{{ mktemp.stdout }}/glusterfs-registry-endpoints.yml"
-
-- name: Copy GlusterFS registry service
- template:
- src: "{{ openshift.common.examples_content_version }}/glusterfs-registry-service.yml.j2"
- dest: "{{ mktemp.stdout }}/glusterfs-registry-service.yml"
-
-- name: Create GlusterFS registry endpoints
- oc_obj:
- namespace: "{{ openshift.hosted.registry.namespace | default('default') }}"
- state: present
- kind: endpoints
- name: "glusterfs-{{ glusterfs_name }}-endpoints"
- files:
- - "{{ mktemp.stdout }}/glusterfs-registry-endpoints.yml"
-
-- name: Create GlusterFS registry service
- oc_obj:
- namespace: "{{ openshift.hosted.registry.namespace | default('default') }}"
- state: present
- kind: service
- name: "glusterfs-{{ glusterfs_name }}-endpoints"
- files:
- - "{{ mktemp.stdout }}/glusterfs-registry-service.yml"
-
- name: Check if GlusterFS registry volume exists
command: "{{ glusterfs_heketi_client }} volume list"
register: registry_volume
- name: Create GlusterFS registry volume
- command: "{{ glusterfs_heketi_client }} volume create --size={{ openshift.hosted.registry.storage.volume.size | replace('Gi','') }} --name={{ openshift.hosted.registry.storage.glusterfs.path }}"
- when: "openshift.hosted.registry.storage.glusterfs.path not in registry_volume.stdout"
+ command: "{{ glusterfs_heketi_client }} volume create --size={{ openshift_hosted_registry_storage_volume_size | replace('Gi','') }} --name={{ openshift_hosted_registry_storage_glusterfs_path }}"
+ when: "openshift_hosted_registry_storage_glusterfs_path not in registry_volume.stdout"
diff --git a/roles/openshift_storage_glusterfs/tasks/heketi_deploy_part1.yml b/roles/openshift_storage_glusterfs/tasks/heketi_deploy_part1.yml
index 73396c9af..935d3b689 100644
--- a/roles/openshift_storage_glusterfs/tasks/heketi_deploy_part1.yml
+++ b/roles/openshift_storage_glusterfs/tasks/heketi_deploy_part1.yml
@@ -27,7 +27,7 @@
HEKETI_USER_KEY: "{{ glusterfs_heketi_user_key }}"
HEKETI_ADMIN_KEY: "{{ glusterfs_heketi_admin_key }}"
HEKETI_EXECUTOR: "{{ glusterfs_heketi_executor }}"
- HEKETI_KUBE_NAMESPACE: "{{ glusterfs_namespace }}"
+ HEKETI_FSTAB: "{{ glusterfs_heketi_fstab }}"
CLUSTER_NAME: "{{ glusterfs_name }}"
- name: Set heketi Deployed fact
diff --git a/roles/openshift_storage_glusterfs/tasks/heketi_deploy_part2.yml b/roles/openshift_storage_glusterfs/tasks/heketi_deploy_part2.yml
index 54a6dd7c3..60b9ca497 100644
--- a/roles/openshift_storage_glusterfs/tasks/heketi_deploy_part2.yml
+++ b/roles/openshift_storage_glusterfs/tasks/heketi_deploy_part2.yml
@@ -28,14 +28,14 @@
until:
- "'results' in heketi_job.results and heketi_job.results.results | count > 0"
# Pod's 'Complete' status must be True
- - "heketi_job.results.results | oo_collect(attribute='status.conditions') | oo_collect(attribute='status', filters={'type': 'Complete'}) | map('bool') | select | list | count == 1"
+ - "heketi_job.results.results | lib_utils_oo_collect(attribute='status.conditions') | lib_utils_oo_collect(attribute='status', filters={'type': 'Complete'}) | map('bool') | select | list | count == 1"
delay: 10
retries: "{{ (glusterfs_timeout | int / 10) | int }}"
failed_when:
- "'results' in heketi_job.results"
- "heketi_job.results.results | count > 0"
# Fail when pod's 'Failed' status is True
- - "heketi_job.results.results | oo_collect(attribute='status.conditions') | oo_collect(attribute='status', filters={'type': 'Failed'}) | map('bool') | select | list | count == 1"
+ - "heketi_job.results.results | lib_utils_oo_collect(attribute='status.conditions') | lib_utils_oo_collect(attribute='status', filters={'type': 'Failed'}) | map('bool') | select | list | count == 1"
when: setup_storage.rc == 0
- name: Delete deploy resources
@@ -107,7 +107,7 @@
HEKETI_USER_KEY: "{{ glusterfs_heketi_user_key }}"
HEKETI_ADMIN_KEY: "{{ glusterfs_heketi_admin_key }}"
HEKETI_EXECUTOR: "{{ glusterfs_heketi_executor }}"
- HEKETI_KUBE_NAMESPACE: "{{ glusterfs_namespace }}"
+ HEKETI_FSTAB: "{{ glusterfs_heketi_fstab }}"
CLUSTER_NAME: "{{ glusterfs_name }}"
- name: Wait for heketi pod
@@ -120,7 +120,7 @@
until:
- "heketi_pod.results.results[0]['items'] | count > 0"
# Pod's 'Ready' status must be True
- - "heketi_pod.results.results[0]['items'] | oo_collect(attribute='status.conditions') | oo_collect(attribute='status', filters={'type': 'Ready'}) | map('bool') | select | list | count == 1"
+ - "heketi_pod.results.results[0]['items'] | lib_utils_oo_collect(attribute='status.conditions') | lib_utils_oo_collect(attribute='status', filters={'type': 'Ready'}) | map('bool') | select | list | count == 1"
delay: 10
retries: "{{ (glusterfs_timeout | int / 10) | int }}"
diff --git a/roles/openshift_storage_glusterfs/tasks/kernel_modules.yml b/roles/openshift_storage_glusterfs/tasks/kernel_modules.yml
index 030fa81c9..3bdfa183f 100644
--- a/roles/openshift_storage_glusterfs/tasks/kernel_modules.yml
+++ b/roles/openshift_storage_glusterfs/tasks/kernel_modules.yml
@@ -9,4 +9,4 @@
systemd:
name: systemd-modules-load.service
state: restarted
- when: km | changed
+ when: km is changed
diff --git a/roles/openshift_storage_glusterfs/tasks/main.yml b/roles/openshift_storage_glusterfs/tasks/main.yml
index d2d8c6c10..b48bfc88e 100644
--- a/roles/openshift_storage_glusterfs/tasks/main.yml
+++ b/roles/openshift_storage_glusterfs/tasks/main.yml
@@ -5,13 +5,15 @@
changed_when: False
check_mode: no
-- include: glusterfs_config.yml
+- include_tasks: glusterfs_config.yml
when:
- groups.glusterfs | default([]) | count > 0
-- include: glusterfs_registry.yml
- when:
- - "groups.glusterfs_registry | default([]) | count > 0 or openshift.hosted.registry.storage.kind == 'glusterfs' or openshift.hosted.registry.storage.glusterfs.swap"
+- include_tasks: glusterfs_registry.yml
+ when: >
+ groups.glusterfs_registry | default([]) | count > 0
+ or (openshift_hosted_registry_storage_kind | default(none) == 'glusterfs')
+ or (openshift_hosted_registry_storage_glusterfs_swap | default(False))
- name: Delete temp directory
file:
diff --git a/roles/openshift_storage_glusterfs/templates/v1.5/glusterfs-storageclass.yml.j2 b/roles/openshift_storage_glusterfs/templates/v1.5/glusterfs-storageclass.yml.j2
index 454e84aaf..5ea17428f 100644
--- a/roles/openshift_storage_glusterfs/templates/v1.5/glusterfs-storageclass.yml.j2
+++ b/roles/openshift_storage_glusterfs/templates/v1.5/glusterfs-storageclass.yml.j2
@@ -3,6 +3,10 @@ apiVersion: storage.k8s.io/v1beta1
kind: StorageClass
metadata:
name: glusterfs-{{ glusterfs_name }}
+{% if glusterfs_storageclass_default is defined and glusterfs_storageclass_default %}
+ annotations:
+ storageclass.kubernetes.io/is-default-class: "true"
+{% endif %}
provisioner: kubernetes.io/glusterfs
parameters:
resturl: "http://{% if glusterfs_heketi_is_native %}{{ glusterfs_heketi_route }}{% else %}{{ glusterfs_heketi_url }}:{{ glusterfs_heketi_port }}{% endif %}"
diff --git a/roles/openshift_storage_glusterfs/templates/v3.6/glusterfs-storageclass.yml.j2 b/roles/openshift_storage_glusterfs/templates/v3.6/glusterfs-storageclass.yml.j2
index 095fb780f..ca87807fe 100644
--- a/roles/openshift_storage_glusterfs/templates/v3.6/glusterfs-storageclass.yml.j2
+++ b/roles/openshift_storage_glusterfs/templates/v3.6/glusterfs-storageclass.yml.j2
@@ -3,6 +3,10 @@ apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: glusterfs-{{ glusterfs_name }}
+{% if glusterfs_storageclass_default is defined and glusterfs_storageclass_default %}
+ annotations:
+ storageclass.kubernetes.io/is-default-class: "true"
+{% endif %}
provisioner: kubernetes.io/glusterfs
parameters:
resturl: "http://{% if glusterfs_heketi_is_native %}{{ glusterfs_heketi_route }}{% else %}{{ glusterfs_heketi_url }}:{{ glusterfs_heketi_port }}{% endif %}"
diff --git a/roles/openshift_storage_glusterfs/templates/v3.7/glusterfs-storageclass.yml.j2 b/roles/openshift_storage_glusterfs/templates/v3.7/glusterfs-storageclass.yml.j2
index 095fb780f..ca87807fe 100644
--- a/roles/openshift_storage_glusterfs/templates/v3.7/glusterfs-storageclass.yml.j2
+++ b/roles/openshift_storage_glusterfs/templates/v3.7/glusterfs-storageclass.yml.j2
@@ -3,6 +3,10 @@ apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: glusterfs-{{ glusterfs_name }}
+{% if glusterfs_storageclass_default is defined and glusterfs_storageclass_default %}
+ annotations:
+ storageclass.kubernetes.io/is-default-class: "true"
+{% endif %}
provisioner: kubernetes.io/glusterfs
parameters:
resturl: "http://{% if glusterfs_heketi_is_native %}{{ glusterfs_heketi_route }}{% else %}{{ glusterfs_heketi_url }}:{{ glusterfs_heketi_port }}{% endif %}"
diff --git a/roles/openshift_storage_glusterfs/templates/v3.7/heketi.json.j2 b/roles/openshift_storage_glusterfs/templates/v3.7/heketi.json.j2
index 579b11bb7..565e9be98 100644
--- a/roles/openshift_storage_glusterfs/templates/v3.7/heketi.json.j2
+++ b/roles/openshift_storage_glusterfs/templates/v3.7/heketi.json.j2
@@ -31,6 +31,12 @@
"port" : "{{ glusterfs_heketi_ssh_port }}",
"user" : "{{ glusterfs_heketi_ssh_user }}",
"sudo" : {{ glusterfs_heketi_ssh_sudo | lower }}
- }
+ },
+
+ "_auto_create_block_hosting_volume": "Creates Block Hosting volumes automatically if not found or exsisting volume exhausted",
+ "auto_create_block_hosting_volume": {{ glusterfs_block_host_vol_create | lower }},
+
+ "_block_hosting_volume_size": "New block hosting volume will be created in size mentioned, This is considered only if auto-create is enabled.",
+ "block_hosting_volume_size": {{ glusterfs_block_host_vol_size }}
}
}
diff --git a/roles/openshift_storage_glusterfs/templates/v3.8/glusterfs-registry-endpoints.yml.j2 b/roles/openshift_storage_glusterfs/templates/v3.8/glusterfs-registry-endpoints.yml.j2
new file mode 100644
index 000000000..11c9195bb
--- /dev/null
+++ b/roles/openshift_storage_glusterfs/templates/v3.8/glusterfs-registry-endpoints.yml.j2
@@ -0,0 +1,12 @@
+---
+apiVersion: v1
+kind: Endpoints
+metadata:
+ name: glusterfs-{{ glusterfs_name }}-endpoints
+subsets:
+- addresses:
+{% for node in glusterfs_nodes %}
+ - ip: {{ hostvars[node].glusterfs_ip | default(hostvars[node].openshift.common.ip) }}
+{% endfor %}
+ ports:
+ - port: 1
diff --git a/roles/openshift_storage_glusterfs/templates/v3.8/glusterfs-registry-service.yml.j2 b/roles/openshift_storage_glusterfs/templates/v3.8/glusterfs-registry-service.yml.j2
new file mode 100644
index 000000000..3f869d2b7
--- /dev/null
+++ b/roles/openshift_storage_glusterfs/templates/v3.8/glusterfs-registry-service.yml.j2
@@ -0,0 +1,10 @@
+---
+apiVersion: v1
+kind: Service
+metadata:
+ name: glusterfs-{{ glusterfs_name }}-endpoints
+spec:
+ ports:
+ - port: 1
+status:
+ loadBalancer: {}
diff --git a/roles/openshift_storage_glusterfs/templates/v3.8/glusterfs-storageclass.yml.j2 b/roles/openshift_storage_glusterfs/templates/v3.8/glusterfs-storageclass.yml.j2
new file mode 100644
index 000000000..ca87807fe
--- /dev/null
+++ b/roles/openshift_storage_glusterfs/templates/v3.8/glusterfs-storageclass.yml.j2
@@ -0,0 +1,17 @@
+---
+apiVersion: storage.k8s.io/v1
+kind: StorageClass
+metadata:
+ name: glusterfs-{{ glusterfs_name }}
+{% if glusterfs_storageclass_default is defined and glusterfs_storageclass_default %}
+ annotations:
+ storageclass.kubernetes.io/is-default-class: "true"
+{% endif %}
+provisioner: kubernetes.io/glusterfs
+parameters:
+ resturl: "http://{% if glusterfs_heketi_is_native %}{{ glusterfs_heketi_route }}{% else %}{{ glusterfs_heketi_url }}:{{ glusterfs_heketi_port }}{% endif %}"
+ restuser: "admin"
+{% if glusterfs_heketi_admin_key is defined %}
+ secretNamespace: "{{ glusterfs_namespace }}"
+ secretName: "heketi-{{ glusterfs_name }}-admin-secret"
+{%- endif -%}
diff --git a/roles/openshift_storage_glusterfs/templates/v3.8/heketi-endpoints.yml.j2 b/roles/openshift_storage_glusterfs/templates/v3.8/heketi-endpoints.yml.j2
new file mode 100644
index 000000000..99cbdf748
--- /dev/null
+++ b/roles/openshift_storage_glusterfs/templates/v3.8/heketi-endpoints.yml.j2
@@ -0,0 +1,12 @@
+---
+apiVersion: v1
+kind: Endpoints
+metadata:
+ name: heketi-db-{{ glusterfs_name }}-endpoints
+subsets:
+- addresses:
+{% for node in glusterfs_nodes %}
+ - ip: {{ hostvars[node].glusterfs_ip | default(hostvars[node].openshift.common.ip) }}
+{% endfor %}
+ ports:
+ - port: 1
diff --git a/roles/openshift_storage_glusterfs/templates/v3.8/heketi-service.yml.j2 b/roles/openshift_storage_glusterfs/templates/v3.8/heketi-service.yml.j2
new file mode 100644
index 000000000..dcb896441
--- /dev/null
+++ b/roles/openshift_storage_glusterfs/templates/v3.8/heketi-service.yml.j2
@@ -0,0 +1,10 @@
+---
+apiVersion: v1
+kind: Service
+metadata:
+ name: heketi-db-{{ glusterfs_name }}-endpoints
+spec:
+ ports:
+ - port: 1
+status:
+ loadBalancer: {}
diff --git a/roles/openshift_storage_glusterfs/templates/v3.8/heketi.json.j2 b/roles/openshift_storage_glusterfs/templates/v3.8/heketi.json.j2
new file mode 100644
index 000000000..565e9be98
--- /dev/null
+++ b/roles/openshift_storage_glusterfs/templates/v3.8/heketi.json.j2
@@ -0,0 +1,42 @@
+{
+ "_port_comment": "Heketi Server Port Number",
+ "port" : "8080",
+
+ "_use_auth": "Enable JWT authorization. Please enable for deployment",
+ "use_auth" : false,
+
+ "_jwt" : "Private keys for access",
+ "jwt" : {
+ "_admin" : "Admin has access to all APIs",
+ "admin" : {
+ "key" : "My Secret"
+ },
+ "_user" : "User only has access to /volumes endpoint",
+ "user" : {
+ "key" : "My Secret"
+ }
+ },
+
+ "_glusterfs_comment": "GlusterFS Configuration",
+ "glusterfs" : {
+
+ "_executor_comment": "Execute plugin. Possible choices: mock, kubernetes, ssh",
+ "executor" : "{{ glusterfs_heketi_executor }}",
+
+ "_db_comment": "Database file name",
+ "db" : "/var/lib/heketi/heketi.db",
+
+ "sshexec" : {
+ "keyfile" : "/etc/heketi/private_key",
+ "port" : "{{ glusterfs_heketi_ssh_port }}",
+ "user" : "{{ glusterfs_heketi_ssh_user }}",
+ "sudo" : {{ glusterfs_heketi_ssh_sudo | lower }}
+ },
+
+ "_auto_create_block_hosting_volume": "Creates Block Hosting volumes automatically if not found or exsisting volume exhausted",
+ "auto_create_block_hosting_volume": {{ glusterfs_block_host_vol_create | lower }},
+
+ "_block_hosting_volume_size": "New block hosting volume will be created in size mentioned, This is considered only if auto-create is enabled.",
+ "block_hosting_volume_size": {{ glusterfs_block_host_vol_size }}
+ }
+}
diff --git a/roles/openshift_storage_glusterfs/templates/v3.8/topology.json.j2 b/roles/openshift_storage_glusterfs/templates/v3.8/topology.json.j2
new file mode 100644
index 000000000..d6c28f6dd
--- /dev/null
+++ b/roles/openshift_storage_glusterfs/templates/v3.8/topology.json.j2
@@ -0,0 +1,49 @@
+{
+ "clusters": [
+{%- set clusters = {} -%}
+{%- for node in glusterfs_nodes -%}
+ {%- set cluster = hostvars[node].glusterfs_cluster if 'glusterfs_cluster' in node else '1' -%}
+ {%- if cluster in clusters -%}
+ {%- set _dummy = clusters[cluster].append(node) -%}
+ {%- else -%}
+ {%- set _dummy = clusters.update({cluster: [ node, ]}) -%}
+ {%- endif -%}
+{%- endfor -%}
+{%- for cluster in clusters -%}
+ {
+ "nodes": [
+{%- for node in clusters[cluster] -%}
+ {
+ "node": {
+ "hostnames": {
+ "manage": [
+{%- if 'glusterfs_hostname' in hostvars[node] -%}
+ "{{ hostvars[node].glusterfs_hostname }}"
+{%- elif 'openshift' in hostvars[node] -%}
+ "{{ hostvars[node].openshift.node.nodename }}"
+{%- else -%}
+ "{{ node }}"
+{%- endif -%}
+ ],
+ "storage": [
+{%- if 'glusterfs_ip' in hostvars[node] -%}
+ "{{ hostvars[node].glusterfs_ip }}"
+{%- else -%}
+ "{{ hostvars[node].openshift.common.ip }}"
+{%- endif -%}
+ ]
+ },
+ "zone": {{ hostvars[node].glusterfs_zone | default(1) }}
+ },
+ "devices": [
+{%- for device in hostvars[node].glusterfs_devices -%}
+ "{{ device }}"{% if not loop.last %},{% endif %}
+{%- endfor -%}
+ ]
+ }{% if not loop.last %},{% endif %}
+{%- endfor -%}
+ ]
+ }{% if not loop.last %},{% endif %}
+{%- endfor -%}
+ ]
+}
diff --git a/roles/openshift_storage_nfs/meta/main.yml b/roles/openshift_storage_nfs/meta/main.yml
index 98f7c317e..3ae04e59f 100644
--- a/roles/openshift_storage_nfs/meta/main.yml
+++ b/roles/openshift_storage_nfs/meta/main.yml
@@ -10,5 +10,5 @@ galaxy_info:
versions:
- 7
dependencies:
-- role: lib_os_firewall
-- role: openshift_hosted_facts
+- role: lib_utils
+- role: openshift_facts
diff --git a/roles/openshift_storage_nfs/tasks/main.yml b/roles/openshift_storage_nfs/tasks/main.yml
index c4e023c1e..5c043bc14 100644
--- a/roles/openshift_storage_nfs/tasks/main.yml
+++ b/roles/openshift_storage_nfs/tasks/main.yml
@@ -1,10 +1,11 @@
---
- name: setup firewall
- include: firewall.yml
- static: yes
+ import_tasks: firewall.yml
- name: Install nfs-utils
package: name=nfs-utils state=present
+ register: result
+ until: result is succeeded
- name: Configure NFS
lineinfile:
@@ -15,29 +16,29 @@
- name: Restart nfs-config
systemd: name=nfs-config state=restarted
- when: nfs_config | changed
+ when: nfs_config is changed
- name: Ensure exports directory exists
file:
- path: "{{ openshift.hosted.registry.storage.nfs.directory }}"
+ path: "{{ openshift_hosted_registry_storage_nfs_directory }}"
state: directory
- name: Ensure export directories exist
file:
- path: "{{ item.storage.nfs.directory }}/{{ item.storage.volume.name }}"
+ path: "{{ item }}"
state: directory
mode: 0777
owner: nfsnobody
group: nfsnobody
with_items:
- - "{{ openshift.hosted.registry }}"
- - "{{ openshift.metrics }}"
- - "{{ openshift.logging }}"
- - "{{ openshift.loggingops }}"
- - "{{ openshift.hosted.etcd }}"
- - "{{ openshift.prometheus }}"
- - "{{ openshift.prometheus.alertmanager }}"
- - "{{ openshift.prometheus.alertbuffer }}"
+ - "{{ openshift_hosted_registry_storage_nfs_directory }}/{{ openshift_hosted_registry_storage_volume_name }}"
+ - "{{ openshift_metrics_storage_nfs_directory }}/{{ openshift_metrics_storage_volume_name }}"
+ - "{{ openshift_logging_storage_nfs_directory }}/{{ openshift_logging_storage_volume_name }}"
+ - "{{ openshift_loggingops_storage_nfs_directory }}/{{ openshift_loggingops_storage_volume_name }}"
+ - "{{ openshift_hosted_etcd_storage_nfs_directory }}/{{ openshift_hosted_etcd_storage_volume_name }}"
+ - "{{ openshift_prometheus_storage_nfs_directory }}/{{ openshift_prometheus_storage_volume_name }}"
+ - "{{ openshift_prometheus_alertmanager_storage_nfs_directory }}/{{ openshift_prometheus_alertmanager_storage_volume_name }}"
+ - "{{ openshift_prometheus_alertbuffer_storage_nfs_directory }}/{{ openshift_prometheus_alertbuffer_storage_volume_name }}"
- name: Configure exports
template:
@@ -69,4 +70,4 @@
register: start_result
- set_fact:
- nfs_service_status_changed: "{{ start_result | changed }}"
+ nfs_service_status_changed: "{{ start_result is changed }}"
diff --git a/roles/openshift_storage_nfs/templates/exports.j2 b/roles/openshift_storage_nfs/templates/exports.j2
index c2a741035..2ec8db019 100644
--- a/roles/openshift_storage_nfs/templates/exports.j2
+++ b/roles/openshift_storage_nfs/templates/exports.j2
@@ -1,8 +1,8 @@
-{{ openshift.hosted.registry.storage.nfs.directory }}/{{ openshift.hosted.registry.storage.volume.name }} {{ openshift.hosted.registry.storage.nfs.options }}
-{{ openshift.metrics.storage.nfs.directory }}/{{ openshift.metrics.storage.volume.name }} {{ openshift.metrics.storage.nfs.options }}
-{{ openshift.logging.storage.nfs.directory }}/{{ openshift.logging.storage.volume.name }} {{ openshift.logging.storage.nfs.options }}
-{{ openshift.loggingops.storage.nfs.directory }}/{{ openshift.loggingops.storage.volume.name }} {{ openshift.loggingops.storage.nfs.options }}
-{{ openshift.hosted.etcd.storage.nfs.directory }}/{{ openshift.hosted.etcd.storage.volume.name }} {{ openshift.hosted.etcd.storage.nfs.options }}
-{{ openshift.prometheus.storage.nfs.directory }}/{{ openshift.prometheus.storage.volume.name }} {{ openshift.prometheus.storage.nfs.options }}
-{{ openshift.prometheus.alertmanager.storage.nfs.directory }}/{{ openshift.prometheus.alertmanager.storage.volume.name }} {{ openshift.prometheus.alertmanager.storage.nfs.options }}
-{{ openshift.prometheus.alertbuffer.storage.nfs.directory }}/{{ openshift.prometheus.alertbuffer.storage.volume.name }} {{ openshift.prometheus.alertbuffer.storage.nfs.options }}
+{{ openshift_hosted_registry_storage_nfs_directory }}/{{ openshift_hosted_registry_storage_volume_name }} {{ openshift_hosted_registry_storage_nfs_options }}
+{{ openshift_metrics_storage_nfs_directory }}/{{ openshift_metrics_storage_volume_name }} {{ openshift_metrics_storage_nfs_options }}
+{{ openshift_logging_storage_nfs_directory }}/{{ openshift_logging_storage_volume_name }} {{ openshift_logging_storage_nfs_options }}
+{{ openshift_loggingops_storage_nfs_directory }}/{{ openshift_loggingops_storage_volume_name }} {{ openshift_loggingops_storage_nfs_options }}
+{{ openshift_hosted_etcd_storage_nfs_directory }}/{{ openshift_hosted_etcd_storage_volume_name }} {{ openshift_hosted_etcd_storage_nfs_options }}
+{{ openshift_prometheus_storage_nfs_directory }}/{{ openshift_prometheus_storage_volume_name }} {{ openshift_prometheus_storage_nfs_options }}
+{{ openshift_prometheus_alertmanager_storage_nfs_directory }}/{{ openshift_prometheus_alertmanager_storage_volume_name }} {{ openshift_prometheus_alertmanager_storage_nfs_options }}
+{{ openshift_prometheus_alertbuffer_storage_nfs_directory }}/{{ openshift_prometheus_alertbuffer_storage_volume_name }} {{ openshift_prometheus_alertbuffer_storage_nfs_options }}
diff --git a/roles/openshift_storage_nfs_lvm/meta/main.yml b/roles/openshift_storage_nfs_lvm/meta/main.yml
index 50d94f6a3..de47708a5 100644
--- a/roles/openshift_storage_nfs_lvm/meta/main.yml
+++ b/roles/openshift_storage_nfs_lvm/meta/main.yml
@@ -16,3 +16,4 @@ galaxy_info:
- openshift
dependencies:
- role: openshift_facts
+- role: lib_utils
diff --git a/roles/openshift_storage_nfs_lvm/tasks/main.yml b/roles/openshift_storage_nfs_lvm/tasks/main.yml
index 49dd657b5..c8e7b6d7c 100644
--- a/roles/openshift_storage_nfs_lvm/tasks/main.yml
+++ b/roles/openshift_storage_nfs_lvm/tasks/main.yml
@@ -20,7 +20,7 @@
file: path={{osnl_mount_dir}}/{{ item }} owner=nfsnobody group=nfsnobody mode=0700
with_sequence: start={{osnl_volume_num_start}} count={{osnl_number_of_volumes}} format={{osnl_volume_prefix}}{{osnl_volume_size}}g%04d
-- include: nfs.yml
+- include_tasks: nfs.yml
- name: Create volume json file
template: src=../templates/nfs.json.j2 dest=/root/persistent-volume.{{ item }}.json
diff --git a/roles/openshift_storage_nfs_lvm/tasks/nfs.yml b/roles/openshift_storage_nfs_lvm/tasks/nfs.yml
index 03f4fcec0..94dc63bd2 100644
--- a/roles/openshift_storage_nfs_lvm/tasks/nfs.yml
+++ b/roles/openshift_storage_nfs_lvm/tasks/nfs.yml
@@ -2,6 +2,8 @@
- name: Install NFS server
package: name=nfs-utils state=present
when: not openshift.common.is_containerized | bool
+ register: result
+ until: result is succeeded
- name: Start rpcbind
systemd:
diff --git a/roles/openshift_version/defaults/main.yml b/roles/openshift_version/defaults/main.yml
index 01a1a7472..354699637 100644
--- a/roles/openshift_version/defaults/main.yml
+++ b/roles/openshift_version/defaults/main.yml
@@ -1,2 +1,10 @@
---
openshift_protect_installed_version: True
+
+openshift_service_type_dict:
+ origin: origin
+ openshift-enterprise: atomic-openshift
+
+openshift_service_type: "{{ openshift_service_type_dict[openshift_deployment_type] }}"
+
+openshift_use_crio_only: False
diff --git a/roles/openshift_version/meta/main.yml b/roles/openshift_version/meta/main.yml
index 38b398343..d0ad4b7d2 100644
--- a/roles/openshift_version/meta/main.yml
+++ b/roles/openshift_version/meta/main.yml
@@ -12,7 +12,5 @@ galaxy_info:
categories:
- cloud
dependencies:
-- role: openshift_docker_facts
-- role: docker
- when: openshift.common.is_containerized | default(False) | bool and not skip_docker_role | default(False) | bool
- role: lib_utils
+- role: openshift_facts
diff --git a/roles/openshift_version/tasks/main.yml b/roles/openshift_version/tasks/main.yml
index 1c8b9046c..e50d5371e 100644
--- a/roles/openshift_version/tasks/main.yml
+++ b/roles/openshift_version/tasks/main.yml
@@ -49,7 +49,7 @@
when: openshift.common.deployment_type == 'origin'
assert:
that:
- - "{{ openshift_image_tag|match('(^v?\\d+\\.\\d+\\.\\d+(-[\\w\\-\\.]*)?$)') }}"
+ - "{{ openshift_image_tag is match('(^v?\\d+\\.\\d+\\.\\d+(-[\\w\\-\\.]*)?$)') }}"
msg: |-
openshift_image_tag must be in the format v#.#.#[-optional.#]. Examples: v1.2.3, v3.5.1-alpha.1
You specified openshift_image_tag={{ openshift_image_tag }}
@@ -66,7 +66,7 @@
when: openshift.common.deployment_type == 'openshift-enterprise'
assert:
that:
- - "{{ openshift_image_tag|match('(^v\\d+\\.\\d+(\\.\\d+)*(-\\d+(\\.\\d+)*)?$)') }}"
+ - "{{ openshift_image_tag is match('(^v\\d+\\.\\d+(\\.\\d+)*(-\\d+(\\.\\d+)*)?$)') }}"
msg: |-
openshift_image_tag must be in the format v#.#[.#[.#]]. Examples: v1.2, v3.4.1, v3.5.1.3,
v3.5.1.3.4, v1.2-1, v1.2.3-4, v1.2.3-4.5, v1.2.3-4.5.6
@@ -93,21 +93,21 @@
- inventory_hostname in groups['oo_masters_to_config'] or inventory_hostname in groups['oo_nodes_to_config']
block:
- name: Set openshift_version for rpm installation
- include: set_version_rpm.yml
+ include_tasks: set_version_rpm.yml
when: not is_containerized | bool
- name: Set openshift_version for containerized installation
- include: set_version_containerized.yml
+ include_tasks: set_version_containerized.yml
when: is_containerized | bool
- block:
- - name: Get available {{ openshift.common.service_type}} version
+ - name: Get available {{ openshift_service_type}} version
repoquery:
- name: "{{ openshift.common.service_type}}"
+ name: "{{ openshift_service_type}}"
ignore_excluders: true
register: rpm_results
- fail:
- msg: "Package {{ openshift.common.service_type}} not found"
+ msg: "Package {{ openshift_service_type}} not found"
when: not rpm_results.results.package_found
- set_fact:
openshift_rpm_version: "{{ rpm_results.results.versions.available_versions.0 | default('0.0', True) }}"
@@ -196,7 +196,7 @@
- openshift_version.startswith(openshift_release) | bool
msg: |-
You requested openshift_release {{ openshift_release }}, which is not matched by
- the latest OpenShift RPM we detected as {{ openshift.common.service_type }}-{{ openshift_version }}
+ the latest OpenShift RPM we detected as {{ openshift_service_type }}-{{ openshift_version }}
on host {{ inventory_hostname }}.
We will only install the latest RPMs, so please ensure you are getting the release
you expect. You may need to adjust your Ansible inventory, modify the repositories
diff --git a/roles/openshift_version/tasks/set_version_containerized.yml b/roles/openshift_version/tasks/set_version_containerized.yml
index b727eb74d..e02a75eab 100644
--- a/roles/openshift_version/tasks/set_version_containerized.yml
+++ b/roles/openshift_version/tasks/set_version_containerized.yml
@@ -1,7 +1,4 @@
---
-- set_fact:
- l_use_crio_only: "{{ openshift_use_crio_only | default(false) }}"
-
- name: Set containerized version to configure if openshift_image_tag specified
set_fact:
# Expects a leading "v" in inventory, strip it off here unless
@@ -20,11 +17,11 @@
- name: Lookup latest containerized version if no version specified
command: >
- docker run --rm {{ openshift.common.cli_image }}:latest version
+ docker run --rm {{ openshift_cli_image }}:latest version
register: cli_image_version
when:
- openshift_version is not defined
- - not l_use_crio_only
+ - not openshift_use_crio_only
# Origin latest = pre-release version (i.e. v1.3.0-alpha.1-321-gb095e3a)
- set_fact:
@@ -33,7 +30,7 @@
- openshift_version is not defined
- openshift.common.deployment_type == 'origin'
- cli_image_version.stdout_lines[0].split('-') | length > 1
- - not l_use_crio_only
+ - not openshift_use_crio_only
- set_fact:
openshift_version: "{{ cli_image_version.stdout_lines[0].split(' ')[1].split('-')[0][1:] }}"
@@ -43,19 +40,19 @@
# and use that value instead.
- name: Set precise containerized version to configure if openshift_release specified
command: >
- docker run --rm {{ openshift.common.cli_image }}:v{{ openshift_version }} version
+ docker run --rm {{ openshift_cli_image }}:v{{ openshift_version }} version
register: cli_image_version
when:
- openshift_version is defined
- openshift_version.split('.') | length == 2
- - not l_use_crio_only
+ - not openshift_use_crio_only
- set_fact:
openshift_version: "{{ cli_image_version.stdout_lines[0].split(' ')[1].split('-')[0:2][1:] | join('-') if openshift.common.deployment_type == 'origin' else cli_image_version.stdout_lines[0].split(' ')[1].split('-')[0][1:] }}"
when:
- openshift_version is defined
- openshift_version.split('.') | length == 2
- - not l_use_crio_only
+ - not openshift_use_crio_only
# TODO: figure out a way to check for the openshift_version when using CRI-O.
# We should do that using the images in the ostree storage so we don't have
@@ -65,4 +62,4 @@
# dangly +c0mm1t-offset tags in the version. See also,
# openshift_facts.py
- set_fact:
- openshift_version: "{{ openshift_version | oo_chomp_commit_offset }}"
+ openshift_version: "{{ openshift_version | lib_utils_oo_chomp_commit_offset }}"
diff --git a/roles/openshift_version/tasks/set_version_rpm.yml b/roles/openshift_version/tasks/set_version_rpm.yml
index c40777bf1..c7ca5ceae 100644
--- a/roles/openshift_version/tasks/set_version_rpm.yml
+++ b/roles/openshift_version/tasks/set_version_rpm.yml
@@ -8,14 +8,14 @@
- openshift_version is not defined
- block:
- - name: Get available {{ openshift.common.service_type}} version
+ - name: Get available {{ openshift_service_type}} version
repoquery:
- name: "{{ openshift.common.service_type}}"
+ name: "{{ openshift_service_type}}"
ignore_excluders: true
register: rpm_results
- fail:
- msg: "Package {{ openshift.common.service_type}} not found"
+ msg: "Package {{ openshift_service_type}} not found"
when: not rpm_results.results.package_found
- set_fact:
diff --git a/roles/os_firewall/tasks/firewalld.yml b/roles/os_firewall/tasks/firewalld.yml
index 54430f402..4eae31596 100644
--- a/roles/os_firewall/tasks/firewalld.yml
+++ b/roles/os_firewall/tasks/firewalld.yml
@@ -8,6 +8,8 @@
package:
name: firewalld
state: present
+ register: result
+ until: result is succeeded
- name: Ensure iptables services are not enabled
systemd:
@@ -19,12 +21,14 @@
- iptables
- ip6tables
register: task_result
- failed_when: task_result|failed and 'could not' not in task_result.msg|lower
+ failed_when:
+ - task_result is failed
+ - ('could not' not in task_result.msg|lower)
- name: Wait 10 seconds after disabling iptables
pause:
seconds: 10
- when: task_result | changed
+ when: task_result is changed
- name: Start and enable firewalld service
systemd:
@@ -38,13 +42,13 @@
- name: need to pause here, otherwise the firewalld service starting can sometimes cause ssh to fail
pause:
seconds: 10
- when: result | changed
+ when: result is changed
- name: Restart polkitd
systemd:
name: polkit
state: restarted
- when: result | changed
+ when: result is changed
# Fix suspected race between firewalld and polkit BZ1436964
- name: Wait for polkit action to have been created
diff --git a/roles/os_firewall/tasks/iptables.yml b/roles/os_firewall/tasks/iptables.yml
index 2d74f2e48..49d658d37 100644
--- a/roles/os_firewall/tasks/iptables.yml
+++ b/roles/os_firewall/tasks/iptables.yml
@@ -7,12 +7,14 @@
enabled: no
masked: yes
register: task_result
- failed_when: task_result|failed and 'could not' not in task_result.msg|lower
+ failed_when:
+ - task_result is failed
+ - ('could not' not in task_result.msg|lower)
- name: Wait 10 seconds after disabling firewalld
pause:
seconds: 10
- when: task_result | changed
+ when: task_result is changed
- name: Install iptables packages
package:
@@ -22,6 +24,8 @@
- iptables
- iptables-services
when: not r_os_firewall_is_atomic | bool
+ register: result
+ until: result is succeeded
- name: Start and enable iptables service
systemd:
@@ -38,4 +42,4 @@
- name: need to pause here, otherwise the iptables service starting can sometimes cause ssh to fail
pause:
seconds: 10
- when: result | changed
+ when: result is changed
diff --git a/roles/os_firewall/tasks/main.yml b/roles/os_firewall/tasks/main.yml
index c477d386c..99084cd3f 100644
--- a/roles/os_firewall/tasks/main.yml
+++ b/roles/os_firewall/tasks/main.yml
@@ -8,12 +8,12 @@
set_fact:
r_os_firewall_is_atomic: "{{ r_os_firewall_ostree_booted.stat.exists }}"
-- include: firewalld.yml
+- include_tasks: firewalld.yml
when:
- os_firewall_enabled | bool
- os_firewall_use_firewalld | bool
-- include: iptables.yml
+- include_tasks: iptables.yml
when:
- os_firewall_enabled | bool
- not os_firewall_use_firewalld | bool
diff --git a/roles/os_update_latest/tasks/main.yml b/roles/os_update_latest/tasks/main.yml
index 6b5fd0106..9d8ec7887 100644
--- a/roles/os_update_latest/tasks/main.yml
+++ b/roles/os_update_latest/tasks/main.yml
@@ -1,3 +1,5 @@
---
- name: Update all packages
package: name=* state=latest
+ register: result
+ until: result is succeeded
diff --git a/roles/rhel_subscribe/README.md b/roles/rhel_subscribe/README.md
new file mode 100644
index 000000000..15eaf4f30
--- /dev/null
+++ b/roles/rhel_subscribe/README.md
@@ -0,0 +1,29 @@
+RHEL Subscribe
+==============
+
+Subscribes the RHEL servers and add the OpenShift enterprise repos.
+
+Role variables
+--------------
+
+### `rhsub_user`
+
+Username for the subscription-manager.
+
+### `rhsub_pass`
+
+Password for the subscription-manager.
+
+### `rhsub_pool`
+
+Name of the pool to attach (optional).
+
+### `rhsub_server`
+
+Custom hostname for the Satellite server (optional).
+
+### `openshift_release`
+
+Version for the OpenShift Enterprise repositories.
+
+Example: `3.6`
diff --git a/roles/rhel_subscribe/defaults/main.yml b/roles/rhel_subscribe/defaults/main.yml
new file mode 100644
index 000000000..80b2ab919
--- /dev/null
+++ b/roles/rhel_subscribe/defaults/main.yml
@@ -0,0 +1,2 @@
+---
+rhsub_pool: 'Red Hat OpenShift Container Platform, Premium*'
diff --git a/roles/rhel_subscribe/tasks/enterprise.yml b/roles/rhel_subscribe/tasks/enterprise.yml
deleted file mode 100644
index fa74c9953..000000000
--- a/roles/rhel_subscribe/tasks/enterprise.yml
+++ /dev/null
@@ -1,25 +0,0 @@
----
-- name: Disable all repositories
- command: subscription-manager repos --disable="*"
-
-- set_fact:
- default_ose_version: '3.6'
- when: deployment_type == 'openshift-enterprise'
-
-- set_fact:
- ose_version: "{{ lookup('env', 'ose_version') | default(default_ose_version, True) }}"
-
-- fail:
- msg: "{{ ose_version }} is not a valid version for {{ deployment_type }} deployment type"
- when:
- - deployment_type == 'openshift-enterprise'
- - ose_version not in ['3.1', '3.2', '3.3', '3.4', '3.5', '3.6'] )
-
-- name: Enable RHEL repositories
- command: subscription-manager repos \
- --enable="rhel-7-server-rpms" \
- --enable="rhel-7-server-extras-rpms" \
- --enable="rhel-7-server-ose-{{ ose_version }}-rpms" \
- --enable="rhel-7-fast-datapath-rpms"
- register: subscribe_repos
- until: subscribe_repos | succeeded
diff --git a/roles/rhel_subscribe/tasks/main.yml b/roles/rhel_subscribe/tasks/main.yml
index b06f51908..e7eb6c572 100644
--- a/roles/rhel_subscribe/tasks/main.yml
+++ b/roles/rhel_subscribe/tasks/main.yml
@@ -1,73 +1,48 @@
---
-# TODO: Enhance redhat_subscription module
-# to make it able to attach to a pool
-# to make it able to enable repositories
-
-- set_fact:
- rhel_subscription_pool: "{{ lookup('env', 'rhel_subscription_pool') | default(rhsub_pool | default('Red Hat OpenShift Container Platform, Premium*')) }}"
- rhel_subscription_user: "{{ lookup('env', 'rhel_subscription_user') | default(rhsub_user | default(omit, True)) }}"
- rhel_subscription_pass: "{{ lookup('env', 'rhel_subscription_pass') | default(rhsub_pass | default(omit, True)) }}"
- rhel_subscription_server: "{{ lookup('env', 'rhel_subscription_server') | default(rhsub_server | default(omit, True)) }}"
-
- fail:
msg: "This role is only supported for Red Hat hosts"
when: ansible_distribution != 'RedHat'
-- fail:
- msg: Either rhsub_user or the rhel_subscription_user env variable are required for this role.
- when: rhel_subscription_user is not defined
-
-- fail:
- msg: Either rhsub_pass or the rhel_subscription_pass env variable are required for this role.
- when: rhel_subscription_pass is not defined
-
-- name: Detecting Atomic Host Operating System
- stat:
- path: /run/ostree-booted
- register: ostree_booted
-
-- name: Satellite preparation
- command: "rpm -Uvh http://{{ rhel_subscription_server }}/pub/katello-ca-consumer-latest.noarch.rpm"
- args:
- creates: /etc/rhsm/ca/katello-server-ca.pem
- when: rhel_subscription_server is defined and rhel_subscription_server
-
- name: Install Red Hat Subscription manager
yum:
name: subscription-manager
state: present
+ register: result
+ until: result is succeeded
-- name: RedHat subscriptions
+- name: Is host already registered?
+ command: "subscription-manager version"
+ register: rh_subscribed
+ changed_when: False
+
+- name: Register host
redhat_subscription:
- username: "{{ rhel_subscription_user }}"
- password: "{{ rhel_subscription_pass }}"
+ username: "{{ rhsub_user }}"
+ password: "{{ rhsub_pass }}"
register: rh_subscription
- until: rh_subscription | succeeded
+ until: rh_subscription is succeeded
+ when:
+ - "'not registered' in rh_subscribed.stdout"
-- name: Retrieve the OpenShift Pool ID
- command: subscription-manager list --available --matches="{{ rhel_subscription_pool }}" --pool-only
- register: openshift_pool_id
- until: openshift_pool_id | succeeded
- changed_when: False
+- fail:
+ msg: 'Unable to register host with Red Hat Subscription Manager'
+ when:
+ - "'not registered' in rh_subscribed.stdout"
+ - rh_subscription.failed
- name: Determine if OpenShift Pool Already Attached
- command: subscription-manager list --consumed --matches="{{ rhel_subscription_pool }}" --pool-only
+ command: "subscription-manager list --consumed --pool-only --matches '*OpenShift*'"
register: openshift_pool_attached
- until: openshift_pool_attached | succeeded
changed_when: False
- when: openshift_pool_id.stdout == ''
-
-- fail:
- msg: "Unable to find pool matching {{ rhel_subscription_pool }} in available or consumed pools"
- when: openshift_pool_id.stdout == '' and openshift_pool_attached is defined and openshift_pool_attached.stdout == ''
+ ignore_errors: yes
- name: Attach to OpenShift Pool
- command: subscription-manager attach --pool {{ openshift_pool_id.stdout_lines[0] }}
- register: subscribe_pool
- until: subscribe_pool | succeeded
- when: openshift_pool_id.stdout != ''
+ command: "subscription-manager attach --pool {{ rhsub_pool }}"
+ register: openshift_pool_attached
+ changed_when: "'Successfully attached a subscription' in openshift_pool_attached.stdout"
+ when: rhsub_pool not in openshift_pool_attached.stdout
-- include: enterprise.yml
+- include_tasks: satellite.yml
when:
- - deployment_type == 'openshift-enterprise'
- - not ostree_booted.stat.exists | bool
+ - rhsub_server is defined
+ - rhsub_server
diff --git a/roles/rhel_subscribe/tasks/satellite.yml b/roles/rhel_subscribe/tasks/satellite.yml
new file mode 100644
index 000000000..dadbe3487
--- /dev/null
+++ b/roles/rhel_subscribe/tasks/satellite.yml
@@ -0,0 +1,5 @@
+---
+- name: Satellite preparation
+ command: "rpm -Uvh http://{{ rhsub_server }}/pub/katello-ca-consumer-latest.noarch.rpm"
+ args:
+ creates: /etc/rhsm/ca/katello-server-ca.pem
diff --git a/roles/template_service_broker/defaults/main.yml b/roles/template_service_broker/defaults/main.yml
index a92a138b0..c32872d24 100644
--- a/roles/template_service_broker/defaults/main.yml
+++ b/roles/template_service_broker/defaults/main.yml
@@ -1,5 +1,6 @@
---
# placeholder file?
template_service_broker_remove: False
-template_service_broker_install: False
+template_service_broker_install: True
openshift_template_service_broker_namespaces: ['openshift']
+template_service_broker_selector: { "region": "infra" }
diff --git a/roles/template_service_broker/files/openshift-ansible-catalog-console.js b/roles/template_service_broker/files/openshift-ansible-catalog-console.js
deleted file mode 100644
index 622afb6bd..000000000
--- a/roles/template_service_broker/files/openshift-ansible-catalog-console.js
+++ /dev/null
@@ -1 +0,0 @@
-window.OPENSHIFT_CONSTANTS.TEMPLATE_SERVICE_BROKER_ENABLED = true;
diff --git a/roles/template_service_broker/meta/main.yml b/roles/template_service_broker/meta/main.yml
index ab5a0cf08..f1b56b771 100644
--- a/roles/template_service_broker/meta/main.yml
+++ b/roles/template_service_broker/meta/main.yml
@@ -11,3 +11,5 @@ galaxy_info:
- 7
categories:
- cloud
+dependencies:
+- role: lib_utils
diff --git a/roles/template_service_broker/tasks/install.yml b/roles/template_service_broker/tasks/install.yml
index 6a532a206..1253c1133 100644
--- a/roles/template_service_broker/tasks/install.yml
+++ b/roles/template_service_broker/tasks/install.yml
@@ -15,6 +15,8 @@
- oc_project:
name: openshift-template-service-broker
state: present
+ node_selector:
+ - ""
- command: mktemp -d /tmp/tsb-ansible-XXXXXX
register: mktemp
@@ -42,20 +44,16 @@
- name: Apply template file
shell: >
- oc process -f "{{ mktemp.stdout }}/{{ __tsb_template_file }}"
+ {{ openshift.common.client_binary }} process -f "{{ mktemp.stdout }}/{{ __tsb_template_file }}"
--param API_SERVER_CONFIG="{{ config['content'] | b64decode }}"
--param IMAGE="{{ template_service_broker_prefix }}{{ template_service_broker_image_name }}:{{ template_service_broker_version }}"
- | kubectl apply -f -
+ --param NODE_SELECTOR={{ template_service_broker_selector | to_json | quote }}
+ | {{ openshift.common.client_binary }} apply -f -
# reconcile with rbac
- name: Reconcile with RBAC file
shell: >
- oc process -f "{{ mktemp.stdout }}/{{ __tsb_rbac_file }}" | oc auth reconcile -f -
-
-- name: copy tech preview extension file for service console UI
- copy:
- src: openshift-ansible-catalog-console.js
- dest: /etc/origin/master/openshift-ansible-catalog-console.js
+ {{ openshift.common.client_binary }} process -f "{{ mktemp.stdout }}/{{ __tsb_rbac_file }}" | {{ openshift.common.client_binary }} auth reconcile -f -
# Check that the TSB is running
- name: Verify that TSB is running
@@ -82,7 +80,7 @@
# Register with broker
- name: Register TSB with broker
shell: >
- oc process -f "{{ mktemp.stdout }}/{{ __tsb_broker_file }}" --param CA_BUNDLE="{{ __ca_bundle.content }}" | oc apply -f -
+ {{ openshift.common.client_binary }} process -f "{{ mktemp.stdout }}/{{ __tsb_broker_file }}" --param CA_BUNDLE="{{ __ca_bundle.content }}" | {{ openshift.common.client_binary }} apply -f -
- file:
state: absent
diff --git a/roles/template_service_broker/tasks/main.yml b/roles/template_service_broker/tasks/main.yml
index da8aa291b..71c8ca470 100644
--- a/roles/template_service_broker/tasks/main.yml
+++ b/roles/template_service_broker/tasks/main.yml
@@ -1,8 +1,8 @@
---
# do any asserts here
-- include: install.yml
- when: template_service_broker_install | default(true) | bool
+- include_tasks: install.yml
+ when: template_service_broker_install | bool
-- include: remove.yml
- when: template_service_broker_remove | default(false) | bool
+- include_tasks: remove.yml
+ when: template_service_broker_remove | bool
diff --git a/roles/template_service_broker/tasks/remove.yml b/roles/template_service_broker/tasks/remove.yml
index 28836f97f..8b5593ff9 100644
--- a/roles/template_service_broker/tasks/remove.yml
+++ b/roles/template_service_broker/tasks/remove.yml
@@ -13,11 +13,11 @@
- name: Delete TSB broker
shell: >
- oc process -f "{{ mktemp.stdout }}/{{ __tsb_broker_file }}" | oc delete --ignore-not-found -f -
+ {{ openshift.common.client_binary }} process -f "{{ mktemp.stdout }}/{{ __tsb_broker_file }}" | {{ openshift.common.client_binary }} delete --ignore-not-found -f -
- name: Delete TSB objects
shell: >
- oc process -f "{{ mktemp.stdout }}/{{ __tsb_template_file }}" | oc delete --ignore-not-found -f -
+ {{ openshift.common.client_binary }} process -f "{{ mktemp.stdout }}/{{ __tsb_template_file }}" | {{ openshift.common.client_binary }} delete --ignore-not-found -f -
- name: empty out tech preview extension file for service console UI
copy:
diff --git a/setup.py b/setup.py
index 3b786e0fb..5ba050b83 100644
--- a/setup.py
+++ b/setup.py
@@ -83,10 +83,14 @@ def find_entrypoint_playbooks():
if not isinstance(task, dict):
# Skip yaml files which are not a dictionary of tasks
continue
- if 'include' in task:
+ if 'include' in task or 'import_playbook' in task:
# Add the playbook and capture included playbooks
playbooks.add(yaml_file)
- included_file_name = task['include'].split()[0]
+ if 'include' in task:
+ directive = task['include']
+ else:
+ directive = task['import_playbook']
+ included_file_name = directive.split()[0]
included_file = os.path.normpath(
os.path.join(os.path.dirname(yaml_file),
included_file_name))
@@ -318,7 +322,7 @@ class OpenShiftAnsibleSyntaxCheck(Command):
has_errors = False
print('Ansible Deprecation Checks')
- exclude_dirs = ['adhoc', 'files', 'meta', 'test', 'tests', 'vars', 'defaults', '.tox']
+ exclude_dirs = ['adhoc', 'files', 'meta', 'vars', 'defaults', '.tox']
for yaml_file in find_files(
os.getcwd(), exclude_dirs, None, r'\.ya?ml$'):
with open(yaml_file, 'r') as contents:
@@ -330,34 +334,40 @@ class OpenShiftAnsibleSyntaxCheck(Command):
result = self.deprecate_jinja2_in_when(yaml_contents, yaml_file)
has_errors = result or has_errors
- # TODO (rteague): This test will be enabled once we move to Ansible 2.4
- # result = self.deprecate_include(yaml_contents, yaml_file)
- # has_errors = result or has_errors
+ # Check for usage of include: directive
+ result = self.deprecate_include(yaml_contents, yaml_file)
+ has_errors = result or has_errors
if not has_errors:
print('...PASSED')
-
print('Ansible Playbook Entry Point Syntax Checks')
for playbook in find_entrypoint_playbooks():
print('-' * 60)
print('Syntax checking playbook: {}'.format(playbook))
- # Error on any entry points in 'common'
- if 'common' in playbook:
- print('{}Invalid entry point playbook. All playbooks must'
- ' start in playbooks/byo{}'.format(self.FAIL, self.ENDC))
- has_errors = True
# --syntax-check each entry point playbook
- else:
- try:
- subprocess.check_output(
- ['ansible-playbook', '-i localhost,',
- '--syntax-check', playbook]
- )
- except subprocess.CalledProcessError as cpe:
- print('{}Execution failed: {}{}'.format(
- self.FAIL, cpe, self.ENDC))
- has_errors = True
+ try:
+ # Create a host group list to avoid WARNING on unmatched host patterns
+ host_group_list = [
+ 'etcd,masters,nodes,OSEv3',
+ 'oo_all_hosts',
+ 'oo_etcd_to_config,oo_new_etcd_to_config,oo_first_etcd,oo_etcd_hosts_to_backup,'
+ 'oo_etcd_hosts_to_upgrade,oo_etcd_to_migrate',
+ 'oo_masters,oo_masters_to_config,oo_first_master,oo_containerized_master_nodes',
+ 'oo_nodes_to_config,oo_nodes_to_upgrade',
+ 'oo_nodes_use_kuryr,oo_nodes_use_flannel',
+ 'oo_nodes_use_calico,oo_nodes_use_nuage,oo_nodes_use_contiv',
+ 'oo_lb_to_config',
+ 'oo_nfs_to_config',
+ 'glusterfs,glusterfs_registry,']
+ subprocess.check_output(
+ ['ansible-playbook', '-i ' + ','.join(host_group_list),
+ '--syntax-check', playbook]
+ )
+ except subprocess.CalledProcessError as cpe:
+ print('{}Execution failed: {}{}'.format(
+ self.FAIL, cpe, self.ENDC))
+ has_errors = True
if has_errors:
raise SystemExit(1)
diff --git a/test/integration/build-images.sh b/test/integration/build-images.sh
index 74a55fa51..74a55fa51 100755..100644
--- a/test/integration/build-images.sh
+++ b/test/integration/build-images.sh
diff --git a/test/integration/openshift_health_checker/preflight/playbooks/package_availability_missing_required.yml b/test/integration/openshift_health_checker/preflight/playbooks/package_availability_missing_required.yml
index 9875de9aa..006a71bd9 100644
--- a/test/integration/openshift_health_checker/preflight/playbooks/package_availability_missing_required.yml
+++ b/test/integration/openshift_health_checker/preflight/playbooks/package_availability_missing_required.yml
@@ -1,6 +1,6 @@
---
# NOTE: this test is probably superfluous since openshift_version already does it
-- include: ../../setup_container.yml
+- import_playbook: ../../setup_container.yml
vars:
image: preflight-aos-package-checks
l_host_vars:
@@ -15,7 +15,7 @@
- block:
# put the repo back to disabled
- - include: tasks/enable_repo.yml
+ - include_tasks: tasks/enable_repo.yml
vars: { repo_name: "ose-3.2", repo_enabled: 0 }
- action: openshift_health_check
@@ -23,4 +23,4 @@
checks: [ 'package_availability' ]
always: # destroy the container whether check passed or not
- - include: ../../teardown_container.yml
+ - include_tasks: ../../teardown_container.yml
diff --git a/test/integration/openshift_health_checker/preflight/playbooks/package_availability_succeeds.yml b/test/integration/openshift_health_checker/preflight/playbooks/package_availability_succeeds.yml
index 16ff41673..b4f18e3b5 100644
--- a/test/integration/openshift_health_checker/preflight/playbooks/package_availability_succeeds.yml
+++ b/test/integration/openshift_health_checker/preflight/playbooks/package_availability_succeeds.yml
@@ -1,5 +1,5 @@
---
-- include: ../../setup_container.yml
+- import_playbook: ../../setup_container.yml
vars:
image: preflight-aos-package-checks
l_host_vars:
@@ -17,4 +17,4 @@
checks: [ 'package_availability' ]
always: # destroy the container whether check passed or not
- - include: ../../teardown_container.yml
+ - include_tasks: ../../teardown_container.yml
diff --git a/test/integration/openshift_health_checker/preflight/playbooks/package_update_dep_missing.yml b/test/integration/openshift_health_checker/preflight/playbooks/package_update_dep_missing.yml
index 9f3aad7bd..7998023ae 100644
--- a/test/integration/openshift_health_checker/preflight/playbooks/package_update_dep_missing.yml
+++ b/test/integration/openshift_health_checker/preflight/playbooks/package_update_dep_missing.yml
@@ -1,5 +1,5 @@
---
-- include: ../../setup_container.yml
+- import_playbook: ../../setup_container.yml
vars:
image: preflight-aos-package-checks
l_host_vars:
@@ -14,7 +14,7 @@
post_tasks:
- block:
- - include: tasks/enable_repo.yml
+ - include_tasks: tasks/enable_repo.yml
vars: { repo_name: "break-yum" }
- action: openshift_health_check
@@ -22,4 +22,4 @@
checks: [ 'package_update' ]
always: # destroy the container whether check passed or not
- - include: ../../teardown_container.yml
+ - include_tasks: ../../teardown_container.yml
diff --git a/test/integration/openshift_health_checker/preflight/playbooks/package_update_repo_broken.yml b/test/integration/openshift_health_checker/preflight/playbooks/package_update_repo_broken.yml
index 84e9360f5..3b8b15ff3 100644
--- a/test/integration/openshift_health_checker/preflight/playbooks/package_update_repo_broken.yml
+++ b/test/integration/openshift_health_checker/preflight/playbooks/package_update_repo_broken.yml
@@ -1,5 +1,5 @@
---
-- include: ../../setup_container.yml
+- import_playbook: ../../setup_container.yml
vars:
image: preflight-aos-package-checks
l_host_vars:
@@ -14,7 +14,7 @@
post_tasks:
- block:
- - include: tasks/enable_repo.yml
+ - include_tasks: tasks/enable_repo.yml
vars: { repo_name: "break-yum" }
- name: Break the break-yum repo
@@ -29,4 +29,4 @@
checks: [ 'package_update' ]
always: # destroy the container whether check passed or not
- - include: ../../teardown_container.yml
+ - include_tasks: ../../teardown_container.yml
diff --git a/test/integration/openshift_health_checker/preflight/playbooks/package_update_repo_disabled.yml b/test/integration/openshift_health_checker/preflight/playbooks/package_update_repo_disabled.yml
index f4c1bedfa..269c0250b 100644
--- a/test/integration/openshift_health_checker/preflight/playbooks/package_update_repo_disabled.yml
+++ b/test/integration/openshift_health_checker/preflight/playbooks/package_update_repo_disabled.yml
@@ -1,5 +1,5 @@
---
-- include: ../../setup_container.yml
+- import_playbook: ../../setup_container.yml
vars:
image: preflight-aos-package-checks
l_host_vars:
@@ -19,4 +19,4 @@
checks: [ 'package_update' ]
always: # destroy the container whether check passed or not
- - include: ../../teardown_container.yml
+ - include_tasks: ../../teardown_container.yml
diff --git a/test/integration/openshift_health_checker/preflight/playbooks/package_update_repo_unreachable.yml b/test/integration/openshift_health_checker/preflight/playbooks/package_update_repo_unreachable.yml
index 409057792..92408a669 100644
--- a/test/integration/openshift_health_checker/preflight/playbooks/package_update_repo_unreachable.yml
+++ b/test/integration/openshift_health_checker/preflight/playbooks/package_update_repo_unreachable.yml
@@ -1,5 +1,5 @@
---
-- include: ../../setup_container.yml
+- import_playbook: ../../setup_container.yml
vars:
image: preflight-aos-package-checks
l_host_vars:
@@ -14,7 +14,7 @@
post_tasks:
- block:
- - include: tasks/enable_repo.yml
+ - include_tasks: tasks/enable_repo.yml
vars: { repo_name: "break-yum" }
- name: Remove the local repo entirely
@@ -25,4 +25,4 @@
checks: [ 'package_update' ]
always: # destroy the container whether check passed or not
- - include: ../../teardown_container.yml
+ - include_tasks: ../../teardown_container.yml
diff --git a/test/integration/openshift_health_checker/preflight/playbooks/package_version_matches.yml b/test/integration/openshift_health_checker/preflight/playbooks/package_version_matches.yml
index d88f82a4a..4e2b8a50c 100644
--- a/test/integration/openshift_health_checker/preflight/playbooks/package_version_matches.yml
+++ b/test/integration/openshift_health_checker/preflight/playbooks/package_version_matches.yml
@@ -1,5 +1,5 @@
---
-- include: ../../setup_container.yml
+- import_playbook: ../../setup_container.yml
vars:
image: preflight-aos-package-checks
l_host_vars:
@@ -15,7 +15,7 @@
- block:
# disable extras so we control docker version
- - include: tasks/enable_repo.yml
+ - include_tasks: tasks/enable_repo.yml
vars: { repo_file: "CentOS-Base", repo_name: "extras", repo_enabled: 0 }
- action: openshift_health_check
@@ -23,4 +23,4 @@
checks: [ 'package_version' ]
always: # destroy the container whether check passed or not
- - include: ../../teardown_container.yml
+ - include_tasks: ../../teardown_container.yml
diff --git a/test/integration/openshift_health_checker/preflight/playbooks/package_version_mismatches.yml b/test/integration/openshift_health_checker/preflight/playbooks/package_version_mismatches.yml
index 401ad1e21..e1f8d74e6 100644
--- a/test/integration/openshift_health_checker/preflight/playbooks/package_version_mismatches.yml
+++ b/test/integration/openshift_health_checker/preflight/playbooks/package_version_mismatches.yml
@@ -1,6 +1,6 @@
---
# NOTE: this test is probably superfluous since openshift_version already does it
-- include: ../../setup_container.yml
+- import_playbook: ../../setup_container.yml
vars:
image: preflight-aos-package-checks
l_host_vars:
@@ -16,14 +16,14 @@
- block:
# put the repo back to disabled
- - include: tasks/enable_repo.yml
+ - include_tasks: tasks/enable_repo.yml
vars: { repo_name: "ose-3.2", repo_enabled: 0 }
# test with wrong repo enabled
- - include: tasks/enable_repo.yml
+ - include_tasks: tasks/enable_repo.yml
vars: { repo_name: "ose-3.3" }
- action: openshift_health_check
args:
checks: [ 'package_version' ]
always: # destroy the container whether check passed or not
- - include: ../../teardown_container.yml
+ - include_tasks: ../../teardown_container.yml
diff --git a/test/integration/openshift_health_checker/preflight/playbooks/package_version_multiple.yml b/test/integration/openshift_health_checker/preflight/playbooks/package_version_multiple.yml
index 88613802b..600bbe9c3 100644
--- a/test/integration/openshift_health_checker/preflight/playbooks/package_version_multiple.yml
+++ b/test/integration/openshift_health_checker/preflight/playbooks/package_version_multiple.yml
@@ -1,5 +1,5 @@
---
-- include: ../../setup_container.yml
+- import_playbook: ../../setup_container.yml
vars:
image: preflight-aos-package-checks
l_host_vars:
@@ -14,11 +14,11 @@
- block:
# enable repo with extra minor version available
- - include: tasks/enable_repo.yml
+ - include_tasks: tasks/enable_repo.yml
vars: { repo_name: "ose-3.3" }
# disable extras so we control docker version
- - include: tasks/enable_repo.yml
+ - include_tasks: tasks/enable_repo.yml
vars: { repo_file: "CentOS-Base", repo_name: "extras", repo_enabled: 0 }
- action: openshift_health_check
@@ -26,4 +26,4 @@
checks: [ 'package_version' ]
always: # destroy the container whether check passed or not
- - include: ../../teardown_container.yml
+ - include_tasks: ../../teardown_container.yml
diff --git a/test/integration/openshift_health_checker/preflight/playbooks/package_version_origin.yml b/test/integration/openshift_health_checker/preflight/playbooks/package_version_origin.yml
index da3f6b844..079ca4253 100644
--- a/test/integration/openshift_health_checker/preflight/playbooks/package_version_origin.yml
+++ b/test/integration/openshift_health_checker/preflight/playbooks/package_version_origin.yml
@@ -1,5 +1,5 @@
---
-- include: ../../setup_container.yml
+- import_playbook: ../../setup_container.yml
vars:
image: preflight-aos-package-checks
l_host_vars:
@@ -17,4 +17,4 @@
checks: [ 'package_version' ]
always: # destroy the container whether check passed or not
- - include: ../../teardown_container.yml
+ - include_tasks: ../../teardown_container.yml
diff --git a/test/integration/openshift_health_checker/setup_container.yml b/test/integration/openshift_health_checker/setup_container.yml
index 413754fcd..0f0f8d366 100644
--- a/test/integration/openshift_health_checker/setup_container.yml
+++ b/test/integration/openshift_health_checker/setup_container.yml
@@ -46,17 +46,15 @@
- hosts: all
tasks:
-
# run before openshift_version to prevent it breaking
- - include: preflight/playbooks/tasks/enable_repo.yml
+ - include_tasks: preflight/playbooks/tasks/enable_repo.yml
vars: { repo_name: "ose-3.2" }
-- include: ../../../playbooks/byo/openshift-cluster/initialize_groups.yml
-- include: ../../../playbooks/common/openshift-cluster/std_include.yml
+- import_playbook: ../../../playbooks/init/main.yml
- hosts: all
tasks:
# put it back like it was for the tests
- - include: preflight/playbooks/tasks/enable_repo.yml
+ - include_tasks: preflight/playbooks/tasks/enable_repo.yml
vars: { repo_name: "ose-3.2", enabled: False }
diff --git a/test/integration/run-tests.sh b/test/integration/run-tests.sh
index 680b64602..680b64602 100755..100644
--- a/test/integration/run-tests.sh
+++ b/test/integration/run-tests.sh
diff --git a/test/openshift_version_tests.py b/test/openshift_version_tests.py
deleted file mode 100644
index 6095beb95..000000000
--- a/test/openshift_version_tests.py
+++ /dev/null
@@ -1,76 +0,0 @@
-""" Tests for the openshift_version Ansible filter module. """
-# pylint: disable=missing-docstring,invalid-name
-
-import os
-import sys
-import unittest
-
-sys.path = [os.path.abspath(os.path.dirname(__file__) + "/../filter_plugins/")] + sys.path
-
-# pylint: disable=import-error
-import openshift_version # noqa: E402
-
-
-class OpenShiftVersionTests(unittest.TestCase):
-
- openshift_version_filters = openshift_version.FilterModule()
-
- # Static tests for legacy filters.
- legacy_gte_tests = [{'name': 'oo_version_gte_3_1_or_1_1',
- 'positive_openshift-enterprise_version': '3.2.0',
- 'negative_openshift-enterprise_version': '3.0.0',
- 'positive_origin_version': '1.2.0',
- 'negative_origin_version': '1.0.0'},
- {'name': 'oo_version_gte_3_1_1_or_1_1_1',
- 'positive_openshift-enterprise_version': '3.2.0',
- 'negative_openshift-enterprise_version': '3.1.0',
- 'positive_origin_version': '1.2.0',
- 'negative_origin_version': '1.1.0'},
- {'name': 'oo_version_gte_3_2_or_1_2',
- 'positive_openshift-enterprise_version': '3.3.0',
- 'negative_openshift-enterprise_version': '3.1.0',
- 'positive_origin_version': '1.3.0',
- 'negative_origin_version': '1.1.0'},
- {'name': 'oo_version_gte_3_3_or_1_3',
- 'positive_openshift-enterprise_version': '3.4.0',
- 'negative_openshift-enterprise_version': '3.2.0',
- 'positive_origin_version': '1.4.0',
- 'negative_origin_version': '1.2.0'},
- {'name': 'oo_version_gte_3_4_or_1_4',
- 'positive_openshift-enterprise_version': '3.5.0',
- 'negative_openshift-enterprise_version': '3.3.0',
- 'positive_origin_version': '1.5.0',
- 'negative_origin_version': '1.3.0'},
- {'name': 'oo_version_gte_3_5_or_1_5',
- 'positive_openshift-enterprise_version': '3.6.0',
- 'negative_openshift-enterprise_version': '3.4.0',
- 'positive_origin_version': '3.6.0',
- 'negative_origin_version': '1.4.0'}]
-
- def test_legacy_gte_filters(self):
- for test in self.legacy_gte_tests:
- for deployment_type in ['openshift-enterprise', 'origin']:
- # Test negative case per deployment_type
- self.assertFalse(
- self.openshift_version_filters._filters[test['name']](
- test["negative_{}_version".format(deployment_type)], deployment_type))
- # Test positive case per deployment_type
- self.assertTrue(
- self.openshift_version_filters._filters[test['name']](
- test["positive_{}_version".format(deployment_type)], deployment_type))
-
- def test_gte_filters(self):
- for major, minor_start, minor_end in self.openshift_version_filters.versions:
- for minor in range(minor_start, minor_end):
- # Test positive case
- self.assertTrue(
- self.openshift_version_filters._filters["oo_version_gte_{}_{}".format(major, minor)](
- "{}.{}".format(major, minor + 1)))
- # Test negative case
- self.assertFalse(
- self.openshift_version_filters._filters["oo_version_gte_{}_{}".format(major, minor)](
- "{}.{}".format(major, minor)))
-
- def test_get_filters(self):
- self.assertTrue(
- self.openshift_version_filters.filters() == self.openshift_version_filters._filters)
diff --git a/tox.ini b/tox.ini
index 899767833..9c35915d5 100644
--- a/tox.ini
+++ b/tox.ini
@@ -3,7 +3,6 @@ minversion=2.3.1
envlist =
py{27,35}-{flake8,pylint,unit}
py27-{yamllint,ansible_syntax,generate_validation}
- integration
skipsdist=True
skip_missing_interpreters=True
@@ -12,15 +11,13 @@ skip_install=True
deps =
-rrequirements.txt
-rtest-requirements.txt
+ unit: -eutils
py35-flake8: flake8-bugbear==17.3.0
- integration: docker-py==1.10.6
commands =
- unit: pip install -e utils
unit: pytest {posargs}
flake8: flake8 {posargs}
pylint: python setup.py lint
yamllint: python setup.py yamllint
generate_validation: python setup.py generate_validation
ansible_syntax: python setup.py ansible_syntax
- integration: python -c 'print("run test/integration/run-tests.sh")'
diff --git a/utils/etc/ansible.cfg b/utils/etc/ansible.cfg
index f7e6fe2ff..562f6544d 100644
--- a/utils/etc/ansible.cfg
+++ b/utils/etc/ansible.cfg
@@ -29,6 +29,10 @@ deprecation_warnings = False
# ssh_args - set if provided by user (cli)
# control_path
+[inventory]
+# fail more helpfully when the inventory file does not parse (Ansible 2.4+)
+unparsed_is_failed=true
+
# Additional ssh options for OpenShift Ansible
[ssh_connection]
# shorten the ControlPath which is often too long; when it is,
diff --git a/utils/src/ooinstall/cli_installer.py b/utils/src/ooinstall/cli_installer.py
index 65a481b10..1226242d0 100644
--- a/utils/src/ooinstall/cli_installer.py
+++ b/utils/src/ooinstall/cli_installer.py
@@ -25,21 +25,15 @@ QUIET_ANSIBLE_CONFIG = '/usr/share/atomic-openshift-utils/ansible-quiet.cfg'
DEFAULT_PLAYBOOK_DIR = '/usr/share/ansible/openshift-ansible/'
UPGRADE_MAPPINGS = {
- '3.4': {
- 'minor_version': '3.4',
- 'minor_playbook': 'v3_4/upgrade.yml',
- 'major_playbook': 'v3_5/upgrade.yml',
- 'major_version': '3.5',
- },
- '3.5': {
- 'minor_version': '3.5',
- 'minor_playbook': 'v3_5/upgrade.yml',
- 'major_playbook': 'v3_6/upgrade.yml',
- 'major_version': '3.6',
- },
'3.6': {
'minor_version': '3.6',
'minor_playbook': 'v3_6/upgrade.yml',
+ 'major_playbook': 'v3_7/upgrade.yml',
+ 'major_version': '3.7',
+ },
+ '3.7': {
+ 'minor_version': '3.7',
+ 'minor_playbook': 'v3_7/upgrade.yml',
},
}
diff --git a/utils/src/ooinstall/openshift_ansible.py b/utils/src/ooinstall/openshift_ansible.py
index ca5e7dc1a..dda8eb4c6 100644
--- a/utils/src/ooinstall/openshift_ansible.py
+++ b/utils/src/ooinstall/openshift_ansible.py
@@ -125,7 +125,6 @@ def write_inventory_vars(base_inventory, lb):
base_inventory.write('openshift_override_hostname_check=true\n')
if lb is not None:
- base_inventory.write('openshift_master_cluster_method=native\n')
base_inventory.write("openshift_master_cluster_hostname={}\n".format(lb.hostname))
base_inventory.write(
"openshift_master_cluster_public_hostname={}\n".format(lb.public_hostname))
@@ -266,7 +265,6 @@ def default_facts(hosts, verbose=False):
facts_env = os.environ.copy()
facts_env["OO_INSTALL_CALLBACK_FACTS_YAML"] = CFG.settings['ansible_callback_facts_yaml']
facts_env["ANSIBLE_CALLBACK_PLUGINS"] = CFG.settings['ansible_plugins_directory']
- facts_env["OPENSHIFT_MASTER_CLUSTER_METHOD"] = 'native'
if 'ansible_log_path' in CFG.settings:
facts_env["ANSIBLE_LOG_PATH"] = CFG.settings['ansible_log_path']
if 'ansible_config' in CFG.settings:
@@ -281,7 +279,7 @@ def run_main_playbook(inventory_file, hosts, hosts_to_run_on, verbose=False):
global CFG
if len(hosts_to_run_on) != len(hosts):
main_playbook_path = os.path.join(CFG.ansible_playbook_directory,
- 'playbooks/byo/openshift-node/scaleup.yml')
+ 'playbooks/openshift-node/scaleup.yml')
else:
main_playbook_path = os.path.join(CFG.ansible_playbook_directory,
'playbooks/byo/openshift-cluster/config.yml')