diff options
Diffstat (limited to 'roles')
156 files changed, 8666 insertions, 1819 deletions
diff --git a/roles/ansible/tasks/main.yml b/roles/ansible/tasks/main.yml index 5d20a3b35..ea14fb39a 100644 --- a/roles/ansible/tasks/main.yml +++ b/roles/ansible/tasks/main.yml @@ -2,9 +2,8 @@ # Install ansible client - name: Install Ansible - yum: - pkg: ansible - state: installed + action: "{{ ansible_pkg_mgr }} name=ansible state=present" + when: not openshift.common.is_containerized | bool - include: config.yml vars: diff --git a/roles/ansible_tower/tasks/main.yaml b/roles/ansible_tower/tasks/main.yaml index b7757214d..36fc9b282 100644 --- a/roles/ansible_tower/tasks/main.yaml +++ b/roles/ansible_tower/tasks/main.yaml @@ -1,6 +1,6 @@ --- - name: install some useful packages - yum: name={{ item }} + action: "{{ ansible_pkg_mgr }} name={{ item }} state=present" with_items: - git - python-pip diff --git a/roles/ansible_tower_cli/tasks/main.yml b/roles/ansible_tower_cli/tasks/main.yml index 41fac22a0..0c5163b50 100644 --- a/roles/ansible_tower_cli/tasks/main.yml +++ b/roles/ansible_tower_cli/tasks/main.yml @@ -1,6 +1,6 @@ --- - name: Install python-ansible-tower-cli - yum: name=python-ansible-tower-cli + action: "{{ ansible_pkg_mgr }} name=python-ansible-tower-cli state=present" - template: src: tower_cli.cfg.j2 diff --git a/roles/cockpit/tasks/main.yml b/roles/cockpit/tasks/main.yml index 875cbad21..6e9f3a8bd 100644 --- a/roles/cockpit/tasks/main.yml +++ b/roles/cockpit/tasks/main.yml @@ -1,13 +1,12 @@ --- - name: Install cockpit-ws - yum: - name: "{{ item }}" - state: present + action: "{{ ansible_pkg_mgr }} name={{ item }} state=present" with_items: - cockpit-ws - cockpit-shell - cockpit-bridge - "{{ cockpit_plugins }}" + when: not openshift.common.is_containerized | bool - name: Enable cockpit-ws service: diff --git a/roles/copr_cli/tasks/main.yml b/roles/copr_cli/tasks/main.yml index f7ef1c26e..b732fb7a4 100644 --- a/roles/copr_cli/tasks/main.yml +++ b/roles/copr_cli/tasks/main.yml @@ -1,4 +1,3 @@ --- -- yum: - name: copr-cli - state: present +- action: "{{ ansible_pkg_mgr }} name=copr-cli state=present" + when: not openshift.common.is_containerized | bool diff --git a/roles/docker/README.md b/roles/docker/README.md index 225dd44b9..6b5ee4421 100644 --- a/roles/docker/README.md +++ b/roles/docker/README.md @@ -1,38 +1,38 @@ -Role Name +Docker ========= -A brief description of the role goes here. +Ensures docker package is installed, and optionally raises timeout for systemd-udevd.service to 5 minutes. Requirements ------------ -Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. +None Role Variables -------------- -A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. +udevw_udevd_dir: location of systemd config for systemd-udevd.service +docker_udev_workaround: raises udevd timeout to 5 minutes (https://bugzilla.redhat.com/show_bug.cgi?id=1272446) Dependencies ------------ -A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. +None Example Playbook ---------------- -Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: - - hosts: servers roles: - - { role: username.rolename, x: 42 } + - role: docker + docker_udev_workaround: "true" License ------- -BSD +ASL 2.0 Author Information ------------------ -An optional section for the role authors to include contact information, or a website (HTML is not allowed). +OpenShift operations, Red Hat, Inc diff --git a/roles/docker/handlers/main.yml b/roles/docker/handlers/main.yml index eca7419c1..9f827417f 100644 --- a/roles/docker/handlers/main.yml +++ b/roles/docker/handlers/main.yml @@ -1,4 +1,12 @@ --- - name: restart docker - service: name=docker state=restarted + service: + name: docker + state: restarted + when: not docker_service_status_changed | default(false) + +- name: restart udev + service: + name: systemd-udevd + state: restarted diff --git a/roles/docker/meta/main.yml b/roles/docker/meta/main.yml index c5c362c60..6e2c98601 100644 --- a/roles/docker/meta/main.yml +++ b/roles/docker/meta/main.yml @@ -1,124 +1,12 @@ --- galaxy_info: - author: your name - description: - company: your company (optional) - # Some suggested licenses: - # - BSD (default) - # - MIT - # - GPLv2 - # - GPLv3 - # - Apache - # - CC-BY - license: license (GPLv2, CC-BY, etc) + author: OpenShift + description: docker package install + company: Red Hat, Inc + license: ASL 2.0 min_ansible_version: 1.2 - # - # Below are all platforms currently available. Just uncomment - # the ones that apply to your role. If you don't see your - # platform on this list, let us know and we'll get it added! - # - #platforms: - #- name: EL - # versions: - # - all - # - 5 - # - 6 - # - 7 - #- name: GenericUNIX - # versions: - # - all - # - any - #- name: Fedora - # versions: - # - all - # - 16 - # - 17 - # - 18 - # - 19 - # - 20 - #- name: opensuse - # versions: - # - all - # - 12.1 - # - 12.2 - # - 12.3 - # - 13.1 - # - 13.2 - #- name: Amazon - # versions: - # - all - # - 2013.03 - # - 2013.09 - #- name: GenericBSD - # versions: - # - all - # - any - #- name: FreeBSD - # versions: - # - all - # - 8.0 - # - 8.1 - # - 8.2 - # - 8.3 - # - 8.4 - # - 9.0 - # - 9.1 - # - 9.1 - # - 9.2 - #- name: Ubuntu - # versions: - # - all - # - lucid - # - maverick - # - natty - # - oneiric - # - precise - # - quantal - # - raring - # - saucy - # - trusty - #- name: SLES - # versions: - # - all - # - 10SP3 - # - 10SP4 - # - 11 - # - 11SP1 - # - 11SP2 - # - 11SP3 - #- name: GenericLinux - # versions: - # - all - # - any - #- name: Debian - # versions: - # - all - # - etch - # - lenny - # - squeeze - # - wheezy - # - # Below are all categories currently available. Just as with - # the platforms above, uncomment those that apply to your role. - # - #categories: - #- cloud - #- cloud:ec2 - #- cloud:gce - #- cloud:rax - #- clustering - #- database - #- database:nosql - #- database:sql - #- development - #- monitoring - #- networking - #- packaging - #- system - #- web + platforms: + - name: EL + versions: + - 7 dependencies: [] - # List your role dependencies here, one per line. Only - # dependencies available via galaxy should be listed here. - # Be sure to remove the '[]' above if you add dependencies - # to this list. - diff --git a/roles/docker/tasks/main.yml b/roles/docker/tasks/main.yml index 96949230d..a56f1f391 100644 --- a/roles/docker/tasks/main.yml +++ b/roles/docker/tasks/main.yml @@ -1,8 +1,18 @@ --- # tasks file for docker - name: Install docker - yum: pkg=docker - + action: "{{ ansible_pkg_mgr }} name=docker state=present" + when: not openshift.common.is_atomic | bool + - name: enable and start the docker service - service: name=docker enabled=yes state=started + service: + name: docker + enabled: yes + state: started + register: start_result + +- set_fact: + docker_service_status_changed: start_result | changed +- include: udev_workaround.yml + when: docker_udev_workaround | default(False) diff --git a/roles/docker/tasks/udev_workaround.yml b/roles/docker/tasks/udev_workaround.yml new file mode 100644 index 000000000..3c236f698 --- /dev/null +++ b/roles/docker/tasks/udev_workaround.yml @@ -0,0 +1,30 @@ +--- + +- name: Getting current systemd-udevd exec command + command: grep -e "^ExecStart=" /lib/systemd/system/systemd-udevd.service + changed_when: false + register: udevw_udev_start_cmd + +- name: Assure systemd-udevd.service.d directory exists + file: + path: "{{ udevw_udevd_dir }}" + state: directory + +- name: Create systemd-udevd override file + copy: + content: | + [Service] + #Need blank ExecStart to "clear" pre-exising one + ExecStart= + {{ udevw_udev_start_cmd.stdout }} --event-timeout=300 + dest: "{{ udevw_udevd_dir }}/override.conf" + owner: root + mode: "0644" + notify: + - restart udev + register: udevw_override_conf + +- name: reload systemd config files + command: systemctl daemon-reload + when: udevw_override_conf | changed + diff --git a/roles/docker/vars/main.yml b/roles/docker/vars/main.yml new file mode 100644 index 000000000..162487545 --- /dev/null +++ b/roles/docker/vars/main.yml @@ -0,0 +1,3 @@ +--- + +udevw_udevd_dir: /etc/systemd/system/systemd-udevd.service.d diff --git a/roles/etcd/README.md b/roles/etcd/README.md index 88e4ff874..329a926c0 100644 --- a/roles/etcd/README.md +++ b/roles/etcd/README.md @@ -7,7 +7,7 @@ Requirements ------------ This role assumes it's being deployed on a RHEL/Fedora based host with package -named 'etcd' available via yum. +named 'etcd' available via yum or dnf (conditionally). Role Variables -------------- diff --git a/roles/etcd/defaults/main.yaml b/roles/etcd/defaults/main.yaml index 0fd3de585..9e7fa59cf 100644 --- a/roles/etcd/defaults/main.yaml +++ b/roles/etcd/defaults/main.yaml @@ -1,4 +1,5 @@ --- +etcd_service: "{{ 'etcd' if not openshift.common.is_containerized else 'etcd_container' }}" etcd_interface: "{{ ansible_default_ipv4.interface }}" etcd_client_port: 2379 etcd_peer_port: 2380 diff --git a/roles/etcd/handlers/main.yml b/roles/etcd/handlers/main.yml index 4c0efb97b..e00e1cac4 100644 --- a/roles/etcd/handlers/main.yml +++ b/roles/etcd/handlers/main.yml @@ -1,4 +1,5 @@ --- + - name: restart etcd - service: name=etcd state=restarted - when: not etcd_service_status_changed | default(false) + service: name={{ etcd_service }} state=restarted + when: not (etcd_service_status_changed | default(false) | bool) diff --git a/roles/etcd/tasks/main.yml b/roles/etcd/tasks/main.yml index fcbdecd37..e83cfc33c 100644 --- a/roles/etcd/tasks/main.yml +++ b/roles/etcd/tasks/main.yml @@ -8,22 +8,68 @@ when: "'ipv4' not in hostvars[inventory_hostname]['ansible_' ~ etcd_interface] or 'address' not in hostvars[inventory_hostname]['ansible_' ~ etcd_interface].ipv4" - name: Install etcd - yum: pkg=etcd-2.* state=present + action: "{{ ansible_pkg_mgr }} name=etcd-2.* state=present" + when: not openshift.common.is_containerized | bool + +- name: Get docker images + command: docker images + changed_when: false + when: openshift.common.is_containerized | bool + register: docker_images + +- name: Pull etcd container + command: docker pull {{ openshift.etcd.etcd_image }} + when: openshift.common.is_containerized | bool and openshift.etcd.etcd_image not in docker_images.stdout + +- name: Wait for etcd image + command: > + docker images + register: docker_images + until: openshift.etcd.etcd_image in docker_images.stdout + retries: 30 + delay: 10 + changed_when: false + when: openshift.common.is_containerized | bool + +- name: Install etcd container service file + template: + dest: "/etc/systemd/system/etcd_container.service" + src: etcd.docker.service + register: install_etcd_result + when: openshift.common.is_containerized | bool + +- name: Ensure etcd datadir exists + when: openshift.common.is_containerized | bool + file: + path: "{{ etcd_data_dir }}" + state: directory + mode: 0700 + +- name: Disable system etcd when containerized + when: openshift.common.is_containerized | bool + service: + name: etcd + state: stopped + enabled: no + +- name: Reload systemd units + command: systemctl daemon-reload + when: openshift.common.is_containerized and ( install_etcd_result | changed ) - name: Validate permissions on the config dir file: path: "{{ etcd_conf_dir }}" state: directory - owner: etcd - group: etcd + owner: "{{ 'etcd' if not openshift.common.is_containerized | bool else omit }}" + group: "{{ 'etcd' if not openshift.common.is_containerized | bool else omit }}" mode: 0700 - name: Validate permissions on certificate files file: path: "{{ item }}" mode: 0600 - group: etcd - owner: etcd + owner: "{{ 'etcd' if not openshift.common.is_containerized | bool else omit }}" + group: "{{ 'etcd' if not openshift.common.is_containerized | bool else omit }}" when: etcd_url_scheme == 'https' with_items: - "{{ etcd_ca_file }}" @@ -34,8 +80,8 @@ file: path: "{{ item }}" mode: 0600 - group: etcd - owner: etcd + owner: "{{ 'etcd' if not openshift.common.is_containerized | bool else omit }}" + group: "{{ 'etcd' if not openshift.common.is_containerized | bool else omit }}" when: etcd_peer_url_scheme == 'https' with_items: - "{{ etcd_peer_ca_file }}" @@ -52,10 +98,10 @@ - name: Enable etcd service: - name: etcd + name: "{{ etcd_service }}" state: started enabled: yes register: start_result - set_fact: - etcd_service_status_changed = start_result | changed + etcd_service_status_changed: "{{ start_result | changed }}" diff --git a/roles/etcd/templates/etcd.conf.j2 b/roles/etcd/templates/etcd.conf.j2 index 32577c96c..28816fd87 100644 --- a/roles/etcd/templates/etcd.conf.j2 +++ b/roles/etcd/templates/etcd.conf.j2 @@ -15,13 +15,13 @@ ETCD_LISTEN_PEER_URLS={{ etcd_listen_peer_urls }} ETCD_NAME=default {% endif %} ETCD_DATA_DIR={{ etcd_data_dir }} -#ETCD_SNAPSHOT_COUNTER="10000" -ETCD_HEARTBEAT_INTERVAL="500" -ETCD_ELECTION_TIMEOUT="2500" +#ETCD_SNAPSHOT_COUNTER=10000 +ETCD_HEARTBEAT_INTERVAL=500 +ETCD_ELECTION_TIMEOUT=2500 ETCD_LISTEN_CLIENT_URLS={{ etcd_listen_client_urls }} -#ETCD_MAX_SNAPSHOTS="5" -#ETCD_MAX_WALS="5" -#ETCD_CORS="" +#ETCD_MAX_SNAPSHOTS=5 +#ETCD_MAX_WALS=5 +#ETCD_CORS= {% if groups[etcd_peers_group] and groups[etcd_peers_group] | length > 1 %} #[cluster] @@ -29,15 +29,15 @@ ETCD_INITIAL_ADVERTISE_PEER_URLS={{ etcd_initial_advertise_peer_urls }} ETCD_INITIAL_CLUSTER={{ initial_cluster() }} ETCD_INITIAL_CLUSTER_STATE={{ etcd_initial_cluster_state }} ETCD_INITIAL_CLUSTER_TOKEN={{ etcd_initial_cluster_token }} -#ETCD_DISCOVERY="" -#ETCD_DISCOVERY_SRV="" -#ETCD_DISCOVERY_FALLBACK="proxy" -#ETCD_DISCOVERY_PROXY="" +#ETCD_DISCOVERY= +#ETCD_DISCOVERY_SRV= +#ETCD_DISCOVERY_FALLBACK=proxy +#ETCD_DISCOVERY_PROXY= {% endif %} ETCD_ADVERTISE_CLIENT_URLS={{ etcd_advertise_client_urls }} #[proxy] -#ETCD_PROXY="off" +#ETCD_PROXY=off #[security] {% if etcd_url_scheme == 'https' -%} diff --git a/roles/etcd/templates/etcd.docker.service b/roles/etcd/templates/etcd.docker.service new file mode 100644 index 000000000..8058fa188 --- /dev/null +++ b/roles/etcd/templates/etcd.docker.service @@ -0,0 +1,13 @@ +[Unit] +Description=The Etcd Server container +After=docker.service + +[Service] +EnvironmentFile=/etc/etcd/etcd.conf +ExecStartPre=-/usr/bin/docker rm -f {{ etcd_service }} +ExecStart=/usr/bin/docker run --name {{ etcd_service }} --rm -v /var/lib/etcd:/var/lib/etcd:z -v /etc/etcd:/etc/etcd:z --env-file=/etc/etcd/etcd.conf --net=host --entrypoint=/usr/bin/etcd {{ openshift.etcd.etcd_image }} +ExecStop=/usr/bin/docker stop {{ etcd_service }} +Restart=always + +[Install] +WantedBy=multi-user.target diff --git a/roles/etcd_common/defaults/main.yml b/roles/etcd_common/defaults/main.yml index 96f4b63af..3af509448 100644 --- a/roles/etcd_common/defaults/main.yml +++ b/roles/etcd_common/defaults/main.yml @@ -1,5 +1,5 @@ --- -etcd_peers_group: etcd +etcd_peers_group: oo_etcd_to_config # etcd server vars etcd_conf_dir: /etc/etcd diff --git a/roles/flannel/README.md b/roles/flannel/README.md index b8aa830ac..8f271aada 100644 --- a/roles/flannel/README.md +++ b/roles/flannel/README.md @@ -7,7 +7,8 @@ Requirements ------------ This role assumes it's being deployed on a RHEL/Fedora based host with package -named 'flannel' available via yum, in version superior to 0.3. +named 'flannel' available via yum or dnf (conditionally), in version superior +to 0.3. Role Variables -------------- diff --git a/roles/flannel/tasks/main.yml b/roles/flannel/tasks/main.yml index acfb009ec..aa27b674e 100644 --- a/roles/flannel/tasks/main.yml +++ b/roles/flannel/tasks/main.yml @@ -1,7 +1,8 @@ --- - name: Install flannel sudo: true - yum: pkg=flannel state=present + action: "{{ ansible_pkg_mgr }} name=flannel state=present" + when: not openshift.common.is_containerized | bool - name: Set flannel etcd url sudo: true diff --git a/roles/fluentd_master/tasks/main.yml b/roles/fluentd_master/tasks/main.yml index 55cd94460..1c87d562a 100644 --- a/roles/fluentd_master/tasks/main.yml +++ b/roles/fluentd_master/tasks/main.yml @@ -1,9 +1,12 @@ --- +- fail: + msg: "fluentd master is not yet supported on atomic hosts" + when: openshift.common.is_containerized | bool + # TODO: Update fluentd install and configuration when packaging is complete - name: download and install td-agent - yum: - name: 'http://packages.treasuredata.com/2/redhat/7/x86_64/td-agent-2.2.0-0.x86_64.rpm' - state: present + action: "{{ ansible_pkg_mgr }} name='http://packages.treasuredata.com/2/redhat/7/x86_64/td-agent-2.2.0-0.x86_64.rpm' state=present" + when: not openshift.common.is_containerized | bool - name: Verify fluentd plugin installed command: '/opt/td-agent/embedded/bin/gem query -i fluent-plugin-kubernetes' diff --git a/roles/fluentd_node/tasks/main.yml b/roles/fluentd_node/tasks/main.yml index f9ef30b83..8d34c0b19 100644 --- a/roles/fluentd_node/tasks/main.yml +++ b/roles/fluentd_node/tasks/main.yml @@ -1,9 +1,12 @@ --- +- fail: + msg: "fluentd node is not yet supported on atomic hosts" + when: openshift.common.is_containerized | bool + # TODO: Update fluentd install and configuration when packaging is complete - name: download and install td-agent - yum: - name: 'http://packages.treasuredata.com/2/redhat/7/x86_64/td-agent-2.2.0-0.x86_64.rpm' - state: present + action: "{{ ansible_pkg_mgr }} name='http://packages.treasuredata.com/2/redhat/7/x86_64/td-agent-2.2.0-0.x86_64.rpm' state=present" + when: not openshift.common.is_containerized | bool - name: Verify fluentd plugin installed command: '/opt/td-agent/embedded/bin/gem query -i fluent-plugin-kubernetes' diff --git a/roles/haproxy/tasks/main.yml b/roles/haproxy/tasks/main.yml index 5638b7313..97f870829 100644 --- a/roles/haproxy/tasks/main.yml +++ b/roles/haproxy/tasks/main.yml @@ -1,8 +1,7 @@ --- - name: Install haproxy - yum: - pkg: haproxy - state: present + action: "{{ ansible_pkg_mgr }} name=haproxy state=present" + when: not openshift.common.is_containerized | bool - name: Configure haproxy template: diff --git a/roles/kube_nfs_volumes/tasks/main.yml b/roles/kube_nfs_volumes/tasks/main.yml index d1dcf261a..5432a5e2f 100644 --- a/roles/kube_nfs_volumes/tasks/main.yml +++ b/roles/kube_nfs_volumes/tasks/main.yml @@ -1,6 +1,11 @@ --- +- fail: + msg: "This role is not yet supported on atomic hosts" + when: openshift.common.is_atomic | bool + - name: Install pyparted (RedHat/Fedora) - yum: name=pyparted,python-httplib2 state=present + action: "{{ ansible_pkg_mgr }} name=pyparted,python-httplib2 state=present" + when: not openshift.common.is_containerized | bool - name: partition the drives partitionpool: disks={{ disks }} force={{ force }} sizes={{ sizes }} diff --git a/roles/kube_nfs_volumes/tasks/nfs.yml b/roles/kube_nfs_volumes/tasks/nfs.yml index 559fcf17c..9a68ceb8d 100644 --- a/roles/kube_nfs_volumes/tasks/nfs.yml +++ b/roles/kube_nfs_volumes/tasks/nfs.yml @@ -1,6 +1,7 @@ --- -- name: Install NFS server on Fedora/Red Hat - yum: name=nfs-utils state=present +- name: Install NFS server + action: "{{ ansible_pkg_mgr }} name=nfs-utils state=present" + when: not openshift.common.is_containerized | bool - name: Start rpcbind on Fedora/Red Hat service: name=rpcbind state=started enabled=yes diff --git a/roles/lib_zabbix/library/zbx_action.py b/roles/lib_zabbix/library/zbx_action.py index 24693e5db..c08bef4f7 100644 --- a/roles/lib_zabbix/library/zbx_action.py +++ b/roles/lib_zabbix/library/zbx_action.py @@ -1,8 +1,8 @@ #!/usr/bin/env python +# vim: expandtab:tabstop=4:shiftwidth=4 ''' Ansible module for zabbix actions ''' -# vim: expandtab:tabstop=4:shiftwidth=4 # # Zabbix action ansible module # @@ -30,6 +30,17 @@ # pylint: disable=import-error from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection, ZabbixAPIError +CUSTOM_SCRIPT_ACTION = '0' +IPMI_ACTION = '1' +SSH_ACTION = '2' +TELNET_ACTION = '3' +GLOBAL_SCRIPT_ACTION = '4' + +EXECUTE_ON_ZABBIX_AGENT = '0' +EXECUTE_ON_ZABBIX_SERVER = '1' + +OPERATION_REMOTE_COMMAND = '1' + def exists(content, key='result'): ''' Check if key exists in content or the size of content[key] > 0 ''' @@ -70,6 +81,40 @@ def filter_differences(zabbix_filters, user_filters): return rval +def host_in_zabbix(zab_hosts, usr_host): + ''' Check whether a particular user host is already in the + Zabbix list of hosts ''' + + for usr_hst_key, usr_hst_val in usr_host.items(): + for zab_host in zab_hosts: + if usr_hst_key in zab_host and \ + zab_host[usr_hst_key] == str(usr_hst_val): + return True + + return False + +def hostlist_in_zabbix(zab_hosts, usr_hosts): + ''' Check whether user-provided list of hosts are already in + the Zabbix action ''' + + if len(zab_hosts) != len(usr_hosts): + return False + + for usr_host in usr_hosts: + if not host_in_zabbix(zab_hosts, usr_host): + return False + + return True + +def opcommand_diff(zab_op_cmd, usr_op_cmd): + ''' Check whether user-provided opcommand matches what's already + stored in Zabbix ''' + + for usr_op_cmd_key, usr_op_cmd_val in usr_op_cmd.items(): + if zab_op_cmd[usr_op_cmd_key] != str(usr_op_cmd_val): + return True + return False + # This logic is quite complex. We are comparing two lists of dictionaries. # The outer for-loops allow us to descend down into both lists at the same time # and then walk over the key,val pairs of the incoming user dict's changes @@ -116,6 +161,18 @@ def operation_differences(zabbix_ops, user_ops): if usr_ids != zab_usr_ids: rval[key] = val + elif key == 'opcommand': + if opcommand_diff(zab[key], val): + rval[key] = val + break + + # opcommand_grp can be treated just like opcommand_hst + # as opcommand_grp[] is just a list of groups + elif key == 'opcommand_hst' or key == 'opcommand_grp': + if not hostlist_in_zabbix(zab[key], val): + rval[key] = val + break + elif zab[key] != str(val): rval[key] = val return rval @@ -288,7 +345,7 @@ def get_condition_type(event_source, inc_condition): def get_operation_type(inc_operation): ''' determine the correct operation type''' o_types = {'send message': 0, - 'remote command': 1, + 'remote command': OPERATION_REMOTE_COMMAND, 'add host': 2, 'remove host': 3, 'add to host group': 4, @@ -301,7 +358,64 @@ def get_operation_type(inc_operation): return o_types[inc_operation] -def get_action_operations(zapi, inc_operations): +def get_opcommand_type(opcommand_type): + ''' determine the opcommand type ''' + oc_types = {'custom script': CUSTOM_SCRIPT_ACTION, + 'IPMI': IPMI_ACTION, + 'SSH': SSH_ACTION, + 'Telnet': TELNET_ACTION, + 'global script': GLOBAL_SCRIPT_ACTION, + } + + return oc_types[opcommand_type] + +def get_execute_on(execute_on): + ''' determine the execution target ''' + e_types = {'zabbix agent': EXECUTE_ON_ZABBIX_AGENT, + 'zabbix server': EXECUTE_ON_ZABBIX_SERVER, + } + + return e_types[execute_on] + +def action_remote_command(ansible_module, zapi, operation): + ''' Process remote command type of actions ''' + + if 'type' not in operation['opcommand']: + ansible_module.exit_json(failed=True, changed=False, state='unknown', + results="No Operation Type provided") + + operation['opcommand']['type'] = get_opcommand_type(operation['opcommand']['type']) + + if operation['opcommand']['type'] == CUSTOM_SCRIPT_ACTION: + + if 'execute_on' in operation['opcommand']: + operation['opcommand']['execute_on'] = get_execute_on(operation['opcommand']['execute_on']) + + # custom script still requires the target hosts/groups to be set + operation['opcommand_hst'] = [] + operation['opcommand_grp'] = [] + for usr_host in operation['target_hosts']: + if usr_host['target_type'] == 'zabbix server': + # 0 = target host local/current host + operation['opcommand_hst'].append({'hostid': 0}) + elif usr_host['target_type'] == 'group': + group_name = usr_host['target'] + gid = get_host_group_id_by_name(zapi, group_name) + operation['opcommand_grp'].append({'groupid': gid}) + elif usr_host['target_type'] == 'host': + host_name = usr_host['target'] + hid = get_host_id_by_name(zapi, host_name) + operation['opcommand_hst'].append({'hostid': hid}) + + # 'target_hosts' is just to make it easier to build zbx_actions + # not part of ZabbixAPI + del operation['target_hosts'] + else: + ansible_module.exit_json(failed=True, changed=False, state='unknown', + results="Unsupported remote command type") + + +def get_action_operations(ansible_module, zapi, inc_operations): '''Convert the operations into syntax for api''' for operation in inc_operations: operation['operationtype'] = get_operation_type(operation['operationtype']) @@ -315,9 +429,8 @@ def get_action_operations(zapi, inc_operations): else: operation['opmessage']['default_msg'] = 0 - # NOT supported for remote commands - elif operation['operationtype'] == 1: - continue + elif operation['operationtype'] == OPERATION_REMOTE_COMMAND: + action_remote_command(ansible_module, zapi, operation) # Handle Operation conditions: # Currently there is only 1 available which @@ -457,14 +570,15 @@ def main(): if not exists(content): module.exit_json(changed=False, state="absent") - content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0]['itemid']]) + content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0]['actionid']]) module.exit_json(changed=True, results=content['result'], state="absent") # Create and Update if state == 'present': conditions = get_action_conditions(zapi, module.params['event_source'], module.params['conditions_filter']) - operations = get_action_operations(zapi, module.params['operations']) + operations = get_action_operations(module, zapi, + module.params['operations']) params = {'name': module.params['name'], 'esc_period': module.params['escalation_time'], 'eventsource': get_event_source(module.params['event_source']), diff --git a/roles/nickhammond.logrotate/tasks/main.yml b/roles/nickhammond.logrotate/tasks/main.yml index fda23e05e..0a0cf1fae 100644 --- a/roles/nickhammond.logrotate/tasks/main.yml +++ b/roles/nickhammond.logrotate/tasks/main.yml @@ -1,6 +1,6 @@ --- - name: nickhammond.logrotate | Install logrotate - action: "{{ansible_pkg_mgr}} pkg=logrotate state=present" + action: "{{ ansible_pkg_mgr }} name=logrotate state=present" - name: nickhammond.logrotate | Setup logrotate.d scripts template: diff --git a/roles/openshift_ansible_inventory/tasks/main.yml b/roles/openshift_ansible_inventory/tasks/main.yml index f6919dada..05c7a5f93 100644 --- a/roles/openshift_ansible_inventory/tasks/main.yml +++ b/roles/openshift_ansible_inventory/tasks/main.yml @@ -1,11 +1,10 @@ --- -- yum: - name: "{{ item }}" - state: present +- action: "{{ ansible_pkg_mgr }} name={{ item}} state=present" with_items: - openshift-ansible-inventory - openshift-ansible-inventory-aws - openshift-ansible-inventory-gce + when: not openshift.common.is_containerized | bool - name: copy: diff --git a/roles/openshift_cli/meta/main.yml b/roles/openshift_cli/meta/main.yml new file mode 100644 index 000000000..1e8f8b719 --- /dev/null +++ b/roles/openshift_cli/meta/main.yml @@ -0,0 +1,16 @@ +--- +galaxy_info: + author: Jason DeTiberus + description: OpenShift Docker + company: Red Hat, Inc. + license: Apache License, Version 2.0 + min_ansible_version: 1.9 + platforms: + - name: EL + versions: + - 7 + categories: + - cloud +dependencies: +- { role: openshift_common } +- { role: docker } diff --git a/roles/openshift_cli/tasks/main.yml b/roles/openshift_cli/tasks/main.yml new file mode 100644 index 000000000..8d7686ffd --- /dev/null +++ b/roles/openshift_cli/tasks/main.yml @@ -0,0 +1,48 @@ +--- +- openshift_facts: + role: common + local_facts: + deployment_type: "{{ openshift_deployment_type }}" + +- name: Install clients + yum: pkg={{ openshift.common.service_type }}-clients state=installed + when: not openshift.common.is_containerized | bool + +- name: List Docker images + command: > + docker images + register: docker_images + +- name: Pull CLI Image + command: > + docker pull {{ openshift.common.cli_image }} + when: openshift.common.is_containerized | bool and openshift.common.cli_image not in docker_images.stdout + +- name: Wait for CLI image + command: > + docker images + register: docker_images + until: openshift.common.cli_image in docker_images.stdout + retries: 30 + delay: 10 + changed_when: false + when: openshift.common.is_containerized | bool + + +- name: Create /usr/local/bin/openshift cli wrapper + template: + src: openshift.j2 + dest: /usr/local/bin/openshift + mode: 0755 + when: openshift.common.is_containerized | bool + +- name: Create client symlinks + file: + path: "{{ item }}" + state: link + src: /usr/local/bin/openshift + with_items: + - /usr/local/bin/oadm + - /usr/local/bin/oc + - /usr/local/bin/kubectl + when: openshift.common.is_containerized | bool
\ No newline at end of file diff --git a/roles/openshift_cli/templates/openshift.j2 b/roles/openshift_cli/templates/openshift.j2 new file mode 100644 index 000000000..a7c148a22 --- /dev/null +++ b/roles/openshift_cli/templates/openshift.j2 @@ -0,0 +1,23 @@ +#!/bin/bash +if [ ! -d ~/.kube ]; then + mkdir -m 0700 ~/.kube +fi +cmd=`basename $0` +user=`id -u` +group=`id -g` + +>&2 echo """ +================================================================================ +ATTENTION: You are running ${cmd} via a wrapper around 'docker run {{ openshift.common.cli_image }}'. +This wrapper is intended only to be used to bootstrap an environment. Please +install client tools on another host once you have granted cluster-admin +privileges to a user. +{% if openshift.common.deployment_type in ['openshift-enterprise','atomic-enterprise'] %} +See https://docs.openshift.com/enterprise/latest/cli_reference/get_started_cli.html +{% else %} +See https://docs.openshift.org/latest/cli_reference/get_started_cli.html +{% endif %} +================================================================================= +""" + +docker run -i --privileged --net=host --user=${user}:${group} -v ~/.kube:/root/.kube -v /tmp:/tmp -v {{ openshift.common.config_base}}:{{ openshift.common.config_base }} -e KUBECONFIG=/root/.kube/config --entrypoint ${cmd} --rm {{ openshift.common.cli_image }} "${@}" diff --git a/roles/openshift_common/tasks/main.yml b/roles/openshift_common/tasks/main.yml index 55065b3de..0ee873a2b 100644 --- a/roles/openshift_common/tasks/main.yml +++ b/roles/openshift_common/tasks/main.yml @@ -14,6 +14,7 @@ cluster_id: "{{ openshift_cluster_id | default('default') }}" debug_level: "{{ openshift_debug_level | default(2) }}" hostname: "{{ openshift_hostname | default(None) }}" + install_examples: "{{ openshift_install_examples | default(True) }}" ip: "{{ openshift_ip | default(None) }}" public_hostname: "{{ openshift_public_hostname | default(None) }}" public_ip: "{{ openshift_public_ip | default(None) }}" @@ -22,6 +23,14 @@ deployment_type: "{{ openshift_deployment_type }}" use_fluentd: "{{ openshift_use_fluentd | default(None) }}" use_flannel: "{{ openshift_use_flannel | default(None) }}" + use_manageiq: "{{ openshift_use_manageiq | default(None) }}" + +- name: Install the base package for versioning + action: "{{ ansible_pkg_mgr }} name={{ openshift.common.service_type }}{{ openshift_version | default('') }} state=present" + when: not openshift.common.is_containerized | bool + +- name: Set version facts + openshift_facts: # For enterprise versions < 3.1 and origin versions < 1.1 we want to set the # hostname by default. diff --git a/roles/openshift_docker/handlers/main.yml b/roles/openshift_docker/handlers/main.yml new file mode 100644 index 000000000..92a6c325f --- /dev/null +++ b/roles/openshift_docker/handlers/main.yml @@ -0,0 +1,6 @@ +--- + +- name: restart openshift_docker + service: + name: docker + state: restarted diff --git a/roles/openshift_docker/meta/main.yml b/roles/openshift_docker/meta/main.yml new file mode 100644 index 000000000..1e8f8b719 --- /dev/null +++ b/roles/openshift_docker/meta/main.yml @@ -0,0 +1,16 @@ +--- +galaxy_info: + author: Jason DeTiberus + description: OpenShift Docker + company: Red Hat, Inc. + license: Apache License, Version 2.0 + min_ansible_version: 1.9 + platforms: + - name: EL + versions: + - 7 + categories: + - cloud +dependencies: +- { role: openshift_common } +- { role: docker } diff --git a/roles/openshift_docker/tasks/main.yml b/roles/openshift_docker/tasks/main.yml new file mode 100644 index 000000000..5a285e773 --- /dev/null +++ b/roles/openshift_docker/tasks/main.yml @@ -0,0 +1,53 @@ +--- +- name: Set docker facts + openshift_facts: + role: "{{ item.role }}" + local_facts: "{{ item.local_facts }}" + with_items: + - role: common + local_facts: + deployment_type: "{{ openshift_deployment_type }}" + docker_additional_registries: "{{ docker_additional_registries }}" + docker_insecure_registries: "{{ docker_insecure_registries }}" + docker_blocked_registries: "{{ docker_blocked_registries }}" + - role: node + local_facts: + portal_net: "{{ openshift_master_portal_net | default(None) }}" + docker_log_driver: "{{ lookup( 'oo_option' , 'docker_log_driver' ) | default('',True) }}" + docker_log_options: "{{ lookup( 'oo_option' , 'docker_log_options' ) | default('',True) }}" + +- stat: path=/etc/sysconfig/docker + register: docker_check + +- name: Set registry params + lineinfile: + dest: /etc/sysconfig/docker + regexp: '^{{ item.reg_conf_var }}=.*$' + line: "{{ item.reg_conf_var }}='{{ item.reg_fact_val | oo_prepend_strings_in_list(item.reg_flag ~ ' ') | join(' ') }}'" + when: "'docker_additional_registries' in openshift.common and docker_check.stat.isreg" + with_items: + - reg_conf_var: ADD_REGISTRY + reg_fact_val: "{{ openshift.common.docker_additional_registries }}" + reg_flag: --add-registry + - reg_conf_var: BLOCK_REGISTRY + reg_fact_val: "{{ openshift.common.docker_blocked_registries }}" + reg_flag: --block-registry + - reg_conf_var: INSECURE_REGISTRY + reg_fact_val: "{{ openshift.common.docker_insecure_registries }}" + reg_flag: --insecure-registry + notify: + - restart openshift_docker + +# TODO: Enable secure registry when code available in origin +# TODO: perhaps move this to openshift_docker? +- name: Secure Registry and Logs Options + lineinfile: + dest: /etc/sysconfig/docker + regexp: '^OPTIONS=.*$' + line: "OPTIONS='--insecure-registry={{ openshift.node.portal_net }} \ + {% if ansible_selinux and ansible_selinux.status == '''enabled''' %}--selinux-enabled{% endif %} \ + {% if openshift.node.docker_log_driver is defined %} --log-driver {{ openshift.node.docker_log_driver }} {% endif %} \ + {% if openshift.node.docker_log_options is defined %} {{ openshift.node.docker_log_options | oo_split() | oo_prepend_strings_in_list('--log-opt ') | join(' ')}} {% endif %} '" + when: docker_check.stat.isreg + notify: + - restart openshift_docker diff --git a/roles/openshift_examples/README.md b/roles/openshift_examples/README.md index 7d8735a0a..6ddbe7017 100644 --- a/roles/openshift_examples/README.md +++ b/roles/openshift_examples/README.md @@ -11,6 +11,13 @@ ansible. Requirements ------------ +Facts +----- + +| Name | Default Value | Description | +-----------------------------|---------------|----------------------------------------| +| openshift_install_examples | true | Runs the role with the below variables | + Role Variables -------------- @@ -32,7 +39,7 @@ Example Playbook TODO ---- Currently we use `oc create -f` against various files and we accept non zero return code as a success -if (and only iff) stderr also contains the string 'already exists'. This means that if one object in the file exists already +if (and only if) stderr also contains the string 'already exists'. This means that if one object in the file exists already but others fail to create you won't be aware of the failure. This also means that we do not currently support updating existing objects. diff --git a/roles/openshift_examples/defaults/main.yml b/roles/openshift_examples/defaults/main.yml index 0bc5d7750..6b9964aec 100644 --- a/roles/openshift_examples/defaults/main.yml +++ b/roles/openshift_examples/defaults/main.yml @@ -1,19 +1,19 @@ --- # By default install rhel and xpaas streams on enterprise installs -openshift_examples_load_centos: "{{ openshift_deployment_type not in ['enterprise','openshift-enterprise','atomic-enterprise','online'] }}" -openshift_examples_load_rhel: "{{ openshift_deployment_type in ['enterprise','openshift-enterprise','atomic-enterprise','online'] }}" +openshift_examples_load_centos: "{{ openshift_deployment_type == 'origin' }}" +openshift_examples_load_rhel: "{{ openshift_deployment_type != 'origin' }}" openshift_examples_load_db_templates: true -openshift_examples_load_xpaas: "{{ openshift_deployment_type in ['enterprise','openshift-enterprise','atomic-enterprise','online'] }}" +openshift_examples_load_xpaas: "{{ openshift_deployment_type != 'origin' }}" openshift_examples_load_quickstarts: true content_version: "{{ 'v1.1' if openshift.common.version_greater_than_3_1_or_1_1 else 'v1.0' }}" -examples_base: "/usr/share/openshift/examples" +examples_base: "{{ openshift.common.config_base if openshift.common.is_containerized else '/usr/share/openshift' }}/examples" image_streams_base: "{{ examples_base }}/image-streams" centos_image_streams: "{{ image_streams_base}}/image-streams-centos7.json" rhel_image_streams: "{{ image_streams_base}}/image-streams-rhel7.json" db_templates_base: "{{ examples_base }}/db-templates" -xpaas_image_streams: "{{ examples_base }}/xpaas-streams/jboss-image-streams.json" +xpaas_image_streams: "{{ examples_base }}/xpaas-streams/" xpaas_templates_base: "{{ examples_base }}/xpaas-templates" quickstarts_base: "{{ examples_base }}/quickstart-templates" infrastructure_origin_base: "{{ examples_base }}/infrastructure-templates/origin" diff --git a/roles/openshift_examples/examples-sync.sh b/roles/openshift_examples/examples-sync.sh index 090fb9042..01ce6d819 100755 --- a/roles/openshift_examples/examples-sync.sh +++ b/roles/openshift_examples/examples-sync.sh @@ -5,7 +5,7 @@ # # This script should be run from openshift-ansible/roles/openshift_examples -XPAAS_VERSION=ose-v1.1.0 +XPAAS_VERSION=ose-v1.2.0-1 ORIGIN_VERSION=v1.1 EXAMPLES_BASE=$(pwd)/files/examples/${ORIGIN_VERSION} find ${EXAMPLES_BASE} -name '*.json' -delete @@ -37,6 +37,7 @@ cp dancer-ex-master/openshift/templates/* ${EXAMPLES_BASE}/quickstart-templates/ cp cakephp-ex-master/openshift/templates/* ${EXAMPLES_BASE}/quickstart-templates/ mv application-templates-${XPAAS_VERSION}/jboss-image-streams.json ${EXAMPLES_BASE}/xpaas-streams/ find application-templates-${XPAAS_VERSION}/ -name '*.json' ! -wholename '*secret*' -exec mv {} ${EXAMPLES_BASE}/xpaas-templates/ \; +wget https://raw.githubusercontent.com/jboss-fuse/application-templates/master/fis-image-streams.json -O ${EXAMPLES_BASE}/xpaas-streams/fis-image-streams.json wget https://raw.githubusercontent.com/openshift/origin-metrics/master/metrics.yaml -O ${EXAMPLES_BASE}/infrastructure-templates/origin/metrics-deployer.yaml cp ${EXAMPLES_BASE}/infrastructure-templates/origin/metrics-*.yaml ${EXAMPLES_BASE}/infrastructure-templates/enterprise/ diff --git a/roles/openshift_examples/files/examples/v1.0/image-streams/image-streams-centos7-v1-0.json b/roles/openshift_examples/files/examples/v1.0/image-streams/image-streams-centos7-v1-0.json deleted file mode 100644 index 268d680f4..000000000 --- a/roles/openshift_examples/files/examples/v1.0/image-streams/image-streams-centos7-v1-0.json +++ /dev/null @@ -1,285 +0,0 @@ -{ - "kind": "ImageStreamList", - "apiVersion": "v1", - "metadata": {}, - "items": [ - { - "kind": "ImageStream", - "apiVersion": "v1", - "metadata": { - "name": "ruby", - "creationTimestamp": null - }, - "spec": { - "dockerImageRepository": "openshift/ruby-20-centos7", - "tags": [ - { - "name": "latest" - }, - { - "name": "2.0", - "annotations": { - "description": "Build and run Ruby 2.0 applications", - "iconClass": "icon-ruby", - "tags": "builder,ruby", - "supports": "ruby:2.0,ruby", - "version": "2.0", - "sampleRepo": "https://github.com/openshift/ruby-ex.git" - }, - "from": { - "Kind": "ImageStreamTag", - "Name": "latest" - } - } - ] - } - }, - { - "kind": "ImageStream", - "apiVersion": "v1", - "metadata": { - "name": "nodejs", - "creationTimestamp": null - }, - "spec": { - "dockerImageRepository": "openshift/nodejs-010-centos7", - "tags": [ - { - "name": "latest" - }, - { - "name": "0.10", - "annotations": { - "description": "Build and run NodeJS 0.10 applications", - "iconClass": "icon-nodejs", - "tags": "builder,nodejs", - "supports":"nodejs:0.10,nodejs:0.1,nodejs", - "version": "0.10", - "sampleRepo": "https://github.com/openshift/nodejs-ex.git" - }, - "from": { - "Kind": "ImageStreamTag", - "Name": "latest" - } - } - ] - } - }, - { - "kind": "ImageStream", - "apiVersion": "v1", - "metadata": { - "name": "perl", - "creationTimestamp": null - }, - "spec": { - "dockerImageRepository": "openshift/perl-516-centos7", - "tags": [ - { - "name": "latest" - }, - { - "name": "5.16", - "annotations": { - "description": "Build and run Perl 5.16 applications", - "iconClass": "icon-perl", - "tags": "builder,perl", - "supports":"perl:5.16,perl", - "version": "5.16", - "sampleRepo": "https://github.com/openshift/dancer-ex.git" - }, - "from": { - "Kind": "ImageStreamTag", - "Name": "latest" - } - } - ] - } - }, - { - "kind": "ImageStream", - "apiVersion": "v1", - "metadata": { - "name": "php", - "creationTimestamp": null - }, - "spec": { - "dockerImageRepository": "openshift/php-55-centos7", - "tags": [ - { - "name": "latest" - }, - { - "name": "5.5", - "annotations": { - "description": "Build and run PHP 5.5 applications", - "iconClass": "icon-php", - "tags": "builder,php", - "supports":"php:5.5,php", - "version": "5.5", - "sampleRepo": "https://github.com/openshift/cakephp-ex.git" - }, - "from": { - "Kind": "ImageStreamTag", - "Name": "latest" - } - } - ] - } - }, - { - "kind": "ImageStream", - "apiVersion": "v1", - "metadata": { - "name": "python", - "creationTimestamp": null - }, - "spec": { - "dockerImageRepository": "openshift/python-33-centos7", - "tags": [ - { - "name": "latest" - }, - { - "name": "3.3", - "annotations": { - "description": "Build and run Python 3.3 applications", - "iconClass": "icon-python", - "tags": "builder,python", - "supports":"python:3.3,python", - "version": "3.3", - "sampleRepo": "https://github.com/openshift/django-ex.git" - }, - "from": { - "Kind": "ImageStreamTag", - "Name": "latest" - } - } - ] - } - }, - { - "kind": "ImageStream", - "apiVersion": "v1", - "metadata": { - "name": "wildfly", - "creationTimestamp": null - }, - "spec": { - "dockerImageRepository": "openshift/wildfly-81-centos7", - "tags": [ - { - "name": "latest" - }, - { - "name": "8.1", - "annotations": { - "description": "Build and run Java applications on Wildfly 8.1", - "iconClass": "icon-wildfly", - "tags": "builder,wildfly,java", - "supports":"wildfly:8.1,jee,java", - "version": "8.1", - "sampleRepo": "https://github.com/bparees/openshift-jee-sample.git" - }, - "from": { - "Kind": "ImageStreamTag", - "Name": "latest" - } - } - ] - } - }, - { - "kind": "ImageStream", - "apiVersion": "v1", - "metadata": { - "name": "mysql", - "creationTimestamp": null - }, - "spec": { - "dockerImageRepository": "openshift/mysql-55-centos7", - "tags": [ - { - "name": "latest" - }, - { - "name": "5.5", - "from": { - "Kind": "ImageStreamTag", - "Name": "latest" - } - } - ] - } - }, - { - "kind": "ImageStream", - "apiVersion": "v1", - "metadata": { - "name": "postgresql", - "creationTimestamp": null - }, - "spec": { - "dockerImageRepository": "openshift/postgresql-92-centos7", - "tags": [ - { - "name": "latest" - }, - { - "name": "9.2", - "from": { - "Kind": "ImageStreamTag", - "Name": "latest" - } - } - ] - } - }, - { - "kind": "ImageStream", - "apiVersion": "v1", - "metadata": { - "name": "mongodb", - "creationTimestamp": null - }, - "spec": { - "dockerImageRepository": "openshift/mongodb-24-centos7", - "tags": [ - { - "name": "latest" - }, - { - "name": "2.4", - "from": { - "Kind": "ImageStreamTag", - "Name": "latest" - } - } - ] - } - }, - { - "kind": "ImageStream", - "apiVersion": "v1", - "metadata": { - "name": "jenkins", - "creationTimestamp": null - }, - "spec": { - "dockerImageRepository": "openshift/jenkins-1-centos7", - "tags": [ - { - "name": "latest" - }, - { - "name": "1", - "from": { - "Kind": "ImageStreamTag", - "Name": "latest" - } - } - ] - } - } - ] -} diff --git a/roles/openshift_examples/files/examples/v1.0/image-streams/image-streams-centos7.json b/roles/openshift_examples/files/examples/v1.0/image-streams/image-streams-centos7.json index 1a78b1279..268d680f4 100644 --- a/roles/openshift_examples/files/examples/v1.0/image-streams/image-streams-centos7.json +++ b/roles/openshift_examples/files/examples/v1.0/image-streams/image-streams-centos7.json @@ -11,13 +11,10 @@ "creationTimestamp": null }, "spec": { + "dockerImageRepository": "openshift/ruby-20-centos7", "tags": [ { - "name": "latest", - "from": { - "Kind": "ImageStreamTag", - "Name": "2.0" - } + "name": "latest" }, { "name": "2.0", @@ -30,23 +27,8 @@ "sampleRepo": "https://github.com/openshift/ruby-ex.git" }, "from": { - "Kind": "DockerImage", - "Name": "openshift/ruby-20-centos7:latest" - } - }, - { - "name": "2.2", - "annotations": { - "description": "Build and run Ruby 2.2 applications", - "iconClass": "icon-ruby", - "tags": "builder,ruby", - "supports": "ruby:2.2,ruby", - "version": "2.2", - "sampleRepo": "https://github.com/openshift/ruby-ex.git" - }, - "from": { - "Kind": "DockerImage", - "Name": "centos/ruby-22-centos7:latest" + "Kind": "ImageStreamTag", + "Name": "latest" } } ] @@ -60,13 +42,10 @@ "creationTimestamp": null }, "spec": { + "dockerImageRepository": "openshift/nodejs-010-centos7", "tags": [ { - "name": "latest", - "from": { - "Kind": "ImageStreamTag", - "Name": "0.10" - } + "name": "latest" }, { "name": "0.10", @@ -79,8 +58,8 @@ "sampleRepo": "https://github.com/openshift/nodejs-ex.git" }, "from": { - "Kind": "DockerImage", - "Name": "openshift/nodejs-010-centos7:latest" + "Kind": "ImageStreamTag", + "Name": "latest" } } ] @@ -94,13 +73,10 @@ "creationTimestamp": null }, "spec": { + "dockerImageRepository": "openshift/perl-516-centos7", "tags": [ { - "name": "latest", - "from": { - "Kind": "ImageStreamTag", - "Name": "5.16" - } + "name": "latest" }, { "name": "5.16", @@ -113,25 +89,9 @@ "sampleRepo": "https://github.com/openshift/dancer-ex.git" }, "from": { - "Kind": "DockerImage", - "Name": "openshift/perl-516-centos7:latest" - } - }, - { - "name": "5.20", - "annotations": { - "description": "Build and run Perl 5.20 applications", - "iconClass": "icon-perl", - "tags": "builder,perl", - "supports":"perl:5.20,perl", - "version": "5.20", - "sampleRepo": "https://github.com/openshift/dancer-ex.git" - }, - "from": { - "Kind": "DockerImage", - "Name": "centos/perl-520-centos7:latest" + "Kind": "ImageStreamTag", + "Name": "latest" } - } ] } @@ -144,13 +104,10 @@ "creationTimestamp": null }, "spec": { + "dockerImageRepository": "openshift/php-55-centos7", "tags": [ { - "name": "latest", - "from": { - "Kind": "ImageStreamTag", - "Name": "5.5" - } + "name": "latest" }, { "name": "5.5", @@ -163,23 +120,8 @@ "sampleRepo": "https://github.com/openshift/cakephp-ex.git" }, "from": { - "Kind": "DockerImage", - "Name": "openshift/php-55-centos7:latest" - } - }, - { - "name": "5.6", - "annotations": { - "description": "Build and run PHP 5.6 applications", - "iconClass": "icon-php", - "tags": "builder,php", - "supports":"php:5.6,php", - "version": "5.6", - "sampleRepo": "https://github.com/openshift/cakephp-ex.git" - }, - "from": { - "Kind": "DockerImage", - "Name": "centos/php-56-centos7:latest" + "Kind": "ImageStreamTag", + "Name": "latest" } } ] @@ -193,13 +135,10 @@ "creationTimestamp": null }, "spec": { + "dockerImageRepository": "openshift/python-33-centos7", "tags": [ { - "name": "latest", - "from": { - "Kind": "ImageStreamTag", - "Name": "3.3" - } + "name": "latest" }, { "name": "3.3", @@ -212,38 +151,8 @@ "sampleRepo": "https://github.com/openshift/django-ex.git" }, "from": { - "Kind": "DockerImage", - "Name": "openshift/python-33-centos7:latest" - } - }, - { - "name": "2.7", - "annotations": { - "description": "Build and run Python 2.7 applications", - "iconClass": "icon-python", - "tags": "builder,python", - "supports":"python:2.7,python", - "version": "2.7", - "sampleRepo": "https://github.com/openshift/django-ex.git" - }, - "from": { - "Kind": "DockerImage", - "Name": "centos/python-27-centos7:latest" - } - }, - { - "name": "3.4", - "annotations": { - "description": "Build and run Python 3.4 applications", - "iconClass": "icon-python", - "tags": "builder,python", - "supports":"python:3.4,python", - "version": "3.4", - "sampleRepo": "https://github.com/openshift/django-ex.git" - }, - "from": { - "Kind": "DockerImage", - "Name": "centos/python-34-centos7:latest" + "Kind": "ImageStreamTag", + "Name": "latest" } } ] @@ -257,13 +166,10 @@ "creationTimestamp": null }, "spec": { + "dockerImageRepository": "openshift/wildfly-81-centos7", "tags": [ { - "name": "latest", - "from": { - "Kind": "ImageStreamTag", - "Name": "8.1" - } + "name": "latest" }, { "name": "8.1", @@ -276,8 +182,8 @@ "sampleRepo": "https://github.com/bparees/openshift-jee-sample.git" }, "from": { - "Kind": "DockerImage", - "Name": "openshift/wildfly-81-centos7:latest" + "Kind": "ImageStreamTag", + "Name": "latest" } } ] @@ -291,26 +197,16 @@ "creationTimestamp": null }, "spec": { + "dockerImageRepository": "openshift/mysql-55-centos7", "tags": [ { - "name": "latest", - "from": { - "Kind": "ImageStreamTag", - "Name": "5.5" - } + "name": "latest" }, { "name": "5.5", "from": { - "Kind": "DockerImage", - "Name": "openshift/mysql-55-centos7:latest" - } - }, - { - "name": "5.6", - "from": { - "Kind": "DockerImage", - "Name": "centos/mysql-56-centos7:latest" + "Kind": "ImageStreamTag", + "Name": "latest" } } ] @@ -324,26 +220,16 @@ "creationTimestamp": null }, "spec": { + "dockerImageRepository": "openshift/postgresql-92-centos7", "tags": [ { - "name": "latest", - "from": { - "Kind": "ImageStreamTag", - "Name": "9.2" - } + "name": "latest" }, { "name": "9.2", "from": { - "Kind": "DockerImage", - "Name": "openshift/postgresql-92-centos7:latest" - } - }, - { - "name": "9.4", - "from": { - "Kind": "DockerImage", - "Name": "centos/postgresql-94-centos7:latest" + "Kind": "ImageStreamTag", + "Name": "latest" } } ] @@ -357,26 +243,16 @@ "creationTimestamp": null }, "spec": { + "dockerImageRepository": "openshift/mongodb-24-centos7", "tags": [ { - "name": "latest", - "from": { - "Kind": "ImageStreamTag", - "Name": "2.4" - } + "name": "latest" }, { "name": "2.4", "from": { - "Kind": "DockerImage", - "Name": "openshift/mongodb-24-centos7:latest" - } - }, - { - "name": "2.6", - "from": { - "Kind": "DockerImage", - "Name": "centos/mongodb-26-centos7:latest" + "Kind": "ImageStreamTag", + "Name": "latest" } } ] @@ -390,19 +266,16 @@ "creationTimestamp": null }, "spec": { + "dockerImageRepository": "openshift/jenkins-1-centos7", "tags": [ { - "name": "latest", - "from": { - "Kind": "ImageStreamTag", - "Name": "1" - } + "name": "latest" }, { "name": "1", "from": { - "Kind": "DockerImage", - "Name": "openshift/jenkins-1-centos7:latest" + "Kind": "ImageStreamTag", + "Name": "latest" } } ] diff --git a/roles/openshift_examples/files/examples/v1.0/image-streams/image-streams-rhel7-v1-0.json b/roles/openshift_examples/files/examples/v1.0/image-streams/image-streams-rhel7-v1-0.json deleted file mode 100644 index aa62ebd53..000000000 --- a/roles/openshift_examples/files/examples/v1.0/image-streams/image-streams-rhel7-v1-0.json +++ /dev/null @@ -1,254 +0,0 @@ -{ - "kind": "ImageStreamList", - "apiVersion": "v1", - "metadata": {}, - "items": [ - { - "kind": "ImageStream", - "apiVersion": "v1", - "metadata": { - "name": "ruby", - "creationTimestamp": null - }, - "spec": { - "dockerImageRepository": "registry.access.redhat.com/openshift3/ruby-20-rhel7", - "tags": [ - { - "name": "latest" - }, - { - "name": "2.0", - "annotations": { - "description": "Build and run Ruby 2.0 applications", - "iconClass": "icon-ruby", - "tags": "builder,ruby", - "supports": "ruby:2.0,ruby", - "version": "2.0", - "sampleRepo": "https://github.com/openshift/ruby-ex.git" - }, - "from": { - "Kind": "ImageStreamTag", - "Name": "latest" - } - } - ] - } - }, - { - "kind": "ImageStream", - "apiVersion": "v1", - "metadata": { - "name": "nodejs", - "creationTimestamp": null - }, - "spec": { - "dockerImageRepository": "registry.access.redhat.com/openshift3/nodejs-010-rhel7", - "tags": [ - { - "name": "latest" - }, - { - "name": "0.10", - "annotations": { - "description": "Build and run NodeJS 0.10 applications", - "iconClass": "icon-nodejs", - "tags": "builder,nodejs", - "supports":"nodejs:0.10,nodejs:0.1,nodejs", - "version": "0.10", - "sampleRepo": "https://github.com/openshift/nodejs-ex.git" - }, - "from": { - "Kind": "ImageStreamTag", - "Name": "latest" - } - } - ] - } - }, - { - "kind": "ImageStream", - "apiVersion": "v1", - "metadata": { - "name": "perl", - "creationTimestamp": null - }, - "spec": { - "dockerImageRepository": "registry.access.redhat.com/openshift3/perl-516-rhel7", - "tags": [ - { - "name": "latest" - }, - { - "name": "5.16", - "annotations": { - "description": "Build and run Perl 5.16 applications", - "iconClass": "icon-perl", - "tags": "builder,perl", - "supports":"perl:5.16,perl", - "version": "5.16", - "sampleRepo": "https://github.com/openshift/dancer-ex.git" - }, - "from": { - "Kind": "ImageStreamTag", - "Name": "latest" - } - } - ] - } - }, - { - "kind": "ImageStream", - "apiVersion": "v1", - "metadata": { - "name": "php", - "creationTimestamp": null - }, - "spec": { - "dockerImageRepository": "registry.access.redhat.com/openshift3/php-55-rhel7", - "tags": [ - { - "name": "latest" - }, - { - "name": "5.5", - "annotations": { - "description": "Build and run PHP 5.5 applications", - "iconClass": "icon-php", - "tags": "builder,php", - "supports":"php:5.5,php", - "version": "5.5", - "sampleRepo": "https://github.com/openshift/cakephp-ex.git" - }, - "from": { - "Kind": "ImageStreamTag", - "Name": "latest" - } - } - ] - } - }, - { - "kind": "ImageStream", - "apiVersion": "v1", - "metadata": { - "name": "python", - "creationTimestamp": null - }, - "spec": { - "dockerImageRepository": "registry.access.redhat.com/openshift3/python-33-rhel7", - "tags": [ - { - "name": "latest" - }, - { - "name": "3.3", - "annotations": { - "description": "Build and run Python 3.3 applications", - "iconClass": "icon-python", - "tags": "builder,python", - "supports":"python:3.3,python", - "version": "3.3", - "sampleRepo": "https://github.com/openshift/django-ex.git" - }, - "from": { - "Kind": "ImageStreamTag", - "Name": "latest" - } - } - ] - } - }, - { - "kind": "ImageStream", - "apiVersion": "v1", - "metadata": { - "name": "mysql", - "creationTimestamp": null - }, - "spec": { - "dockerImageRepository": "registry.access.redhat.com/openshift3/mysql-55-rhel7", - "tags": [ - { - "name": "latest" - }, - { - "name": "5.5", - "from": { - "Kind": "ImageStreamTag", - "Name": "latest" - } - } - ] - } - }, - { - "kind": "ImageStream", - "apiVersion": "v1", - "metadata": { - "name": "postgresql", - "creationTimestamp": null - }, - "spec": { - "dockerImageRepository": "registry.access.redhat.com/openshift3/postgresql-92-rhel7", - "tags": [ - { - "name": "latest" - }, - { - "name": "9.2", - "from": { - "Kind": "ImageStreamTag", - "Name": "latest" - } - } - ] - } - }, - { - "kind": "ImageStream", - "apiVersion": "v1", - "metadata": { - "name": "mongodb", - "creationTimestamp": null - }, - "spec": { - "dockerImageRepository": "registry.access.redhat.com/openshift3/mongodb-24-rhel7", - "tags": [ - { - "name": "latest" - }, - { - "name": "2.4", - "from": { - "Kind": "ImageStreamTag", - "Name": "latest" - } - } - ] - } - }, - { - "kind": "ImageStream", - "apiVersion": "v1", - "metadata": { - "name": "jenkins", - "creationTimestamp": null - }, - "spec": { - "dockerImageRepository": "registry.access.redhat.com/openshift3/jenkins-1-rhel7", - "tags": [ - { - "name": "latest" - }, - { - "name": "1", - "from": { - "Kind": "ImageStreamTag", - "Name": "latest" - } - } - ] - } - } - ] -} diff --git a/roles/openshift_examples/files/examples/v1.0/image-streams/image-streams-rhel7.json b/roles/openshift_examples/files/examples/v1.0/image-streams/image-streams-rhel7.json index d2a8cfb1d..aa62ebd53 100644 --- a/roles/openshift_examples/files/examples/v1.0/image-streams/image-streams-rhel7.json +++ b/roles/openshift_examples/files/examples/v1.0/image-streams/image-streams-rhel7.json @@ -11,13 +11,10 @@ "creationTimestamp": null }, "spec": { + "dockerImageRepository": "registry.access.redhat.com/openshift3/ruby-20-rhel7", "tags": [ { - "name": "latest", - "from": { - "Kind": "ImageStreamTag", - "Name": "2.0" - } + "name": "latest" }, { "name": "2.0", @@ -30,23 +27,8 @@ "sampleRepo": "https://github.com/openshift/ruby-ex.git" }, "from": { - "Kind": "DockerImage", - "Name": "registry.access.redhat.com/openshift3/ruby-20-rhel7:latest" - } - }, - { - "name": "2.2", - "annotations": { - "description": "Build and run Ruby 2.2 applications", - "iconClass": "icon-ruby", - "tags": "builder,ruby", - "supports": "ruby:2.2,ruby", - "version": "2.2", - "sampleRepo": "https://github.com/openshift/ruby-ex.git" - }, - "from": { - "Kind": "DockerImage", - "Name": "registry.access.redhat.com/rhscl/ruby-22-rhel7:latest" + "Kind": "ImageStreamTag", + "Name": "latest" } } ] @@ -60,13 +42,10 @@ "creationTimestamp": null }, "spec": { + "dockerImageRepository": "registry.access.redhat.com/openshift3/nodejs-010-rhel7", "tags": [ { - "name": "latest", - "from": { - "Kind": "ImageStreamTag", - "Name": "0.10" - } + "name": "latest" }, { "name": "0.10", @@ -79,8 +58,8 @@ "sampleRepo": "https://github.com/openshift/nodejs-ex.git" }, "from": { - "Kind": "DockerImage", - "Name": "registry.access.redhat.com/openshift3/nodejs-010-rhel7:latest" + "Kind": "ImageStreamTag", + "Name": "latest" } } ] @@ -94,13 +73,10 @@ "creationTimestamp": null }, "spec": { + "dockerImageRepository": "registry.access.redhat.com/openshift3/perl-516-rhel7", "tags": [ { - "name": "latest", - "from": { - "Kind": "ImageStreamTag", - "Name": "5.16" - } + "name": "latest" }, { "name": "5.16", @@ -113,25 +89,9 @@ "sampleRepo": "https://github.com/openshift/dancer-ex.git" }, "from": { - "Kind": "DockerImage", - "Name": "registry.access.redhat.com/openshift3/perl-516-rhel7:latest" - } - }, - { - "name": "5.20", - "annotations": { - "description": "Build and run Perl 5.20 applications", - "iconClass": "icon-perl", - "tags": "builder,perl", - "supports":"perl:5.20,perl", - "version": "5.20", - "sampleRepo": "https://github.com/openshift/dancer-ex.git" - }, - "from": { - "Kind": "DockerImage", - "Name": "registry.access.redhat.com/rhscl/perl-520-rhel7:latest" + "Kind": "ImageStreamTag", + "Name": "latest" } - } ] } @@ -144,13 +104,10 @@ "creationTimestamp": null }, "spec": { + "dockerImageRepository": "registry.access.redhat.com/openshift3/php-55-rhel7", "tags": [ { - "name": "latest", - "from": { - "Kind": "ImageStreamTag", - "Name": "5.5" - } + "name": "latest" }, { "name": "5.5", @@ -163,23 +120,8 @@ "sampleRepo": "https://github.com/openshift/cakephp-ex.git" }, "from": { - "Kind": "DockerImage", - "Name": "registry.access.redhat.com/openshift3/php-55-rhel7:latest" - } - }, - { - "name": "5.6", - "annotations": { - "description": "Build and run PHP 5.6 applications", - "iconClass": "icon-php", - "tags": "builder,php", - "supports":"php:5.6,php", - "version": "5.6", - "sampleRepo": "https://github.com/openshift/cakephp-ex.git" - }, - "from": { - "Kind": "DockerImage", - "Name": "registry.access.redhat.com/rhscl/php-56-rhel7:latest" + "Kind": "ImageStreamTag", + "Name": "latest" } } ] @@ -193,13 +135,10 @@ "creationTimestamp": null }, "spec": { + "dockerImageRepository": "registry.access.redhat.com/openshift3/python-33-rhel7", "tags": [ { - "name": "latest", - "from": { - "Kind": "ImageStreamTag", - "Name": "3.3" - } + "name": "latest" }, { "name": "3.3", @@ -212,38 +151,8 @@ "sampleRepo": "https://github.com/openshift/django-ex.git" }, "from": { - "Kind": "DockerImage", - "Name": "registry.access.redhat.com/openshift3/python-33-rhel7:latest" - } - }, - { - "name": "2.7", - "annotations": { - "description": "Build and run Python 2.7 applications", - "iconClass": "icon-python", - "tags": "builder,python", - "supports":"python:2.7,python", - "version": "2.7", - "sampleRepo": "https://github.com/openshift/django-ex.git" - }, - "from": { - "Kind": "DockerImage", - "Name": "registry.access.redhat.com/rhscl/python-27-rhel7:latest" - } - }, - { - "name": "3.4", - "annotations": { - "description": "Build and run Python 3.4 applications", - "iconClass": "icon-python", - "tags": "builder,python", - "supports":"python:3.4,python", - "version": "3.4", - "sampleRepo": "https://github.com/openshift/django-ex.git" - }, - "from": { - "Kind": "DockerImage", - "Name": "registry.access.redhat.com/rhscl/python-34-rhel7:latest" + "Kind": "ImageStreamTag", + "Name": "latest" } } ] @@ -257,26 +166,16 @@ "creationTimestamp": null }, "spec": { + "dockerImageRepository": "registry.access.redhat.com/openshift3/mysql-55-rhel7", "tags": [ { - "name": "latest", - "from": { - "Kind": "ImageStreamTag", - "Name": "5.5" - } + "name": "latest" }, { "name": "5.5", "from": { - "Kind": "DockerImage", - "Name": "registry.access.redhat.com/openshift3/mysql-55-rhel7:latest" - } - }, - { - "name": "5.6", - "from": { - "Kind": "DockerImage", - "Name": "registry.access.redhat.com/rhscl/mysql-56-rhel7:latest" + "Kind": "ImageStreamTag", + "Name": "latest" } } ] @@ -290,26 +189,16 @@ "creationTimestamp": null }, "spec": { + "dockerImageRepository": "registry.access.redhat.com/openshift3/postgresql-92-rhel7", "tags": [ { - "name": "latest", - "from": { - "Kind": "ImageStreamTag", - "Name": "9.2" - } + "name": "latest" }, { "name": "9.2", "from": { - "Kind": "DockerImage", - "Name": "registry.access.redhat.com/openshift3/postgresql-92-rhel7:latest" - } - }, - { - "name": "9.4", - "from": { - "Kind": "DockerImage", - "Name": "registry.access.redhat.com/rhscl/postgresql-94-rhel7:latest" + "Kind": "ImageStreamTag", + "Name": "latest" } } ] @@ -323,26 +212,16 @@ "creationTimestamp": null }, "spec": { + "dockerImageRepository": "registry.access.redhat.com/openshift3/mongodb-24-rhel7", "tags": [ { - "name": "latest", - "from": { - "Kind": "ImageStreamTag", - "Name": "2.4" - } + "name": "latest" }, { "name": "2.4", "from": { - "Kind": "DockerImage", - "Name": "registry.access.redhat.com/openshift3/mongodb-24-rhel7:latest" - } - }, - { - "name": "2.6", - "from": { - "Kind": "DockerImage", - "Name": "registry.access.redhat.com/rhscl/mongodb-26-rhel7:latest" + "Kind": "ImageStreamTag", + "Name": "latest" } } ] @@ -356,19 +235,16 @@ "creationTimestamp": null }, "spec": { + "dockerImageRepository": "registry.access.redhat.com/openshift3/jenkins-1-rhel7", "tags": [ { - "name": "latest", - "from": { - "Kind": "ImageStreamTag", - "Name": "1" - } + "name": "latest" }, { "name": "1", "from": { - "Kind": "DockerImage", - "Name": "registry.access.redhat.com/openshift3/jenkins-1-rhel7:latest" + "Kind": "ImageStreamTag", + "Name": "latest" } } ] diff --git a/roles/openshift_examples/files/examples/v1.1/db-templates/README.md b/roles/openshift_examples/files/examples/v1.1/db-templates/README.md new file mode 100644 index 000000000..b39abf8b9 --- /dev/null +++ b/roles/openshift_examples/files/examples/v1.1/db-templates/README.md @@ -0,0 +1,100 @@ +OpenShift 3 Database Examples +============================= + +This directory contains example JSON templates to deploy databases in OpenShift. +They can be used to immediately instantiate a database and expose it as a +service in the current project, or to add a template that can be later used from +the Web Console or the CLI. + +The examples can also be tweaked to create new templates. + + +## Ephemeral x Persistent + +For each supported database, there are two template files. + +Files named `*-ephemeral-template.json` use +"[emptyDir](https://docs.openshift.org/latest/dev_guide/volumes.html)" volumes +for data storage, which means that data is lost after a pod restart. +This is tolerable for experimenting, but not suitable for production use. + +The other templates, named `*-persistent-template.json`, use [persistent volume +claims](https://docs.openshift.org/latest/architecture/additional_concepts/storage.html#persistent-volume-claims) +to request persistent storage provided by [persistent +volumes](https://docs.openshift.org/latest/architecture/additional_concepts/storage.html#persistent-volumes), +that must have been created upfront. + + +## Usage + +### Instantiating a new database service + +Use these instructions if you want to quickly deploy a new database service in +your current project. Instantiate a new database service with this command: + + $ oc new-app /path/to/template.json + +Replace `/path/to/template.json` with an appropriate path, that can be either a +local path or an URL. Example: + + $ oc new-app https://raw.githubusercontent.com/openshift/origin/master/examples/db-templates/mongodb-ephemeral-template.json + --> Deploying template mongodb-ephemeral for "https://raw.githubusercontent.com/openshift/origin/master/examples/db-templates/mongodb-ephemeral-template.json" + With parameters: + DATABASE_SERVICE_NAME=mongodb + MONGODB_USER=userJNX # generated + MONGODB_PASSWORD=tnEDilMVrgjp5AI2 # generated + MONGODB_DATABASE=sampledb + MONGODB_ADMIN_PASSWORD=8bYEs8OlNYhVyMBs # generated + --> Creating resources ... + Service "mongodb" created + DeploymentConfig "mongodb" created + --> Success + Run 'oc status' to view your app. + +The parameters listed in the output above can be tweaked by specifying values in +the command line with the `-p` option: + + $ oc new-app examples/db-templates/mongodb-ephemeral-template.json -p DATABASE_SERVICE_NAME=mydb -p MONGODB_USER=default + --> Deploying template mongodb-ephemeral for "examples/db-templates/mongodb-ephemeral-template.json" + With parameters: + DATABASE_SERVICE_NAME=mydb + MONGODB_USER=default + MONGODB_PASSWORD=RPvMbWlQFOevSowQ # generated + MONGODB_DATABASE=sampledb + MONGODB_ADMIN_PASSWORD=K7tIjDxDHHYCvFrJ # generated + --> Creating resources ... + Service "mydb" created + DeploymentConfig "mydb" created + --> Success + Run 'oc status' to view your app. + +Note that the persistent template requires an existing persistent volume, +otherwise the deployment won't ever succeed. + + +### Adding a database as a template + +Use these instructions if, instead of instantiating a service right away, you +want to load the template into an OpenShift project so that it can be used +later. Create the template with this command: + + $ oc create -f /path/to/template.json + +Replace `/path/to/template.json` with an appropriate path, that can be either a +local path or an URL. Example: + + $ oc create -f https://raw.githubusercontent.com/openshift/origin/master/examples/db-templates/mongodb-ephemeral-template.json + template "mongodb-ephemeral" created + +The new template is now available to use in the Web Console or with `oc +new-app`. + + +## More information + +The usage of each supported database image is further documented in the links +below: + +- [MySQL](https://docs.openshift.org/latest/using_images/db_images/mysql.html) +- [PostgreSQL](https://docs.openshift.org/latest/using_images/db_images/postgresql.html) +- [MongoDB](https://docs.openshift.org/latest/using_images/db_images/mongodb.html) diff --git a/roles/openshift_examples/files/examples/v1.1/db-templates/mongodb-ephemeral-template.json b/roles/openshift_examples/files/examples/v1.1/db-templates/mongodb-ephemeral-template.json index 6b90fa54e..11767862d 100644 --- a/roles/openshift_examples/files/examples/v1.1/db-templates/mongodb-ephemeral-template.json +++ b/roles/openshift_examples/files/examples/v1.1/db-templates/mongodb-ephemeral-template.json @@ -55,7 +55,7 @@ { "type": "ImageChange", "imageChangeParams": { - "automatic": true, + "automatic": false, "containerNames": [ "mongodb" ], diff --git a/roles/openshift_examples/files/examples/v1.1/db-templates/mysql-ephemeral-template.json b/roles/openshift_examples/files/examples/v1.1/db-templates/mysql-ephemeral-template.json index b384a5992..84911d2d6 100644 --- a/roles/openshift_examples/files/examples/v1.1/db-templates/mysql-ephemeral-template.json +++ b/roles/openshift_examples/files/examples/v1.1/db-templates/mysql-ephemeral-template.json @@ -55,7 +55,7 @@ { "type": "ImageChange", "imageChangeParams": { - "automatic": true, + "automatic": false, "containerNames": [ "mysql" ], diff --git a/roles/openshift_examples/files/examples/v1.1/db-templates/postgresql-ephemeral-template.json b/roles/openshift_examples/files/examples/v1.1/db-templates/postgresql-ephemeral-template.json index 60d6b8519..9ee9364a9 100644 --- a/roles/openshift_examples/files/examples/v1.1/db-templates/postgresql-ephemeral-template.json +++ b/roles/openshift_examples/files/examples/v1.1/db-templates/postgresql-ephemeral-template.json @@ -55,7 +55,7 @@ { "type": "ImageChange", "imageChangeParams": { - "automatic": true, + "automatic": false, "containerNames": [ "postgresql" ], diff --git a/roles/openshift_examples/files/examples/v1.1/image-streams/image-streams-centos7.json b/roles/openshift_examples/files/examples/v1.1/image-streams/image-streams-centos7.json index 1a78b1279..51805d729 100644 --- a/roles/openshift_examples/files/examples/v1.1/image-streams/image-streams-centos7.json +++ b/roles/openshift_examples/files/examples/v1.1/image-streams/image-streams-centos7.json @@ -16,7 +16,7 @@ "name": "latest", "from": { "Kind": "ImageStreamTag", - "Name": "2.0" + "Name": "2.2" } }, { @@ -99,7 +99,7 @@ "name": "latest", "from": { "Kind": "ImageStreamTag", - "Name": "5.16" + "Name": "5.20" } }, { @@ -149,7 +149,7 @@ "name": "latest", "from": { "Kind": "ImageStreamTag", - "Name": "5.5" + "Name": "5.6" } }, { @@ -198,7 +198,7 @@ "name": "latest", "from": { "Kind": "ImageStreamTag", - "Name": "3.3" + "Name": "3.4" } }, { @@ -296,7 +296,7 @@ "name": "latest", "from": { "Kind": "ImageStreamTag", - "Name": "5.5" + "Name": "5.6" } }, { @@ -329,7 +329,7 @@ "name": "latest", "from": { "Kind": "ImageStreamTag", - "Name": "9.2" + "Name": "9.4" } }, { @@ -362,7 +362,7 @@ "name": "latest", "from": { "Kind": "ImageStreamTag", - "Name": "2.4" + "Name": "2.6" } }, { diff --git a/roles/openshift_examples/files/examples/v1.1/image-streams/image-streams-rhel7.json b/roles/openshift_examples/files/examples/v1.1/image-streams/image-streams-rhel7.json index d2a8cfb1d..3092ee486 100644 --- a/roles/openshift_examples/files/examples/v1.1/image-streams/image-streams-rhel7.json +++ b/roles/openshift_examples/files/examples/v1.1/image-streams/image-streams-rhel7.json @@ -16,7 +16,7 @@ "name": "latest", "from": { "Kind": "ImageStreamTag", - "Name": "2.0" + "Name": "2.2" } }, { @@ -99,7 +99,7 @@ "name": "latest", "from": { "Kind": "ImageStreamTag", - "Name": "5.16" + "Name": "5.20" } }, { @@ -149,7 +149,7 @@ "name": "latest", "from": { "Kind": "ImageStreamTag", - "Name": "5.5" + "Name": "5.6" } }, { @@ -198,7 +198,7 @@ "name": "latest", "from": { "Kind": "ImageStreamTag", - "Name": "3.3" + "Name": "3.4" } }, { @@ -262,7 +262,7 @@ "name": "latest", "from": { "Kind": "ImageStreamTag", - "Name": "5.5" + "Name": "5.6" } }, { @@ -295,7 +295,7 @@ "name": "latest", "from": { "Kind": "ImageStreamTag", - "Name": "9.2" + "Name": "9.4" } }, { @@ -328,7 +328,7 @@ "name": "latest", "from": { "Kind": "ImageStreamTag", - "Name": "2.4" + "Name": "2.6" } }, { diff --git a/roles/openshift_examples/files/examples/v1.1/quickstart-templates/cakephp-mysql.json b/roles/openshift_examples/files/examples/v1.1/quickstart-templates/cakephp-mysql.json index da5679444..52143da2d 100644 --- a/roles/openshift_examples/files/examples/v1.1/quickstart-templates/cakephp-mysql.json +++ b/roles/openshift_examples/files/examples/v1.1/quickstart-templates/cakephp-mysql.json @@ -83,7 +83,7 @@ "from": { "kind": "ImageStreamTag", "namespace": "openshift", - "name": "php:5.5" + "name": "php:5.6" } } }, @@ -98,6 +98,9 @@ "type": "ImageChange" }, { + "type": "ConfigChange" + }, + { "type": "GitHub", "github": { "secret": "${GITHUB_WEBHOOK_SECRET}" @@ -250,6 +253,20 @@ }, "triggers": [ { + "type": "ImageChange", + "imageChangeParams": { + "automatic": false, + "containerNames": [ + "mysql" + ], + "from": { + "kind": "ImageStreamTag", + "namespace": "openshift", + "name": "mysql:5.6" + } + } + }, + { "type": "ConfigChange" } ], @@ -268,7 +285,7 @@ "containers": [ { "name": "mysql", - "image": "${MYSQL_IMAGE}", + "image": "mysql", "ports": [ { "containerPort": 3306 @@ -347,11 +364,6 @@ "from": "[a-zA-Z0-9]{16}" }, { - "name": "MYSQL_IMAGE", - "description": "Image to use for mysql", - "value": "openshift/mysql-55-centos7" - }, - { "name": "CAKEPHP_SECRET_TOKEN", "description": "Set this to a long random string", "generate": "expression", diff --git a/roles/openshift_examples/files/examples/v1.1/quickstart-templates/cakephp.json b/roles/openshift_examples/files/examples/v1.1/quickstart-templates/cakephp.json index f426e1dd6..b77dc0c51 100644 --- a/roles/openshift_examples/files/examples/v1.1/quickstart-templates/cakephp.json +++ b/roles/openshift_examples/files/examples/v1.1/quickstart-templates/cakephp.json @@ -83,7 +83,7 @@ "from": { "kind": "ImageStreamTag", "namespace": "openshift", - "name": "php:5.5" + "name": "php:5.6" } } }, @@ -98,6 +98,9 @@ "type": "ImageChange" }, { + "type": "ConfigChange" + }, + { "type": "GitHub", "github": { "secret": "${GITHUB_WEBHOOK_SECRET}" diff --git a/roles/openshift_examples/files/examples/v1.1/quickstart-templates/dancer-mysql.json b/roles/openshift_examples/files/examples/v1.1/quickstart-templates/dancer-mysql.json index 55f655102..edc6a1f3f 100644 --- a/roles/openshift_examples/files/examples/v1.1/quickstart-templates/dancer-mysql.json +++ b/roles/openshift_examples/files/examples/v1.1/quickstart-templates/dancer-mysql.json @@ -83,7 +83,7 @@ "from": { "kind": "ImageStreamTag", "namespace": "openshift", - "name": "perl:5.16" + "name": "perl:5.20" } } }, @@ -98,6 +98,9 @@ "type": "ImageChange" }, { + "type": "ConfigChange" + }, + { "type": "GitHub", "github": { "secret": "${GITHUB_WEBHOOK_SECRET}" @@ -224,6 +227,20 @@ }, "triggers": [ { + "type": "ImageChange", + "imageChangeParams": { + "automatic": false, + "containerNames": [ + "mysql" + ], + "from": { + "kind": "ImageStreamTag", + "namespace": "openshift", + "name": "mysql:5.6" + } + } + }, + { "type": "ConfigChange" } ], @@ -242,7 +259,7 @@ "containers": [ { "name": "mysql", - "image": "${MYSQL_IMAGE}", + "image": "mysql", "ports": [ { "containerPort": 3306 @@ -329,11 +346,6 @@ "value": "sampledb" }, { - "name": "MYSQL_IMAGE", - "description": "Image to use for mysql", - "value": "openshift/mysql-55-centos7" - }, - { "name": "PERL_APACHE2_RELOAD", "description": "Set this to \"true\" to enable automatic reloading of modified Perl modules", "value": "" diff --git a/roles/openshift_examples/files/examples/v1.1/quickstart-templates/dancer.json b/roles/openshift_examples/files/examples/v1.1/quickstart-templates/dancer.json index 3ee19be83..409252d82 100644 --- a/roles/openshift_examples/files/examples/v1.1/quickstart-templates/dancer.json +++ b/roles/openshift_examples/files/examples/v1.1/quickstart-templates/dancer.json @@ -83,7 +83,7 @@ "from": { "kind": "ImageStreamTag", "namespace": "openshift", - "name": "perl:5.16" + "name": "perl:5.20" } } }, @@ -98,6 +98,9 @@ "type": "ImageChange" }, { + "type": "ConfigChange" + }, + { "type": "GitHub", "github": { "secret": "${GITHUB_WEBHOOK_SECRET}" diff --git a/roles/openshift_examples/files/examples/v1.1/quickstart-templates/django-postgresql.json b/roles/openshift_examples/files/examples/v1.1/quickstart-templates/django-postgresql.json index 749064e98..c4c55ddd8 100644 --- a/roles/openshift_examples/files/examples/v1.1/quickstart-templates/django-postgresql.json +++ b/roles/openshift_examples/files/examples/v1.1/quickstart-templates/django-postgresql.json @@ -83,7 +83,7 @@ "from": { "kind": "ImageStreamTag", "namespace": "openshift", - "name": "python:3.3" + "name": "python:3.4" } } }, @@ -98,6 +98,9 @@ "type": "ImageChange" }, { + "type": "ConfigChange" + }, + { "type": "GitHub", "github": { "secret": "${GITHUB_WEBHOOK_SECRET}" @@ -231,6 +234,20 @@ }, "triggers": [ { + "type": "ImageChange", + "imageChangeParams": { + "automatic": false, + "containerNames": [ + "postgresql" + ], + "from": { + "kind": "ImageStreamTag", + "namespace": "openshift", + "name": "postgresql:9.4" + } + } + }, + { "type": "ConfigChange" } ], @@ -249,7 +266,7 @@ "containers": [ { "name": "postgresql", - "image": "${POSTGRESQL_IMAGE}", + "image": "postgresql", "ports": [ { "containerPort": 5432 @@ -328,11 +345,6 @@ "from": "[a-zA-Z0-9]{16}" }, { - "name": "POSTGRESQL_IMAGE", - "description": "Image to use for postgresql", - "value": "openshift/postgresql-92-centos7" - }, - { "name": "APP_CONFIG", "description": "Relative path to Gunicorn configuration file (optional)" }, diff --git a/roles/openshift_examples/files/examples/v1.1/quickstart-templates/django.json b/roles/openshift_examples/files/examples/v1.1/quickstart-templates/django.json index 143a942ab..75b6798b5 100644 --- a/roles/openshift_examples/files/examples/v1.1/quickstart-templates/django.json +++ b/roles/openshift_examples/files/examples/v1.1/quickstart-templates/django.json @@ -83,7 +83,7 @@ "from": { "kind": "ImageStreamTag", "namespace": "openshift", - "name": "python:3.3" + "name": "python:3.4" } } }, @@ -98,6 +98,9 @@ "type": "ImageChange" }, { + "type": "ConfigChange" + }, + { "type": "GitHub", "github": { "secret": "${GITHUB_WEBHOOK_SECRET}" diff --git a/roles/openshift_examples/files/examples/v1.1/quickstart-templates/jenkins-ephemeral-template.json b/roles/openshift_examples/files/examples/v1.1/quickstart-templates/jenkins-ephemeral-template.json index 14bd032af..0b016373f 100644 --- a/roles/openshift_examples/files/examples/v1.1/quickstart-templates/jenkins-ephemeral-template.json +++ b/roles/openshift_examples/files/examples/v1.1/quickstart-templates/jenkins-ephemeral-template.json @@ -7,7 +7,7 @@ "annotations": { "description": "Jenkins service, without persistent storage. WARNING: Any data stored will be lost upon pod destruction. Only use this template for testing", "iconClass": "icon-jenkins", - "tags": "database,jenkins" + "tags": "instant-app,jenkins" } }, "objects": [ @@ -70,6 +70,21 @@ }, "triggers": [ { + "type": "ImageChange", + "imageChangeParams": { + "automatic": false, + "containerNames": [ + "jenkins" + ], + "from": { + "kind": "ImageStreamTag", + "name": "jenkins:latest", + "namespace": "openshift" + }, + "lastTriggeredImage": "" + } + }, + { "type": "ConfigChange" } ], @@ -133,11 +148,6 @@ "value": "jenkins" }, { - "name": "JENKINS_IMAGE", - "description": "Jenkins Docker image to use", - "value": "openshift/jenkins-1-centos7" - }, - { "name": "JENKINS_PASSWORD", "description": "Password for the Jenkins user", "generate": "expression", diff --git a/roles/openshift_examples/files/examples/v1.1/quickstart-templates/jenkins-persistent-template.json b/roles/openshift_examples/files/examples/v1.1/quickstart-templates/jenkins-persistent-template.json index fa31de486..98f0cea95 100644 --- a/roles/openshift_examples/files/examples/v1.1/quickstart-templates/jenkins-persistent-template.json +++ b/roles/openshift_examples/files/examples/v1.1/quickstart-templates/jenkins-persistent-template.json @@ -7,7 +7,7 @@ "annotations": { "description": "Jenkins service, with persistent storage.", "iconClass": "icon-jenkins", - "tags": "database,jenkins" + "tags": "instant-app,jenkins" } }, "objects": [ @@ -87,6 +87,21 @@ }, "triggers": [ { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "jenkins" + ], + "from": { + "kind": "ImageStreamTag", + "name": "jenkins:latest", + "namespace": "openshift" + }, + "lastTriggeredImage": "" + } + }, + { "type": "ConfigChange" } ], @@ -156,11 +171,6 @@ "value": "password" }, { - "name": "JENKINS_IMAGE", - "description": "Jenkins Docker image to use", - "value": "openshift/jenkins-1-centos7" - }, - { "name": "VOLUME_CAPACITY", "description": "Volume space available for data, e.g. 512Mi, 2Gi", "value": "512Mi", diff --git a/roles/openshift_examples/files/examples/v1.1/quickstart-templates/nodejs-mongodb.json b/roles/openshift_examples/files/examples/v1.1/quickstart-templates/nodejs-mongodb.json index 8760b074c..21f943da7 100644 --- a/roles/openshift_examples/files/examples/v1.1/quickstart-templates/nodejs-mongodb.json +++ b/roles/openshift_examples/files/examples/v1.1/quickstart-templates/nodejs-mongodb.json @@ -98,6 +98,9 @@ "type": "ImageChange" }, { + "type": "ConfigChange" + }, + { "type": "GitHub", "github": { "secret": "${GITHUB_WEBHOOK_SECRET}" @@ -229,6 +232,20 @@ }, "triggers": [ { + "type": "ImageChange", + "imageChangeParams": { + "automatic": false, + "containerNames": [ + "mongodb" + ], + "from": { + "kind": "ImageStreamTag", + "namespace": "openshift", + "name": "mongodb:2.6" + } + } + }, + { "type": "ConfigChange" } ], @@ -247,7 +264,7 @@ "containers": [ { "name": "mongodb", - "image": "${MONGODB_IMAGE}", + "image": "mongodb", "ports": [ { "containerPort": 27017 @@ -336,11 +353,6 @@ "description": "Password for the database admin user", "generate": "expression", "from": "[a-zA-Z0-9]{16}" - }, - { - "name": "MONGODB_IMAGE", - "description": "Image to use for mongodb", - "value": "openshift/mongodb-24-centos7" } ] } diff --git a/roles/openshift_examples/files/examples/v1.1/quickstart-templates/nodejs.json b/roles/openshift_examples/files/examples/v1.1/quickstart-templates/nodejs.json index e047266e3..1e301c076 100644 --- a/roles/openshift_examples/files/examples/v1.1/quickstart-templates/nodejs.json +++ b/roles/openshift_examples/files/examples/v1.1/quickstart-templates/nodejs.json @@ -98,6 +98,9 @@ "type": "ImageChange" }, { + "type": "ConfigChange" + }, + { "type": "GitHub", "github": { "secret": "${GITHUB_WEBHOOK_SECRET}" diff --git a/roles/openshift_examples/files/examples/v1.1/quickstart-templates/rails-postgresql.json b/roles/openshift_examples/files/examples/v1.1/quickstart-templates/rails-postgresql.json index b98282528..5dcbbc729 100644 --- a/roles/openshift_examples/files/examples/v1.1/quickstart-templates/rails-postgresql.json +++ b/roles/openshift_examples/files/examples/v1.1/quickstart-templates/rails-postgresql.json @@ -83,7 +83,7 @@ "from": { "kind": "ImageStreamTag", "namespace": "openshift", - "name": "ruby:2.0" + "name": "ruby:2.2" } } }, @@ -98,6 +98,9 @@ "type": "ImageChange" }, { + "type": "ConfigChange" + }, + { "type": "GitHub", "github": { "secret": "${GITHUB_WEBHOOK_SECRET}" @@ -262,6 +265,20 @@ }, "triggers": [ { + "type": "ImageChange", + "imageChangeParams": { + "automatic": false, + "containerNames": [ + "postgresql" + ], + "from": { + "kind": "ImageStreamTag", + "namespace": "openshift", + "name": "postgresql:9.4" + } + } + }, + { "type": "ConfigChange" } ], @@ -280,7 +297,7 @@ "containers": [ { "name": "postgresql", - "image": "${POSTGRESQL_IMAGE}", + "image": "postgresql", "ports": [ { "containerPort": 5432 @@ -384,14 +401,9 @@ "value": "root" }, { - "name": "POSTGRESQL_IMAGE", - "description": "Image to use for postgresql", - "value": "openshift/postgresql-92-centos7" - }, - { "name": "POSTGRESQL_MAX_CONNECTIONS", "description": "database max connections", - "value": "10" + "value": "100" }, { "name": "POSTGRESQL_SHARED_BUFFERS", diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-streams/fis-image-streams.json b/roles/openshift_examples/files/examples/v1.1/xpaas-streams/fis-image-streams.json new file mode 100644 index 000000000..ed0e94bed --- /dev/null +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-streams/fis-image-streams.json @@ -0,0 +1,56 @@ +{ + "kind": "List", + "apiVersion": "v1", + "metadata": { + "name": "fis-image-streams", + "annotations": { + "description": "ImageStream definitions for JBoss Fuse Integration Services." + } + }, + "items": [ + { + "kind": "ImageStream", + "apiVersion": "v1", + "metadata": { + "name": "fis-java-openshift" + }, + "spec": { + "dockerImageRepository": "registry.access.redhat.com/jboss-fuse-6/fis-java-openshift", + "tags": [ + { + "name": "1.0", + "annotations": { + "description": "JBoss Fuse Integration Services 6.2.1 Java S2I images.", + "iconClass": "icon-jboss", + "tags": "builder,jboss-fuse,java,xpaas", + "supports":"jboss-fuse:6.2.1,java:8,xpaas:1.2", + "version": "1.0" + } + } + ] + } + }, + { + "kind": "ImageStream", + "apiVersion": "v1", + "metadata": { + "name": "fis-karaf-openshift" + }, + "spec": { + "dockerImageRepository": "registry.access.redhat.com/jboss-fuse-6/fis-karaf-openshift", + "tags": [ + { + "name": "1.0", + "annotations": { + "description": "JBoss Fuse Integration Services 6.2.1 Karaf S2I images.", + "iconClass": "icon-jboss", + "tags": "builder,jboss-fuse,java,karaf,xpaas", + "supports":"jboss-fuse:6.2.1,java:8,xpaas:1.2", + "version": "1.0" + } + } + ] + } + } + ] +} diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-streams/jboss-image-streams.json b/roles/openshift_examples/files/examples/v1.1/xpaas-streams/jboss-image-streams.json index aaf5569ae..64b435205 100644 --- a/roles/openshift_examples/files/examples/v1.1/xpaas-streams/jboss-image-streams.json +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-streams/jboss-image-streams.json @@ -28,6 +28,18 @@ "sampleContextDir": "tomcat-websocket-chat", "version": "1.1" } + }, + { + "name": "1.2", + "annotations": { + "description": "JBoss Web Server 3.0 Tomcat 7 S2I images.", + "iconClass": "icon-jboss", + "tags": "builder,tomcat,tomcat7,java,jboss,xpaas", + "supports":"tomcat7:3.0,tomcat:7,java:8,xpaas:1.2", + "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git", + "sampleContextDir": "tomcat-websocket-chat", + "version": "1.2" + } } ] } @@ -52,6 +64,18 @@ "sampleContextDir": "tomcat-websocket-chat", "version": "1.1" } + }, + { + "name": "1.2", + "annotations": { + "description": "JBoss Web Server 3.0 Tomcat 8 S2I images.", + "iconClass": "icon-jboss", + "tags": "builder,tomcat,tomcat8,java,jboss,xpaas", + "supports":"tomcat8:3.0,tomcat:8,java:8,xpaas:1.2", + "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git", + "sampleContextDir": "tomcat-websocket-chat", + "version": "1.2" + } } ] } @@ -77,6 +101,66 @@ "sampleRef": "6.4.x", "version": "1.1" } + }, + { + "name": "1.2", + "annotations": { + "description": "JBoss EAP 6.4 S2I images.", + "iconClass": "icon-jboss", + "tags": "builder,eap,javaee,java,jboss,xpaas", + "supports":"eap:6.4,javaee:6,java:8,xpaas:1.2", + "sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git", + "sampleContextDir": "kitchensink", + "sampleRef": "6.4.x", + "version": "1.2" + } + } + ] + } + }, + { + "kind": "ImageStream", + "apiVersion": "v1", + "metadata": { + "name": "jboss-decisionserver62-openshift" + }, + "spec": { + "dockerImageRepository": "registry.access.redhat.com/jboss-decisionserver-6/decisionserver62-openshift", + "tags": [ + { + "name": "1.2", + "annotations": { + "description": "Decision Server 6.2 S2I images.", + "iconClass": "icon-jboss", + "tags": "builder,decisionserver,java,xpaas", + "supports":"decisionserver:6.2,java:8,xpaas:1.2", + "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git", + "sampleContextDir": "decisionserver/hellorules", + "sampleRef": "master", + "version": "1.2" + } + } + ] + } + }, + { + "kind": "ImageStream", + "apiVersion": "v1", + "metadata": { + "name": "jboss-datagrid65-openshift" + }, + "spec": { + "dockerImageRepository": "registry.access.redhat.com/jboss-datagrid-6/datagrid65-openshift", + "tags": [ + { + "name": "1.2", + "annotations": { + "description": "JBoss Data Grid 6.5 S2I images.", + "iconClass": "icon-jboss", + "tags": "datagrid,java,jboss,xpaas", + "supports":"datagrid:6.5,java:8,xpaas:1.2", + "version": "1.2" + } } ] } @@ -99,6 +183,16 @@ "supports":"amq:6.2,messaging,xpaas:1.1", "version": "1.1" } + }, + { + "name": "1.2", + "annotations": { + "description": "JBoss A-MQ 6.2 broker image.", + "iconClass": "icon-jboss", + "tags": "messaging,amq,jboss,xpaas", + "supports":"amq:6.2,messaging,xpaas:1.2", + "version": "1.2" + } } ] } diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/amq62-basic.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/amq62-basic.json index 3fd04c28c..2b1680755 100644 --- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/amq62-basic.json +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/amq62-basic.json @@ -6,13 +6,13 @@ "description": "Application template for JBoss A-MQ brokers. These can be deployed as standalone or in a mesh. This template doesn't feature SSL support.", "iconClass": "icon-jboss", "tags": "messaging,amq,jboss,xpaas", - "version": "1.1.0" + "version": "1.2.0" }, "name": "amq62-basic" }, "labels": { "template": "amq62-basic", - "xpaas": "1.1.0" + "xpaas": "1.2.0" }, "parameters": [ { @@ -54,20 +54,6 @@ "required": false }, { - "description": "User name for admin user. If left empty, it will be generated.", - "name": "AMQ_ADMIN_USERNAME", - "from": "user[a-zA-Z0-9]{3}", - "generate": "expression", - "required": true - }, - { - "description": "Password for admin user. If left empty, it will be generated.", - "name": "AMQ_ADMIN_PASSWORD", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression", - "required": true - }, - { "description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.", "name": "AMQ_MESH_DISCOVERY_TYPE", "value": "kube", @@ -207,7 +193,7 @@ "from": { "kind": "ImageStreamTag", "namespace": "${IMAGE_STREAM_NAMESPACE}", - "name": "jboss-amq-62:1.1" + "name": "jboss-amq-62:1.2" } } }, @@ -239,12 +225,17 @@ "command": [ "/bin/bash", "-c", - "curl -s -L -u ${AMQ_ADMIN_USERNAME}:${AMQ_ADMIN_PASSWORD} 'http://localhost:8161/hawtio/jolokia/read/org.apache.activemq:type=Broker,brokerName=*,service=Health/CurrentStatus' | grep -q '\"CurrentStatus\" *: *\"Good\"'" + "/opt/amq/bin/readinessProbe.sh" ] } }, "ports": [ { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, + { "name": "amqp", "containerPort": 5672, "protocol": "TCP" @@ -287,14 +278,6 @@ "value": "${MQ_TOPICS}" }, { - "name": "AMQ_ADMIN_USERNAME", - "value": "${AMQ_ADMIN_USERNAME}" - }, - { - "name": "AMQ_ADMIN_PASSWORD", - "value": "${AMQ_ADMIN_PASSWORD}" - }, - { "name": "AMQ_MESH_DISCOVERY_TYPE", "value": "${AMQ_MESH_DISCOVERY_TYPE}" }, diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/amq62-persistent-ssl.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/amq62-persistent-ssl.json index aa9e716cf..0755fef45 100644 --- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/amq62-persistent-ssl.json +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/amq62-persistent-ssl.json @@ -6,13 +6,13 @@ "description": "Application template for JBoss A-MQ brokers. These are deployed as standalone and use persistent storage for saving messages. This template supports SSL and requires usage of OpenShift secrets.", "iconClass": "icon-jboss", "tags": "messaging,amq,jboss,xpaas", - "version": "1.1.0" + "version": "1.2.0" }, "name": "amq62-persistent-ssl" }, "labels": { "template": "amq62-persistent-ssl", - "xpaas": "1.1.0" + "xpaas": "1.2.0" }, "parameters": [ { @@ -60,20 +60,6 @@ "required": false }, { - "description": "User name for admin user. If left empty, it will be generated.", - "name": "AMQ_ADMIN_USERNAME", - "from": "user[a-zA-Z0-9]{3}", - "generate": "expression", - "required": true - }, - { - "description": "Password for admin user. If left empty, it will be generated.", - "name": "AMQ_ADMIN_PASSWORD", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression", - "required": true - }, - { "description": "Name of a secret containing SSL related files", "name": "AMQ_SECRET", "value": "amq-app-secret", @@ -333,7 +319,7 @@ "from": { "kind": "ImageStreamTag", "namespace": "${IMAGE_STREAM_NAMESPACE}", - "name": "jboss-amq-62:1.1" + "name": "jboss-amq-62:1.2" } } }, @@ -377,12 +363,17 @@ "command": [ "/bin/bash", "-c", - "curl -s -L -u ${AMQ_ADMIN_USERNAME}:${AMQ_ADMIN_PASSWORD} 'http://localhost:8161/hawtio/jolokia/read/org.apache.activemq:type=Broker,brokerName=*,service=Health/CurrentStatus' | grep -q '\"CurrentStatus\" *: *\"Good\"'" + "/opt/amq/bin/readinessProbe.sh" ] } }, "ports": [ { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, + { "name": "amqp", "containerPort": 5672, "protocol": "TCP" @@ -445,14 +436,6 @@ "value": "${MQ_TOPICS}" }, { - "name": "AMQ_ADMIN_USERNAME", - "value": "${AMQ_ADMIN_USERNAME}" - }, - { - "name": "AMQ_ADMIN_PASSWORD", - "value": "${AMQ_ADMIN_PASSWORD}" - }, - { "name": "AMQ_KEYSTORE_TRUSTSTORE_DIR", "value": "/etc/amq-secret-volume" }, diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/amq62-persistent.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/amq62-persistent.json index 3a2db3ce9..a8b3d5714 100644 --- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/amq62-persistent.json +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/amq62-persistent.json @@ -6,13 +6,13 @@ "description": "Application template for JBoss A-MQ brokers. These can be deployed as standalone and use persistent storage for saving messages. This template doesn't feature SSL support.", "iconClass": "icon-jboss", "tags": "messaging,amq,jboss,xpaas", - "version": "1.1.0" + "version": "1.2.0" }, "name": "amq62-persistent" }, "labels": { "template": "amq62-persistent", - "xpaas": "1.1.0" + "xpaas": "1.2.0" }, "parameters": [ { @@ -60,20 +60,6 @@ "required": false }, { - "description": "User name for admin user. If left empty, it will be generated.", - "name": "AMQ_ADMIN_USERNAME", - "from": "user[a-zA-Z0-9]{3}", - "generate": "expression", - "required": true - }, - { - "description": "Password for admin user. If left empty, it will be generated.", - "name": "AMQ_ADMIN_PASSWORD", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression", - "required": true - }, - { "description": "The A-MQ storage usage limit", "name": "AMQ_STORAGE_USAGE_LIMIT", "value": "100 gb", @@ -207,7 +193,7 @@ "from": { "kind": "ImageStreamTag", "namespace": "${IMAGE_STREAM_NAMESPACE}", - "name": "jboss-amq-62:1.1" + "name": "jboss-amq-62:1.2" } } }, @@ -245,12 +231,17 @@ "command": [ "/bin/bash", "-c", - "curl -s -L -u ${AMQ_ADMIN_USERNAME}:${AMQ_ADMIN_PASSWORD} 'http://localhost:8161/hawtio/jolokia/read/org.apache.activemq:type=Broker,brokerName=*,service=Health/CurrentStatus' | grep -q '\"CurrentStatus\" *: *\"Good\"'" + "/opt/amq/bin/readinessProbe.sh" ] } }, "ports": [ { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, + { "name": "amqp", "containerPort": 5672, "protocol": "TCP" @@ -293,14 +284,6 @@ "value": "${MQ_TOPICS}" }, { - "name": "AMQ_ADMIN_USERNAME", - "value": "${AMQ_ADMIN_USERNAME}" - }, - { - "name": "AMQ_ADMIN_PASSWORD", - "value": "${AMQ_ADMIN_PASSWORD}" - }, - { "name": "AMQ_STORAGE_USAGE_LIMIT", "value": "${AMQ_STORAGE_USAGE_LIMIT}" } diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/amq62-ssl.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/amq62-ssl.json index f61fb24c2..ced360b09 100644 --- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/amq62-ssl.json +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/amq62-ssl.json @@ -6,13 +6,13 @@ "description": "Application template for JBoss A-MQ brokers. These can be deployed as standalone or in a mesh. This template supports SSL and requires usage of OpenShift secrets.", "iconClass": "icon-jboss", "tags": "messaging,amq,jboss,xpaas", - "version": "1.1.0" + "version": "1.2.0" }, "name": "amq62-ssl" }, "labels": { "template": "amq62-ssl", - "xpaas": "1.1.0" + "xpaas": "1.2.0" }, "parameters": [ { @@ -54,20 +54,6 @@ "required": false }, { - "description": "User name for admin user. If left empty, it will be generated.", - "name": "AMQ_ADMIN_USERNAME", - "from": "user[a-zA-Z0-9]{3}", - "generate": "expression", - "required": true - }, - { - "description": "Password for admin user. If left empty, it will be generated.", - "name": "AMQ_ADMIN_PASSWORD", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression", - "required": true - }, - { "description": "Name of a secret containing SSL related files", "name": "AMQ_SECRET", "value": "amq-app-secret", @@ -333,7 +319,7 @@ "from": { "kind": "ImageStreamTag", "namespace": "${IMAGE_STREAM_NAMESPACE}", - "name": "jboss-amq-62:1.1" + "name": "jboss-amq-62:1.2" } } }, @@ -373,12 +359,17 @@ "command": [ "/bin/bash", "-c", - "curl -s -L -u ${AMQ_ADMIN_USERNAME}:${AMQ_ADMIN_PASSWORD} 'http://localhost:8161/hawtio/jolokia/read/org.apache.activemq:type=Broker,brokerName=*,service=Health/CurrentStatus' | grep -q '\"CurrentStatus\" *: *\"Good\"'" + "/opt/amq/bin/readinessProbe.sh" ] } }, "ports": [ { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, + { "name": "amqp", "containerPort": 5672, "protocol": "TCP" @@ -441,14 +432,6 @@ "value": "${MQ_TOPICS}" }, { - "name": "AMQ_ADMIN_USERNAME", - "value": "${AMQ_ADMIN_USERNAME}" - }, - { - "name": "AMQ_ADMIN_PASSWORD", - "value": "${AMQ_ADMIN_PASSWORD}" - }, - { "name": "AMQ_MESH_DISCOVERY_TYPE", "value": "${AMQ_MESH_DISCOVERY_TYPE}" }, diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/datagrid65-basic.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/datagrid65-basic.json new file mode 100644 index 000000000..56e76016f --- /dev/null +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/datagrid65-basic.json @@ -0,0 +1,332 @@ +{ + "kind": "Template", + "apiVersion": "v1", + "metadata": { + "annotations": { + "iconClass": "icon-jboss", + "description": "Application template for JDG 6.5 applications.", + "tags": "datagrid,jboss,xpaas", + "version": "1.2.0" + }, + "name": "datagrid65-basic" + }, + "labels": { + "template": "datagrid65-basic", + "xpaas": "1.2.0" + }, + "parameters": [ + { + "description": "The name for the application.", + "name": "APPLICATION_NAME", + "value": "datagrid-app", + "required": true + }, + { + "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>", + "name": "HOSTNAME_HTTP", + "value": "", + "required": false + }, + { + "description": "User name for JDG user.", + "name": "USERNAME", + "value": "", + "required": false + }, + { + "description": "Password for JDG user.", + "name": "PASSWORD", + "value": "", + "required": false + }, + { + "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.", + "name": "IMAGE_STREAM_NAMESPACE", + "value": "openshift", + "required": true + }, + { + "description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')", + "name": "INFINISPAN_CONNECTORS", + "value": "hotrod,memcached,rest", + "required": false + }, + { + "description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configured for each entry.", + "name": "CACHE_NAMES", + "value": "", + "required": false + }, + { + "description": "", + "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH", + "value": "", + "required": false + }, + { + "description": "The name of the cache to expose through this memcached connector (defaults to 'default')", + "name": "MEMCACHED_CACHE", + "value": "default", + "required": false + }, + { + "description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint", + "name": "REST_SECURITY_DOMAIN", + "value": "", + "required": false + }, + { + "description": "JGroups cluster password", + "name": "JGROUPS_CLUSTER_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + } + ], + "objects": [ + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8080, + "targetPort": 8080 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's HTTP port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 11211, + "targetPort": 11211 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-memcached", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Memcached service for clustered applications." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 11333, + "targetPort": 11333 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-hotrod", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Hot Rod service for clustered applications." + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-http", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's HTTP service." + } + }, + "spec": { + "host": "${HOSTNAME_HTTP}", + "to": { + "name": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}" + ], + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "jboss-datagrid65-openshift:1.2" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "terminationGracePeriodSeconds": 60, + "containers": [ + { + "name": "${APPLICATION_NAME}", + "image": "jboss-datagrid65-openshift", + "imagePullPolicy": "Always", + "livenessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/datagrid/bin/livenessProbe.sh" + ] + } + }, + "readinessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/datagrid/bin/readinessProbe.sh" + ] + } + }, + "ports": [ + { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, + { + "name": "http", + "containerPort": 8080, + "protocol": "TCP" + }, + { + "name": "ping", + "containerPort": 8888, + "protocol": "TCP" + }, + { + "name": "memcached", + "containerPort": 11211, + "protocol": "TCP" + }, + { + "name": "hotrod", + "containerPort": 11222, + "protocol": "TCP" + } + ], + "env": [ + { + "name": "USERNAME", + "value": "${USERNAME}" + }, + { + "name": "PASSWORD", + "value": "${PASSWORD}" + }, + { + "name": "OPENSHIFT_KUBE_PING_LABELS", + "value": "application=${APPLICATION_NAME}" + }, + { + "name": "OPENSHIFT_KUBE_PING_NAMESPACE", + "valueFrom": { + "fieldRef": { + "fieldPath": "metadata.namespace" + } + } + }, + { + "name": "INFINISPAN_CONNECTORS", + "value": "${INFINISPAN_CONNECTORS}" + }, + { + "name": "CACHE_NAMES", + "value": "${CACHE_NAMES}" + }, + { + "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH", + "value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}" + }, + { + "name": "HOTROD_SERVICE_NAME", + "value": "${APPLICATION_NAME}-hotrod" + }, + { + "name": "MEMCACHED_CACHE", + "value": "${MEMCACHED_CACHE}" + }, + { + "name": "REST_SECURITY_DOMAIN", + "value": "${REST_SECURITY_DOMAIN}" + }, + { + "name": "JGROUPS_CLUSTER_PASSWORD", + "value": "${JGROUPS_CLUSTER_PASSWORD}" + } + ] + } + ] + } + } + } + } + ] +} diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/datagrid65-https.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/datagrid65-https.json new file mode 100644 index 000000000..033e70063 --- /dev/null +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/datagrid65-https.json @@ -0,0 +1,501 @@ +{ + "kind": "Template", + "apiVersion": "v1", + "metadata": { + "annotations": { + "iconClass": "icon-jboss", + "description": "Application template for JDG 6.5 applications.", + "tags": "datagrid,jboss,xpaas", + "version": "1.2.0" + }, + "name": "datagrid65-https" + }, + "labels": { + "template": "datagrid65-https", + "xpaas": "1.2.0" + }, + "parameters": [ + { + "description": "The name for the application.", + "name": "APPLICATION_NAME", + "value": "datagrid-app", + "required": true + }, + { + "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>", + "name": "HOSTNAME_HTTP", + "value": "", + "required": false + }, + { + "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>", + "name": "HOSTNAME_HTTPS", + "value": "", + "required": false + }, + { + "description": "User name for JDG user.", + "name": "USERNAME", + "value": "", + "required": false + }, + { + "description": "Password for JDG user.", + "name": "PASSWORD", + "value": "", + "required": false + }, + { + "description": "The name of the secret containing the keystore file", + "name": "HTTPS_SECRET", + "value": "datagrid-app-secret", + "required": true + }, + { + "description": "The name of the keystore file within the secret", + "name": "HTTPS_KEYSTORE", + "value": "keystore.jks", + "required": false + }, + { + "description": "The name associated with the server certificate", + "name": "HTTPS_NAME", + "value": "", + "required": false + }, + { + "description": "The password for the keystore and certificate", + "name": "HTTPS_PASSWORD", + "value": "", + "required": false + }, + { + "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.", + "name": "IMAGE_STREAM_NAMESPACE", + "value": "openshift", + "required": true + }, + { + "description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')", + "name": "INFINISPAN_CONNECTORS", + "value": "hotrod,memcached,rest", + "required": false + }, + { + "description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configured for each entry.", + "name": "CACHE_NAMES", + "value": "", + "required": false + }, + { + "description": "", + "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH", + "value": "", + "required": false + }, + { + "description": "The name of the cache to expose through this memcached connector (defaults to 'default')", + "name": "MEMCACHED_CACHE", + "value": "default", + "required": false + }, + { + "description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint", + "name": "REST_SECURITY_DOMAIN", + "value": "", + "required": false + }, + { + "description": "The name of the secret containing the keystore file", + "name": "JGROUPS_ENCRYPT_SECRET", + "value": "datagrid-app-secret", + "required": false + }, + { + "description": "The name of the keystore file within the secret", + "name": "JGROUPS_ENCRYPT_KEYSTORE", + "value": "jgroups.jceks", + "required": false + }, + { + "description": "The name associated with the server certificate", + "name": "JGROUPS_ENCRYPT_NAME", + "value": "", + "required": false + }, + { + "description": "The password for the keystore and certificate", + "name": "JGROUPS_ENCRYPT_PASSWORD", + "value": "", + "required": false + }, + { + "description": "JGroups cluster password", + "name": "JGROUPS_CLUSTER_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + } + ], + "objects": [ + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8080, + "targetPort": 8080 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's HTTP port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8443, + "targetPort": 8443 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's HTTPS port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 11211, + "targetPort": 11211 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-memcached", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Memcached service for clustered applications." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 11333, + "targetPort": 11333 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-hotrod", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Hot Rod service for clustered applications." + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-http", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's HTTP service." + } + }, + "spec": { + "host": "${HOSTNAME_HTTP}", + "to": { + "name": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-https", + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's HTTPS service." + } + }, + "spec": { + "host": "${HOSTNAME_HTTPS}", + "to": { + "name": "secure-${APPLICATION_NAME}" + }, + "tls": { + "termination": "passthrough" + } + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}" + ], + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "jboss-datagrid65-openshift:1.2" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "serviceAccount": "datagrid-service-account", + "terminationGracePeriodSeconds": 60, + "containers": [ + { + "name": "${APPLICATION_NAME}", + "image": "jboss-datagrid65-openshift", + "imagePullPolicy": "Always", + "volumeMounts": [ + { + "name": "datagrid-keystore-volume", + "mountPath": "/etc/datagrid-secret-volume", + "readOnly": true + }, + { + "name": "datagrid-jgroups-keystore-volume", + "mountPath": "/etc/jgroups-encrypt-secret-volume", + "readOnly": true + } + ], + "livenessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/datagrid/bin/livenessProbe.sh" + ] + } + }, + "readinessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/datagrid/bin/readinessProbe.sh" + ] + } + }, + "ports": [ + { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, + { + "name": "http", + "containerPort": 8080, + "protocol": "TCP" + }, + { + "name": "https", + "containerPort": 8443, + "protocol": "TCP" + }, + { + "name": "ping", + "containerPort": 8888, + "protocol": "TCP" + }, + { + "name": "memcached", + "containerPort": 11211, + "protocol": "TCP" + }, + { + "name": "hotrod", + "containerPort": 11222, + "protocol": "TCP" + } + ], + "env": [ + { + "name": "USERNAME", + "value": "${USERNAME}" + }, + { + "name": "PASSWORD", + "value": "${PASSWORD}" + }, + { + "name": "HTTPS_KEYSTORE_DIR", + "value": "/etc/datagrid-secret-volume" + }, + { + "name": "HTTPS_KEYSTORE", + "value": "${HTTPS_KEYSTORE}" + }, + { + "name": "HTTPS_NAME", + "value": "${HTTPS_NAME}" + }, + { + "name": "HTTPS_PASSWORD", + "value": "${HTTPS_PASSWORD}" + }, + { + "name": "OPENSHIFT_KUBE_PING_LABELS", + "value": "application=${APPLICATION_NAME}" + }, + { + "name": "OPENSHIFT_KUBE_PING_NAMESPACE", + "valueFrom": { + "fieldRef": { + "fieldPath": "metadata.namespace" + } + } + }, + { + "name": "INFINISPAN_CONNECTORS", + "value": "${INFINISPAN_CONNECTORS}" + }, + { + "name": "CACHE_NAMES", + "value": "${CACHE_NAMES}" + }, + { + "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH", + "value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}" + }, + { + "name": "HOTROD_SERVICE_NAME", + "value": "${APPLICATION_NAME}-hotrod" + }, + { + "name": "MEMCACHED_CACHE", + "value": "${MEMCACHED_CACHE}" + }, + { + "name": "REST_SECURITY_DOMAIN", + "value": "${REST_SECURITY_DOMAIN}" + }, + { + "name": "JGROUPS_ENCRYPT_SECRET", + "value": "${JGROUPS_ENCRYPT_SECRET}" + }, + { + "name": "JGROUPS_ENCRYPT_KEYSTORE", + "value": "${JGROUPS_ENCRYPT_KEYSTORE}" + }, + { + "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR", + "value": "/etc/jgroups-encrypt-secret-volume" + }, + { + "name": "JGROUPS_ENCRYPT_NAME", + "value": "${JGROUPS_ENCRYPT_NAME}" + }, + { + "name": "JGROUPS_ENCRYPT_PASSWORD", + "value": "${JGROUPS_ENCRYPT_PASSWORD}" + }, + { + "name": "JGROUPS_CLUSTER_PASSWORD", + "value": "${JGROUPS_CLUSTER_PASSWORD}" + } + ] + } + ], + "volumes": [ + { + "name": "datagrid-keystore-volume", + "secret": { + "secretName": "${HTTPS_SECRET}" + } + }, + { + "name": "datagrid-jgroups-keystore-volume", + "secret": { + "secretName": "${JGROUPS_ENCRYPT_SECRET}" + } + } + ] + } + } + } + } + ] +} diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/datagrid65-mysql-persistent.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/datagrid65-mysql-persistent.json new file mode 100644 index 000000000..05bc7c236 --- /dev/null +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/datagrid65-mysql-persistent.json @@ -0,0 +1,779 @@ +{ + "kind": "Template", + "apiVersion": "v1", + "metadata": { + "annotations": { + "iconClass": "icon-jboss", + "description": "Application template for JDG 6.5 and MySQL applications with persistent storage.", + "tags": "datagrid,jboss,xpaas", + "version": "1.2.0" + }, + "name": "datagrid65-mysql-persistent" + }, + "labels": { + "template": "datagrid65-mysql-persistent", + "xpaas": "1.2.0" + }, + "parameters": [ + { + "description": "The name for the application.", + "name": "APPLICATION_NAME", + "value": "datagrid-app", + "required": true + }, + { + "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>", + "name": "HOSTNAME_HTTP", + "value": "", + "required": false + }, + { + "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>", + "name": "HOSTNAME_HTTPS", + "value": "", + "required": false + }, + { + "description": "User name for JDG user.", + "name": "USERNAME", + "value": "", + "required": false + }, + { + "description": "Password for JDG user.", + "name": "PASSWORD", + "value": "", + "required": false + }, + { + "description": "The name of the secret containing the keystore file", + "name": "HTTPS_SECRET", + "value": "datagrid-app-secret", + "required": true + }, + { + "description": "The name of the keystore file within the secret", + "name": "HTTPS_KEYSTORE", + "value": "keystore.jks", + "required": false + }, + { + "description": "The name associated with the server certificate", + "name": "HTTPS_NAME", + "value": "", + "required": false + }, + { + "description": "The password for the keystore and certificate", + "name": "HTTPS_PASSWORD", + "value": "", + "required": false + }, + { + "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql", + "name": "DB_JNDI", + "value": "java:/jboss/datasources/mysql", + "required": false + }, + { + "description": "Database name", + "name": "DB_DATABASE", + "value": "root", + "required": true + }, + { + "description": "Database user name", + "name": "DB_USERNAME", + "from": "user[a-zA-Z0-9]{3}", + "generate": "expression", + "required": true + }, + { + "description": "Database user password", + "name": "DB_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Sets xa-pool/min-pool-size for the configured datasource.", + "name": "DB_MIN_POOL_SIZE", + "required": false + }, + { + "description": "Sets xa-pool/max-pool-size for the configured datasource.", + "name": "DB_MAX_POOL_SIZE", + "required": false + }, + { + "description": "Sets transaction-isolation for the configured datasource.", + "name": "DB_TX_ISOLATION", + "required": false + }, + { + "description": "Sets how the table names are stored and compared.", + "name": "MYSQL_LOWER_CASE_TABLE_NAMES", + "required": false + }, + { + "description": "The maximum permitted number of simultaneous client connections.", + "name": "MYSQL_MAX_CONNECTIONS", + "required": false + }, + { + "description": "The minimum length of the word to be included in a FULLTEXT index.", + "name": "MYSQL_FT_MIN_WORD_LEN", + "required": false + }, + { + "description": "The maximum length of the word to be included in a FULLTEXT index.", + "name": "MYSQL_FT_MAX_WORD_LEN", + "required": false + }, + { + "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.", + "name": "MYSQL_AIO", + "required": false + }, + { + "description": "Size of persistent storage for database volume.", + "name": "VOLUME_CAPACITY", + "value": "512Mi", + "required": true + }, + { + "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.", + "name": "IMAGE_STREAM_NAMESPACE", + "value": "openshift", + "required": true + }, + { + "description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')", + "name": "INFINISPAN_CONNECTORS", + "value": "hotrod,memcached,rest", + "required": false + }, + { + "description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configured for each entry.", + "name": "CACHE_NAMES", + "value": "", + "required": false + }, + { + "description": "", + "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH", + "value": "", + "required": false + }, + { + "description": "The name of the cache to expose through this memcached connector (defaults to 'default')", + "name": "MEMCACHED_CACHE", + "value": "default", + "required": false + }, + { + "description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint", + "name": "REST_SECURITY_DOMAIN", + "value": "", + "required": false + }, + { + "description": "The name of the secret containing the keystore file", + "name": "JGROUPS_ENCRYPT_SECRET", + "value": "datagrid-app-secret", + "required": false + }, + { + "description": "The name of the keystore file within the secret", + "name": "JGROUPS_ENCRYPT_KEYSTORE", + "value": "jgroups.jceks", + "required": false + }, + { + "description": "The name associated with the server certificate", + "name": "JGROUPS_ENCRYPT_NAME", + "value": "", + "required": false + }, + { + "description": "The password for the keystore and certificate", + "name": "JGROUPS_ENCRYPT_PASSWORD", + "value": "", + "required": false + }, + { + "description": "JGroups cluster password", + "name": "JGROUPS_CLUSTER_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + } + ], + "objects": [ + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8080, + "targetPort": 8080 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's HTTP port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8443, + "targetPort": 8443 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's HTTPS port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 11211, + "targetPort": 11211 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-memcached", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Memcached service for clustered applications." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 11333, + "targetPort": 11333 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-hotrod", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Hot Rod service for clustered applications." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 3306, + "targetPort": 3306 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-mysql" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-mysql", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The database server's port." + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-http", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's HTTP service." + } + }, + "spec": { + "host": "${HOSTNAME_HTTP}", + "to": { + "name": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-https", + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's HTTPS service." + } + }, + "spec": { + "host": "${HOSTNAME_HTTPS}", + "to": { + "name": "secure-${APPLICATION_NAME}" + }, + "tls": { + "termination": "passthrough" + } + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}" + ], + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "jboss-datagrid65-openshift:1.2" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "serviceAccount": "datagrid-service-account", + "terminationGracePeriodSeconds": 60, + "containers": [ + { + "name": "${APPLICATION_NAME}", + "image": "jboss-datagrid65-openshift", + "imagePullPolicy": "Always", + "volumeMounts": [ + { + "name": "datagrid-keystore-volume", + "mountPath": "/etc/datagrid-secret-volume", + "readOnly": true + }, + { + "name": "datagrid-jgroups-keystore-volume", + "mountPath": "/etc/jgroups-encrypt-secret-volume", + "readOnly": true + } + ], + "livenessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/datagrid/bin/livenessProbe.sh" + ] + } + }, + "readinessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/datagrid/bin/readinessProbe.sh" + ] + } + }, + "ports": [ + { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, + { + "name": "http", + "containerPort": 8080, + "protocol": "TCP" + }, + { + "name": "https", + "containerPort": 8443, + "protocol": "TCP" + }, + { + "name": "ping", + "containerPort": 8888, + "protocol": "TCP" + }, + { + "name": "memcached", + "containerPort": 11211, + "protocol": "TCP" + }, + { + "name": "hotrod", + "containerPort": 11222, + "protocol": "TCP" + } + ], + "env": [ + { + "name": "USERNAME", + "value": "${USERNAME}" + }, + { + "name": "PASSWORD", + "value": "${PASSWORD}" + }, + { + "name": "HTTPS_KEYSTORE_DIR", + "value": "/etc/datagrid-secret-volume" + }, + { + "name": "HTTPS_KEYSTORE", + "value": "${HTTPS_KEYSTORE}" + }, + { + "name": "HTTPS_NAME", + "value": "${HTTPS_NAME}" + }, + { + "name": "HTTPS_PASSWORD", + "value": "${HTTPS_PASSWORD}" + }, + { + "name": "DB_SERVICE_PREFIX_MAPPING", + "value": "${APPLICATION_NAME}-mysql=DB" + }, + { + "name": "DB_JNDI", + "value": "${DB_JNDI}" + }, + { + "name": "DB_USERNAME", + "value": "${DB_USERNAME}" + }, + { + "name": "DB_PASSWORD", + "value": "${DB_PASSWORD}" + }, + { + "name": "DB_DATABASE", + "value": "${DB_DATABASE}" + }, + { + "name": "TX_DATABASE_PREFIX_MAPPING", + "value": "${APPLICATION_NAME}-mysql=DB" + }, + { + "name": "DB_MIN_POOL_SIZE", + "value": "${DB_MIN_POOL_SIZE}" + }, + { + "name": "DB_MAX_POOL_SIZE", + "value": "${DB_MAX_POOL_SIZE}" + }, + { + "name": "DB_TX_ISOLATION", + "value": "${DB_TX_ISOLATION}" + }, + { + "name": "DEFAULT_JDBC_STORE_TYPE", + "value": "string" + }, + { + "name": "DEFAULT_JDBC_STORE_DATASOURCE", + "value": "${DB_JNDI}" + }, + { + "name": "MEMCACHED_JDBC_STORE_TYPE", + "value": "string" + }, + { + "name": "MEMCACHED_JDBC_STORE_DATASOURCE", + "value": "${DB_JNDI}" + }, + { + "name": "OPENSHIFT_KUBE_PING_LABELS", + "value": "application=${APPLICATION_NAME}" + }, + { + "name": "OPENSHIFT_KUBE_PING_NAMESPACE", + "valueFrom": { + "fieldRef": { + "fieldPath": "metadata.namespace" + } + } + }, + { + "name": "INFINISPAN_CONNECTORS", + "value": "${INFINISPAN_CONNECTORS}" + }, + { + "name": "CACHE_NAMES", + "value": "${CACHE_NAMES}" + }, + { + "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH", + "value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}" + }, + { + "name": "HOTROD_SERVICE_NAME", + "value": "${APPLICATION_NAME}-hotrod" + }, + { + "name": "MEMCACHED_CACHE", + "value": "${MEMCACHED_CACHE}" + }, + { + "name": "REST_SECURITY_DOMAIN", + "value": "${REST_SECURITY_DOMAIN}" + }, + { + "name": "JGROUPS_ENCRYPT_SECRET", + "value": "${JGROUPS_ENCRYPT_SECRET}" + }, + { + "name": "JGROUPS_ENCRYPT_KEYSTORE", + "value": "${JGROUPS_ENCRYPT_KEYSTORE}" + }, + { + "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR", + "value": "/etc/jgroups-encrypt-secret-volume" + }, + { + "name": "JGROUPS_ENCRYPT_NAME", + "value": "${JGROUPS_ENCRYPT_NAME}" + }, + { + "name": "JGROUPS_ENCRYPT_PASSWORD", + "value": "${JGROUPS_ENCRYPT_PASSWORD}" + }, + { + "name": "JGROUPS_CLUSTER_PASSWORD", + "value": "${JGROUPS_CLUSTER_PASSWORD}" + } + ] + } + ], + "volumes": [ + { + "name": "datagrid-keystore-volume", + "secret": { + "secretName": "${HTTPS_SECRET}" + } + }, + { + "name": "datagrid-jgroups-keystore-volume", + "secret": { + "secretName": "${JGROUPS_ENCRYPT_SECRET}" + } + } + ] + } + } + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}-mysql", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}-mysql" + ], + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "mysql:latest" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-mysql" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}-mysql", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}-mysql", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "containers": [ + { + "name": "${APPLICATION_NAME}-mysql", + "image": "mysql", + "imagePullPolicy": "Always", + "ports": [ + { + "containerPort": 3306, + "protocol": "TCP" + } + ], + "volumeMounts": [ + { + "mountPath": "/var/lib/mysql/data", + "name": "${APPLICATION_NAME}-mysql-pvol" + } + ], + "env": [ + { + "name": "MYSQL_USER", + "value": "${DB_USERNAME}" + }, + { + "name": "MYSQL_PASSWORD", + "value": "${DB_PASSWORD}" + }, + { + "name": "MYSQL_DATABASE", + "value": "${DB_DATABASE}" + }, + { + "name": "MYSQL_LOWER_CASE_TABLE_NAMES", + "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}" + }, + { + "name": "MYSQL_MAX_CONNECTIONS", + "value": "${MYSQL_MAX_CONNECTIONS}" + }, + { + "name": "MYSQL_FT_MIN_WORD_LEN", + "value": "${MYSQL_FT_MIN_WORD_LEN}" + }, + { + "name": "MYSQL_FT_MAX_WORD_LEN", + "value": "${MYSQL_FT_MAX_WORD_LEN}" + }, + { + "name": "MYSQL_AIO", + "value": "${MYSQL_AIO}" + } + ] + } + ], + "volumes": [ + { + "name": "${APPLICATION_NAME}-mysql-pvol", + "persistentVolumeClaim": { + "claimName": "${APPLICATION_NAME}-mysql-claim" + } + } + ] + } + } + } + }, + { + "apiVersion": "v1", + "kind": "PersistentVolumeClaim", + "metadata": { + "name": "${APPLICATION_NAME}-mysql-claim", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "accessModes": [ + "ReadWriteOnce" + ], + "resources": { + "requests": { + "storage": "${VOLUME_CAPACITY}" + } + } + } + } + ] +} diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/datagrid65-mysql.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/datagrid65-mysql.json new file mode 100644 index 000000000..1856c8dc2 --- /dev/null +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/datagrid65-mysql.json @@ -0,0 +1,739 @@ +{ + "kind": "Template", + "apiVersion": "v1", + "metadata": { + "annotations": { + "iconClass": "icon-jboss", + "description": "Application template for JDG 6.5 and MySQL applications.", + "tags": "datagrid,jboss,xpaas", + "version": "1.2.0" + }, + "name": "datagrid65-mysql" + }, + "labels": { + "template": "datagrid65-mysql", + "xpaas": "1.2.0" + }, + "parameters": [ + { + "description": "The name for the application.", + "name": "APPLICATION_NAME", + "value": "datagrid-app", + "required": true + }, + { + "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>", + "name": "HOSTNAME_HTTP", + "value": "", + "required": false + }, + { + "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>", + "name": "HOSTNAME_HTTPS", + "value": "", + "required": false + }, + { + "description": "User name for JDG user.", + "name": "USERNAME", + "value": "", + "required": false + }, + { + "description": "Password for JDG user.", + "name": "PASSWORD", + "value": "", + "required": false + }, + { + "description": "The name of the secret containing the keystore file", + "name": "HTTPS_SECRET", + "value": "datagrid-app-secret", + "required": true + }, + { + "description": "The name of the keystore file within the secret", + "name": "HTTPS_KEYSTORE", + "value": "keystore.jks", + "required": false + }, + { + "description": "The name associated with the server certificate", + "name": "HTTPS_NAME", + "value": "", + "required": false + }, + { + "description": "The password for the keystore and certificate", + "name": "HTTPS_PASSWORD", + "value": "", + "required": false + }, + { + "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql", + "name": "DB_JNDI", + "value": "java:/jboss/datasources/mysql", + "required": false + }, + { + "description": "Database name", + "name": "DB_DATABASE", + "value": "root", + "required": true + }, + { + "description": "Database user name", + "name": "DB_USERNAME", + "from": "user[a-zA-Z0-9]{3}", + "generate": "expression", + "required": true + }, + { + "description": "Database user password", + "name": "DB_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Sets xa-pool/min-pool-size for the configured datasource.", + "name": "DB_MIN_POOL_SIZE", + "required": false + }, + { + "description": "Sets xa-pool/max-pool-size for the configured datasource.", + "name": "DB_MAX_POOL_SIZE", + "required": false + }, + { + "description": "Sets transaction-isolation for the configured datasource.", + "name": "DB_TX_ISOLATION", + "required": false + }, + { + "description": "Sets how the table names are stored and compared.", + "name": "MYSQL_LOWER_CASE_TABLE_NAMES", + "required": false + }, + { + "description": "The maximum permitted number of simultaneous client connections.", + "name": "MYSQL_MAX_CONNECTIONS", + "required": false + }, + { + "description": "The minimum length of the word to be included in a FULLTEXT index.", + "name": "MYSQL_FT_MIN_WORD_LEN", + "required": false + }, + { + "description": "The maximum length of the word to be included in a FULLTEXT index.", + "name": "MYSQL_FT_MAX_WORD_LEN", + "required": false + }, + { + "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.", + "name": "MYSQL_AIO", + "required": false + }, + { + "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.", + "name": "IMAGE_STREAM_NAMESPACE", + "value": "openshift", + "required": true + }, + { + "description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')", + "name": "INFINISPAN_CONNECTORS", + "value": "hotrod,memcached,rest", + "required": false + }, + { + "description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configured for each entry.", + "name": "CACHE_NAMES", + "value": "", + "required": false + }, + { + "description": "", + "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH", + "value": "", + "required": false + }, + { + "description": "The name of the cache to expose through this memcached connector (defaults to 'default')", + "name": "MEMCACHED_CACHE", + "value": "default", + "required": false + }, + { + "description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint", + "name": "REST_SECURITY_DOMAIN", + "value": "", + "required": false + }, + { + "description": "The name of the secret containing the keystore file", + "name": "JGROUPS_ENCRYPT_SECRET", + "value": "datagrid-app-secret", + "required": false + }, + { + "description": "The name of the keystore file within the secret", + "name": "JGROUPS_ENCRYPT_KEYSTORE", + "value": "jgroups.jceks", + "required": false + }, + { + "description": "The name associated with the server certificate", + "name": "JGROUPS_ENCRYPT_NAME", + "value": "", + "required": false + }, + { + "description": "The password for the keystore and certificate", + "name": "JGROUPS_ENCRYPT_PASSWORD", + "value": "", + "required": false + }, + { + "description": "JGroups cluster password", + "name": "JGROUPS_CLUSTER_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + } + ], + "objects": [ + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8080, + "targetPort": 8080 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's HTTP port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8443, + "targetPort": 8443 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's HTTPS port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 11211, + "targetPort": 11211 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-memcached", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Memcached service for clustered applications." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 11333, + "targetPort": 11333 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-hotrod", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Hot Rod service for clustered applications." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 3306, + "targetPort": 3306 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-mysql" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-mysql", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The database server's port." + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-http", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's HTTP service." + } + }, + "spec": { + "host": "${HOSTNAME_HTTP}", + "to": { + "name": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-https", + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's HTTPS service." + } + }, + "spec": { + "host": "${HOSTNAME_HTTPS}", + "to": { + "name": "secure-${APPLICATION_NAME}" + }, + "tls": { + "termination": "passthrough" + } + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}" + ], + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "jboss-datagrid65-openshift:1.2" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "serviceAccount": "datagrid-service-account", + "terminationGracePeriodSeconds": 60, + "containers": [ + { + "name": "${APPLICATION_NAME}", + "image": "jboss-datagrid65-openshift", + "imagePullPolicy": "Always", + "volumeMounts": [ + { + "name": "datagrid-keystore-volume", + "mountPath": "/etc/datagrid-secret-volume", + "readOnly": true + }, + { + "name": "datagrid-jgroups-keystore-volume", + "mountPath": "/etc/jgroups-encrypt-secret-volume", + "readOnly": true + } + ], + "livenessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/datagrid/bin/livenessProbe.sh" + ] + } + }, + "readinessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/datagrid/bin/readinessProbe.sh" + ] + } + }, + "ports": [ + { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, + { + "name": "http", + "containerPort": 8080, + "protocol": "TCP" + }, + { + "name": "https", + "containerPort": 8443, + "protocol": "TCP" + }, + { + "name": "ping", + "containerPort": 8888, + "protocol": "TCP" + }, + { + "name": "memcached", + "containerPort": 11211, + "protocol": "TCP" + }, + { + "name": "hotrod", + "containerPort": 11222, + "protocol": "TCP" + } + ], + "env": [ + { + "name": "USERNAME", + "value": "${USERNAME}" + }, + { + "name": "PASSWORD", + "value": "${PASSWORD}" + }, + { + "name": "HTTPS_KEYSTORE_DIR", + "value": "/etc/datagrid-secret-volume" + }, + { + "name": "HTTPS_KEYSTORE", + "value": "${HTTPS_KEYSTORE}" + }, + { + "name": "HTTPS_NAME", + "value": "${HTTPS_NAME}" + }, + { + "name": "HTTPS_PASSWORD", + "value": "${HTTPS_PASSWORD}" + }, + { + "name": "DB_SERVICE_PREFIX_MAPPING", + "value": "${APPLICATION_NAME}-mysql=DB" + }, + { + "name": "DB_JNDI", + "value": "${DB_JNDI}" + }, + { + "name": "DB_USERNAME", + "value": "${DB_USERNAME}" + }, + { + "name": "DB_PASSWORD", + "value": "${DB_PASSWORD}" + }, + { + "name": "DB_DATABASE", + "value": "${DB_DATABASE}" + }, + { + "name": "TX_DATABASE_PREFIX_MAPPING", + "value": "${APPLICATION_NAME}-mysql=DB" + }, + { + "name": "DB_MIN_POOL_SIZE", + "value": "${DB_MIN_POOL_SIZE}" + }, + { + "name": "DB_MAX_POOL_SIZE", + "value": "${DB_MAX_POOL_SIZE}" + }, + { + "name": "DB_TX_ISOLATION", + "value": "${DB_TX_ISOLATION}" + }, + { + "name": "DEFAULT_JDBC_STORE_TYPE", + "value": "string" + }, + { + "name": "DEFAULT_JDBC_STORE_DATASOURCE", + "value": "${DB_JNDI}" + }, + { + "name": "MEMCACHED_JDBC_STORE_TYPE", + "value": "string" + }, + { + "name": "MEMCACHED_JDBC_STORE_DATASOURCE", + "value": "${DB_JNDI}" + }, + { + "name": "OPENSHIFT_KUBE_PING_LABELS", + "value": "application=${APPLICATION_NAME}" + }, + { + "name": "OPENSHIFT_KUBE_PING_NAMESPACE", + "valueFrom": { + "fieldRef": { + "fieldPath": "metadata.namespace" + } + } + }, + { + "name": "INFINISPAN_CONNECTORS", + "value": "${INFINISPAN_CONNECTORS}" + }, + { + "name": "CACHE_NAMES", + "value": "${CACHE_NAMES}" + }, + { + "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH", + "value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}" + }, + { + "name": "HOTROD_SERVICE_NAME", + "value": "${APPLICATION_NAME}-hotrod" + }, + { + "name": "MEMCACHED_CACHE", + "value": "${MEMCACHED_CACHE}" + }, + { + "name": "REST_SECURITY_DOMAIN", + "value": "${REST_SECURITY_DOMAIN}" + }, + { + "name": "JGROUPS_ENCRYPT_SECRET", + "value": "${JGROUPS_ENCRYPT_SECRET}" + }, + { + "name": "JGROUPS_ENCRYPT_KEYSTORE", + "value": "${JGROUPS_ENCRYPT_KEYSTORE}" + }, + { + "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR", + "value": "/etc/jgroups-encrypt-secret-volume" + }, + { + "name": "JGROUPS_ENCRYPT_NAME", + "value": "${JGROUPS_ENCRYPT_NAME}" + }, + { + "name": "JGROUPS_ENCRYPT_PASSWORD", + "value": "${JGROUPS_ENCRYPT_PASSWORD}" + }, + { + "name": "JGROUPS_CLUSTER_PASSWORD", + "value": "${JGROUPS_CLUSTER_PASSWORD}" + } + ] + } + ], + "volumes": [ + { + "name": "datagrid-keystore-volume", + "secret": { + "secretName": "${HTTPS_SECRET}" + } + }, + { + "name": "datagrid-jgroups-keystore-volume", + "secret": { + "secretName": "${JGROUPS_ENCRYPT_SECRET}" + } + } + ] + } + } + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}-mysql", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}-mysql" + ], + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "mysql:latest" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-mysql" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}-mysql", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}-mysql", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "containers": [ + { + "name": "${APPLICATION_NAME}-mysql", + "image": "mysql", + "imagePullPolicy": "Always", + "ports": [ + { + "containerPort": 3306, + "protocol": "TCP" + } + ], + "env": [ + { + "name": "MYSQL_USER", + "value": "${DB_USERNAME}" + }, + { + "name": "MYSQL_PASSWORD", + "value": "${DB_PASSWORD}" + }, + { + "name": "MYSQL_DATABASE", + "value": "${DB_DATABASE}" + }, + { + "name": "MYSQL_LOWER_CASE_TABLE_NAMES", + "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}" + }, + { + "name": "MYSQL_MAX_CONNECTIONS", + "value": "${MYSQL_MAX_CONNECTIONS}" + }, + { + "name": "MYSQL_FT_MIN_WORD_LEN", + "value": "${MYSQL_FT_MIN_WORD_LEN}" + }, + { + "name": "MYSQL_FT_MAX_WORD_LEN", + "value": "${MYSQL_FT_MAX_WORD_LEN}" + }, + { + "name": "MYSQL_AIO", + "value": "${MYSQL_AIO}" + } + ] + } + ] + } + } + } + } + ] +} diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/datagrid65-postgresql-persistent.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/datagrid65-postgresql-persistent.json new file mode 100644 index 000000000..10d0f77ce --- /dev/null +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/datagrid65-postgresql-persistent.json @@ -0,0 +1,752 @@ +{ + "kind": "Template", + "apiVersion": "v1", + "metadata": { + "annotations": { + "iconClass": "icon-jboss", + "description": "Application template for JDG 6.5 and PostgreSQL applications with persistent storage.", + "tags": "datagrid,jboss,xpaas", + "version": "1.2.0" + }, + "name": "datagrid65-postgresql-persistent" + }, + "labels": { + "template": "datagrid65-postgresql-persistent", + "xpaas": "1.2.0" + }, + "parameters": [ + { + "description": "The name for the application.", + "name": "APPLICATION_NAME", + "value": "datagrid-app", + "required": true + }, + { + "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>", + "name": "HOSTNAME_HTTP", + "value": "", + "required": false + }, + { + "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>", + "name": "HOSTNAME_HTTPS", + "value": "", + "required": false + }, + { + "description": "User name for JDG user.", + "name": "USERNAME", + "value": "", + "required": false + }, + { + "description": "Password for JDG user.", + "name": "PASSWORD", + "value": "", + "required": false + }, + { + "description": "The name of the secret containing the keystore file", + "name": "HTTPS_SECRET", + "value": "datagrid-app-secret", + "required": true + }, + { + "description": "The name of the keystore file within the secret", + "name": "HTTPS_KEYSTORE", + "value": "keystore.jks", + "required": false + }, + { + "description": "The name associated with the server certificate", + "name": "HTTPS_NAME", + "value": "", + "required": false + }, + { + "description": "The password for the keystore and certificate", + "name": "HTTPS_PASSWORD", + "value": "", + "required": false + }, + { + "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql", + "name": "DB_JNDI", + "value": "java:jboss/datasources/postgresql", + "required": false + }, + { + "description": "Database name", + "name": "DB_DATABASE", + "value": "root", + "required": true + }, + { + "description": "Database user name", + "name": "DB_USERNAME", + "from": "user[a-zA-Z0-9]{3}", + "generate": "expression", + "required": true + }, + { + "description": "Database user password", + "name": "DB_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Sets xa-pool/min-pool-size for the configured datasource.", + "name": "DB_MIN_POOL_SIZE", + "required": false + }, + { + "description": "Sets xa-pool/max-pool-size for the configured datasource.", + "name": "DB_MAX_POOL_SIZE", + "required": false + }, + { + "description": "Sets transaction-isolation for the configured datasource.", + "name": "DB_TX_ISOLATION", + "required": false + }, + { + "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.", + "name": "POSTGRESQL_MAX_CONNECTIONS", + "required": false + }, + { + "description": "Configures how much memory is dedicated to PostgreSQL for caching data.", + "name": "POSTGRESQL_SHARED_BUFFERS", + "required": false + }, + { + "description": "Size of persistent storage for database volume.", + "name": "VOLUME_CAPACITY", + "value": "512Mi", + "required": true + }, + { + "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.", + "name": "IMAGE_STREAM_NAMESPACE", + "value": "openshift", + "required": true + }, + { + "description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')", + "name": "INFINISPAN_CONNECTORS", + "value": "hotrod,memcached,rest", + "required": false + }, + { + "description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configured for each entry.", + "name": "CACHE_NAMES", + "value": "", + "required": false + }, + { + "description": "", + "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH", + "value": "", + "required": false + }, + { + "description": "The name of the cache to expose through this memcached connector (defaults to 'default')", + "name": "MEMCACHED_CACHE", + "value": "default", + "required": false + }, + { + "description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint", + "name": "REST_SECURITY_DOMAIN", + "value": "", + "required": false + }, + { + "description": "The name of the secret containing the keystore file", + "name": "JGROUPS_ENCRYPT_SECRET", + "value": "datagrid-app-secret", + "required": false + }, + { + "description": "The name of the keystore file within the secret", + "name": "JGROUPS_ENCRYPT_KEYSTORE", + "value": "jgroups.jceks", + "required": false + }, + { + "description": "The name associated with the server certificate", + "name": "JGROUPS_ENCRYPT_NAME", + "value": "", + "required": false + }, + { + "description": "The password for the keystore and certificate", + "name": "JGROUPS_ENCRYPT_PASSWORD", + "value": "", + "required": false + }, + { + "description": "JGroups cluster password", + "name": "JGROUPS_CLUSTER_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + } + ], + "objects": [ + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8080, + "targetPort": 8080 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's HTTP port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8443, + "targetPort": 8443 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's HTTPS port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 11211, + "targetPort": 11211 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-memcached", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Memcached service for clustered applications." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 11333, + "targetPort": 11333 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-hotrod", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Hot Rod service for clustered applications." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 5432, + "targetPort": 5432 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-postgresql" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-postgresql", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The database server's port." + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-http", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's HTTP service." + } + }, + "spec": { + "host": "${HOSTNAME_HTTP}", + "to": { + "name": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-https", + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's HTTPS service." + } + }, + "spec": { + "host": "${HOSTNAME_HTTPS}", + "to": { + "name": "secure-${APPLICATION_NAME}" + }, + "tls": { + "termination": "passthrough" + } + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}" + ], + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "jboss-datagrid65-openshift:1.2" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "serviceAccount": "datagrid-service-account", + "terminationGracePeriodSeconds": 60, + "containers": [ + { + "name": "${APPLICATION_NAME}", + "image": "jboss-datagrid65-openshift", + "imagePullPolicy": "Always", + "volumeMounts": [ + { + "name": "datagrid-keystore-volume", + "mountPath": "/etc/datagrid-secret-volume", + "readOnly": true + }, + { + "name": "datagrid-jgroups-keystore-volume", + "mountPath": "/etc/jgroups-encrypt-secret-volume", + "readOnly": true + } + ], + "livenessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/datagrid/bin/livenessProbe.sh" + ] + } + }, + "readinessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/datagrid/bin/readinessProbe.sh" + ] + } + }, + "ports": [ + { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, + { + "name": "http", + "containerPort": 8080, + "protocol": "TCP" + }, + { + "name": "https", + "containerPort": 8443, + "protocol": "TCP" + }, + { + "name": "ping", + "containerPort": 8888, + "protocol": "TCP" + }, + { + "name": "memcached", + "containerPort": 11211, + "protocol": "TCP" + }, + { + "name": "hotrod", + "containerPort": 11222, + "protocol": "TCP" + } + ], + "env": [ + { + "name": "USERNAME", + "value": "${USERNAME}" + }, + { + "name": "PASSWORD", + "value": "${PASSWORD}" + }, + { + "name": "HTTPS_KEYSTORE_DIR", + "value": "/etc/datagrid-secret-volume" + }, + { + "name": "HTTPS_KEYSTORE", + "value": "${HTTPS_KEYSTORE}" + }, + { + "name": "HTTPS_NAME", + "value": "${HTTPS_NAME}" + }, + { + "name": "HTTPS_PASSWORD", + "value": "${HTTPS_PASSWORD}" + }, + { + "name": "DB_SERVICE_PREFIX_MAPPING", + "value": "${APPLICATION_NAME}-postgresql=DB" + }, + { + "name": "DB_JNDI", + "value": "${DB_JNDI}" + }, + { + "name": "DB_USERNAME", + "value": "${DB_USERNAME}" + }, + { + "name": "DB_PASSWORD", + "value": "${DB_PASSWORD}" + }, + { + "name": "DB_DATABASE", + "value": "${DB_DATABASE}" + }, + { + "name": "TX_DATABASE_PREFIX_MAPPING", + "value": "${APPLICATION_NAME}-postgresql=DB" + }, + { + "name": "DB_MIN_POOL_SIZE", + "value": "${DB_MIN_POOL_SIZE}" + }, + { + "name": "DB_MAX_POOL_SIZE", + "value": "${DB_MAX_POOL_SIZE}" + }, + { + "name": "DB_TX_ISOLATION", + "value": "${DB_TX_ISOLATION}" + }, + { + "name": "DEFAULT_JDBC_STORE_TYPE", + "value": "string" + }, + { + "name": "DEFAULT_JDBC_STORE_DATASOURCE", + "value": "${DB_JNDI}" + }, + { + "name": "MEMCACHED_JDBC_STORE_TYPE", + "value": "string" + }, + { + "name": "MEMCACHED_JDBC_STORE_DATASOURCE", + "value": "${DB_JNDI}" + }, + { + "name": "OPENSHIFT_KUBE_PING_LABELS", + "value": "application=${APPLICATION_NAME}" + }, + { + "name": "OPENSHIFT_KUBE_PING_NAMESPACE", + "valueFrom": { + "fieldRef": { + "fieldPath": "metadata.namespace" + } + } + }, + { + "name": "INFINISPAN_CONNECTORS", + "value": "${INFINISPAN_CONNECTORS}" + }, + { + "name": "CACHE_NAMES", + "value": "${CACHE_NAMES}" + }, + { + "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH", + "value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}" + }, + { + "name": "HOTROD_SERVICE_NAME", + "value": "${APPLICATION_NAME}-hotrod" + }, + { + "name": "MEMCACHED_CACHE", + "value": "${MEMCACHED_CACHE}" + }, + { + "name": "REST_SECURITY_DOMAIN", + "value": "${REST_SECURITY_DOMAIN}" + }, + { + "name": "JGROUPS_ENCRYPT_SECRET", + "value": "${JGROUPS_ENCRYPT_SECRET}" + }, + { + "name": "JGROUPS_ENCRYPT_KEYSTORE", + "value": "${JGROUPS_ENCRYPT_KEYSTORE}" + }, + { + "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR", + "value": "/etc/jgroups-encrypt-secret-volume" + }, + { + "name": "JGROUPS_ENCRYPT_NAME", + "value": "${JGROUPS_ENCRYPT_NAME}" + }, + { + "name": "JGROUPS_ENCRYPT_PASSWORD", + "value": "${JGROUPS_ENCRYPT_PASSWORD}" + }, + { + "name": "JGROUPS_CLUSTER_PASSWORD", + "value": "${JGROUPS_CLUSTER_PASSWORD}" + } + ] + } + ], + "volumes": [ + { + "name": "datagrid-keystore-volume", + "secret": { + "secretName": "${HTTPS_SECRET}" + } + }, + { + "name": "datagrid-jgroups-keystore-volume", + "secret": { + "secretName": "${JGROUPS_ENCRYPT_SECRET}" + } + } + ] + } + } + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}-postgresql", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}-postgresql" + ], + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "postgresql:latest" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-postgresql" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}-postgresql", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}-postgresql", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "containers": [ + { + "name": "${APPLICATION_NAME}-postgresql", + "image": "postgresql", + "imagePullPolicy": "Always", + "ports": [ + { + "containerPort": 5432, + "protocol": "TCP" + } + ], + "volumeMounts": [ + { + "mountPath": "/var/lib/pgsql/data", + "name": "${APPLICATION_NAME}-postgresql-pvol" + } + ], + "env": [ + { + "name": "POSTGRESQL_USER", + "value": "${DB_USERNAME}" + }, + { + "name": "POSTGRESQL_PASSWORD", + "value": "${DB_PASSWORD}" + }, + { + "name": "POSTGRESQL_DATABASE", + "value": "${DB_DATABASE}" + }, + { + "name": "POSTGRESQL_MAX_CONNECTIONS", + "value": "${POSTGRESQL_MAX_CONNECTIONS}" + }, + { + "name": "POSTGRESQL_SHARED_BUFFERS", + "value": "${POSTGRESQL_SHARED_BUFFERS}" + } + ] + } + ], + "volumes": [ + { + "name": "${APPLICATION_NAME}-postgresql-pvol", + "persistentVolumeClaim": { + "claimName": "${APPLICATION_NAME}-postgresql-claim" + } + } + ] + } + } + } + }, + { + "apiVersion": "v1", + "kind": "PersistentVolumeClaim", + "metadata": { + "name": "${APPLICATION_NAME}-postgresql-claim", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "accessModes": [ + "ReadWriteOnce" + ], + "resources": { + "requests": { + "storage": "${VOLUME_CAPACITY}" + } + } + } + } + ] +} diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/datagrid65-postgresql.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/datagrid65-postgresql.json new file mode 100644 index 000000000..9dd378f92 --- /dev/null +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/datagrid65-postgresql.json @@ -0,0 +1,712 @@ +{ + "kind": "Template", + "apiVersion": "v1", + "metadata": { + "annotations": { + "iconClass": "icon-jboss", + "description": "Application template for JDG 6.5 and PostgreSQL applications built using.", + "tags": "datagrid,jboss,xpaas", + "version": "1.2.0" + }, + "name": "datagrid65-postgresql" + }, + "labels": { + "template": "datagrid65-postgresql", + "xpaas": "1.2.0" + }, + "parameters": [ + { + "description": "The name for the application.", + "name": "APPLICATION_NAME", + "value": "datagrid-app", + "required": true + }, + { + "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>", + "name": "HOSTNAME_HTTP", + "value": "", + "required": false + }, + { + "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>", + "name": "HOSTNAME_HTTPS", + "value": "", + "required": false + }, + { + "description": "User name for JDG user.", + "name": "USERNAME", + "value": "", + "required": false + }, + { + "description": "Password for JDG user.", + "name": "PASSWORD", + "value": "", + "required": false + }, + { + "description": "The name of the secret containing the keystore file", + "name": "HTTPS_SECRET", + "value": "datagrid-app-secret", + "required": true + }, + { + "description": "The name of the keystore file within the secret", + "name": "HTTPS_KEYSTORE", + "value": "keystore.jks", + "required": false + }, + { + "description": "The name associated with the server certificate", + "name": "HTTPS_NAME", + "value": "", + "required": false + }, + { + "description": "The password for the keystore and certificate", + "name": "HTTPS_PASSWORD", + "value": "", + "required": false + }, + { + "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql", + "name": "DB_JNDI", + "value": "java:jboss/datasources/postgresql", + "required": false + }, + { + "description": "Database name", + "name": "DB_DATABASE", + "value": "root", + "required": true + }, + { + "description": "Database user name", + "name": "DB_USERNAME", + "from": "user[a-zA-Z0-9]{3}", + "generate": "expression", + "required": true + }, + { + "description": "Database user password", + "name": "DB_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Sets xa-pool/min-pool-size for the configured datasource.", + "name": "DB_MIN_POOL_SIZE", + "required": false + }, + { + "description": "Sets xa-pool/max-pool-size for the configured datasource.", + "name": "DB_MAX_POOL_SIZE", + "required": false + }, + { + "description": "Sets transaction-isolation for the configured datasource.", + "name": "DB_TX_ISOLATION", + "required": false + }, + { + "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.", + "name": "POSTGRESQL_MAX_CONNECTIONS", + "required": false + }, + { + "description": "Configures how much memory is dedicated to PostgreSQL for caching data.", + "name": "POSTGRESQL_SHARED_BUFFERS", + "required": false + }, + { + "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.", + "name": "IMAGE_STREAM_NAMESPACE", + "value": "openshift", + "required": true + }, + { + "description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')", + "name": "INFINISPAN_CONNECTORS", + "value": "hotrod,memcached,rest", + "required": false + }, + { + "description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configurd for each entry.", + "name": "CACHE_NAMES", + "value": "", + "required": false + }, + { + "description": "", + "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH", + "value": "", + "required": false + }, + { + "description": "The name of the cache to expose through this memcached connector (defaults to 'default')", + "name": "MEMCACHED_CACHE", + "value": "default", + "required": false + }, + { + "description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint", + "name": "REST_SECURITY_DOMAIN", + "value": "", + "required": false + }, + { + "description": "The name of the secret containing the keystore file", + "name": "JGROUPS_ENCRYPT_SECRET", + "value": "datagrid-app-secret", + "required": false + }, + { + "description": "The name of the keystore file within the secret", + "name": "JGROUPS_ENCRYPT_KEYSTORE", + "value": "jgroups.jceks", + "required": false + }, + { + "description": "The name associated with the server certificate", + "name": "JGROUPS_ENCRYPT_NAME", + "value": "", + "required": false + }, + { + "description": "The password for the keystore and certificate", + "name": "JGROUPS_ENCRYPT_PASSWORD", + "value": "", + "required": false + }, + { + "description": "JGroups cluster password", + "name": "JGROUPS_CLUSTER_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + } + ], + "objects": [ + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8080, + "targetPort": 8080 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's HTTP port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8443, + "targetPort": 8443 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's HTTPS port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 11211, + "targetPort": 11211 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-memcached", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Memcached service for clustered applications." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 11333, + "targetPort": 11333 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-hotrod", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Hot Rod service for clustered applications." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 5432, + "targetPort": 5432 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-postgresql" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-postgresql", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The database server's port." + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-http", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's HTTP service." + } + }, + "spec": { + "host": "${HOSTNAME_HTTP}", + "to": { + "name": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-https", + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's HTTPS service." + } + }, + "spec": { + "host": "${HOSTNAME_HTTPS}", + "to": { + "name": "secure-${APPLICATION_NAME}" + }, + "tls": { + "termination": "passthrough" + } + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}" + ], + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "jboss-datagrid65-openshift:1.2" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "serviceAccount": "datagrid-service-account", + "terminationGracePeriodSeconds": 60, + "containers": [ + { + "name": "${APPLICATION_NAME}", + "image": "jboss-datagrid65-openshift", + "imagePullPolicy": "Always", + "volumeMounts": [ + { + "name": "datagrid-keystore-volume", + "mountPath": "/etc/datagrid-secret-volume", + "readOnly": true + }, + { + "name": "datagrid-jgroups-keystore-volume", + "mountPath": "/etc/jgroups-encrypt-secret-volume", + "readOnly": true + } + ], + "livenessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/datagrid/bin/livenessProbe.sh" + ] + } + }, + "readinessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/datagrid/bin/readinessProbe.sh" + ] + } + }, + "ports": [ + { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, + { + "name": "http", + "containerPort": 8080, + "protocol": "TCP" + }, + { + "name": "https", + "containerPort": 8443, + "protocol": "TCP" + }, + { + "name": "ping", + "containerPort": 8888, + "protocol": "TCP" + }, + { + "name": "memcached", + "containerPort": 11211, + "protocol": "TCP" + }, + { + "name": "hotrod", + "containerPort": 11222, + "protocol": "TCP" + } + ], + "env": [ + { + "name": "USERNAME", + "value": "${USERNAME}" + }, + { + "name": "PASSWORD", + "value": "${PASSWORD}" + }, + { + "name": "HTTPS_KEYSTORE_DIR", + "value": "/etc/datagrid-secret-volume" + }, + { + "name": "HTTPS_KEYSTORE", + "value": "${HTTPS_KEYSTORE}" + }, + { + "name": "HTTPS_NAME", + "value": "${HTTPS_NAME}" + }, + { + "name": "HTTPS_PASSWORD", + "value": "${HTTPS_PASSWORD}" + }, + { + "name": "DB_SERVICE_PREFIX_MAPPING", + "value": "${APPLICATION_NAME}-postgresql=DB" + }, + { + "name": "DB_JNDI", + "value": "${DB_JNDI}" + }, + { + "name": "DB_USERNAME", + "value": "${DB_USERNAME}" + }, + { + "name": "DB_PASSWORD", + "value": "${DB_PASSWORD}" + }, + { + "name": "DB_DATABASE", + "value": "${DB_DATABASE}" + }, + { + "name": "TX_DATABASE_PREFIX_MAPPING", + "value": "${APPLICATION_NAME}-postgresql=DB" + }, + { + "name": "DB_MIN_POOL_SIZE", + "value": "${DB_MIN_POOL_SIZE}" + }, + { + "name": "DB_MAX_POOL_SIZE", + "value": "${DB_MAX_POOL_SIZE}" + }, + { + "name": "DB_TX_ISOLATION", + "value": "${DB_TX_ISOLATION}" + }, + { + "name": "DEFAULT_JDBC_STORE_TYPE", + "value": "string" + }, + { + "name": "DEFAULT_JDBC_STORE_DATASOURCE", + "value": "${DB_JNDI}" + }, + { + "name": "MEMCACHED_JDBC_STORE_TYPE", + "value": "string" + }, + { + "name": "MEMCACHED_JDBC_STORE_DATASOURCE", + "value": "${DB_JNDI}" + }, + { + "name": "OPENSHIFT_KUBE_PING_LABELS", + "value": "application=${APPLICATION_NAME}" + }, + { + "name": "OPENSHIFT_KUBE_PING_NAMESPACE", + "valueFrom": { + "fieldRef": { + "fieldPath": "metadata.namespace" + } + } + }, + { + "name": "INFINISPAN_CONNECTORS", + "value": "${INFINISPAN_CONNECTORS}" + }, + { + "name": "CACHE_NAMES", + "value": "${CACHE_NAMES}" + }, + { + "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH", + "value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}" + }, + { + "name": "HOTROD_SERVICE_NAME", + "value": "${APPLICATION_NAME}-hotrod" + }, + { + "name": "MEMCACHED_CACHE", + "value": "${MEMCACHED_CACHE}" + }, + { + "name": "REST_SECURITY_DOMAIN", + "value": "${REST_SECURITY_DOMAIN}" + }, + { + "name": "JGROUPS_ENCRYPT_SECRET", + "value": "${JGROUPS_ENCRYPT_SECRET}" + }, + { + "name": "JGROUPS_ENCRYPT_KEYSTORE", + "value": "${JGROUPS_ENCRYPT_KEYSTORE}" + }, + { + "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR", + "value": "/etc/jgroups-encrypt-secret-volume" + }, + { + "name": "JGROUPS_ENCRYPT_NAME", + "value": "${JGROUPS_ENCRYPT_NAME}" + }, + { + "name": "JGROUPS_ENCRYPT_PASSWORD", + "value": "${JGROUPS_ENCRYPT_PASSWORD}" + }, + { + "name": "JGROUPS_CLUSTER_PASSWORD", + "value": "${JGROUPS_CLUSTER_PASSWORD}" + } + ] + } + ], + "volumes": [ + { + "name": "datagrid-keystore-volume", + "secret": { + "secretName": "${HTTPS_SECRET}" + } + }, + { + "name": "datagrid-jgroups-keystore-volume", + "secret": { + "secretName": "${JGROUPS_ENCRYPT_SECRET}" + } + } + ] + } + } + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}-postgresql", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}-postgresql" + ], + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "postgresql:latest" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-postgresql" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}-postgresql", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}-postgresql", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "containers": [ + { + "name": "${APPLICATION_NAME}-postgresql", + "image": "postgresql", + "imagePullPolicy": "Always", + "ports": [ + { + "containerPort": 5432, + "protocol": "TCP" + } + ], + "env": [ + { + "name": "POSTGRESQL_USER", + "value": "${DB_USERNAME}" + }, + { + "name": "POSTGRESQL_PASSWORD", + "value": "${DB_PASSWORD}" + }, + { + "name": "POSTGRESQL_DATABASE", + "value": "${DB_DATABASE}" + }, + { + "name": "POSTGRESQL_MAX_CONNECTIONS", + "value": "${POSTGRESQL_MAX_CONNECTIONS}" + }, + { + "name": "POSTGRESQL_SHARED_BUFFERS", + "value": "${POSTGRESQL_SHARED_BUFFERS}" + } + ] + } + ] + } + } + } + } + ] +} diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/decisionserver62-amq-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/decisionserver62-amq-s2i.json new file mode 100644 index 000000000..0c82eaa61 --- /dev/null +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/decisionserver62-amq-s2i.json @@ -0,0 +1,684 @@ +{ + "kind": "Template", + "apiVersion": "v1", + "metadata": { + "annotations": { + "description": "Application template for BRMS Realtime Decision Server 6 A-MQ applications built using S2I.", + "iconClass": "icon-jboss", + "tags": "decisionserver,amq,java,messaging,jboss,xpaas", + "version": "1.2.0" + }, + "name": "decisionserver62-amq-s2i" + }, + "labels": { + "template": "decisionserver62-amq-s2i", + "xpaas": "1.2.0" + }, + "parameters": [ + { + "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2", + "name": "KIE_CONTAINER_DEPLOYMENT", + "value": "HelloRulesContainer=org.openshift.quickstarts:decisionserver-hellorules:1.2.0.Final", + "required": false + }, + { + "description": "The user name to access the KIE Server REST or JMS interface.", + "name": "KIE_SERVER_USER", + "value": "kieserver", + "required": false + }, + { + "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).", + "name": "KIE_SERVER_PASSWORD", + "from": "[a-zA-Z]{6}[0-9]{1}!", + "generate": "expression", + "required": false + }, + { + "description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.", + "name": "KIE_SERVER_DOMAIN", + "value": "other", + "required": false + }, + { + "description": "JNDI name of response queue for JMS.", + "name": "KIE_SERVER_JMS_QUEUES_RESPONSE", + "value": "queue/KIE.SERVER.RESPONSE", + "required": false + }, + { + "description": "The name for the application.", + "name": "APPLICATION_NAME", + "value": "kie-app", + "required": true + }, + { + "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>", + "name": "HOSTNAME_HTTP", + "value": "", + "required": false + }, + { + "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>", + "name": "HOSTNAME_HTTPS", + "value": "", + "required": false + }, + { + "description": "Git source URI for application", + "name": "SOURCE_REPOSITORY_URL", + "value": "https://github.com/jboss-openshift/openshift-quickstarts.git", + "required": true + }, + { + "description": "Git branch/tag reference", + "name": "SOURCE_REPOSITORY_REF", + "value": "1.2", + "required": false + }, + { + "description": "Path within Git project to build; empty for root project directory.", + "name": "CONTEXT_DIR", + "value": "decisionserver/hellorules", + "required": false + }, + { + "description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/JmsXA", + "name": "MQ_JNDI", + "value": "java:/JmsXA", + "required": false + }, + { + "description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.", + "name": "MQ_PROTOCOL", + "value": "openwire", + "required": false + }, + { + "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.", + "name": "MQ_QUEUES", + "value": "KIE.SERVER.REQUEST,KIE.SERVER.RESPONSE", + "required": false + }, + { + "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.", + "name": "MQ_TOPICS", + "value": "", + "required": false + }, + { + "description": "The name of the secret containing the keystore file", + "name": "HTTPS_SECRET", + "value": "decisionserver-app-secret", + "required": false + }, + { + "description": "The name of the keystore file within the secret", + "name": "HTTPS_KEYSTORE", + "value": "keystore.jks", + "required": false + }, + { + "description": "The name associated with the server certificate", + "name": "HTTPS_NAME", + "value": "jboss", + "required": false + }, + { + "description": "The password for the keystore and certificate", + "name": "HTTPS_PASSWORD", + "value": "mykeystorepass", + "required": false + }, + { + "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.", + "name": "MQ_USERNAME", + "from": "user[a-zA-Z0-9]{3}", + "generate": "expression", + "required": false + }, + { + "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.", + "name": "MQ_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": false + }, + { + "description": "User name for broker admin. If left empty, it will be generated.", + "name": "AMQ_ADMIN_USERNAME", + "from": "user[a-zA-Z0-9]{3}", + "generate": "expression", + "required": true + }, + { + "description": "Password for broker admin. If left empty, it will be generated.", + "name": "AMQ_ADMIN_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "GitHub trigger secret", + "name": "GITHUB_WEBHOOK_SECRET", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Generic build trigger secret", + "name": "GENERIC_WEBHOOK_SECRET", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.", + "name": "IMAGE_STREAM_NAMESPACE", + "value": "openshift", + "required": true + } + ], + "objects": [ + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8080, + "targetPort": 8080 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's HTTP port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8443, + "targetPort": 8443 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's HTTPS port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 61616, + "targetPort": 61616 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-amq" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-amq-tcp", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The broker's OpenWire port." + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-http", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's HTTP service." + } + }, + "spec": { + "host": "${HOSTNAME_HTTP}", + "to": { + "name": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-https", + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's HTTPS service." + } + }, + "spec": { + "host": "${HOSTNAME_HTTPS}", + "to": { + "name": "secure-${APPLICATION_NAME}" + }, + "tls": { + "termination": "passthrough" + } + } + }, + { + "kind": "ImageStream", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "BuildConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "source": { + "type": "Git", + "git": { + "uri": "${SOURCE_REPOSITORY_URL}", + "ref": "${SOURCE_REPOSITORY_REF}" + }, + "contextDir": "${CONTEXT_DIR}" + }, + "strategy": { + "type": "Source", + "sourceStrategy": { + "env": [ + { + "name": "KIE_CONTAINER_DEPLOYMENT", + "value": "${KIE_CONTAINER_DEPLOYMENT}" + } + ], + "forcePull": true, + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "jboss-decisionserver62-openshift:1.2" + } + } + }, + "output": { + "to": { + "kind": "ImageStreamTag", + "name": "${APPLICATION_NAME}:latest" + } + }, + "triggers": [ + { + "type": "GitHub", + "github": { + "secret": "${GITHUB_WEBHOOK_SECRET}" + } + }, + { + "type": "Generic", + "generic": { + "secret": "${GENERIC_WEBHOOK_SECRET}" + } + }, + { + "type": "ImageChange", + "imageChange": {} + }, + { + "type": "ConfigChange" + } + ] + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}" + ], + "from": { + "kind": "ImageStream", + "name": "${APPLICATION_NAME}" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "serviceAccount": "decisionserver-service-account", + "terminationGracePeriodSeconds": 60, + "containers": [ + { + "name": "${APPLICATION_NAME}", + "image": "${APPLICATION_NAME}", + "imagePullPolicy": "Always", + "volumeMounts": [ + { + "name": "decisionserver-keystore-volume", + "mountPath": "/etc/decisionserver-secret-volume", + "readOnly": true + } + ], + "livenessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/eap/bin/livenessProbe.sh" + ] + } + }, + "readinessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/eap/bin/readinessProbe.sh" + ] + } + }, + "ports": [ + { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, + { + "name": "http", + "containerPort": 8080, + "protocol": "TCP" + }, + { + "name": "https", + "containerPort": 8443, + "protocol": "TCP" + }, + { + "name": "ping", + "containerPort": 8888, + "protocol": "TCP" + } + ], + "env": [ + { + "name": "KIE_CONTAINER_DEPLOYMENT", + "value": "${KIE_CONTAINER_DEPLOYMENT}" + }, + { + "name": "KIE_SERVER_USER", + "value": "${KIE_SERVER_USER}" + }, + { + "name": "KIE_SERVER_PASSWORD", + "value": "${KIE_SERVER_PASSWORD}" + }, + { + "name": "KIE_SERVER_DOMAIN", + "value": "${KIE_SERVER_DOMAIN}" + }, + { + "name": "KIE_SERVER_JMS_QUEUES_RESPONSE", + "value": "${KIE_SERVER_JMS_QUEUES_RESPONSE}" + }, + { + "name": "MQ_SERVICE_PREFIX_MAPPING", + "value": "${APPLICATION_NAME}-amq=MQ" + }, + { + "name": "MQ_JNDI", + "value": "${MQ_JNDI}" + }, + { + "name": "MQ_USERNAME", + "value": "${MQ_USERNAME}" + }, + { + "name": "MQ_PASSWORD", + "value": "${MQ_PASSWORD}" + }, + { + "name": "MQ_PROTOCOL", + "value": "tcp" + }, + { + "name": "MQ_QUEUES", + "value": "${MQ_QUEUES}" + }, + { + "name": "MQ_TOPICS", + "value": "${MQ_TOPICS}" + }, + { + "name": "HTTPS_KEYSTORE_DIR", + "value": "/etc/decisionserver-secret-volume" + }, + { + "name": "HTTPS_KEYSTORE", + "value": "${HTTPS_KEYSTORE}" + }, + { + "name": "HTTPS_NAME", + "value": "${HTTPS_NAME}" + }, + { + "name": "HTTPS_PASSWORD", + "value": "${HTTPS_PASSWORD}" + } + ] + } + ], + "volumes": [ + { + "name": "decisionserver-keystore-volume", + "secret": { + "secretName": "${HTTPS_SECRET}" + } + } + ] + } + } + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}-amq", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}-amq" + ], + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "jboss-amq-62:1.2" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-amq" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}-amq", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}-amq", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "terminationGracePeriodSeconds": 60, + "containers": [ + { + "name": "${APPLICATION_NAME}-amq", + "image": "jboss-amq-62", + "imagePullPolicy": "Always", + "readinessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/amq/bin/readinessProbe.sh" + ] + } + }, + "ports": [ + { + "name": "amqp", + "containerPort": 5672, + "protocol": "TCP" + }, + { + "name": "amqp-ssl", + "containerPort": 5671, + "protocol": "TCP" + }, + { + "name": "mqtt", + "containerPort": 1883, + "protocol": "TCP" + }, + { + "name": "stomp", + "containerPort": 61613, + "protocol": "TCP" + }, + { + "name": "stomp-ssl", + "containerPort": 61612, + "protocol": "TCP" + }, + { + "name": "tcp", + "containerPort": 61616, + "protocol": "TCP" + }, + { + "name": "tcp-ssl", + "containerPort": 61617, + "protocol": "TCP" + } + ], + "env": [ + { + "name": "AMQ_USER", + "value": "${MQ_USERNAME}" + }, + { + "name": "AMQ_PASSWORD", + "value": "${MQ_PASSWORD}" + }, + { + "name": "AMQ_TRANSPORTS", + "value": "${MQ_PROTOCOL}" + }, + { + "name": "AMQ_QUEUES", + "value": "${MQ_QUEUES}" + }, + { + "name": "AMQ_TOPICS", + "value": "${MQ_TOPICS}" + }, + { + "name": "AMQ_ADMIN_USERNAME", + "value": "${AMQ_ADMIN_USERNAME}" + }, + { + "name": "AMQ_ADMIN_PASSWORD", + "value": "${AMQ_ADMIN_PASSWORD}" + } + ] + } + ] + } + } + } + } + ] +} diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/decisionserver62-basic-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/decisionserver62-basic-s2i.json new file mode 100644 index 000000000..097720375 --- /dev/null +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/decisionserver62-basic-s2i.json @@ -0,0 +1,344 @@ +{ + "kind": "Template", + "apiVersion": "v1", + "metadata": { + "annotations": { + "description": "Application template for BRMS Realtime Decision Server 6 applications built using S2I.", + "iconClass": "icon-jboss", + "tags": "decisionserver,java,jboss,xpaas", + "version": "1.2.0" + }, + "name": "decisionserver62-basic-s2i" + }, + "labels": { + "template": "decisionserver62-basic-s2i", + "xpaas": "1.2.0" + }, + "parameters": [ + { + "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2", + "name": "KIE_CONTAINER_DEPLOYMENT", + "value": "HelloRulesContainer=org.openshift.quickstarts:decisionserver-hellorules:1.2.0.Final", + "required": false + }, + { + "description": "The user name to access the KIE Server REST or JMS interface.", + "name": "KIE_SERVER_USER", + "value": "kieserver", + "required": false + }, + { + "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).", + "name": "KIE_SERVER_PASSWORD", + "from": "[a-zA-Z]{6}[0-9]{1}!", + "generate": "expression", + "required": false + }, + { + "description": "The name for the application.", + "name": "APPLICATION_NAME", + "value": "kie-app", + "required": true + }, + { + "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>", + "name": "HOSTNAME_HTTP", + "value": "", + "required": false + }, + { + "description": "Git source URI for application", + "name": "SOURCE_REPOSITORY_URL", + "value": "https://github.com/jboss-openshift/openshift-quickstarts.git", + "required": true + }, + { + "description": "Git branch/tag reference", + "name": "SOURCE_REPOSITORY_REF", + "value": "1.2", + "required": false + }, + { + "description": "Path within Git project to build; empty for root project directory.", + "name": "CONTEXT_DIR", + "value": "decisionserver/hellorules", + "required": false + }, + { + "description": "Queue names", + "name": "HORNETQ_QUEUES", + "value": "", + "required": false + }, + { + "description": "Topic names", + "name": "HORNETQ_TOPICS", + "value": "", + "required": false + }, + { + "description": "HornetQ cluster admin password", + "name": "HORNETQ_CLUSTER_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "GitHub trigger secret", + "name": "GITHUB_WEBHOOK_SECRET", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Generic build trigger secret", + "name": "GENERIC_WEBHOOK_SECRET", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.", + "name": "IMAGE_STREAM_NAMESPACE", + "value": "openshift", + "required": true + } + ], + "objects": [ + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8080, + "targetPort": 8080 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's http port." + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-http", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's http service." + } + }, + "spec": { + "host": "${HOSTNAME_HTTP}", + "to": { + "name": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "ImageStream", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "BuildConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "source": { + "type": "Git", + "git": { + "uri": "${SOURCE_REPOSITORY_URL}", + "ref": "${SOURCE_REPOSITORY_REF}" + }, + "contextDir": "${CONTEXT_DIR}" + }, + "strategy": { + "type": "Source", + "sourceStrategy": { + "env": [ + { + "name": "KIE_CONTAINER_DEPLOYMENT", + "value": "${KIE_CONTAINER_DEPLOYMENT}" + } + ], + "forcePull": true, + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "jboss-decisionserver62-openshift:1.2" + } + } + }, + "output": { + "to": { + "kind": "ImageStreamTag", + "name": "${APPLICATION_NAME}:latest" + } + }, + "triggers": [ + { + "type": "GitHub", + "github": { + "secret": "${GITHUB_WEBHOOK_SECRET}" + } + }, + { + "type": "Generic", + "generic": { + "secret": "${GENERIC_WEBHOOK_SECRET}" + } + }, + { + "type": "ImageChange", + "imageChange": {} + }, + { + "type": "ConfigChange" + } + ] + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}" + ], + "from": { + "kind": "ImageStream", + "name": "${APPLICATION_NAME}" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "terminationGracePeriodSeconds": 60, + "containers": [ + { + "name": "${APPLICATION_NAME}", + "image": "${APPLICATION_NAME}", + "imagePullPolicy": "Always", + "livenessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/eap/bin/livenessProbe.sh" + ] + } + }, + "readinessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/eap/bin/readinessProbe.sh" + ] + } + }, + "ports": [ + { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, + { + "name": "http", + "containerPort": 8080, + "protocol": "TCP" + }, + { + "name": "ping", + "containerPort": 8888, + "protocol": "TCP" + } + ], + "env": [ + { + "name": "KIE_CONTAINER_DEPLOYMENT", + "value": "${KIE_CONTAINER_DEPLOYMENT}" + }, + { + "name": "KIE_SERVER_USER", + "value": "${KIE_SERVER_USER}" + }, + { + "name": "KIE_SERVER_PASSWORD", + "value": "${KIE_SERVER_PASSWORD}" + }, + { + "name": "HORNETQ_CLUSTER_PASSWORD", + "value": "${HORNETQ_CLUSTER_PASSWORD}" + }, + { + "name": "HORNETQ_QUEUES", + "value": "${HORNETQ_QUEUES}" + }, + { + "name": "HORNETQ_TOPICS", + "value": "${HORNETQ_TOPICS}" + } + ] + } + ] + } + } + } + } + ] +} diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/decisionserver62-https-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/decisionserver62-https-s2i.json new file mode 100644 index 000000000..d0505fc5f --- /dev/null +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/decisionserver62-https-s2i.json @@ -0,0 +1,478 @@ +{ + "kind": "Template", + "apiVersion": "v1", + "metadata": { + "annotations": { + "description": "Application template for BRMS Realtime Decision Server 6 HTTPS applications built using S2I.", + "iconClass": "icon-jboss", + "tags": "decisionserver,java,jboss,xpaas", + "version": "1.2.0" + }, + "name": "decisionserver62-https-s2i" + }, + "labels": { + "template": "decisionserver62-https-s2i", + "xpaas": "1.2.0" + }, + "parameters": [ + { + "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2", + "name": "KIE_CONTAINER_DEPLOYMENT", + "value": "HelloRulesContainer=org.openshift.quickstarts:decisionserver-hellorules:1.2.0.Final", + "required": false + }, + { + "description": "The protocol to access the KIE Server REST interface.", + "name": "KIE_SERVER_PROTOCOL", + "value": "https", + "required": false + }, + { + "description": "The port to access the KIE Server REST interface.", + "name": "KIE_SERVER_PORT", + "value": "8443", + "required": false + }, + { + "description": "The user name to access the KIE Server REST or JMS interface.", + "name": "KIE_SERVER_USER", + "value": "kieserver", + "required": false + }, + { + "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).", + "name": "KIE_SERVER_PASSWORD", + "from": "[a-zA-Z]{6}[0-9]{1}!", + "generate": "expression", + "required": false + }, + { + "description": "The name for the application.", + "name": "APPLICATION_NAME", + "value": "kie-app", + "required": true + }, + { + "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>", + "name": "HOSTNAME_HTTP", + "value": "", + "required": false + }, + { + "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>", + "name": "HOSTNAME_HTTPS", + "value": "", + "required": false + }, + { + "description": "Git source URI for application", + "name": "SOURCE_REPOSITORY_URL", + "value": "https://github.com/jboss-openshift/openshift-quickstarts.git", + "required": true + }, + { + "description": "Git branch/tag reference", + "name": "SOURCE_REPOSITORY_REF", + "value": "1.2", + "required": false + }, + { + "description": "Path within Git project to build; empty for root project directory.", + "name": "CONTEXT_DIR", + "value": "decisionserver/hellorules", + "required": false + }, + { + "description": "Queue names", + "name": "HORNETQ_QUEUES", + "value": "", + "required": false + }, + { + "description": "Topic names", + "name": "HORNETQ_TOPICS", + "value": "", + "required": false + }, + { + "description": "The name of the secret containing the keystore file", + "name": "HTTPS_SECRET", + "value": "decisionserver-app-secret", + "required": true + }, + { + "description": "The name of the keystore file within the secret", + "name": "HTTPS_KEYSTORE", + "value": "keystore.jks", + "required": false + }, + { + "description": "The name associated with the server certificate", + "name": "HTTPS_NAME", + "value": "jboss", + "required": false + }, + { + "description": "The password for the keystore and certificate", + "name": "HTTPS_PASSWORD", + "value": "mykeystorepass", + "required": false + }, + { + "description": "HornetQ cluster admin password", + "name": "HORNETQ_CLUSTER_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "GitHub trigger secret", + "name": "GITHUB_WEBHOOK_SECRET", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Generic build trigger secret", + "name": "GENERIC_WEBHOOK_SECRET", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.", + "name": "IMAGE_STREAM_NAMESPACE", + "value": "openshift", + "required": true + } + ], + "objects": [ + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8080, + "targetPort": 8080 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's http port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8443, + "targetPort": 8443 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's https port." + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-http", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's http service." + } + }, + "spec": { + "host": "${HOSTNAME_HTTP}", + "to": { + "name": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-https", + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's https service." + } + }, + "spec": { + "host": "${HOSTNAME_HTTPS}", + "to": { + "name": "secure-${APPLICATION_NAME}" + }, + "tls": { + "termination": "passthrough" + } + } + }, + { + "kind": "ImageStream", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "BuildConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "source": { + "type": "Git", + "git": { + "uri": "${SOURCE_REPOSITORY_URL}", + "ref": "${SOURCE_REPOSITORY_REF}" + }, + "contextDir": "${CONTEXT_DIR}" + }, + "strategy": { + "type": "Source", + "sourceStrategy": { + "env": [ + { + "name": "KIE_CONTAINER_DEPLOYMENT", + "value": "${KIE_CONTAINER_DEPLOYMENT}" + } + ], + "forcePull": true, + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "jboss-decisionserver62-openshift:1.2" + } + } + }, + "output": { + "to": { + "kind": "ImageStreamTag", + "name": "${APPLICATION_NAME}:latest" + } + }, + "triggers": [ + { + "type": "GitHub", + "github": { + "secret": "${GITHUB_WEBHOOK_SECRET}" + } + }, + { + "type": "Generic", + "generic": { + "secret": "${GENERIC_WEBHOOK_SECRET}" + } + }, + { + "type": "ImageChange", + "imageChange": {} + }, + { + "type": "ConfigChange" + } + ] + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}" + ], + "from": { + "kind": "ImageStream", + "name": "${APPLICATION_NAME}" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "serviceAccount": "decisionserver-service-account", + "terminationGracePeriodSeconds": 60, + "containers": [ + { + "name": "${APPLICATION_NAME}", + "image": "${APPLICATION_NAME}", + "imagePullPolicy": "Always", + "volumeMounts": [ + { + "name": "decisionserver-keystore-volume", + "mountPath": "/etc/decisionserver-secret-volume", + "readOnly": true + } + ], + "livenessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/eap/bin/livenessProbe.sh" + ] + } + }, + "readinessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/eap/bin/readinessProbe.sh" + ] + } + }, + "ports": [ + { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, + { + "name": "http", + "containerPort": 8080, + "protocol": "TCP" + }, + { + "name": "https", + "containerPort": 8443, + "protocol": "TCP" + }, + { + "name": "ping", + "containerPort": 8888, + "protocol": "TCP" + } + ], + "env": [ + { + "name": "KIE_CONTAINER_DEPLOYMENT", + "value": "${KIE_CONTAINER_DEPLOYMENT}" + }, + { + "name": "KIE_SERVER_PROTOCOL", + "value": "${KIE_SERVER_PROTOCOL}" + }, + { + "name": "KIE_SERVER_PORT", + "value": "${KIE_SERVER_PORT}" + }, + { + "name": "KIE_SERVER_USER", + "value": "${KIE_SERVER_USER}" + }, + { + "name": "KIE_SERVER_PASSWORD", + "value": "${KIE_SERVER_PASSWORD}" + }, + { + "name": "HTTPS_KEYSTORE_DIR", + "value": "/etc/decisionserver-secret-volume" + }, + { + "name": "HTTPS_KEYSTORE", + "value": "${HTTPS_KEYSTORE}" + }, + { + "name": "HTTPS_NAME", + "value": "${HTTPS_NAME}" + }, + { + "name": "HTTPS_PASSWORD", + "value": "${HTTPS_PASSWORD}" + }, + { + "name": "HORNETQ_CLUSTER_PASSWORD", + "value": "${HORNETQ_CLUSTER_PASSWORD}" + }, + { + "name": "HORNETQ_QUEUES", + "value": "${HORNETQ_QUEUES}" + }, + { + "name": "HORNETQ_TOPICS", + "value": "${HORNETQ_TOPICS}" + } + ] + } + ], + "volumes": [ + { + "name": "decisionserver-keystore-volume", + "secret": { + "secretName": "${HTTPS_SECRET}" + } + } + ] + } + } + } + } + ] +} diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-amq-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-amq-persistent-s2i.json index 2fc3b5b25..4b38dade3 100644 --- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-amq-persistent-s2i.json +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-amq-persistent-s2i.json @@ -6,13 +6,13 @@ "description": "Application template for EAP 6 A-MQ applications with persistent storage built using S2I.", "iconClass": "icon-jboss", "tags": "eap,amq,javaee,java,messaging,jboss,xpaas", - "version": "1.1.0" + "version": "1.2.0" }, "name": "eap64-amq-persistent-s2i" }, "labels": { "template": "eap64-amq-persistent-s2i", - "xpaas": "1.1.0" + "xpaas": "1.2.0" }, "parameters": [ { @@ -22,21 +22,27 @@ "required": true }, { - "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>", - "name": "APPLICATION_DOMAIN", + "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>", + "name": "HOSTNAME_HTTP", + "value": "", + "required": false + }, + { + "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>", + "name": "HOSTNAME_HTTPS", "value": "", "required": false }, { "description": "Git source URI for application", "name": "SOURCE_REPOSITORY_URL", - "value": "https://github.com/jboss-openshift/openshift-quickstarts.git", + "value": "https://github.com/jboss-developer/jboss-eap-quickstarts.git", "required": true }, { "description": "Git branch/tag reference", "name": "SOURCE_REPOSITORY_REF", - "value": "1.1", + "value": "6.4.x", "required": false }, { @@ -77,25 +83,25 @@ }, { "description": "The name of the secret containing the keystore file", - "name": "EAP_HTTPS_SECRET", + "name": "HTTPS_SECRET", "value": "eap-app-secret", "required": false }, { "description": "The name of the keystore file within the secret", - "name": "EAP_HTTPS_KEYSTORE", + "name": "HTTPS_KEYSTORE", "value": "keystore.jks", "required": false }, { "description": "The name associated with the server certificate", - "name": "EAP_HTTPS_NAME", + "name": "HTTPS_NAME", "value": "", "required": false }, { "description": "The password for the keystore and certificate", - "name": "EAP_HTTPS_PASSWORD", + "name": "HTTPS_PASSWORD", "value": "", "required": false }, @@ -146,6 +152,37 @@ "name": "IMAGE_STREAM_NAMESPACE", "value": "openshift", "required": true + }, + { + "description": "The name of the secret containing the keystore file", + "name": "JGROUPS_ENCRYPT_SECRET", + "value": "eap-app-secret", + "required": false + }, + { + "description": "The name of the keystore file within the secret", + "name": "JGROUPS_ENCRYPT_KEYSTORE", + "value": "jgroups.jceks", + "required": false + }, + { + "description": "The name associated with the server certificate", + "name": "JGROUPS_ENCRYPT_NAME", + "value": "", + "required": false + }, + { + "description": "The password for the keystore and certificate", + "name": "JGROUPS_ENCRYPT_PASSWORD", + "value": "", + "required": false + }, + { + "description": "JGroups cluster password", + "name": "JGROUPS_CLUSTER_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true } ], "objects": [ @@ -235,7 +272,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTP}", "to": { "name": "${APPLICATION_NAME}" } @@ -255,7 +292,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTPS}", "to": { "name": "secure-${APPLICATION_NAME}" }, @@ -299,7 +336,7 @@ "from": { "kind": "ImageStreamTag", "namespace": "${IMAGE_STREAM_NAMESPACE}", - "name": "jboss-eap64-openshift:1.1" + "name": "jboss-eap64-openshift:1.2" } } }, @@ -388,8 +425,22 @@ "name": "eap-keystore-volume", "mountPath": "/etc/eap-secret-volume", "readOnly": true + }, + { + "name": "eap-jgroups-keystore-volume", + "mountPath": "/etc/jgroups-encrypt-secret-volume", + "readOnly": true } ], + "livenessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/eap/bin/livenessProbe.sh" + ] + } + }, "readinessProbe": { "exec": { "command": [ @@ -401,6 +452,11 @@ }, "ports": [ { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, + { "name": "http", "containerPort": 8080, "protocol": "TCP" @@ -458,20 +514,44 @@ } }, { - "name": "EAP_HTTPS_KEYSTORE_DIR", + "name": "HTTPS_KEYSTORE_DIR", "value": "/etc/eap-secret-volume" }, { - "name": "EAP_HTTPS_KEYSTORE", - "value": "${EAP_HTTPS_KEYSTORE}" + "name": "HTTPS_KEYSTORE", + "value": "${HTTPS_KEYSTORE}" + }, + { + "name": "HTTPS_NAME", + "value": "${HTTPS_NAME}" + }, + { + "name": "HTTPS_PASSWORD", + "value": "${HTTPS_PASSWORD}" + }, + { + "name": "JGROUPS_ENCRYPT_SECRET", + "value": "${JGROUPS_ENCRYPT_SECRET}" + }, + { + "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR", + "value": "/etc/jgroups-encrypt-secret-volume" }, { - "name": "EAP_HTTPS_NAME", - "value": "${EAP_HTTPS_NAME}" + "name": "JGROUPS_ENCRYPT_KEYSTORE", + "value": "${JGROUPS_ENCRYPT_KEYSTORE}" }, { - "name": "EAP_HTTPS_PASSWORD", - "value": "${EAP_HTTPS_PASSWORD}" + "name": "JGROUPS_ENCRYPT_NAME", + "value": "${JGROUPS_ENCRYPT_NAME}" + }, + { + "name": "JGROUPS_ENCRYPT_PASSWORD", + "value": "${JGROUPS_ENCRYPT_PASSWORD}" + }, + { + "name": "JGROUPS_CLUSTER_PASSWORD", + "value": "${JGROUPS_CLUSTER_PASSWORD}" } ] } @@ -480,7 +560,13 @@ { "name": "eap-keystore-volume", "secret": { - "secretName": "${EAP_HTTPS_SECRET}" + "secretName": "${HTTPS_SECRET}" + } + }, + { + "name": "eap-jgroups-keystore-volume", + "secret": { + "secretName": "${JGROUPS_ENCRYPT_SECRET}" } } ] @@ -512,7 +598,7 @@ "from": { "kind": "ImageStreamTag", "namespace": "${IMAGE_STREAM_NAMESPACE}", - "name": "jboss-amq-62:1.1" + "name": "jboss-amq-62:1.2" } } }, @@ -544,7 +630,7 @@ "command": [ "/bin/bash", "-c", - "curl -s -L -u ${AMQ_ADMIN_USERNAME}:${AMQ_ADMIN_PASSWORD} 'http://localhost:8161/hawtio/jolokia/read/org.apache.activemq:type=Broker,brokerName=*,service=Health/CurrentStatus' | grep -q '\"CurrentStatus\" *: *\"Good\"'" + "/opt/amq/bin/readinessProbe.sh" ] } }, diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-amq-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-amq-s2i.json index a420bb1ea..d321af9c9 100644 --- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-amq-s2i.json +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-amq-s2i.json @@ -6,13 +6,13 @@ "description": "Application template for EAP 6 A-MQ applications built using S2I.", "iconClass": "icon-jboss", "tags": "eap,amq,javaee,java,messaging,jboss,xpaas", - "version": "1.1.0" + "version": "1.2.0" }, "name": "eap64-amq-s2i" }, "labels": { "template": "eap64-amq-s2i", - "xpaas": "1.1.0" + "xpaas": "1.2.0" }, "parameters": [ { @@ -22,21 +22,27 @@ "required": true }, { - "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>", - "name": "APPLICATION_DOMAIN", + "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>", + "name": "HOSTNAME_HTTP", + "value": "", + "required": false + }, + { + "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>", + "name": "HOSTNAME_HTTPS", "value": "", "required": false }, { "description": "Git source URI for application", "name": "SOURCE_REPOSITORY_URL", - "value": "https://github.com/jboss-openshift/openshift-quickstarts.git", + "value": "https://github.com/jboss-developer/jboss-eap-quickstarts.git", "required": true }, { "description": "Git branch/tag reference", "name": "SOURCE_REPOSITORY_REF", - "value": "1.1", + "value": "6.4.x", "required": false }, { @@ -71,25 +77,25 @@ }, { "description": "The name of the secret containing the keystore file", - "name": "EAP_HTTPS_SECRET", + "name": "HTTPS_SECRET", "value": "eap-app-secret", "required": false }, { "description": "The name of the keystore file within the secret", - "name": "EAP_HTTPS_KEYSTORE", + "name": "HTTPS_KEYSTORE", "value": "keystore.jks", "required": false }, { "description": "The name associated with the server certificate", - "name": "EAP_HTTPS_NAME", + "name": "HTTPS_NAME", "value": "", "required": false }, { "description": "The password for the keystore and certificate", - "name": "EAP_HTTPS_PASSWORD", + "name": "HTTPS_PASSWORD", "value": "", "required": false }, @@ -140,6 +146,37 @@ "name": "IMAGE_STREAM_NAMESPACE", "value": "openshift", "required": true + }, + { + "description": "The name of the secret containing the keystore file", + "name": "JGROUPS_ENCRYPT_SECRET", + "value": "eap-app-secret", + "required": false + }, + { + "description": "The name of the keystore file within the secret", + "name": "JGROUPS_ENCRYPT_KEYSTORE", + "value": "jgroups.jceks", + "required": false + }, + { + "description": "The name associated with the server certificate", + "name": "JGROUPS_ENCRYPT_NAME", + "value": "", + "required": false + }, + { + "description": "The password for the keystore and certificate", + "name": "JGROUPS_ENCRYPT_PASSWORD", + "value": "", + "required": false + }, + { + "description": "JGroups cluster password", + "name": "JGROUPS_CLUSTER_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true } ], "objects": [ @@ -229,7 +266,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTP}", "to": { "name": "${APPLICATION_NAME}" } @@ -249,7 +286,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTPS}", "to": { "name": "secure-${APPLICATION_NAME}" }, @@ -293,7 +330,7 @@ "from": { "kind": "ImageStreamTag", "namespace": "${IMAGE_STREAM_NAMESPACE}", - "name": "jboss-eap64-openshift:1.1" + "name": "jboss-eap64-openshift:1.2" } } }, @@ -382,8 +419,22 @@ "name": "eap-keystore-volume", "mountPath": "/etc/eap-secret-volume", "readOnly": true + }, + { + "name": "eap-jgroups-keystore-volume", + "mountPath": "/etc/jgroups-encrypt-secret-volume", + "readOnly": true } ], + "livenessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/eap/bin/livenessProbe.sh" + ] + } + }, "readinessProbe": { "exec": { "command": [ @@ -395,6 +446,11 @@ }, "ports": [ { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, + { "name": "http", "containerPort": 8080, "protocol": "TCP" @@ -452,20 +508,44 @@ } }, { - "name": "EAP_HTTPS_KEYSTORE_DIR", + "name": "HTTPS_KEYSTORE_DIR", "value": "/etc/eap-secret-volume" }, { - "name": "EAP_HTTPS_KEYSTORE", - "value": "${EAP_HTTPS_KEYSTORE}" + "name": "HTTPS_KEYSTORE", + "value": "${HTTPS_KEYSTORE}" + }, + { + "name": "HTTPS_NAME", + "value": "${HTTPS_NAME}" + }, + { + "name": "HTTPS_PASSWORD", + "value": "${HTTPS_PASSWORD}" + }, + { + "name": "JGROUPS_ENCRYPT_SECRET", + "value": "${JGROUPS_ENCRYPT_SECRET}" + }, + { + "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR", + "value": "/etc/jgroups-encrypt-secret-volume" }, { - "name": "EAP_HTTPS_NAME", - "value": "${EAP_HTTPS_NAME}" + "name": "JGROUPS_ENCRYPT_KEYSTORE", + "value": "${JGROUPS_ENCRYPT_KEYSTORE}" }, { - "name": "EAP_HTTPS_PASSWORD", - "value": "${EAP_HTTPS_PASSWORD}" + "name": "JGROUPS_ENCRYPT_NAME", + "value": "${JGROUPS_ENCRYPT_NAME}" + }, + { + "name": "JGROUPS_ENCRYPT_PASSWORD", + "value": "${JGROUPS_ENCRYPT_PASSWORD}" + }, + { + "name": "JGROUPS_CLUSTER_PASSWORD", + "value": "${JGROUPS_CLUSTER_PASSWORD}" } ] } @@ -474,7 +554,13 @@ { "name": "eap-keystore-volume", "secret": { - "secretName": "${EAP_HTTPS_SECRET}" + "secretName": "${HTTPS_SECRET}" + } + }, + { + "name": "eap-jgroups-keystore-volume", + "secret": { + "secretName": "${JGROUPS_ENCRYPT_SECRET}" } } ] @@ -506,7 +592,7 @@ "from": { "kind": "ImageStreamTag", "namespace": "${IMAGE_STREAM_NAMESPACE}", - "name": "jboss-amq-62:1.1" + "name": "jboss-amq-62:1.2" } } }, @@ -538,7 +624,7 @@ "command": [ "/bin/bash", "-c", - "curl -s -L -u ${AMQ_ADMIN_USERNAME}:${AMQ_ADMIN_PASSWORD} 'http://localhost:8161/hawtio/jolokia/read/org.apache.activemq:type=Broker,brokerName=*,service=Health/CurrentStatus' | grep -q '\"CurrentStatus\" *: *\"Good\"'" + "/opt/amq/bin/readinessProbe.sh" ] } }, diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-basic-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-basic-s2i.json index 3f90eb8be..2e3849e2a 100644 --- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-basic-s2i.json +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-basic-s2i.json @@ -6,13 +6,13 @@ "iconClass": "icon-jboss", "description": "Application template for EAP 6 applications built using S2I.", "tags": "eap,javaee,java,jboss,xpaas", - "version": "1.1.0" + "version": "1.2.0" }, "name": "eap64-basic-s2i" }, "labels": { "template": "eap64-basic-s2i", - "xpaas": "1.1.0" + "xpaas": "1.2.0" }, "parameters": [ { @@ -22,8 +22,8 @@ "required": true }, { - "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>", - "name": "APPLICATION_DOMAIN", + "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>", + "name": "HOSTNAME_HTTP", "value": "", "required": false }, @@ -83,6 +83,13 @@ "name": "IMAGE_STREAM_NAMESPACE", "value": "openshift", "required": true + }, + { + "description": "JGroups cluster password", + "name": "JGROUPS_CLUSTER_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true } ], "objects": [ @@ -124,7 +131,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTP}", "to": { "name": "${APPLICATION_NAME}" } @@ -165,7 +172,7 @@ "from": { "kind": "ImageStreamTag", "namespace": "${IMAGE_STREAM_NAMESPACE}", - "name": "jboss-eap64-openshift:1.1" + "name": "jboss-eap64-openshift:1.2" } } }, @@ -248,6 +255,15 @@ "name": "${APPLICATION_NAME}", "image": "${APPLICATION_NAME}", "imagePullPolicy": "Always", + "livenessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/eap/bin/livenessProbe.sh" + ] + } + }, "readinessProbe": { "exec": { "command": [ @@ -259,6 +275,11 @@ }, "ports": [ { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, + { "name": "http", "containerPort": 8080, "protocol": "TCP" @@ -293,6 +314,10 @@ { "name": "HORNETQ_TOPICS", "value": "${HORNETQ_TOPICS}" + }, + { + "name": "JGROUPS_CLUSTER_PASSWORD", + "value": "${JGROUPS_CLUSTER_PASSWORD}" } ] } @@ -302,4 +327,4 @@ } } ] -}
\ No newline at end of file +} diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-https-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-https-s2i.json index 220d2f5b9..54514cb6b 100644 --- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-https-s2i.json +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-https-s2i.json @@ -6,13 +6,13 @@ "iconClass": "icon-jboss", "description": "Application template for EAP 6 applications built using S2I.", "tags": "eap,javaee,java,jboss,xpaas", - "version": "1.1.0" + "version": "1.2.0" }, "name": "eap64-https-s2i" }, "labels": { "template": "eap64-https-s2i", - "xpaas": "1.1.0" + "xpaas": "1.2.0" }, "parameters": [ { @@ -22,8 +22,14 @@ "required": true }, { - "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>", - "name": "APPLICATION_DOMAIN", + "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>", + "name": "HOSTNAME_HTTP", + "value": "", + "required": false + }, + { + "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>", + "name": "HOSTNAME_HTTPS", "value": "", "required": false }, @@ -59,25 +65,25 @@ }, { "description": "The name of the secret containing the keystore file", - "name": "EAP_HTTPS_SECRET", + "name": "HTTPS_SECRET", "value": "eap-app-secret", "required": true }, { "description": "The name of the keystore file within the secret", - "name": "EAP_HTTPS_KEYSTORE", + "name": "HTTPS_KEYSTORE", "value": "keystore.jks", "required": false }, { "description": "The name associated with the server certificate", - "name": "EAP_HTTPS_NAME", + "name": "HTTPS_NAME", "value": "", "required": false }, { "description": "The password for the keystore and certificate", - "name": "EAP_HTTPS_PASSWORD", + "name": "HTTPS_PASSWORD", "value": "", "required": false }, @@ -107,6 +113,37 @@ "name": "IMAGE_STREAM_NAMESPACE", "value": "openshift", "required": true + }, + { + "description": "The name of the secret containing the keystore file", + "name": "JGROUPS_ENCRYPT_SECRET", + "value": "eap-app-secret", + "required": false + }, + { + "description": "The name of the keystore file within the secret", + "name": "JGROUPS_ENCRYPT_KEYSTORE", + "value": "jgroups.jceks", + "required": false + }, + { + "description": "The name associated with the server certificate", + "name": "JGROUPS_ENCRYPT_NAME", + "value": "", + "required": false + }, + { + "description": "The password for the keystore and certificate", + "name": "JGROUPS_ENCRYPT_PASSWORD", + "value": "", + "required": false + }, + { + "description": "JGroups cluster password", + "name": "JGROUPS_CLUSTER_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true } ], "objects": [ @@ -172,7 +209,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTP}", "to": { "name": "${APPLICATION_NAME}" } @@ -192,7 +229,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTPS}", "to": { "name": "secure-${APPLICATION_NAME}" }, @@ -236,7 +273,7 @@ "from": { "kind": "ImageStreamTag", "namespace": "${IMAGE_STREAM_NAMESPACE}", - "name": "jboss-eap64-openshift:1.1" + "name": "jboss-eap64-openshift:1.2" } } }, @@ -325,8 +362,22 @@ "name": "eap-keystore-volume", "mountPath": "/etc/eap-secret-volume", "readOnly": true + }, + { + "name": "eap-jgroups-keystore-volume", + "mountPath": "/etc/jgroups-encrypt-secret-volume", + "readOnly": true } ], + "livenessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/eap/bin/livenessProbe.sh" + ] + } + }, "readinessProbe": { "exec": { "command": [ @@ -338,6 +389,11 @@ }, "ports": [ { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, + { "name": "http", "containerPort": 8080, "protocol": "TCP" @@ -367,20 +423,20 @@ } }, { - "name": "EAP_HTTPS_KEYSTORE_DIR", + "name": "HTTPS_KEYSTORE_DIR", "value": "/etc/eap-secret-volume" }, { - "name": "EAP_HTTPS_KEYSTORE", - "value": "${EAP_HTTPS_KEYSTORE}" + "name": "HTTPS_KEYSTORE", + "value": "${HTTPS_KEYSTORE}" }, { - "name": "EAP_HTTPS_NAME", - "value": "${EAP_HTTPS_NAME}" + "name": "HTTPS_NAME", + "value": "${HTTPS_NAME}" }, { - "name": "EAP_HTTPS_PASSWORD", - "value": "${EAP_HTTPS_PASSWORD}" + "name": "HTTPS_PASSWORD", + "value": "${HTTPS_PASSWORD}" }, { "name": "HORNETQ_CLUSTER_PASSWORD", @@ -393,6 +449,30 @@ { "name": "HORNETQ_TOPICS", "value": "${HORNETQ_TOPICS}" + }, + { + "name": "JGROUPS_ENCRYPT_SECRET", + "value": "${JGROUPS_ENCRYPT_SECRET}" + }, + { + "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR", + "value": "/etc/jgroups-encrypt-secret-volume" + }, + { + "name": "JGROUPS_ENCRYPT_KEYSTORE", + "value": "${JGROUPS_ENCRYPT_KEYSTORE}" + }, + { + "name": "JGROUPS_ENCRYPT_NAME", + "value": "${JGROUPS_ENCRYPT_NAME}" + }, + { + "name": "JGROUPS_ENCRYPT_PASSWORD", + "value": "${JGROUPS_ENCRYPT_PASSWORD}" + }, + { + "name": "JGROUPS_CLUSTER_PASSWORD", + "value": "${JGROUPS_CLUSTER_PASSWORD}" } ] } @@ -401,7 +481,13 @@ { "name": "eap-keystore-volume", "secret": { - "secretName": "${EAP_HTTPS_SECRET}" + "secretName": "${HTTPS_SECRET}" + } + }, + { + "name": "eap-jgroups-keystore-volume", + "secret": { + "secretName": "${JGROUPS_ENCRYPT_SECRET}" } } ] @@ -410,4 +496,4 @@ } } ] -}
\ No newline at end of file +} diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-mongodb-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-mongodb-persistent-s2i.json index a1a3a9f2c..2c0f21ae3 100644 --- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-mongodb-persistent-s2i.json +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-mongodb-persistent-s2i.json @@ -6,13 +6,13 @@ "description": "Application template for EAP 6 MongDB applications with persistent storage built using S2I.", "iconClass": "icon-jboss", "tags": "eap,mongodb,javaee,java,database,jboss,xpaas", - "version": "1.1.0" + "version": "1.2.0" }, "name": "eap64-mongodb-persistent-s2i" }, "labels": { "template": "eap64-mongodb-persistent-s2i", - "xpaas": "1.1.0" + "xpaas": "1.2.0" }, "parameters": [ { @@ -22,8 +22,14 @@ "required": true }, { - "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>", - "name": "APPLICATION_DOMAIN", + "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>", + "name": "HOSTNAME_HTTP", + "value": "", + "required": false + }, + { + "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>", + "name": "HOSTNAME_HTTPS", "value": "", "required": false }, @@ -36,7 +42,7 @@ { "description": "Git branch/tag reference", "name": "SOURCE_REPOSITORY_REF", - "value": "1.1", + "value": "1.2", "required": false }, { @@ -77,25 +83,25 @@ }, { "description": "The name of the secret containing the keystore file", - "name": "EAP_HTTPS_SECRET", + "name": "HTTPS_SECRET", "value": "eap-app-secret", "required": false }, { "description": "The name of the keystore file within the secret", - "name": "EAP_HTTPS_KEYSTORE", + "name": "HTTPS_KEYSTORE", "value": "keystore.jks", "required": false }, { "description": "The name associated with the server certificate", - "name": "EAP_HTTPS_NAME", + "name": "HTTPS_NAME", "value": "", "required": false }, { "description": "The password for the keystore and certificate", - "name": "EAP_HTTPS_PASSWORD", + "name": "HTTPS_PASSWORD", "value": "", "required": false }, @@ -176,6 +182,37 @@ "name": "IMAGE_STREAM_NAMESPACE", "value": "openshift", "required": true + }, + { + "description": "The name of the secret containing the keystore file", + "name": "JGROUPS_ENCRYPT_SECRET", + "value": "eap-app-secret", + "required": false + }, + { + "description": "The name of the keystore file within the secret", + "name": "JGROUPS_ENCRYPT_KEYSTORE", + "value": "jgroups.jceks", + "required": false + }, + { + "description": "The name associated with the server certificate", + "name": "JGROUPS_ENCRYPT_NAME", + "value": "", + "required": false + }, + { + "description": "The password for the keystore and certificate", + "name": "JGROUPS_ENCRYPT_PASSWORD", + "value": "", + "required": false + }, + { + "description": "JGroups cluster password", + "name": "JGROUPS_CLUSTER_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true } ], "objects": [ @@ -265,7 +302,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTP}", "to": { "name": "${APPLICATION_NAME}" } @@ -285,7 +322,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTPS}", "to": { "name": "secure-${APPLICATION_NAME}" }, @@ -329,7 +366,7 @@ "from": { "kind": "ImageStreamTag", "namespace": "${IMAGE_STREAM_NAMESPACE}", - "name": "jboss-eap64-openshift:1.1" + "name": "jboss-eap64-openshift:1.2" } } }, @@ -418,8 +455,22 @@ "name": "eap-keystore-volume", "mountPath": "/etc/eap-secret-volume", "readOnly": true + }, + { + "name": "eap-jgroups-keystore-volume", + "mountPath": "/etc/jgroups-encrypt-secret-volume", + "readOnly": true } ], + "livenessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/eap/bin/livenessProbe.sh" + ] + } + }, "readinessProbe": { "exec": { "command": [ @@ -431,6 +482,11 @@ }, "ports": [ { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, + { "name": "http", "containerPort": 8080, "protocol": "TCP" @@ -496,20 +552,20 @@ } }, { - "name": "EAP_HTTPS_KEYSTORE_DIR", + "name": "HTTPS_KEYSTORE_DIR", "value": "/etc/eap-secret-volume" }, { - "name": "EAP_HTTPS_KEYSTORE", - "value": "${EAP_HTTPS_KEYSTORE}" + "name": "HTTPS_KEYSTORE", + "value": "${HTTPS_KEYSTORE}" }, { - "name": "EAP_HTTPS_NAME", - "value": "${EAP_HTTPS_NAME}" + "name": "HTTPS_NAME", + "value": "${HTTPS_NAME}" }, { - "name": "EAP_HTTPS_PASSWORD", - "value": "${EAP_HTTPS_PASSWORD}" + "name": "HTTPS_PASSWORD", + "value": "${HTTPS_PASSWORD}" }, { "name": "HORNETQ_CLUSTER_PASSWORD", @@ -522,6 +578,30 @@ { "name": "HORNETQ_TOPICS", "value": "${HORNETQ_TOPICS}" + }, + { + "name": "JGROUPS_ENCRYPT_SECRET", + "value": "${JGROUPS_ENCRYPT_SECRET}" + }, + { + "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR", + "value": "/etc/jgroups-encrypt-secret-volume" + }, + { + "name": "JGROUPS_ENCRYPT_KEYSTORE", + "value": "${JGROUPS_ENCRYPT_KEYSTORE}" + }, + { + "name": "JGROUPS_ENCRYPT_NAME", + "value": "${JGROUPS_ENCRYPT_NAME}" + }, + { + "name": "JGROUPS_ENCRYPT_PASSWORD", + "value": "${JGROUPS_ENCRYPT_PASSWORD}" + }, + { + "name": "JGROUPS_CLUSTER_PASSWORD", + "value": "${JGROUPS_CLUSTER_PASSWORD}" } ] } @@ -530,7 +610,13 @@ { "name": "eap-keystore-volume", "secret": { - "secretName": "${EAP_HTTPS_SECRET}" + "secretName": "${HTTPS_SECRET}" + } + }, + { + "name": "eap-jgroups-keystore-volume", + "secret": { + "secretName": "${JGROUPS_ENCRYPT_SECRET}" } } ] @@ -666,4 +752,4 @@ } } ] -}
\ No newline at end of file +} diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-mongodb-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-mongodb-s2i.json index dfd1443ed..6f604d29e 100644 --- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-mongodb-s2i.json +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-mongodb-s2i.json @@ -6,13 +6,13 @@ "description": "Application template for EAP 6 MongDB applications built using S2I.", "iconClass": "icon-jboss", "tags": "eap,mongodb,javaee,java,database,jboss,xpaas", - "version": "1.1.0" + "version": "1.2.0" }, "name": "eap64-mongodb-s2i" }, "labels": { "template": "eap64-mongodb-s2i", - "xpaas": "1.1.0" + "xpaas": "1.2.0" }, "parameters": [ { @@ -22,8 +22,14 @@ "required": true }, { - "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>", - "name": "APPLICATION_DOMAIN", + "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>", + "name": "HOSTNAME_HTTP", + "value": "", + "required": false + }, + { + "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>", + "name": "HOSTNAME_HTTPS", "value": "", "required": false }, @@ -36,7 +42,7 @@ { "description": "Git branch/tag reference", "name": "SOURCE_REPOSITORY_REF", - "value": "1.1", + "value": "1.2", "required": false }, { @@ -71,25 +77,25 @@ }, { "description": "The name of the secret containing the keystore file", - "name": "EAP_HTTPS_SECRET", + "name": "HTTPS_SECRET", "value": "eap-app-secret", "required": false }, { "description": "The name of the keystore file within the secret", - "name": "EAP_HTTPS_KEYSTORE", + "name": "HTTPS_KEYSTORE", "value": "keystore.jks", "required": false }, { "description": "The name associated with the server certificate", - "name": "EAP_HTTPS_NAME", + "name": "HTTPS_NAME", "value": "", "required": false }, { "description": "The password for the keystore and certificate", - "name": "EAP_HTTPS_PASSWORD", + "name": "HTTPS_PASSWORD", "value": "", "required": false }, @@ -170,6 +176,37 @@ "name": "IMAGE_STREAM_NAMESPACE", "value": "openshift", "required": true + }, + { + "description": "The name of the secret containing the keystore file", + "name": "JGROUPS_ENCRYPT_SECRET", + "value": "eap-app-secret", + "required": false + }, + { + "description": "The name of the keystore file within the secret", + "name": "JGROUPS_ENCRYPT_KEYSTORE", + "value": "jgroups.jceks", + "required": false + }, + { + "description": "The name associated with the server certificate", + "name": "JGROUPS_ENCRYPT_NAME", + "value": "", + "required": false + }, + { + "description": "The password for the keystore and certificate", + "name": "JGROUPS_ENCRYPT_PASSWORD", + "value": "", + "required": false + }, + { + "description": "JGroups cluster password", + "name": "JGROUPS_CLUSTER_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true } ], "objects": [ @@ -259,7 +296,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTP}", "to": { "name": "${APPLICATION_NAME}" } @@ -279,7 +316,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTPS}", "to": { "name": "secure-${APPLICATION_NAME}" }, @@ -323,7 +360,7 @@ "from": { "kind": "ImageStreamTag", "namespace": "${IMAGE_STREAM_NAMESPACE}", - "name": "jboss-eap64-openshift:1.1" + "name": "jboss-eap64-openshift:1.2" } } }, @@ -412,8 +449,22 @@ "name": "eap-keystore-volume", "mountPath": "/etc/eap-secret-volume", "readOnly": true + }, + { + "name": "eap-jgroups-keystore-volume", + "mountPath": "/etc/jgroups-encrypt-secret-volume", + "readOnly": true } ], + "livenessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/eap/bin/livenessProbe.sh" + ] + } + }, "readinessProbe": { "exec": { "command": [ @@ -425,6 +476,11 @@ }, "ports": [ { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, + { "name": "http", "containerPort": 8080, "protocol": "TCP" @@ -490,20 +546,20 @@ } }, { - "name": "EAP_HTTPS_KEYSTORE_DIR", + "name": "HTTPS_KEYSTORE_DIR", "value": "/etc/eap-secret-volume" }, { - "name": "EAP_HTTPS_KEYSTORE", - "value": "${EAP_HTTPS_KEYSTORE}" + "name": "HTTPS_KEYSTORE", + "value": "${HTTPS_KEYSTORE}" }, { - "name": "EAP_HTTPS_NAME", - "value": "${EAP_HTTPS_NAME}" + "name": "HTTPS_NAME", + "value": "${HTTPS_NAME}" }, { - "name": "EAP_HTTPS_PASSWORD", - "value": "${EAP_HTTPS_PASSWORD}" + "name": "HTTPS_PASSWORD", + "value": "${HTTPS_PASSWORD}" }, { "name": "HORNETQ_CLUSTER_PASSWORD", @@ -516,6 +572,30 @@ { "name": "HORNETQ_TOPICS", "value": "${HORNETQ_TOPICS}" + }, + { + "name": "JGROUPS_ENCRYPT_SECRET", + "value": "${JGROUPS_ENCRYPT_SECRET}" + }, + { + "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR", + "value": "/etc/jgroups-encrypt-secret-volume" + }, + { + "name": "JGROUPS_ENCRYPT_KEYSTORE", + "value": "${JGROUPS_ENCRYPT_KEYSTORE}" + }, + { + "name": "JGROUPS_ENCRYPT_NAME", + "value": "${JGROUPS_ENCRYPT_NAME}" + }, + { + "name": "JGROUPS_ENCRYPT_PASSWORD", + "value": "${JGROUPS_ENCRYPT_PASSWORD}" + }, + { + "name": "JGROUPS_CLUSTER_PASSWORD", + "value": "${JGROUPS_CLUSTER_PASSWORD}" } ] } @@ -524,7 +604,13 @@ { "name": "eap-keystore-volume", "secret": { - "secretName": "${EAP_HTTPS_SECRET}" + "secretName": "${HTTPS_SECRET}" + } + }, + { + "name": "eap-jgroups-keystore-volume", + "secret": { + "secretName": "${JGROUPS_ENCRYPT_SECRET}" } } ] @@ -626,4 +712,4 @@ } } ] -}
\ No newline at end of file +} diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-mysql-persistent-s2i.json index fdd368a5f..d2631580b 100644 --- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-mysql-persistent-s2i.json +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-mysql-persistent-s2i.json @@ -6,13 +6,13 @@ "description": "Application template for EAP 6 MySQL applications with persistent storage built using S2I.", "iconClass": "icon-jboss", "tags": "eap,mysql,javaee,java,database,jboss,xpaas", - "version": "1.1.0" + "version": "1.2.0" }, "name": "eap64-mysql-persistent-s2i" }, "labels": { "template": "eap64-mysql-persistent-s2i", - "xpaas": "1.1.0" + "xpaas": "1.2.0" }, "parameters": [ { @@ -22,8 +22,14 @@ "required": true }, { - "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>", - "name": "APPLICATION_DOMAIN", + "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>", + "name": "HOSTNAME_HTTP", + "value": "", + "required": false + }, + { + "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>", + "name": "HOSTNAME_HTTPS", "value": "", "required": false }, @@ -36,7 +42,7 @@ { "description": "Git branch/tag reference", "name": "SOURCE_REPOSITORY_REF", - "value": "1.1", + "value": "1.2", "required": false }, { @@ -77,25 +83,25 @@ }, { "description": "The name of the secret containing the keystore file", - "name": "EAP_HTTPS_SECRET", + "name": "HTTPS_SECRET", "value": "eap-app-secret", "required": false }, { "description": "The name of the keystore file within the secret", - "name": "EAP_HTTPS_KEYSTORE", + "name": "HTTPS_KEYSTORE", "value": "keystore.jks", "required": false }, { "description": "The name associated with the server certificate", - "name": "EAP_HTTPS_NAME", + "name": "HTTPS_NAME", "value": "", "required": false }, { "description": "The password for the keystore and certificate", - "name": "EAP_HTTPS_PASSWORD", + "name": "HTTPS_PASSWORD", "value": "", "required": false }, @@ -179,6 +185,37 @@ "name": "IMAGE_STREAM_NAMESPACE", "value": "openshift", "required": true + }, + { + "description": "The name of the secret containing the keystore file", + "name": "JGROUPS_ENCRYPT_SECRET", + "value": "eap-app-secret", + "required": false + }, + { + "description": "The name of the keystore file within the secret", + "name": "JGROUPS_ENCRYPT_KEYSTORE", + "value": "jgroups.jceks", + "required": false + }, + { + "description": "The name associated with the server certificate", + "name": "JGROUPS_ENCRYPT_NAME", + "value": "", + "required": false + }, + { + "description": "The password for the keystore and certificate", + "name": "JGROUPS_ENCRYPT_PASSWORD", + "value": "", + "required": false + }, + { + "description": "JGroups cluster password", + "name": "JGROUPS_CLUSTER_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true } ], "objects": [ @@ -268,7 +305,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTP}", "to": { "name": "${APPLICATION_NAME}" } @@ -288,7 +325,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTPS}", "to": { "name": "secure-${APPLICATION_NAME}" }, @@ -332,7 +369,7 @@ "from": { "kind": "ImageStreamTag", "namespace": "${IMAGE_STREAM_NAMESPACE}", - "name": "jboss-eap64-openshift:1.1" + "name": "jboss-eap64-openshift:1.2" } } }, @@ -421,8 +458,22 @@ "name": "eap-keystore-volume", "mountPath": "/etc/eap-secret-volume", "readOnly": true + }, + { + "name": "eap-jgroups-keystore-volume", + "mountPath": "/etc/jgroups-encrypt-secret-volume", + "readOnly": true } ], + "livenessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/eap/bin/livenessProbe.sh" + ] + } + }, "readinessProbe": { "exec": { "command": [ @@ -434,6 +485,11 @@ }, "ports": [ { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, + { "name": "http", "containerPort": 8080, "protocol": "TCP" @@ -499,20 +555,20 @@ } }, { - "name": "EAP_HTTPS_KEYSTORE_DIR", + "name": "HTTPS_KEYSTORE_DIR", "value": "/etc/eap-secret-volume" }, { - "name": "EAP_HTTPS_KEYSTORE", - "value": "${EAP_HTTPS_KEYSTORE}" + "name": "HTTPS_KEYSTORE", + "value": "${HTTPS_KEYSTORE}" }, { - "name": "EAP_HTTPS_NAME", - "value": "${EAP_HTTPS_NAME}" + "name": "HTTPS_NAME", + "value": "${HTTPS_NAME}" }, { - "name": "EAP_HTTPS_PASSWORD", - "value": "${EAP_HTTPS_PASSWORD}" + "name": "HTTPS_PASSWORD", + "value": "${HTTPS_PASSWORD}" }, { "name": "HORNETQ_CLUSTER_PASSWORD", @@ -525,6 +581,30 @@ { "name": "HORNETQ_TOPICS", "value": "${HORNETQ_TOPICS}" + }, + { + "name": "JGROUPS_ENCRYPT_SECRET", + "value": "${JGROUPS_ENCRYPT_SECRET}" + }, + { + "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR", + "value": "/etc/jgroups-encrypt-secret-volume" + }, + { + "name": "JGROUPS_ENCRYPT_KEYSTORE", + "value": "${JGROUPS_ENCRYPT_KEYSTORE}" + }, + { + "name": "JGROUPS_ENCRYPT_NAME", + "value": "${JGROUPS_ENCRYPT_NAME}" + }, + { + "name": "JGROUPS_ENCRYPT_PASSWORD", + "value": "${JGROUPS_ENCRYPT_PASSWORD}" + }, + { + "name": "JGROUPS_CLUSTER_PASSWORD", + "value": "${JGROUPS_CLUSTER_PASSWORD}" } ] } @@ -533,7 +613,13 @@ { "name": "eap-keystore-volume", "secret": { - "secretName": "${EAP_HTTPS_SECRET}" + "secretName": "${HTTPS_SECRET}" + } + }, + { + "name": "eap-jgroups-keystore-volume", + "secret": { + "secretName": "${JGROUPS_ENCRYPT_SECRET}" } } ] @@ -673,4 +759,4 @@ } } ] -}
\ No newline at end of file +} diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-mysql-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-mysql-s2i.json index ff6bdc112..ba6a32fec 100644 --- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-mysql-s2i.json +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-mysql-s2i.json @@ -6,13 +6,13 @@ "description": "Application template for EAP 6 MySQL applications built using S2I.", "iconClass": "icon-jboss", "tags": "eap,mysql,javaee,java,database,jboss,xpaas", - "version": "1.1.0" + "version": "1.2.0" }, "name": "eap64-mysql-s2i" }, "labels": { "template": "eap64-mysql-s2i", - "xpaas": "1.1.0" + "xpaas": "1.2.0" }, "parameters": [ { @@ -22,8 +22,14 @@ "required": true }, { - "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>", - "name": "APPLICATION_DOMAIN", + "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>", + "name": "HOSTNAME_HTTP", + "value": "", + "required": false + }, + { + "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>", + "name": "HOSTNAME_HTTPS", "value": "", "required": false }, @@ -36,7 +42,7 @@ { "description": "Git branch/tag reference", "name": "SOURCE_REPOSITORY_REF", - "value": "1.1", + "value": "1.2", "required": false }, { @@ -71,25 +77,25 @@ }, { "description": "The name of the secret containing the keystore file", - "name": "EAP_HTTPS_SECRET", + "name": "HTTPS_SECRET", "value": "eap-app-secret", "required": false }, { "description": "The name of the keystore file within the secret", - "name": "EAP_HTTPS_KEYSTORE", + "name": "HTTPS_KEYSTORE", "value": "keystore.jks", "required": false }, { "description": "The name associated with the server certificate", - "name": "EAP_HTTPS_NAME", + "name": "HTTPS_NAME", "value": "", "required": false }, { "description": "The password for the keystore and certificate", - "name": "EAP_HTTPS_PASSWORD", + "name": "HTTPS_PASSWORD", "value": "", "required": false }, @@ -173,6 +179,37 @@ "name": "IMAGE_STREAM_NAMESPACE", "value": "openshift", "required": true + }, + { + "description": "The name of the secret containing the keystore file", + "name": "JGROUPS_ENCRYPT_SECRET", + "value": "eap-app-secret", + "required": false + }, + { + "description": "The name of the keystore file within the secret", + "name": "JGROUPS_ENCRYPT_KEYSTORE", + "value": "jgroups.jceks", + "required": false + }, + { + "description": "The name associated with the server certificate", + "name": "JGROUPS_ENCRYPT_NAME", + "value": "", + "required": false + }, + { + "description": "The password for the keystore and certificate", + "name": "JGROUPS_ENCRYPT_PASSWORD", + "value": "", + "required": false + }, + { + "description": "JGroups cluster password", + "name": "JGROUPS_CLUSTER_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true } ], "objects": [ @@ -262,7 +299,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTP}", "to": { "name": "${APPLICATION_NAME}" } @@ -282,7 +319,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTPS}", "to": { "name": "secure-${APPLICATION_NAME}" }, @@ -326,7 +363,7 @@ "from": { "kind": "ImageStreamTag", "namespace": "${IMAGE_STREAM_NAMESPACE}", - "name": "jboss-eap64-openshift:1.1" + "name": "jboss-eap64-openshift:1.2" } } }, @@ -415,8 +452,22 @@ "name": "eap-keystore-volume", "mountPath": "/etc/eap-secret-volume", "readOnly": true + }, + { + "name": "eap-jgroups-keystore-volume", + "mountPath": "/etc/jgroups-encrypt-secret-volume", + "readOnly": true } ], + "livenessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/eap/bin/livenessProbe.sh" + ] + } + }, "readinessProbe": { "exec": { "command": [ @@ -428,6 +479,11 @@ }, "ports": [ { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, + { "name": "http", "containerPort": 8080, "protocol": "TCP" @@ -493,20 +549,20 @@ } }, { - "name": "EAP_HTTPS_KEYSTORE_DIR", + "name": "HTTPS_KEYSTORE_DIR", "value": "/etc/eap-secret-volume" }, { - "name": "EAP_HTTPS_KEYSTORE", - "value": "${EAP_HTTPS_KEYSTORE}" + "name": "HTTPS_KEYSTORE", + "value": "${HTTPS_KEYSTORE}" }, { - "name": "EAP_HTTPS_NAME", - "value": "${EAP_HTTPS_NAME}" + "name": "HTTPS_NAME", + "value": "${HTTPS_NAME}" }, { - "name": "EAP_HTTPS_PASSWORD", - "value": "${EAP_HTTPS_PASSWORD}" + "name": "HTTPS_PASSWORD", + "value": "${HTTPS_PASSWORD}" }, { "name": "HORNETQ_CLUSTER_PASSWORD", @@ -519,6 +575,30 @@ { "name": "HORNETQ_TOPICS", "value": "${HORNETQ_TOPICS}" + }, + { + "name": "JGROUPS_ENCRYPT_SECRET", + "value": "${JGROUPS_ENCRYPT_SECRET}" + }, + { + "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR", + "value": "/etc/jgroups-encrypt-secret-volume" + }, + { + "name": "JGROUPS_ENCRYPT_KEYSTORE", + "value": "${JGROUPS_ENCRYPT_KEYSTORE}" + }, + { + "name": "JGROUPS_ENCRYPT_NAME", + "value": "${JGROUPS_ENCRYPT_NAME}" + }, + { + "name": "JGROUPS_ENCRYPT_PASSWORD", + "value": "${JGROUPS_ENCRYPT_PASSWORD}" + }, + { + "name": "JGROUPS_CLUSTER_PASSWORD", + "value": "${JGROUPS_CLUSTER_PASSWORD}" } ] } @@ -527,7 +607,13 @@ { "name": "eap-keystore-volume", "secret": { - "secretName": "${EAP_HTTPS_SECRET}" + "secretName": "${HTTPS_SECRET}" + } + }, + { + "name": "eap-jgroups-keystore-volume", + "secret": { + "secretName": "${JGROUPS_ENCRYPT_SECRET}" } } ] @@ -633,4 +719,4 @@ } } ] -}
\ No newline at end of file +} diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-postgresql-persistent-s2i.json index 6443afdb0..670260769 100644 --- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-postgresql-persistent-s2i.json +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-postgresql-persistent-s2i.json @@ -6,13 +6,13 @@ "description": "Application template for EAP 6 PostgreSQL applications with persistent storage built using S2I.", "iconClass": "icon-jboss", "tags": "eap,postgresql,javaee,java,database,jboss,xpaas", - "version": "1.1.0" + "version": "1.2.0" }, "name": "eap64-postgresql-persistent-s2i" }, "labels": { "template": "eap64-postgresql-persistent-s2i", - "xpaas": "1.1.0" + "xpaas": "1.2.0" }, "parameters": [ { @@ -22,8 +22,14 @@ "required": true }, { - "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>", - "name": "APPLICATION_DOMAIN", + "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>", + "name": "HOSTNAME_HTTP", + "value": "", + "required": false + }, + { + "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>", + "name": "HOSTNAME_HTTPS", "value": "", "required": false }, @@ -36,7 +42,7 @@ { "description": "Git branch/tag reference", "name": "SOURCE_REPOSITORY_REF", - "value": "1.1", + "value": "1.2", "required": false }, { @@ -77,25 +83,25 @@ }, { "description": "The name of the secret containing the keystore file", - "name": "EAP_HTTPS_SECRET", + "name": "HTTPS_SECRET", "value": "eap-app-secret", "required": false }, { "description": "The name of the keystore file within the secret", - "name": "EAP_HTTPS_KEYSTORE", + "name": "HTTPS_KEYSTORE", "value": "keystore.jks", "required": false }, { "description": "The name associated with the server certificate", - "name": "EAP_HTTPS_NAME", + "name": "HTTPS_NAME", "value": "", "required": false }, { "description": "The password for the keystore and certificate", - "name": "EAP_HTTPS_PASSWORD", + "name": "HTTPS_PASSWORD", "value": "", "required": false }, @@ -164,6 +170,37 @@ "name": "IMAGE_STREAM_NAMESPACE", "value": "openshift", "required": true + }, + { + "description": "The name of the secret containing the keystore file", + "name": "JGROUPS_ENCRYPT_SECRET", + "value": "eap-app-secret", + "required": false + }, + { + "description": "The name of the keystore file within the secret", + "name": "JGROUPS_ENCRYPT_KEYSTORE", + "value": "jgroups.jceks", + "required": false + }, + { + "description": "The name associated with the server certificate", + "name": "JGROUPS_ENCRYPT_NAME", + "value": "", + "required": false + }, + { + "description": "The password for the keystore and certificate", + "name": "JGROUPS_ENCRYPT_PASSWORD", + "value": "", + "required": false + }, + { + "description": "JGroups cluster password", + "name": "JGROUPS_CLUSTER_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true } ], "objects": [ @@ -253,7 +290,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTP}", "to": { "name": "${APPLICATION_NAME}" } @@ -273,7 +310,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTPS}", "to": { "name": "secure-${APPLICATION_NAME}" }, @@ -317,7 +354,7 @@ "from": { "kind": "ImageStreamTag", "namespace": "${IMAGE_STREAM_NAMESPACE}", - "name": "jboss-eap64-openshift:1.1" + "name": "jboss-eap64-openshift:1.2" } } }, @@ -406,8 +443,22 @@ "name": "eap-keystore-volume", "mountPath": "/etc/eap-secret-volume", "readOnly": true + }, + { + "name": "eap-jgroups-keystore-volume", + "mountPath": "/etc/jgroups-encrypt-secret-volume", + "readOnly": true } ], + "livenessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/eap/bin/livenessProbe.sh" + ] + } + }, "readinessProbe": { "exec": { "command": [ @@ -419,6 +470,11 @@ }, "ports": [ { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, + { "name": "http", "containerPort": 8080, "protocol": "TCP" @@ -484,20 +540,20 @@ } }, { - "name": "EAP_HTTPS_KEYSTORE_DIR", + "name": "HTTPS_KEYSTORE_DIR", "value": "/etc/eap-secret-volume" }, { - "name": "EAP_HTTPS_KEYSTORE", - "value": "${EAP_HTTPS_KEYSTORE}" + "name": "HTTPS_KEYSTORE", + "value": "${HTTPS_KEYSTORE}" }, { - "name": "EAP_HTTPS_NAME", - "value": "${EAP_HTTPS_NAME}" + "name": "HTTPS_NAME", + "value": "${HTTPS_NAME}" }, { - "name": "EAP_HTTPS_PASSWORD", - "value": "${EAP_HTTPS_PASSWORD}" + "name": "HTTPS_PASSWORD", + "value": "${HTTPS_PASSWORD}" }, { "name": "HORNETQ_CLUSTER_PASSWORD", @@ -510,6 +566,30 @@ { "name": "HORNETQ_TOPICS", "value": "${HORNETQ_TOPICS}" + }, + { + "name": "JGROUPS_ENCRYPT_SECRET", + "value": "${JGROUPS_ENCRYPT_SECRET}" + }, + { + "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR", + "value": "/etc/jgroups-encrypt-secret-volume" + }, + { + "name": "JGROUPS_ENCRYPT_KEYSTORE", + "value": "${JGROUPS_ENCRYPT_KEYSTORE}" + }, + { + "name": "JGROUPS_ENCRYPT_NAME", + "value": "${JGROUPS_ENCRYPT_NAME}" + }, + { + "name": "JGROUPS_ENCRYPT_PASSWORD", + "value": "${JGROUPS_ENCRYPT_PASSWORD}" + }, + { + "name": "JGROUPS_CLUSTER_PASSWORD", + "value": "${JGROUPS_CLUSTER_PASSWORD}" } ] } @@ -518,7 +598,13 @@ { "name": "eap-keystore-volume", "secret": { - "secretName": "${EAP_HTTPS_SECRET}" + "secretName": "${HTTPS_SECRET}" + } + }, + { + "name": "eap-jgroups-keystore-volume", + "secret": { + "secretName": "${JGROUPS_ENCRYPT_SECRET}" } } ] @@ -646,4 +732,4 @@ } } ] -}
\ No newline at end of file +} diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-postgresql-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-postgresql-s2i.json index e879e51cf..822731335 100644 --- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-postgresql-s2i.json +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-postgresql-s2i.json @@ -6,13 +6,13 @@ "description": "Application template for EAP 6 PostgreSQL applications built using S2I.", "iconClass": "icon-jboss", "tags": "eap,postgresql,javaee,java,database,jboss,xpaas", - "version": "1.1.0" + "version": "1.2.0" }, "name": "eap64-postgresql-s2i" }, "labels": { "template": "eap64-postgresql-s2i", - "xpaas": "1.1.0" + "xpaas": "1.2.0" }, "parameters": [ { @@ -22,8 +22,14 @@ "required": true }, { - "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>", - "name": "APPLICATION_DOMAIN", + "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>", + "name": "HOSTNAME_HTTP", + "value": "", + "required": false + }, + { + "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>", + "name": "HOSTNAME_HTTPS", "value": "", "required": false }, @@ -36,7 +42,7 @@ { "description": "Git branch/tag reference", "name": "SOURCE_REPOSITORY_REF", - "value": "1.1", + "value": "1.2", "required": false }, { @@ -71,25 +77,25 @@ }, { "description": "The name of the secret containing the keystore file", - "name": "EAP_HTTPS_SECRET", + "name": "HTTPS_SECRET", "value": "eap-app-secret", "required": false }, { "description": "The name of the keystore file within the secret", - "name": "EAP_HTTPS_KEYSTORE", + "name": "HTTPS_KEYSTORE", "value": "keystore.jks", "required": false }, { "description": "The name associated with the server certificate", - "name": "EAP_HTTPS_NAME", + "name": "HTTPS_NAME", "value": "", "required": false }, { "description": "The password for the keystore and certificate", - "name": "EAP_HTTPS_PASSWORD", + "name": "HTTPS_PASSWORD", "value": "", "required": false }, @@ -158,6 +164,37 @@ "name": "IMAGE_STREAM_NAMESPACE", "value": "openshift", "required": true + }, + { + "description": "The name of the secret containing the keystore file", + "name": "JGROUPS_ENCRYPT_SECRET", + "value": "eap-app-secret", + "required": false + }, + { + "description": "The name of the keystore file within the secret", + "name": "JGROUPS_ENCRYPT_KEYSTORE", + "value": "jgroups.jceks", + "required": false + }, + { + "description": "The name associated with the server certificate", + "name": "JGROUPS_ENCRYPT_NAME", + "value": "", + "required": false + }, + { + "description": "The password for the keystore and certificate", + "name": "JGROUPS_ENCRYPT_PASSWORD", + "value": "", + "required": false + }, + { + "description": "JGroups cluster password", + "name": "JGROUPS_CLUSTER_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true } ], "objects": [ @@ -247,7 +284,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTP}", "to": { "name": "${APPLICATION_NAME}" } @@ -267,7 +304,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTPS}", "to": { "name": "secure-${APPLICATION_NAME}" }, @@ -311,7 +348,7 @@ "from": { "kind": "ImageStreamTag", "namespace": "${IMAGE_STREAM_NAMESPACE}", - "name": "jboss-eap64-openshift:1.1" + "name": "jboss-eap64-openshift:1.2" } } }, @@ -400,8 +437,22 @@ "name": "eap-keystore-volume", "mountPath": "/etc/eap-secret-volume", "readOnly": true + }, + { + "name": "eap-jgroups-keystore-volume", + "mountPath": "/etc/jgroups-encrypt-secret-volume", + "readOnly": true } ], + "livenessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/eap/bin/livenessProbe.sh" + ] + } + }, "readinessProbe": { "exec": { "command": [ @@ -413,6 +464,11 @@ }, "ports": [ { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, + { "name": "http", "containerPort": 8080, "protocol": "TCP" @@ -478,20 +534,20 @@ } }, { - "name": "EAP_HTTPS_KEYSTORE_DIR", + "name": "HTTPS_KEYSTORE_DIR", "value": "/etc/eap-secret-volume" }, { - "name": "EAP_HTTPS_KEYSTORE", - "value": "${EAP_HTTPS_KEYSTORE}" + "name": "HTTPS_KEYSTORE", + "value": "${HTTPS_KEYSTORE}" }, { - "name": "EAP_HTTPS_NAME", - "value": "${EAP_HTTPS_NAME}" + "name": "HTTPS_NAME", + "value": "${HTTPS_NAME}" }, { - "name": "EAP_HTTPS_PASSWORD", - "value": "${EAP_HTTPS_PASSWORD}" + "name": "HTTPS_PASSWORD", + "value": "${HTTPS_PASSWORD}" }, { "name": "HORNETQ_CLUSTER_PASSWORD", @@ -504,6 +560,30 @@ { "name": "HORNETQ_TOPICS", "value": "${HORNETQ_TOPICS}" + }, + { + "name": "JGROUPS_ENCRYPT_SECRET", + "value": "${JGROUPS_ENCRYPT_SECRET}" + }, + { + "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR", + "value": "/etc/jgroups-encrypt-secret-volume" + }, + { + "name": "JGROUPS_ENCRYPT_KEYSTORE", + "value": "${JGROUPS_ENCRYPT_KEYSTORE}" + }, + { + "name": "JGROUPS_ENCRYPT_NAME", + "value": "${JGROUPS_ENCRYPT_NAME}" + }, + { + "name": "JGROUPS_ENCRYPT_PASSWORD", + "value": "${JGROUPS_ENCRYPT_PASSWORD}" + }, + { + "name": "JGROUPS_CLUSTER_PASSWORD", + "value": "${JGROUPS_CLUSTER_PASSWORD}" } ] } @@ -512,7 +592,13 @@ { "name": "eap-keystore-volume", "secret": { - "secretName": "${EAP_HTTPS_SECRET}" + "secretName": "${HTTPS_SECRET}" + } + }, + { + "name": "eap-jgroups-keystore-volume", + "secret": { + "secretName": "${JGROUPS_ENCRYPT_SECRET}" } } ] @@ -606,4 +692,4 @@ } } ] -}
\ No newline at end of file +} diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-basic-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-basic-s2i.json index 729079130..376f2f61b 100644 --- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-basic-s2i.json +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-basic-s2i.json @@ -6,13 +6,13 @@ "iconClass": "icon-tomcat", "description": "Application template for JWS applications built using S2I.", "tags": "tomcat,tomcat7,java,jboss,xpaas", - "version": "1.1.0" + "version": "1.2.0" }, "name": "jws30-tomcat7-basic-s2i" }, "labels": { "template": "jws30-tomcat7-basic-s2i", - "xpaas": "1.1.0" + "xpaas": "1.2.0" }, "parameters": [ { @@ -22,8 +22,8 @@ "required": true }, { - "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>", - "name": "APPLICATION_DOMAIN", + "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>", + "name": "HOSTNAME_HTTP", "value": "", "required": false }, @@ -36,7 +36,7 @@ { "description": "Git branch/tag reference", "name": "SOURCE_REPOSITORY_REF", - "value": "1.1", + "value": "1.2", "required": false }, { @@ -119,7 +119,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTP}", "to": { "name": "${APPLICATION_NAME}" } @@ -160,7 +160,7 @@ "from": { "kind": "ImageStreamTag", "namespace": "${IMAGE_STREAM_NAMESPACE}", - "name": "jboss-webserver30-tomcat7-openshift:1.1" + "name": "jboss-webserver30-tomcat7-openshift:1.2" } } }, @@ -254,6 +254,11 @@ }, "ports": [ { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, + { "name": "http", "containerPort": 8080, "protocol": "TCP" diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-https-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-https-s2i.json index 7ce7e7fe2..e7bbd1154 100644 --- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-https-s2i.json +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-https-s2i.json @@ -6,13 +6,13 @@ "iconClass": "icon-tomcat", "description": "Application template for JWS applications built using S2I.", "tags": "tomcat,tomcat7,java,jboss,xpaas", - "version": "1.1.0" + "version": "1.2.0" }, "name": "jws30-tomcat7-https-s2i" }, "labels": { "template": "jws30-tomcat7-https-s2i", - "xpaas": "1.1.0" + "xpaas": "1.2.0" }, "parameters": [ { @@ -22,8 +22,14 @@ "required": true }, { - "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>", - "name": "APPLICATION_DOMAIN", + "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>", + "name": "HOSTNAME_HTTP", + "value": "", + "required": false + }, + { + "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>", + "name": "HOSTNAME_HTTPS", "value": "", "required": false }, @@ -36,7 +42,7 @@ { "description": "Git branch/tag reference", "name": "SOURCE_REPOSITORY_REF", - "value": "1.1", + "value": "1.2", "required": false }, { @@ -167,7 +173,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTP}", "to": { "name": "${APPLICATION_NAME}" } @@ -187,7 +193,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTPS}", "to": { "name": "secure-${APPLICATION_NAME}" }, @@ -231,7 +237,7 @@ "from": { "kind": "ImageStreamTag", "namespace": "${IMAGE_STREAM_NAMESPACE}", - "name": "jboss-webserver30-tomcat7-openshift:1.1" + "name": "jboss-webserver30-tomcat7-openshift:1.2" } } }, @@ -333,6 +339,11 @@ ], "ports": [ { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, + { "name": "http", "containerPort": 8080, "protocol": "TCP" diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-mongodb-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-mongodb-persistent-s2i.json index 9a08ec0b0..3a3ca8e24 100644 --- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-mongodb-persistent-s2i.json +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-mongodb-persistent-s2i.json @@ -6,13 +6,13 @@ "iconClass": "icon-tomcat", "description": "Application template for JWS MongoDB applications with persistent storage built using S2I.", "tags": "tomcat,tomcat7,mongodb,java,database,jboss,xpaas", - "version": "1.1.0" + "version": "1.2.0" }, "name": "jws30-tomcat7-mongodb-persistent-s2i" }, "labels": { "template": "jws30-tomcat7-mongodb-persistent-s2i", - "xpaas": "1.1.0" + "xpaas": "1.2.0" }, "parameters": [ { @@ -22,8 +22,14 @@ "required": true }, { - "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>", - "name": "APPLICATION_DOMAIN", + "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>", + "name": "HOSTNAME_HTTP", + "value": "", + "required": false + }, + { + "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>", + "name": "HOSTNAME_HTTPS", "value": "", "required": false }, @@ -36,7 +42,7 @@ { "description": "Git branch/tag reference", "name": "SOURCE_REPOSITORY_REF", - "value": "1.1", + "value": "1.2", "required": false }, { @@ -260,7 +266,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTP}", "to": { "name": "${APPLICATION_NAME}" } @@ -280,7 +286,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTPS}", "to": { "name": "secure-${APPLICATION_NAME}" }, @@ -324,7 +330,7 @@ "from": { "kind": "ImageStreamTag", "namespace": "${IMAGE_STREAM_NAMESPACE}", - "name": "jboss-webserver30-tomcat7-openshift:1.1" + "name": "jboss-webserver30-tomcat7-openshift:1.2" } } }, @@ -426,6 +432,11 @@ ], "ports": [ { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, + { "name": "http", "containerPort": 8080, "protocol": "TCP" @@ -640,4 +651,4 @@ } } ] -}
\ No newline at end of file +} diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-mongodb-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-mongodb-s2i.json index b8dfb3ad3..b3fd295b9 100644 --- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-mongodb-s2i.json +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-mongodb-s2i.json @@ -6,13 +6,13 @@ "iconClass": "icon-tomcat", "description": "Application template for JWS MongoDB applications built using S2I.", "tags": "tomcat,tomcat7,mongodb,java,database,jboss,xpaas", - "version": "1.1.0" + "version": "1.2.0" }, "name": "jws30-tomcat7-mongodb-s2i" }, "labels": { "template": "jws30-tomcat7-mongodb-s2i", - "xpaas": "1.1.0" + "xpaas": "1.2.0" }, "parameters": [ { @@ -22,8 +22,14 @@ "required": true }, { - "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>", - "name": "APPLICATION_DOMAIN", + "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>", + "name": "HOSTNAME_HTTP", + "value": "", + "required": false + }, + { + "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>", + "name": "HOSTNAME_HTTPS", "value": "", "required": false }, @@ -36,7 +42,7 @@ { "description": "Git branch/tag reference", "name": "SOURCE_REPOSITORY_REF", - "value": "1.1", + "value": "1.2", "required": false }, { @@ -254,7 +260,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTP}", "to": { "name": "${APPLICATION_NAME}" } @@ -274,7 +280,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTPS}", "to": { "name": "secure-${APPLICATION_NAME}" }, @@ -318,7 +324,7 @@ "from": { "kind": "ImageStreamTag", "namespace": "${IMAGE_STREAM_NAMESPACE}", - "name": "jboss-webserver30-tomcat7-openshift:1.1" + "name": "jboss-webserver30-tomcat7-openshift:1.2" } } }, @@ -420,6 +426,11 @@ ], "ports": [ { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, + { "name": "http", "containerPort": 8080, "protocol": "TCP" @@ -600,4 +611,4 @@ } } ] -}
\ No newline at end of file +} diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-mysql-persistent-s2i.json index d36e330d3..b0b2f5ec4 100644 --- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-mysql-persistent-s2i.json +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-mysql-persistent-s2i.json @@ -6,13 +6,13 @@ "iconClass": "icon-tomcat", "description": "Application template for JWS MySQL applications with persistent storage built using S2I.", "tags": "tomcat,tomcat7,mysql,java,database,jboss,xpaas", - "version": "1.1.0" + "version": "1.2.0" }, "name": "jws30-tomcat7-mysql-persistent-s2i" }, "labels": { "template": "jws30-tomcat7-mysql-persistent-s2i", - "xpaas": "1.1.0" + "xpaas": "1.2.0" }, "parameters": [ { @@ -22,8 +22,14 @@ "required": true }, { - "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>", - "name": "APPLICATION_DOMAIN", + "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>", + "name": "HOSTNAME_HTTP", + "value": "", + "required": false + }, + { + "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>", + "name": "HOSTNAME_HTTPS", "value": "", "required": false }, @@ -36,7 +42,7 @@ { "description": "Git branch/tag reference", "name": "SOURCE_REPOSITORY_REF", - "value": "1.1", + "value": "1.2", "required": false }, { @@ -46,9 +52,9 @@ "required": false }, { - "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb", + "description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/mysqlDS", "name": "DB_JNDI", - "value": "java:jboss/datasources/TodoListDS", + "value": "jboss/datasources/defaultDS", "required": false }, { @@ -263,7 +269,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTP}", "to": { "name": "${APPLICATION_NAME}" } @@ -283,7 +289,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTPS}", "to": { "name": "secure-${APPLICATION_NAME}" }, @@ -327,7 +333,7 @@ "from": { "kind": "ImageStreamTag", "namespace": "${IMAGE_STREAM_NAMESPACE}", - "name": "jboss-webserver30-tomcat7-openshift:1.1" + "name": "jboss-webserver30-tomcat7-openshift:1.2" } } }, @@ -429,6 +435,11 @@ ], "ports": [ { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, + { "name": "http", "containerPort": 8080, "protocol": "TCP" @@ -642,4 +653,4 @@ } } ] -}
\ No newline at end of file +} diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-mysql-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-mysql-s2i.json index f5309db60..e48276f1b 100644 --- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-mysql-s2i.json +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-mysql-s2i.json @@ -6,13 +6,13 @@ "iconClass": "icon-tomcat", "description": "Application template for JWS MySQL applications built using S2I.", "tags": "tomcat,tomcat7,mysql,java,database,jboss,xpaas", - "version": "1.1.0" + "version": "1.2.0" }, "name": "jws30-tomcat7-mysql-s2i" }, "labels": { "template": "jws30-tomcat7-mysql-s2i", - "xpaas": "1.1.0" + "xpaas": "1.2.0" }, "parameters": [ { @@ -22,8 +22,14 @@ "required": true }, { - "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>", - "name": "APPLICATION_DOMAIN", + "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>", + "name": "HOSTNAME_HTTP", + "value": "", + "required": false + }, + { + "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>", + "name": "HOSTNAME_HTTPS", "value": "", "required": false }, @@ -36,7 +42,7 @@ { "description": "Git branch/tag reference", "name": "SOURCE_REPOSITORY_REF", - "value": "1.1", + "value": "1.2", "required": false }, { @@ -46,9 +52,9 @@ "required": false }, { - "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb", + "description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/mysqlDS", "name": "DB_JNDI", - "value": "java:jboss/datasources/TodoListDS", + "value": "jboss/datasources/defaultDS", "required": false }, { @@ -257,7 +263,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTP}", "to": { "name": "${APPLICATION_NAME}" } @@ -277,7 +283,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTPS}", "to": { "name": "secure-${APPLICATION_NAME}" }, @@ -321,7 +327,7 @@ "from": { "kind": "ImageStreamTag", "namespace": "${IMAGE_STREAM_NAMESPACE}", - "name": "jboss-webserver30-tomcat7-openshift:1.1" + "name": "jboss-webserver30-tomcat7-openshift:1.2" } } }, @@ -423,6 +429,11 @@ ], "ports": [ { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, + { "name": "http", "containerPort": 8080, "protocol": "TCP" @@ -602,4 +613,4 @@ } } ] -}
\ No newline at end of file +} diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-postgresql-persistent-s2i.json index ee88a4c69..d7876d066 100644 --- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-postgresql-persistent-s2i.json +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-postgresql-persistent-s2i.json @@ -6,13 +6,13 @@ "iconClass": "icon-tomcat", "description": "Application template for JWS PostgreSQL applications with persistent storage built using S2I.", "tags": "tomcat,tomcat7,postgresql,java,database,jboss,xpaas", - "version": "1.1.0" + "version": "1.2.0" }, "name": "jws30-tomcat7-postgresql-persistent-s2i" }, "labels": { "template": "jws30-tomcat7-postgresql-persistent-s2i", - "xpaas": "1.1.0" + "xpaas": "1.2.0" }, "parameters": [ { @@ -22,8 +22,14 @@ "required": true }, { - "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>", - "name": "APPLICATION_DOMAIN", + "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>", + "name": "HOSTNAME_HTTP", + "value": "", + "required": false + }, + { + "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>", + "name": "HOSTNAME_HTTPS", "value": "", "required": false }, @@ -36,7 +42,7 @@ { "description": "Git branch/tag reference", "name": "SOURCE_REPOSITORY_REF", - "value": "1.1", + "value": "1.2", "required": false }, { @@ -46,9 +52,9 @@ "required": false }, { - "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb", + "description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/postgresqlDS", "name": "DB_JNDI", - "value": "java:jboss/datasources/TodoListDS", + "value": "jboss/datasources/defaultDS", "required": false }, { @@ -248,7 +254,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTP}", "to": { "name": "${APPLICATION_NAME}" } @@ -268,7 +274,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTPS}", "to": { "name": "secure-${APPLICATION_NAME}" }, @@ -312,7 +318,7 @@ "from": { "kind": "ImageStreamTag", "namespace": "${IMAGE_STREAM_NAMESPACE}", - "name": "jboss-webserver30-tomcat7-openshift:1.1" + "name": "jboss-webserver30-tomcat7-openshift:1.2" } } }, @@ -414,6 +420,11 @@ ], "ports": [ { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, + { "name": "http", "containerPort": 8080, "protocol": "TCP" @@ -615,4 +626,4 @@ } } ] -}
\ No newline at end of file +} diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-postgresql-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-postgresql-s2i.json index f5940a7a1..5c1bdf6d5 100644 --- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-postgresql-s2i.json +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-postgresql-s2i.json @@ -6,13 +6,13 @@ "iconClass": "icon-tomcat", "description": "Application template for JWS PostgreSQL applications built using S2I.", "tags": "tomcat,tomcat7,postgresql,java,database,jboss,xpaas", - "version": "1.1.0" + "version": "1.2.0" }, "name": "jws30-tomcat7-postgresql-s2i" }, "labels": { "template": "jws30-tomcat7-postgresql-s2i", - "xpaas": "1.1.0" + "xpaas": "1.2.0" }, "parameters": [ { @@ -22,8 +22,14 @@ "required": true }, { - "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>", - "name": "APPLICATION_DOMAIN", + "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>", + "name": "HOSTNAME_HTTP", + "value": "", + "required": false + }, + { + "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>", + "name": "HOSTNAME_HTTPS", "value": "", "required": false }, @@ -36,7 +42,7 @@ { "description": "Git branch/tag reference", "name": "SOURCE_REPOSITORY_REF", - "value": "1.1", + "value": "1.2", "required": false }, { @@ -46,9 +52,9 @@ "required": false }, { - "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb", + "description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/postgresqlDS", "name": "DB_JNDI", - "value": "java:jboss/datasources/TodoListDS", + "value": "jboss/datasources/defaultDS", "required": false }, { @@ -242,7 +248,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTP}", "to": { "name": "${APPLICATION_NAME}" } @@ -262,7 +268,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTPS}", "to": { "name": "secure-${APPLICATION_NAME}" }, @@ -306,7 +312,7 @@ "from": { "kind": "ImageStreamTag", "namespace": "${IMAGE_STREAM_NAMESPACE}", - "name": "jboss-webserver30-tomcat7-openshift:1.1" + "name": "jboss-webserver30-tomcat7-openshift:1.2" } } }, @@ -408,6 +414,11 @@ ], "ports": [ { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, + { "name": "http", "containerPort": 8080, "protocol": "TCP" @@ -575,4 +586,4 @@ } } ] -}
\ No newline at end of file +} diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-basic-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-basic-s2i.json index b24ce40ae..b425891c6 100644 --- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-basic-s2i.json +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-basic-s2i.json @@ -6,13 +6,13 @@ "iconClass": "icon-tomcat", "description": "Application template for JWS applications built using S2I.", "tags": "tomcat,tomcat8,java,jboss,xpaas", - "version": "1.1.0" + "version": "1.2.0" }, "name": "jws30-tomcat8-basic-s2i" }, "labels": { "template": "jws30-tomcat8-basic-s2i", - "xpaas": "1.1.0" + "xpaas": "1.2.0" }, "parameters": [ { @@ -22,8 +22,8 @@ "required": true }, { - "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>", - "name": "APPLICATION_DOMAIN", + "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>", + "name": "HOSTNAME_HTTP", "value": "", "required": false }, @@ -36,7 +36,7 @@ { "description": "Git branch/tag reference", "name": "SOURCE_REPOSITORY_REF", - "value": "1.1", + "value": "1.2", "required": false }, { @@ -119,7 +119,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTP}", "to": { "name": "${APPLICATION_NAME}" } @@ -160,7 +160,7 @@ "from": { "kind": "ImageStreamTag", "namespace": "${IMAGE_STREAM_NAMESPACE}", - "name": "jboss-webserver30-tomcat8-openshift:1.1" + "name": "jboss-webserver30-tomcat8-openshift:1.2" } } }, @@ -254,6 +254,11 @@ }, "ports": [ { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, + { "name": "http", "containerPort": 8080, "protocol": "TCP" diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-https-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-https-s2i.json index 7e788d0db..a20518cbc 100644 --- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-https-s2i.json +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-https-s2i.json @@ -6,13 +6,13 @@ "iconClass": "icon-tomcat", "description": "Application template for JWS applications built using S2I.", "tags": "tomcat,tomcat8,java,jboss,xpaas", - "version": "1.1.0" + "version": "1.2.0" }, "name": "jws30-tomcat8-https-s2i" }, "labels": { "template": "jws30-tomcat8-https-s2i", - "xpaas": "1.1.0" + "xpaas": "1.2.0" }, "parameters": [ { @@ -22,8 +22,14 @@ "required": true }, { - "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>", - "name": "APPLICATION_DOMAIN", + "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>", + "name": "HOSTNAME_HTTP", + "value": "", + "required": false + }, + { + "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>", + "name": "HOSTNAME_HTTPS", "value": "", "required": false }, @@ -36,7 +42,7 @@ { "description": "Git branch/tag reference", "name": "SOURCE_REPOSITORY_REF", - "value": "1.1", + "value": "1.2", "required": false }, { @@ -167,7 +173,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTP}", "to": { "name": "${APPLICATION_NAME}" } @@ -187,7 +193,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTPS}", "to": { "name": "secure-${APPLICATION_NAME}" }, @@ -231,7 +237,7 @@ "from": { "kind": "ImageStreamTag", "namespace": "${IMAGE_STREAM_NAMESPACE}", - "name": "jboss-webserver30-tomcat8-openshift:1.1" + "name": "jboss-webserver30-tomcat8-openshift:1.2" } } }, @@ -333,6 +339,11 @@ ], "ports": [ { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, + { "name": "http", "containerPort": 8080, "protocol": "TCP" diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-mongodb-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-mongodb-persistent-s2i.json index 2f1d69c75..46b99593d 100644 --- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-mongodb-persistent-s2i.json +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-mongodb-persistent-s2i.json @@ -6,13 +6,13 @@ "iconClass": "icon-tomcat", "description": "Application template for JWS MongoDB applications with persistent storage built using S2I.", "tags": "tomcat,tomcat8,mongodb,java,database,jboss,xpaas", - "version": "1.1.0" + "version": "1.2.0" }, "name": "jws30-tomcat8-mongodb-persistent-s2i" }, "labels": { "template": "jws30-tomcat8-mongodb-persistent-s2i", - "xpaas": "1.1.0" + "xpaas": "1.2.0" }, "parameters": [ { @@ -22,8 +22,14 @@ "required": true }, { - "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>", - "name": "APPLICATION_DOMAIN", + "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>", + "name": "HOSTNAME_HTTP", + "value": "", + "required": false + }, + { + "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>", + "name": "HOSTNAME_HTTPS", "value": "", "required": false }, @@ -36,7 +42,7 @@ { "description": "Git branch/tag reference", "name": "SOURCE_REPOSITORY_REF", - "value": "1.1", + "value": "1.2", "required": false }, { @@ -260,7 +266,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTP}", "to": { "name": "${APPLICATION_NAME}" } @@ -280,7 +286,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTPS}", "to": { "name": "secure-${APPLICATION_NAME}" }, @@ -324,7 +330,7 @@ "from": { "kind": "ImageStreamTag", "namespace": "${IMAGE_STREAM_NAMESPACE}", - "name": "jboss-webserver30-tomcat8-openshift:1.1" + "name": "jboss-webserver30-tomcat8-openshift:1.2" } } }, @@ -426,6 +432,11 @@ ], "ports": [ { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, + { "name": "http", "containerPort": 8080, "protocol": "TCP" @@ -640,4 +651,4 @@ } } ] -}
\ No newline at end of file +} diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-mongodb-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-mongodb-s2i.json index bad676f2e..c01b6888a 100644 --- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-mongodb-s2i.json +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-mongodb-s2i.json @@ -6,13 +6,13 @@ "iconClass": "icon-tomcat", "description": "Application template for JWS MongoDB applications built using S2I.", "tags": "tomcat,tomcat8,mongodb,java,database,jboss,xpaas", - "version": "1.1.0" + "version": "1.2.0" }, "name": "jws30-tomcat8-mongodb-s2i" }, "labels": { "template": "jws30-tomcat8-mongodb-s2i", - "xpaas": "1.1.0" + "xpaas": "1.2.0" }, "parameters": [ { @@ -22,8 +22,14 @@ "required": true }, { - "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>", - "name": "APPLICATION_DOMAIN", + "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>", + "name": "HOSTNAME_HTTP", + "value": "", + "required": false + }, + { + "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>", + "name": "HOSTNAME_HTTPS", "value": "", "required": false }, @@ -36,7 +42,7 @@ { "description": "Git branch/tag reference", "name": "SOURCE_REPOSITORY_REF", - "value": "1.1", + "value": "1.2", "required": false }, { @@ -254,7 +260,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTP}", "to": { "name": "${APPLICATION_NAME}" } @@ -274,7 +280,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTPS}", "to": { "name": "secure-${APPLICATION_NAME}" }, @@ -318,7 +324,7 @@ "from": { "kind": "ImageStreamTag", "namespace": "${IMAGE_STREAM_NAMESPACE}", - "name": "jboss-webserver30-tomcat8-openshift:1.1" + "name": "jboss-webserver30-tomcat8-openshift:1.2" } } }, @@ -420,6 +426,11 @@ ], "ports": [ { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, + { "name": "http", "containerPort": 8080, "protocol": "TCP" @@ -600,4 +611,4 @@ } } ] -}
\ No newline at end of file +} diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-mysql-persistent-s2i.json index e20a45982..ebe1dc6af 100644 --- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-mysql-persistent-s2i.json +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-mysql-persistent-s2i.json @@ -6,13 +6,13 @@ "iconClass": "icon-tomcat", "description": "Application template for JWS MySQL applications with persistent storage built using S2I.", "tags": "tomcat,tomcat8,mysql,java,database,jboss,xpaas", - "version": "1.1.0" + "version": "1.2.0" }, "name": "jws30-tomcat8-mysql-persistent-s2i" }, "labels": { "template": "jws30-tomcat8-mysql-persistent-s2i", - "xpaas": "1.1.0" + "xpaas": "1.2.0" }, "parameters": [ { @@ -22,8 +22,14 @@ "required": true }, { - "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>", - "name": "APPLICATION_DOMAIN", + "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>", + "name": "HOSTNAME_HTTP", + "value": "", + "required": false + }, + { + "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>", + "name": "HOSTNAME_HTTPS", "value": "", "required": false }, @@ -36,7 +42,7 @@ { "description": "Git branch/tag reference", "name": "SOURCE_REPOSITORY_REF", - "value": "1.1", + "value": "1.2", "required": false }, { @@ -46,9 +52,9 @@ "required": false }, { - "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb", + "description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/mysqlDS", "name": "DB_JNDI", - "value": "java:jboss/datasources/TodoListDS", + "value": "jboss/datasources/defaultDS", "required": false }, { @@ -263,7 +269,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTP}", "to": { "name": "${APPLICATION_NAME}" } @@ -283,7 +289,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTPS}", "to": { "name": "secure-${APPLICATION_NAME}" }, @@ -327,7 +333,7 @@ "from": { "kind": "ImageStreamTag", "namespace": "${IMAGE_STREAM_NAMESPACE}", - "name": "jboss-webserver30-tomcat8-openshift:1.1" + "name": "jboss-webserver30-tomcat8-openshift:1.2" } } }, @@ -429,6 +435,11 @@ ], "ports": [ { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, + { "name": "http", "containerPort": 8080, "protocol": "TCP" @@ -642,4 +653,4 @@ } } ] -}
\ No newline at end of file +} diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-mysql-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-mysql-s2i.json index 1b9624756..fe068842a 100644 --- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-mysql-s2i.json +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-mysql-s2i.json @@ -6,13 +6,13 @@ "iconClass": "icon-tomcat", "description": "Application template for JWS MySQL applications built using S2I.", "tags": "tomcat,tomcat8,mysql,java,database,jboss,xpaas", - "version": "1.1.0" + "version": "1.2.0" }, "name": "jws30-tomcat8-mysql-s2i" }, "labels": { "template": "jws30-tomcat8-mysql-s2i", - "xpaas": "1.1.0" + "xpaas": "1.2.0" }, "parameters": [ { @@ -22,8 +22,14 @@ "required": true }, { - "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>", - "name": "APPLICATION_DOMAIN", + "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>", + "name": "HOSTNAME_HTTP", + "value": "", + "required": false + }, + { + "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>", + "name": "HOSTNAME_HTTPS", "value": "", "required": false }, @@ -36,7 +42,7 @@ { "description": "Git branch/tag reference", "name": "SOURCE_REPOSITORY_REF", - "value": "1.1", + "value": "1.2", "required": false }, { @@ -46,9 +52,9 @@ "required": false }, { - "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb", + "description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/mysqlDS", "name": "DB_JNDI", - "value": "java:jboss/datasources/TodoListDS", + "value": "jboss/datasources/defaultDS", "required": false }, { @@ -257,7 +263,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTP}", "to": { "name": "${APPLICATION_NAME}" } @@ -277,7 +283,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTPS}", "to": { "name": "secure-${APPLICATION_NAME}" }, @@ -321,7 +327,7 @@ "from": { "kind": "ImageStreamTag", "namespace": "${IMAGE_STREAM_NAMESPACE}", - "name": "jboss-webserver30-tomcat8-openshift:1.1" + "name": "jboss-webserver30-tomcat8-openshift:1.2" } } }, @@ -423,6 +429,11 @@ ], "ports": [ { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, + { "name": "http", "containerPort": 8080, "protocol": "TCP" @@ -602,4 +613,4 @@ } } ] -}
\ No newline at end of file +} diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-postgresql-persistent-s2i.json index dc492a38e..302a55315 100644 --- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-postgresql-persistent-s2i.json +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-postgresql-persistent-s2i.json @@ -6,13 +6,13 @@ "iconClass": "icon-tomcat", "description": "Application template for JWS PostgreSQL applications with persistent storage built using S2I.", "tags": "tomcat,tomcat8,postgresql,java,database,jboss,xpaas", - "version": "1.1.0" + "version": "1.2.0" }, "name": "jws30-tomcat8-postgresql-persistent-s2i" }, "labels": { "template": "jws30-tomcat8-postgresql-persistent-s2i", - "xpaas": "1.1.0" + "xpaas": "1.2.0" }, "parameters": [ { @@ -22,8 +22,14 @@ "required": true }, { - "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>", - "name": "APPLICATION_DOMAIN", + "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>", + "name": "HOSTNAME_HTTP", + "value": "", + "required": false + }, + { + "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>", + "name": "HOSTNAME_HTTPS", "value": "", "required": false }, @@ -36,7 +42,7 @@ { "description": "Git branch/tag reference", "name": "SOURCE_REPOSITORY_REF", - "value": "1.1", + "value": "1.2", "required": false }, { @@ -46,9 +52,9 @@ "required": false }, { - "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb", + "description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/postgresqlDS", "name": "DB_JNDI", - "value": "java:jboss/datasources/TodoListDS", + "value": "jboss/datasources/defaultDS", "required": false }, { @@ -248,7 +254,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTP}", "to": { "name": "${APPLICATION_NAME}" } @@ -268,7 +274,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTPS}", "to": { "name": "secure-${APPLICATION_NAME}" }, @@ -312,7 +318,7 @@ "from": { "kind": "ImageStreamTag", "namespace": "${IMAGE_STREAM_NAMESPACE}", - "name": "jboss-webserver30-tomcat8-openshift:1.1" + "name": "jboss-webserver30-tomcat8-openshift:1.2" } } }, @@ -414,6 +420,11 @@ ], "ports": [ { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, + { "name": "http", "containerPort": 8080, "protocol": "TCP" @@ -615,4 +626,4 @@ } } ] -}
\ No newline at end of file +} diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-postgresql-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-postgresql-s2i.json index 242b37a79..af2415905 100644 --- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-postgresql-s2i.json +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-postgresql-s2i.json @@ -6,13 +6,13 @@ "iconClass": "icon-tomcat", "description": "Application template for JWS PostgreSQL applications built using S2I.", "tags": "tomcat,tomcat8,postgresql,java,database,jboss,xpaas", - "version": "1.1.0" + "version": "1.2.0" }, "name": "jws30-tomcat8-postgresql-s2i" }, "labels": { "template": "jws30-tomcat8-postgresql-s2i", - "xpaas": "1.1.0" + "xpaas": "1.2.0" }, "parameters": [ { @@ -22,8 +22,14 @@ "required": true }, { - "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>", - "name": "APPLICATION_DOMAIN", + "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>", + "name": "HOSTNAME_HTTP", + "value": "", + "required": false + }, + { + "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>", + "name": "HOSTNAME_HTTPS", "value": "", "required": false }, @@ -36,7 +42,7 @@ { "description": "Git branch/tag reference", "name": "SOURCE_REPOSITORY_REF", - "value": "1.1", + "value": "1.2", "required": false }, { @@ -46,9 +52,9 @@ "required": false }, { - "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb", + "description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/postgresqlDS", "name": "DB_JNDI", - "value": "java:jboss/datasources/TodoListDS", + "value": "jboss/datasources/defaultDS", "required": false }, { @@ -242,7 +248,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTP}", "to": { "name": "${APPLICATION_NAME}" } @@ -262,7 +268,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTPS}", "to": { "name": "secure-${APPLICATION_NAME}" }, @@ -306,7 +312,7 @@ "from": { "kind": "ImageStreamTag", "namespace": "${IMAGE_STREAM_NAMESPACE}", - "name": "jboss-webserver30-tomcat8-openshift:1.1" + "name": "jboss-webserver30-tomcat8-openshift:1.2" } } }, @@ -407,6 +413,11 @@ ], "ports": [ { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, + { "name": "http", "containerPort": 8080, "protocol": "TCP" @@ -573,4 +584,4 @@ } } ] -}
\ No newline at end of file +} diff --git a/roles/openshift_expand_partition/README.md b/roles/openshift_expand_partition/README.md index cd394e1ba..aed4ec871 100644 --- a/roles/openshift_expand_partition/README.md +++ b/roles/openshift_expand_partition/README.md @@ -8,7 +8,7 @@ partition, and then expanding the file system on the partition. * A machine with a disk that is not fully utilized -* cloud-utils-growpart rpm (either installed or avialable via yum) +* cloud-utils-growpart rpm (either installed or avialable via yum or dnf) * The partition you are expanding needs to be at the end of the partition list diff --git a/roles/openshift_expand_partition/tasks/main.yml b/roles/openshift_expand_partition/tasks/main.yml index 8bc399070..cdd813e6a 100644 --- a/roles/openshift_expand_partition/tasks/main.yml +++ b/roles/openshift_expand_partition/tasks/main.yml @@ -1,6 +1,14 @@ --- - name: Ensure growpart is installed - yum: pkg=cloud-utils-growpart state=present + action: "{{ ansible_pkg_mgr }} name=cloud-utils-growpart state=present" + when: not openshift.common.is_containerized | bool + +- name: Determine if growpart is installed + command: "rpm -q cloud-utils-growpart" + register: has_growpart + failed_when: "has_growpart.cr != 0 and 'package cloud-utils-growpart is not installed' not in has_growpart.stdout" + changed_when: false + when: openshift.common.is_containerized | bool - name: Grow the partitions command: "growpart {{oep_drive}} {{oep_partition}}" diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py index b60e42c71..be2818dce 100755 --- a/roles/openshift_facts/library/openshift_facts.py +++ b/roles/openshift_facts/library/openshift_facts.py @@ -528,9 +528,9 @@ def set_aggregate_facts(facts): internal_hostnames.add(facts['common']['hostname']) internal_hostnames.add(facts['common']['ip']) + cluster_domain = facts['common']['dns_domain'] + if 'master' in facts: - # FIXME: not sure why but facts['dns']['domain'] fails - cluster_domain = 'cluster.local' if 'cluster_hostname' in facts['master']: all_hostnames.add(facts['master']['cluster_hostname']) if 'cluster_public_hostname' in facts['master']: @@ -623,12 +623,12 @@ def set_deployment_facts_if_unset(facts): service_type = 'atomic-openshift' if deployment_type == 'origin': service_type = 'origin' - elif deployment_type in ['enterprise', 'online']: + elif deployment_type in ['enterprise']: service_type = 'openshift' facts['common']['service_type'] = service_type if 'config_base' not in facts['common']: config_base = '/etc/origin' - if deployment_type in ['enterprise', 'online']: + if deployment_type in ['enterprise']: config_base = '/etc/openshift' # Handle upgrade scenarios when symlinks don't yet exist: if not os.path.exists(config_base) and os.path.exists('/etc/openshift'): @@ -636,13 +636,26 @@ def set_deployment_facts_if_unset(facts): facts['common']['config_base'] = config_base if 'data_dir' not in facts['common']: data_dir = '/var/lib/origin' - if deployment_type in ['enterprise', 'online']: + if deployment_type in ['enterprise']: data_dir = '/var/lib/openshift' # Handle upgrade scenarios when symlinks don't yet exist: if not os.path.exists(data_dir) and os.path.exists('/var/lib/openshift'): data_dir = '/var/lib/openshift' facts['common']['data_dir'] = data_dir + # remove duplicate and empty strings from registry lists + for cat in ['additional', 'blocked', 'insecure']: + key = 'docker_{0}_registries'.format(cat) + if key in facts['common']: + facts['common'][key] = list(set(facts['common'][key]) - set([''])) + + + if deployment_type in ['enterprise', 'atomic-enterprise', 'openshift-enterprise']: + addtl_regs = facts['common'].get('docker_additional_registries', []) + ent_reg = 'registry.access.redhat.com' + if ent_reg not in addtl_regs: + facts['common']['docker_additional_registries'] = addtl_regs + [ent_reg] + for role in ('master', 'node'): if role in facts: deployment_type = facts['common']['deployment_type'] @@ -690,11 +703,36 @@ def set_version_facts_if_unset(facts): if version is not None: if deployment_type == 'origin': version_gt_3_1_or_1_1 = LooseVersion(version) > LooseVersion('1.0.6') + version_gt_3_1_1_or_1_1_1 = LooseVersion(version) > LooseVersion('1.1.1') else: version_gt_3_1_or_1_1 = LooseVersion(version) > LooseVersion('3.0.2.900') + version_gt_3_1_1_or_1_1_1 = LooseVersion(version) > LooseVersion('3.1.1') else: version_gt_3_1_or_1_1 = True + version_gt_3_1_1_or_1_1_1 = True facts['common']['version_greater_than_3_1_or_1_1'] = version_gt_3_1_or_1_1 + facts['common']['version_greater_than_3_1_1_or_1_1_1'] = version_gt_3_1_1_or_1_1_1 + + return facts + +def set_manageiq_facts_if_unset(facts): + """ Set manageiq facts. This currently includes common.use_manageiq. + + Args: + facts (dict): existing facts + Returns: + dict: the facts dict updated with version facts. + Raises: + OpenShiftFactsInternalError: + """ + if 'common' not in facts: + if 'version_greater_than_3_1_or_1_1' not in facts['common']: + raise OpenShiftFactsInternalError( + "Invalid invocation: The required facts are not set" + ) + if 'use_mangeiq' not in facts['common']: + facts['common']['use_manageiq'] = facts['common']['version_greater_than_3_1_or_1_1'] + return facts def set_sdn_facts_if_unset(facts, system_facts): @@ -710,7 +748,8 @@ def set_sdn_facts_if_unset(facts, system_facts): if 'common' in facts: use_sdn = facts['common']['use_openshift_sdn'] if not (use_sdn == '' or isinstance(use_sdn, bool)): - facts['common']['use_openshift_sdn'] = bool(strtobool(str(use_sdn))) + use_sdn = bool(strtobool(str(use_sdn))) + facts['common']['use_openshift_sdn'] = use_sdn if 'sdn_network_plugin_name' not in facts['common']: plugin = 'redhat/openshift-ovs-subnet' if use_sdn else '' facts['common']['sdn_network_plugin_name'] = plugin @@ -919,6 +958,7 @@ def save_local_facts(filename, facts): os.makedirs(fact_dir) with open(filename, 'w') as fact_file: fact_file.write(module.jsonify(facts)) + os.chmod(filename, 0o600) except (IOError, OSError) as ex: raise OpenShiftFactsFileWriteError( "Could not create fact file: %s, error: %s" % (filename, ex) @@ -954,6 +994,58 @@ def get_local_facts_from_file(filename): return local_facts +def set_container_facts_if_unset(facts): + """ Set containerized facts. + + Args: + facts (dict): existing facts + Returns: + dict: the facts dict updated with the generated containerization + facts + """ + deployment_type = facts['common']['deployment_type'] + if deployment_type in ['enterprise', 'openshift-enterprise']: + master_image = 'openshift3/ose' + cli_image = master_image + node_image = 'openshift3/node' + ovs_image = 'openshift3/openvswitch' + etcd_image = 'registry.access.redhat.com/rhel7/etcd' + elif deployment_type == 'atomic-enterprise': + master_image = 'aep3_beta/aep' + cli_image = master_image + node_image = 'aep3_beta/node' + ovs_image = 'aep3_beta/openvswitch' + etcd_image = 'registry.access.redhat.com/rhel7/etcd' + else: + master_image = 'openshift/origin' + cli_image = master_image + node_image = 'openshift/node' + ovs_image = 'openshift/openvswitch' + etcd_image = 'registry.access.redhat.com/rhel7/etcd' + + facts['common']['is_atomic'] = os.path.isfile('/run/ostree-booted') + if 'is_containerized' not in facts['common']: + facts['common']['is_containerized'] = facts['common']['is_atomic'] + if 'cli_image' not in facts['common']: + facts['common']['cli_image'] = cli_image + if 'etcd' in facts and 'etcd_image' not in facts['etcd']: + facts['etcd']['etcd_image'] = etcd_image + if 'master' in facts and 'master_image' not in facts['master']: + facts['master']['master_image'] = master_image + if 'node' in facts: + if 'node_image' not in facts['node']: + facts['node']['node_image'] = node_image + if 'ovs_image' not in facts['node']: + facts['node']['ovs_image'] = ovs_image + + return facts + + +class OpenShiftFactsInternalError(Exception): + """Origin Facts Error""" + pass + + class OpenShiftFactsUnsupportedRoleError(Exception): """Origin Facts Unsupported Role Error""" pass @@ -976,6 +1068,7 @@ class OpenShiftFacts(object): facts (dict): facts for the host Args: + module (AnsibleModule): an AnsibleModule object role (str): role for setting local facts filename (str): local facts file to use local_facts (dict): local facts to set @@ -985,7 +1078,7 @@ class OpenShiftFacts(object): Raises: OpenShiftFactsUnsupportedRoleError: """ - known_roles = ['common', 'master', 'node', 'master_sdn', 'node_sdn', 'dns', 'etcd'] + known_roles = ['common', 'master', 'node', 'master_sdn', 'node_sdn', 'etcd', 'nfs'] def __init__(self, role, filename, local_facts, additive_facts_to_overwrite=False): self.changed = False @@ -1029,8 +1122,10 @@ class OpenShiftFacts(object): facts = set_sdn_facts_if_unset(facts, self.system_facts) facts = set_deployment_facts_if_unset(facts) facts = set_version_facts_if_unset(facts) + facts = set_manageiq_facts_if_unset(facts) facts = set_aggregate_facts(facts) facts = set_etcd_facts_if_unset(facts) + facts = set_container_facts_if_unset(facts) return dict(openshift=facts) def get_defaults(self, roles): @@ -1054,8 +1149,10 @@ class OpenShiftFacts(object): common = dict(use_openshift_sdn=True, ip=ip_addr, public_ip=ip_addr, deployment_type='origin', hostname=hostname, public_hostname=hostname) - common['client_binary'] = 'oc' if os.path.isfile('/usr/bin/oc') else 'osc' - common['admin_binary'] = 'oadm' if os.path.isfile('/usr/bin/oadm') else 'osadm' + common['client_binary'] = 'oc' + common['admin_binary'] = 'oadm' + common['dns_domain'] = 'cluster.local' + common['install_examples'] = True defaults['common'] = common if 'master' in roles: @@ -1077,6 +1174,11 @@ class OpenShiftFacts(object): iptables_sync_period='5s', set_node_ip=False) defaults['node'] = node + if 'nfs' in roles: + nfs = dict(exports_dir='/var/export', registry_volume='regvol', + export_options='*(rw,sync,all_squash)') + defaults['nfs'] = nfs + return defaults def guess_host_provider(self): @@ -1188,14 +1290,78 @@ class OpenShiftFacts(object): del facts[key] if new_local_facts != local_facts: + self.validate_local_facts(new_local_facts) changed = True - if not module.check_mode: save_local_facts(self.filename, new_local_facts) self.changed = changed return new_local_facts + def validate_local_facts(self, facts=None): + """ Validate local facts + + Args: + facts (dict): local facts to validate + """ + invalid_facts = dict() + invalid_facts = self.validate_master_facts(facts, invalid_facts) + if invalid_facts: + msg = 'Invalid facts detected:\n' + for key in invalid_facts.keys(): + msg += '{0}: {1}\n'.format(key, invalid_facts[key]) + module.fail_json(msg=msg, + changed=self.changed) + + # disabling pylint errors for line-too-long since we're dealing + # with best effort reduction of error messages here. + # disabling errors for too-many-branches since we require checking + # many conditions. + # pylint: disable=line-too-long, too-many-branches + @staticmethod + def validate_master_facts(facts, invalid_facts): + """ Validate master facts + + Args: + facts (dict): local facts to validate + invalid_facts (dict): collected invalid_facts + + Returns: + dict: Invalid facts + """ + if 'master' in facts: + # openshift.master.session_auth_secrets + if 'session_auth_secrets' in facts['master']: + session_auth_secrets = facts['master']['session_auth_secrets'] + if not issubclass(type(session_auth_secrets), list): + invalid_facts['session_auth_secrets'] = 'Expects session_auth_secrets is a list.' + elif 'session_encryption_secrets' not in facts['master']: + invalid_facts['session_auth_secrets'] = ('openshift_master_session_encryption secrets must be set ' + 'if openshift_master_session_auth_secrets is provided.') + elif len(session_auth_secrets) != len(facts['master']['session_encryption_secrets']): + invalid_facts['session_auth_secrets'] = ('openshift_master_session_auth_secrets and ' + 'openshift_master_session_encryption_secrets must be ' + 'equal length.') + else: + for secret in session_auth_secrets: + if len(secret) < 32: + invalid_facts['session_auth_secrets'] = ('Invalid secret in session_auth_secrets. ' + 'Secrets must be at least 32 characters in length.') + # openshift.master.session_encryption_secrets + if 'session_encryption_secrets' in facts['master']: + session_encryption_secrets = facts['master']['session_encryption_secrets'] + if not issubclass(type(session_encryption_secrets), list): + invalid_facts['session_encryption_secrets'] = 'Expects session_encryption_secrets is a list.' + elif 'session_auth_secrets' not in facts['master']: + invalid_facts['session_encryption_secrets'] = ('openshift_master_session_auth_secrets must be ' + 'set if openshift_master_session_encryption_secrets ' + 'is provided.') + else: + for secret in session_encryption_secrets: + if len(secret) not in [16, 24, 32]: + invalid_facts['session_encryption_secrets'] = ('Invalid secret in session_encryption_secrets. ' + 'Secrets must be 16, 24, or 32 characters in length.') + return invalid_facts def main(): """ main """ diff --git a/roles/openshift_facts/tasks/main.yml b/roles/openshift_facts/tasks/main.yml index 913f0dc78..87fa99a3b 100644 --- a/roles/openshift_facts/tasks/main.yml +++ b/roles/openshift_facts/tasks/main.yml @@ -5,11 +5,25 @@ - ansible_version | version_compare('1.8.0', 'ge') - ansible_version | version_compare('1.9.0', 'ne') - ansible_version | version_compare('1.9.0.1', 'ne') + +- name: Detecting Operating System + shell: ls /run/ostree-booted + ignore_errors: yes + failed_when: false + register: ostree_output + +# Locally setup containerized facts for now +- set_fact: + l_is_atomic: "{{ ostree_output.rc == 0 }}" +- set_fact: + l_is_containerized: "{{ l_is_atomic or containerized | default(false) | bool }}" - name: Ensure PyYaml is installed - yum: pkg={{ item }} state=installed - with_items: - - PyYAML + action: "{{ ansible_pkg_mgr }} name=PyYAML state=present" + when: not l_is_atomic | bool -- name: Gather Cluster facts +- name: Gather Cluster facts and set is_containerized if needed openshift_facts: + role: common + local_facts: + is_containerized: "{{ containerized | default(None) }}" diff --git a/roles/openshift_manage_node/tasks/main.yml b/roles/openshift_manage_node/tasks/main.yml index 637e494ea..06f12053a 100644 --- a/roles/openshift_manage_node/tasks/main.yml +++ b/roles/openshift_manage_node/tasks/main.yml @@ -5,6 +5,7 @@ until: omd_get_node.rc == 0 retries: 20 delay: 5 + changed_when: false with_items: openshift_nodes - name: Set node schedulability diff --git a/roles/openshift_manageiq/tasks/main.yaml b/roles/openshift_manageiq/tasks/main.yaml new file mode 100644 index 000000000..0357fc85a --- /dev/null +++ b/roles/openshift_manageiq/tasks/main.yaml @@ -0,0 +1,54 @@ +--- +- fail: + msg: "The openshift_manageiq role requires OpenShift Enterprise 3.1 or Origin 1.1." + when: not openshift.common.version_greater_than_3_1_or_1_1 | bool + +- name: Copy Configuration to temporary conf + command: > + cp {{ openshift.common.config_base }}/master/admin.kubeconfig {{manage_iq_tmp_conf}} + changed_when: false + +- name: Add Managment Infrastructure project + command: > + {{ openshift.common.admin_binary }} new-project + management-infra + --description="Management Infrastructure" + --config={{manage_iq_tmp_conf}} + register: osmiq_create_mi_project + failed_when: "'already exists' not in osmiq_create_mi_project.stderr and osmiq_create_mi_project.rc != 0" + changed_when: osmiq_create_mi_project.rc == 0 + +- name: Create Service Account + shell: > + echo {{ manageiq_service_account | to_json | quote }} | + {{ openshift.common.client_binary }} create + -n management-infra + --config={{manage_iq_tmp_conf}} + -f - + register: osmiq_create_service_account + failed_when: "'already exists' not in osmiq_create_service_account.stderr and osmiq_create_service_account.rc != 0" + changed_when: osmiq_create_service_account.rc == 0 + +- name: Create Cluster Role + shell: > + echo {{ manageiq_cluster_role | to_json | quote }} | + {{ openshift.common.client_binary }} create + --config={{manage_iq_tmp_conf}} + -f - + register: osmiq_create_cluster_role + failed_when: "'already exists' not in osmiq_create_cluster_role.stderr and osmiq_create_cluster_role.rc != 0" + changed_when: osmiq_create_cluster_role.rc == 0 + +- name: Configure role/user permissions + command: > + {{ openshift.common.admin_binary }} {{item}} + --config={{manage_iq_tmp_conf}} + with_items: "{{manage_iq_tasks}}" + register: osmiq_perm_task + failed_when: "'already exists' not in osmiq_perm_task.stderr and osmiq_perm_task.rc != 0" + changed_when: osmiq_perm_task.rc == 0 + +- name: Clean temporary configuration file + command: > + rm -f {{manage_iq_tmp_conf}} + changed_when: false diff --git a/roles/openshift_manageiq/vars/main.yml b/roles/openshift_manageiq/vars/main.yml new file mode 100644 index 000000000..77e1c304b --- /dev/null +++ b/roles/openshift_manageiq/vars/main.yml @@ -0,0 +1,24 @@ +manageiq_cluster_role: + apiVersion: v1 + kind: ClusterRole + metadata: + name: management-infra-admin + rules: + - resources: + - pods/proxy + verbs: + - '*' + +manageiq_service_account: + apiVersion: v1 + kind: ServiceAccount + metadata: + name: management-admin + +manage_iq_tmp_conf: /tmp/manageiq_admin.kubeconfig + +manage_iq_tasks: + - policy add-role-to-user -n management-infra admin -z management-admin + - policy add-role-to-user -n management-infra management-infra-admin -z management-admin + - policy add-cluster-role-to-user cluster-reader system:serviceaccount:management-infra:management-admin + - policy add-scc-to-user privileged system:serviceaccount:management-infra:management-admin diff --git a/roles/openshift_master/handlers/main.yml b/roles/openshift_master/handlers/main.yml index 4b9500cbd..e1b95eda4 100644 --- a/roles/openshift_master/handlers/main.yml +++ b/roles/openshift_master/handlers/main.yml @@ -1,14 +1,12 @@ --- - name: restart master service: name={{ openshift.common.service_type }}-master state=restarted - when: (not openshift_master_ha | bool) and (not master_service_status_changed | default(false)) + when: (not openshift_master_ha | bool) and (not (master_service_status_changed | default(false) | bool)) - name: restart master api service: name={{ openshift.common.service_type }}-master-api state=restarted - when: (openshift_master_ha | bool) and (not master_api_service_status_changed | default(false)) and openshift.master.cluster_method == 'native' + when: (openshift_master_ha | bool) and (not (master_api_service_status_changed | default(false) | bool)) and openshift.master.cluster_method == 'native' -# TODO: need to fix up ignore_errors here - name: restart master controllers service: name={{ openshift.common.service_type }}-master-controllers state=restarted - when: (openshift_master_ha | bool) and (not master_controllers_service_status_changed | default(false)) and openshift.master.cluster_method == 'native' - ignore_errors: yes + when: (openshift_master_ha | bool) and (not (master_controllers_service_status_changed | default(false) | bool)) and openshift.master.cluster_method == 'native' diff --git a/roles/openshift_master/meta/main.yml b/roles/openshift_master/meta/main.yml index c125cb5d0..8db99fc2a 100644 --- a/roles/openshift_master/meta/main.yml +++ b/roles/openshift_master/meta/main.yml @@ -13,3 +13,4 @@ galaxy_info: - cloud dependencies: - { role: openshift_common } +- { role: openshift_cli } diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml index 2cf2a53c4..397122631 100644 --- a/roles/openshift_master/tasks/main.yml +++ b/roles/openshift_master/tasks/main.yml @@ -9,7 +9,6 @@ Invalid OAuth grant method: {{ openshift_master_oauth_grant_method }} when: openshift_master_oauth_grant_method is defined and openshift_master_oauth_grant_method not in openshift_master_valid_grant_methods - # HA Variable Validation - fail: msg: "openshift_master_cluster_method must be set to either 'native' or 'pacemaker' for multi-master installations" @@ -20,6 +19,9 @@ - fail: msg: "openshift_master_cluster_password must be set for multi-master installations" when: openshift_master_ha | bool and openshift_master_cluster_method == "pacemaker" and (openshift_master_cluster_password is not defined or not openshift_master_cluster_password) +- fail: + msg: "Pacemaker based HA is not supported at this time when used with containerized installs" + when: openshift_master_ha | bool and openshift_master_cluster_method == "pacemaker" and openshift.common.is_containerized | bool - name: Set master facts openshift_facts: @@ -38,6 +40,8 @@ console_url: "{{ openshift_master_console_url | default(None) }}" console_use_ssl: "{{ openshift_master_console_use_ssl | default(None) }}" public_console_url: "{{ openshift_master_public_console_url | default(None) }}" + logging_public_url: "{{ openshift_master_logging_public_url | default(None) }}" + metrics_public_url: "{{ openshift_master_metrics_public_url | default(None) }}" etcd_hosts: "{{ openshift_master_etcd_hosts | default(None)}}" etcd_port: "{{ openshift_master_etcd_port | default(None) }}" etcd_use_ssl: "{{ openshift_master_etcd_use_ssl | default(None) }}" @@ -50,9 +54,9 @@ portal_net: "{{ openshift_master_portal_net | default(None) }}" session_max_seconds: "{{ openshift_master_session_max_seconds | default(None) }}" session_name: "{{ openshift_master_session_name | default(None) }}" + session_secrets_file: "{{ openshift_master_session_secrets_file | default(None) }}" session_auth_secrets: "{{ openshift_master_session_auth_secrets | default(None) }}" session_encryption_secrets: "{{ openshift_master_session_encryption_secrets | default(None) }}" - session_secrets_file: "{{ openshift_master_session_secrets_file | default(None) }}" access_token_max_seconds: "{{ openshift_master_access_token_max_seconds | default(None) }}" auth_token_max_seconds: "{{ openshift_master_auth_token_max_seconds | default(None) }}" identity_providers: "{{ openshift_master_identity_providers | default(None) }}" @@ -76,19 +80,55 @@ disabled_features: "{{ osm_disabled_features | default(None) }}" master_count: "{{ openshift_master_count | default(None) }}" controller_lease_ttl: "{{ osm_controller_lease_ttl | default(None) }}" + master_image: "{{ osm_image | default(None) }}" - name: Install Master package - yum: pkg={{ openshift.common.service_type }}-master{{ openshift_version }} state=present + action: "{{ ansible_pkg_mgr }} name={{ openshift.common.service_type }}-master{{ openshift_version }} state=present" + when: not openshift.common.is_containerized | bool + +- name: Get docker images + command: docker images + changed_when: false + when: openshift.common.is_containerized | bool + register: docker_images + +- name: Pull master image + command: > + docker pull {{ openshift.master.master_image }} + when: openshift.common.is_containerized | bool and openshift.master.master_image not in docker_images.stdout + +- name: Wait for master image + command: > + docker images + register: docker_images + until: openshift.master.master_image in docker_images.stdout + retries: 30 + delay: 10 + changed_when: false + when: openshift.common.is_containerized | bool + +- name: Install Master docker service file + template: + dest: "/etc/systemd/system/{{ openshift.common.service_type }}-master.service" + src: master.docker.service.j2 register: install_result + when: openshift.common.is_containerized | bool and not openshift_master_ha | bool + +- name: Create openshift.common.data_dir + file: + path: "{{ openshift.common.data_dir }}" + state: directory + mode: 0755 + owner: root + group: root + when: openshift.common.is_containerized | bool -# TODO: These values need to be configurable -- name: Set dns facts +- name: Reload systemd units + command: systemctl daemon-reload + when: openshift.common.is_containerized | bool and install_result | changed + +- name: Re-gather package dependent master facts openshift_facts: - role: dns - local_facts: - ip: "{{ openshift_master_cluster_vip | default(openshift.common.ip, true) | default(None) }}" - domain: cluster.local - when: openshift.master.embedded_dns - name: Create config parent directory if it does not exist file: @@ -117,8 +157,9 @@ - restart master controllers - name: Install httpd-tools if needed - yum: pkg=httpd-tools state=present - when: item.kind == 'HTPasswdPasswordIdentityProvider' + action: "{{ ansible_pkg_mgr }} name=httpd-tools state=present" + when: (item.kind == 'HTPasswdPasswordIdentityProvider') and + not openshift.common.is_atomic | bool with_items: openshift.master.identity_providers - name: Ensure htpasswd directory exists @@ -137,18 +178,27 @@ when: item.kind == 'HTPasswdPasswordIdentityProvider' with_items: openshift.master.identity_providers +- name: Init HA Service Info + set_fact: + ha_suffix: "" + ha_svcdir: "/usr/lib/systemd/system" + +- name: Set HA Service Info for containerized installs + set_fact: + ha_suffix: ".docker" + ha_svcdir: "/etc/systemd/system" + when: openshift.common.is_containerized | bool + # workaround for missing systemd unit files for controllers/api - name: Create the api service file template: - src: atomic-openshift-master-api.service.j2 - dest: /usr/lib/systemd/system/{{ openshift.common.service_type }}-master-api.service - force: no + src: atomic-openshift-master-api{{ ha_suffix }}.service.j2 + dest: "{{ ha_svcdir }}/{{ openshift.common.service_type }}-master-api.service" when: openshift_master_ha | bool and openshift_master_cluster_method == "native" - name: Create the controllers service file template: - src: atomic-openshift-master-controllers.service.j2 - dest: /usr/lib/systemd/system/{{ openshift.common.service_type }}-master-controllers.service - force: no + src: atomic-openshift-master-controllers{{ ha_suffix }}.service.j2 + dest: "{{ ha_svcdir }}/{{ openshift.common.service_type }}-master-controllers.service" when: openshift_master_ha | bool and openshift_master_cluster_method == "native" - name: Create the api env file template: @@ -170,7 +220,7 @@ template: dest: "{{ openshift.master.session_secrets_file }}" src: sessionSecretsFile.yaml.v1.j2 - force: no + when: openshift.master.session_auth_secrets is defined and openshift.master.session_encryption_secrets is defined notify: - restart master - restart master api @@ -236,8 +286,12 @@ when: not openshift_master_ha | bool register: start_result +- name: Stop and disable non HA master when running HA + service: name={{ openshift.common.service_type }}-master enabled=no state=stopped + when: openshift_master_ha | bool + - set_fact: - master_service_status_changed = start_result | changed + master_service_status_changed: "{{ start_result | changed }}" when: not openshift_master_ha | bool - name: Start and enable master api @@ -246,29 +300,28 @@ register: start_result - set_fact: - master_api_service_status_changed = start_result | changed + master_api_service_status_changed: "{{ start_result | changed }}" when: openshift_master_ha | bool and openshift.master.cluster_method == 'native' -# TODO: fix the ugly workaround of setting ignore_errors -# the controllers service tries to start even if it is already started - name: Start and enable master controller service: name={{ openshift.common.service_type }}-master-controllers enabled=yes state=started when: openshift_master_ha | bool and openshift.master.cluster_method == 'native' register: start_result - ignore_errors: yes - set_fact: - master_controllers_service_status_changed = start_result | changed + master_controllers_service_status_changed: "{{ start_result | changed }}" when: openshift_master_ha | bool and openshift.master.cluster_method == 'native' - name: Install cluster packages - yum: pkg=pcs state=present + action: "{{ ansible_pkg_mgr }} name=pcs state=present" when: openshift_master_ha | bool and openshift.master.cluster_method == 'pacemaker' + and not openshift.common.is_containerized | bool register: install_result - name: Start and enable cluster service service: name=pcsd enabled=yes state=started when: openshift_master_ha | bool and openshift.master.cluster_method == 'pacemaker' + and not openshift.common.is_containerized | bool - name: Set the cluster user password shell: echo {{ openshift_master_cluster_password | quote }} | passwd --stdin hacluster @@ -276,6 +329,7 @@ - name: Lookup default group for ansible_ssh_user command: "/usr/bin/id -g {{ ansible_ssh_user }}" + changed_when: false register: _ansible_ssh_user_gid - name: Create the client config dir(s) diff --git a/roles/openshift_master/templates/atomic-openshift-master-api.docker.service.j2 b/roles/openshift_master/templates/atomic-openshift-master-api.docker.service.j2 new file mode 100644 index 000000000..936c39edf --- /dev/null +++ b/roles/openshift_master/templates/atomic-openshift-master-api.docker.service.j2 @@ -0,0 +1,26 @@ +[Unit] +Description=Atomic OpenShift Master API +Documentation=https://github.com/openshift/origin +After=network.target +After=etcd.service +Before={{ openshift.common.service_type }}-node.service +Requires=network.target +Requires=docker.service +PartOf=docker.service + +[Service] +EnvironmentFile=/etc/sysconfig/{{ openshift.common.service_type }}-master-api +Environment=GOTRACEBACK=crash +ExecStartPre=-/usr/bin/docker rm -f {{ openshift.common.service_type}}-master-api +ExecStart=/usr/bin/docker run --rm --privileged --net=host --name {{ openshift.common.service_type }}-master-api -v {{ openshift.common.data_dir }}:{{ openshift.common.data_dir }} -v /var/run/docker.sock:/var/run/docker.sock -v {{ openshift.common.config_base }}:{{ openshift.common.config_base }} {{ openshift.master.master_image }} start master api --config=${CONFIG_FILE} $OPTIONS +ExecStartPost=/usr/bin/sleep 10 +ExecStop=/usr/bin/docker stop {{ openshift.common.service_type }}-master-api +LimitNOFILE=131072 +LimitCORE=infinity +WorkingDirectory={{ openshift.common.data_dir }} +SyslogIdentifier=atomic-openshift-master-api +Restart=always + +[Install] +WantedBy=multi-user.target +WantedBy={{ openshift.common.service_type }}-node.service
\ No newline at end of file diff --git a/roles/openshift_master/templates/atomic-openshift-master-controllers.docker.service.j2 b/roles/openshift_master/templates/atomic-openshift-master-controllers.docker.service.j2 new file mode 100644 index 000000000..6ba7d6e2a --- /dev/null +++ b/roles/openshift_master/templates/atomic-openshift-master-controllers.docker.service.j2 @@ -0,0 +1,25 @@ +[Unit] +Description=Atomic OpenShift Master Controllers +Documentation=https://github.com/openshift/origin +After=network.target +After={{ openshift.common.service_type }}-master-api.service +Before={{ openshift.common.service_type }}-node.service +Requires=docker.service +PartOf=docker.service + +[Service] +EnvironmentFile=/etc/sysconfig/{{ openshift.common.service_type }}-master-controllers +Environment=GOTRACEBACK=crash +ExecStartPre=-/usr/bin/docker rm -f {{ openshift.common.service_type}}-master-controllers +ExecStart=/usr/bin/docker run --rm --privileged --net=host --name {{ openshift.common.service_type }}-master-controllers -v {{ openshift.common.data_dir }}:{{ openshift.common.data_dir }} -v /var/run/docker.sock:/var/run/docker.sock -v {{ openshift.common.config_base }}:{{ openshift.common.config_base }} {{ openshift.master.master_image }} start master controllers --config=${CONFIG_FILE} $OPTIONS +ExecStartPost=/usr/bin/sleep 10 +ExecStop=/usr/bin/docker stop {{ openshift.common.service_type }}-master-controllers +LimitNOFILE=131072 +LimitCORE=infinity +WorkingDirectory={{ openshift.common.data_dir }} +SyslogIdentifier={{ openshift.common.service_type }}-master-controllers +Restart=on-failure + +[Install] +WantedBy=multi-user.target +WantedBy={{ openshift.common.service_type }}-node.service diff --git a/roles/openshift_master/templates/atomic-openshift-master-controllers.service.j2 b/roles/openshift_master/templates/atomic-openshift-master-controllers.service.j2 index 8952c86ef..e6e97b24f 100644 --- a/roles/openshift_master/templates/atomic-openshift-master-controllers.service.j2 +++ b/roles/openshift_master/templates/atomic-openshift-master-controllers.service.j2 @@ -7,7 +7,11 @@ Before={{ openshift.common.service_type }}-node.service Requires=network.target [Service] +{% if openshift.common.version_greater_than_3_1_1_or_1_1_1 | bool %} Type=notify +{% else %} +Type=simple +{% endif %} EnvironmentFile=/etc/sysconfig/{{ openshift.common.service_type }}-master-controllers Environment=GOTRACEBACK=crash ExecStart=/usr/bin/openshift start master controllers --config=${CONFIG_FILE} $OPTIONS diff --git a/roles/openshift_master/templates/master.docker.service.j2 b/roles/openshift_master/templates/master.docker.service.j2 new file mode 100644 index 000000000..23781a313 --- /dev/null +++ b/roles/openshift_master/templates/master.docker.service.j2 @@ -0,0 +1,16 @@ +[Unit] +After=docker.service +Before={{ openshift.common.service_type }}-node.service +Requires=docker.service +PartOf=docker.service + +[Service] +EnvironmentFile=/etc/sysconfig/{{ openshift.common.service_type }}-master +ExecStartPre=-/usr/bin/docker rm -f {{ openshift.common.service_type }}-master +ExecStart=/usr/bin/docker run --rm --privileged --net=host --name {{ openshift.common.service_type }}-master -v {{ openshift.common.data_dir }}:{{ openshift.common.data_dir }} -v /var/run/docker.sock:/var/run/docker.sock -v {{ openshift.common.config_base }}:{{ openshift.common.config_base }} {{ openshift.master.master_image }} start master --config=${CONFIG_FILE} $OPTIONS +ExecStartPost=/usr/bin/sleep 10 +ExecStop=/usr/bin/docker stop {{ openshift.common.service_type }}-master +Restart=always + +[Install] +WantedBy=multi-user.target diff --git a/roles/openshift_master/templates/master.yaml.v1.j2 b/roles/openshift_master/templates/master.yaml.v1.j2 index 9f4a17f0a..647476b7f 100644 --- a/roles/openshift_master/templates/master.yaml.v1.j2 +++ b/roles/openshift_master/templates/master.yaml.v1.j2 @@ -8,6 +8,12 @@ assetConfig: logoutURL: "" masterPublicURL: {{ openshift.master.public_api_url }} publicURL: {{ openshift.master.public_console_url }}/ +{% if 'logging_public_url' in openshift.master %} + loggingPublicURL: {{ openshift.master.logging_public_url }} +{% endif %} +{% if 'metrics_public_url' in openshift.master %} + metricsPublicURL: {{ openshift.master.metrics_public_url }} +{% endif %} servingInfo: bindAddress: {{ openshift.master.bind_addr }}:{{ openshift.master.console_port }} bindNetwork: tcp4 @@ -81,9 +87,9 @@ kubernetesMasterConfig: - v1beta3 - v1 {% endif %} - apiServerArguments: {{ api_server_args if api_server_args is defined else 'null' }} - controllerArguments: {{ controller_args if controller_args is defined else 'null' }} - masterCount: {{ openshift.master.master_count }} + apiServerArguments: {{ openshift.master.api_server_args | default(None) | to_json }} + controllerArguments: {{ openshift.master.controller_args | default(None) | to_json }} + masterCount: {{ openshift.master.master_count if openshift.master.cluster_method | default(None) == 'native' else 1 }} masterIP: {{ openshift.common.ip }} podEvictionTimeout: "" proxyClientInfo: @@ -121,7 +127,9 @@ oauthConfig: sessionConfig: sessionMaxAgeSeconds: {{ openshift.master.session_max_seconds }} sessionName: {{ openshift.master.session_name }} +{% if openshift.master.session_auth_secrets is defined and openshift.master.session_encryption_secrets is defined %} sessionSecretsFile: {{ openshift.master.session_secrets_file }} +{% endif %} tokenConfig: accessTokenMaxAgeSeconds: {{ openshift.master.access_token_max_seconds }} authorizeTokenMaxAgeSeconds: {{ openshift.master.auth_token_max_seconds }} diff --git a/roles/openshift_master/templates/sessionSecretsFile.yaml.v1.j2 b/roles/openshift_master/templates/sessionSecretsFile.yaml.v1.j2 index d12d9db90..3d4b573a9 100644 --- a/roles/openshift_master/templates/sessionSecretsFile.yaml.v1.j2 +++ b/roles/openshift_master/templates/sessionSecretsFile.yaml.v1.j2 @@ -1,7 +1,7 @@ apiVersion: v1 kind: SessionSecrets secrets: -{% for secret in openshift_master_session_auth_secrets %} -- authentication: "{{ openshift_master_session_auth_secrets[loop.index0] }}" - encryption: "{{ openshift_master_session_encryption_secrets[loop.index0] }}" +{% for secret in openshift.master.session_auth_secrets %} +- authentication: "{{ openshift.master.session_auth_secrets[loop.index0] }}" + encryption: "{{ openshift.master.session_encryption_secrets[loop.index0] }}" {% endfor %} diff --git a/roles/openshift_master_ca/meta/main.yml b/roles/openshift_master_ca/meta/main.yml index 0c8881521..b5dd466c9 100644 --- a/roles/openshift_master_ca/meta/main.yml +++ b/roles/openshift_master_ca/meta/main.yml @@ -14,3 +14,4 @@ galaxy_info: - system dependencies: - { role: openshift_repos } +- { role: openshift_cli } diff --git a/roles/openshift_master_ca/tasks/main.yml b/roles/openshift_master_ca/tasks/main.yml index 314f068e7..5b4c92f2b 100644 --- a/roles/openshift_master_ca/tasks/main.yml +++ b/roles/openshift_master_ca/tasks/main.yml @@ -1,16 +1,29 @@ --- - name: Install the base package for admin tooling - yum: pkg={{ openshift.common.service_type }}{{ openshift_version }} state=present + action: "{{ ansible_pkg_mgr }} name={{ openshift.common.service_type }}{{ openshift_version }} state=present" + when: not openshift.common.is_containerized | bool register: install_result - name: Reload generated facts openshift_facts: + when: install_result | changed - name: Create openshift_master_config_dir if it doesn't exist file: path: "{{ openshift_master_config_dir }}" state: directory +- name: Get docker images + command: docker images + changed_when: false + when: openshift.common.is_containerized | bool + register: docker_images + +- name: Pull required docker image + command: > + docker pull {{ openshift.common.cli_image }} + when: openshift.common.is_containerized | bool and openshift.common.cli_image not in docker_images.stdout + - name: Create the master certificates if they do not already exist command: > {{ openshift.common.admin_binary }} create-master-certs diff --git a/roles/openshift_master_certificates/tasks/main.yml b/roles/openshift_master_certificates/tasks/main.yml index 13e5d7a4b..36d953111 100644 --- a/roles/openshift_master_certificates/tasks/main.yml +++ b/roles/openshift_master_certificates/tasks/main.yml @@ -16,6 +16,8 @@ - admin.kubeconfig - master.kubelet-client.crt - master.kubelet-client.key + - master.server.crt + - master.server.key - openshift-master.crt - openshift-master.key - openshift-master.kubeconfig diff --git a/roles/openshift_master_cluster/tasks/main.yml b/roles/openshift_master_cluster/tasks/main.yml index 6303a6e46..40705d357 100644 --- a/roles/openshift_master_cluster/tasks/main.yml +++ b/roles/openshift_master_cluster/tasks/main.yml @@ -1,4 +1,8 @@ --- +- fail: + msg: "Not possible on atomic hosts for now" + when: openshift.common.is_containerized | bool + - name: Test if cluster is already configured command: pcs status register: pcs_status diff --git a/roles/openshift_node/handlers/main.yml b/roles/openshift_node/handlers/main.yml index 447ca85f3..c288f4d05 100644 --- a/roles/openshift_node/handlers/main.yml +++ b/roles/openshift_node/handlers/main.yml @@ -1,7 +1,7 @@ --- - name: restart node service: name={{ openshift.common.service_type }}-node state=restarted - when: not node_service_status_changed | default(false) + when: not (node_service_status_changed | default(false) | bool) - name: restart docker service: name=docker state=restarted diff --git a/roles/openshift_node/meta/main.yml b/roles/openshift_node/meta/main.yml index 9d40ae3b3..c92008a77 100644 --- a/roles/openshift_node/meta/main.yml +++ b/roles/openshift_node/meta/main.yml @@ -13,4 +13,3 @@ galaxy_info: - cloud dependencies: - { role: openshift_common } -- { role: docker } diff --git a/roles/openshift_node/tasks/main.yml b/roles/openshift_node/tasks/main.yml index 42d984a09..33852d7f8 100644 --- a/roles/openshift_node/tasks/main.yml +++ b/roles/openshift_node/tasks/main.yml @@ -1,12 +1,6 @@ --- # TODO: allow for overriding default ports where possible - fail: - msg: This role requres that osn_cluster_dns_domain is set - when: osn_cluster_dns_domain is not defined or not osn_cluster_dns_domain -- fail: - msg: This role requres that osn_cluster_dns_ip is set - when: osn_cluster_dns_ip is not defined or not osn_cluster_dns_ip -- fail: msg: "SELinux is disabled, This deployment type requires that SELinux is enabled." when: (not ansible_selinux or ansible_selinux.status != 'enabled') and deployment_type in ['enterprise', 'online', 'atomic-enterprise', 'openshift-enterprise'] @@ -20,12 +14,14 @@ hostname: "{{ openshift_hostname | default(none) }}" public_hostname: "{{ openshift_public_hostname | default(none) }}" deployment_type: "{{ openshift_deployment_type }}" + # TODO: Replace this with a lookup or filter plugin. + dns_ip: "{{ openshift_dns_ip + | default(openshift_master_cluster_vip + | default(None if openshift.common.version_greater_than_3_1_or_1_1 | bool else openshift_node_first_master_ip | default(None, true), true), true) }}" - role: node local_facts: annotations: "{{ openshift_node_annotations | default(none) }}" debug_level: "{{ openshift_node_debug_level | default(openshift.common.debug_level) }}" - docker_log_driver: "{{ lookup( 'oo_option' , 'docker_log_driver' ) | default('',True) }}" - docker_log_options: "{{ lookup( 'oo_option' , 'docker_log_options' ) | default('',True) }}" iptables_sync_period: "{{ openshift_node_iptables_sync_period | default(None) }}" kubelet_args: "{{ openshift_node_kubelet_args | default(None) }}" labels: "{{ lookup('oo_option', 'openshift_node_labels') | default( openshift_node_labels | default(none), true) }}" @@ -35,17 +31,78 @@ sdn_mtu: "{{ openshift_node_sdn_mtu | default(None) }}" storage_plugin_deps: "{{ osn_storage_plugin_deps | default(None) }}" set_node_ip: "{{ openshift_set_node_ip | default(None) }}" + node_image: "{{ osn_image | default(None) }}" + ovs_image: "{{ osn_ovs_image | default(None) }}" # We have to add tuned-profiles in the same transaction otherwise we run into depsolving -# problems because the rpms don't pin the version properly. +# problems because the rpms don't pin the version properly. This was fixed in 3.1 packaging. - name: Install Node package - yum: pkg={{ openshift.common.service_type }}-node{{ openshift_version }},tuned-profiles-{{ openshift.common.service_type }}-node{{ openshift_version }} state=present - register: node_install_result + action: "{{ ansible_pkg_mgr }} name={{ openshift.common.service_type }}-node{{ openshift_version }},tuned-profiles-{{ openshift.common.service_type }}-node{{ openshift_version }} state=present" + when: not openshift.common.is_containerized | bool - name: Install sdn-ovs package - yum: pkg={{ openshift.common.service_type }}-sdn-ovs{{ openshift_version }} state=present - register: sdn_install_result - when: openshift.common.use_openshift_sdn + action: "{{ ansible_pkg_mgr }} name={{ openshift.common.service_type }}-sdn-ovs{{ openshift_version }} state=present" + when: openshift.common.use_openshift_sdn and not openshift.common.is_containerized | bool + +- name: Get docker images + command: docker images + changed_when: false + when: openshift.common.is_containerized | bool + register: docker_images + +- name: Pull node image + command: > + docker pull {{ openshift.node.node_image }} + when: openshift.common.is_containerized | bool and openshift.node.node_image not in docker_images.stdout + +- name: Wait for node image + command: > + docker images + register: docker_images + until: openshift.node.node_image in docker_images.stdout + retries: 30 + delay: 10 + changed_when: false + when: openshift.common.is_containerized | bool + +- name: Pull OpenVSwitch image + command: > + docker pull {{ openshift.node.ovs_image }} + when: openshift.common.is_containerized | bool and openshift.node.ovs_image not in docker_images.stdout + and openshift.common.use_openshift_sdn | bool + +- name: Wait for OpenVSwitch image + command: > + docker images + register: docker_images + until: openshift.node.ovs_image in docker_images.stdout + retries: 30 + delay: 10 + changed_when: false + when: openshift.common.is_containerized | bool and openshift.common.use_openshift_sdn | bool + +- name: Install Node docker service file + template: + dest: "/etc/systemd/system/{{ openshift.common.service_type }}-node.service" + src: openshift.docker.node.service + register: install_node_result + when: openshift.common.is_containerized | bool + +- name: Install OpenvSwitch docker service file + template: + dest: "/etc/systemd/system/openvswitch.service" + src: openvswitch.docker.service + register: install_ovs_result + when: openshift.common.is_containerized | bool and openshift.common.use_openshift_sdn | bool + +- name: Reload systemd units + command: systemctl daemon-reload + when: openshift.common.is_containerized and ( ( install_node_result | changed ) + or ( install_ovs_result | changed ) ) + +- name: Start and enable openvswitch docker service + service: name=openvswitch.service enabled=yes state=started + when: openshift.common.is_containerized | bool and openshift.common.use_openshift_sdn | bool # TODO: add the validate parameter when there is a validation command to run - name: Create the Node config @@ -61,6 +118,7 @@ dest: /etc/sysconfig/{{ openshift.common.service_type }}-node regexp: "{{ item.regex }}" line: "{{ item.line }}" + create: true with_items: - regex: '^OPTIONS=' line: "OPTIONS=--loglevel={{ openshift.node.debug_level }}" @@ -69,64 +127,6 @@ notify: - restart node -- stat: path=/etc/sysconfig/docker - register: docker_check - - # TODO: Enable secure registry when code available in origin -- name: Secure Registry and Logs Options - lineinfile: - dest: /etc/sysconfig/docker - regexp: '^OPTIONS=.*$' - line: "OPTIONS='--insecure-registry={{ openshift.node.portal_net }} \ -{% if ansible_selinux and ansible_selinux.status == '''enabled''' %}--selinux-enabled{% endif %} \ -{% if openshift.node.docker_log_driver is defined %} --log-driver {{ openshift.node.docker_log_driver }} {% endif %} \ -{% if openshift.node.docker_log_options is defined %} {{ openshift.node.docker_log_options | oo_split() | oo_prepend_strings_in_list('--log-opt ') | join(' ')}} {% endif %} '" - when: docker_check.stat.isreg - notify: - - restart docker - -- set_fact: - docker_additional_registries: "{{ lookup('oo_option', 'docker_additional_registries') - | oo_split() | union(['registry.access.redhat.com']) - | difference(['']) }}" - when: openshift.common.deployment_type == 'enterprise' -- set_fact: - docker_additional_registries: "{{ lookup('oo_option', 'docker_additional_registries') - | oo_split() | difference(['']) }}" - when: openshift.common.deployment_type != 'enterprise' - -- name: Add personal registries - lineinfile: - dest: /etc/sysconfig/docker - regexp: '^ADD_REGISTRY=.*$' - line: "ADD_REGISTRY='{{ docker_additional_registries - | oo_prepend_strings_in_list('--add-registry ') | join(' ') }}'" - when: docker_check.stat.isreg and docker_additional_registries - notify: - - restart docker - -- name: Block registries - lineinfile: - dest: /etc/sysconfig/docker - regexp: '^BLOCK_REGISTRY=.*$' - line: "BLOCK_REGISTRY='{{ lookup('oo_option', 'docker_blocked_registries') | oo_split() - | oo_prepend_strings_in_list('--block-registry ') | join(' ') }}'" - when: docker_check.stat.isreg and - lookup('oo_option', 'docker_blocked_registries') != '' - notify: - - restart docker - -- name: Grant access to additional insecure registries - lineinfile: - dest: /etc/sysconfig/docker - regexp: '^INSECURE_REGISTRY=.*' - line: "INSECURE_REGISTRY='{{ lookup('oo_option', 'docker_insecure_registries') | oo_split() - | oo_prepend_strings_in_list('--insecure-registry ') | join(' ') }}'" - when: docker_check.stat.isreg and - lookup('oo_option', 'docker_insecure_registries') != '' - notify: - - restart docker - - name: Additional storage plugin configuration include: storage_plugins/main.yml @@ -135,4 +135,4 @@ register: start_result - set_fact: - node_service_status_changed = start_result | changed + node_service_status_changed: "{{ start_result | changed }}" diff --git a/roles/openshift_node/tasks/storage_plugins/ceph.yml b/roles/openshift_node/tasks/storage_plugins/ceph.yml index b6936618a..eed3c99a3 100644 --- a/roles/openshift_node/tasks/storage_plugins/ceph.yml +++ b/roles/openshift_node/tasks/storage_plugins/ceph.yml @@ -1,5 +1,4 @@ --- - name: Install Ceph storage plugin dependencies - yum: - pkg: ceph-common - state: installed + action: "{{ ansible_pkg_mgr }} name=ceph-common state=present" + when: not openshift.common.is_atomic | bool
\ No newline at end of file diff --git a/roles/openshift_node/tasks/storage_plugins/glusterfs.yml b/roles/openshift_node/tasks/storage_plugins/glusterfs.yml index decf4f49d..8fc8497fa 100644 --- a/roles/openshift_node/tasks/storage_plugins/glusterfs.yml +++ b/roles/openshift_node/tasks/storage_plugins/glusterfs.yml @@ -1,8 +1,7 @@ --- - name: Install GlusterFS storage plugin dependencies - yum: - pkg: glusterfs-fuse - state: installed + action: "{{ ansible_pkg_mgr }} name=glusterfs-fuse state=present" + when: not openshift.common.is_atomic | bool - name: Set sebooleans to allow gluster storage plugin access from containers seboolean: diff --git a/roles/openshift_node/templates/node.yaml.v1.j2 b/roles/openshift_node/templates/node.yaml.v1.j2 index 41a303dee..23bd81f91 100644 --- a/roles/openshift_node/templates/node.yaml.v1.j2 +++ b/roles/openshift_node/templates/node.yaml.v1.j2 @@ -1,7 +1,9 @@ allowDisabledDocker: false apiVersion: v1 -dnsDomain: {{ osn_cluster_dns_domain }} -dnsIP: {{ osn_cluster_dns_ip }} +dnsDomain: {{ openshift.common.dns_domain }} +{% if 'dns_ip' in openshift.common %} +dnsIP: {{ openshift.common.dns_ip }} +{% endif %} dockerConfig: execHandlerName: "" iptablesSyncPeriod: "{{ openshift.node.iptables_sync_period }}" diff --git a/roles/openshift_node/templates/openshift.docker.node.service b/roles/openshift_node/templates/openshift.docker.node.service new file mode 100644 index 000000000..7a11a10fa --- /dev/null +++ b/roles/openshift_node/templates/openshift.docker.node.service @@ -0,0 +1,20 @@ +[Unit] +After=docker.service +After={{ openshift.common.service_type }}-master.service +After=openvswitch.service +{% if openshift.common.use_openshift_sdn %} +Requires=openvswitch.service +{% endif %} +Requires=docker.service +PartOf=docker.service + +[Service] +EnvironmentFile=/etc/sysconfig/{{ openshift.common.service_type }}-node +ExecStartPre=-/usr/bin/docker rm -f {{ openshift.common.service_type }}-node +ExecStart=/usr/bin/docker run --name {{ openshift.common.service_type }}-node --rm --privileged --net=host --pid=host -v /:/rootfs:ro -e CONFIG_FILE=${CONFIG_FILE} -e OPTIONS=${OPTIONS} -e HOST=/rootfs -e HOST_ETC=/host-etc -v {{ openshift.common.data_dir }}:{{ openshift.common.data_dir }} -v {{ openshift.common.config_base }}/node:{{ openshift.common.config_base }}/node -v /etc/localtime:/etc/localtime:ro -v /etc/machine-id:/etc/machine-id:ro -v /run:/run -v /sys:/sys:ro -v /usr/bin/docker:/usr/bin/docker:ro -v /var/lib/docker:/var/lib/docker -v /lib/modules:/lib/modules -v /etc/origin/openvswitch:/etc/openvswitch -v /etc/origin/sdn:/etc/openshift-sdn -v /etc/systemd/system:/host-etc/systemd/system {{ openshift.node.node_image }} +ExecStartPost=/usr/bin/sleep 10 +ExecStop=/usr/bin/docker stop {{ openshift.common.service_type }}-node +Restart=always + +[Install] +WantedBy=multi-user.target diff --git a/roles/openshift_node/templates/openvswitch.docker.service b/roles/openshift_node/templates/openvswitch.docker.service new file mode 100644 index 000000000..0b42ca6d5 --- /dev/null +++ b/roles/openshift_node/templates/openvswitch.docker.service @@ -0,0 +1,13 @@ +[Unit] +After=docker.service +Requires=docker.service +PartOf=docker.service + +[Service] +ExecStartPre=-/usr/bin/docker rm -f openvswitch +ExecStart=/usr/bin/docker run --name openvswitch --rm --privileged --net=host --pid=host -v /lib/modules:/lib/modules -v /run:/run -v /sys:/sys:ro -v /etc/origin/openvswitch:/etc/openvswitch {{ openshift.node.ovs_image }} +ExecStop=/usr/bin/docker stop openvswitch +Restart=always + +[Install] +WantedBy=multi-user.target diff --git a/roles/openshift_node_certificates/tasks/main.yml b/roles/openshift_node_certificates/tasks/main.yml index 57f71887b..b54811414 100644 --- a/roles/openshift_node_certificates/tasks/main.yml +++ b/roles/openshift_node_certificates/tasks/main.yml @@ -17,19 +17,19 @@ --signer-serial={{ openshift_master_ca_serial }} --user=system:node:{{ item.openshift.common.hostname }} args: - chdir: "{{ openshift_generated_configs_dir }}" creates: "{{ openshift_generated_configs_dir }}/node-{{ item.openshift.common.hostname }}" with_items: nodes_needing_certs - name: Generate the node server certificate command: > - {{ openshift.common.admin_binary }} create-server-cert - --cert=server.crt --key=server.key --overwrite=true + {{ openshift.common.admin_binary }} ca create-server-cert + --cert={{ openshift_generated_configs_dir }}/node-{{ item.openshift.common.hostname }}/server.crt + --key={{ openshift_generated_configs_dir }}/node-{{ item.openshift.common.hostname }}/server.key + --overwrite=true --hostnames={{ item.openshift.common.all_hostnames |join(",") }} --signer-cert={{ openshift_master_ca_cert }} --signer-key={{ openshift_master_ca_key }} --signer-serial={{ openshift_master_ca_serial }} args: - chdir: "{{ openshift_generated_configs_dir }}/node-{{ item.openshift.common.hostname }}" creates: "{{ openshift_generated_configs_dir }}/node-{{ item.openshift.common.hostname }}/server.crt" with_items: nodes_needing_certs diff --git a/roles/openshift_registry/tasks/main.yml b/roles/openshift_registry/tasks/main.yml index 749eea5c0..2804e8f2e 100644 --- a/roles/openshift_registry/tasks/main.yml +++ b/roles/openshift_registry/tasks/main.yml @@ -1,6 +1,4 @@ --- -# This role is unused until we add options for configuring the backend storage - - set_fact: _oreg_images="--images='{{ openshift.master.registry_url }}'" - set_fact: _oreg_selector="--selector='{{ openshift.master.registry_selector }}'" @@ -12,3 +10,19 @@ --credentials={{ openshift_master_config_dir }}/openshift-registry.kubeconfig {{ _oreg_images }} register: _oreg_results changed_when: "'service exists' not in _oreg_results.stdout" + +- name: Determine if nfs volume is already attached + command: "{{ openshift.common.client_binary }} get -o template dc/docker-registry --template=\\{\\{.spec.template.spec.volumes\\}\\}" + register: registry_volumes_output + when: attach_registry_volume | bool + +- set_fact: + volume_already_attached: "{{ 'server:' + nfs_host in registry_volumes_output.stdout and 'path:' + registry_volume_path in registry_volumes_output.stdout }}" + when: attach_registry_volume | bool + +- name: Add nfs volume to dc/docker-registry + command: > + {{ openshift.common.client_binary }} volume dc/docker-registry + --add --overwrite --name=registry-storage --mount-path=/registry + --source='{"nfs": {"server": "{{ nfs_host }}", "path": "{{ registry_volume_path }}"}}' + when: attach_registry_volume | bool and not volume_already_attached | bool diff --git a/roles/openshift_repos/files/fedora-origin/repos/maxamillion-fedora-openshift-fedora.repo b/roles/openshift_repos/files/fedora-origin/repos/maxamillion-fedora-openshift-fedora.repo new file mode 100644 index 000000000..bc0435d82 --- /dev/null +++ b/roles/openshift_repos/files/fedora-origin/repos/maxamillion-fedora-openshift-fedora.repo @@ -0,0 +1,8 @@ +[maxamillion-fedora-openshift] +name=Copr repo for fedora-openshift owned by maxamillion +baseurl=https://copr-be.cloud.fedoraproject.org/results/maxamillion/fedora-openshift/fedora-$releasever-$basearch/ +skip_if_unavailable=True +gpgcheck=1 +gpgkey=https://copr-be.cloud.fedoraproject.org/results/maxamillion/fedora-openshift/pubkey.gpg +enabled=1 +enabled_metadata=1
\ No newline at end of file diff --git a/roles/openshift_repos/handlers/main.yml b/roles/openshift_repos/handlers/main.yml index 26558a455..198fc7d6e 100644 --- a/roles/openshift_repos/handlers/main.yml +++ b/roles/openshift_repos/handlers/main.yml @@ -1,3 +1,3 @@ --- -- name: refresh package cache - command: yum clean all +- name: refresh cache + command: "{{ ansible_pkg_mgr }} clean all" diff --git a/roles/openshift_repos/tasks/main.yaml b/roles/openshift_repos/tasks/main.yaml index 66be0cb7b..8a75639c2 100644 --- a/roles/openshift_repos/tasks/main.yaml +++ b/roles/openshift_repos/tasks/main.yaml @@ -8,44 +8,66 @@ # proper repos correctly. - assert: - that: openshift.common.deployment_type in known_openshift_deployment_types + that: openshift_deployment_type in known_openshift_deployment_types - name: Ensure libselinux-python is installed - yum: - pkg: libselinux-python - state: present + action: "{{ ansible_pkg_mgr }} name=libselinux-python state=present" + when: not openshift.common.is_containerized | bool - name: Create any additional repos that are defined template: src: yum_repo.j2 dest: /etc/yum.repos.d/openshift_additional.repo - when: openshift_additional_repos | length > 0 - notify: refresh package cache + when: openshift_additional_repos | length > 0 and not openshift.common.is_containerized | bool + notify: refresh cache - name: Remove the additional repos if no longer defined file: dest: /etc/yum.repos.d/openshift_additional.repo state: absent - when: openshift_additional_repos | length == 0 - notify: refresh package cache + when: openshift_additional_repos | length == 0 and not openshift.common.is_containerized | bool + notify: refresh cache -- name: Remove any yum repo files for other deployment types +- name: Remove any yum repo files for other deployment types RHEL/CentOS file: path: "/etc/yum.repos.d/{{ item | basename }}" state: absent with_fileglob: - '*/repos/*' - when: not (item | search("/files/" ~ openshift_deployment_type ~ "/repos")) - notify: refresh package cache + when: not (item | search("/files/" ~ openshift_deployment_type ~ "/repos")) and + (ansible_os_family == "RedHat" and ansible_distribution != "Fedora") + and not openshift.common.is_containerized | bool + notify: refresh cache + +- name: Remove any yum repo files for other deployment types Fedora + file: + path: "/etc/yum.repos.d/{{ item | basename }}" + state: absent + with_fileglob: + - '*/repos/*' + when: not (item | search("/files/fedora-" ~ openshift_deployment_type ~ "/repos")) and + (ansible_distribution == "Fedora") + and not openshift.common.is_containerized | bool + notify: refresh cache - name: Configure gpg keys if needed copy: src={{ item }} dest=/etc/pki/rpm-gpg/ with_fileglob: - "{{ openshift_deployment_type }}/gpg_keys/*" - notify: refresh package cache + notify: refresh cache + when: not openshift.common.is_containerized | bool -- name: Configure yum repositories +- name: Configure yum repositories RHEL/CentOS copy: src={{ item }} dest=/etc/yum.repos.d/ with_fileglob: - "{{ openshift_deployment_type }}/repos/*" - notify: refresh package cache + notify: refresh cache + when: (ansible_os_family == "RedHat" and ansible_distribution != "Fedora") + and not openshift.common.is_containerized | bool + +- name: Configure yum repositories Fedora + copy: src={{ item }} dest=/etc/yum.repos.d/ + with_fileglob: + - "fedora-{{ openshift_deployment_type }}/repos/*" + notify: refresh cache + when: (ansible_distribution == "Fedora") and not openshift.common.is_containerized | bool diff --git a/roles/openshift_serviceaccounts/tasks/main.yml b/roles/openshift_serviceaccounts/tasks/main.yml index e558a83a2..4c7faa6fe 100644 --- a/roles/openshift_serviceaccounts/tasks/main.yml +++ b/roles/openshift_serviceaccounts/tasks/main.yml @@ -1,12 +1,19 @@ +- name: tmp dir for openshift + file: + path: /tmp/openshift + state: directory + owner: root + mode: 700 + - name: Create service account configs template: src: serviceaccount.j2 - dest: "/tmp/{{ item }}-serviceaccount.yaml" + dest: "/tmp/openshift/{{ item }}-serviceaccount.yaml" with_items: accounts - name: Create {{ item }} service account command: > - {{ openshift.common.client_binary }} create -f "/tmp/{{ item }}-serviceaccount.yaml" + {{ openshift.common.client_binary }} create -f "/tmp/openshift/{{ item }}-serviceaccount.yaml" with_items: accounts register: _sa_result failed_when: "'serviceaccounts \"{{ item }}\" already exists' not in _sa_result.stderr and _sa_result.rc != 0" @@ -15,14 +22,15 @@ - name: Get current security context constraints shell: > {{ openshift.common.client_binary }} get scc privileged -o yaml - --output-version=v1 > /tmp/scc.yaml + --output-version=v1 > /tmp/openshift/scc.yaml + changed_when: false - name: Add security context constraint for {{ item }} lineinfile: - dest: /tmp/scc.yaml + dest: /tmp/openshift/scc.yaml line: "- system:serviceaccount:default:{{ item }}" insertafter: "^users:$" with_items: accounts - name: Apply new scc rules for service accounts - command: "{{ openshift.common.client_binary }} update -f /tmp/scc.yaml --api-version=v1" + command: "{{ openshift.common.client_binary }} update -f /tmp/openshift/scc.yaml --api-version=v1" diff --git a/roles/openshift_storage_nfs/README.md b/roles/openshift_storage_nfs/README.md new file mode 100644 index 000000000..548e146cb --- /dev/null +++ b/roles/openshift_storage_nfs/README.md @@ -0,0 +1,52 @@ +OpenShift NFS Server +==================== + +OpenShift NFS Server Installation + +Requirements +------------ + +This role is intended to be applied to the [nfs] host group which is +separate from OpenShift infrastructure components. + +Requires access to the 'nfs-utils' package. + +Role Variables +-------------- + +From this role: +| Name | Default value | | +|-------------------------------|-----------------------|--------------------------------------------------| +| openshift_nfs_exports_dir | /var/export | Root export directory. | +| openshift_nfs_registry_volume | regvol | Registry volume within openshift_nfs_exports_dir | +| openshift_nfs_export_options | *(rw,sync,all_squash) | NFS options for configured exports. | + + +From openshift_common: +| Name | Default Value | | +|-------------------------------|----------------|----------------------------------------| +| openshift_debug_level | 2 | Global openshift debug log verbosity | + + +Dependencies +------------ + + + +Example Playbook +---------------- + +- name: Configure nfs hosts + hosts: oo_nfs_to_config + roles: + - role: openshift_storage_nfs + +License +------- + +Apache License, Version 2.0 + +Author Information +------------------ + +Andrew Butcher (abutcher@redhat.com) diff --git a/roles/openshift_storage_nfs/defaults/main.yml b/roles/openshift_storage_nfs/defaults/main.yml new file mode 100644 index 000000000..e25062c00 --- /dev/null +++ b/roles/openshift_storage_nfs/defaults/main.yml @@ -0,0 +1,8 @@ +--- +exports_dir: /var/export +registry_volume: regvol +export_options: '*(rw,sync,all_squash)' +os_firewall_use_firewalld: False +os_firewall_allow: +- service: nfs + port: "2049/tcp" diff --git a/roles/openshift_storage_nfs/handlers/main.yml b/roles/openshift_storage_nfs/handlers/main.yml new file mode 100644 index 000000000..a1377a203 --- /dev/null +++ b/roles/openshift_storage_nfs/handlers/main.yml @@ -0,0 +1,6 @@ +--- +- name: restart nfs-server + service: + name: nfs-server + state: restarted + when: not (nfs_service_status_changed | default(false)) diff --git a/roles/openshift_storage_nfs/meta/main.yml b/roles/openshift_storage_nfs/meta/main.yml new file mode 100644 index 000000000..2975daf52 --- /dev/null +++ b/roles/openshift_storage_nfs/meta/main.yml @@ -0,0 +1,15 @@ +--- +galaxy_info: + author: Andrew Butcher + description: OpenShift NFS Server + company: Red Hat, Inc. + license: Apache License, Version 2.0 + min_ansible_version: 1.9 + platforms: + - name: EL + versions: + - 7 +dependencies: +- { role: os_firewall } +- { role: openshift_common } +- { role: openshift_repos } diff --git a/roles/openshift_storage_nfs/tasks/main.yml b/roles/openshift_storage_nfs/tasks/main.yml new file mode 100644 index 000000000..64b121ade --- /dev/null +++ b/roles/openshift_storage_nfs/tasks/main.yml @@ -0,0 +1,49 @@ +--- +- name: Set nfs facts + openshift_facts: + role: nfs + local_facts: + exports_dir: "{{ openshift_nfs_exports_dir | default(None) }}" + export_options: "{{ openshift_nfs_export_options | default(None) }}" + registry_volume: "{{ openshift_nfs_registry_volume | default(None) }}" + +- name: Install nfs-utils + yum: + pkg: nfs-utils + state: present + +- name: Ensure exports directory exists + file: + path: "{{ openshift.nfs.exports_dir }}" + state: directory + +- name: Ensure export directories exist + file: + path: "{{ openshift.nfs.exports_dir }}/{{ item }}" + state: directory + mode: 0777 + owner: nfsnobody + group: nfsnobody + with_items: + - "{{ openshift.nfs.registry_volume }}" + +- name: Configure exports + template: + dest: /etc/exports + src: exports.j2 + notify: + - restart nfs-server + +- name: Enable and start services + service: + name: "{{ item }}" + state: started + enabled: yes + register: start_result + with_items: + - nfs-server + +- set_fact: + nfs_service_status_changed: "{{ True in (start_result.results + | map(attribute='changed') + | list) }}" diff --git a/roles/openshift_storage_nfs/templates/exports.j2 b/roles/openshift_storage_nfs/templates/exports.j2 new file mode 100644 index 000000000..702473040 --- /dev/null +++ b/roles/openshift_storage_nfs/templates/exports.j2 @@ -0,0 +1 @@ +{{ openshift.nfs.exports_dir }}/{{ openshift.nfs.registry_volume }} {{ openshift.nfs.export_options }} diff --git a/roles/openshift_storage_nfs_lvm/tasks/main.yml b/roles/openshift_storage_nfs_lvm/tasks/main.yml index ead81b876..ea0cc2a94 100644 --- a/roles/openshift_storage_nfs_lvm/tasks/main.yml +++ b/roles/openshift_storage_nfs_lvm/tasks/main.yml @@ -1,4 +1,9 @@ --- +# TODO -- this may actually work on atomic hosts +- fail: + msg: "openshift_storage_nfs_lvm is not compatible with atomic host" + when: openshift.common.is_atomic | true + - name: Create lvm volumes lvol: vg={{osnl_volume_group}} lv={{ item }} size={{osnl_volume_size}}G with_sequence: start={{osnl_volume_num_start}} count={{osnl_number_of_volumes}} format={{osnl_volume_prefix}}{{osnl_volume_size}}g%04d diff --git a/roles/openshift_storage_nfs_lvm/tasks/nfs.yml b/roles/openshift_storage_nfs_lvm/tasks/nfs.yml index 65ae069df..fc8de1cb5 100644 --- a/roles/openshift_storage_nfs_lvm/tasks/nfs.yml +++ b/roles/openshift_storage_nfs_lvm/tasks/nfs.yml @@ -1,7 +1,8 @@ --- - name: Install NFS server - yum: name=nfs-utils state=present - + action: "{{ ansible_pkg_mgr }} name=nfs-utils state=present" + when: not openshift.common.is_containerized | bool + - name: Start rpcbind service: name=rpcbind state=started enabled=yes diff --git a/roles/os_env_extras/tasks/main.yaml b/roles/os_env_extras/tasks/main.yaml index 96b12ad5b..628df713a 100644 --- a/roles/os_env_extras/tasks/main.yaml +++ b/roles/os_env_extras/tasks/main.yaml @@ -12,6 +12,5 @@ dest: /root/.vimrc - name: Bash Completion - yum: - pkg: bash-completion - state: installed + action: "{{ ansible_pkg_mgr }} name=bash-completion state=present" + when: not openshift.common.is_containerized | bool
\ No newline at end of file diff --git a/roles/os_firewall/tasks/firewall/firewalld.yml b/roles/os_firewall/tasks/firewall/firewalld.yml index 5089eb3e0..ac4600f83 100644 --- a/roles/os_firewall/tasks/firewall/firewalld.yml +++ b/roles/os_firewall/tasks/firewall/firewalld.yml @@ -1,8 +1,7 @@ --- - name: Install firewalld packages - yum: - name: firewalld - state: present + action: "{{ ansible_pkg_mgr }} name=firewalld state=present" + when: not openshift.common.is_containerized | bool register: install_result - name: Check if iptables-services is installed diff --git a/roles/os_firewall/tasks/firewall/iptables.yml b/roles/os_firewall/tasks/firewall/iptables.yml index 9af9d8d29..5cf4bf7af 100644 --- a/roles/os_firewall/tasks/firewall/iptables.yml +++ b/roles/os_firewall/tasks/firewall/iptables.yml @@ -1,12 +1,11 @@ --- - name: Install iptables packages - yum: - name: "{{ item }}" - state: present + action: "{{ ansible_pkg_mgr }} name={{ item }} state=present" with_items: - iptables - iptables-services register: install_result + when: not openshift.common.is_atomic | bool - name: Check if firewalld is installed command: rpm -q firewalld diff --git a/roles/os_update_latest/tasks/main.yml b/roles/os_update_latest/tasks/main.yml index 4a2c3d47a..2400164fa 100644 --- a/roles/os_update_latest/tasks/main.yml +++ b/roles/os_update_latest/tasks/main.yml @@ -1,3 +1,8 @@ --- +- fail: + msg: "Update is not yet supported by this playbook on atomic hosts" + when: openshift.common.is_containerized | bool + - name: Update all packages - yum: name=* state=latest + action: "{{ ansible_pkg_mgr }} name=* state=latest" + when: not openshift.common.is_containerized | bool
\ No newline at end of file diff --git a/roles/os_zabbix/tasks/main.yml b/roles/os_zabbix/tasks/main.yml index d0b307a3d..a8b65dd56 100644 --- a/roles/os_zabbix/tasks/main.yml +++ b/roles/os_zabbix/tasks/main.yml @@ -1,4 +1,8 @@ --- +- fail: + msg: "Zabbix config is not yet supported on atomic hosts" + when: openshift.common.is_containerized | bool + - name: Main List all templates zbx_template: zbx_server: "{{ ozb_server }}" @@ -37,6 +41,9 @@ - include_vars: template_aws.yml tags: - aws +- include_vars: template_zagg_server.yml + tags: + - zagg_server - name: Include Template Heartbeat include: ../../lib_zabbix/tasks/create_template.yml @@ -137,3 +144,13 @@ password: "{{ ozb_password }}" tags: - aws + +- name: Include Template Zagg Server + include: ../../lib_zabbix/tasks/create_template.yml + vars: + template: "{{ g_template_zagg_server }}" + server: "{{ ozb_server }}" + user: "{{ ozb_user }}" + password: "{{ ozb_password }}" + tags: + - zagg_server diff --git a/roles/os_zabbix/vars/template_docker.yml b/roles/os_zabbix/vars/template_docker.yml index bfabf50c5..a05e552e3 100644 --- a/roles/os_zabbix/vars/template_docker.yml +++ b/roles/os_zabbix/vars/template_docker.yml @@ -12,6 +12,16 @@ g_template_docker: - Docker Daemon value_type: int + - key: docker.container.dns.resolution + applications: + - Docker Daemon + value_type: int + + - key: docker.container.existing.dns.resolution.failed + applications: + - Docker Daemon + value_type: int + - key: docker.storage.is_loopback applications: - Docker Storage @@ -62,6 +72,16 @@ g_template_docker: url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_docker_ping.asciidoc' priority: high + - name: 'docker.container.dns.resolution failed on {HOST.NAME}' + expression: '{Template Docker:docker.container.dns.resolution.min(#3)}>0' + url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_docker_dns.asciidoc' + priority: average + + - name: 'docker.container.existing.dns.resolution.failed on {HOST.NAME}' + expression: '{Template Docker:docker.container.existing.dns.resolution.failed.min(#3)}>0' + url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_docker_dns.asciidoc' + priority: average + - name: 'Docker storage is using LOOPBACK on {HOST.NAME}' expression: '{Template Docker:docker.storage.is_loopback.last()}<>0' url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_docker_loopback.asciidoc' diff --git a/roles/os_zabbix/vars/template_openshift_master.yml b/roles/os_zabbix/vars/template_openshift_master.yml index 6972ac877..a0ba8d104 100644 --- a/roles/os_zabbix/vars/template_openshift_master.yml +++ b/roles/os_zabbix/vars/template_openshift_master.yml @@ -68,6 +68,36 @@ g_template_openshift_master: applications: - Openshift Master + - key: openshift.master.pv.total.count + description: Total number of Persistent Volumes in the Openshift Cluster + type: int + applications: + - Openshift Master + + - key: openshift.master.pv.available.count + description: Total number of Available Persistent Volumes in the Openshift Cluster + type: int + applications: + - Openshift Master + + - key: openshift.master.pv.released.count + description: Total number of Released Persistent Volumes in the Openshift Cluster + type: int + applications: + - Openshift Master + + - key: openshift.master.pv.bound.count + description: Total number of Bound Persistent Volumes in the Openshift Cluster + type: int + applications: + - Openshift Master + + - key: openshift.master.pv.failed.count + description: Total number of Failed Persistent Volumes in the Openshift Cluster + type: int + applications: + - Openshift Master + - key: openshift.master.etcd.create.success description: Show number of successful create actions type: int @@ -201,26 +231,6 @@ g_template_openshift_master: - Openshift Master Metrics ztriggers: - - name: 'Application creation has failed on {HOST.NAME}' - expression: '{Template Openshift Master:create_app.last(#1)}=1 and {Template Openshift Master:create_app.last(#2)}=1' - url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_create_app.asciidoc' - priority: avg - - - name: 'Openshift Master API health check is failing on {HOST.NAME}' - expression: '{Template Openshift Master:openshift.master.api.healthz.max(#3)}<1' - url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/openshift_master.asciidoc' - priority: high - - - name: 'Openshift Master API PING check is failing on {HOST.NAME}' - expression: '{Template Openshift Master:openshift.master.api.ping.max(#3)}<1' - url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/openshift_master.asciidoc' - priority: high - - - name: 'Openshift Master metric PING check is failing on {HOST.NAME}' - expression: '{Template Openshift Master:openshift.master.metric.ping.max(#3)}<1' - url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/openshift_master.asciidoc' - priority: avg - - name: 'Openshift Master process not running on {HOST.NAME}' expression: '{Template Openshift Master:openshift.master.process.count.max(#3)}<1' url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/openshift_master.asciidoc' @@ -231,6 +241,16 @@ g_template_openshift_master: url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/openshift_master.asciidoc' priority: high + - name: 'Low number of etcd watchers on {HOST.NAME}' + expression: '{Template Openshift Master:openshift.master.etcd.watchers.last(#1)}<10 and {Template Openshift Master:openshift.master.etcd.watchers.last(#2)}<10' + url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_etcd.asciidoc' + priority: avg + + - name: 'Etcd ping failed on {HOST.NAME}' + expression: '{Template Openshift Master:openshift.master.etcd.ping.last(#1)}=0 and {Template Openshift Master:openshift.master.etcd.ping.last(#2)}=0' + url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_etcd.asciidoc' + priority: high + - name: 'Number of users for Openshift Master on {HOST.NAME}' expression: '{Template Openshift Master:openshift.master.user.count.last()}=0' url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/openshift_master.asciidoc' @@ -241,19 +261,48 @@ g_template_openshift_master: url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/openshift_master.asciidoc' priority: info - - name: 'Low number of etcd watchers on {HOST.NAME}' - expression: '{Template Openshift Master:openshift.master.etcd.watchers.last(#1)}<10 and {Template Openshift Master:openshift.master.etcd.watchers.last(#2)}<10' - url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_etcd.asciidoc' + # Put triggers that depend on other triggers here (deps must be created first) + - name: 'Application creation has failed on {HOST.NAME}' + expression: '{Template Openshift Master:create_app.last(#1)}=1 and {Template Openshift Master:create_app.last(#2)}=1' + url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_create_app.asciidoc' + dependencies: + - 'Openshift Master process not running on {HOST.NAME}' priority: avg - - name: 'Etcd ping failed on {HOST.NAME}' - expression: '{Template Openshift Master:openshift.master.etcd.ping.last(#1)}=0 and {Template Openshift Master:openshift.master.etcd.ping.last(#2)}=0' - url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_etcd.asciidoc' + - name: 'Application creation has failed multiple times in the last hour on {HOST.NAME}' + expression: '{Template Openshift Master:create_app.sum(1h)}>3' + url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_create_app.asciidoc' + dependencies: + - 'Openshift Master process not running on {HOST.NAME}' + description: The application create loop has failed 4 or more times in the last hour + priority: avg + + - name: 'Openshift Master API health check is failing on {HOST.NAME}' + expression: '{Template Openshift Master:openshift.master.api.healthz.max(#3)}<1' + url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/openshift_master.asciidoc' + dependencies: + - 'Openshift Master process not running on {HOST.NAME}' + priority: high + + - name: 'Openshift Master API PING check is failing on {HOST.NAME}' + expression: '{Template Openshift Master:openshift.master.api.ping.max(#3)}<1' + url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/openshift_master.asciidoc' + dependencies: + - 'Openshift Master process not running on {HOST.NAME}' priority: high + - name: 'Openshift Master metric PING check is failing on {HOST.NAME}' + expression: '{Template Openshift Master:openshift.master.metric.ping.max(#3)}<1' + url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/openshift_master.asciidoc' + dependencies: + - 'Openshift Master process not running on {HOST.NAME}' + priority: avg + - name: 'Docker Registry check failed on {HOST.NAME}' expression: '{Template Openshift Master:openshift.master.registry.healthz.max(#2)}<1' url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/openshift_master.asciidoc' + dependencies: + - 'Openshift Master process not running on {HOST.NAME}' priority: high zgraphs: diff --git a/roles/os_zabbix/vars/template_os_linux.yml b/roles/os_zabbix/vars/template_os_linux.yml index 79d52ef9b..c6e557f12 100644 --- a/roles/os_zabbix/vars/template_os_linux.yml +++ b/roles/os_zabbix/vars/template_os_linux.yml @@ -258,26 +258,34 @@ g_template_os_linux: - Network ztriggerprototypes: - - name: 'Filesystem: {#OSO_FILESYS} has less than 15% free disk space on {HOST.NAME}' - expression: '{Template OS Linux:disc.filesys.full[{#OSO_FILESYS}].last()}>85' - url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_filesys_full.asciidoc' - priority: warn - - name: 'Filesystem: {#OSO_FILESYS} has less than 10% free disk space on {HOST.NAME}' expression: '{Template OS Linux:disc.filesys.full[{#OSO_FILESYS}].last()}>90' url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_filesys_full.asciidoc' priority: high - - name: 'Filesystem: {#OSO_FILESYS} has less than 10% free inodes on {HOST.NAME}' - expression: '{Template OS Linux:disc.filesys.inodes.pused[{#OSO_FILESYS}].last()}>90' + # This has a dependency on the previous trigger + # Trigger Prototypes do not work in 2.4. They will work in Zabbix 3.0 + - name: 'Filesystem: {#OSO_FILESYS} has less than 15% free disk space on {HOST.NAME}' + expression: '{Template OS Linux:disc.filesys.full[{#OSO_FILESYS}].last()}>85' url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_filesys_full.asciidoc' priority: warn + dependencies: + - 'Filesystem: {#OSO_FILESYS} has less than 10% free disk space on {HOST.NAME}' - name: 'Filesystem: {#OSO_FILESYS} has less than 5% free inodes on {HOST.NAME}' expression: '{Template OS Linux:disc.filesys.inodes.pused[{#OSO_FILESYS}].last()}>95' url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_filesys_full.asciidoc' priority: high + # This has a dependency on the previous trigger + # Trigger Prototypes do not work in 2.4. They will work in Zabbix 3.0 + - name: 'Filesystem: {#OSO_FILESYS} has less than 10% free inodes on {HOST.NAME}' + expression: '{Template OS Linux:disc.filesys.inodes.pused[{#OSO_FILESYS}].last()}>90' + url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_filesys_full.asciidoc' + priority: warn + dependencies: + - 'Filesystem: {#OSO_FILESYS} has less than 5% free inodes on {HOST.NAME}' + ztriggers: - name: 'Too many TOTAL processes on {HOST.NAME}' expression: '{Template OS Linux:proc.nprocs.last()}>5000' @@ -304,15 +312,3 @@ g_template_os_linux: description: 'CPU is less than 10% idle' dependencies: - 'CPU idle less than 5% on {HOST.NAME}' - - zgraphprototypes: - - name: Network Interface Usage - width: 1000 - height: 400 - graph_items: - - item_name: "Bytes per second IN on network interface {#OSO_NET_INTERFACE}" - item_type: prototype - color: red - - item_name: "Bytes per second OUT on network interface {#OSO_NET_INTERFACE}" - item_type: prototype - color: blue diff --git a/roles/os_zabbix/vars/template_zagg_server.yml b/roles/os_zabbix/vars/template_zagg_server.yml new file mode 100644 index 000000000..db5665993 --- /dev/null +++ b/roles/os_zabbix/vars/template_zagg_server.yml @@ -0,0 +1,46 @@ +--- +g_template_zagg_server: + name: Template Zagg Server + zitems: + - key: zagg.server.metrics.count + applications: + - Zagg Server + value_type: int + + - key: zagg.server.metrics.errors + applications: + - Zagg Server + value_type: int + + - key: zagg.server.heartbeat.errors + applications: + - Zagg Server + value_type: int + + - key: zagg.server.heartbeat.count + applications: + - Zagg Server + value_type: int + + ztriggers: + - name: 'Error processing metrics on {HOST.NAME}' + expression: '{Template Zagg Server:zagg.server.metrics.errors.min(#3)}>0' + url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/zagg_server.asciidoc' + priority: average + + - name: 'Error processing heartbeats on {HOST.NAME}' + expression: '{Template Zagg Server:zagg.server.heartbeat.errors.min(#3)}>0' + url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/zagg_server.asciidoc' + priority: average + + - name: 'Critically High number of metrics in Zagg queue {HOST.NAME}' + expression: '{Template Zagg Server:zagg.server.metrics.count.min(#3)}>10000' + url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/zagg_server.asciidoc' + priority: high + + - name: 'High number of metrics in Zagg queue {HOST.NAME}' + expression: '{Template Zagg Server:zagg.server.metrics.count.min(#3)}>5000' + url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/zagg_server.asciidoc' + dependencies: + - 'Critically High number of metrics in Zagg queue {HOST.NAME}' + priority: average diff --git a/roles/oso_host_monitoring/templates/oso-rhel7-zagg-client.service.j2 b/roles/oso_host_monitoring/templates/oso-rhel7-zagg-client.service.j2 index 978e40b88..bcc8a5e03 100644 --- a/roles/oso_host_monitoring/templates/oso-rhel7-zagg-client.service.j2 +++ b/roles/oso_host_monitoring/templates/oso-rhel7-zagg-client.service.j2 @@ -42,7 +42,7 @@ ExecStart=/usr/bin/docker run --name {{ osohm_zagg_client }} -v /etc/localtime:/etc/localtime \ -v /run/pcp:/run/pcp \ -v /var/run/docker.sock:/var/run/docker.sock \ - -v /var/run/openvswitch/db.sock:/var/run/openvswitch/db.sock \ + -v /var/run/openvswitch:/var/run/openvswitch \ {% if hostvars[inventory_hostname]['ec2_tag_host-type'] == 'master' %} -v /etc/openshift/master/admin.kubeconfig:/etc/openshift/master/admin.kubeconfig \ -v /etc/openshift/master/master.etcd-client.crt:/etc/openshift/master/master.etcd-client.crt \ diff --git a/roles/rhel_subscribe/tasks/main.yml b/roles/rhel_subscribe/tasks/main.yml index 30c0920a1..c160ea4e9 100644 --- a/roles/rhel_subscribe/tasks/main.yml +++ b/roles/rhel_subscribe/tasks/main.yml @@ -4,6 +4,7 @@ # to make it able to enable repositories - set_fact: + rhel_subscription_pool: "{{ lookup('oo_option', 'rhel_subscription_pool') | default(rhsub_pool, True) | default('OpenShift Enterprise, Premium*', True) }}" rhel_subscription_user: "{{ lookup('oo_option', 'rhel_subscription_user') | default(rhsub_user, True) | default(omit, True) }}" rhel_subscription_pass: "{{ lookup('oo_option', 'rhel_subscription_pass') | default(rhsub_pass, True) | default(omit, True) }}" rhel_subscription_server: "{{ lookup('oo_option', 'rhel_subscription_server') | default(rhsub_server) }}" @@ -30,7 +31,14 @@ redhat_subscription: username: "{{ rhel_subscription_user }}" password: "{{ rhel_subscription_pass }}" - autosubscribe: yes + +- name: Retrieve the OpenShift Pool ID + command: subscription-manager list --available --matches="{{ rhel_subscription_pool }}" --pool-only + register: openshift_pool_id + changed_when: False + +- name: Attach to OpenShift Pool + command: subscription-manager subscribe --pool {{ openshift_pool_id.stdout_lines[0] }} - include: enterprise.yml when: deployment_type == 'enterprise' diff --git a/roles/tito/tasks/main.yml b/roles/tito/tasks/main.yml index f7b4ef363..3cf9e2bfd 100644 --- a/roles/tito/tasks/main.yml +++ b/roles/tito/tasks/main.yml @@ -1,4 +1,2 @@ --- -- yum: - name: tito - state: present +- action: "{{ ansible_pkg_mgr }} name=tito state=present" diff --git a/roles/yum_repos/README.md b/roles/yum_repos/README.md index 51ecd5d34..908ab4972 100644 --- a/roles/yum_repos/README.md +++ b/roles/yum_repos/README.md @@ -6,7 +6,7 @@ This role allows easy deployment of yum repository config files. Requirements ------------ -Yum +Yum or dnf Role Variables -------------- diff --git a/roles/yum_repos/tasks/main.yml b/roles/yum_repos/tasks/main.yml index a9903c6c6..46928a00b 100644 --- a/roles/yum_repos/tasks/main.yml +++ b/roles/yum_repos/tasks/main.yml @@ -45,3 +45,4 @@ src: yumrepo.j2 dest: /etc/yum.repos.d/{{ item.id }}.repo with_items: repo_files + when: not openshift.common.is_containerized | bool |