diff options
Diffstat (limited to 'roles/openshift_metrics/templates')
14 files changed, 736 insertions, 0 deletions
diff --git a/roles/openshift_metrics/templates/hawkular_cassandra_rc.j2 b/roles/openshift_metrics/templates/hawkular_cassandra_rc.j2 new file mode 100644 index 000000000..6f341bcfb --- /dev/null +++ b/roles/openshift_metrics/templates/hawkular_cassandra_rc.j2 @@ -0,0 +1,136 @@ +apiVersion: v1 +kind: ReplicationController +metadata: + name: hawkular-cassandra-{{ node }} + labels: + metrics-infra: hawkular-cassandra + name: hawkular-cassandra + type: hawkular-cassandra +spec: + selector: + name: hawkular-cassandra-{{ node }} + replicas: {{replica_count}} + template: + version: v1 + metadata: + labels: + metrics-infra: hawkular-cassandra + name: hawkular-cassandra-{{ node }} + type: hawkular-cassandra + spec: + serviceAccount: cassandra + securityContext: + supplementalGroups: + - {{openshift_metrics_cassandra_storage_group}} +{% if node_selector is iterable and node_selector | length > 0 %} + nodeSelector: +{% for key, value in node_selector.iteritems() %} + {{key}}: "{{value}}" +{% endfor %} +{% endif %} + containers: + - image: "{{ openshift_metrics_image_prefix }}metrics-cassandra:{{ openshift_metrics_image_version }}" + imagePullPolicy: Always + name: hawkular-cassandra-{{ node }} + ports: + - name: cql-port + containerPort: 9042 + - name: thift-port + containerPort: 9160 + - name: tcp-port + containerPort: 7000 + - name: ssl-port + containerPort: 7001 + command: + - "/opt/apache-cassandra/bin/cassandra-docker.sh" + - "--cluster_name=hawkular-metrics" + - "--data_volume=/cassandra_data" + - "--internode_encryption=all" + - "--require_node_auth=true" + - "--enable_client_encryption=true" + - "--require_client_auth=true" + env: + - name: CASSANDRA_MASTER + value: "{{ master }}" + - name: CASSANDRA_DATA_VOLUME + value: "/cassandra_data" + - name: JVM_OPTS + value: "-Dcassandra.commitlog.ignorereplayerrors=true" + - name: ENABLE_PROMETHEUS_ENDPOINT + value: "{{ openshift_metrics_cassandra_enable_prometheus_endpoint }}" + - name: TRUSTSTORE_NODES_AUTHORITIES + value: "/hawkular-cassandra-certs/tls.peer.truststore.crt" + - name: TRUSTSTORE_CLIENT_AUTHORITIES + value: "/hawkular-cassandra-certs/tls.client.truststore.crt" + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MEMORY_LIMIT + valueFrom: + resourceFieldRef: + resource: limits.memory + - name: CPU_LIMIT + valueFrom: + resourceFieldRef: + resource: limits.cpu + divisor: 1m + volumeMounts: + - name: cassandra-data + mountPath: "/cassandra_data" + - name: hawkular-cassandra-certs + mountPath: "/hawkular-cassandra-certs" +{% if ((openshift_metrics_cassandra_limits_cpu is defined and openshift_metrics_cassandra_limits_cpu is not none) + or (openshift_metrics_cassandra_limits_memory is defined and openshift_metrics_cassandra_limits_memory is not none) + or (openshift_metrics_cassandra_requests_cpu is defined and openshift_metrics_cassandra_requests_cpu is not none) + or (openshift_metrics_cassandra_requests_memory is defined and openshift_metrics_cassandra_requests_memory is not none)) +%} + resources: +{% if (openshift_metrics_cassandra_limits_cpu is not none + or openshift_metrics_cassandra_limits_memory is not none) +%} + limits: +{% if openshift_metrics_cassandra_limits_cpu is not none %} + cpu: "{{openshift_metrics_cassandra_limits_cpu}}" +{% endif %} +{% if openshift_metrics_cassandra_limits_memory is not none %} + memory: "{{openshift_metrics_cassandra_limits_memory}}" +{% endif %} +{% endif %} +{% if (openshift_metrics_cassandra_requests_cpu is not none + or openshift_metrics_cassandra_requests_memory is not none) +%} + requests: +{% if openshift_metrics_cassandra_requests_cpu is not none %} + cpu: "{{openshift_metrics_cassandra_requests_cpu}}" +{% endif %} +{% if openshift_metrics_cassandra_requests_memory is not none %} + memory: "{{openshift_metrics_cassandra_requests_memory}}" +{% endif %} +{% endif %} +{% endif %} + readinessProbe: + exec: + command: + - "/opt/apache-cassandra/bin/cassandra-docker-ready.sh" + lifecycle: + preStop: + exec: + command: + - "/opt/apache-cassandra/bin/cassandra-prestop.sh" + postStart: + exec: + command: + - "/opt/apache-cassandra/bin/cassandra-poststart.sh" + terminationGracePeriodSeconds: 1800 + volumes: + - name: cassandra-data +{% if openshift_metrics_cassandra_storage_type == 'emptydir' %} + emptyDir: {} +{% else %} + persistentVolumeClaim: + claimName: "{{ openshift_metrics_cassandra_pvc_prefix }}-{{ node }}" +{% endif %} + - name: hawkular-cassandra-certs + secret: + secretName: hawkular-cassandra-certs diff --git a/roles/openshift_metrics/templates/hawkular_metrics_rc.j2 b/roles/openshift_metrics/templates/hawkular_metrics_rc.j2 new file mode 100644 index 000000000..59f7fb44a --- /dev/null +++ b/roles/openshift_metrics/templates/hawkular_metrics_rc.j2 @@ -0,0 +1,128 @@ +apiVersion: v1 +kind: ReplicationController +metadata: + name: hawkular-metrics + labels: + metrics-infra: hawkular-metrics + name: hawkular-metrics +spec: + selector: + name: hawkular-metrics + replicas: {{replica_count}} + template: + version: v1 + metadata: + labels: + metrics-infra: hawkular-metrics + name: hawkular-metrics + spec: + serviceAccount: hawkular +{% if node_selector is iterable and node_selector | length > 0 %} + nodeSelector: +{% for key, value in node_selector.iteritems() %} + {{key}}: "{{value}}" +{% endfor %} +{% endif %} + containers: + - image: {{openshift_metrics_image_prefix}}metrics-hawkular-metrics:{{openshift_metrics_image_version}} + imagePullPolicy: Always + name: hawkular-metrics + ports: + - name: http-endpoint + containerPort: 8080 + - name: https-endpoint + containerPort: 8443 + - name: ping + containerPort: 8888 + command: + - "/opt/hawkular/scripts/hawkular-metrics-wrapper.sh" + - "-b" + - 0.0.0.0 + - "-Dhawkular.metrics.cassandra.nodes=hawkular-cassandra" + - "-Dhawkular.metrics.cassandra.use-ssl" + - "-Dhawkular.metrics.openshift.auth-methods=openshift-oauth,htpasswd" + - "-Dhawkular.metrics.openshift.htpasswd-file=/hawkular-account/hawkular-metrics.htpasswd" + - "-Dhawkular.metrics.allowed-cors-access-control-allow-headers=authorization" + - "-Dhawkular.metrics.default-ttl={{openshift_metrics_duration}}" + - "-Dhawkular.metrics.admin-tenant=_hawkular_admin" + - "-Dhawkular-alerts.cassandra-nodes=hawkular-cassandra" + - "-Dhawkular-alerts.cassandra-use-ssl" + - "-Dhawkular.alerts.openshift.auth-methods=openshift-oauth,htpasswd" + - "-Dhawkular.alerts.openshift.htpasswd-file=/hawkular-account/hawkular-metrics.htpasswd" + - "-Dhawkular.alerts.allowed-cors-access-control-allow-headers=authorization" + - "-Dorg.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH=true" + - "-Dorg.apache.catalina.connector.CoyoteAdapter.ALLOW_BACKSLASH=true" + - "-Dcom.datastax.driver.FORCE_NIO=true" + - "-DKUBERNETES_MASTER_URL={{openshift_metrics_master_url}}" + - "-DUSER_WRITE_ACCESS={{openshift_metrics_hawkular_user_write_access}}" + - "-Dhawkular.metrics.jmx-reporting-enabled" + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MASTER_URL + value: "{{ openshift_metrics_master_url }}" + - name: JGROUPS_PASSWORD + value: "{{ 17 | oo_random_word }}" + - name: TRUSTSTORE_AUTHORITIES + value: "/hawkular-metrics-certs/tls.truststore.crt" + - name: ENABLE_PROMETHEUS_ENDPOINT + value: "{{ openshift_metrics_hawkular_enable_prometheus_endpoint }}" + - name: OPENSHIFT_KUBE_PING_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: OPENSHIFT_KUBE_PING_LABELS + value: "metrics-infra=hawkular-metrics,name=hawkular-metrics" + - name: STARTUP_TIMEOUT + value: "{{ openshift_metrics_startup_timeout }}" + volumeMounts: + - name: hawkular-metrics-certs + mountPath: "/hawkular-metrics-certs" + - name: hawkular-metrics-account + mountPath: "/hawkular-account" +{% if ((openshift_metrics_hawkular_limits_cpu is defined and openshift_metrics_hawkular_limits_cpu is not none) + or (openshift_metrics_hawkular_limits_memory is defined and openshift_metrics_hawkular_limits_memory is not none) + or (openshift_metrics_hawkular_requests_cpu is defined and openshift_metrics_hawkular_requests_cpu is not none) + or (openshift_metrics_hawkular_requests_memory is defined and openshift_metrics_hawkular_requests_memory is not none)) +%} + resources: +{% if (openshift_metrics_hawkular_limits_cpu is not none + or openshift_metrics_hawkular_limits_memory is not none) +%} + limits: +{% if openshift_metrics_hawkular_limits_cpu is not none %} + cpu: "{{openshift_metrics_hawkular_limits_cpu}}" +{% endif %} +{% if openshift_metrics_hawkular_limits_memory is not none %} + memory: "{{openshift_metrics_hawkular_limits_memory}}" +{% endif %} +{% endif %} +{% if (openshift_metrics_hawkular_requests_cpu is not none + or openshift_metrics_hawkular_requests_memory is not none) +%} + requests: +{% if openshift_metrics_hawkular_requests_cpu is not none %} + cpu: "{{openshift_metrics_hawkular_requests_cpu}}" +{% endif %} +{% if openshift_metrics_hawkular_requests_memory is not none %} + memory: "{{openshift_metrics_hawkular_requests_memory}}" +{% endif %} +{% endif %} +{% endif %} + readinessProbe: + exec: + command: + - "/opt/hawkular/scripts/hawkular-metrics-readiness.py" + livenessProbe: + exec: + command: + - "/opt/hawkular/scripts/hawkular-metrics-liveness.py" + volumes: + - name: hawkular-metrics-certs + secret: + secretName: hawkular-metrics-certs + - name: hawkular-metrics-account + secret: + secretName: hawkular-metrics-account diff --git a/roles/openshift_metrics/templates/hawkular_metrics_role.j2 b/roles/openshift_metrics/templates/hawkular_metrics_role.j2 new file mode 100644 index 000000000..6c9dbf5d6 --- /dev/null +++ b/roles/openshift_metrics/templates/hawkular_metrics_role.j2 @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: ClusterRole +metadata: + name: hawkular-metrics + labels: + metrics-infra: hawkular-metrics +rules: +- apiGroups: + - "" + resources: + - namespaces + verbs: + - list + - get + - watch diff --git a/roles/openshift_metrics/templates/hawkular_openshift_agent_cm.j2 b/roles/openshift_metrics/templates/hawkular_openshift_agent_cm.j2 new file mode 100644 index 000000000..bf472c066 --- /dev/null +++ b/roles/openshift_metrics/templates/hawkular_openshift_agent_cm.j2 @@ -0,0 +1,54 @@ +id: hawkular-openshift-agent +kind: ConfigMap +apiVersion: v1 +name: Hawkular OpenShift Agent Configuration +metadata: + name: hawkular-openshift-agent-configuration + labels: + metrics-infra: agent + namespace: {{openshift_metrics_hawkular_agent_namespace}} +data: + config.yaml: | + kubernetes: + tenant: ${POD:namespace_name} + hawkular_server: + url: https://hawkular-metrics.openshift-infra.svc.cluster.local + credentials: + username: secret:openshift-infra/hawkular-metrics-account/hawkular-metrics.username + password: secret:openshift-infra/hawkular-metrics-account/hawkular-metrics.password + ca_cert_file: secret:openshift-infra/hawkular-metrics-certs/ca.crt + emitter: + status_enabled: false + collector: + minimum_collection_interval: 10s + default_collection_interval: 30s + metric_id_prefix: pod/${POD:uid}/custom/ + tags: + metric_name: ${METRIC:name} + description: ${METRIC:description} + units: ${METRIC:units} + namespace_id: ${POD:namespace_uid} + namespace_name: ${POD:namespace_name} + node_name: ${POD:node_name} + pod_id: ${POD:uid} + pod_ip: ${POD:ip} + pod_name: ${POD:name} + pod_namespace: ${POD:namespace_name} + hostname: ${POD:hostname} + host_ip: ${POD:host_ip} + labels: ${POD:labels} + type: pod + collector: hawkular_openshift_agent + custom_metric: true + hawkular-openshift-agent: | + endpoints: + - type: prometheus + protocol: "http" + port: 8080 + path: /metrics + collection_interval: 30s + metrics: + - name: hawkular_openshift_agent_metric_data_points_collected_total + - name: hawkular_openshift_agent_monitored_endpoints + - name: hawkular_openshift_agent_monitored_pods + - name: hawkular_openshift_agent_monitored_metrics diff --git a/roles/openshift_metrics/templates/hawkular_openshift_agent_ds.j2 b/roles/openshift_metrics/templates/hawkular_openshift_agent_ds.j2 new file mode 100644 index 000000000..d65eaf9ae --- /dev/null +++ b/roles/openshift_metrics/templates/hawkular_openshift_agent_ds.j2 @@ -0,0 +1,91 @@ +apiVersion: extensions/v1beta1 +kind: DaemonSet +metadata: + name: hawkular-openshift-agent + labels: + name: hawkular-openshift-agent + metrics-infra: agent + namespace: {{openshift_metrics_hawkular_agent_namespace}} +spec: + selector: + matchLabels: + name: hawkular-openshift-agent + template: + metadata: + labels: + name: hawkular-openshift-agent + metrics-infra: agent + spec: + serviceAccount: hawkular-openshift-agent +{% if node_selector is iterable and node_selector | length > 0 %} + nodeSelector: +{% for key, value in node_selector.iteritems() %} + {{key}}: "{{value}}" +{% endfor %} +{% endif %} + containers: + - image: {{openshift_metrics_image_prefix}}metrics-hawkular-openshift-agent:{{openshift_metrics_image_version}} + imagePullPolicy: Always + name: hawkular-openshift-agent +{% if ((openshift_metrics_hawkular_agent_limits_cpu is defined and openshift_metrics_hawkular_agent_limits_cpu is not none) + or (openshift_metrics_hawkular_agent_limits_memory is defined and openshift_metrics_hawkular_agent_limits_memory is not none) + or (openshift_metrics_hawkular_agent_requests_cpu is defined and openshift_metrics_hawkular_agent_requests_cpu is not none) + or (openshift_metrics_hawkular_agent_requests_memory is defined and openshift_metrics_hawkular_agent_requests_memory is not none)) +%} + resources: +{% if (openshift_metrics_hawkular_agent_limits_cpu is not none + or openshift_metrics_hawkular_agent_limits_memory is not none) +%} + limits: +{% if openshift_metrics_hawkular_agent_limits_cpu is not none %} + cpu: "{{openshift_metrics_hawkular_agent_limits_cpu}}" +{% endif %} +{% if openshift_metrics_hawkular_agent_limits_memory is not none %} + memory: "{{openshift_metrics_hawkular_agent_limits_memory}}" +{% endif %} +{% endif %} +{% if (openshift_metrics_hawkular_agent_requests_cpu is not none + or openshift_metrics_hawkular_agent_requests_memory is not none) +%} + requests: +{% if openshift_metrics_hawkular_agent_requests_cpu is not none %} + cpu: "{{openshift_metrics_hawkular_agent_requests_cpu}}" +{% endif %} +{% if openshift_metrics_hawkular_agent_requests_memory is not none %} + memory: "{{openshift_metrics_hawkular_agent_requests_memory}}" +{% endif %} +{% endif %} +{% endif %} + + livenessProbe: + httpGet: + scheme: HTTP + path: /health + port: 8080 + initialDelaySeconds: 30 + periodSeconds: 30 + command: + - "hawkular-openshift-agent" + - "-config" + - "/hawkular-openshift-agent-configuration/config.yaml" + - "-v" + - "3" + env: + - name: K8S_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: K8S_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + volumeMounts: + - name: hawkular-openshift-agent-configuration + mountPath: "/hawkular-openshift-agent-configuration" + volumes: + - name: hawkular-openshift-agent-configuration + configMap: + name: hawkular-openshift-agent-configuration + - name: hawkular-openshift-agent + configMap: + name: hawkular-openshift-agent-configuration diff --git a/roles/openshift_metrics/templates/hawkular_openshift_agent_role.j2 b/roles/openshift_metrics/templates/hawkular_openshift_agent_role.j2 new file mode 100644 index 000000000..24b8cd801 --- /dev/null +++ b/roles/openshift_metrics/templates/hawkular_openshift_agent_role.j2 @@ -0,0 +1,25 @@ +apiVersion: v1 +kind: ClusterRole +metadata: + name: hawkular-openshift-agent + labels: + metrics-infra: agent +rules: +- apiGroups: + - "" + resources: + - configmaps + - namespaces + - nodes + - pods + - projects + verbs: + - get + - list + - watch +- apiGroups: + - "" + resources: + - secrets + verbs: + - get diff --git a/roles/openshift_metrics/templates/hawkular_openshift_agent_sa.j2 b/roles/openshift_metrics/templates/hawkular_openshift_agent_sa.j2 new file mode 100644 index 000000000..ec604d73c --- /dev/null +++ b/roles/openshift_metrics/templates/hawkular_openshift_agent_sa.j2 @@ -0,0 +1,7 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: hawkular-openshift-agent + labels: + metrics-infra: agent + namespace: {{openshift_metrics_hawkular_agent_namespace}} diff --git a/roles/openshift_metrics/templates/heapster.j2 b/roles/openshift_metrics/templates/heapster.j2 new file mode 100644 index 000000000..d8c7763ea --- /dev/null +++ b/roles/openshift_metrics/templates/heapster.j2 @@ -0,0 +1,110 @@ +apiVersion: "v1" +kind: "ReplicationController" +metadata: + name: heapster + labels: + metrics-infra: heapster + name: heapster +spec: + selector: + name: heapster + replicas: {{replica_count}} + template: + version: v1 + metadata: + name: heapster + labels: + metrics-infra: heapster + name: heapster + spec: + serviceAccountName: heapster +{% if node_selector is iterable and node_selector | length > 0 %} + nodeSelector: +{% for key, value in node_selector.iteritems() %} + {{key}}: "{{value}}" +{% endfor %} +{% endif %} + containers: + - name: heapster + image: {{openshift_metrics_image_prefix}}metrics-heapster:{{openshift_metrics_image_version}} + imagePullPolicy: Always + ports: + - containerPort: 8082 + name: "http-endpoint" + command: + - "heapster-wrapper.sh" + - "--wrapper.allowed_users_file=/secrets/heapster.allowed-users" + - "--source=kubernetes.summary_api:${MASTER_URL}?useServiceAccount=true&kubeletHttps=true&kubeletPort=10250" + - "--tls_cert=/heapster-certs/tls.crt" + - "--tls_key=/heapster-certs/tls.key" + - "--tls_client_ca=/var/run/secrets/kubernetes.io/serviceaccount/ca.crt" + - "--allowed_users=%allowed_users%" + - "--metric_resolution={{openshift_metrics_resolution}}" +{% if not openshift_metrics_heapster_standalone %} + - "--wrapper.username_file=/hawkular-account/hawkular-metrics.username" + - "--wrapper.password_file=/hawkular-account/hawkular-metrics.password" + - "--wrapper.endpoint_check=https://hawkular-metrics:443/hawkular/metrics/status" + - "--sink=hawkular:https://hawkular-metrics:443?tenant=_system&labelToTenant=pod_namespace&labelNodeId={{openshift_metrics_node_id}}&caCert=/hawkular-metrics-certs/tls.crt&user=%username%&pass=%password%&filter=label(container_name:^system.slice.*|^user.slice)" +{% endif %} + env: + - name: STARTUP_TIMEOUT + value: "{{ openshift_metrics_startup_timeout }}" +{% if ((openshift_metrics_heapster_limits_cpu is defined and openshift_metrics_heapster_limits_cpu is not none) + or (openshift_metrics_heapster_limits_memory is defined and openshift_metrics_heapster_limits_memory is not none) + or (openshift_metrics_heapster_requests_cpu is defined and openshift_metrics_heapster_requests_cpu is not none) + or (openshift_metrics_heapster_requests_memory is defined and openshift_metrics_heapster_requests_memory is not none)) +%} + resources: +{% if (openshift_metrics_heapster_limits_cpu is not none + or openshift_metrics_heapster_limits_memory is not none) +%} + limits: +{% if openshift_metrics_heapster_limits_cpu is not none %} + cpu: "{{openshift_metrics_heapster_limits_cpu}}" +{% endif %} +{% if openshift_metrics_heapster_limits_memory is not none %} + memory: "{{openshift_metrics_heapster_limits_memory}}" +{% endif %} +{% endif %} +{% if (openshift_metrics_heapster_requests_cpu is not none + or openshift_metrics_heapster_requests_memory is not none) +%} + requests: +{% if openshift_metrics_heapster_requests_cpu is not none %} + cpu: "{{openshift_metrics_heapster_requests_cpu}}" +{% endif %} +{% if openshift_metrics_heapster_requests_memory is not none %} + memory: "{{openshift_metrics_heapster_requests_memory}}" +{% endif %} +{% endif %} +{% endif %} + volumeMounts: + - name: heapster-secrets + mountPath: "/secrets" + - name: heapster-certs + mountPath: "/heapster-certs" +{% if not openshift_metrics_heapster_standalone %} + - name: hawkular-metrics-certs + mountPath: "/hawkular-metrics-certs" + - name: hawkular-metrics-account + mountPath: "/hawkular-account" + readinessProbe: + exec: + command: + - "/opt/heapster-readiness.sh" +{% endif %} + volumes: + - name: heapster-secrets + secret: + secretName: heapster-secrets + - name: heapster-certs + secret: + secretName: heapster-certs +{% if not openshift_metrics_heapster_standalone %} + - name: hawkular-metrics-certs + secret: + secretName: hawkular-metrics-certs + - name: hawkular-metrics-account + secret: + secretName: hawkular-metrics-account +{% endif %} diff --git a/roles/openshift_metrics/templates/pvc.j2 b/roles/openshift_metrics/templates/pvc.j2 new file mode 100644 index 000000000..b4e6a1503 --- /dev/null +++ b/roles/openshift_metrics/templates/pvc.j2 @@ -0,0 +1,37 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: "{{obj_name}}" +{% if labels is not defined %} + labels: + metrics-infra: support +{% elif labels %} + labels: +{% for key, value in labels.iteritems() %} + {{ key }}: {{ value }} +{% endfor %} +{% endif %} +{% if annotations is defined and annotations %} + annotations: +{% for key,value in annotations.iteritems() %} + {{key}}: {{value}} +{% endfor %} +{% endif %} +spec: +{% if pv_selector is defined and pv_selector is mapping %} + selector: + matchLabels: +{% for key,value in pv_selector.iteritems() %} + {{key}}: {{value}} +{% endfor %} +{% endif %} + accessModes: +{% for mode in access_modes %} + - {{ mode }} +{% endfor %} + resources: + requests: + storage: {{size}} +{% if storage_class_name is defined %} + storageClassName: {{ storage_class_name }} +{% endif %} diff --git a/roles/openshift_metrics/templates/rolebinding.j2 b/roles/openshift_metrics/templates/rolebinding.j2 new file mode 100644 index 000000000..5230f0780 --- /dev/null +++ b/roles/openshift_metrics/templates/rolebinding.j2 @@ -0,0 +1,23 @@ +apiVersion: v1 +kind: {% if cluster is defined and cluster %}Cluster{% endif %}RoleBinding +metadata: + name: {{obj_name}} +{% if labels is defined %} + labels: +{% for k, v in labels.iteritems() %} + {{ k }}: {{ v }} +{% endfor %} +{% endif %} +roleRef: +{% if 'kind' in roleRef %} + kind: {{ roleRef.kind }} +{% endif %} + name: {{ roleRef.name }} +subjects: +{% for sub in subjects %} + - kind: {{ sub.kind }} + name: {{ sub.name }} +{% if 'namespace' in sub %} + namespace: {{ sub.namespace }} +{% endif %} +{% endfor %} diff --git a/roles/openshift_metrics/templates/route.j2 b/roles/openshift_metrics/templates/route.j2 new file mode 100644 index 000000000..253d6ecf5 --- /dev/null +++ b/roles/openshift_metrics/templates/route.j2 @@ -0,0 +1,38 @@ +apiVersion: v1 +kind: Route +metadata: + name: {{ name }} +{% if annotations is defined %} + annotations: {{ annotations | to_yaml }} +{% endif %} +{% if labels is defined and labels %} + labels: +{% for k, v in labels.iteritems() %} + {{ k }}: {{ v }} +{% endfor %} +{% endif %} +spec: + host: {{ host }} + to: + kind: {{ to.kind }} + name: {{ to.name }} +{% if tls is defined %} + tls: + termination: {{ tls.termination }} +{% if tls.ca_certificate is defined and tls.ca_certificate | length > 0 %} + caCertificate: | +{{ tls.ca_certificate|indent(6, true) }} +{% endif %} +{% if tls.key is defined and tls.key | length > 0 %} + key: | +{{ tls.key|indent(6, true) }} +{% endif %} +{% if tls.certificate is defined and tls.certificate | length > 0 %} + certificate: | +{{ tls.certificate|indent(6, true) }} +{% endif %} +{% if tls.termination == 'reencrypt' %} + destinationCACertificate: | +{{ tls.destination_ca_certificate|indent(6, true) }} +{% endif %} +{% endif %} diff --git a/roles/openshift_metrics/templates/secret.j2 b/roles/openshift_metrics/templates/secret.j2 new file mode 100644 index 000000000..5b9dba122 --- /dev/null +++ b/roles/openshift_metrics/templates/secret.j2 @@ -0,0 +1,18 @@ +apiVersion: v1 +kind: Secret +metadata: + name: "{{ name }}" +{% if annotations is defined%} + annotations: +{% for key, value in annotations.iteritems() %} + {{key}}: {{value}} +{% endfor %} +{% endif %} + labels: +{% for k, v in labels.iteritems() %} + {{ k }}: {{ v }} +{% endfor %} +data: +{% for k, v in data.iteritems() %} + {{ k }}: {{ v }} +{% endfor %} diff --git a/roles/openshift_metrics/templates/service.j2 b/roles/openshift_metrics/templates/service.j2 new file mode 100644 index 000000000..ce0bc2eec --- /dev/null +++ b/roles/openshift_metrics/templates/service.j2 @@ -0,0 +1,38 @@ +apiVersion: "v1" +kind: "Service" +metadata: + name: "{{obj_name}}" +{% if annotations is defined%} + annotations: +{% for key, value in annotations.iteritems() %} + {{key}}: {{value}} +{% endfor %} +{% endif %} +{% if labels is defined%} + labels: +{% for key, value in labels.iteritems() %} + {{key}}: {{value}} +{% endfor %} +{% endif %} +spec: +{% if headless is defined and headless %} + portalIP: None + clusterIP: None +{% endif %} + ports: +{% for port in ports %} + - +{% for key, value in port.iteritems() %} + {{key}}: {{value}} +{% endfor %} +{% if port.targetPort is undefined %} + clusterIP: "None" +{% endif %} +{% endfor %} +{% if service_targetPort is defined %} + targetPort: {{service_targetPort}} +{% endif %} + selector: + {% for key, value in selector.iteritems() %} + {{key}}: {{value}} + {% endfor %} diff --git a/roles/openshift_metrics/templates/serviceaccount.j2 b/roles/openshift_metrics/templates/serviceaccount.j2 new file mode 100644 index 000000000..b22acc594 --- /dev/null +++ b/roles/openshift_metrics/templates/serviceaccount.j2 @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{obj_name}} +{% if labels is defined%} + labels: +{% for key, value in labels.iteritems() %} + {{key}}: {{value}} +{% endfor %} +{% endif %} +{% if secrets is defined %} +secrets: +{% for name in secrets %} +- name: {{ name }} +{% endfor %} +{% endif %} |