From a0b6fc7db1be2cf6190d982f90e96f4c39a4c699 Mon Sep 17 00:00:00 2001 From: Tobias Florek Date: Wed, 23 Sep 2015 13:51:41 +0200 Subject: Initial containerization work from @ibotty copied from https://github.com/eparis/kubernetes-ansible/blob/17f98edd7ff53e649b43e26822b8fbc0be42b233/roles/common/tasks/main.yml --- roles/openshift_examples/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'roles/openshift_examples') diff --git a/roles/openshift_examples/defaults/main.yml b/roles/openshift_examples/defaults/main.yml index 0bc5d7750..ae642fae1 100644 --- a/roles/openshift_examples/defaults/main.yml +++ b/roles/openshift_examples/defaults/main.yml @@ -8,7 +8,7 @@ openshift_examples_load_quickstarts: true content_version: "{{ 'v1.1' if openshift.common.version_greater_than_3_1_or_1_1 else 'v1.0' }}" -examples_base: "/usr/share/openshift/examples" +examples_base: "{% if is_atomic %}{{ openshift.common.config_base }}{% else %}/usr/share/openshift{% endif %}/examples" image_streams_base: "{{ examples_base }}/image-streams" centos_image_streams: "{{ image_streams_base}}/image-streams-centos7.json" rhel_image_streams: "{{ image_streams_base}}/image-streams-rhel7.json" -- cgit v1.2.3 From 8e7c5c970b8adc83fd6d5cad115f4edb06b36d98 Mon Sep 17 00:00:00 2001 From: Scott Dodson Date: Mon, 5 Oct 2015 12:53:10 -0400 Subject: Containerization work by @sdodson --- README_CONTAINERIZED_INSTALLATION.md | 101 ++++++++++++++++++++ playbooks/adhoc/uninstall.yml | 32 ++++++- playbooks/common/openshift-cluster/config.yml | 2 + .../update_repos_and_packages.yml | 3 +- playbooks/common/openshift-docker/config.yml | 8 ++ playbooks/common/openshift-docker/filter_plugins | 1 + playbooks/common/openshift-docker/lookup_plugins | 1 + playbooks/common/openshift-docker/roles | 1 + playbooks/common/openshift-etcd/config.yml | 6 +- playbooks/common/openshift-master/config.yml | 4 +- playbooks/common/openshift-node/config.yml | 2 +- roles/docker/README.md | 2 +- roles/docker/tasks/main.yml | 12 ++- roles/etcd/defaults/main.yaml | 1 + roles/etcd/handlers/main.yml | 3 +- roles/etcd/tasks/main.yml | 38 +++++++- roles/etcd/templates/etcd.conf.j2 | 22 ++--- roles/etcd/templates/etcd.docker.service | 13 +++ roles/fluentd_master/tasks/main.yml | 2 +- roles/fluentd_node/tasks/main.yml | 2 +- roles/kube_nfs_volumes/tasks/main.yml | 4 +- roles/openshift_docker/meta/main.yml | 16 ++++ roles/openshift_docker/tasks/main.yml | 27 ++++++ roles/openshift_examples/defaults/main.yml | 2 +- roles/openshift_expand_partition/tasks/main.yml | 5 +- roles/openshift_facts/library/openshift_facts.py | 70 +++++++++++--- roles/openshift_facts/tasks/main.yml | 14 --- roles/openshift_master/tasks/main.yml | 61 ++++++++---- .../atomic-openshift-master-api.docker.service.j2 | 26 ++++++ ...-openshift-master-controllers.docker.service.j2 | 25 +++++ .../templates/master.docker.service.j2 | 16 ++++ .../templates/openshift.docker.master.service | 11 --- roles/openshift_master/vars/main.yml | 2 - roles/openshift_master_ca/tasks/main.yml | 7 +- roles/openshift_master_ca/vars/main.yml | 3 - roles/openshift_master_certificates/tasks/main.yml | 2 + roles/openshift_master_cluster/tasks/main.yml | 2 +- roles/openshift_node/tasks/main.yml | 102 ++++++++------------- .../openshift_node/tasks/storage_plugins/main.yml | 5 +- .../templates/openshift.docker.node.service | 13 ++- .../templates/openvswitch.docker.service | 13 +++ roles/openshift_node/vars/main.yml | 3 - roles/openshift_repos/tasks/main.yaml | 15 +-- roles/openshift_storage_nfs_lvm/tasks/main.yml | 5 + roles/openshift_storage_nfs_lvm/tasks/nfs.yml | 2 +- roles/os_env_extras/tasks/main.yaml | 2 +- roles/os_firewall/tasks/firewall/iptables.yml | 2 +- roles/os_update_latest/tasks/main.yml | 4 +- roles/os_zabbix/tasks/main.yml | 2 +- roles/yum_repos/tasks/main.yml | 2 +- 50 files changed, 536 insertions(+), 183 deletions(-) create mode 100644 README_CONTAINERIZED_INSTALLATION.md create mode 100644 playbooks/common/openshift-docker/config.yml create mode 120000 playbooks/common/openshift-docker/filter_plugins create mode 120000 playbooks/common/openshift-docker/lookup_plugins create mode 120000 playbooks/common/openshift-docker/roles create mode 100644 roles/etcd/templates/etcd.docker.service create mode 100644 roles/openshift_docker/meta/main.yml create mode 100644 roles/openshift_docker/tasks/main.yml create mode 100644 roles/openshift_master/templates/atomic-openshift-master-api.docker.service.j2 create mode 100644 roles/openshift_master/templates/atomic-openshift-master-controllers.docker.service.j2 create mode 100644 roles/openshift_master/templates/master.docker.service.j2 delete mode 100644 roles/openshift_master/templates/openshift.docker.master.service create mode 100644 roles/openshift_node/templates/openvswitch.docker.service (limited to 'roles/openshift_examples') diff --git a/README_CONTAINERIZED_INSTALLATION.md b/README_CONTAINERIZED_INSTALLATION.md new file mode 100644 index 000000000..5f51b9507 --- /dev/null +++ b/README_CONTAINERIZED_INSTALLATION.md @@ -0,0 +1,101 @@ +# Overview + +Users may now deploy containerized versions of OpenShift Origin, OpenShift +Enterprise, or Atomic Enterprise Platform on Atomic +Host[https://projectatomic.io] or RHEL, Centos, and Fedora. This includes +OpenvSwitch based SDN. + + +## Installing on Atomic Host + +When installing on Atomic Host you will automatically have containerized +installation methods selected for you based on detection of _/run/ostree-booted_ + +## Installing on RHEL, Centos, or Fedora + +Currently the default installation method for traditional operating systems is +via RPMs. If you wish to deploy using containerized installation you may set the +ansible variable 'containerized=true' on a per host basis. This means that you +may easily deploy environments mixing containerized and RPM based installs. At +this point we suggest deploying heterogeneous environments. + +## CLI Wrappers + +When using containerized installations openshift-ansible will deploy a wrapper +script on each master located in _/usr/local/bin/openshift_ and a set of +symbolic links _/usr/local/bin/oc_, _/usr/local/bin/oadm_, and +_/usr/local/bin/kubectl_ to ease administrative tasks. The wrapper script spawns +a new container on each invocation so you may notice it's slightly slower than +native clients. + +The wrapper scripts mount a limited subset of paths, _~/.kube_, _/etc/origin/_, +and _/tmp_. Be mindful of this when passing in files to be processed by `oc` or + `oadm`. You may find it easier to redirect input like this : + + `oc create -f - < my_file.json` + +## Technical Notes + +### Requisite Images + +Based on your deployment_type the installer will make use of the following +images. Because you may make use of a private repository we've moved the +configuration of docker additional, insecure, and blocked registries to the +beginning of the installation process ensuring that these settings are applied +before attempting to pull any of the following images. + + Origin + openshift/origin + openshift/node (node + openshift-sdn + openvswitch rpm for client tools) + openshift/openvswitch (centos7 + openvswitch rpm, runs ovsdb ovsctl processes) + registry.access.redhat.com/rhel7/etcd + OpenShift Enterprise + openshift3/ose + openshift3/node + openshift3/openvswitch + registry.access.redhat.com/rhel7/etcd + Atomic Enterprise Platform + aep3/aep + aep3/node + aep3/openvswitch + registry.access.redhat.com/rhel7/etcd + + * note openshift3/* and aep3/* images come from registry.access.redhat.com and +rely on the --additional-repository flag being set appropriately. + +### Starting and Stopping Containers + +The installer will create relevant systemd units which can be used to start, +stop, and poll services via normal systemctl commands. These unit names match +those of an RPM installation with the exception of the etcd service which will +be named 'etcd_container'. This change is necessary as currently Atomic Host +ships with etcd package installed as part of Atomic Host and we will instead use +a containerized version. The installer will disable the built in etcd service. +etcd is slated to be removed from os-tree in the future. + +### File Paths + +All configuration files are placed in the same locations as RPM based +installations and will survive os-tree upgrades. + +The examples are installed into _/etc/origin/examples_ rather than +_/usr/share/openshift/examples_ because that is read-only on Atomic Host. + + +### Storage Requirements + +Atomic Host installs normally have a very small root filesystem. However the +etcd, master, and node containers will persist data in /var/lib. Please ensure +that you have enough space on the root filesystem. + +### OpenvSwitch SDN Initialization + +OpenShift SDN initialization requires that the docker bridge be reconfigured and +docker is restarted. This complicates the situation when the node is running +within a container. When using the OVS SDN you'll see the node start, +reconfigure docker, restart docker which will restart all containers, and +finally start successfully. + +The node service may fail to start and be restarted a few times because the +master services are also restarted along with docker. We currently work around +this by relying on Restart=always in the docker based systemd units. diff --git a/playbooks/adhoc/uninstall.yml b/playbooks/adhoc/uninstall.yml index 9161076e5..55df78a3f 100644 --- a/playbooks/adhoc/uninstall.yml +++ b/playbooks/adhoc/uninstall.yml @@ -19,15 +19,19 @@ failed_when: false register: ostree_output + # Since we're not calling openshift_facts we'll do this for now - set_fact: is_atomic: "{{ ostree_output.rc == 0 }}" + - set_fact: + is_containerized: "{{ is_atomic or containerized | default(false) | bool }}" - name: Remove br0 interface shell: ovs-vsctl del-br br0 changed_when: False failed_when: False - - service: name={{ item }} state=stopped + - name: Stop services + service: name={{ item }} state=stopped with_items: - atomic-enterprise-master - atomic-enterprise-node @@ -46,8 +50,10 @@ - origin-master-controllers - origin-node - pcsd + failed_when: false - - action: "{{ ansible_pkg_mgr }} name={{ item }} state=absent" + - name: Remove packages + action: "{{ ansible_pkg_mgr }} name={{ item }} state=absent" when: not is_atomic | bool with_items: - atomic-enterprise @@ -132,14 +138,26 @@ with_items: - registry\.access\..*redhat\.com/openshift3 - registry\.access\..*redhat\.com/aep3 + - registry\.access\..*redhat\.com/rhel7/etcd - docker.io/openshift - shell: "docker rmi -f {{ item.stdout_lines | join(' ') }}" changed_when: False failed_when: False with_items: "{{ images_to_delete.results }}" + + - name: Remove sdn drop files + file: + path: /run/openshift-sdn + state: absent + + - name: restart docker + service: + name: docker + state: restarted - - file: path={{ item }} state=absent + - name: Remove remaining files + file: path={{ item }} state=absent with_items: - "~{{ ansible_ssh_user }}/.kube" - /etc/ansible/facts.d/openshift.fact @@ -149,7 +167,15 @@ - /etc/openshift - /etc/openshift-sdn - /etc/origin + - /etc/systemd/system/atomic-openshift-master.service + - /etc/systemd/system/atomic-openshift-master-api.service + - /etc/systemd/system/atomic-openshift-master-controllers.service + - /etc/systemd/system/atomic-openshift-node.service + - /etc/systemd/system/etcd_container.service + - /etc/systemd/system/openvswitch.service - /etc/sysconfig/atomic-enterprise-master + - /etc/sysconfig/atomic-enterprise-master-api + - /etc/sysconfig/atomic-enterprise-master-controllers - /etc/sysconfig/atomic-enterprise-node - /etc/sysconfig/atomic-openshift-master - /etc/sysconfig/atomic-openshift-master-api diff --git a/playbooks/common/openshift-cluster/config.yml b/playbooks/common/openshift-cluster/config.yml index 482fa8441..a62d60167 100644 --- a/playbooks/common/openshift-cluster/config.yml +++ b/playbooks/common/openshift-cluster/config.yml @@ -1,6 +1,8 @@ --- - include: evaluate_groups.yml +- include: ../openshift-docker/config.yml + - include: ../openshift-etcd/config.yml - include: ../openshift-master/config.yml diff --git a/playbooks/common/openshift-cluster/update_repos_and_packages.yml b/playbooks/common/openshift-cluster/update_repos_and_packages.yml index 6e4ad7d3f..9a303c62d 100644 --- a/playbooks/common/openshift-cluster/update_repos_and_packages.yml +++ b/playbooks/common/openshift-cluster/update_repos_and_packages.yml @@ -8,5 +8,6 @@ ansible_distribution == "RedHat" and lookup('oo_option', 'rhel_skip_subscription') | default(rhsub_skip, True) | default('no', True) | lower in ['no', 'false'] - - {role: openshift_repos, when: not is_atomic} + and not openshift.common.is_atomic | bool + - openshift_repos - os_update_latest diff --git a/playbooks/common/openshift-docker/config.yml b/playbooks/common/openshift-docker/config.yml new file mode 100644 index 000000000..c3541e544 --- /dev/null +++ b/playbooks/common/openshift-docker/config.yml @@ -0,0 +1,8 @@ +- name: Configure docker hosts + hosts: oo_masters_to_config:oo_nodes_to_config:oo_etcd_to_config:oo_lb_to_config + vars: + docker_additional_registries: "{{ lookup('oo_option', 'docker_additional_registries') | oo_split }}" + docker_insecure_registries: "{{ lookup('oo_option', 'docker_insecure_registries') | oo_split }}" + docker_blocked_registries: "{{ lookup('oo_option', 'docker_blocked_registries') | oo_split }}" + roles: + - openshift-docker diff --git a/playbooks/common/openshift-docker/filter_plugins b/playbooks/common/openshift-docker/filter_plugins new file mode 120000 index 000000000..99a95e4ca --- /dev/null +++ b/playbooks/common/openshift-docker/filter_plugins @@ -0,0 +1 @@ +../../../filter_plugins \ No newline at end of file diff --git a/playbooks/common/openshift-docker/lookup_plugins b/playbooks/common/openshift-docker/lookup_plugins new file mode 120000 index 000000000..ac79701db --- /dev/null +++ b/playbooks/common/openshift-docker/lookup_plugins @@ -0,0 +1 @@ +../../../lookup_plugins \ No newline at end of file diff --git a/playbooks/common/openshift-docker/roles b/playbooks/common/openshift-docker/roles new file mode 120000 index 000000000..20c4c58cf --- /dev/null +++ b/playbooks/common/openshift-docker/roles @@ -0,0 +1 @@ +../../../roles \ No newline at end of file diff --git a/playbooks/common/openshift-etcd/config.yml b/playbooks/common/openshift-etcd/config.yml index a0dd330e7..9a5ae0e6b 100644 --- a/playbooks/common/openshift-etcd/config.yml +++ b/playbooks/common/openshift-etcd/config.yml @@ -14,7 +14,8 @@ public_hostname: "{{ openshift_public_hostname | default(None) }}" deployment_type: "{{ openshift_deployment_type }}" - role: etcd - local_facts: {} + local_facts: + etcd_image: "{{ osm_etcd_image | default(None) }}" - name: Check status of etcd certificates stat: path: "{{ item }}" @@ -87,7 +88,8 @@ when: etcd_server_certs_missing roles: - etcd - - { role: nickhammond.logrotate, when: not is_atomic } + - role: nickhammond.logrotate + when: not openshift.common.is_containerized | bool - name: Delete temporary directory on localhost hosts: localhost diff --git a/playbooks/common/openshift-master/config.yml b/playbooks/common/openshift-master/config.yml index 453adb4ff..9c800af39 100644 --- a/playbooks/common/openshift-master/config.yml +++ b/playbooks/common/openshift-master/config.yml @@ -328,7 +328,7 @@ roles: - openshift_master - role: nickhammond.logrotate - when: not is_atomic + when: not openshift.common.is_containerized | bool - role: fluentd_master when: openshift.common.use_fluentd | bool post_tasks: @@ -357,7 +357,7 @@ cockpit_plugins: "{{ osm_cockpit_plugins | default(['cockpit-kubernetes']) }}" roles: - role: cockpit - when: ( deployment_type in ['atomic-enterprise','openshift-enterprise'] ) and + when: not openshift.common.is_containerized and ( deployment_type in ['atomic-enterprise','openshift-enterprise'] ) and (osm_use_cockpit | bool or osm_use_cockpit is undefined ) - name: Configure flannel diff --git a/playbooks/common/openshift-node/config.yml b/playbooks/common/openshift-node/config.yml index 6eee75064..80098d240 100644 --- a/playbooks/common/openshift-node/config.yml +++ b/playbooks/common/openshift-node/config.yml @@ -181,7 +181,7 @@ - role: flannel when: openshift.common.use_flannel | bool - role: nickhammond.logrotate - when: not is_atomic + when: not openshift.common.is_containerized | bool - role: fluentd_node when: openshift.common.use_fluentd | bool tasks: diff --git a/roles/docker/README.md b/roles/docker/README.md index 46f259eb7..6b5ee4421 100644 --- a/roles/docker/README.md +++ b/roles/docker/README.md @@ -1,4 +1,4 @@ -Role Name +Docker ========= Ensures docker package is installed, and optionally raises timeout for systemd-udevd.service to 5 minutes. diff --git a/roles/docker/tasks/main.yml b/roles/docker/tasks/main.yml index 7939221a1..4e24fd3b3 100644 --- a/roles/docker/tasks/main.yml +++ b/roles/docker/tasks/main.yml @@ -1,10 +1,18 @@ --- # tasks file for docker - name: Install docker - action: "{{ ansible_pkg_mgr }} name=docker state=present" and not is_atomic + action: "{{ ansible_pkg_mgr }} name=docker state=present" + when: not openshift.common.is_atomic | bool - name: enable and start the docker service - service: name=docker enabled=yes state=started + service: + name: docker + enabled: yes + state: started + register: start_result + +- set_fact: + docker_service_status_changed = start_result | changed - include: udev_workaround.yml when: docker_udev_workaround | default(False) diff --git a/roles/etcd/defaults/main.yaml b/roles/etcd/defaults/main.yaml index 0fd3de585..9e7fa59cf 100644 --- a/roles/etcd/defaults/main.yaml +++ b/roles/etcd/defaults/main.yaml @@ -1,4 +1,5 @@ --- +etcd_service: "{{ 'etcd' if not openshift.common.is_containerized else 'etcd_container' }}" etcd_interface: "{{ ansible_default_ipv4.interface }}" etcd_client_port: 2379 etcd_peer_port: 2380 diff --git a/roles/etcd/handlers/main.yml b/roles/etcd/handlers/main.yml index 4c0efb97b..aeb26d6b2 100644 --- a/roles/etcd/handlers/main.yml +++ b/roles/etcd/handlers/main.yml @@ -1,4 +1,5 @@ --- + - name: restart etcd - service: name=etcd state=restarted + service: name={{ etcd_service }} state=restarted when: not etcd_service_status_changed | default(false) diff --git a/roles/etcd/tasks/main.yml b/roles/etcd/tasks/main.yml index d661ce437..aef52886b 100644 --- a/roles/etcd/tasks/main.yml +++ b/roles/etcd/tasks/main.yml @@ -7,8 +7,42 @@ msg: IPv4 address not found for {{ etcd_interface }} when: "'ipv4' not in hostvars[inventory_hostname]['ansible_' ~ etcd_interface] or 'address' not in hostvars[inventory_hostname]['ansible_' ~ etcd_interface].ipv4" +- debug: var=openshift.common.is_containerized +- debug: var=openshift.common.is_atomic + - name: Install etcd - action: "{{ ansible_pkg_mgr }} name=etcd-2.* state=present" and not is_atomic + action: "{{ ansible_pkg_mgr }} name=etcd-2.* state=present" + when: not openshift.common.is_containerized | bool + +- name: Pull etcd container + command: > + docker pull {{ openshift.etcd.etcd_image }} + when: openshift.common.is_containerized | bool + +- name: Install etcd container service file + template: + dest: "/etc/systemd/system/etcd_container.service" + src: etcd.docker.service + register: install_etcd_result + when: openshift.common.is_containerized | bool + +- name: Ensure etcd datadir exists + when: openshift.common.is_containerized | bool + file: + path: "{{ etcd_data_dir }}" + state: directory + mode: 0700 + +- name: Disable system etcd when containerized + when: openshift.common.is_containerized | bool + service: + name: etcd + state: stopped + enabled: no + +- name: Reload systemd units + command: systemctl daemon-reload + when: openshift.common.is_containerized and ( install_etcd_result | changed ) - name: Validate permissions on the config dir file: @@ -52,7 +86,7 @@ - name: Enable etcd service: - name: etcd + name: "{{ etcd_service }}" state: started enabled: yes register: start_result diff --git a/roles/etcd/templates/etcd.conf.j2 b/roles/etcd/templates/etcd.conf.j2 index 32577c96c..28816fd87 100644 --- a/roles/etcd/templates/etcd.conf.j2 +++ b/roles/etcd/templates/etcd.conf.j2 @@ -15,13 +15,13 @@ ETCD_LISTEN_PEER_URLS={{ etcd_listen_peer_urls }} ETCD_NAME=default {% endif %} ETCD_DATA_DIR={{ etcd_data_dir }} -#ETCD_SNAPSHOT_COUNTER="10000" -ETCD_HEARTBEAT_INTERVAL="500" -ETCD_ELECTION_TIMEOUT="2500" +#ETCD_SNAPSHOT_COUNTER=10000 +ETCD_HEARTBEAT_INTERVAL=500 +ETCD_ELECTION_TIMEOUT=2500 ETCD_LISTEN_CLIENT_URLS={{ etcd_listen_client_urls }} -#ETCD_MAX_SNAPSHOTS="5" -#ETCD_MAX_WALS="5" -#ETCD_CORS="" +#ETCD_MAX_SNAPSHOTS=5 +#ETCD_MAX_WALS=5 +#ETCD_CORS= {% if groups[etcd_peers_group] and groups[etcd_peers_group] | length > 1 %} #[cluster] @@ -29,15 +29,15 @@ ETCD_INITIAL_ADVERTISE_PEER_URLS={{ etcd_initial_advertise_peer_urls }} ETCD_INITIAL_CLUSTER={{ initial_cluster() }} ETCD_INITIAL_CLUSTER_STATE={{ etcd_initial_cluster_state }} ETCD_INITIAL_CLUSTER_TOKEN={{ etcd_initial_cluster_token }} -#ETCD_DISCOVERY="" -#ETCD_DISCOVERY_SRV="" -#ETCD_DISCOVERY_FALLBACK="proxy" -#ETCD_DISCOVERY_PROXY="" +#ETCD_DISCOVERY= +#ETCD_DISCOVERY_SRV= +#ETCD_DISCOVERY_FALLBACK=proxy +#ETCD_DISCOVERY_PROXY= {% endif %} ETCD_ADVERTISE_CLIENT_URLS={{ etcd_advertise_client_urls }} #[proxy] -#ETCD_PROXY="off" +#ETCD_PROXY=off #[security] {% if etcd_url_scheme == 'https' -%} diff --git a/roles/etcd/templates/etcd.docker.service b/roles/etcd/templates/etcd.docker.service new file mode 100644 index 000000000..8058fa188 --- /dev/null +++ b/roles/etcd/templates/etcd.docker.service @@ -0,0 +1,13 @@ +[Unit] +Description=The Etcd Server container +After=docker.service + +[Service] +EnvironmentFile=/etc/etcd/etcd.conf +ExecStartPre=-/usr/bin/docker rm -f {{ etcd_service }} +ExecStart=/usr/bin/docker run --name {{ etcd_service }} --rm -v /var/lib/etcd:/var/lib/etcd:z -v /etc/etcd:/etc/etcd:z --env-file=/etc/etcd/etcd.conf --net=host --entrypoint=/usr/bin/etcd {{ openshift.etcd.etcd_image }} +ExecStop=/usr/bin/docker stop {{ etcd_service }} +Restart=always + +[Install] +WantedBy=multi-user.target diff --git a/roles/fluentd_master/tasks/main.yml b/roles/fluentd_master/tasks/main.yml index ddfa39284..a9531eecf 100644 --- a/roles/fluentd_master/tasks/main.yml +++ b/roles/fluentd_master/tasks/main.yml @@ -1,7 +1,7 @@ --- - fail: msg: "fluentd master is not yet supported on atomic hosts" - when: is_atomic + when: openshift.common.is_containerized | bool # TODO: Update fluentd install and configuration when packaging is complete - name: download and install td-agent diff --git a/roles/fluentd_node/tasks/main.yml b/roles/fluentd_node/tasks/main.yml index 4a29d1270..0c0dae973 100644 --- a/roles/fluentd_node/tasks/main.yml +++ b/roles/fluentd_node/tasks/main.yml @@ -1,7 +1,7 @@ --- - fail: msg: "fluentd node is not yet supported on atomic hosts" - when: is_atomic + when: openshift.common.is_containerized | bool # TODO: Update fluentd install and configuration when packaging is complete - name: download and install td-agent diff --git a/roles/kube_nfs_volumes/tasks/main.yml b/roles/kube_nfs_volumes/tasks/main.yml index 85338cd84..b3fe2f185 100644 --- a/roles/kube_nfs_volumes/tasks/main.yml +++ b/roles/kube_nfs_volumes/tasks/main.yml @@ -1,7 +1,7 @@ --- - fail: - msg: "That playbook is not yet supported on atomic hosts" - when: is_atomic + msg: "This role is not yet supported on atomic hosts" + when: openshift.common.is_atomic | bool - name: Install pyparted (RedHat/Fedora) action: "{{ ansible_pkg_mgr }} name=pyparted,python-httplib2 state=present" diff --git a/roles/openshift_docker/meta/main.yml b/roles/openshift_docker/meta/main.yml new file mode 100644 index 000000000..1e8f8b719 --- /dev/null +++ b/roles/openshift_docker/meta/main.yml @@ -0,0 +1,16 @@ +--- +galaxy_info: + author: Jason DeTiberus + description: OpenShift Docker + company: Red Hat, Inc. + license: Apache License, Version 2.0 + min_ansible_version: 1.9 + platforms: + - name: EL + versions: + - 7 + categories: + - cloud +dependencies: +- { role: openshift_common } +- { role: docker } diff --git a/roles/openshift_docker/tasks/main.yml b/roles/openshift_docker/tasks/main.yml new file mode 100644 index 000000000..f63b3acd5 --- /dev/null +++ b/roles/openshift_docker/tasks/main.yml @@ -0,0 +1,27 @@ +--- +- openshift_facts: + - role: common + local_facts: + deployment_type: "{{ openshift_deployment_type }}" + docker_additional_registries: "{{ docker_additional_registries | oo_split() }}" + docker_insecure_registries: "{{ docker_insecure_registries | oo_split() }}" + docker_blocked_registries: "{{ docker_blocked_registries | oo_split() }}" + +- name: Set registry params + lineinfile: + dest: /etc/sysconfig/docker + regexp: '^{{ reg_conf_var }}=.*$' + line: "{{ reg_conf_var }}='{{ reg_fact_val | oo_prepend_strings_in_list(reg_flag ~ ' ') | join(' ') }}'" + when: "'docker_additional_registries' in openshift.common" + with_items: + - reg_conf_var: ADD_REGISTRY + reg_fact_val: {{ openshift.common.docker_additional_registries }} + reg_flag: --add-registry + - reg_conf_var: BLOCK_REGISTRY + reg_fact_val: {{ openshift.common.docker_blocked_registries }} + reg_flag: --block-registry + - reg_conf_var: INSECURE_REGISTRY + reg_fact_val: {{ openshift.common.docker_insecure_registries }} + reg_flag: --insecure-registry + notify: + - restart docker diff --git a/roles/openshift_examples/defaults/main.yml b/roles/openshift_examples/defaults/main.yml index ae642fae1..d318d17e3 100644 --- a/roles/openshift_examples/defaults/main.yml +++ b/roles/openshift_examples/defaults/main.yml @@ -8,7 +8,7 @@ openshift_examples_load_quickstarts: true content_version: "{{ 'v1.1' if openshift.common.version_greater_than_3_1_or_1_1 else 'v1.0' }}" -examples_base: "{% if is_atomic %}{{ openshift.common.config_base }}{% else %}/usr/share/openshift{% endif %}/examples" +examples_base: "{% if openshift.common.is_atomic %}{{ openshift.common.config_base }}{% else %}/usr/share/openshift{% endif %}/examples" image_streams_base: "{{ examples_base }}/image-streams" centos_image_streams: "{{ image_streams_base}}/image-streams-centos7.json" rhel_image_streams: "{{ image_streams_base}}/image-streams-rhel7.json" diff --git a/roles/openshift_expand_partition/tasks/main.yml b/roles/openshift_expand_partition/tasks/main.yml index b74d635d5..cdd813e6a 100644 --- a/roles/openshift_expand_partition/tasks/main.yml +++ b/roles/openshift_expand_partition/tasks/main.yml @@ -1,13 +1,14 @@ --- - name: Ensure growpart is installed - action: "{{ ansible_pkg_mgr }} name=cloud-utils-growpart state=present" and not is_atomic + action: "{{ ansible_pkg_mgr }} name=cloud-utils-growpart state=present" + when: not openshift.common.is_containerized | bool - name: Determine if growpart is installed command: "rpm -q cloud-utils-growpart" register: has_growpart failed_when: "has_growpart.cr != 0 and 'package cloud-utils-growpart is not installed' not in has_growpart.stdout" changed_when: false - when: is_atomic + when: openshift.common.is_containerized | bool - name: Grow the partitions command: "growpart {{oep_drive}} {{oep_partition}}" diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py index 4278111c2..8e733a3a2 100755 --- a/roles/openshift_facts/library/openshift_facts.py +++ b/roles/openshift_facts/library/openshift_facts.py @@ -643,6 +643,20 @@ def set_deployment_facts_if_unset(facts): data_dir = '/var/lib/openshift' facts['common']['data_dir'] = data_dir + # remove duplicate and empty strings from registry lists + for cat in ['additional', 'blocked', 'insecure']: + key = 'docker_{0}_registries'.format(cat) + if key in facts['common']: + facts['common'][key] = set(facts['common'][key]) - set(['']) + + + if deployment_type in ['enterprise', 'atomic-enterprise', 'openshift-enterprise']: + addtl_regs = facts['common']['docker_additional_registries']: + ent_reg = 'registry.access.redhat.com' + if ent_reg not in addtl_regs + facts['common']['docker_additional_registries'].append(ent_reg) + + for role in ('master', 'node'): if role in facts: deployment_type = facts['common']['deployment_type'] @@ -1032,7 +1046,7 @@ class OpenShiftFacts(object): facts = set_version_facts_if_unset(facts) facts = set_aggregate_facts(facts) facts = set_etcd_facts_if_unset(facts) - facts = self.init_in_docker_facts(facts) + facts = self.set_containerized_facts_if_unset(facts) return dict(openshift=facts) def get_defaults(self, roles): @@ -1199,26 +1213,54 @@ class OpenShiftFacts(object): self.changed = changed return new_local_facts - def init_in_docker_facts(self, facts): - facts['is_atomic'] = os.path.isfile('/run/ostree-booted') - - docker = dict() - docker['image_name'] = 'openshift/origin' - # TODO: figure out right way to set the version - docker['image_version'] = 'latest' - docker['image'] = "%s:%s" % (docker['image_name'], docker['image_version']) + def set_containerized_facts_if_unset(self, facts): + deployment_type = facts['common']['deployment_type'] + if deployment_type in ['enterprise','openshift-enterprise']: + master_image = 'openshift3/ose' + cli_image = master_image + node_image = 'openshift3/node' + ovs_image = 'openshift3/openvswitch' + etcd_image = 'registry.access.redhat.com/rhel7/etcd' + elif deployment_type == 'atomic-enterprise': + master_image = 'aep3_beta/aep' + cli_image = master_image + node_image = 'aep3_beta/node' + ovs_image = 'aep3_beta/openvswitch' + etcd_image = 'registry.access.redhat.com/rhel7/etcd' + else: + master_image = 'openshift/origin' + cli_image = master_image + node_image = 'openshift/node' + ovs_image = 'openshift/openvswitch' + etcd_image = 'registry.access.redhat.com/rhel7/etcd' + + facts['common']['is_atomic'] = os.path.isfile('/run/ostree-booted') + if 'is_containerized' not in facts['common']: + facts['common']['is_containerized'] = facts['common']['is_atomic'] + if 'cli_image' not in facts['common']: + facts['common']['cli_image'] = cli_image + if 'master' in facts: + if 'master_image' not in facts['master']: + facts['master']['master_image'] = master_image + if 'node' in facts: + if 'node_image' not in facts ['node']: + facts['node']['node_image'] = node_image + if 'ovs_image' not in facts ['node']: + facts['node']['ovs_image'] = ovs_image + if 'etcd' in facts: + if 'etcd_image' not in facts['etcd']: + facts['etcd']['etcd_image'] = etcd_image # shared /tmp/openshift vol is for file exchange with ansible # --privileged is required to read the config dir # --net host to access openshift from the container # maybe -v /var/run/docker.sock:/var/run/docker.sock is required as well - docker['runner'] = "docker run --rm --privileged --net host -v /tmp/openshift:/tmp/openshift -v {datadir}:{datadir} -v {confdir}:{confdir} -e KUBECONFIG={confdir}/master/admin.kubeconfig {image}".format(confdir=facts['common']['config_base'], datadir=facts['common']['data_dir'], image=docker['image']) + runner = "docker run --rm --privileged --net host -v /tmp/openshift:/tmp/openshift -v {datadir}:{datadir} -v {confdir}:{confdir} -e KUBECONFIG={confdir}/master/admin.kubeconfig {image}".format(confdir=facts['common']['config_base'], datadir=facts['common']['data_dir'], image=facts['common']['cli_image']) - if facts['is_atomic']: - facts['common']['client_binary'] = '%s cli' % docker['runner'] - facts['common']['admin_binary'] = '%s admin' % docker['runner'] + if facts['common']['is_containerized']: + facts['common']['client_binary'] = '%s cli' % runner + facts['common']['admin_binary'] = '%s admin' % runner - facts['docker'] = docker return facts diff --git a/roles/openshift_facts/tasks/main.yml b/roles/openshift_facts/tasks/main.yml index e98b7c591..832f7ad84 100644 --- a/roles/openshift_facts/tasks/main.yml +++ b/roles/openshift_facts/tasks/main.yml @@ -6,20 +6,6 @@ - ansible_version | version_compare('1.9.0', 'ne') - ansible_version | version_compare('1.9.0.1', 'ne') -- name: Determine if Atomic - stat: path=/run/ostree-booted - register: s - changed_when: false - -- name: Init the is_atomic fact - set_fact: - is_atomic: false - -- name: Set the is_atomic fact - set_fact: - is_atomic: true - when: s.stat.exists - - name: Ensure PyYaml is installed action: "{{ ansible_pkg_mgr }} name=PyYAML state=present" diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml index 6844a16cc..e9e77d231 100644 --- a/roles/openshift_master/tasks/main.yml +++ b/roles/openshift_master/tasks/main.yml @@ -20,10 +20,9 @@ - fail: msg: "openshift_master_cluster_password must be set for multi-master installations" when: openshift_master_ha | bool and openshift_master_cluster_method == "pacemaker" and (openshift_master_cluster_password is not defined or not openshift_master_cluster_password) - - fail: - msg: "openshift_master_ha is not yet supported on atomic hosts" - when: openshift_master_ha | bool and is_atomic + msg: "Pacemaker based HA is not supported at this time when used with containerized installs" + when: openshift_master_ha | bool and openshift_master_cluster_method == "pacemaker" and openshift.common.is_containerized | bool - name: Set master facts openshift_facts: @@ -80,28 +79,38 @@ disabled_features: "{{ osm_disabled_features | default(None) }}" master_count: "{{ openshift_master_count | default(None) }}" controller_lease_ttl: "{{ osm_controller_lease_ttl | default(None) }}" + master_image: "{{ osm_image | default(None) }}" - name: Install Master package action: "{{ ansible_pkg_mgr }} name={{ openshift.common.service_type }}-master{{ openshift_version }} state=present" - when: not is_atomic + when: not openshift.common.is_containerized | bool # TODO: enable when ansible#1993 lands and is widespread enough # - name: Docker image present # docker: # image: "{{ openshift.common.docker.image }}" # state: image_present -# when: is_atomic +# when: openshift.common.is_containerized | bool - name: Install Master docker service file template: dest: "/etc/systemd/system/{{ openshift.common.service_type }}-master.service" - src: openshift.docker.master.service - register: install_result - when: is_atomic + src: master.docker.service.j2 + register: install_result + when: openshift.common.is_containerized | bool and not openshift_master_ha | bool + +- name: Create openshift.common.data_dir + file: + path: "{{ openshift.common.data_dir }}" + state: directory + mode: 0755 + owner: root + group: root + when: openshift.common.is_containerized | bool -- name: Reload systemd units +- name: Reload systemd units command: systemctl daemon-reload - when: is_atomic and install_result | changed + when: openshift.common.is_containerized | bool and install_result | changed - name: Re-gather package dependent master facts openshift_facts: @@ -134,9 +143,9 @@ - name: Install httpd-tools if needed action: "{{ ansible_pkg_mgr }} name=httpd-tools state=present" - when: (item.kind == 'HTPasswdPasswordIdentityProvider') + when: (item.kind == 'HTPasswdPasswordIdentityProvider') and + not openshift.common.is_containerized | bool with_items: openshift.master.identity_providers - when: not is_atomic - name: Ensure htpasswd directory exists file: @@ -154,16 +163,27 @@ when: item.kind == 'HTPasswdPasswordIdentityProvider' with_items: openshift.master.identity_providers +- name: Init HA Service Info + set_fact: + ha_suffix: "" + ha_svcdir: "/usr/lib/systemd/system" + +- name: Set HA Service Info for containerized installs + set_fact: + ha_suffix: ".docker" + ha_svcdir: "/etc/systemd/system" + when: openshift.common.is_containerized | bool + # workaround for missing systemd unit files for controllers/api - name: Create the api service file template: - src: atomic-openshift-master-api.service.j2 - dest: /usr/lib/systemd/system/{{ openshift.common.service_type }}-master-api.service + src: atomic-openshift-master-api{{ ha_suffix }}.service.j2 + dest: "{{ ha_svcdir }}/{{ openshift.common.service_type }}-master-api.service" when: openshift_master_ha | bool and openshift_master_cluster_method == "native" - name: Create the controllers service file template: - src: atomic-openshift-master-controllers.service.j2 - dest: /usr/lib/systemd/system/{{ openshift.common.service_type }}-master-controllers.service + src: atomic-openshift-master-controllers{{ ha_suffix }}.service.j2 + dest: "{{ ha_svcdir }}/{{ openshift.common.service_type }}-master-controllers.service" when: openshift_master_ha | bool and openshift_master_cluster_method == "native" - name: Create the api env file template: @@ -251,6 +271,10 @@ when: not openshift_master_ha | bool register: start_result +- name: Stop and disable non HA master when running HA + service: name={{ openshift.common.service_type }}-master enabled=no state=stopped + when: openshift_master_ha | bool + - set_fact: master_service_status_changed: start_result | changed when: not openshift_master_ha | bool @@ -275,12 +299,14 @@ - name: Install cluster packages action: "{{ ansible_pkg_mgr }} name=pcs state=present" - when: openshift_master_ha | bool and openshift.master.cluster_method == 'pacemaker' and not is_atomic + when: openshift_master_ha | bool and openshift.master.cluster_method == 'pacemaker' + and not openshift.common.is_containerized | bool register: install_result - name: Start and enable cluster service service: name=pcsd enabled=yes state=started when: openshift_master_ha | bool and openshift.master.cluster_method == 'pacemaker' + and not openshift.common.is_containerized | bool - name: Set the cluster user password shell: echo {{ openshift_master_cluster_password | quote }} | passwd --stdin hacluster @@ -307,7 +333,6 @@ command: cp {{ openshift_master_config_dir }}/admin.kubeconfig ~{{ item }}/.kube/config args: creates: ~{{ item }}/.kube/config - when: not is_atomic with_items: - root - "{{ ansible_ssh_user }}" diff --git a/roles/openshift_master/templates/atomic-openshift-master-api.docker.service.j2 b/roles/openshift_master/templates/atomic-openshift-master-api.docker.service.j2 new file mode 100644 index 000000000..936c39edf --- /dev/null +++ b/roles/openshift_master/templates/atomic-openshift-master-api.docker.service.j2 @@ -0,0 +1,26 @@ +[Unit] +Description=Atomic OpenShift Master API +Documentation=https://github.com/openshift/origin +After=network.target +After=etcd.service +Before={{ openshift.common.service_type }}-node.service +Requires=network.target +Requires=docker.service +PartOf=docker.service + +[Service] +EnvironmentFile=/etc/sysconfig/{{ openshift.common.service_type }}-master-api +Environment=GOTRACEBACK=crash +ExecStartPre=-/usr/bin/docker rm -f {{ openshift.common.service_type}}-master-api +ExecStart=/usr/bin/docker run --rm --privileged --net=host --name {{ openshift.common.service_type }}-master-api -v {{ openshift.common.data_dir }}:{{ openshift.common.data_dir }} -v /var/run/docker.sock:/var/run/docker.sock -v {{ openshift.common.config_base }}:{{ openshift.common.config_base }} {{ openshift.master.master_image }} start master api --config=${CONFIG_FILE} $OPTIONS +ExecStartPost=/usr/bin/sleep 10 +ExecStop=/usr/bin/docker stop {{ openshift.common.service_type }}-master-api +LimitNOFILE=131072 +LimitCORE=infinity +WorkingDirectory={{ openshift.common.data_dir }} +SyslogIdentifier=atomic-openshift-master-api +Restart=always + +[Install] +WantedBy=multi-user.target +WantedBy={{ openshift.common.service_type }}-node.service \ No newline at end of file diff --git a/roles/openshift_master/templates/atomic-openshift-master-controllers.docker.service.j2 b/roles/openshift_master/templates/atomic-openshift-master-controllers.docker.service.j2 new file mode 100644 index 000000000..6ba7d6e2a --- /dev/null +++ b/roles/openshift_master/templates/atomic-openshift-master-controllers.docker.service.j2 @@ -0,0 +1,25 @@ +[Unit] +Description=Atomic OpenShift Master Controllers +Documentation=https://github.com/openshift/origin +After=network.target +After={{ openshift.common.service_type }}-master-api.service +Before={{ openshift.common.service_type }}-node.service +Requires=docker.service +PartOf=docker.service + +[Service] +EnvironmentFile=/etc/sysconfig/{{ openshift.common.service_type }}-master-controllers +Environment=GOTRACEBACK=crash +ExecStartPre=-/usr/bin/docker rm -f {{ openshift.common.service_type}}-master-controllers +ExecStart=/usr/bin/docker run --rm --privileged --net=host --name {{ openshift.common.service_type }}-master-controllers -v {{ openshift.common.data_dir }}:{{ openshift.common.data_dir }} -v /var/run/docker.sock:/var/run/docker.sock -v {{ openshift.common.config_base }}:{{ openshift.common.config_base }} {{ openshift.master.master_image }} start master controllers --config=${CONFIG_FILE} $OPTIONS +ExecStartPost=/usr/bin/sleep 10 +ExecStop=/usr/bin/docker stop {{ openshift.common.service_type }}-master-controllers +LimitNOFILE=131072 +LimitCORE=infinity +WorkingDirectory={{ openshift.common.data_dir }} +SyslogIdentifier={{ openshift.common.service_type }}-master-controllers +Restart=on-failure + +[Install] +WantedBy=multi-user.target +WantedBy={{ openshift.common.service_type }}-node.service diff --git a/roles/openshift_master/templates/master.docker.service.j2 b/roles/openshift_master/templates/master.docker.service.j2 new file mode 100644 index 000000000..8b23d70b1 --- /dev/null +++ b/roles/openshift_master/templates/master.docker.service.j2 @@ -0,0 +1,16 @@ +[Unit] +After=docker.service +Before={{ openshift.common.service_type }}-node.service +Requires=docker.service +PartOf=docker.service + +[Service] +EnvironmentFile=/etc/sysconfig/{{ openshift.common.service_type }}-master +ExecStartPre=-/usr/bin/docker rm -f {{ openshift.common.service_type}}-master +ExecStart=/usr/bin/docker run --rm --privileged --net=host --name {{ openshift.common.service_type }}-master -v {{ openshift.common.data_dir }}:{{ openshift.common.data_dir }} -v /var/run/docker.sock:/var/run/docker.sock -v {{ openshift.common.config_base }}:{{ openshift.common.config_base }} {{ openshift.master.master_image }} start master --config=${CONFIG_FILE} $OPTIONS +ExecStartPost=/usr/bin/sleep 10 +ExecStop=/usr/bin/docker stop {{ openshift.common.service_type }}-master +Restart=always + +[Install] +WantedBy=multi-user.target diff --git a/roles/openshift_master/templates/openshift.docker.master.service b/roles/openshift_master/templates/openshift.docker.master.service deleted file mode 100644 index 9e436f8eb..000000000 --- a/roles/openshift_master/templates/openshift.docker.master.service +++ /dev/null @@ -1,11 +0,0 @@ -[Unit] -After=docker.service -Require=docker.service - -[Service] -EnvironmentFile=/etc/sysconfig/{{ openshift.common.service_type }}-master -ExecStart=/usr/bin/docker run --rm --privileged --net=host --name {{ openshift.common.service_type }}-master -v {{ openshift.common.data_dir }}:{{ openshift.common.data_dir }} -v /var/run/docker.sock:/var/run/docker.sock -v {{ openshift.common.config_base }}:{{ openshift.common.config_base }} {{ openshift_docker_image }} start master --config=${CONFIG_FILE} ${OPTIONS} -ExecStop=/usr/bin/docker stop {{ openshift.common.service_type }}-master - -[Install] -WantedBy=multi-user.target diff --git a/roles/openshift_master/vars/main.yml b/roles/openshift_master/vars/main.yml index 875d61a3b..534465451 100644 --- a/roles/openshift_master/vars/main.yml +++ b/roles/openshift_master/vars/main.yml @@ -5,8 +5,6 @@ openshift_master_scheduler_conf: "{{ openshift_master_config_dir }}/scheduler.js openshift_master_session_secrets_file: "{{ openshift_master_config_dir }}/session-secrets.yaml" openshift_master_policy: "{{ openshift_master_config_dir }}/policy.json" openshift_version: "{{ openshift_pkg_version | default('') }}" -openshift_docker_image_name: openshift/origin -openshift_docker_image: "{{ openshift_docker_image_name }}:{{ openshift_pkg_version | default('latest') }}" openshift_master_valid_grant_methods: - auto diff --git a/roles/openshift_master_ca/tasks/main.yml b/roles/openshift_master_ca/tasks/main.yml index c179ceb61..17d832d26 100644 --- a/roles/openshift_master_ca/tasks/main.yml +++ b/roles/openshift_master_ca/tasks/main.yml @@ -1,7 +1,7 @@ --- - name: Install the base package for admin tooling action: "{{ ansible_pkg_mgr }} name={{ openshift.common.service_type }}{{ openshift_version }} state=present" - when: not is_atomic + when: openshift.common.is_containerized | bool - name: Reload generated facts openshift_facts: @@ -12,6 +12,11 @@ path: "{{ openshift_master_config_dir }}" state: directory +- name: Pull required docker image + command: > + docker pull {{ openshift.common.cli_image }} + when: openshift.common.is_containerized | bool + - name: Create the master certificates if they do not already exist command: > {{ openshift.common.admin_binary }} create-master-certs diff --git a/roles/openshift_master_ca/vars/main.yml b/roles/openshift_master_ca/vars/main.yml index 0f1f32a34..b35339b18 100644 --- a/roles/openshift_master_ca/vars/main.yml +++ b/roles/openshift_master_ca/vars/main.yml @@ -4,6 +4,3 @@ openshift_master_ca_cert: "{{ openshift_master_config_dir }}/ca.crt" openshift_master_ca_key: "{{ openshift_master_config_dir }}/ca.key" openshift_master_ca_serial: "{{ openshift_master_config_dir }}/ca.serial.txt" openshift_version: "{{ openshift_pkg_version | default('') }}" - -openshift_docker_image_name: openshift/origin -openshift_docker_image: "{{ openshift_docker_image_name }}:{{ openshift_pkg_version | default('latest') }}" diff --git a/roles/openshift_master_certificates/tasks/main.yml b/roles/openshift_master_certificates/tasks/main.yml index 13e5d7a4b..36d953111 100644 --- a/roles/openshift_master_certificates/tasks/main.yml +++ b/roles/openshift_master_certificates/tasks/main.yml @@ -16,6 +16,8 @@ - admin.kubeconfig - master.kubelet-client.crt - master.kubelet-client.key + - master.server.crt + - master.server.key - openshift-master.crt - openshift-master.key - openshift-master.kubeconfig diff --git a/roles/openshift_master_cluster/tasks/main.yml b/roles/openshift_master_cluster/tasks/main.yml index 978e2920d..40705d357 100644 --- a/roles/openshift_master_cluster/tasks/main.yml +++ b/roles/openshift_master_cluster/tasks/main.yml @@ -1,7 +1,7 @@ --- - fail: msg: "Not possible on atomic hosts for now" - when: is_atomic + when: openshift.common.is_containerized | bool - name: Test if cluster is already configured command: pcs status diff --git a/roles/openshift_node/tasks/main.yml b/roles/openshift_node/tasks/main.yml index 8607aa3fb..67c6387a3 100644 --- a/roles/openshift_node/tasks/main.yml +++ b/roles/openshift_node/tasks/main.yml @@ -4,10 +4,6 @@ msg: "SELinux is disabled, This deployment type requires that SELinux is enabled." when: (not ansible_selinux or ansible_selinux.status != 'enabled') and deployment_type in ['enterprise', 'online', 'atomic-enterprise', 'openshift-enterprise'] -- fail: - msg: "This playbook does not support using SDN on atomic hosts yet" - when: openshift.common.use_openshift_sdn and is_atomic - - name: Set node facts openshift_facts: role: "{{ item.role }}" @@ -37,16 +33,50 @@ sdn_mtu: "{{ openshift_node_sdn_mtu | default(None) }}" storage_plugin_deps: "{{ osn_storage_plugin_deps | default(None) }}" set_node_ip: "{{ openshift_set_node_ip | default(None) }}" + node_image: "{{ osn_image | default(None) }}" + ovs_image: "{{ osn_ovs_image | default(None) }}" # We have to add tuned-profiles in the same transaction otherwise we run into depsolving -# problems because the rpms don't pin the version properly. +# problems because the rpms don't pin the version properly. This was fixed in 3.1 packaging. - name: Install Node package action: "{{ ansible_pkg_mgr }} name={{ openshift.common.service_type }}-node{{ openshift_version }},tuned-profiles-{{ openshift.common.service_type }}-node{{ openshift_version }} state=present" - when: not is_atomic + when: not openshift.common.is_containerized | bool - name: Install sdn-ovs package action: "{{ ansible_pkg_mgr }} name={{ openshift.common.service_type }}-sdn-ovs{{ openshift_version }} state=present" - when: openshift.common.use_openshift_sdn and not is_atomic + when: openshift.common.use_openshift_sdn and not openshift.common.is_containerized | bool + +- name: Install Node docker service file + template: + dest: "/etc/systemd/system/{{ openshift.common.service_type }}-node.service" + src: openshift.docker.node.service + register: install_node_result + when: openshift.common.is_containerized | bool + +- name: Create openshift.common.data_dir + file: + path: openshift.common.data_dir + state: directory + mode: 0755 + owner: root + group: root + when: openshift.common.is_containerized | bool + +- name: Install OpenvSwitch docker service file + template: + dest: "/etc/systemd/system/openvswitch.service" + src: openvswitch.docker.service + register: install_ovs_result + when: openshift.common.is_containerized | bool and openshift.common.use_openshift_sdn | bool + +- name: Reload systemd units + command: systemctl daemon-reload + when: openshift.common.is_containerized and ( ( install_node_result | changed ) + or ( install_ovs_result | changed ) ) + +- name: Start and enable openvswitch docker service + service: name=openvswitch.service enabled=yes state=started + when: openshift.common.is_containerized | bool and openshift.common.use_openshift_sdn | bool # TODO: add the validate parameter when there is a validation command to run - name: Create the Node config @@ -71,64 +101,6 @@ notify: - restart node -- stat: path=/etc/sysconfig/docker - register: docker_check - - # TODO: Enable secure registry when code available in origin -- name: Secure Registry and Logs Options - lineinfile: - dest: /etc/sysconfig/docker - regexp: '^OPTIONS=.*$' - line: "OPTIONS='--insecure-registry={{ openshift.node.portal_net }} \ -{% if ansible_selinux and ansible_selinux.status == '''enabled''' %}--selinux-enabled{% endif %} \ -{% if openshift.node.docker_log_driver is defined %} --log-driver {{ openshift.node.docker_log_driver }} {% endif %} \ -{% if openshift.node.docker_log_options is defined %} {{ openshift.node.docker_log_options | oo_split() | oo_prepend_strings_in_list('--log-opt ') | join(' ')}} {% endif %} '" - when: docker_check.stat.isreg - notify: - - restart docker - -- set_fact: - docker_additional_registries: "{{ lookup('oo_option', 'docker_additional_registries') - | oo_split() | union(['registry.access.redhat.com']) - | difference(['']) }}" - when: openshift.common.deployment_type in ['enterprise', 'openshift-enterprise', 'atomic-enterprise'] -- set_fact: - docker_additional_registries: "{{ lookup('oo_option', 'docker_additional_registries') - | oo_split() | difference(['']) }}" - when: openshift.common.deployment_type not in ['enterprise', 'openshift-enterprise', 'atomic-enterprise'] - -- name: Add personal registries - lineinfile: - dest: /etc/sysconfig/docker - regexp: '^ADD_REGISTRY=.*$' - line: "ADD_REGISTRY='{{ docker_additional_registries - | oo_prepend_strings_in_list('--add-registry ') | join(' ') }}'" - when: docker_check.stat.isreg and docker_additional_registries - notify: - - restart docker - -- name: Block registries - lineinfile: - dest: /etc/sysconfig/docker - regexp: '^BLOCK_REGISTRY=.*$' - line: "BLOCK_REGISTRY='{{ lookup('oo_option', 'docker_blocked_registries') | oo_split() - | oo_prepend_strings_in_list('--block-registry ') | join(' ') }}'" - when: docker_check.stat.isreg and - lookup('oo_option', 'docker_blocked_registries') != '' - notify: - - restart docker - -- name: Grant access to additional insecure registries - lineinfile: - dest: /etc/sysconfig/docker - regexp: '^INSECURE_REGISTRY=.*' - line: "INSECURE_REGISTRY='{{ lookup('oo_option', 'docker_insecure_registries') | oo_split() - | oo_prepend_strings_in_list('--insecure-registry ') | join(' ') }}'" - when: docker_check.stat.isreg and - lookup('oo_option', 'docker_insecure_registries') != '' - notify: - - restart docker - - name: Additional storage plugin configuration include: storage_plugins/main.yml diff --git a/roles/openshift_node/tasks/storage_plugins/main.yml b/roles/openshift_node/tasks/storage_plugins/main.yml index 39c7b9390..d237c26ec 100644 --- a/roles/openshift_node/tasks/storage_plugins/main.yml +++ b/roles/openshift_node/tasks/storage_plugins/main.yml @@ -3,11 +3,12 @@ # additional package dependencies - name: NFS storage plugin configuration include: nfs.yml + when: not openshift.common.is_containerized | bool - name: GlusterFS storage plugin configuration include: glusterfs.yml - when: "'glusterfs' in openshift.node.storage_plugin_deps" + when: "'glusterfs' in openshift.node.storage_plugin_deps and not openshift.common.is_containerized | bool " - name: Ceph storage plugin configuration include: ceph.yml - when: "'ceph' in openshift.node.storage_plugin_deps" + when: "'ceph' in openshift.node.storage_plugin_deps and not openshift.common.is_containerized | bool" diff --git a/roles/openshift_node/templates/openshift.docker.node.service b/roles/openshift_node/templates/openshift.docker.node.service index e9df34940..7a11a10fa 100644 --- a/roles/openshift_node/templates/openshift.docker.node.service +++ b/roles/openshift_node/templates/openshift.docker.node.service @@ -1,11 +1,20 @@ [Unit] After=docker.service -Require=docker.service +After={{ openshift.common.service_type }}-master.service +After=openvswitch.service +{% if openshift.common.use_openshift_sdn %} +Requires=openvswitch.service +{% endif %} +Requires=docker.service +PartOf=docker.service [Service] EnvironmentFile=/etc/sysconfig/{{ openshift.common.service_type }}-node -ExecStart=/usr/bin/docker run --rm --privileged --net=host --name "{{ openshift.common.service_type }}-node" -v /:/rootfs:ro -v {{ openshift.common.data_dir }}:{{ openshift.common.data_dir }} -v /var/run/docker.sock:/var/run/docker.sock -v {{ openshift.common.config_base }}:{{ openshift.common.config_base }} {{ openshift_docker_image }} start node --config=${CONFIG_FILE} ${OPTIONS} +ExecStartPre=-/usr/bin/docker rm -f {{ openshift.common.service_type }}-node +ExecStart=/usr/bin/docker run --name {{ openshift.common.service_type }}-node --rm --privileged --net=host --pid=host -v /:/rootfs:ro -e CONFIG_FILE=${CONFIG_FILE} -e OPTIONS=${OPTIONS} -e HOST=/rootfs -e HOST_ETC=/host-etc -v {{ openshift.common.data_dir }}:{{ openshift.common.data_dir }} -v {{ openshift.common.config_base }}/node:{{ openshift.common.config_base }}/node -v /etc/localtime:/etc/localtime:ro -v /etc/machine-id:/etc/machine-id:ro -v /run:/run -v /sys:/sys:ro -v /usr/bin/docker:/usr/bin/docker:ro -v /var/lib/docker:/var/lib/docker -v /lib/modules:/lib/modules -v /etc/origin/openvswitch:/etc/openvswitch -v /etc/origin/sdn:/etc/openshift-sdn -v /etc/systemd/system:/host-etc/systemd/system {{ openshift.node.node_image }} +ExecStartPost=/usr/bin/sleep 10 ExecStop=/usr/bin/docker stop {{ openshift.common.service_type }}-node +Restart=always [Install] WantedBy=multi-user.target diff --git a/roles/openshift_node/templates/openvswitch.docker.service b/roles/openshift_node/templates/openvswitch.docker.service new file mode 100644 index 000000000..0b42ca6d5 --- /dev/null +++ b/roles/openshift_node/templates/openvswitch.docker.service @@ -0,0 +1,13 @@ +[Unit] +After=docker.service +Requires=docker.service +PartOf=docker.service + +[Service] +ExecStartPre=-/usr/bin/docker rm -f openvswitch +ExecStart=/usr/bin/docker run --name openvswitch --rm --privileged --net=host --pid=host -v /lib/modules:/lib/modules -v /run:/run -v /sys:/sys:ro -v /etc/origin/openvswitch:/etc/openvswitch {{ openshift.node.ovs_image }} +ExecStop=/usr/bin/docker stop openvswitch +Restart=always + +[Install] +WantedBy=multi-user.target diff --git a/roles/openshift_node/vars/main.yml b/roles/openshift_node/vars/main.yml index c57d1bcca..43dc50ca8 100644 --- a/roles/openshift_node/vars/main.yml +++ b/roles/openshift_node/vars/main.yml @@ -2,6 +2,3 @@ openshift_node_config_dir: "{{ openshift.common.config_base }}/node" openshift_node_config_file: "{{ openshift_node_config_dir }}/node-config.yaml" openshift_version: "{{ openshift_pkg_version | default('') }}" - -openshift_docker_image_name: openshift/origin -openshift_docker_image: "{{ openshift_docker_image_name }}:{{ openshift_pkg_version | default('latest') }}" diff --git a/roles/openshift_repos/tasks/main.yaml b/roles/openshift_repos/tasks/main.yaml index 6d0d1d493..6d910a66e 100644 --- a/roles/openshift_repos/tasks/main.yaml +++ b/roles/openshift_repos/tasks/main.yaml @@ -12,20 +12,20 @@ - name: Ensure libselinux-python is installed action: "{{ ansible_pkg_mgr }} name=libselinux-python state=present" - when: not is_atomic + when: not openshift.common.is_containerized | bool - name: Create any additional repos that are defined template: src: yum_repo.j2 dest: /etc/yum.repos.d/openshift_additional.repo - when: openshift_additional_repos | length > 0 and not is_atomic + when: openshift_additional_repos | length > 0 and not openshift.common.is_containerized | bool notify: refresh cache - name: Remove the additional repos if no longer defined file: dest: /etc/yum.repos.d/openshift_additional.repo state: absent - when: openshift_additional_repos | length == 0 and not is_atomic + when: openshift_additional_repos | length == 0 and not openshift.common.is_containerized | bool notify: refresh cache - name: Remove any yum repo files for other deployment types RHEL/CentOS @@ -36,7 +36,7 @@ - '*/repos/*' when: not (item | search("/files/" ~ openshift_deployment_type ~ "/repos")) and (ansible_os_family == "RedHat" and ansible_distribution != "Fedora") - and not is_atomic + and not openshift.common.is_containerized | bool notify: refresh cache - name: Remove any yum repo files for other deployment types Fedora @@ -47,7 +47,7 @@ - '*/repos/*' when: not (item | search("/files/fedora-" ~ openshift_deployment_type ~ "/repos")) and (ansible_distribution == "Fedora") - and not is_atomic + and not openshift.common.is_containerized | bool notify: refresh cache - name: Configure gpg keys if needed @@ -55,6 +55,7 @@ with_fileglob: - "{{ openshift_deployment_type }}/gpg_keys/*" notify: refresh cache + when: not openshift.common.is_containerized | bool - name: Configure yum repositories RHEL/CentOS copy: src={{ item }} dest=/etc/yum.repos.d/ @@ -62,11 +63,11 @@ - "{{ openshift_deployment_type }}/repos/*" notify: refresh cache when: (ansible_os_family == "RedHat" and ansible_distribution != "Fedora") - and not is_atomic + and not openshift.common.is_containerized | bool - name: Configure yum repositories Fedora copy: src={{ item }} dest=/etc/yum.repos.d/ with_fileglob: - "fedora-{{ openshift_deployment_type }}/repos/*" notify: refresh cache - when: (ansible_distribution == "Fedora") and not is_atomic + when: (ansible_distribution == "Fedora") and not openshift.common.is_containerized | bool diff --git a/roles/openshift_storage_nfs_lvm/tasks/main.yml b/roles/openshift_storage_nfs_lvm/tasks/main.yml index ead81b876..ea0cc2a94 100644 --- a/roles/openshift_storage_nfs_lvm/tasks/main.yml +++ b/roles/openshift_storage_nfs_lvm/tasks/main.yml @@ -1,4 +1,9 @@ --- +# TODO -- this may actually work on atomic hosts +- fail: + msg: "openshift_storage_nfs_lvm is not compatible with atomic host" + when: openshift.common.is_atomic | true + - name: Create lvm volumes lvol: vg={{osnl_volume_group}} lv={{ item }} size={{osnl_volume_size}}G with_sequence: start={{osnl_volume_num_start}} count={{osnl_number_of_volumes}} format={{osnl_volume_prefix}}{{osnl_volume_size}}g%04d diff --git a/roles/openshift_storage_nfs_lvm/tasks/nfs.yml b/roles/openshift_storage_nfs_lvm/tasks/nfs.yml index df7c0e57d..fc8de1cb5 100644 --- a/roles/openshift_storage_nfs_lvm/tasks/nfs.yml +++ b/roles/openshift_storage_nfs_lvm/tasks/nfs.yml @@ -1,7 +1,7 @@ --- - name: Install NFS server action: "{{ ansible_pkg_mgr }} name=nfs-utils state=present" - when: not is_atomic + when: not openshift.common.is_containerized | bool - name: Start rpcbind service: name=rpcbind state=started enabled=yes diff --git a/roles/os_env_extras/tasks/main.yaml b/roles/os_env_extras/tasks/main.yaml index d52795289..628df713a 100644 --- a/roles/os_env_extras/tasks/main.yaml +++ b/roles/os_env_extras/tasks/main.yaml @@ -13,4 +13,4 @@ - name: Bash Completion action: "{{ ansible_pkg_mgr }} name=bash-completion state=present" - when: not is_atomic \ No newline at end of file + when: not openshift.common.is_containerized | bool \ No newline at end of file diff --git a/roles/os_firewall/tasks/firewall/iptables.yml b/roles/os_firewall/tasks/firewall/iptables.yml index 01b8263d5..d26ba7ee9 100644 --- a/roles/os_firewall/tasks/firewall/iptables.yml +++ b/roles/os_firewall/tasks/firewall/iptables.yml @@ -5,7 +5,7 @@ - iptables - iptables-services register: install_result - when: not is_atomic + when: not openshift.common.is_containerized | bool - name: Check if firewalld is installed command: rpm -q firewalld diff --git a/roles/os_update_latest/tasks/main.yml b/roles/os_update_latest/tasks/main.yml index 3c3e80979..2400164fa 100644 --- a/roles/os_update_latest/tasks/main.yml +++ b/roles/os_update_latest/tasks/main.yml @@ -1,8 +1,8 @@ --- - fail: msg: "Update is not yet supported by this playbook on atomic hosts" - when: is_atomic + when: openshift.common.is_containerized | bool - name: Update all packages action: "{{ ansible_pkg_mgr }} name=* state=latest" - when: not is_atomic \ No newline at end of file + when: not openshift.common.is_containerized | bool \ No newline at end of file diff --git a/roles/os_zabbix/tasks/main.yml b/roles/os_zabbix/tasks/main.yml index bd879c25f..a8b65dd56 100644 --- a/roles/os_zabbix/tasks/main.yml +++ b/roles/os_zabbix/tasks/main.yml @@ -1,7 +1,7 @@ --- - fail: msg: "Zabbix config is not yet supported on atomic hosts" - when: is_atomic + when: openshift.common.is_containerized | bool - name: Main List all templates zbx_template: diff --git a/roles/yum_repos/tasks/main.yml b/roles/yum_repos/tasks/main.yml index 252dc71d5..46928a00b 100644 --- a/roles/yum_repos/tasks/main.yml +++ b/roles/yum_repos/tasks/main.yml @@ -45,4 +45,4 @@ src: yumrepo.j2 dest: /etc/yum.repos.d/{{ item.id }}.repo with_items: repo_files - when: not is_atomic + when: not openshift.common.is_containerized | bool -- cgit v1.2.3 From 043d6b3a7e3c6b799ddf4157ccdf2b2b67451d81 Mon Sep 17 00:00:00 2001 From: Jason DeTiberus Date: Fri, 20 Nov 2015 15:45:39 -0500 Subject: fixes --- playbooks/common/openshift-docker/config.yml | 3 +- roles/docker/handlers/main.yml | 5 +- roles/etcd/tasks/main.yml | 17 ++- roles/openshift_docker/tasks/main.yml | 18 +-- roles/openshift_examples/defaults/main.yml | 8 +- roles/openshift_facts/library/openshift_facts.py | 126 ++++++++++++--------- roles/openshift_facts/tasks/main.yml | 5 +- roles/openshift_manage_node/tasks/main.yml | 1 + roles/openshift_master/tasks/main.yml | 1 + .../templates/master.docker.service.j2 | 2 +- roles/openshift_node/meta/main.yml | 1 - roles/openshift_serviceaccounts/tasks/main.yml | 1 + 12 files changed, 104 insertions(+), 84 deletions(-) (limited to 'roles/openshift_examples') diff --git a/playbooks/common/openshift-docker/config.yml b/playbooks/common/openshift-docker/config.yml index c3541e544..f838dd66c 100644 --- a/playbooks/common/openshift-docker/config.yml +++ b/playbooks/common/openshift-docker/config.yml @@ -5,4 +5,5 @@ docker_insecure_registries: "{{ lookup('oo_option', 'docker_insecure_registries') | oo_split }}" docker_blocked_registries: "{{ lookup('oo_option', 'docker_blocked_registries') | oo_split }}" roles: - - openshift-docker + - openshift_facts + - openshift_docker diff --git a/roles/docker/handlers/main.yml b/roles/docker/handlers/main.yml index 7d60f1891..9f827417f 100644 --- a/roles/docker/handlers/main.yml +++ b/roles/docker/handlers/main.yml @@ -1,7 +1,10 @@ --- - name: restart docker - service: name=docker state=restarted + service: + name: docker + state: restarted + when: not docker_service_status_changed | default(false) - name: restart udev service: diff --git a/roles/etcd/tasks/main.yml b/roles/etcd/tasks/main.yml index aef52886b..6906244e9 100644 --- a/roles/etcd/tasks/main.yml +++ b/roles/etcd/tasks/main.yml @@ -7,9 +7,6 @@ msg: IPv4 address not found for {{ etcd_interface }} when: "'ipv4' not in hostvars[inventory_hostname]['ansible_' ~ etcd_interface] or 'address' not in hostvars[inventory_hostname]['ansible_' ~ etcd_interface].ipv4" -- debug: var=openshift.common.is_containerized -- debug: var=openshift.common.is_atomic - - name: Install etcd action: "{{ ansible_pkg_mgr }} name=etcd-2.* state=present" when: not openshift.common.is_containerized | bool @@ -25,7 +22,7 @@ src: etcd.docker.service register: install_etcd_result when: openshift.common.is_containerized | bool - + - name: Ensure etcd datadir exists when: openshift.common.is_containerized | bool file: @@ -48,16 +45,16 @@ file: path: "{{ etcd_conf_dir }}" state: directory - owner: etcd - group: etcd + owner: "{{ 'etcd' if not openshift.common.is_containerized | bool else omit }}" + group: "{{ 'etcd' if not openshift.common.is_containerized | bool else omit }}" mode: 0700 - name: Validate permissions on certificate files file: path: "{{ item }}" mode: 0600 - group: etcd - owner: etcd + owner: "{{ 'etcd' if not openshift.common.is_containerized | bool else omit }}" + group: "{{ 'etcd' if not openshift.common.is_containerized | bool else omit }}" when: etcd_url_scheme == 'https' with_items: - "{{ etcd_ca_file }}" @@ -68,8 +65,8 @@ file: path: "{{ item }}" mode: 0600 - group: etcd - owner: etcd + owner: "{{ 'etcd' if not openshift.common.is_containerized | bool else omit }}" + group: "{{ 'etcd' if not openshift.common.is_containerized | bool else omit }}" when: etcd_peer_url_scheme == 'https' with_items: - "{{ etcd_peer_ca_file }}" diff --git a/roles/openshift_docker/tasks/main.yml b/roles/openshift_docker/tasks/main.yml index f63b3acd5..4f9fe1f97 100644 --- a/roles/openshift_docker/tasks/main.yml +++ b/roles/openshift_docker/tasks/main.yml @@ -1,27 +1,27 @@ --- - openshift_facts: - - role: common + role: common local_facts: deployment_type: "{{ openshift_deployment_type }}" - docker_additional_registries: "{{ docker_additional_registries | oo_split() }}" - docker_insecure_registries: "{{ docker_insecure_registries | oo_split() }}" - docker_blocked_registries: "{{ docker_blocked_registries | oo_split() }}" + docker_additional_registries: "{{ docker_additional_registries }}" + docker_insecure_registries: "{{ docker_insecure_registries }}" + docker_blocked_registries: "{{ docker_blocked_registries }}" - name: Set registry params lineinfile: dest: /etc/sysconfig/docker - regexp: '^{{ reg_conf_var }}=.*$' - line: "{{ reg_conf_var }}='{{ reg_fact_val | oo_prepend_strings_in_list(reg_flag ~ ' ') | join(' ') }}'" + regexp: '^{{ item.reg_conf_var }}=.*$' + line: "{{ item.reg_conf_var }}='{{ item.reg_fact_val | oo_prepend_strings_in_list(item.reg_flag ~ ' ') | join(' ') }}'" when: "'docker_additional_registries' in openshift.common" with_items: - reg_conf_var: ADD_REGISTRY - reg_fact_val: {{ openshift.common.docker_additional_registries }} + reg_fact_val: "{{ openshift.common.docker_additional_registries }}" reg_flag: --add-registry - reg_conf_var: BLOCK_REGISTRY - reg_fact_val: {{ openshift.common.docker_blocked_registries }} + reg_fact_val: "{{ openshift.common.docker_blocked_registries }}" reg_flag: --block-registry - reg_conf_var: INSECURE_REGISTRY - reg_fact_val: {{ openshift.common.docker_insecure_registries }} + reg_fact_val: "{{ openshift.common.docker_insecure_registries }}" reg_flag: --insecure-registry notify: - restart docker diff --git a/roles/openshift_examples/defaults/main.yml b/roles/openshift_examples/defaults/main.yml index d318d17e3..e27f4e0a6 100644 --- a/roles/openshift_examples/defaults/main.yml +++ b/roles/openshift_examples/defaults/main.yml @@ -1,14 +1,14 @@ --- # By default install rhel and xpaas streams on enterprise installs -openshift_examples_load_centos: "{{ openshift_deployment_type not in ['enterprise','openshift-enterprise','atomic-enterprise','online'] }}" -openshift_examples_load_rhel: "{{ openshift_deployment_type in ['enterprise','openshift-enterprise','atomic-enterprise','online'] }}" +openshift_examples_load_centos: "{{ openshift_deployment_type == 'origin' }}" +openshift_examples_load_rhel: "{{ openshift_deployment_type != 'origin' }}" openshift_examples_load_db_templates: true -openshift_examples_load_xpaas: "{{ openshift_deployment_type in ['enterprise','openshift-enterprise','atomic-enterprise','online'] }}" +openshift_examples_load_xpaas: "{{ openshift_deployment_type != 'origin' }}" openshift_examples_load_quickstarts: true content_version: "{{ 'v1.1' if openshift.common.version_greater_than_3_1_or_1_1 else 'v1.0' }}" -examples_base: "{% if openshift.common.is_atomic %}{{ openshift.common.config_base }}{% else %}/usr/share/openshift{% endif %}/examples" +examples_base: "{{ openshift.common.config_base if openshift.common.is_containerized else '/usr/share/openshift' }}/examples" image_streams_base: "{{ examples_base }}/image-streams" centos_image_streams: "{{ image_streams_base}}/image-streams-centos7.json" rhel_image_streams: "{{ image_streams_base}}/image-streams-rhel7.json" diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py index 8e733a3a2..b5454dd81 100755 --- a/roles/openshift_facts/library/openshift_facts.py +++ b/roles/openshift_facts/library/openshift_facts.py @@ -647,14 +647,14 @@ def set_deployment_facts_if_unset(facts): for cat in ['additional', 'blocked', 'insecure']: key = 'docker_{0}_registries'.format(cat) if key in facts['common']: - facts['common'][key] = set(facts['common'][key]) - set(['']) + facts['common'][key] = list(set(facts['common'][key]) - set([''])) if deployment_type in ['enterprise', 'atomic-enterprise', 'openshift-enterprise']: - addtl_regs = facts['common']['docker_additional_registries']: - ent_reg = 'registry.access.redhat.com' - if ent_reg not in addtl_regs - facts['common']['docker_additional_registries'].append(ent_reg) + addtl_regs = facts['common'].get('docker_additional_registries', []) + ent_reg = ['registry.access.redhat.com'] + if ent_reg not in addtl_regs: + facts['common']['docker_additional_registries'] = addtl_regs + ent_reg for role in ('master', 'node'): @@ -934,6 +934,7 @@ def save_local_facts(filename, facts): os.makedirs(fact_dir) with open(filename, 'w') as fact_file: fact_file.write(module.jsonify(facts)) + os.chmod(filename, 0o600) except (IOError, OSError) as ex: raise OpenShiftFactsFileWriteError( "Could not create fact file: %s, error: %s" % (filename, ex) @@ -969,6 +970,69 @@ def get_local_facts_from_file(filename): return local_facts +def set_container_facts_if_unset(facts): + """ Set containerized facts. + + Args: + facts (dict): existing facts + Returns: + dict: the facts dict updated with the generated containerization + facts + """ + deployment_type = facts['common']['deployment_type'] + if deployment_type in ['enterprise', 'openshift-enterprise']: + master_image = 'openshift3/ose' + cli_image = master_image + node_image = 'openshift3/node' + ovs_image = 'openshift3/openvswitch' + etcd_image = 'registry.access.redhat.com/rhel7/etcd' + elif deployment_type == 'atomic-enterprise': + master_image = 'aep3_beta/aep' + cli_image = master_image + node_image = 'aep3_beta/node' + ovs_image = 'aep3_beta/openvswitch' + etcd_image = 'registry.access.redhat.com/rhel7/etcd' + else: + master_image = 'openshift/origin' + cli_image = master_image + node_image = 'openshift/node' + ovs_image = 'openshift/openvswitch' + etcd_image = 'registry.access.redhat.com/rhel7/etcd' + + facts['common']['is_atomic'] = os.path.isfile('/run/ostree-booted') + if 'is_containerized' not in facts['common']: + facts['common']['is_containerized'] = facts['common']['is_atomic'] + if 'cli_image' not in facts['common']: + facts['common']['cli_image'] = cli_image + if 'etcd' in facts and 'etcd_image' not in facts['etcd']: + facts['etcd']['etcd_image'] = etcd_image + if 'master' in facts and 'master_image' not in facts['master']: + facts['master']['master_image'] = master_image + if 'node' in facts: + if 'node_image' not in facts['node']: + facts['node']['node_image'] = node_image + if 'ovs_image' not in facts['node']: + facts['node']['ovs_image'] = ovs_image + + # shared /tmp/openshift vol is for file exchange with ansible + # --privileged is required to read the config dir + # --net host to access openshift from the container + # maybe -v /var/run/docker.sock:/var/run/docker.sock is required as well + runner = ("docker run --rm --privileged --net host -v " + "/tmp/openshift:/tmp/openshift -v {datadir}:{datadir} " + "-v {confdir}:{confdir} " + "-e KUBECONFIG={confdir}/master/admin.kubeconfig " + "{image}").format(confdir=facts['common']['config_base'], + datadir=facts['common']['data_dir'], + image=facts['common']['cli_image']) + + if facts['common']['is_containerized']: + facts['common']['client_binary'] = '%s cli' % runner + facts['common']['admin_binary'] = '%s admin' % runner + + return facts + + class OpenShiftFactsUnsupportedRoleError(Exception): """Origin Facts Unsupported Role Error""" pass @@ -1046,7 +1110,7 @@ class OpenShiftFacts(object): facts = set_version_facts_if_unset(facts) facts = set_aggregate_facts(facts) facts = set_etcd_facts_if_unset(facts) - facts = self.set_containerized_facts_if_unset(facts) + facts = set_container_facts_if_unset(facts) return dict(openshift=facts) def get_defaults(self, roles): @@ -1213,56 +1277,6 @@ class OpenShiftFacts(object): self.changed = changed return new_local_facts - def set_containerized_facts_if_unset(self, facts): - deployment_type = facts['common']['deployment_type'] - if deployment_type in ['enterprise','openshift-enterprise']: - master_image = 'openshift3/ose' - cli_image = master_image - node_image = 'openshift3/node' - ovs_image = 'openshift3/openvswitch' - etcd_image = 'registry.access.redhat.com/rhel7/etcd' - elif deployment_type == 'atomic-enterprise': - master_image = 'aep3_beta/aep' - cli_image = master_image - node_image = 'aep3_beta/node' - ovs_image = 'aep3_beta/openvswitch' - etcd_image = 'registry.access.redhat.com/rhel7/etcd' - else: - master_image = 'openshift/origin' - cli_image = master_image - node_image = 'openshift/node' - ovs_image = 'openshift/openvswitch' - etcd_image = 'registry.access.redhat.com/rhel7/etcd' - - facts['common']['is_atomic'] = os.path.isfile('/run/ostree-booted') - if 'is_containerized' not in facts['common']: - facts['common']['is_containerized'] = facts['common']['is_atomic'] - if 'cli_image' not in facts['common']: - facts['common']['cli_image'] = cli_image - if 'master' in facts: - if 'master_image' not in facts['master']: - facts['master']['master_image'] = master_image - if 'node' in facts: - if 'node_image' not in facts ['node']: - facts['node']['node_image'] = node_image - if 'ovs_image' not in facts ['node']: - facts['node']['ovs_image'] = ovs_image - if 'etcd' in facts: - if 'etcd_image' not in facts['etcd']: - facts['etcd']['etcd_image'] = etcd_image - - # shared /tmp/openshift vol is for file exchange with ansible - # --privileged is required to read the config dir - # --net host to access openshift from the container - # maybe -v /var/run/docker.sock:/var/run/docker.sock is required as well - runner = "docker run --rm --privileged --net host -v /tmp/openshift:/tmp/openshift -v {datadir}:{datadir} -v {confdir}:{confdir} -e KUBECONFIG={confdir}/master/admin.kubeconfig {image}".format(confdir=facts['common']['config_base'], datadir=facts['common']['data_dir'], image=facts['common']['cli_image']) - - if facts['common']['is_containerized']: - facts['common']['client_binary'] = '%s cli' % runner - facts['common']['admin_binary'] = '%s admin' % runner - - return facts - def main(): """ main """ diff --git a/roles/openshift_facts/tasks/main.yml b/roles/openshift_facts/tasks/main.yml index 832f7ad84..55071436f 100644 --- a/roles/openshift_facts/tasks/main.yml +++ b/roles/openshift_facts/tasks/main.yml @@ -9,5 +9,8 @@ - name: Ensure PyYaml is installed action: "{{ ansible_pkg_mgr }} name=PyYAML state=present" -- name: Gather Cluster facts +- name: Gather Cluster facts and set is_containerized if needed openshift_facts: + role: common + local_facts: + is_containerized: "{{ openshift_containerized | default(None) }}" diff --git a/roles/openshift_manage_node/tasks/main.yml b/roles/openshift_manage_node/tasks/main.yml index 637e494ea..06f12053a 100644 --- a/roles/openshift_manage_node/tasks/main.yml +++ b/roles/openshift_manage_node/tasks/main.yml @@ -5,6 +5,7 @@ until: omd_get_node.rc == 0 retries: 20 delay: 5 + changed_when: false with_items: openshift_nodes - name: Set node schedulability diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml index e9e77d231..0c7718299 100644 --- a/roles/openshift_master/tasks/main.yml +++ b/roles/openshift_master/tasks/main.yml @@ -314,6 +314,7 @@ - name: Lookup default group for ansible_ssh_user command: "/usr/bin/id -g {{ ansible_ssh_user }}" + changed_when: false register: _ansible_ssh_user_gid - name: Create the client config dir(s) diff --git a/roles/openshift_master/templates/master.docker.service.j2 b/roles/openshift_master/templates/master.docker.service.j2 index 8b23d70b1..23781a313 100644 --- a/roles/openshift_master/templates/master.docker.service.j2 +++ b/roles/openshift_master/templates/master.docker.service.j2 @@ -6,7 +6,7 @@ PartOf=docker.service [Service] EnvironmentFile=/etc/sysconfig/{{ openshift.common.service_type }}-master -ExecStartPre=-/usr/bin/docker rm -f {{ openshift.common.service_type}}-master +ExecStartPre=-/usr/bin/docker rm -f {{ openshift.common.service_type }}-master ExecStart=/usr/bin/docker run --rm --privileged --net=host --name {{ openshift.common.service_type }}-master -v {{ openshift.common.data_dir }}:{{ openshift.common.data_dir }} -v /var/run/docker.sock:/var/run/docker.sock -v {{ openshift.common.config_base }}:{{ openshift.common.config_base }} {{ openshift.master.master_image }} start master --config=${CONFIG_FILE} $OPTIONS ExecStartPost=/usr/bin/sleep 10 ExecStop=/usr/bin/docker stop {{ openshift.common.service_type }}-master diff --git a/roles/openshift_node/meta/main.yml b/roles/openshift_node/meta/main.yml index 9d40ae3b3..c92008a77 100644 --- a/roles/openshift_node/meta/main.yml +++ b/roles/openshift_node/meta/main.yml @@ -13,4 +13,3 @@ galaxy_info: - cloud dependencies: - { role: openshift_common } -- { role: docker } diff --git a/roles/openshift_serviceaccounts/tasks/main.yml b/roles/openshift_serviceaccounts/tasks/main.yml index eb9c9b2c9..4c7faa6fe 100644 --- a/roles/openshift_serviceaccounts/tasks/main.yml +++ b/roles/openshift_serviceaccounts/tasks/main.yml @@ -23,6 +23,7 @@ shell: > {{ openshift.common.client_binary }} get scc privileged -o yaml --output-version=v1 > /tmp/openshift/scc.yaml + changed_when: false - name: Add security context constraint for {{ item }} lineinfile: -- cgit v1.2.3 From be978f250674d67a7109a3b45f050ffea5db8970 Mon Sep 17 00:00:00 2001 From: Scott Dodson Date: Thu, 17 Dec 2015 11:08:25 -0500 Subject: Update from jboss-openshift/application-templates ose-v1.2.0-1 --- roles/openshift_examples/examples-sync.sh | 2 +- .../v1.1/xpaas-streams/jboss-image-streams.json | 94 +++ .../examples/v1.1/xpaas-templates/amq62-basic.json | 35 +- .../v1.1/xpaas-templates/amq62-persistent-ssl.json | 35 +- .../v1.1/xpaas-templates/amq62-persistent.json | 35 +- .../examples/v1.1/xpaas-templates/amq62-ssl.json | 35 +- .../v1.1/xpaas-templates/datagrid65-basic.json | 332 +++++++++ .../v1.1/xpaas-templates/datagrid65-https.json | 501 +++++++++++++ .../datagrid65-mysql-persistent.json | 779 +++++++++++++++++++++ .../v1.1/xpaas-templates/datagrid65-mysql.json | 739 +++++++++++++++++++ .../datagrid65-postgresql-persistent.json | 752 ++++++++++++++++++++ .../xpaas-templates/datagrid65-postgresql.json | 712 +++++++++++++++++++ .../xpaas-templates/decisionserver62-amq-s2i.json | 684 ++++++++++++++++++ .../decisionserver62-basic-s2i.json | 344 +++++++++ .../decisionserver62-https-s2i.json | 478 +++++++++++++ .../xpaas-templates/eap64-amq-persistent-s2i.json | 132 +++- .../v1.1/xpaas-templates/eap64-amq-s2i.json | 132 +++- .../v1.1/xpaas-templates/eap64-basic-s2i.json | 39 +- .../v1.1/xpaas-templates/eap64-https-s2i.json | 126 +++- .../eap64-mongodb-persistent-s2i.json | 128 +++- .../v1.1/xpaas-templates/eap64-mongodb-s2i.json | 128 +++- .../eap64-mysql-persistent-s2i.json | 128 +++- .../v1.1/xpaas-templates/eap64-mysql-s2i.json | 128 +++- .../eap64-postgresql-persistent-s2i.json | 128 +++- .../v1.1/xpaas-templates/eap64-postgresql-s2i.json | 128 +++- .../xpaas-templates/jws30-tomcat7-basic-s2i.json | 19 +- .../xpaas-templates/jws30-tomcat7-https-s2i.json | 27 +- .../jws30-tomcat7-mongodb-persistent-s2i.json | 29 +- .../xpaas-templates/jws30-tomcat7-mongodb-s2i.json | 29 +- .../jws30-tomcat7-mysql-persistent-s2i.json | 33 +- .../xpaas-templates/jws30-tomcat7-mysql-s2i.json | 33 +- .../jws30-tomcat7-postgresql-persistent-s2i.json | 33 +- .../jws30-tomcat7-postgresql-s2i.json | 33 +- .../xpaas-templates/jws30-tomcat8-basic-s2i.json | 19 +- .../xpaas-templates/jws30-tomcat8-https-s2i.json | 27 +- .../jws30-tomcat8-mongodb-persistent-s2i.json | 29 +- .../xpaas-templates/jws30-tomcat8-mongodb-s2i.json | 29 +- .../jws30-tomcat8-mysql-persistent-s2i.json | 33 +- .../xpaas-templates/jws30-tomcat8-mysql-s2i.json | 33 +- .../jws30-tomcat8-postgresql-persistent-s2i.json | 33 +- .../jws30-tomcat8-postgresql-s2i.json | 33 +- 41 files changed, 6768 insertions(+), 458 deletions(-) create mode 100644 roles/openshift_examples/files/examples/v1.1/xpaas-templates/datagrid65-basic.json create mode 100644 roles/openshift_examples/files/examples/v1.1/xpaas-templates/datagrid65-https.json create mode 100644 roles/openshift_examples/files/examples/v1.1/xpaas-templates/datagrid65-mysql-persistent.json create mode 100644 roles/openshift_examples/files/examples/v1.1/xpaas-templates/datagrid65-mysql.json create mode 100644 roles/openshift_examples/files/examples/v1.1/xpaas-templates/datagrid65-postgresql-persistent.json create mode 100644 roles/openshift_examples/files/examples/v1.1/xpaas-templates/datagrid65-postgresql.json create mode 100644 roles/openshift_examples/files/examples/v1.1/xpaas-templates/decisionserver62-amq-s2i.json create mode 100644 roles/openshift_examples/files/examples/v1.1/xpaas-templates/decisionserver62-basic-s2i.json create mode 100644 roles/openshift_examples/files/examples/v1.1/xpaas-templates/decisionserver62-https-s2i.json (limited to 'roles/openshift_examples') diff --git a/roles/openshift_examples/examples-sync.sh b/roles/openshift_examples/examples-sync.sh index 090fb9042..c46044917 100755 --- a/roles/openshift_examples/examples-sync.sh +++ b/roles/openshift_examples/examples-sync.sh @@ -5,7 +5,7 @@ # # This script should be run from openshift-ansible/roles/openshift_examples -XPAAS_VERSION=ose-v1.1.0 +XPAAS_VERSION=ose-v1.2.0-1 ORIGIN_VERSION=v1.1 EXAMPLES_BASE=$(pwd)/files/examples/${ORIGIN_VERSION} find ${EXAMPLES_BASE} -name '*.json' -delete diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-streams/jboss-image-streams.json b/roles/openshift_examples/files/examples/v1.1/xpaas-streams/jboss-image-streams.json index aaf5569ae..64b435205 100644 --- a/roles/openshift_examples/files/examples/v1.1/xpaas-streams/jboss-image-streams.json +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-streams/jboss-image-streams.json @@ -28,6 +28,18 @@ "sampleContextDir": "tomcat-websocket-chat", "version": "1.1" } + }, + { + "name": "1.2", + "annotations": { + "description": "JBoss Web Server 3.0 Tomcat 7 S2I images.", + "iconClass": "icon-jboss", + "tags": "builder,tomcat,tomcat7,java,jboss,xpaas", + "supports":"tomcat7:3.0,tomcat:7,java:8,xpaas:1.2", + "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git", + "sampleContextDir": "tomcat-websocket-chat", + "version": "1.2" + } } ] } @@ -52,6 +64,18 @@ "sampleContextDir": "tomcat-websocket-chat", "version": "1.1" } + }, + { + "name": "1.2", + "annotations": { + "description": "JBoss Web Server 3.0 Tomcat 8 S2I images.", + "iconClass": "icon-jboss", + "tags": "builder,tomcat,tomcat8,java,jboss,xpaas", + "supports":"tomcat8:3.0,tomcat:8,java:8,xpaas:1.2", + "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git", + "sampleContextDir": "tomcat-websocket-chat", + "version": "1.2" + } } ] } @@ -77,6 +101,66 @@ "sampleRef": "6.4.x", "version": "1.1" } + }, + { + "name": "1.2", + "annotations": { + "description": "JBoss EAP 6.4 S2I images.", + "iconClass": "icon-jboss", + "tags": "builder,eap,javaee,java,jboss,xpaas", + "supports":"eap:6.4,javaee:6,java:8,xpaas:1.2", + "sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git", + "sampleContextDir": "kitchensink", + "sampleRef": "6.4.x", + "version": "1.2" + } + } + ] + } + }, + { + "kind": "ImageStream", + "apiVersion": "v1", + "metadata": { + "name": "jboss-decisionserver62-openshift" + }, + "spec": { + "dockerImageRepository": "registry.access.redhat.com/jboss-decisionserver-6/decisionserver62-openshift", + "tags": [ + { + "name": "1.2", + "annotations": { + "description": "Decision Server 6.2 S2I images.", + "iconClass": "icon-jboss", + "tags": "builder,decisionserver,java,xpaas", + "supports":"decisionserver:6.2,java:8,xpaas:1.2", + "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git", + "sampleContextDir": "decisionserver/hellorules", + "sampleRef": "master", + "version": "1.2" + } + } + ] + } + }, + { + "kind": "ImageStream", + "apiVersion": "v1", + "metadata": { + "name": "jboss-datagrid65-openshift" + }, + "spec": { + "dockerImageRepository": "registry.access.redhat.com/jboss-datagrid-6/datagrid65-openshift", + "tags": [ + { + "name": "1.2", + "annotations": { + "description": "JBoss Data Grid 6.5 S2I images.", + "iconClass": "icon-jboss", + "tags": "datagrid,java,jboss,xpaas", + "supports":"datagrid:6.5,java:8,xpaas:1.2", + "version": "1.2" + } } ] } @@ -99,6 +183,16 @@ "supports":"amq:6.2,messaging,xpaas:1.1", "version": "1.1" } + }, + { + "name": "1.2", + "annotations": { + "description": "JBoss A-MQ 6.2 broker image.", + "iconClass": "icon-jboss", + "tags": "messaging,amq,jboss,xpaas", + "supports":"amq:6.2,messaging,xpaas:1.2", + "version": "1.2" + } } ] } diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/amq62-basic.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/amq62-basic.json index 3fd04c28c..2b1680755 100644 --- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/amq62-basic.json +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/amq62-basic.json @@ -6,13 +6,13 @@ "description": "Application template for JBoss A-MQ brokers. These can be deployed as standalone or in a mesh. This template doesn't feature SSL support.", "iconClass": "icon-jboss", "tags": "messaging,amq,jboss,xpaas", - "version": "1.1.0" + "version": "1.2.0" }, "name": "amq62-basic" }, "labels": { "template": "amq62-basic", - "xpaas": "1.1.0" + "xpaas": "1.2.0" }, "parameters": [ { @@ -53,20 +53,6 @@ "generate": "expression", "required": false }, - { - "description": "User name for admin user. If left empty, it will be generated.", - "name": "AMQ_ADMIN_USERNAME", - "from": "user[a-zA-Z0-9]{3}", - "generate": "expression", - "required": true - }, - { - "description": "Password for admin user. If left empty, it will be generated.", - "name": "AMQ_ADMIN_PASSWORD", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression", - "required": true - }, { "description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount::default' where is the project namespace.", "name": "AMQ_MESH_DISCOVERY_TYPE", @@ -207,7 +193,7 @@ "from": { "kind": "ImageStreamTag", "namespace": "${IMAGE_STREAM_NAMESPACE}", - "name": "jboss-amq-62:1.1" + "name": "jboss-amq-62:1.2" } } }, @@ -239,11 +225,16 @@ "command": [ "/bin/bash", "-c", - "curl -s -L -u ${AMQ_ADMIN_USERNAME}:${AMQ_ADMIN_PASSWORD} 'http://localhost:8161/hawtio/jolokia/read/org.apache.activemq:type=Broker,brokerName=*,service=Health/CurrentStatus' | grep -q '\"CurrentStatus\" *: *\"Good\"'" + "/opt/amq/bin/readinessProbe.sh" ] } }, "ports": [ + { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, { "name": "amqp", "containerPort": 5672, @@ -286,14 +277,6 @@ "name": "AMQ_TOPICS", "value": "${MQ_TOPICS}" }, - { - "name": "AMQ_ADMIN_USERNAME", - "value": "${AMQ_ADMIN_USERNAME}" - }, - { - "name": "AMQ_ADMIN_PASSWORD", - "value": "${AMQ_ADMIN_PASSWORD}" - }, { "name": "AMQ_MESH_DISCOVERY_TYPE", "value": "${AMQ_MESH_DISCOVERY_TYPE}" diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/amq62-persistent-ssl.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/amq62-persistent-ssl.json index aa9e716cf..0755fef45 100644 --- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/amq62-persistent-ssl.json +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/amq62-persistent-ssl.json @@ -6,13 +6,13 @@ "description": "Application template for JBoss A-MQ brokers. These are deployed as standalone and use persistent storage for saving messages. This template supports SSL and requires usage of OpenShift secrets.", "iconClass": "icon-jboss", "tags": "messaging,amq,jboss,xpaas", - "version": "1.1.0" + "version": "1.2.0" }, "name": "amq62-persistent-ssl" }, "labels": { "template": "amq62-persistent-ssl", - "xpaas": "1.1.0" + "xpaas": "1.2.0" }, "parameters": [ { @@ -59,20 +59,6 @@ "generate": "expression", "required": false }, - { - "description": "User name for admin user. If left empty, it will be generated.", - "name": "AMQ_ADMIN_USERNAME", - "from": "user[a-zA-Z0-9]{3}", - "generate": "expression", - "required": true - }, - { - "description": "Password for admin user. If left empty, it will be generated.", - "name": "AMQ_ADMIN_PASSWORD", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression", - "required": true - }, { "description": "Name of a secret containing SSL related files", "name": "AMQ_SECRET", @@ -333,7 +319,7 @@ "from": { "kind": "ImageStreamTag", "namespace": "${IMAGE_STREAM_NAMESPACE}", - "name": "jboss-amq-62:1.1" + "name": "jboss-amq-62:1.2" } } }, @@ -377,11 +363,16 @@ "command": [ "/bin/bash", "-c", - "curl -s -L -u ${AMQ_ADMIN_USERNAME}:${AMQ_ADMIN_PASSWORD} 'http://localhost:8161/hawtio/jolokia/read/org.apache.activemq:type=Broker,brokerName=*,service=Health/CurrentStatus' | grep -q '\"CurrentStatus\" *: *\"Good\"'" + "/opt/amq/bin/readinessProbe.sh" ] } }, "ports": [ + { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, { "name": "amqp", "containerPort": 5672, @@ -444,14 +435,6 @@ "name": "AMQ_TOPICS", "value": "${MQ_TOPICS}" }, - { - "name": "AMQ_ADMIN_USERNAME", - "value": "${AMQ_ADMIN_USERNAME}" - }, - { - "name": "AMQ_ADMIN_PASSWORD", - "value": "${AMQ_ADMIN_PASSWORD}" - }, { "name": "AMQ_KEYSTORE_TRUSTSTORE_DIR", "value": "/etc/amq-secret-volume" diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/amq62-persistent.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/amq62-persistent.json index 3a2db3ce9..a8b3d5714 100644 --- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/amq62-persistent.json +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/amq62-persistent.json @@ -6,13 +6,13 @@ "description": "Application template for JBoss A-MQ brokers. These can be deployed as standalone and use persistent storage for saving messages. This template doesn't feature SSL support.", "iconClass": "icon-jboss", "tags": "messaging,amq,jboss,xpaas", - "version": "1.1.0" + "version": "1.2.0" }, "name": "amq62-persistent" }, "labels": { "template": "amq62-persistent", - "xpaas": "1.1.0" + "xpaas": "1.2.0" }, "parameters": [ { @@ -59,20 +59,6 @@ "generate": "expression", "required": false }, - { - "description": "User name for admin user. If left empty, it will be generated.", - "name": "AMQ_ADMIN_USERNAME", - "from": "user[a-zA-Z0-9]{3}", - "generate": "expression", - "required": true - }, - { - "description": "Password for admin user. If left empty, it will be generated.", - "name": "AMQ_ADMIN_PASSWORD", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression", - "required": true - }, { "description": "The A-MQ storage usage limit", "name": "AMQ_STORAGE_USAGE_LIMIT", @@ -207,7 +193,7 @@ "from": { "kind": "ImageStreamTag", "namespace": "${IMAGE_STREAM_NAMESPACE}", - "name": "jboss-amq-62:1.1" + "name": "jboss-amq-62:1.2" } } }, @@ -245,11 +231,16 @@ "command": [ "/bin/bash", "-c", - "curl -s -L -u ${AMQ_ADMIN_USERNAME}:${AMQ_ADMIN_PASSWORD} 'http://localhost:8161/hawtio/jolokia/read/org.apache.activemq:type=Broker,brokerName=*,service=Health/CurrentStatus' | grep -q '\"CurrentStatus\" *: *\"Good\"'" + "/opt/amq/bin/readinessProbe.sh" ] } }, "ports": [ + { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, { "name": "amqp", "containerPort": 5672, @@ -292,14 +283,6 @@ "name": "AMQ_TOPICS", "value": "${MQ_TOPICS}" }, - { - "name": "AMQ_ADMIN_USERNAME", - "value": "${AMQ_ADMIN_USERNAME}" - }, - { - "name": "AMQ_ADMIN_PASSWORD", - "value": "${AMQ_ADMIN_PASSWORD}" - }, { "name": "AMQ_STORAGE_USAGE_LIMIT", "value": "${AMQ_STORAGE_USAGE_LIMIT}" diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/amq62-ssl.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/amq62-ssl.json index f61fb24c2..ced360b09 100644 --- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/amq62-ssl.json +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/amq62-ssl.json @@ -6,13 +6,13 @@ "description": "Application template for JBoss A-MQ brokers. These can be deployed as standalone or in a mesh. This template supports SSL and requires usage of OpenShift secrets.", "iconClass": "icon-jboss", "tags": "messaging,amq,jboss,xpaas", - "version": "1.1.0" + "version": "1.2.0" }, "name": "amq62-ssl" }, "labels": { "template": "amq62-ssl", - "xpaas": "1.1.0" + "xpaas": "1.2.0" }, "parameters": [ { @@ -53,20 +53,6 @@ "generate": "expression", "required": false }, - { - "description": "User name for admin user. If left empty, it will be generated.", - "name": "AMQ_ADMIN_USERNAME", - "from": "user[a-zA-Z0-9]{3}", - "generate": "expression", - "required": true - }, - { - "description": "Password for admin user. If left empty, it will be generated.", - "name": "AMQ_ADMIN_PASSWORD", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression", - "required": true - }, { "description": "Name of a secret containing SSL related files", "name": "AMQ_SECRET", @@ -333,7 +319,7 @@ "from": { "kind": "ImageStreamTag", "namespace": "${IMAGE_STREAM_NAMESPACE}", - "name": "jboss-amq-62:1.1" + "name": "jboss-amq-62:1.2" } } }, @@ -373,11 +359,16 @@ "command": [ "/bin/bash", "-c", - "curl -s -L -u ${AMQ_ADMIN_USERNAME}:${AMQ_ADMIN_PASSWORD} 'http://localhost:8161/hawtio/jolokia/read/org.apache.activemq:type=Broker,brokerName=*,service=Health/CurrentStatus' | grep -q '\"CurrentStatus\" *: *\"Good\"'" + "/opt/amq/bin/readinessProbe.sh" ] } }, "ports": [ + { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, { "name": "amqp", "containerPort": 5672, @@ -440,14 +431,6 @@ "name": "AMQ_TOPICS", "value": "${MQ_TOPICS}" }, - { - "name": "AMQ_ADMIN_USERNAME", - "value": "${AMQ_ADMIN_USERNAME}" - }, - { - "name": "AMQ_ADMIN_PASSWORD", - "value": "${AMQ_ADMIN_PASSWORD}" - }, { "name": "AMQ_MESH_DISCOVERY_TYPE", "value": "${AMQ_MESH_DISCOVERY_TYPE}" diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/datagrid65-basic.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/datagrid65-basic.json new file mode 100644 index 000000000..56e76016f --- /dev/null +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/datagrid65-basic.json @@ -0,0 +1,332 @@ +{ + "kind": "Template", + "apiVersion": "v1", + "metadata": { + "annotations": { + "iconClass": "icon-jboss", + "description": "Application template for JDG 6.5 applications.", + "tags": "datagrid,jboss,xpaas", + "version": "1.2.0" + }, + "name": "datagrid65-basic" + }, + "labels": { + "template": "datagrid65-basic", + "xpaas": "1.2.0" + }, + "parameters": [ + { + "description": "The name for the application.", + "name": "APPLICATION_NAME", + "value": "datagrid-app", + "required": true + }, + { + "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: -.", + "name": "HOSTNAME_HTTP", + "value": "", + "required": false + }, + { + "description": "User name for JDG user.", + "name": "USERNAME", + "value": "", + "required": false + }, + { + "description": "Password for JDG user.", + "name": "PASSWORD", + "value": "", + "required": false + }, + { + "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.", + "name": "IMAGE_STREAM_NAMESPACE", + "value": "openshift", + "required": true + }, + { + "description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')", + "name": "INFINISPAN_CONNECTORS", + "value": "hotrod,memcached,rest", + "required": false + }, + { + "description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configured for each entry.", + "name": "CACHE_NAMES", + "value": "", + "required": false + }, + { + "description": "", + "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH", + "value": "", + "required": false + }, + { + "description": "The name of the cache to expose through this memcached connector (defaults to 'default')", + "name": "MEMCACHED_CACHE", + "value": "default", + "required": false + }, + { + "description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint", + "name": "REST_SECURITY_DOMAIN", + "value": "", + "required": false + }, + { + "description": "JGroups cluster password", + "name": "JGROUPS_CLUSTER_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + } + ], + "objects": [ + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8080, + "targetPort": 8080 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's HTTP port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 11211, + "targetPort": 11211 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-memcached", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Memcached service for clustered applications." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 11333, + "targetPort": 11333 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-hotrod", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Hot Rod service for clustered applications." + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-http", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's HTTP service." + } + }, + "spec": { + "host": "${HOSTNAME_HTTP}", + "to": { + "name": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}" + ], + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "jboss-datagrid65-openshift:1.2" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "terminationGracePeriodSeconds": 60, + "containers": [ + { + "name": "${APPLICATION_NAME}", + "image": "jboss-datagrid65-openshift", + "imagePullPolicy": "Always", + "livenessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/datagrid/bin/livenessProbe.sh" + ] + } + }, + "readinessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/datagrid/bin/readinessProbe.sh" + ] + } + }, + "ports": [ + { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, + { + "name": "http", + "containerPort": 8080, + "protocol": "TCP" + }, + { + "name": "ping", + "containerPort": 8888, + "protocol": "TCP" + }, + { + "name": "memcached", + "containerPort": 11211, + "protocol": "TCP" + }, + { + "name": "hotrod", + "containerPort": 11222, + "protocol": "TCP" + } + ], + "env": [ + { + "name": "USERNAME", + "value": "${USERNAME}" + }, + { + "name": "PASSWORD", + "value": "${PASSWORD}" + }, + { + "name": "OPENSHIFT_KUBE_PING_LABELS", + "value": "application=${APPLICATION_NAME}" + }, + { + "name": "OPENSHIFT_KUBE_PING_NAMESPACE", + "valueFrom": { + "fieldRef": { + "fieldPath": "metadata.namespace" + } + } + }, + { + "name": "INFINISPAN_CONNECTORS", + "value": "${INFINISPAN_CONNECTORS}" + }, + { + "name": "CACHE_NAMES", + "value": "${CACHE_NAMES}" + }, + { + "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH", + "value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}" + }, + { + "name": "HOTROD_SERVICE_NAME", + "value": "${APPLICATION_NAME}-hotrod" + }, + { + "name": "MEMCACHED_CACHE", + "value": "${MEMCACHED_CACHE}" + }, + { + "name": "REST_SECURITY_DOMAIN", + "value": "${REST_SECURITY_DOMAIN}" + }, + { + "name": "JGROUPS_CLUSTER_PASSWORD", + "value": "${JGROUPS_CLUSTER_PASSWORD}" + } + ] + } + ] + } + } + } + } + ] +} diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/datagrid65-https.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/datagrid65-https.json new file mode 100644 index 000000000..033e70063 --- /dev/null +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/datagrid65-https.json @@ -0,0 +1,501 @@ +{ + "kind": "Template", + "apiVersion": "v1", + "metadata": { + "annotations": { + "iconClass": "icon-jboss", + "description": "Application template for JDG 6.5 applications.", + "tags": "datagrid,jboss,xpaas", + "version": "1.2.0" + }, + "name": "datagrid65-https" + }, + "labels": { + "template": "datagrid65-https", + "xpaas": "1.2.0" + }, + "parameters": [ + { + "description": "The name for the application.", + "name": "APPLICATION_NAME", + "value": "datagrid-app", + "required": true + }, + { + "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: -.", + "name": "HOSTNAME_HTTP", + "value": "", + "required": false + }, + { + "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure--.", + "name": "HOSTNAME_HTTPS", + "value": "", + "required": false + }, + { + "description": "User name for JDG user.", + "name": "USERNAME", + "value": "", + "required": false + }, + { + "description": "Password for JDG user.", + "name": "PASSWORD", + "value": "", + "required": false + }, + { + "description": "The name of the secret containing the keystore file", + "name": "HTTPS_SECRET", + "value": "datagrid-app-secret", + "required": true + }, + { + "description": "The name of the keystore file within the secret", + "name": "HTTPS_KEYSTORE", + "value": "keystore.jks", + "required": false + }, + { + "description": "The name associated with the server certificate", + "name": "HTTPS_NAME", + "value": "", + "required": false + }, + { + "description": "The password for the keystore and certificate", + "name": "HTTPS_PASSWORD", + "value": "", + "required": false + }, + { + "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.", + "name": "IMAGE_STREAM_NAMESPACE", + "value": "openshift", + "required": true + }, + { + "description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')", + "name": "INFINISPAN_CONNECTORS", + "value": "hotrod,memcached,rest", + "required": false + }, + { + "description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configured for each entry.", + "name": "CACHE_NAMES", + "value": "", + "required": false + }, + { + "description": "", + "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH", + "value": "", + "required": false + }, + { + "description": "The name of the cache to expose through this memcached connector (defaults to 'default')", + "name": "MEMCACHED_CACHE", + "value": "default", + "required": false + }, + { + "description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint", + "name": "REST_SECURITY_DOMAIN", + "value": "", + "required": false + }, + { + "description": "The name of the secret containing the keystore file", + "name": "JGROUPS_ENCRYPT_SECRET", + "value": "datagrid-app-secret", + "required": false + }, + { + "description": "The name of the keystore file within the secret", + "name": "JGROUPS_ENCRYPT_KEYSTORE", + "value": "jgroups.jceks", + "required": false + }, + { + "description": "The name associated with the server certificate", + "name": "JGROUPS_ENCRYPT_NAME", + "value": "", + "required": false + }, + { + "description": "The password for the keystore and certificate", + "name": "JGROUPS_ENCRYPT_PASSWORD", + "value": "", + "required": false + }, + { + "description": "JGroups cluster password", + "name": "JGROUPS_CLUSTER_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + } + ], + "objects": [ + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8080, + "targetPort": 8080 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's HTTP port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8443, + "targetPort": 8443 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's HTTPS port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 11211, + "targetPort": 11211 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-memcached", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Memcached service for clustered applications." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 11333, + "targetPort": 11333 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-hotrod", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Hot Rod service for clustered applications." + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-http", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's HTTP service." + } + }, + "spec": { + "host": "${HOSTNAME_HTTP}", + "to": { + "name": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-https", + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's HTTPS service." + } + }, + "spec": { + "host": "${HOSTNAME_HTTPS}", + "to": { + "name": "secure-${APPLICATION_NAME}" + }, + "tls": { + "termination": "passthrough" + } + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}" + ], + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "jboss-datagrid65-openshift:1.2" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "serviceAccount": "datagrid-service-account", + "terminationGracePeriodSeconds": 60, + "containers": [ + { + "name": "${APPLICATION_NAME}", + "image": "jboss-datagrid65-openshift", + "imagePullPolicy": "Always", + "volumeMounts": [ + { + "name": "datagrid-keystore-volume", + "mountPath": "/etc/datagrid-secret-volume", + "readOnly": true + }, + { + "name": "datagrid-jgroups-keystore-volume", + "mountPath": "/etc/jgroups-encrypt-secret-volume", + "readOnly": true + } + ], + "livenessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/datagrid/bin/livenessProbe.sh" + ] + } + }, + "readinessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/datagrid/bin/readinessProbe.sh" + ] + } + }, + "ports": [ + { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, + { + "name": "http", + "containerPort": 8080, + "protocol": "TCP" + }, + { + "name": "https", + "containerPort": 8443, + "protocol": "TCP" + }, + { + "name": "ping", + "containerPort": 8888, + "protocol": "TCP" + }, + { + "name": "memcached", + "containerPort": 11211, + "protocol": "TCP" + }, + { + "name": "hotrod", + "containerPort": 11222, + "protocol": "TCP" + } + ], + "env": [ + { + "name": "USERNAME", + "value": "${USERNAME}" + }, + { + "name": "PASSWORD", + "value": "${PASSWORD}" + }, + { + "name": "HTTPS_KEYSTORE_DIR", + "value": "/etc/datagrid-secret-volume" + }, + { + "name": "HTTPS_KEYSTORE", + "value": "${HTTPS_KEYSTORE}" + }, + { + "name": "HTTPS_NAME", + "value": "${HTTPS_NAME}" + }, + { + "name": "HTTPS_PASSWORD", + "value": "${HTTPS_PASSWORD}" + }, + { + "name": "OPENSHIFT_KUBE_PING_LABELS", + "value": "application=${APPLICATION_NAME}" + }, + { + "name": "OPENSHIFT_KUBE_PING_NAMESPACE", + "valueFrom": { + "fieldRef": { + "fieldPath": "metadata.namespace" + } + } + }, + { + "name": "INFINISPAN_CONNECTORS", + "value": "${INFINISPAN_CONNECTORS}" + }, + { + "name": "CACHE_NAMES", + "value": "${CACHE_NAMES}" + }, + { + "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH", + "value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}" + }, + { + "name": "HOTROD_SERVICE_NAME", + "value": "${APPLICATION_NAME}-hotrod" + }, + { + "name": "MEMCACHED_CACHE", + "value": "${MEMCACHED_CACHE}" + }, + { + "name": "REST_SECURITY_DOMAIN", + "value": "${REST_SECURITY_DOMAIN}" + }, + { + "name": "JGROUPS_ENCRYPT_SECRET", + "value": "${JGROUPS_ENCRYPT_SECRET}" + }, + { + "name": "JGROUPS_ENCRYPT_KEYSTORE", + "value": "${JGROUPS_ENCRYPT_KEYSTORE}" + }, + { + "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR", + "value": "/etc/jgroups-encrypt-secret-volume" + }, + { + "name": "JGROUPS_ENCRYPT_NAME", + "value": "${JGROUPS_ENCRYPT_NAME}" + }, + { + "name": "JGROUPS_ENCRYPT_PASSWORD", + "value": "${JGROUPS_ENCRYPT_PASSWORD}" + }, + { + "name": "JGROUPS_CLUSTER_PASSWORD", + "value": "${JGROUPS_CLUSTER_PASSWORD}" + } + ] + } + ], + "volumes": [ + { + "name": "datagrid-keystore-volume", + "secret": { + "secretName": "${HTTPS_SECRET}" + } + }, + { + "name": "datagrid-jgroups-keystore-volume", + "secret": { + "secretName": "${JGROUPS_ENCRYPT_SECRET}" + } + } + ] + } + } + } + } + ] +} diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/datagrid65-mysql-persistent.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/datagrid65-mysql-persistent.json new file mode 100644 index 000000000..05bc7c236 --- /dev/null +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/datagrid65-mysql-persistent.json @@ -0,0 +1,779 @@ +{ + "kind": "Template", + "apiVersion": "v1", + "metadata": { + "annotations": { + "iconClass": "icon-jboss", + "description": "Application template for JDG 6.5 and MySQL applications with persistent storage.", + "tags": "datagrid,jboss,xpaas", + "version": "1.2.0" + }, + "name": "datagrid65-mysql-persistent" + }, + "labels": { + "template": "datagrid65-mysql-persistent", + "xpaas": "1.2.0" + }, + "parameters": [ + { + "description": "The name for the application.", + "name": "APPLICATION_NAME", + "value": "datagrid-app", + "required": true + }, + { + "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: -.", + "name": "HOSTNAME_HTTP", + "value": "", + "required": false + }, + { + "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure--.", + "name": "HOSTNAME_HTTPS", + "value": "", + "required": false + }, + { + "description": "User name for JDG user.", + "name": "USERNAME", + "value": "", + "required": false + }, + { + "description": "Password for JDG user.", + "name": "PASSWORD", + "value": "", + "required": false + }, + { + "description": "The name of the secret containing the keystore file", + "name": "HTTPS_SECRET", + "value": "datagrid-app-secret", + "required": true + }, + { + "description": "The name of the keystore file within the secret", + "name": "HTTPS_KEYSTORE", + "value": "keystore.jks", + "required": false + }, + { + "description": "The name associated with the server certificate", + "name": "HTTPS_NAME", + "value": "", + "required": false + }, + { + "description": "The password for the keystore and certificate", + "name": "HTTPS_PASSWORD", + "value": "", + "required": false + }, + { + "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql", + "name": "DB_JNDI", + "value": "java:/jboss/datasources/mysql", + "required": false + }, + { + "description": "Database name", + "name": "DB_DATABASE", + "value": "root", + "required": true + }, + { + "description": "Database user name", + "name": "DB_USERNAME", + "from": "user[a-zA-Z0-9]{3}", + "generate": "expression", + "required": true + }, + { + "description": "Database user password", + "name": "DB_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Sets xa-pool/min-pool-size for the configured datasource.", + "name": "DB_MIN_POOL_SIZE", + "required": false + }, + { + "description": "Sets xa-pool/max-pool-size for the configured datasource.", + "name": "DB_MAX_POOL_SIZE", + "required": false + }, + { + "description": "Sets transaction-isolation for the configured datasource.", + "name": "DB_TX_ISOLATION", + "required": false + }, + { + "description": "Sets how the table names are stored and compared.", + "name": "MYSQL_LOWER_CASE_TABLE_NAMES", + "required": false + }, + { + "description": "The maximum permitted number of simultaneous client connections.", + "name": "MYSQL_MAX_CONNECTIONS", + "required": false + }, + { + "description": "The minimum length of the word to be included in a FULLTEXT index.", + "name": "MYSQL_FT_MIN_WORD_LEN", + "required": false + }, + { + "description": "The maximum length of the word to be included in a FULLTEXT index.", + "name": "MYSQL_FT_MAX_WORD_LEN", + "required": false + }, + { + "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.", + "name": "MYSQL_AIO", + "required": false + }, + { + "description": "Size of persistent storage for database volume.", + "name": "VOLUME_CAPACITY", + "value": "512Mi", + "required": true + }, + { + "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.", + "name": "IMAGE_STREAM_NAMESPACE", + "value": "openshift", + "required": true + }, + { + "description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')", + "name": "INFINISPAN_CONNECTORS", + "value": "hotrod,memcached,rest", + "required": false + }, + { + "description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configured for each entry.", + "name": "CACHE_NAMES", + "value": "", + "required": false + }, + { + "description": "", + "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH", + "value": "", + "required": false + }, + { + "description": "The name of the cache to expose through this memcached connector (defaults to 'default')", + "name": "MEMCACHED_CACHE", + "value": "default", + "required": false + }, + { + "description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint", + "name": "REST_SECURITY_DOMAIN", + "value": "", + "required": false + }, + { + "description": "The name of the secret containing the keystore file", + "name": "JGROUPS_ENCRYPT_SECRET", + "value": "datagrid-app-secret", + "required": false + }, + { + "description": "The name of the keystore file within the secret", + "name": "JGROUPS_ENCRYPT_KEYSTORE", + "value": "jgroups.jceks", + "required": false + }, + { + "description": "The name associated with the server certificate", + "name": "JGROUPS_ENCRYPT_NAME", + "value": "", + "required": false + }, + { + "description": "The password for the keystore and certificate", + "name": "JGROUPS_ENCRYPT_PASSWORD", + "value": "", + "required": false + }, + { + "description": "JGroups cluster password", + "name": "JGROUPS_CLUSTER_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + } + ], + "objects": [ + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8080, + "targetPort": 8080 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's HTTP port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8443, + "targetPort": 8443 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's HTTPS port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 11211, + "targetPort": 11211 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-memcached", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Memcached service for clustered applications." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 11333, + "targetPort": 11333 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-hotrod", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Hot Rod service for clustered applications." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 3306, + "targetPort": 3306 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-mysql" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-mysql", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The database server's port." + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-http", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's HTTP service." + } + }, + "spec": { + "host": "${HOSTNAME_HTTP}", + "to": { + "name": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-https", + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's HTTPS service." + } + }, + "spec": { + "host": "${HOSTNAME_HTTPS}", + "to": { + "name": "secure-${APPLICATION_NAME}" + }, + "tls": { + "termination": "passthrough" + } + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}" + ], + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "jboss-datagrid65-openshift:1.2" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "serviceAccount": "datagrid-service-account", + "terminationGracePeriodSeconds": 60, + "containers": [ + { + "name": "${APPLICATION_NAME}", + "image": "jboss-datagrid65-openshift", + "imagePullPolicy": "Always", + "volumeMounts": [ + { + "name": "datagrid-keystore-volume", + "mountPath": "/etc/datagrid-secret-volume", + "readOnly": true + }, + { + "name": "datagrid-jgroups-keystore-volume", + "mountPath": "/etc/jgroups-encrypt-secret-volume", + "readOnly": true + } + ], + "livenessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/datagrid/bin/livenessProbe.sh" + ] + } + }, + "readinessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/datagrid/bin/readinessProbe.sh" + ] + } + }, + "ports": [ + { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, + { + "name": "http", + "containerPort": 8080, + "protocol": "TCP" + }, + { + "name": "https", + "containerPort": 8443, + "protocol": "TCP" + }, + { + "name": "ping", + "containerPort": 8888, + "protocol": "TCP" + }, + { + "name": "memcached", + "containerPort": 11211, + "protocol": "TCP" + }, + { + "name": "hotrod", + "containerPort": 11222, + "protocol": "TCP" + } + ], + "env": [ + { + "name": "USERNAME", + "value": "${USERNAME}" + }, + { + "name": "PASSWORD", + "value": "${PASSWORD}" + }, + { + "name": "HTTPS_KEYSTORE_DIR", + "value": "/etc/datagrid-secret-volume" + }, + { + "name": "HTTPS_KEYSTORE", + "value": "${HTTPS_KEYSTORE}" + }, + { + "name": "HTTPS_NAME", + "value": "${HTTPS_NAME}" + }, + { + "name": "HTTPS_PASSWORD", + "value": "${HTTPS_PASSWORD}" + }, + { + "name": "DB_SERVICE_PREFIX_MAPPING", + "value": "${APPLICATION_NAME}-mysql=DB" + }, + { + "name": "DB_JNDI", + "value": "${DB_JNDI}" + }, + { + "name": "DB_USERNAME", + "value": "${DB_USERNAME}" + }, + { + "name": "DB_PASSWORD", + "value": "${DB_PASSWORD}" + }, + { + "name": "DB_DATABASE", + "value": "${DB_DATABASE}" + }, + { + "name": "TX_DATABASE_PREFIX_MAPPING", + "value": "${APPLICATION_NAME}-mysql=DB" + }, + { + "name": "DB_MIN_POOL_SIZE", + "value": "${DB_MIN_POOL_SIZE}" + }, + { + "name": "DB_MAX_POOL_SIZE", + "value": "${DB_MAX_POOL_SIZE}" + }, + { + "name": "DB_TX_ISOLATION", + "value": "${DB_TX_ISOLATION}" + }, + { + "name": "DEFAULT_JDBC_STORE_TYPE", + "value": "string" + }, + { + "name": "DEFAULT_JDBC_STORE_DATASOURCE", + "value": "${DB_JNDI}" + }, + { + "name": "MEMCACHED_JDBC_STORE_TYPE", + "value": "string" + }, + { + "name": "MEMCACHED_JDBC_STORE_DATASOURCE", + "value": "${DB_JNDI}" + }, + { + "name": "OPENSHIFT_KUBE_PING_LABELS", + "value": "application=${APPLICATION_NAME}" + }, + { + "name": "OPENSHIFT_KUBE_PING_NAMESPACE", + "valueFrom": { + "fieldRef": { + "fieldPath": "metadata.namespace" + } + } + }, + { + "name": "INFINISPAN_CONNECTORS", + "value": "${INFINISPAN_CONNECTORS}" + }, + { + "name": "CACHE_NAMES", + "value": "${CACHE_NAMES}" + }, + { + "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH", + "value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}" + }, + { + "name": "HOTROD_SERVICE_NAME", + "value": "${APPLICATION_NAME}-hotrod" + }, + { + "name": "MEMCACHED_CACHE", + "value": "${MEMCACHED_CACHE}" + }, + { + "name": "REST_SECURITY_DOMAIN", + "value": "${REST_SECURITY_DOMAIN}" + }, + { + "name": "JGROUPS_ENCRYPT_SECRET", + "value": "${JGROUPS_ENCRYPT_SECRET}" + }, + { + "name": "JGROUPS_ENCRYPT_KEYSTORE", + "value": "${JGROUPS_ENCRYPT_KEYSTORE}" + }, + { + "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR", + "value": "/etc/jgroups-encrypt-secret-volume" + }, + { + "name": "JGROUPS_ENCRYPT_NAME", + "value": "${JGROUPS_ENCRYPT_NAME}" + }, + { + "name": "JGROUPS_ENCRYPT_PASSWORD", + "value": "${JGROUPS_ENCRYPT_PASSWORD}" + }, + { + "name": "JGROUPS_CLUSTER_PASSWORD", + "value": "${JGROUPS_CLUSTER_PASSWORD}" + } + ] + } + ], + "volumes": [ + { + "name": "datagrid-keystore-volume", + "secret": { + "secretName": "${HTTPS_SECRET}" + } + }, + { + "name": "datagrid-jgroups-keystore-volume", + "secret": { + "secretName": "${JGROUPS_ENCRYPT_SECRET}" + } + } + ] + } + } + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}-mysql", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}-mysql" + ], + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "mysql:latest" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-mysql" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}-mysql", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}-mysql", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "containers": [ + { + "name": "${APPLICATION_NAME}-mysql", + "image": "mysql", + "imagePullPolicy": "Always", + "ports": [ + { + "containerPort": 3306, + "protocol": "TCP" + } + ], + "volumeMounts": [ + { + "mountPath": "/var/lib/mysql/data", + "name": "${APPLICATION_NAME}-mysql-pvol" + } + ], + "env": [ + { + "name": "MYSQL_USER", + "value": "${DB_USERNAME}" + }, + { + "name": "MYSQL_PASSWORD", + "value": "${DB_PASSWORD}" + }, + { + "name": "MYSQL_DATABASE", + "value": "${DB_DATABASE}" + }, + { + "name": "MYSQL_LOWER_CASE_TABLE_NAMES", + "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}" + }, + { + "name": "MYSQL_MAX_CONNECTIONS", + "value": "${MYSQL_MAX_CONNECTIONS}" + }, + { + "name": "MYSQL_FT_MIN_WORD_LEN", + "value": "${MYSQL_FT_MIN_WORD_LEN}" + }, + { + "name": "MYSQL_FT_MAX_WORD_LEN", + "value": "${MYSQL_FT_MAX_WORD_LEN}" + }, + { + "name": "MYSQL_AIO", + "value": "${MYSQL_AIO}" + } + ] + } + ], + "volumes": [ + { + "name": "${APPLICATION_NAME}-mysql-pvol", + "persistentVolumeClaim": { + "claimName": "${APPLICATION_NAME}-mysql-claim" + } + } + ] + } + } + } + }, + { + "apiVersion": "v1", + "kind": "PersistentVolumeClaim", + "metadata": { + "name": "${APPLICATION_NAME}-mysql-claim", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "accessModes": [ + "ReadWriteOnce" + ], + "resources": { + "requests": { + "storage": "${VOLUME_CAPACITY}" + } + } + } + } + ] +} diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/datagrid65-mysql.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/datagrid65-mysql.json new file mode 100644 index 000000000..1856c8dc2 --- /dev/null +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/datagrid65-mysql.json @@ -0,0 +1,739 @@ +{ + "kind": "Template", + "apiVersion": "v1", + "metadata": { + "annotations": { + "iconClass": "icon-jboss", + "description": "Application template for JDG 6.5 and MySQL applications.", + "tags": "datagrid,jboss,xpaas", + "version": "1.2.0" + }, + "name": "datagrid65-mysql" + }, + "labels": { + "template": "datagrid65-mysql", + "xpaas": "1.2.0" + }, + "parameters": [ + { + "description": "The name for the application.", + "name": "APPLICATION_NAME", + "value": "datagrid-app", + "required": true + }, + { + "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: -.", + "name": "HOSTNAME_HTTP", + "value": "", + "required": false + }, + { + "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure--.", + "name": "HOSTNAME_HTTPS", + "value": "", + "required": false + }, + { + "description": "User name for JDG user.", + "name": "USERNAME", + "value": "", + "required": false + }, + { + "description": "Password for JDG user.", + "name": "PASSWORD", + "value": "", + "required": false + }, + { + "description": "The name of the secret containing the keystore file", + "name": "HTTPS_SECRET", + "value": "datagrid-app-secret", + "required": true + }, + { + "description": "The name of the keystore file within the secret", + "name": "HTTPS_KEYSTORE", + "value": "keystore.jks", + "required": false + }, + { + "description": "The name associated with the server certificate", + "name": "HTTPS_NAME", + "value": "", + "required": false + }, + { + "description": "The password for the keystore and certificate", + "name": "HTTPS_PASSWORD", + "value": "", + "required": false + }, + { + "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql", + "name": "DB_JNDI", + "value": "java:/jboss/datasources/mysql", + "required": false + }, + { + "description": "Database name", + "name": "DB_DATABASE", + "value": "root", + "required": true + }, + { + "description": "Database user name", + "name": "DB_USERNAME", + "from": "user[a-zA-Z0-9]{3}", + "generate": "expression", + "required": true + }, + { + "description": "Database user password", + "name": "DB_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Sets xa-pool/min-pool-size for the configured datasource.", + "name": "DB_MIN_POOL_SIZE", + "required": false + }, + { + "description": "Sets xa-pool/max-pool-size for the configured datasource.", + "name": "DB_MAX_POOL_SIZE", + "required": false + }, + { + "description": "Sets transaction-isolation for the configured datasource.", + "name": "DB_TX_ISOLATION", + "required": false + }, + { + "description": "Sets how the table names are stored and compared.", + "name": "MYSQL_LOWER_CASE_TABLE_NAMES", + "required": false + }, + { + "description": "The maximum permitted number of simultaneous client connections.", + "name": "MYSQL_MAX_CONNECTIONS", + "required": false + }, + { + "description": "The minimum length of the word to be included in a FULLTEXT index.", + "name": "MYSQL_FT_MIN_WORD_LEN", + "required": false + }, + { + "description": "The maximum length of the word to be included in a FULLTEXT index.", + "name": "MYSQL_FT_MAX_WORD_LEN", + "required": false + }, + { + "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.", + "name": "MYSQL_AIO", + "required": false + }, + { + "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.", + "name": "IMAGE_STREAM_NAMESPACE", + "value": "openshift", + "required": true + }, + { + "description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')", + "name": "INFINISPAN_CONNECTORS", + "value": "hotrod,memcached,rest", + "required": false + }, + { + "description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configured for each entry.", + "name": "CACHE_NAMES", + "value": "", + "required": false + }, + { + "description": "", + "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH", + "value": "", + "required": false + }, + { + "description": "The name of the cache to expose through this memcached connector (defaults to 'default')", + "name": "MEMCACHED_CACHE", + "value": "default", + "required": false + }, + { + "description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint", + "name": "REST_SECURITY_DOMAIN", + "value": "", + "required": false + }, + { + "description": "The name of the secret containing the keystore file", + "name": "JGROUPS_ENCRYPT_SECRET", + "value": "datagrid-app-secret", + "required": false + }, + { + "description": "The name of the keystore file within the secret", + "name": "JGROUPS_ENCRYPT_KEYSTORE", + "value": "jgroups.jceks", + "required": false + }, + { + "description": "The name associated with the server certificate", + "name": "JGROUPS_ENCRYPT_NAME", + "value": "", + "required": false + }, + { + "description": "The password for the keystore and certificate", + "name": "JGROUPS_ENCRYPT_PASSWORD", + "value": "", + "required": false + }, + { + "description": "JGroups cluster password", + "name": "JGROUPS_CLUSTER_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + } + ], + "objects": [ + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8080, + "targetPort": 8080 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's HTTP port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8443, + "targetPort": 8443 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's HTTPS port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 11211, + "targetPort": 11211 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-memcached", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Memcached service for clustered applications." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 11333, + "targetPort": 11333 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-hotrod", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Hot Rod service for clustered applications." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 3306, + "targetPort": 3306 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-mysql" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-mysql", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The database server's port." + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-http", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's HTTP service." + } + }, + "spec": { + "host": "${HOSTNAME_HTTP}", + "to": { + "name": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-https", + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's HTTPS service." + } + }, + "spec": { + "host": "${HOSTNAME_HTTPS}", + "to": { + "name": "secure-${APPLICATION_NAME}" + }, + "tls": { + "termination": "passthrough" + } + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}" + ], + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "jboss-datagrid65-openshift:1.2" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "serviceAccount": "datagrid-service-account", + "terminationGracePeriodSeconds": 60, + "containers": [ + { + "name": "${APPLICATION_NAME}", + "image": "jboss-datagrid65-openshift", + "imagePullPolicy": "Always", + "volumeMounts": [ + { + "name": "datagrid-keystore-volume", + "mountPath": "/etc/datagrid-secret-volume", + "readOnly": true + }, + { + "name": "datagrid-jgroups-keystore-volume", + "mountPath": "/etc/jgroups-encrypt-secret-volume", + "readOnly": true + } + ], + "livenessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/datagrid/bin/livenessProbe.sh" + ] + } + }, + "readinessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/datagrid/bin/readinessProbe.sh" + ] + } + }, + "ports": [ + { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, + { + "name": "http", + "containerPort": 8080, + "protocol": "TCP" + }, + { + "name": "https", + "containerPort": 8443, + "protocol": "TCP" + }, + { + "name": "ping", + "containerPort": 8888, + "protocol": "TCP" + }, + { + "name": "memcached", + "containerPort": 11211, + "protocol": "TCP" + }, + { + "name": "hotrod", + "containerPort": 11222, + "protocol": "TCP" + } + ], + "env": [ + { + "name": "USERNAME", + "value": "${USERNAME}" + }, + { + "name": "PASSWORD", + "value": "${PASSWORD}" + }, + { + "name": "HTTPS_KEYSTORE_DIR", + "value": "/etc/datagrid-secret-volume" + }, + { + "name": "HTTPS_KEYSTORE", + "value": "${HTTPS_KEYSTORE}" + }, + { + "name": "HTTPS_NAME", + "value": "${HTTPS_NAME}" + }, + { + "name": "HTTPS_PASSWORD", + "value": "${HTTPS_PASSWORD}" + }, + { + "name": "DB_SERVICE_PREFIX_MAPPING", + "value": "${APPLICATION_NAME}-mysql=DB" + }, + { + "name": "DB_JNDI", + "value": "${DB_JNDI}" + }, + { + "name": "DB_USERNAME", + "value": "${DB_USERNAME}" + }, + { + "name": "DB_PASSWORD", + "value": "${DB_PASSWORD}" + }, + { + "name": "DB_DATABASE", + "value": "${DB_DATABASE}" + }, + { + "name": "TX_DATABASE_PREFIX_MAPPING", + "value": "${APPLICATION_NAME}-mysql=DB" + }, + { + "name": "DB_MIN_POOL_SIZE", + "value": "${DB_MIN_POOL_SIZE}" + }, + { + "name": "DB_MAX_POOL_SIZE", + "value": "${DB_MAX_POOL_SIZE}" + }, + { + "name": "DB_TX_ISOLATION", + "value": "${DB_TX_ISOLATION}" + }, + { + "name": "DEFAULT_JDBC_STORE_TYPE", + "value": "string" + }, + { + "name": "DEFAULT_JDBC_STORE_DATASOURCE", + "value": "${DB_JNDI}" + }, + { + "name": "MEMCACHED_JDBC_STORE_TYPE", + "value": "string" + }, + { + "name": "MEMCACHED_JDBC_STORE_DATASOURCE", + "value": "${DB_JNDI}" + }, + { + "name": "OPENSHIFT_KUBE_PING_LABELS", + "value": "application=${APPLICATION_NAME}" + }, + { + "name": "OPENSHIFT_KUBE_PING_NAMESPACE", + "valueFrom": { + "fieldRef": { + "fieldPath": "metadata.namespace" + } + } + }, + { + "name": "INFINISPAN_CONNECTORS", + "value": "${INFINISPAN_CONNECTORS}" + }, + { + "name": "CACHE_NAMES", + "value": "${CACHE_NAMES}" + }, + { + "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH", + "value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}" + }, + { + "name": "HOTROD_SERVICE_NAME", + "value": "${APPLICATION_NAME}-hotrod" + }, + { + "name": "MEMCACHED_CACHE", + "value": "${MEMCACHED_CACHE}" + }, + { + "name": "REST_SECURITY_DOMAIN", + "value": "${REST_SECURITY_DOMAIN}" + }, + { + "name": "JGROUPS_ENCRYPT_SECRET", + "value": "${JGROUPS_ENCRYPT_SECRET}" + }, + { + "name": "JGROUPS_ENCRYPT_KEYSTORE", + "value": "${JGROUPS_ENCRYPT_KEYSTORE}" + }, + { + "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR", + "value": "/etc/jgroups-encrypt-secret-volume" + }, + { + "name": "JGROUPS_ENCRYPT_NAME", + "value": "${JGROUPS_ENCRYPT_NAME}" + }, + { + "name": "JGROUPS_ENCRYPT_PASSWORD", + "value": "${JGROUPS_ENCRYPT_PASSWORD}" + }, + { + "name": "JGROUPS_CLUSTER_PASSWORD", + "value": "${JGROUPS_CLUSTER_PASSWORD}" + } + ] + } + ], + "volumes": [ + { + "name": "datagrid-keystore-volume", + "secret": { + "secretName": "${HTTPS_SECRET}" + } + }, + { + "name": "datagrid-jgroups-keystore-volume", + "secret": { + "secretName": "${JGROUPS_ENCRYPT_SECRET}" + } + } + ] + } + } + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}-mysql", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}-mysql" + ], + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "mysql:latest" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-mysql" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}-mysql", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}-mysql", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "containers": [ + { + "name": "${APPLICATION_NAME}-mysql", + "image": "mysql", + "imagePullPolicy": "Always", + "ports": [ + { + "containerPort": 3306, + "protocol": "TCP" + } + ], + "env": [ + { + "name": "MYSQL_USER", + "value": "${DB_USERNAME}" + }, + { + "name": "MYSQL_PASSWORD", + "value": "${DB_PASSWORD}" + }, + { + "name": "MYSQL_DATABASE", + "value": "${DB_DATABASE}" + }, + { + "name": "MYSQL_LOWER_CASE_TABLE_NAMES", + "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}" + }, + { + "name": "MYSQL_MAX_CONNECTIONS", + "value": "${MYSQL_MAX_CONNECTIONS}" + }, + { + "name": "MYSQL_FT_MIN_WORD_LEN", + "value": "${MYSQL_FT_MIN_WORD_LEN}" + }, + { + "name": "MYSQL_FT_MAX_WORD_LEN", + "value": "${MYSQL_FT_MAX_WORD_LEN}" + }, + { + "name": "MYSQL_AIO", + "value": "${MYSQL_AIO}" + } + ] + } + ] + } + } + } + } + ] +} diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/datagrid65-postgresql-persistent.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/datagrid65-postgresql-persistent.json new file mode 100644 index 000000000..10d0f77ce --- /dev/null +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/datagrid65-postgresql-persistent.json @@ -0,0 +1,752 @@ +{ + "kind": "Template", + "apiVersion": "v1", + "metadata": { + "annotations": { + "iconClass": "icon-jboss", + "description": "Application template for JDG 6.5 and PostgreSQL applications with persistent storage.", + "tags": "datagrid,jboss,xpaas", + "version": "1.2.0" + }, + "name": "datagrid65-postgresql-persistent" + }, + "labels": { + "template": "datagrid65-postgresql-persistent", + "xpaas": "1.2.0" + }, + "parameters": [ + { + "description": "The name for the application.", + "name": "APPLICATION_NAME", + "value": "datagrid-app", + "required": true + }, + { + "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: -.", + "name": "HOSTNAME_HTTP", + "value": "", + "required": false + }, + { + "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure--.", + "name": "HOSTNAME_HTTPS", + "value": "", + "required": false + }, + { + "description": "User name for JDG user.", + "name": "USERNAME", + "value": "", + "required": false + }, + { + "description": "Password for JDG user.", + "name": "PASSWORD", + "value": "", + "required": false + }, + { + "description": "The name of the secret containing the keystore file", + "name": "HTTPS_SECRET", + "value": "datagrid-app-secret", + "required": true + }, + { + "description": "The name of the keystore file within the secret", + "name": "HTTPS_KEYSTORE", + "value": "keystore.jks", + "required": false + }, + { + "description": "The name associated with the server certificate", + "name": "HTTPS_NAME", + "value": "", + "required": false + }, + { + "description": "The password for the keystore and certificate", + "name": "HTTPS_PASSWORD", + "value": "", + "required": false + }, + { + "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql", + "name": "DB_JNDI", + "value": "java:jboss/datasources/postgresql", + "required": false + }, + { + "description": "Database name", + "name": "DB_DATABASE", + "value": "root", + "required": true + }, + { + "description": "Database user name", + "name": "DB_USERNAME", + "from": "user[a-zA-Z0-9]{3}", + "generate": "expression", + "required": true + }, + { + "description": "Database user password", + "name": "DB_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Sets xa-pool/min-pool-size for the configured datasource.", + "name": "DB_MIN_POOL_SIZE", + "required": false + }, + { + "description": "Sets xa-pool/max-pool-size for the configured datasource.", + "name": "DB_MAX_POOL_SIZE", + "required": false + }, + { + "description": "Sets transaction-isolation for the configured datasource.", + "name": "DB_TX_ISOLATION", + "required": false + }, + { + "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.", + "name": "POSTGRESQL_MAX_CONNECTIONS", + "required": false + }, + { + "description": "Configures how much memory is dedicated to PostgreSQL for caching data.", + "name": "POSTGRESQL_SHARED_BUFFERS", + "required": false + }, + { + "description": "Size of persistent storage for database volume.", + "name": "VOLUME_CAPACITY", + "value": "512Mi", + "required": true + }, + { + "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.", + "name": "IMAGE_STREAM_NAMESPACE", + "value": "openshift", + "required": true + }, + { + "description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')", + "name": "INFINISPAN_CONNECTORS", + "value": "hotrod,memcached,rest", + "required": false + }, + { + "description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configured for each entry.", + "name": "CACHE_NAMES", + "value": "", + "required": false + }, + { + "description": "", + "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH", + "value": "", + "required": false + }, + { + "description": "The name of the cache to expose through this memcached connector (defaults to 'default')", + "name": "MEMCACHED_CACHE", + "value": "default", + "required": false + }, + { + "description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint", + "name": "REST_SECURITY_DOMAIN", + "value": "", + "required": false + }, + { + "description": "The name of the secret containing the keystore file", + "name": "JGROUPS_ENCRYPT_SECRET", + "value": "datagrid-app-secret", + "required": false + }, + { + "description": "The name of the keystore file within the secret", + "name": "JGROUPS_ENCRYPT_KEYSTORE", + "value": "jgroups.jceks", + "required": false + }, + { + "description": "The name associated with the server certificate", + "name": "JGROUPS_ENCRYPT_NAME", + "value": "", + "required": false + }, + { + "description": "The password for the keystore and certificate", + "name": "JGROUPS_ENCRYPT_PASSWORD", + "value": "", + "required": false + }, + { + "description": "JGroups cluster password", + "name": "JGROUPS_CLUSTER_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + } + ], + "objects": [ + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8080, + "targetPort": 8080 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's HTTP port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8443, + "targetPort": 8443 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's HTTPS port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 11211, + "targetPort": 11211 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-memcached", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Memcached service for clustered applications." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 11333, + "targetPort": 11333 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-hotrod", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Hot Rod service for clustered applications." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 5432, + "targetPort": 5432 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-postgresql" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-postgresql", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The database server's port." + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-http", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's HTTP service." + } + }, + "spec": { + "host": "${HOSTNAME_HTTP}", + "to": { + "name": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-https", + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's HTTPS service." + } + }, + "spec": { + "host": "${HOSTNAME_HTTPS}", + "to": { + "name": "secure-${APPLICATION_NAME}" + }, + "tls": { + "termination": "passthrough" + } + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}" + ], + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "jboss-datagrid65-openshift:1.2" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "serviceAccount": "datagrid-service-account", + "terminationGracePeriodSeconds": 60, + "containers": [ + { + "name": "${APPLICATION_NAME}", + "image": "jboss-datagrid65-openshift", + "imagePullPolicy": "Always", + "volumeMounts": [ + { + "name": "datagrid-keystore-volume", + "mountPath": "/etc/datagrid-secret-volume", + "readOnly": true + }, + { + "name": "datagrid-jgroups-keystore-volume", + "mountPath": "/etc/jgroups-encrypt-secret-volume", + "readOnly": true + } + ], + "livenessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/datagrid/bin/livenessProbe.sh" + ] + } + }, + "readinessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/datagrid/bin/readinessProbe.sh" + ] + } + }, + "ports": [ + { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, + { + "name": "http", + "containerPort": 8080, + "protocol": "TCP" + }, + { + "name": "https", + "containerPort": 8443, + "protocol": "TCP" + }, + { + "name": "ping", + "containerPort": 8888, + "protocol": "TCP" + }, + { + "name": "memcached", + "containerPort": 11211, + "protocol": "TCP" + }, + { + "name": "hotrod", + "containerPort": 11222, + "protocol": "TCP" + } + ], + "env": [ + { + "name": "USERNAME", + "value": "${USERNAME}" + }, + { + "name": "PASSWORD", + "value": "${PASSWORD}" + }, + { + "name": "HTTPS_KEYSTORE_DIR", + "value": "/etc/datagrid-secret-volume" + }, + { + "name": "HTTPS_KEYSTORE", + "value": "${HTTPS_KEYSTORE}" + }, + { + "name": "HTTPS_NAME", + "value": "${HTTPS_NAME}" + }, + { + "name": "HTTPS_PASSWORD", + "value": "${HTTPS_PASSWORD}" + }, + { + "name": "DB_SERVICE_PREFIX_MAPPING", + "value": "${APPLICATION_NAME}-postgresql=DB" + }, + { + "name": "DB_JNDI", + "value": "${DB_JNDI}" + }, + { + "name": "DB_USERNAME", + "value": "${DB_USERNAME}" + }, + { + "name": "DB_PASSWORD", + "value": "${DB_PASSWORD}" + }, + { + "name": "DB_DATABASE", + "value": "${DB_DATABASE}" + }, + { + "name": "TX_DATABASE_PREFIX_MAPPING", + "value": "${APPLICATION_NAME}-postgresql=DB" + }, + { + "name": "DB_MIN_POOL_SIZE", + "value": "${DB_MIN_POOL_SIZE}" + }, + { + "name": "DB_MAX_POOL_SIZE", + "value": "${DB_MAX_POOL_SIZE}" + }, + { + "name": "DB_TX_ISOLATION", + "value": "${DB_TX_ISOLATION}" + }, + { + "name": "DEFAULT_JDBC_STORE_TYPE", + "value": "string" + }, + { + "name": "DEFAULT_JDBC_STORE_DATASOURCE", + "value": "${DB_JNDI}" + }, + { + "name": "MEMCACHED_JDBC_STORE_TYPE", + "value": "string" + }, + { + "name": "MEMCACHED_JDBC_STORE_DATASOURCE", + "value": "${DB_JNDI}" + }, + { + "name": "OPENSHIFT_KUBE_PING_LABELS", + "value": "application=${APPLICATION_NAME}" + }, + { + "name": "OPENSHIFT_KUBE_PING_NAMESPACE", + "valueFrom": { + "fieldRef": { + "fieldPath": "metadata.namespace" + } + } + }, + { + "name": "INFINISPAN_CONNECTORS", + "value": "${INFINISPAN_CONNECTORS}" + }, + { + "name": "CACHE_NAMES", + "value": "${CACHE_NAMES}" + }, + { + "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH", + "value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}" + }, + { + "name": "HOTROD_SERVICE_NAME", + "value": "${APPLICATION_NAME}-hotrod" + }, + { + "name": "MEMCACHED_CACHE", + "value": "${MEMCACHED_CACHE}" + }, + { + "name": "REST_SECURITY_DOMAIN", + "value": "${REST_SECURITY_DOMAIN}" + }, + { + "name": "JGROUPS_ENCRYPT_SECRET", + "value": "${JGROUPS_ENCRYPT_SECRET}" + }, + { + "name": "JGROUPS_ENCRYPT_KEYSTORE", + "value": "${JGROUPS_ENCRYPT_KEYSTORE}" + }, + { + "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR", + "value": "/etc/jgroups-encrypt-secret-volume" + }, + { + "name": "JGROUPS_ENCRYPT_NAME", + "value": "${JGROUPS_ENCRYPT_NAME}" + }, + { + "name": "JGROUPS_ENCRYPT_PASSWORD", + "value": "${JGROUPS_ENCRYPT_PASSWORD}" + }, + { + "name": "JGROUPS_CLUSTER_PASSWORD", + "value": "${JGROUPS_CLUSTER_PASSWORD}" + } + ] + } + ], + "volumes": [ + { + "name": "datagrid-keystore-volume", + "secret": { + "secretName": "${HTTPS_SECRET}" + } + }, + { + "name": "datagrid-jgroups-keystore-volume", + "secret": { + "secretName": "${JGROUPS_ENCRYPT_SECRET}" + } + } + ] + } + } + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}-postgresql", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}-postgresql" + ], + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "postgresql:latest" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-postgresql" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}-postgresql", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}-postgresql", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "containers": [ + { + "name": "${APPLICATION_NAME}-postgresql", + "image": "postgresql", + "imagePullPolicy": "Always", + "ports": [ + { + "containerPort": 5432, + "protocol": "TCP" + } + ], + "volumeMounts": [ + { + "mountPath": "/var/lib/pgsql/data", + "name": "${APPLICATION_NAME}-postgresql-pvol" + } + ], + "env": [ + { + "name": "POSTGRESQL_USER", + "value": "${DB_USERNAME}" + }, + { + "name": "POSTGRESQL_PASSWORD", + "value": "${DB_PASSWORD}" + }, + { + "name": "POSTGRESQL_DATABASE", + "value": "${DB_DATABASE}" + }, + { + "name": "POSTGRESQL_MAX_CONNECTIONS", + "value": "${POSTGRESQL_MAX_CONNECTIONS}" + }, + { + "name": "POSTGRESQL_SHARED_BUFFERS", + "value": "${POSTGRESQL_SHARED_BUFFERS}" + } + ] + } + ], + "volumes": [ + { + "name": "${APPLICATION_NAME}-postgresql-pvol", + "persistentVolumeClaim": { + "claimName": "${APPLICATION_NAME}-postgresql-claim" + } + } + ] + } + } + } + }, + { + "apiVersion": "v1", + "kind": "PersistentVolumeClaim", + "metadata": { + "name": "${APPLICATION_NAME}-postgresql-claim", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "accessModes": [ + "ReadWriteOnce" + ], + "resources": { + "requests": { + "storage": "${VOLUME_CAPACITY}" + } + } + } + } + ] +} diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/datagrid65-postgresql.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/datagrid65-postgresql.json new file mode 100644 index 000000000..9dd378f92 --- /dev/null +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/datagrid65-postgresql.json @@ -0,0 +1,712 @@ +{ + "kind": "Template", + "apiVersion": "v1", + "metadata": { + "annotations": { + "iconClass": "icon-jboss", + "description": "Application template for JDG 6.5 and PostgreSQL applications built using.", + "tags": "datagrid,jboss,xpaas", + "version": "1.2.0" + }, + "name": "datagrid65-postgresql" + }, + "labels": { + "template": "datagrid65-postgresql", + "xpaas": "1.2.0" + }, + "parameters": [ + { + "description": "The name for the application.", + "name": "APPLICATION_NAME", + "value": "datagrid-app", + "required": true + }, + { + "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: -.", + "name": "HOSTNAME_HTTP", + "value": "", + "required": false + }, + { + "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure--.", + "name": "HOSTNAME_HTTPS", + "value": "", + "required": false + }, + { + "description": "User name for JDG user.", + "name": "USERNAME", + "value": "", + "required": false + }, + { + "description": "Password for JDG user.", + "name": "PASSWORD", + "value": "", + "required": false + }, + { + "description": "The name of the secret containing the keystore file", + "name": "HTTPS_SECRET", + "value": "datagrid-app-secret", + "required": true + }, + { + "description": "The name of the keystore file within the secret", + "name": "HTTPS_KEYSTORE", + "value": "keystore.jks", + "required": false + }, + { + "description": "The name associated with the server certificate", + "name": "HTTPS_NAME", + "value": "", + "required": false + }, + { + "description": "The password for the keystore and certificate", + "name": "HTTPS_PASSWORD", + "value": "", + "required": false + }, + { + "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql", + "name": "DB_JNDI", + "value": "java:jboss/datasources/postgresql", + "required": false + }, + { + "description": "Database name", + "name": "DB_DATABASE", + "value": "root", + "required": true + }, + { + "description": "Database user name", + "name": "DB_USERNAME", + "from": "user[a-zA-Z0-9]{3}", + "generate": "expression", + "required": true + }, + { + "description": "Database user password", + "name": "DB_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Sets xa-pool/min-pool-size for the configured datasource.", + "name": "DB_MIN_POOL_SIZE", + "required": false + }, + { + "description": "Sets xa-pool/max-pool-size for the configured datasource.", + "name": "DB_MAX_POOL_SIZE", + "required": false + }, + { + "description": "Sets transaction-isolation for the configured datasource.", + "name": "DB_TX_ISOLATION", + "required": false + }, + { + "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.", + "name": "POSTGRESQL_MAX_CONNECTIONS", + "required": false + }, + { + "description": "Configures how much memory is dedicated to PostgreSQL for caching data.", + "name": "POSTGRESQL_SHARED_BUFFERS", + "required": false + }, + { + "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.", + "name": "IMAGE_STREAM_NAMESPACE", + "value": "openshift", + "required": true + }, + { + "description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')", + "name": "INFINISPAN_CONNECTORS", + "value": "hotrod,memcached,rest", + "required": false + }, + { + "description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configurd for each entry.", + "name": "CACHE_NAMES", + "value": "", + "required": false + }, + { + "description": "", + "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH", + "value": "", + "required": false + }, + { + "description": "The name of the cache to expose through this memcached connector (defaults to 'default')", + "name": "MEMCACHED_CACHE", + "value": "default", + "required": false + }, + { + "description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint", + "name": "REST_SECURITY_DOMAIN", + "value": "", + "required": false + }, + { + "description": "The name of the secret containing the keystore file", + "name": "JGROUPS_ENCRYPT_SECRET", + "value": "datagrid-app-secret", + "required": false + }, + { + "description": "The name of the keystore file within the secret", + "name": "JGROUPS_ENCRYPT_KEYSTORE", + "value": "jgroups.jceks", + "required": false + }, + { + "description": "The name associated with the server certificate", + "name": "JGROUPS_ENCRYPT_NAME", + "value": "", + "required": false + }, + { + "description": "The password for the keystore and certificate", + "name": "JGROUPS_ENCRYPT_PASSWORD", + "value": "", + "required": false + }, + { + "description": "JGroups cluster password", + "name": "JGROUPS_CLUSTER_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + } + ], + "objects": [ + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8080, + "targetPort": 8080 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's HTTP port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8443, + "targetPort": 8443 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's HTTPS port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 11211, + "targetPort": 11211 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-memcached", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Memcached service for clustered applications." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 11333, + "targetPort": 11333 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-hotrod", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Hot Rod service for clustered applications." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 5432, + "targetPort": 5432 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-postgresql" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-postgresql", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The database server's port." + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-http", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's HTTP service." + } + }, + "spec": { + "host": "${HOSTNAME_HTTP}", + "to": { + "name": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-https", + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's HTTPS service." + } + }, + "spec": { + "host": "${HOSTNAME_HTTPS}", + "to": { + "name": "secure-${APPLICATION_NAME}" + }, + "tls": { + "termination": "passthrough" + } + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}" + ], + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "jboss-datagrid65-openshift:1.2" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "serviceAccount": "datagrid-service-account", + "terminationGracePeriodSeconds": 60, + "containers": [ + { + "name": "${APPLICATION_NAME}", + "image": "jboss-datagrid65-openshift", + "imagePullPolicy": "Always", + "volumeMounts": [ + { + "name": "datagrid-keystore-volume", + "mountPath": "/etc/datagrid-secret-volume", + "readOnly": true + }, + { + "name": "datagrid-jgroups-keystore-volume", + "mountPath": "/etc/jgroups-encrypt-secret-volume", + "readOnly": true + } + ], + "livenessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/datagrid/bin/livenessProbe.sh" + ] + } + }, + "readinessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/datagrid/bin/readinessProbe.sh" + ] + } + }, + "ports": [ + { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, + { + "name": "http", + "containerPort": 8080, + "protocol": "TCP" + }, + { + "name": "https", + "containerPort": 8443, + "protocol": "TCP" + }, + { + "name": "ping", + "containerPort": 8888, + "protocol": "TCP" + }, + { + "name": "memcached", + "containerPort": 11211, + "protocol": "TCP" + }, + { + "name": "hotrod", + "containerPort": 11222, + "protocol": "TCP" + } + ], + "env": [ + { + "name": "USERNAME", + "value": "${USERNAME}" + }, + { + "name": "PASSWORD", + "value": "${PASSWORD}" + }, + { + "name": "HTTPS_KEYSTORE_DIR", + "value": "/etc/datagrid-secret-volume" + }, + { + "name": "HTTPS_KEYSTORE", + "value": "${HTTPS_KEYSTORE}" + }, + { + "name": "HTTPS_NAME", + "value": "${HTTPS_NAME}" + }, + { + "name": "HTTPS_PASSWORD", + "value": "${HTTPS_PASSWORD}" + }, + { + "name": "DB_SERVICE_PREFIX_MAPPING", + "value": "${APPLICATION_NAME}-postgresql=DB" + }, + { + "name": "DB_JNDI", + "value": "${DB_JNDI}" + }, + { + "name": "DB_USERNAME", + "value": "${DB_USERNAME}" + }, + { + "name": "DB_PASSWORD", + "value": "${DB_PASSWORD}" + }, + { + "name": "DB_DATABASE", + "value": "${DB_DATABASE}" + }, + { + "name": "TX_DATABASE_PREFIX_MAPPING", + "value": "${APPLICATION_NAME}-postgresql=DB" + }, + { + "name": "DB_MIN_POOL_SIZE", + "value": "${DB_MIN_POOL_SIZE}" + }, + { + "name": "DB_MAX_POOL_SIZE", + "value": "${DB_MAX_POOL_SIZE}" + }, + { + "name": "DB_TX_ISOLATION", + "value": "${DB_TX_ISOLATION}" + }, + { + "name": "DEFAULT_JDBC_STORE_TYPE", + "value": "string" + }, + { + "name": "DEFAULT_JDBC_STORE_DATASOURCE", + "value": "${DB_JNDI}" + }, + { + "name": "MEMCACHED_JDBC_STORE_TYPE", + "value": "string" + }, + { + "name": "MEMCACHED_JDBC_STORE_DATASOURCE", + "value": "${DB_JNDI}" + }, + { + "name": "OPENSHIFT_KUBE_PING_LABELS", + "value": "application=${APPLICATION_NAME}" + }, + { + "name": "OPENSHIFT_KUBE_PING_NAMESPACE", + "valueFrom": { + "fieldRef": { + "fieldPath": "metadata.namespace" + } + } + }, + { + "name": "INFINISPAN_CONNECTORS", + "value": "${INFINISPAN_CONNECTORS}" + }, + { + "name": "CACHE_NAMES", + "value": "${CACHE_NAMES}" + }, + { + "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH", + "value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}" + }, + { + "name": "HOTROD_SERVICE_NAME", + "value": "${APPLICATION_NAME}-hotrod" + }, + { + "name": "MEMCACHED_CACHE", + "value": "${MEMCACHED_CACHE}" + }, + { + "name": "REST_SECURITY_DOMAIN", + "value": "${REST_SECURITY_DOMAIN}" + }, + { + "name": "JGROUPS_ENCRYPT_SECRET", + "value": "${JGROUPS_ENCRYPT_SECRET}" + }, + { + "name": "JGROUPS_ENCRYPT_KEYSTORE", + "value": "${JGROUPS_ENCRYPT_KEYSTORE}" + }, + { + "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR", + "value": "/etc/jgroups-encrypt-secret-volume" + }, + { + "name": "JGROUPS_ENCRYPT_NAME", + "value": "${JGROUPS_ENCRYPT_NAME}" + }, + { + "name": "JGROUPS_ENCRYPT_PASSWORD", + "value": "${JGROUPS_ENCRYPT_PASSWORD}" + }, + { + "name": "JGROUPS_CLUSTER_PASSWORD", + "value": "${JGROUPS_CLUSTER_PASSWORD}" + } + ] + } + ], + "volumes": [ + { + "name": "datagrid-keystore-volume", + "secret": { + "secretName": "${HTTPS_SECRET}" + } + }, + { + "name": "datagrid-jgroups-keystore-volume", + "secret": { + "secretName": "${JGROUPS_ENCRYPT_SECRET}" + } + } + ] + } + } + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}-postgresql", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}-postgresql" + ], + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "postgresql:latest" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-postgresql" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}-postgresql", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}-postgresql", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "containers": [ + { + "name": "${APPLICATION_NAME}-postgresql", + "image": "postgresql", + "imagePullPolicy": "Always", + "ports": [ + { + "containerPort": 5432, + "protocol": "TCP" + } + ], + "env": [ + { + "name": "POSTGRESQL_USER", + "value": "${DB_USERNAME}" + }, + { + "name": "POSTGRESQL_PASSWORD", + "value": "${DB_PASSWORD}" + }, + { + "name": "POSTGRESQL_DATABASE", + "value": "${DB_DATABASE}" + }, + { + "name": "POSTGRESQL_MAX_CONNECTIONS", + "value": "${POSTGRESQL_MAX_CONNECTIONS}" + }, + { + "name": "POSTGRESQL_SHARED_BUFFERS", + "value": "${POSTGRESQL_SHARED_BUFFERS}" + } + ] + } + ] + } + } + } + } + ] +} diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/decisionserver62-amq-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/decisionserver62-amq-s2i.json new file mode 100644 index 000000000..0c82eaa61 --- /dev/null +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/decisionserver62-amq-s2i.json @@ -0,0 +1,684 @@ +{ + "kind": "Template", + "apiVersion": "v1", + "metadata": { + "annotations": { + "description": "Application template for BRMS Realtime Decision Server 6 A-MQ applications built using S2I.", + "iconClass": "icon-jboss", + "tags": "decisionserver,amq,java,messaging,jboss,xpaas", + "version": "1.2.0" + }, + "name": "decisionserver62-amq-s2i" + }, + "labels": { + "template": "decisionserver62-amq-s2i", + "xpaas": "1.2.0" + }, + "parameters": [ + { + "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2", + "name": "KIE_CONTAINER_DEPLOYMENT", + "value": "HelloRulesContainer=org.openshift.quickstarts:decisionserver-hellorules:1.2.0.Final", + "required": false + }, + { + "description": "The user name to access the KIE Server REST or JMS interface.", + "name": "KIE_SERVER_USER", + "value": "kieserver", + "required": false + }, + { + "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).", + "name": "KIE_SERVER_PASSWORD", + "from": "[a-zA-Z]{6}[0-9]{1}!", + "generate": "expression", + "required": false + }, + { + "description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.", + "name": "KIE_SERVER_DOMAIN", + "value": "other", + "required": false + }, + { + "description": "JNDI name of response queue for JMS.", + "name": "KIE_SERVER_JMS_QUEUES_RESPONSE", + "value": "queue/KIE.SERVER.RESPONSE", + "required": false + }, + { + "description": "The name for the application.", + "name": "APPLICATION_NAME", + "value": "kie-app", + "required": true + }, + { + "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: -.", + "name": "HOSTNAME_HTTP", + "value": "", + "required": false + }, + { + "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure--.", + "name": "HOSTNAME_HTTPS", + "value": "", + "required": false + }, + { + "description": "Git source URI for application", + "name": "SOURCE_REPOSITORY_URL", + "value": "https://github.com/jboss-openshift/openshift-quickstarts.git", + "required": true + }, + { + "description": "Git branch/tag reference", + "name": "SOURCE_REPOSITORY_REF", + "value": "1.2", + "required": false + }, + { + "description": "Path within Git project to build; empty for root project directory.", + "name": "CONTEXT_DIR", + "value": "decisionserver/hellorules", + "required": false + }, + { + "description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/JmsXA", + "name": "MQ_JNDI", + "value": "java:/JmsXA", + "required": false + }, + { + "description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.", + "name": "MQ_PROTOCOL", + "value": "openwire", + "required": false + }, + { + "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.", + "name": "MQ_QUEUES", + "value": "KIE.SERVER.REQUEST,KIE.SERVER.RESPONSE", + "required": false + }, + { + "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.", + "name": "MQ_TOPICS", + "value": "", + "required": false + }, + { + "description": "The name of the secret containing the keystore file", + "name": "HTTPS_SECRET", + "value": "decisionserver-app-secret", + "required": false + }, + { + "description": "The name of the keystore file within the secret", + "name": "HTTPS_KEYSTORE", + "value": "keystore.jks", + "required": false + }, + { + "description": "The name associated with the server certificate", + "name": "HTTPS_NAME", + "value": "jboss", + "required": false + }, + { + "description": "The password for the keystore and certificate", + "name": "HTTPS_PASSWORD", + "value": "mykeystorepass", + "required": false + }, + { + "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.", + "name": "MQ_USERNAME", + "from": "user[a-zA-Z0-9]{3}", + "generate": "expression", + "required": false + }, + { + "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.", + "name": "MQ_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": false + }, + { + "description": "User name for broker admin. If left empty, it will be generated.", + "name": "AMQ_ADMIN_USERNAME", + "from": "user[a-zA-Z0-9]{3}", + "generate": "expression", + "required": true + }, + { + "description": "Password for broker admin. If left empty, it will be generated.", + "name": "AMQ_ADMIN_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "GitHub trigger secret", + "name": "GITHUB_WEBHOOK_SECRET", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Generic build trigger secret", + "name": "GENERIC_WEBHOOK_SECRET", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.", + "name": "IMAGE_STREAM_NAMESPACE", + "value": "openshift", + "required": true + } + ], + "objects": [ + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8080, + "targetPort": 8080 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's HTTP port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8443, + "targetPort": 8443 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's HTTPS port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 61616, + "targetPort": 61616 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-amq" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-amq-tcp", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The broker's OpenWire port." + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-http", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's HTTP service." + } + }, + "spec": { + "host": "${HOSTNAME_HTTP}", + "to": { + "name": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-https", + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's HTTPS service." + } + }, + "spec": { + "host": "${HOSTNAME_HTTPS}", + "to": { + "name": "secure-${APPLICATION_NAME}" + }, + "tls": { + "termination": "passthrough" + } + } + }, + { + "kind": "ImageStream", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "BuildConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "source": { + "type": "Git", + "git": { + "uri": "${SOURCE_REPOSITORY_URL}", + "ref": "${SOURCE_REPOSITORY_REF}" + }, + "contextDir": "${CONTEXT_DIR}" + }, + "strategy": { + "type": "Source", + "sourceStrategy": { + "env": [ + { + "name": "KIE_CONTAINER_DEPLOYMENT", + "value": "${KIE_CONTAINER_DEPLOYMENT}" + } + ], + "forcePull": true, + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "jboss-decisionserver62-openshift:1.2" + } + } + }, + "output": { + "to": { + "kind": "ImageStreamTag", + "name": "${APPLICATION_NAME}:latest" + } + }, + "triggers": [ + { + "type": "GitHub", + "github": { + "secret": "${GITHUB_WEBHOOK_SECRET}" + } + }, + { + "type": "Generic", + "generic": { + "secret": "${GENERIC_WEBHOOK_SECRET}" + } + }, + { + "type": "ImageChange", + "imageChange": {} + }, + { + "type": "ConfigChange" + } + ] + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}" + ], + "from": { + "kind": "ImageStream", + "name": "${APPLICATION_NAME}" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "serviceAccount": "decisionserver-service-account", + "terminationGracePeriodSeconds": 60, + "containers": [ + { + "name": "${APPLICATION_NAME}", + "image": "${APPLICATION_NAME}", + "imagePullPolicy": "Always", + "volumeMounts": [ + { + "name": "decisionserver-keystore-volume", + "mountPath": "/etc/decisionserver-secret-volume", + "readOnly": true + } + ], + "livenessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/eap/bin/livenessProbe.sh" + ] + } + }, + "readinessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/eap/bin/readinessProbe.sh" + ] + } + }, + "ports": [ + { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, + { + "name": "http", + "containerPort": 8080, + "protocol": "TCP" + }, + { + "name": "https", + "containerPort": 8443, + "protocol": "TCP" + }, + { + "name": "ping", + "containerPort": 8888, + "protocol": "TCP" + } + ], + "env": [ + { + "name": "KIE_CONTAINER_DEPLOYMENT", + "value": "${KIE_CONTAINER_DEPLOYMENT}" + }, + { + "name": "KIE_SERVER_USER", + "value": "${KIE_SERVER_USER}" + }, + { + "name": "KIE_SERVER_PASSWORD", + "value": "${KIE_SERVER_PASSWORD}" + }, + { + "name": "KIE_SERVER_DOMAIN", + "value": "${KIE_SERVER_DOMAIN}" + }, + { + "name": "KIE_SERVER_JMS_QUEUES_RESPONSE", + "value": "${KIE_SERVER_JMS_QUEUES_RESPONSE}" + }, + { + "name": "MQ_SERVICE_PREFIX_MAPPING", + "value": "${APPLICATION_NAME}-amq=MQ" + }, + { + "name": "MQ_JNDI", + "value": "${MQ_JNDI}" + }, + { + "name": "MQ_USERNAME", + "value": "${MQ_USERNAME}" + }, + { + "name": "MQ_PASSWORD", + "value": "${MQ_PASSWORD}" + }, + { + "name": "MQ_PROTOCOL", + "value": "tcp" + }, + { + "name": "MQ_QUEUES", + "value": "${MQ_QUEUES}" + }, + { + "name": "MQ_TOPICS", + "value": "${MQ_TOPICS}" + }, + { + "name": "HTTPS_KEYSTORE_DIR", + "value": "/etc/decisionserver-secret-volume" + }, + { + "name": "HTTPS_KEYSTORE", + "value": "${HTTPS_KEYSTORE}" + }, + { + "name": "HTTPS_NAME", + "value": "${HTTPS_NAME}" + }, + { + "name": "HTTPS_PASSWORD", + "value": "${HTTPS_PASSWORD}" + } + ] + } + ], + "volumes": [ + { + "name": "decisionserver-keystore-volume", + "secret": { + "secretName": "${HTTPS_SECRET}" + } + } + ] + } + } + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}-amq", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}-amq" + ], + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "jboss-amq-62:1.2" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-amq" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}-amq", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}-amq", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "terminationGracePeriodSeconds": 60, + "containers": [ + { + "name": "${APPLICATION_NAME}-amq", + "image": "jboss-amq-62", + "imagePullPolicy": "Always", + "readinessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/amq/bin/readinessProbe.sh" + ] + } + }, + "ports": [ + { + "name": "amqp", + "containerPort": 5672, + "protocol": "TCP" + }, + { + "name": "amqp-ssl", + "containerPort": 5671, + "protocol": "TCP" + }, + { + "name": "mqtt", + "containerPort": 1883, + "protocol": "TCP" + }, + { + "name": "stomp", + "containerPort": 61613, + "protocol": "TCP" + }, + { + "name": "stomp-ssl", + "containerPort": 61612, + "protocol": "TCP" + }, + { + "name": "tcp", + "containerPort": 61616, + "protocol": "TCP" + }, + { + "name": "tcp-ssl", + "containerPort": 61617, + "protocol": "TCP" + } + ], + "env": [ + { + "name": "AMQ_USER", + "value": "${MQ_USERNAME}" + }, + { + "name": "AMQ_PASSWORD", + "value": "${MQ_PASSWORD}" + }, + { + "name": "AMQ_TRANSPORTS", + "value": "${MQ_PROTOCOL}" + }, + { + "name": "AMQ_QUEUES", + "value": "${MQ_QUEUES}" + }, + { + "name": "AMQ_TOPICS", + "value": "${MQ_TOPICS}" + }, + { + "name": "AMQ_ADMIN_USERNAME", + "value": "${AMQ_ADMIN_USERNAME}" + }, + { + "name": "AMQ_ADMIN_PASSWORD", + "value": "${AMQ_ADMIN_PASSWORD}" + } + ] + } + ] + } + } + } + } + ] +} diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/decisionserver62-basic-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/decisionserver62-basic-s2i.json new file mode 100644 index 000000000..097720375 --- /dev/null +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/decisionserver62-basic-s2i.json @@ -0,0 +1,344 @@ +{ + "kind": "Template", + "apiVersion": "v1", + "metadata": { + "annotations": { + "description": "Application template for BRMS Realtime Decision Server 6 applications built using S2I.", + "iconClass": "icon-jboss", + "tags": "decisionserver,java,jboss,xpaas", + "version": "1.2.0" + }, + "name": "decisionserver62-basic-s2i" + }, + "labels": { + "template": "decisionserver62-basic-s2i", + "xpaas": "1.2.0" + }, + "parameters": [ + { + "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2", + "name": "KIE_CONTAINER_DEPLOYMENT", + "value": "HelloRulesContainer=org.openshift.quickstarts:decisionserver-hellorules:1.2.0.Final", + "required": false + }, + { + "description": "The user name to access the KIE Server REST or JMS interface.", + "name": "KIE_SERVER_USER", + "value": "kieserver", + "required": false + }, + { + "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).", + "name": "KIE_SERVER_PASSWORD", + "from": "[a-zA-Z]{6}[0-9]{1}!", + "generate": "expression", + "required": false + }, + { + "description": "The name for the application.", + "name": "APPLICATION_NAME", + "value": "kie-app", + "required": true + }, + { + "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: -.", + "name": "HOSTNAME_HTTP", + "value": "", + "required": false + }, + { + "description": "Git source URI for application", + "name": "SOURCE_REPOSITORY_URL", + "value": "https://github.com/jboss-openshift/openshift-quickstarts.git", + "required": true + }, + { + "description": "Git branch/tag reference", + "name": "SOURCE_REPOSITORY_REF", + "value": "1.2", + "required": false + }, + { + "description": "Path within Git project to build; empty for root project directory.", + "name": "CONTEXT_DIR", + "value": "decisionserver/hellorules", + "required": false + }, + { + "description": "Queue names", + "name": "HORNETQ_QUEUES", + "value": "", + "required": false + }, + { + "description": "Topic names", + "name": "HORNETQ_TOPICS", + "value": "", + "required": false + }, + { + "description": "HornetQ cluster admin password", + "name": "HORNETQ_CLUSTER_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "GitHub trigger secret", + "name": "GITHUB_WEBHOOK_SECRET", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Generic build trigger secret", + "name": "GENERIC_WEBHOOK_SECRET", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.", + "name": "IMAGE_STREAM_NAMESPACE", + "value": "openshift", + "required": true + } + ], + "objects": [ + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8080, + "targetPort": 8080 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's http port." + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-http", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's http service." + } + }, + "spec": { + "host": "${HOSTNAME_HTTP}", + "to": { + "name": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "ImageStream", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "BuildConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "source": { + "type": "Git", + "git": { + "uri": "${SOURCE_REPOSITORY_URL}", + "ref": "${SOURCE_REPOSITORY_REF}" + }, + "contextDir": "${CONTEXT_DIR}" + }, + "strategy": { + "type": "Source", + "sourceStrategy": { + "env": [ + { + "name": "KIE_CONTAINER_DEPLOYMENT", + "value": "${KIE_CONTAINER_DEPLOYMENT}" + } + ], + "forcePull": true, + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "jboss-decisionserver62-openshift:1.2" + } + } + }, + "output": { + "to": { + "kind": "ImageStreamTag", + "name": "${APPLICATION_NAME}:latest" + } + }, + "triggers": [ + { + "type": "GitHub", + "github": { + "secret": "${GITHUB_WEBHOOK_SECRET}" + } + }, + { + "type": "Generic", + "generic": { + "secret": "${GENERIC_WEBHOOK_SECRET}" + } + }, + { + "type": "ImageChange", + "imageChange": {} + }, + { + "type": "ConfigChange" + } + ] + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}" + ], + "from": { + "kind": "ImageStream", + "name": "${APPLICATION_NAME}" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "terminationGracePeriodSeconds": 60, + "containers": [ + { + "name": "${APPLICATION_NAME}", + "image": "${APPLICATION_NAME}", + "imagePullPolicy": "Always", + "livenessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/eap/bin/livenessProbe.sh" + ] + } + }, + "readinessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/eap/bin/readinessProbe.sh" + ] + } + }, + "ports": [ + { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, + { + "name": "http", + "containerPort": 8080, + "protocol": "TCP" + }, + { + "name": "ping", + "containerPort": 8888, + "protocol": "TCP" + } + ], + "env": [ + { + "name": "KIE_CONTAINER_DEPLOYMENT", + "value": "${KIE_CONTAINER_DEPLOYMENT}" + }, + { + "name": "KIE_SERVER_USER", + "value": "${KIE_SERVER_USER}" + }, + { + "name": "KIE_SERVER_PASSWORD", + "value": "${KIE_SERVER_PASSWORD}" + }, + { + "name": "HORNETQ_CLUSTER_PASSWORD", + "value": "${HORNETQ_CLUSTER_PASSWORD}" + }, + { + "name": "HORNETQ_QUEUES", + "value": "${HORNETQ_QUEUES}" + }, + { + "name": "HORNETQ_TOPICS", + "value": "${HORNETQ_TOPICS}" + } + ] + } + ] + } + } + } + } + ] +} diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/decisionserver62-https-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/decisionserver62-https-s2i.json new file mode 100644 index 000000000..d0505fc5f --- /dev/null +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/decisionserver62-https-s2i.json @@ -0,0 +1,478 @@ +{ + "kind": "Template", + "apiVersion": "v1", + "metadata": { + "annotations": { + "description": "Application template for BRMS Realtime Decision Server 6 HTTPS applications built using S2I.", + "iconClass": "icon-jboss", + "tags": "decisionserver,java,jboss,xpaas", + "version": "1.2.0" + }, + "name": "decisionserver62-https-s2i" + }, + "labels": { + "template": "decisionserver62-https-s2i", + "xpaas": "1.2.0" + }, + "parameters": [ + { + "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2", + "name": "KIE_CONTAINER_DEPLOYMENT", + "value": "HelloRulesContainer=org.openshift.quickstarts:decisionserver-hellorules:1.2.0.Final", + "required": false + }, + { + "description": "The protocol to access the KIE Server REST interface.", + "name": "KIE_SERVER_PROTOCOL", + "value": "https", + "required": false + }, + { + "description": "The port to access the KIE Server REST interface.", + "name": "KIE_SERVER_PORT", + "value": "8443", + "required": false + }, + { + "description": "The user name to access the KIE Server REST or JMS interface.", + "name": "KIE_SERVER_USER", + "value": "kieserver", + "required": false + }, + { + "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).", + "name": "KIE_SERVER_PASSWORD", + "from": "[a-zA-Z]{6}[0-9]{1}!", + "generate": "expression", + "required": false + }, + { + "description": "The name for the application.", + "name": "APPLICATION_NAME", + "value": "kie-app", + "required": true + }, + { + "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: -.", + "name": "HOSTNAME_HTTP", + "value": "", + "required": false + }, + { + "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure--.", + "name": "HOSTNAME_HTTPS", + "value": "", + "required": false + }, + { + "description": "Git source URI for application", + "name": "SOURCE_REPOSITORY_URL", + "value": "https://github.com/jboss-openshift/openshift-quickstarts.git", + "required": true + }, + { + "description": "Git branch/tag reference", + "name": "SOURCE_REPOSITORY_REF", + "value": "1.2", + "required": false + }, + { + "description": "Path within Git project to build; empty for root project directory.", + "name": "CONTEXT_DIR", + "value": "decisionserver/hellorules", + "required": false + }, + { + "description": "Queue names", + "name": "HORNETQ_QUEUES", + "value": "", + "required": false + }, + { + "description": "Topic names", + "name": "HORNETQ_TOPICS", + "value": "", + "required": false + }, + { + "description": "The name of the secret containing the keystore file", + "name": "HTTPS_SECRET", + "value": "decisionserver-app-secret", + "required": true + }, + { + "description": "The name of the keystore file within the secret", + "name": "HTTPS_KEYSTORE", + "value": "keystore.jks", + "required": false + }, + { + "description": "The name associated with the server certificate", + "name": "HTTPS_NAME", + "value": "jboss", + "required": false + }, + { + "description": "The password for the keystore and certificate", + "name": "HTTPS_PASSWORD", + "value": "mykeystorepass", + "required": false + }, + { + "description": "HornetQ cluster admin password", + "name": "HORNETQ_CLUSTER_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "GitHub trigger secret", + "name": "GITHUB_WEBHOOK_SECRET", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Generic build trigger secret", + "name": "GENERIC_WEBHOOK_SECRET", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.", + "name": "IMAGE_STREAM_NAMESPACE", + "value": "openshift", + "required": true + } + ], + "objects": [ + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8080, + "targetPort": 8080 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's http port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8443, + "targetPort": 8443 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's https port." + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-http", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's http service." + } + }, + "spec": { + "host": "${HOSTNAME_HTTP}", + "to": { + "name": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-https", + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's https service." + } + }, + "spec": { + "host": "${HOSTNAME_HTTPS}", + "to": { + "name": "secure-${APPLICATION_NAME}" + }, + "tls": { + "termination": "passthrough" + } + } + }, + { + "kind": "ImageStream", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "BuildConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "source": { + "type": "Git", + "git": { + "uri": "${SOURCE_REPOSITORY_URL}", + "ref": "${SOURCE_REPOSITORY_REF}" + }, + "contextDir": "${CONTEXT_DIR}" + }, + "strategy": { + "type": "Source", + "sourceStrategy": { + "env": [ + { + "name": "KIE_CONTAINER_DEPLOYMENT", + "value": "${KIE_CONTAINER_DEPLOYMENT}" + } + ], + "forcePull": true, + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "jboss-decisionserver62-openshift:1.2" + } + } + }, + "output": { + "to": { + "kind": "ImageStreamTag", + "name": "${APPLICATION_NAME}:latest" + } + }, + "triggers": [ + { + "type": "GitHub", + "github": { + "secret": "${GITHUB_WEBHOOK_SECRET}" + } + }, + { + "type": "Generic", + "generic": { + "secret": "${GENERIC_WEBHOOK_SECRET}" + } + }, + { + "type": "ImageChange", + "imageChange": {} + }, + { + "type": "ConfigChange" + } + ] + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}" + ], + "from": { + "kind": "ImageStream", + "name": "${APPLICATION_NAME}" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "serviceAccount": "decisionserver-service-account", + "terminationGracePeriodSeconds": 60, + "containers": [ + { + "name": "${APPLICATION_NAME}", + "image": "${APPLICATION_NAME}", + "imagePullPolicy": "Always", + "volumeMounts": [ + { + "name": "decisionserver-keystore-volume", + "mountPath": "/etc/decisionserver-secret-volume", + "readOnly": true + } + ], + "livenessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/eap/bin/livenessProbe.sh" + ] + } + }, + "readinessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/eap/bin/readinessProbe.sh" + ] + } + }, + "ports": [ + { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, + { + "name": "http", + "containerPort": 8080, + "protocol": "TCP" + }, + { + "name": "https", + "containerPort": 8443, + "protocol": "TCP" + }, + { + "name": "ping", + "containerPort": 8888, + "protocol": "TCP" + } + ], + "env": [ + { + "name": "KIE_CONTAINER_DEPLOYMENT", + "value": "${KIE_CONTAINER_DEPLOYMENT}" + }, + { + "name": "KIE_SERVER_PROTOCOL", + "value": "${KIE_SERVER_PROTOCOL}" + }, + { + "name": "KIE_SERVER_PORT", + "value": "${KIE_SERVER_PORT}" + }, + { + "name": "KIE_SERVER_USER", + "value": "${KIE_SERVER_USER}" + }, + { + "name": "KIE_SERVER_PASSWORD", + "value": "${KIE_SERVER_PASSWORD}" + }, + { + "name": "HTTPS_KEYSTORE_DIR", + "value": "/etc/decisionserver-secret-volume" + }, + { + "name": "HTTPS_KEYSTORE", + "value": "${HTTPS_KEYSTORE}" + }, + { + "name": "HTTPS_NAME", + "value": "${HTTPS_NAME}" + }, + { + "name": "HTTPS_PASSWORD", + "value": "${HTTPS_PASSWORD}" + }, + { + "name": "HORNETQ_CLUSTER_PASSWORD", + "value": "${HORNETQ_CLUSTER_PASSWORD}" + }, + { + "name": "HORNETQ_QUEUES", + "value": "${HORNETQ_QUEUES}" + }, + { + "name": "HORNETQ_TOPICS", + "value": "${HORNETQ_TOPICS}" + } + ] + } + ], + "volumes": [ + { + "name": "decisionserver-keystore-volume", + "secret": { + "secretName": "${HTTPS_SECRET}" + } + } + ] + } + } + } + } + ] +} diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-amq-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-amq-persistent-s2i.json index 2fc3b5b25..4b38dade3 100644 --- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-amq-persistent-s2i.json +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-amq-persistent-s2i.json @@ -6,13 +6,13 @@ "description": "Application template for EAP 6 A-MQ applications with persistent storage built using S2I.", "iconClass": "icon-jboss", "tags": "eap,amq,javaee,java,messaging,jboss,xpaas", - "version": "1.1.0" + "version": "1.2.0" }, "name": "eap64-amq-persistent-s2i" }, "labels": { "template": "eap64-amq-persistent-s2i", - "xpaas": "1.1.0" + "xpaas": "1.2.0" }, "parameters": [ { @@ -22,21 +22,27 @@ "required": true }, { - "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: ..", - "name": "APPLICATION_DOMAIN", + "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: -.", + "name": "HOSTNAME_HTTP", + "value": "", + "required": false + }, + { + "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure--.", + "name": "HOSTNAME_HTTPS", "value": "", "required": false }, { "description": "Git source URI for application", "name": "SOURCE_REPOSITORY_URL", - "value": "https://github.com/jboss-openshift/openshift-quickstarts.git", + "value": "https://github.com/jboss-developer/jboss-eap-quickstarts.git", "required": true }, { "description": "Git branch/tag reference", "name": "SOURCE_REPOSITORY_REF", - "value": "1.1", + "value": "6.4.x", "required": false }, { @@ -77,25 +83,25 @@ }, { "description": "The name of the secret containing the keystore file", - "name": "EAP_HTTPS_SECRET", + "name": "HTTPS_SECRET", "value": "eap-app-secret", "required": false }, { "description": "The name of the keystore file within the secret", - "name": "EAP_HTTPS_KEYSTORE", + "name": "HTTPS_KEYSTORE", "value": "keystore.jks", "required": false }, { "description": "The name associated with the server certificate", - "name": "EAP_HTTPS_NAME", + "name": "HTTPS_NAME", "value": "", "required": false }, { "description": "The password for the keystore and certificate", - "name": "EAP_HTTPS_PASSWORD", + "name": "HTTPS_PASSWORD", "value": "", "required": false }, @@ -146,6 +152,37 @@ "name": "IMAGE_STREAM_NAMESPACE", "value": "openshift", "required": true + }, + { + "description": "The name of the secret containing the keystore file", + "name": "JGROUPS_ENCRYPT_SECRET", + "value": "eap-app-secret", + "required": false + }, + { + "description": "The name of the keystore file within the secret", + "name": "JGROUPS_ENCRYPT_KEYSTORE", + "value": "jgroups.jceks", + "required": false + }, + { + "description": "The name associated with the server certificate", + "name": "JGROUPS_ENCRYPT_NAME", + "value": "", + "required": false + }, + { + "description": "The password for the keystore and certificate", + "name": "JGROUPS_ENCRYPT_PASSWORD", + "value": "", + "required": false + }, + { + "description": "JGroups cluster password", + "name": "JGROUPS_CLUSTER_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true } ], "objects": [ @@ -235,7 +272,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTP}", "to": { "name": "${APPLICATION_NAME}" } @@ -255,7 +292,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTPS}", "to": { "name": "secure-${APPLICATION_NAME}" }, @@ -299,7 +336,7 @@ "from": { "kind": "ImageStreamTag", "namespace": "${IMAGE_STREAM_NAMESPACE}", - "name": "jboss-eap64-openshift:1.1" + "name": "jboss-eap64-openshift:1.2" } } }, @@ -388,8 +425,22 @@ "name": "eap-keystore-volume", "mountPath": "/etc/eap-secret-volume", "readOnly": true + }, + { + "name": "eap-jgroups-keystore-volume", + "mountPath": "/etc/jgroups-encrypt-secret-volume", + "readOnly": true } ], + "livenessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/eap/bin/livenessProbe.sh" + ] + } + }, "readinessProbe": { "exec": { "command": [ @@ -400,6 +451,11 @@ } }, "ports": [ + { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, { "name": "http", "containerPort": 8080, @@ -458,20 +514,44 @@ } }, { - "name": "EAP_HTTPS_KEYSTORE_DIR", + "name": "HTTPS_KEYSTORE_DIR", "value": "/etc/eap-secret-volume" }, { - "name": "EAP_HTTPS_KEYSTORE", - "value": "${EAP_HTTPS_KEYSTORE}" + "name": "HTTPS_KEYSTORE", + "value": "${HTTPS_KEYSTORE}" + }, + { + "name": "HTTPS_NAME", + "value": "${HTTPS_NAME}" + }, + { + "name": "HTTPS_PASSWORD", + "value": "${HTTPS_PASSWORD}" + }, + { + "name": "JGROUPS_ENCRYPT_SECRET", + "value": "${JGROUPS_ENCRYPT_SECRET}" + }, + { + "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR", + "value": "/etc/jgroups-encrypt-secret-volume" }, { - "name": "EAP_HTTPS_NAME", - "value": "${EAP_HTTPS_NAME}" + "name": "JGROUPS_ENCRYPT_KEYSTORE", + "value": "${JGROUPS_ENCRYPT_KEYSTORE}" }, { - "name": "EAP_HTTPS_PASSWORD", - "value": "${EAP_HTTPS_PASSWORD}" + "name": "JGROUPS_ENCRYPT_NAME", + "value": "${JGROUPS_ENCRYPT_NAME}" + }, + { + "name": "JGROUPS_ENCRYPT_PASSWORD", + "value": "${JGROUPS_ENCRYPT_PASSWORD}" + }, + { + "name": "JGROUPS_CLUSTER_PASSWORD", + "value": "${JGROUPS_CLUSTER_PASSWORD}" } ] } @@ -480,7 +560,13 @@ { "name": "eap-keystore-volume", "secret": { - "secretName": "${EAP_HTTPS_SECRET}" + "secretName": "${HTTPS_SECRET}" + } + }, + { + "name": "eap-jgroups-keystore-volume", + "secret": { + "secretName": "${JGROUPS_ENCRYPT_SECRET}" } } ] @@ -512,7 +598,7 @@ "from": { "kind": "ImageStreamTag", "namespace": "${IMAGE_STREAM_NAMESPACE}", - "name": "jboss-amq-62:1.1" + "name": "jboss-amq-62:1.2" } } }, @@ -544,7 +630,7 @@ "command": [ "/bin/bash", "-c", - "curl -s -L -u ${AMQ_ADMIN_USERNAME}:${AMQ_ADMIN_PASSWORD} 'http://localhost:8161/hawtio/jolokia/read/org.apache.activemq:type=Broker,brokerName=*,service=Health/CurrentStatus' | grep -q '\"CurrentStatus\" *: *\"Good\"'" + "/opt/amq/bin/readinessProbe.sh" ] } }, diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-amq-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-amq-s2i.json index a420bb1ea..d321af9c9 100644 --- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-amq-s2i.json +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-amq-s2i.json @@ -6,13 +6,13 @@ "description": "Application template for EAP 6 A-MQ applications built using S2I.", "iconClass": "icon-jboss", "tags": "eap,amq,javaee,java,messaging,jboss,xpaas", - "version": "1.1.0" + "version": "1.2.0" }, "name": "eap64-amq-s2i" }, "labels": { "template": "eap64-amq-s2i", - "xpaas": "1.1.0" + "xpaas": "1.2.0" }, "parameters": [ { @@ -22,21 +22,27 @@ "required": true }, { - "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: ..", - "name": "APPLICATION_DOMAIN", + "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: -.", + "name": "HOSTNAME_HTTP", + "value": "", + "required": false + }, + { + "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure--.", + "name": "HOSTNAME_HTTPS", "value": "", "required": false }, { "description": "Git source URI for application", "name": "SOURCE_REPOSITORY_URL", - "value": "https://github.com/jboss-openshift/openshift-quickstarts.git", + "value": "https://github.com/jboss-developer/jboss-eap-quickstarts.git", "required": true }, { "description": "Git branch/tag reference", "name": "SOURCE_REPOSITORY_REF", - "value": "1.1", + "value": "6.4.x", "required": false }, { @@ -71,25 +77,25 @@ }, { "description": "The name of the secret containing the keystore file", - "name": "EAP_HTTPS_SECRET", + "name": "HTTPS_SECRET", "value": "eap-app-secret", "required": false }, { "description": "The name of the keystore file within the secret", - "name": "EAP_HTTPS_KEYSTORE", + "name": "HTTPS_KEYSTORE", "value": "keystore.jks", "required": false }, { "description": "The name associated with the server certificate", - "name": "EAP_HTTPS_NAME", + "name": "HTTPS_NAME", "value": "", "required": false }, { "description": "The password for the keystore and certificate", - "name": "EAP_HTTPS_PASSWORD", + "name": "HTTPS_PASSWORD", "value": "", "required": false }, @@ -140,6 +146,37 @@ "name": "IMAGE_STREAM_NAMESPACE", "value": "openshift", "required": true + }, + { + "description": "The name of the secret containing the keystore file", + "name": "JGROUPS_ENCRYPT_SECRET", + "value": "eap-app-secret", + "required": false + }, + { + "description": "The name of the keystore file within the secret", + "name": "JGROUPS_ENCRYPT_KEYSTORE", + "value": "jgroups.jceks", + "required": false + }, + { + "description": "The name associated with the server certificate", + "name": "JGROUPS_ENCRYPT_NAME", + "value": "", + "required": false + }, + { + "description": "The password for the keystore and certificate", + "name": "JGROUPS_ENCRYPT_PASSWORD", + "value": "", + "required": false + }, + { + "description": "JGroups cluster password", + "name": "JGROUPS_CLUSTER_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true } ], "objects": [ @@ -229,7 +266,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTP}", "to": { "name": "${APPLICATION_NAME}" } @@ -249,7 +286,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTPS}", "to": { "name": "secure-${APPLICATION_NAME}" }, @@ -293,7 +330,7 @@ "from": { "kind": "ImageStreamTag", "namespace": "${IMAGE_STREAM_NAMESPACE}", - "name": "jboss-eap64-openshift:1.1" + "name": "jboss-eap64-openshift:1.2" } } }, @@ -382,8 +419,22 @@ "name": "eap-keystore-volume", "mountPath": "/etc/eap-secret-volume", "readOnly": true + }, + { + "name": "eap-jgroups-keystore-volume", + "mountPath": "/etc/jgroups-encrypt-secret-volume", + "readOnly": true } ], + "livenessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/eap/bin/livenessProbe.sh" + ] + } + }, "readinessProbe": { "exec": { "command": [ @@ -394,6 +445,11 @@ } }, "ports": [ + { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, { "name": "http", "containerPort": 8080, @@ -452,20 +508,44 @@ } }, { - "name": "EAP_HTTPS_KEYSTORE_DIR", + "name": "HTTPS_KEYSTORE_DIR", "value": "/etc/eap-secret-volume" }, { - "name": "EAP_HTTPS_KEYSTORE", - "value": "${EAP_HTTPS_KEYSTORE}" + "name": "HTTPS_KEYSTORE", + "value": "${HTTPS_KEYSTORE}" + }, + { + "name": "HTTPS_NAME", + "value": "${HTTPS_NAME}" + }, + { + "name": "HTTPS_PASSWORD", + "value": "${HTTPS_PASSWORD}" + }, + { + "name": "JGROUPS_ENCRYPT_SECRET", + "value": "${JGROUPS_ENCRYPT_SECRET}" + }, + { + "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR", + "value": "/etc/jgroups-encrypt-secret-volume" }, { - "name": "EAP_HTTPS_NAME", - "value": "${EAP_HTTPS_NAME}" + "name": "JGROUPS_ENCRYPT_KEYSTORE", + "value": "${JGROUPS_ENCRYPT_KEYSTORE}" }, { - "name": "EAP_HTTPS_PASSWORD", - "value": "${EAP_HTTPS_PASSWORD}" + "name": "JGROUPS_ENCRYPT_NAME", + "value": "${JGROUPS_ENCRYPT_NAME}" + }, + { + "name": "JGROUPS_ENCRYPT_PASSWORD", + "value": "${JGROUPS_ENCRYPT_PASSWORD}" + }, + { + "name": "JGROUPS_CLUSTER_PASSWORD", + "value": "${JGROUPS_CLUSTER_PASSWORD}" } ] } @@ -474,7 +554,13 @@ { "name": "eap-keystore-volume", "secret": { - "secretName": "${EAP_HTTPS_SECRET}" + "secretName": "${HTTPS_SECRET}" + } + }, + { + "name": "eap-jgroups-keystore-volume", + "secret": { + "secretName": "${JGROUPS_ENCRYPT_SECRET}" } } ] @@ -506,7 +592,7 @@ "from": { "kind": "ImageStreamTag", "namespace": "${IMAGE_STREAM_NAMESPACE}", - "name": "jboss-amq-62:1.1" + "name": "jboss-amq-62:1.2" } } }, @@ -538,7 +624,7 @@ "command": [ "/bin/bash", "-c", - "curl -s -L -u ${AMQ_ADMIN_USERNAME}:${AMQ_ADMIN_PASSWORD} 'http://localhost:8161/hawtio/jolokia/read/org.apache.activemq:type=Broker,brokerName=*,service=Health/CurrentStatus' | grep -q '\"CurrentStatus\" *: *\"Good\"'" + "/opt/amq/bin/readinessProbe.sh" ] } }, diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-basic-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-basic-s2i.json index 3f90eb8be..2e3849e2a 100644 --- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-basic-s2i.json +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-basic-s2i.json @@ -6,13 +6,13 @@ "iconClass": "icon-jboss", "description": "Application template for EAP 6 applications built using S2I.", "tags": "eap,javaee,java,jboss,xpaas", - "version": "1.1.0" + "version": "1.2.0" }, "name": "eap64-basic-s2i" }, "labels": { "template": "eap64-basic-s2i", - "xpaas": "1.1.0" + "xpaas": "1.2.0" }, "parameters": [ { @@ -22,8 +22,8 @@ "required": true }, { - "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: ..", - "name": "APPLICATION_DOMAIN", + "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: -.", + "name": "HOSTNAME_HTTP", "value": "", "required": false }, @@ -83,6 +83,13 @@ "name": "IMAGE_STREAM_NAMESPACE", "value": "openshift", "required": true + }, + { + "description": "JGroups cluster password", + "name": "JGROUPS_CLUSTER_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true } ], "objects": [ @@ -124,7 +131,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTP}", "to": { "name": "${APPLICATION_NAME}" } @@ -165,7 +172,7 @@ "from": { "kind": "ImageStreamTag", "namespace": "${IMAGE_STREAM_NAMESPACE}", - "name": "jboss-eap64-openshift:1.1" + "name": "jboss-eap64-openshift:1.2" } } }, @@ -248,6 +255,15 @@ "name": "${APPLICATION_NAME}", "image": "${APPLICATION_NAME}", "imagePullPolicy": "Always", + "livenessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/eap/bin/livenessProbe.sh" + ] + } + }, "readinessProbe": { "exec": { "command": [ @@ -258,6 +274,11 @@ } }, "ports": [ + { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, { "name": "http", "containerPort": 8080, @@ -293,6 +314,10 @@ { "name": "HORNETQ_TOPICS", "value": "${HORNETQ_TOPICS}" + }, + { + "name": "JGROUPS_CLUSTER_PASSWORD", + "value": "${JGROUPS_CLUSTER_PASSWORD}" } ] } @@ -302,4 +327,4 @@ } } ] -} \ No newline at end of file +} diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-https-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-https-s2i.json index 220d2f5b9..54514cb6b 100644 --- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-https-s2i.json +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-https-s2i.json @@ -6,13 +6,13 @@ "iconClass": "icon-jboss", "description": "Application template for EAP 6 applications built using S2I.", "tags": "eap,javaee,java,jboss,xpaas", - "version": "1.1.0" + "version": "1.2.0" }, "name": "eap64-https-s2i" }, "labels": { "template": "eap64-https-s2i", - "xpaas": "1.1.0" + "xpaas": "1.2.0" }, "parameters": [ { @@ -22,8 +22,14 @@ "required": true }, { - "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: ..", - "name": "APPLICATION_DOMAIN", + "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: -.", + "name": "HOSTNAME_HTTP", + "value": "", + "required": false + }, + { + "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure--.", + "name": "HOSTNAME_HTTPS", "value": "", "required": false }, @@ -59,25 +65,25 @@ }, { "description": "The name of the secret containing the keystore file", - "name": "EAP_HTTPS_SECRET", + "name": "HTTPS_SECRET", "value": "eap-app-secret", "required": true }, { "description": "The name of the keystore file within the secret", - "name": "EAP_HTTPS_KEYSTORE", + "name": "HTTPS_KEYSTORE", "value": "keystore.jks", "required": false }, { "description": "The name associated with the server certificate", - "name": "EAP_HTTPS_NAME", + "name": "HTTPS_NAME", "value": "", "required": false }, { "description": "The password for the keystore and certificate", - "name": "EAP_HTTPS_PASSWORD", + "name": "HTTPS_PASSWORD", "value": "", "required": false }, @@ -107,6 +113,37 @@ "name": "IMAGE_STREAM_NAMESPACE", "value": "openshift", "required": true + }, + { + "description": "The name of the secret containing the keystore file", + "name": "JGROUPS_ENCRYPT_SECRET", + "value": "eap-app-secret", + "required": false + }, + { + "description": "The name of the keystore file within the secret", + "name": "JGROUPS_ENCRYPT_KEYSTORE", + "value": "jgroups.jceks", + "required": false + }, + { + "description": "The name associated with the server certificate", + "name": "JGROUPS_ENCRYPT_NAME", + "value": "", + "required": false + }, + { + "description": "The password for the keystore and certificate", + "name": "JGROUPS_ENCRYPT_PASSWORD", + "value": "", + "required": false + }, + { + "description": "JGroups cluster password", + "name": "JGROUPS_CLUSTER_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true } ], "objects": [ @@ -172,7 +209,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTP}", "to": { "name": "${APPLICATION_NAME}" } @@ -192,7 +229,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTPS}", "to": { "name": "secure-${APPLICATION_NAME}" }, @@ -236,7 +273,7 @@ "from": { "kind": "ImageStreamTag", "namespace": "${IMAGE_STREAM_NAMESPACE}", - "name": "jboss-eap64-openshift:1.1" + "name": "jboss-eap64-openshift:1.2" } } }, @@ -325,8 +362,22 @@ "name": "eap-keystore-volume", "mountPath": "/etc/eap-secret-volume", "readOnly": true + }, + { + "name": "eap-jgroups-keystore-volume", + "mountPath": "/etc/jgroups-encrypt-secret-volume", + "readOnly": true } ], + "livenessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/eap/bin/livenessProbe.sh" + ] + } + }, "readinessProbe": { "exec": { "command": [ @@ -337,6 +388,11 @@ } }, "ports": [ + { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, { "name": "http", "containerPort": 8080, @@ -367,20 +423,20 @@ } }, { - "name": "EAP_HTTPS_KEYSTORE_DIR", + "name": "HTTPS_KEYSTORE_DIR", "value": "/etc/eap-secret-volume" }, { - "name": "EAP_HTTPS_KEYSTORE", - "value": "${EAP_HTTPS_KEYSTORE}" + "name": "HTTPS_KEYSTORE", + "value": "${HTTPS_KEYSTORE}" }, { - "name": "EAP_HTTPS_NAME", - "value": "${EAP_HTTPS_NAME}" + "name": "HTTPS_NAME", + "value": "${HTTPS_NAME}" }, { - "name": "EAP_HTTPS_PASSWORD", - "value": "${EAP_HTTPS_PASSWORD}" + "name": "HTTPS_PASSWORD", + "value": "${HTTPS_PASSWORD}" }, { "name": "HORNETQ_CLUSTER_PASSWORD", @@ -393,6 +449,30 @@ { "name": "HORNETQ_TOPICS", "value": "${HORNETQ_TOPICS}" + }, + { + "name": "JGROUPS_ENCRYPT_SECRET", + "value": "${JGROUPS_ENCRYPT_SECRET}" + }, + { + "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR", + "value": "/etc/jgroups-encrypt-secret-volume" + }, + { + "name": "JGROUPS_ENCRYPT_KEYSTORE", + "value": "${JGROUPS_ENCRYPT_KEYSTORE}" + }, + { + "name": "JGROUPS_ENCRYPT_NAME", + "value": "${JGROUPS_ENCRYPT_NAME}" + }, + { + "name": "JGROUPS_ENCRYPT_PASSWORD", + "value": "${JGROUPS_ENCRYPT_PASSWORD}" + }, + { + "name": "JGROUPS_CLUSTER_PASSWORD", + "value": "${JGROUPS_CLUSTER_PASSWORD}" } ] } @@ -401,7 +481,13 @@ { "name": "eap-keystore-volume", "secret": { - "secretName": "${EAP_HTTPS_SECRET}" + "secretName": "${HTTPS_SECRET}" + } + }, + { + "name": "eap-jgroups-keystore-volume", + "secret": { + "secretName": "${JGROUPS_ENCRYPT_SECRET}" } } ] @@ -410,4 +496,4 @@ } } ] -} \ No newline at end of file +} diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-mongodb-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-mongodb-persistent-s2i.json index a1a3a9f2c..2c0f21ae3 100644 --- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-mongodb-persistent-s2i.json +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-mongodb-persistent-s2i.json @@ -6,13 +6,13 @@ "description": "Application template for EAP 6 MongDB applications with persistent storage built using S2I.", "iconClass": "icon-jboss", "tags": "eap,mongodb,javaee,java,database,jboss,xpaas", - "version": "1.1.0" + "version": "1.2.0" }, "name": "eap64-mongodb-persistent-s2i" }, "labels": { "template": "eap64-mongodb-persistent-s2i", - "xpaas": "1.1.0" + "xpaas": "1.2.0" }, "parameters": [ { @@ -22,8 +22,14 @@ "required": true }, { - "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: ..", - "name": "APPLICATION_DOMAIN", + "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: -.", + "name": "HOSTNAME_HTTP", + "value": "", + "required": false + }, + { + "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure--.", + "name": "HOSTNAME_HTTPS", "value": "", "required": false }, @@ -36,7 +42,7 @@ { "description": "Git branch/tag reference", "name": "SOURCE_REPOSITORY_REF", - "value": "1.1", + "value": "1.2", "required": false }, { @@ -77,25 +83,25 @@ }, { "description": "The name of the secret containing the keystore file", - "name": "EAP_HTTPS_SECRET", + "name": "HTTPS_SECRET", "value": "eap-app-secret", "required": false }, { "description": "The name of the keystore file within the secret", - "name": "EAP_HTTPS_KEYSTORE", + "name": "HTTPS_KEYSTORE", "value": "keystore.jks", "required": false }, { "description": "The name associated with the server certificate", - "name": "EAP_HTTPS_NAME", + "name": "HTTPS_NAME", "value": "", "required": false }, { "description": "The password for the keystore and certificate", - "name": "EAP_HTTPS_PASSWORD", + "name": "HTTPS_PASSWORD", "value": "", "required": false }, @@ -176,6 +182,37 @@ "name": "IMAGE_STREAM_NAMESPACE", "value": "openshift", "required": true + }, + { + "description": "The name of the secret containing the keystore file", + "name": "JGROUPS_ENCRYPT_SECRET", + "value": "eap-app-secret", + "required": false + }, + { + "description": "The name of the keystore file within the secret", + "name": "JGROUPS_ENCRYPT_KEYSTORE", + "value": "jgroups.jceks", + "required": false + }, + { + "description": "The name associated with the server certificate", + "name": "JGROUPS_ENCRYPT_NAME", + "value": "", + "required": false + }, + { + "description": "The password for the keystore and certificate", + "name": "JGROUPS_ENCRYPT_PASSWORD", + "value": "", + "required": false + }, + { + "description": "JGroups cluster password", + "name": "JGROUPS_CLUSTER_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true } ], "objects": [ @@ -265,7 +302,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTP}", "to": { "name": "${APPLICATION_NAME}" } @@ -285,7 +322,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTPS}", "to": { "name": "secure-${APPLICATION_NAME}" }, @@ -329,7 +366,7 @@ "from": { "kind": "ImageStreamTag", "namespace": "${IMAGE_STREAM_NAMESPACE}", - "name": "jboss-eap64-openshift:1.1" + "name": "jboss-eap64-openshift:1.2" } } }, @@ -418,8 +455,22 @@ "name": "eap-keystore-volume", "mountPath": "/etc/eap-secret-volume", "readOnly": true + }, + { + "name": "eap-jgroups-keystore-volume", + "mountPath": "/etc/jgroups-encrypt-secret-volume", + "readOnly": true } ], + "livenessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/eap/bin/livenessProbe.sh" + ] + } + }, "readinessProbe": { "exec": { "command": [ @@ -430,6 +481,11 @@ } }, "ports": [ + { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, { "name": "http", "containerPort": 8080, @@ -496,20 +552,20 @@ } }, { - "name": "EAP_HTTPS_KEYSTORE_DIR", + "name": "HTTPS_KEYSTORE_DIR", "value": "/etc/eap-secret-volume" }, { - "name": "EAP_HTTPS_KEYSTORE", - "value": "${EAP_HTTPS_KEYSTORE}" + "name": "HTTPS_KEYSTORE", + "value": "${HTTPS_KEYSTORE}" }, { - "name": "EAP_HTTPS_NAME", - "value": "${EAP_HTTPS_NAME}" + "name": "HTTPS_NAME", + "value": "${HTTPS_NAME}" }, { - "name": "EAP_HTTPS_PASSWORD", - "value": "${EAP_HTTPS_PASSWORD}" + "name": "HTTPS_PASSWORD", + "value": "${HTTPS_PASSWORD}" }, { "name": "HORNETQ_CLUSTER_PASSWORD", @@ -522,6 +578,30 @@ { "name": "HORNETQ_TOPICS", "value": "${HORNETQ_TOPICS}" + }, + { + "name": "JGROUPS_ENCRYPT_SECRET", + "value": "${JGROUPS_ENCRYPT_SECRET}" + }, + { + "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR", + "value": "/etc/jgroups-encrypt-secret-volume" + }, + { + "name": "JGROUPS_ENCRYPT_KEYSTORE", + "value": "${JGROUPS_ENCRYPT_KEYSTORE}" + }, + { + "name": "JGROUPS_ENCRYPT_NAME", + "value": "${JGROUPS_ENCRYPT_NAME}" + }, + { + "name": "JGROUPS_ENCRYPT_PASSWORD", + "value": "${JGROUPS_ENCRYPT_PASSWORD}" + }, + { + "name": "JGROUPS_CLUSTER_PASSWORD", + "value": "${JGROUPS_CLUSTER_PASSWORD}" } ] } @@ -530,7 +610,13 @@ { "name": "eap-keystore-volume", "secret": { - "secretName": "${EAP_HTTPS_SECRET}" + "secretName": "${HTTPS_SECRET}" + } + }, + { + "name": "eap-jgroups-keystore-volume", + "secret": { + "secretName": "${JGROUPS_ENCRYPT_SECRET}" } } ] @@ -666,4 +752,4 @@ } } ] -} \ No newline at end of file +} diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-mongodb-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-mongodb-s2i.json index dfd1443ed..6f604d29e 100644 --- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-mongodb-s2i.json +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-mongodb-s2i.json @@ -6,13 +6,13 @@ "description": "Application template for EAP 6 MongDB applications built using S2I.", "iconClass": "icon-jboss", "tags": "eap,mongodb,javaee,java,database,jboss,xpaas", - "version": "1.1.0" + "version": "1.2.0" }, "name": "eap64-mongodb-s2i" }, "labels": { "template": "eap64-mongodb-s2i", - "xpaas": "1.1.0" + "xpaas": "1.2.0" }, "parameters": [ { @@ -22,8 +22,14 @@ "required": true }, { - "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: ..", - "name": "APPLICATION_DOMAIN", + "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: -.", + "name": "HOSTNAME_HTTP", + "value": "", + "required": false + }, + { + "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure--.", + "name": "HOSTNAME_HTTPS", "value": "", "required": false }, @@ -36,7 +42,7 @@ { "description": "Git branch/tag reference", "name": "SOURCE_REPOSITORY_REF", - "value": "1.1", + "value": "1.2", "required": false }, { @@ -71,25 +77,25 @@ }, { "description": "The name of the secret containing the keystore file", - "name": "EAP_HTTPS_SECRET", + "name": "HTTPS_SECRET", "value": "eap-app-secret", "required": false }, { "description": "The name of the keystore file within the secret", - "name": "EAP_HTTPS_KEYSTORE", + "name": "HTTPS_KEYSTORE", "value": "keystore.jks", "required": false }, { "description": "The name associated with the server certificate", - "name": "EAP_HTTPS_NAME", + "name": "HTTPS_NAME", "value": "", "required": false }, { "description": "The password for the keystore and certificate", - "name": "EAP_HTTPS_PASSWORD", + "name": "HTTPS_PASSWORD", "value": "", "required": false }, @@ -170,6 +176,37 @@ "name": "IMAGE_STREAM_NAMESPACE", "value": "openshift", "required": true + }, + { + "description": "The name of the secret containing the keystore file", + "name": "JGROUPS_ENCRYPT_SECRET", + "value": "eap-app-secret", + "required": false + }, + { + "description": "The name of the keystore file within the secret", + "name": "JGROUPS_ENCRYPT_KEYSTORE", + "value": "jgroups.jceks", + "required": false + }, + { + "description": "The name associated with the server certificate", + "name": "JGROUPS_ENCRYPT_NAME", + "value": "", + "required": false + }, + { + "description": "The password for the keystore and certificate", + "name": "JGROUPS_ENCRYPT_PASSWORD", + "value": "", + "required": false + }, + { + "description": "JGroups cluster password", + "name": "JGROUPS_CLUSTER_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true } ], "objects": [ @@ -259,7 +296,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTP}", "to": { "name": "${APPLICATION_NAME}" } @@ -279,7 +316,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTPS}", "to": { "name": "secure-${APPLICATION_NAME}" }, @@ -323,7 +360,7 @@ "from": { "kind": "ImageStreamTag", "namespace": "${IMAGE_STREAM_NAMESPACE}", - "name": "jboss-eap64-openshift:1.1" + "name": "jboss-eap64-openshift:1.2" } } }, @@ -412,8 +449,22 @@ "name": "eap-keystore-volume", "mountPath": "/etc/eap-secret-volume", "readOnly": true + }, + { + "name": "eap-jgroups-keystore-volume", + "mountPath": "/etc/jgroups-encrypt-secret-volume", + "readOnly": true } ], + "livenessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/eap/bin/livenessProbe.sh" + ] + } + }, "readinessProbe": { "exec": { "command": [ @@ -424,6 +475,11 @@ } }, "ports": [ + { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, { "name": "http", "containerPort": 8080, @@ -490,20 +546,20 @@ } }, { - "name": "EAP_HTTPS_KEYSTORE_DIR", + "name": "HTTPS_KEYSTORE_DIR", "value": "/etc/eap-secret-volume" }, { - "name": "EAP_HTTPS_KEYSTORE", - "value": "${EAP_HTTPS_KEYSTORE}" + "name": "HTTPS_KEYSTORE", + "value": "${HTTPS_KEYSTORE}" }, { - "name": "EAP_HTTPS_NAME", - "value": "${EAP_HTTPS_NAME}" + "name": "HTTPS_NAME", + "value": "${HTTPS_NAME}" }, { - "name": "EAP_HTTPS_PASSWORD", - "value": "${EAP_HTTPS_PASSWORD}" + "name": "HTTPS_PASSWORD", + "value": "${HTTPS_PASSWORD}" }, { "name": "HORNETQ_CLUSTER_PASSWORD", @@ -516,6 +572,30 @@ { "name": "HORNETQ_TOPICS", "value": "${HORNETQ_TOPICS}" + }, + { + "name": "JGROUPS_ENCRYPT_SECRET", + "value": "${JGROUPS_ENCRYPT_SECRET}" + }, + { + "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR", + "value": "/etc/jgroups-encrypt-secret-volume" + }, + { + "name": "JGROUPS_ENCRYPT_KEYSTORE", + "value": "${JGROUPS_ENCRYPT_KEYSTORE}" + }, + { + "name": "JGROUPS_ENCRYPT_NAME", + "value": "${JGROUPS_ENCRYPT_NAME}" + }, + { + "name": "JGROUPS_ENCRYPT_PASSWORD", + "value": "${JGROUPS_ENCRYPT_PASSWORD}" + }, + { + "name": "JGROUPS_CLUSTER_PASSWORD", + "value": "${JGROUPS_CLUSTER_PASSWORD}" } ] } @@ -524,7 +604,13 @@ { "name": "eap-keystore-volume", "secret": { - "secretName": "${EAP_HTTPS_SECRET}" + "secretName": "${HTTPS_SECRET}" + } + }, + { + "name": "eap-jgroups-keystore-volume", + "secret": { + "secretName": "${JGROUPS_ENCRYPT_SECRET}" } } ] @@ -626,4 +712,4 @@ } } ] -} \ No newline at end of file +} diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-mysql-persistent-s2i.json index fdd368a5f..d2631580b 100644 --- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-mysql-persistent-s2i.json +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-mysql-persistent-s2i.json @@ -6,13 +6,13 @@ "description": "Application template for EAP 6 MySQL applications with persistent storage built using S2I.", "iconClass": "icon-jboss", "tags": "eap,mysql,javaee,java,database,jboss,xpaas", - "version": "1.1.0" + "version": "1.2.0" }, "name": "eap64-mysql-persistent-s2i" }, "labels": { "template": "eap64-mysql-persistent-s2i", - "xpaas": "1.1.0" + "xpaas": "1.2.0" }, "parameters": [ { @@ -22,8 +22,14 @@ "required": true }, { - "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: ..", - "name": "APPLICATION_DOMAIN", + "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: -.", + "name": "HOSTNAME_HTTP", + "value": "", + "required": false + }, + { + "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure--.", + "name": "HOSTNAME_HTTPS", "value": "", "required": false }, @@ -36,7 +42,7 @@ { "description": "Git branch/tag reference", "name": "SOURCE_REPOSITORY_REF", - "value": "1.1", + "value": "1.2", "required": false }, { @@ -77,25 +83,25 @@ }, { "description": "The name of the secret containing the keystore file", - "name": "EAP_HTTPS_SECRET", + "name": "HTTPS_SECRET", "value": "eap-app-secret", "required": false }, { "description": "The name of the keystore file within the secret", - "name": "EAP_HTTPS_KEYSTORE", + "name": "HTTPS_KEYSTORE", "value": "keystore.jks", "required": false }, { "description": "The name associated with the server certificate", - "name": "EAP_HTTPS_NAME", + "name": "HTTPS_NAME", "value": "", "required": false }, { "description": "The password for the keystore and certificate", - "name": "EAP_HTTPS_PASSWORD", + "name": "HTTPS_PASSWORD", "value": "", "required": false }, @@ -179,6 +185,37 @@ "name": "IMAGE_STREAM_NAMESPACE", "value": "openshift", "required": true + }, + { + "description": "The name of the secret containing the keystore file", + "name": "JGROUPS_ENCRYPT_SECRET", + "value": "eap-app-secret", + "required": false + }, + { + "description": "The name of the keystore file within the secret", + "name": "JGROUPS_ENCRYPT_KEYSTORE", + "value": "jgroups.jceks", + "required": false + }, + { + "description": "The name associated with the server certificate", + "name": "JGROUPS_ENCRYPT_NAME", + "value": "", + "required": false + }, + { + "description": "The password for the keystore and certificate", + "name": "JGROUPS_ENCRYPT_PASSWORD", + "value": "", + "required": false + }, + { + "description": "JGroups cluster password", + "name": "JGROUPS_CLUSTER_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true } ], "objects": [ @@ -268,7 +305,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTP}", "to": { "name": "${APPLICATION_NAME}" } @@ -288,7 +325,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTPS}", "to": { "name": "secure-${APPLICATION_NAME}" }, @@ -332,7 +369,7 @@ "from": { "kind": "ImageStreamTag", "namespace": "${IMAGE_STREAM_NAMESPACE}", - "name": "jboss-eap64-openshift:1.1" + "name": "jboss-eap64-openshift:1.2" } } }, @@ -421,8 +458,22 @@ "name": "eap-keystore-volume", "mountPath": "/etc/eap-secret-volume", "readOnly": true + }, + { + "name": "eap-jgroups-keystore-volume", + "mountPath": "/etc/jgroups-encrypt-secret-volume", + "readOnly": true } ], + "livenessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/eap/bin/livenessProbe.sh" + ] + } + }, "readinessProbe": { "exec": { "command": [ @@ -433,6 +484,11 @@ } }, "ports": [ + { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, { "name": "http", "containerPort": 8080, @@ -499,20 +555,20 @@ } }, { - "name": "EAP_HTTPS_KEYSTORE_DIR", + "name": "HTTPS_KEYSTORE_DIR", "value": "/etc/eap-secret-volume" }, { - "name": "EAP_HTTPS_KEYSTORE", - "value": "${EAP_HTTPS_KEYSTORE}" + "name": "HTTPS_KEYSTORE", + "value": "${HTTPS_KEYSTORE}" }, { - "name": "EAP_HTTPS_NAME", - "value": "${EAP_HTTPS_NAME}" + "name": "HTTPS_NAME", + "value": "${HTTPS_NAME}" }, { - "name": "EAP_HTTPS_PASSWORD", - "value": "${EAP_HTTPS_PASSWORD}" + "name": "HTTPS_PASSWORD", + "value": "${HTTPS_PASSWORD}" }, { "name": "HORNETQ_CLUSTER_PASSWORD", @@ -525,6 +581,30 @@ { "name": "HORNETQ_TOPICS", "value": "${HORNETQ_TOPICS}" + }, + { + "name": "JGROUPS_ENCRYPT_SECRET", + "value": "${JGROUPS_ENCRYPT_SECRET}" + }, + { + "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR", + "value": "/etc/jgroups-encrypt-secret-volume" + }, + { + "name": "JGROUPS_ENCRYPT_KEYSTORE", + "value": "${JGROUPS_ENCRYPT_KEYSTORE}" + }, + { + "name": "JGROUPS_ENCRYPT_NAME", + "value": "${JGROUPS_ENCRYPT_NAME}" + }, + { + "name": "JGROUPS_ENCRYPT_PASSWORD", + "value": "${JGROUPS_ENCRYPT_PASSWORD}" + }, + { + "name": "JGROUPS_CLUSTER_PASSWORD", + "value": "${JGROUPS_CLUSTER_PASSWORD}" } ] } @@ -533,7 +613,13 @@ { "name": "eap-keystore-volume", "secret": { - "secretName": "${EAP_HTTPS_SECRET}" + "secretName": "${HTTPS_SECRET}" + } + }, + { + "name": "eap-jgroups-keystore-volume", + "secret": { + "secretName": "${JGROUPS_ENCRYPT_SECRET}" } } ] @@ -673,4 +759,4 @@ } } ] -} \ No newline at end of file +} diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-mysql-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-mysql-s2i.json index ff6bdc112..ba6a32fec 100644 --- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-mysql-s2i.json +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-mysql-s2i.json @@ -6,13 +6,13 @@ "description": "Application template for EAP 6 MySQL applications built using S2I.", "iconClass": "icon-jboss", "tags": "eap,mysql,javaee,java,database,jboss,xpaas", - "version": "1.1.0" + "version": "1.2.0" }, "name": "eap64-mysql-s2i" }, "labels": { "template": "eap64-mysql-s2i", - "xpaas": "1.1.0" + "xpaas": "1.2.0" }, "parameters": [ { @@ -22,8 +22,14 @@ "required": true }, { - "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: ..", - "name": "APPLICATION_DOMAIN", + "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: -.", + "name": "HOSTNAME_HTTP", + "value": "", + "required": false + }, + { + "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure--.", + "name": "HOSTNAME_HTTPS", "value": "", "required": false }, @@ -36,7 +42,7 @@ { "description": "Git branch/tag reference", "name": "SOURCE_REPOSITORY_REF", - "value": "1.1", + "value": "1.2", "required": false }, { @@ -71,25 +77,25 @@ }, { "description": "The name of the secret containing the keystore file", - "name": "EAP_HTTPS_SECRET", + "name": "HTTPS_SECRET", "value": "eap-app-secret", "required": false }, { "description": "The name of the keystore file within the secret", - "name": "EAP_HTTPS_KEYSTORE", + "name": "HTTPS_KEYSTORE", "value": "keystore.jks", "required": false }, { "description": "The name associated with the server certificate", - "name": "EAP_HTTPS_NAME", + "name": "HTTPS_NAME", "value": "", "required": false }, { "description": "The password for the keystore and certificate", - "name": "EAP_HTTPS_PASSWORD", + "name": "HTTPS_PASSWORD", "value": "", "required": false }, @@ -173,6 +179,37 @@ "name": "IMAGE_STREAM_NAMESPACE", "value": "openshift", "required": true + }, + { + "description": "The name of the secret containing the keystore file", + "name": "JGROUPS_ENCRYPT_SECRET", + "value": "eap-app-secret", + "required": false + }, + { + "description": "The name of the keystore file within the secret", + "name": "JGROUPS_ENCRYPT_KEYSTORE", + "value": "jgroups.jceks", + "required": false + }, + { + "description": "The name associated with the server certificate", + "name": "JGROUPS_ENCRYPT_NAME", + "value": "", + "required": false + }, + { + "description": "The password for the keystore and certificate", + "name": "JGROUPS_ENCRYPT_PASSWORD", + "value": "", + "required": false + }, + { + "description": "JGroups cluster password", + "name": "JGROUPS_CLUSTER_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true } ], "objects": [ @@ -262,7 +299,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTP}", "to": { "name": "${APPLICATION_NAME}" } @@ -282,7 +319,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTPS}", "to": { "name": "secure-${APPLICATION_NAME}" }, @@ -326,7 +363,7 @@ "from": { "kind": "ImageStreamTag", "namespace": "${IMAGE_STREAM_NAMESPACE}", - "name": "jboss-eap64-openshift:1.1" + "name": "jboss-eap64-openshift:1.2" } } }, @@ -415,8 +452,22 @@ "name": "eap-keystore-volume", "mountPath": "/etc/eap-secret-volume", "readOnly": true + }, + { + "name": "eap-jgroups-keystore-volume", + "mountPath": "/etc/jgroups-encrypt-secret-volume", + "readOnly": true } ], + "livenessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/eap/bin/livenessProbe.sh" + ] + } + }, "readinessProbe": { "exec": { "command": [ @@ -427,6 +478,11 @@ } }, "ports": [ + { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, { "name": "http", "containerPort": 8080, @@ -493,20 +549,20 @@ } }, { - "name": "EAP_HTTPS_KEYSTORE_DIR", + "name": "HTTPS_KEYSTORE_DIR", "value": "/etc/eap-secret-volume" }, { - "name": "EAP_HTTPS_KEYSTORE", - "value": "${EAP_HTTPS_KEYSTORE}" + "name": "HTTPS_KEYSTORE", + "value": "${HTTPS_KEYSTORE}" }, { - "name": "EAP_HTTPS_NAME", - "value": "${EAP_HTTPS_NAME}" + "name": "HTTPS_NAME", + "value": "${HTTPS_NAME}" }, { - "name": "EAP_HTTPS_PASSWORD", - "value": "${EAP_HTTPS_PASSWORD}" + "name": "HTTPS_PASSWORD", + "value": "${HTTPS_PASSWORD}" }, { "name": "HORNETQ_CLUSTER_PASSWORD", @@ -519,6 +575,30 @@ { "name": "HORNETQ_TOPICS", "value": "${HORNETQ_TOPICS}" + }, + { + "name": "JGROUPS_ENCRYPT_SECRET", + "value": "${JGROUPS_ENCRYPT_SECRET}" + }, + { + "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR", + "value": "/etc/jgroups-encrypt-secret-volume" + }, + { + "name": "JGROUPS_ENCRYPT_KEYSTORE", + "value": "${JGROUPS_ENCRYPT_KEYSTORE}" + }, + { + "name": "JGROUPS_ENCRYPT_NAME", + "value": "${JGROUPS_ENCRYPT_NAME}" + }, + { + "name": "JGROUPS_ENCRYPT_PASSWORD", + "value": "${JGROUPS_ENCRYPT_PASSWORD}" + }, + { + "name": "JGROUPS_CLUSTER_PASSWORD", + "value": "${JGROUPS_CLUSTER_PASSWORD}" } ] } @@ -527,7 +607,13 @@ { "name": "eap-keystore-volume", "secret": { - "secretName": "${EAP_HTTPS_SECRET}" + "secretName": "${HTTPS_SECRET}" + } + }, + { + "name": "eap-jgroups-keystore-volume", + "secret": { + "secretName": "${JGROUPS_ENCRYPT_SECRET}" } } ] @@ -633,4 +719,4 @@ } } ] -} \ No newline at end of file +} diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-postgresql-persistent-s2i.json index 6443afdb0..670260769 100644 --- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-postgresql-persistent-s2i.json +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-postgresql-persistent-s2i.json @@ -6,13 +6,13 @@ "description": "Application template for EAP 6 PostgreSQL applications with persistent storage built using S2I.", "iconClass": "icon-jboss", "tags": "eap,postgresql,javaee,java,database,jboss,xpaas", - "version": "1.1.0" + "version": "1.2.0" }, "name": "eap64-postgresql-persistent-s2i" }, "labels": { "template": "eap64-postgresql-persistent-s2i", - "xpaas": "1.1.0" + "xpaas": "1.2.0" }, "parameters": [ { @@ -22,8 +22,14 @@ "required": true }, { - "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: ..", - "name": "APPLICATION_DOMAIN", + "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: -.", + "name": "HOSTNAME_HTTP", + "value": "", + "required": false + }, + { + "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure--.", + "name": "HOSTNAME_HTTPS", "value": "", "required": false }, @@ -36,7 +42,7 @@ { "description": "Git branch/tag reference", "name": "SOURCE_REPOSITORY_REF", - "value": "1.1", + "value": "1.2", "required": false }, { @@ -77,25 +83,25 @@ }, { "description": "The name of the secret containing the keystore file", - "name": "EAP_HTTPS_SECRET", + "name": "HTTPS_SECRET", "value": "eap-app-secret", "required": false }, { "description": "The name of the keystore file within the secret", - "name": "EAP_HTTPS_KEYSTORE", + "name": "HTTPS_KEYSTORE", "value": "keystore.jks", "required": false }, { "description": "The name associated with the server certificate", - "name": "EAP_HTTPS_NAME", + "name": "HTTPS_NAME", "value": "", "required": false }, { "description": "The password for the keystore and certificate", - "name": "EAP_HTTPS_PASSWORD", + "name": "HTTPS_PASSWORD", "value": "", "required": false }, @@ -164,6 +170,37 @@ "name": "IMAGE_STREAM_NAMESPACE", "value": "openshift", "required": true + }, + { + "description": "The name of the secret containing the keystore file", + "name": "JGROUPS_ENCRYPT_SECRET", + "value": "eap-app-secret", + "required": false + }, + { + "description": "The name of the keystore file within the secret", + "name": "JGROUPS_ENCRYPT_KEYSTORE", + "value": "jgroups.jceks", + "required": false + }, + { + "description": "The name associated with the server certificate", + "name": "JGROUPS_ENCRYPT_NAME", + "value": "", + "required": false + }, + { + "description": "The password for the keystore and certificate", + "name": "JGROUPS_ENCRYPT_PASSWORD", + "value": "", + "required": false + }, + { + "description": "JGroups cluster password", + "name": "JGROUPS_CLUSTER_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true } ], "objects": [ @@ -253,7 +290,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTP}", "to": { "name": "${APPLICATION_NAME}" } @@ -273,7 +310,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTPS}", "to": { "name": "secure-${APPLICATION_NAME}" }, @@ -317,7 +354,7 @@ "from": { "kind": "ImageStreamTag", "namespace": "${IMAGE_STREAM_NAMESPACE}", - "name": "jboss-eap64-openshift:1.1" + "name": "jboss-eap64-openshift:1.2" } } }, @@ -406,8 +443,22 @@ "name": "eap-keystore-volume", "mountPath": "/etc/eap-secret-volume", "readOnly": true + }, + { + "name": "eap-jgroups-keystore-volume", + "mountPath": "/etc/jgroups-encrypt-secret-volume", + "readOnly": true } ], + "livenessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/eap/bin/livenessProbe.sh" + ] + } + }, "readinessProbe": { "exec": { "command": [ @@ -418,6 +469,11 @@ } }, "ports": [ + { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, { "name": "http", "containerPort": 8080, @@ -484,20 +540,20 @@ } }, { - "name": "EAP_HTTPS_KEYSTORE_DIR", + "name": "HTTPS_KEYSTORE_DIR", "value": "/etc/eap-secret-volume" }, { - "name": "EAP_HTTPS_KEYSTORE", - "value": "${EAP_HTTPS_KEYSTORE}" + "name": "HTTPS_KEYSTORE", + "value": "${HTTPS_KEYSTORE}" }, { - "name": "EAP_HTTPS_NAME", - "value": "${EAP_HTTPS_NAME}" + "name": "HTTPS_NAME", + "value": "${HTTPS_NAME}" }, { - "name": "EAP_HTTPS_PASSWORD", - "value": "${EAP_HTTPS_PASSWORD}" + "name": "HTTPS_PASSWORD", + "value": "${HTTPS_PASSWORD}" }, { "name": "HORNETQ_CLUSTER_PASSWORD", @@ -510,6 +566,30 @@ { "name": "HORNETQ_TOPICS", "value": "${HORNETQ_TOPICS}" + }, + { + "name": "JGROUPS_ENCRYPT_SECRET", + "value": "${JGROUPS_ENCRYPT_SECRET}" + }, + { + "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR", + "value": "/etc/jgroups-encrypt-secret-volume" + }, + { + "name": "JGROUPS_ENCRYPT_KEYSTORE", + "value": "${JGROUPS_ENCRYPT_KEYSTORE}" + }, + { + "name": "JGROUPS_ENCRYPT_NAME", + "value": "${JGROUPS_ENCRYPT_NAME}" + }, + { + "name": "JGROUPS_ENCRYPT_PASSWORD", + "value": "${JGROUPS_ENCRYPT_PASSWORD}" + }, + { + "name": "JGROUPS_CLUSTER_PASSWORD", + "value": "${JGROUPS_CLUSTER_PASSWORD}" } ] } @@ -518,7 +598,13 @@ { "name": "eap-keystore-volume", "secret": { - "secretName": "${EAP_HTTPS_SECRET}" + "secretName": "${HTTPS_SECRET}" + } + }, + { + "name": "eap-jgroups-keystore-volume", + "secret": { + "secretName": "${JGROUPS_ENCRYPT_SECRET}" } } ] @@ -646,4 +732,4 @@ } } ] -} \ No newline at end of file +} diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-postgresql-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-postgresql-s2i.json index e879e51cf..822731335 100644 --- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-postgresql-s2i.json +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/eap64-postgresql-s2i.json @@ -6,13 +6,13 @@ "description": "Application template for EAP 6 PostgreSQL applications built using S2I.", "iconClass": "icon-jboss", "tags": "eap,postgresql,javaee,java,database,jboss,xpaas", - "version": "1.1.0" + "version": "1.2.0" }, "name": "eap64-postgresql-s2i" }, "labels": { "template": "eap64-postgresql-s2i", - "xpaas": "1.1.0" + "xpaas": "1.2.0" }, "parameters": [ { @@ -22,8 +22,14 @@ "required": true }, { - "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: ..", - "name": "APPLICATION_DOMAIN", + "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: -.", + "name": "HOSTNAME_HTTP", + "value": "", + "required": false + }, + { + "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure--.", + "name": "HOSTNAME_HTTPS", "value": "", "required": false }, @@ -36,7 +42,7 @@ { "description": "Git branch/tag reference", "name": "SOURCE_REPOSITORY_REF", - "value": "1.1", + "value": "1.2", "required": false }, { @@ -71,25 +77,25 @@ }, { "description": "The name of the secret containing the keystore file", - "name": "EAP_HTTPS_SECRET", + "name": "HTTPS_SECRET", "value": "eap-app-secret", "required": false }, { "description": "The name of the keystore file within the secret", - "name": "EAP_HTTPS_KEYSTORE", + "name": "HTTPS_KEYSTORE", "value": "keystore.jks", "required": false }, { "description": "The name associated with the server certificate", - "name": "EAP_HTTPS_NAME", + "name": "HTTPS_NAME", "value": "", "required": false }, { "description": "The password for the keystore and certificate", - "name": "EAP_HTTPS_PASSWORD", + "name": "HTTPS_PASSWORD", "value": "", "required": false }, @@ -158,6 +164,37 @@ "name": "IMAGE_STREAM_NAMESPACE", "value": "openshift", "required": true + }, + { + "description": "The name of the secret containing the keystore file", + "name": "JGROUPS_ENCRYPT_SECRET", + "value": "eap-app-secret", + "required": false + }, + { + "description": "The name of the keystore file within the secret", + "name": "JGROUPS_ENCRYPT_KEYSTORE", + "value": "jgroups.jceks", + "required": false + }, + { + "description": "The name associated with the server certificate", + "name": "JGROUPS_ENCRYPT_NAME", + "value": "", + "required": false + }, + { + "description": "The password for the keystore and certificate", + "name": "JGROUPS_ENCRYPT_PASSWORD", + "value": "", + "required": false + }, + { + "description": "JGroups cluster password", + "name": "JGROUPS_CLUSTER_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true } ], "objects": [ @@ -247,7 +284,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTP}", "to": { "name": "${APPLICATION_NAME}" } @@ -267,7 +304,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTPS}", "to": { "name": "secure-${APPLICATION_NAME}" }, @@ -311,7 +348,7 @@ "from": { "kind": "ImageStreamTag", "namespace": "${IMAGE_STREAM_NAMESPACE}", - "name": "jboss-eap64-openshift:1.1" + "name": "jboss-eap64-openshift:1.2" } } }, @@ -400,8 +437,22 @@ "name": "eap-keystore-volume", "mountPath": "/etc/eap-secret-volume", "readOnly": true + }, + { + "name": "eap-jgroups-keystore-volume", + "mountPath": "/etc/jgroups-encrypt-secret-volume", + "readOnly": true } ], + "livenessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/eap/bin/livenessProbe.sh" + ] + } + }, "readinessProbe": { "exec": { "command": [ @@ -412,6 +463,11 @@ } }, "ports": [ + { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, { "name": "http", "containerPort": 8080, @@ -478,20 +534,20 @@ } }, { - "name": "EAP_HTTPS_KEYSTORE_DIR", + "name": "HTTPS_KEYSTORE_DIR", "value": "/etc/eap-secret-volume" }, { - "name": "EAP_HTTPS_KEYSTORE", - "value": "${EAP_HTTPS_KEYSTORE}" + "name": "HTTPS_KEYSTORE", + "value": "${HTTPS_KEYSTORE}" }, { - "name": "EAP_HTTPS_NAME", - "value": "${EAP_HTTPS_NAME}" + "name": "HTTPS_NAME", + "value": "${HTTPS_NAME}" }, { - "name": "EAP_HTTPS_PASSWORD", - "value": "${EAP_HTTPS_PASSWORD}" + "name": "HTTPS_PASSWORD", + "value": "${HTTPS_PASSWORD}" }, { "name": "HORNETQ_CLUSTER_PASSWORD", @@ -504,6 +560,30 @@ { "name": "HORNETQ_TOPICS", "value": "${HORNETQ_TOPICS}" + }, + { + "name": "JGROUPS_ENCRYPT_SECRET", + "value": "${JGROUPS_ENCRYPT_SECRET}" + }, + { + "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR", + "value": "/etc/jgroups-encrypt-secret-volume" + }, + { + "name": "JGROUPS_ENCRYPT_KEYSTORE", + "value": "${JGROUPS_ENCRYPT_KEYSTORE}" + }, + { + "name": "JGROUPS_ENCRYPT_NAME", + "value": "${JGROUPS_ENCRYPT_NAME}" + }, + { + "name": "JGROUPS_ENCRYPT_PASSWORD", + "value": "${JGROUPS_ENCRYPT_PASSWORD}" + }, + { + "name": "JGROUPS_CLUSTER_PASSWORD", + "value": "${JGROUPS_CLUSTER_PASSWORD}" } ] } @@ -512,7 +592,13 @@ { "name": "eap-keystore-volume", "secret": { - "secretName": "${EAP_HTTPS_SECRET}" + "secretName": "${HTTPS_SECRET}" + } + }, + { + "name": "eap-jgroups-keystore-volume", + "secret": { + "secretName": "${JGROUPS_ENCRYPT_SECRET}" } } ] @@ -606,4 +692,4 @@ } } ] -} \ No newline at end of file +} diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-basic-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-basic-s2i.json index 729079130..376f2f61b 100644 --- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-basic-s2i.json +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-basic-s2i.json @@ -6,13 +6,13 @@ "iconClass": "icon-tomcat", "description": "Application template for JWS applications built using S2I.", "tags": "tomcat,tomcat7,java,jboss,xpaas", - "version": "1.1.0" + "version": "1.2.0" }, "name": "jws30-tomcat7-basic-s2i" }, "labels": { "template": "jws30-tomcat7-basic-s2i", - "xpaas": "1.1.0" + "xpaas": "1.2.0" }, "parameters": [ { @@ -22,8 +22,8 @@ "required": true }, { - "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: ..", - "name": "APPLICATION_DOMAIN", + "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: -.", + "name": "HOSTNAME_HTTP", "value": "", "required": false }, @@ -36,7 +36,7 @@ { "description": "Git branch/tag reference", "name": "SOURCE_REPOSITORY_REF", - "value": "1.1", + "value": "1.2", "required": false }, { @@ -119,7 +119,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTP}", "to": { "name": "${APPLICATION_NAME}" } @@ -160,7 +160,7 @@ "from": { "kind": "ImageStreamTag", "namespace": "${IMAGE_STREAM_NAMESPACE}", - "name": "jboss-webserver30-tomcat7-openshift:1.1" + "name": "jboss-webserver30-tomcat7-openshift:1.2" } } }, @@ -253,6 +253,11 @@ } }, "ports": [ + { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, { "name": "http", "containerPort": 8080, diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-https-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-https-s2i.json index 7ce7e7fe2..e7bbd1154 100644 --- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-https-s2i.json +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-https-s2i.json @@ -6,13 +6,13 @@ "iconClass": "icon-tomcat", "description": "Application template for JWS applications built using S2I.", "tags": "tomcat,tomcat7,java,jboss,xpaas", - "version": "1.1.0" + "version": "1.2.0" }, "name": "jws30-tomcat7-https-s2i" }, "labels": { "template": "jws30-tomcat7-https-s2i", - "xpaas": "1.1.0" + "xpaas": "1.2.0" }, "parameters": [ { @@ -22,8 +22,14 @@ "required": true }, { - "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: ..", - "name": "APPLICATION_DOMAIN", + "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: -.", + "name": "HOSTNAME_HTTP", + "value": "", + "required": false + }, + { + "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure--.", + "name": "HOSTNAME_HTTPS", "value": "", "required": false }, @@ -36,7 +42,7 @@ { "description": "Git branch/tag reference", "name": "SOURCE_REPOSITORY_REF", - "value": "1.1", + "value": "1.2", "required": false }, { @@ -167,7 +173,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTP}", "to": { "name": "${APPLICATION_NAME}" } @@ -187,7 +193,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTPS}", "to": { "name": "secure-${APPLICATION_NAME}" }, @@ -231,7 +237,7 @@ "from": { "kind": "ImageStreamTag", "namespace": "${IMAGE_STREAM_NAMESPACE}", - "name": "jboss-webserver30-tomcat7-openshift:1.1" + "name": "jboss-webserver30-tomcat7-openshift:1.2" } } }, @@ -332,6 +338,11 @@ } ], "ports": [ + { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, { "name": "http", "containerPort": 8080, diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-mongodb-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-mongodb-persistent-s2i.json index 9a08ec0b0..3a3ca8e24 100644 --- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-mongodb-persistent-s2i.json +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-mongodb-persistent-s2i.json @@ -6,13 +6,13 @@ "iconClass": "icon-tomcat", "description": "Application template for JWS MongoDB applications with persistent storage built using S2I.", "tags": "tomcat,tomcat7,mongodb,java,database,jboss,xpaas", - "version": "1.1.0" + "version": "1.2.0" }, "name": "jws30-tomcat7-mongodb-persistent-s2i" }, "labels": { "template": "jws30-tomcat7-mongodb-persistent-s2i", - "xpaas": "1.1.0" + "xpaas": "1.2.0" }, "parameters": [ { @@ -22,8 +22,14 @@ "required": true }, { - "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: ..", - "name": "APPLICATION_DOMAIN", + "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: -.", + "name": "HOSTNAME_HTTP", + "value": "", + "required": false + }, + { + "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure--.", + "name": "HOSTNAME_HTTPS", "value": "", "required": false }, @@ -36,7 +42,7 @@ { "description": "Git branch/tag reference", "name": "SOURCE_REPOSITORY_REF", - "value": "1.1", + "value": "1.2", "required": false }, { @@ -260,7 +266,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTP}", "to": { "name": "${APPLICATION_NAME}" } @@ -280,7 +286,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTPS}", "to": { "name": "secure-${APPLICATION_NAME}" }, @@ -324,7 +330,7 @@ "from": { "kind": "ImageStreamTag", "namespace": "${IMAGE_STREAM_NAMESPACE}", - "name": "jboss-webserver30-tomcat7-openshift:1.1" + "name": "jboss-webserver30-tomcat7-openshift:1.2" } } }, @@ -425,6 +431,11 @@ } ], "ports": [ + { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, { "name": "http", "containerPort": 8080, @@ -640,4 +651,4 @@ } } ] -} \ No newline at end of file +} diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-mongodb-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-mongodb-s2i.json index b8dfb3ad3..b3fd295b9 100644 --- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-mongodb-s2i.json +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-mongodb-s2i.json @@ -6,13 +6,13 @@ "iconClass": "icon-tomcat", "description": "Application template for JWS MongoDB applications built using S2I.", "tags": "tomcat,tomcat7,mongodb,java,database,jboss,xpaas", - "version": "1.1.0" + "version": "1.2.0" }, "name": "jws30-tomcat7-mongodb-s2i" }, "labels": { "template": "jws30-tomcat7-mongodb-s2i", - "xpaas": "1.1.0" + "xpaas": "1.2.0" }, "parameters": [ { @@ -22,8 +22,14 @@ "required": true }, { - "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: ..", - "name": "APPLICATION_DOMAIN", + "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: -.", + "name": "HOSTNAME_HTTP", + "value": "", + "required": false + }, + { + "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure--.", + "name": "HOSTNAME_HTTPS", "value": "", "required": false }, @@ -36,7 +42,7 @@ { "description": "Git branch/tag reference", "name": "SOURCE_REPOSITORY_REF", - "value": "1.1", + "value": "1.2", "required": false }, { @@ -254,7 +260,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTP}", "to": { "name": "${APPLICATION_NAME}" } @@ -274,7 +280,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTPS}", "to": { "name": "secure-${APPLICATION_NAME}" }, @@ -318,7 +324,7 @@ "from": { "kind": "ImageStreamTag", "namespace": "${IMAGE_STREAM_NAMESPACE}", - "name": "jboss-webserver30-tomcat7-openshift:1.1" + "name": "jboss-webserver30-tomcat7-openshift:1.2" } } }, @@ -419,6 +425,11 @@ } ], "ports": [ + { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, { "name": "http", "containerPort": 8080, @@ -600,4 +611,4 @@ } } ] -} \ No newline at end of file +} diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-mysql-persistent-s2i.json index d36e330d3..b0b2f5ec4 100644 --- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-mysql-persistent-s2i.json +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-mysql-persistent-s2i.json @@ -6,13 +6,13 @@ "iconClass": "icon-tomcat", "description": "Application template for JWS MySQL applications with persistent storage built using S2I.", "tags": "tomcat,tomcat7,mysql,java,database,jboss,xpaas", - "version": "1.1.0" + "version": "1.2.0" }, "name": "jws30-tomcat7-mysql-persistent-s2i" }, "labels": { "template": "jws30-tomcat7-mysql-persistent-s2i", - "xpaas": "1.1.0" + "xpaas": "1.2.0" }, "parameters": [ { @@ -22,8 +22,14 @@ "required": true }, { - "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: ..", - "name": "APPLICATION_DOMAIN", + "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: -.", + "name": "HOSTNAME_HTTP", + "value": "", + "required": false + }, + { + "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure--.", + "name": "HOSTNAME_HTTPS", "value": "", "required": false }, @@ -36,7 +42,7 @@ { "description": "Git branch/tag reference", "name": "SOURCE_REPOSITORY_REF", - "value": "1.1", + "value": "1.2", "required": false }, { @@ -46,9 +52,9 @@ "required": false }, { - "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb", + "description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/mysqlDS", "name": "DB_JNDI", - "value": "java:jboss/datasources/TodoListDS", + "value": "jboss/datasources/defaultDS", "required": false }, { @@ -263,7 +269,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTP}", "to": { "name": "${APPLICATION_NAME}" } @@ -283,7 +289,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTPS}", "to": { "name": "secure-${APPLICATION_NAME}" }, @@ -327,7 +333,7 @@ "from": { "kind": "ImageStreamTag", "namespace": "${IMAGE_STREAM_NAMESPACE}", - "name": "jboss-webserver30-tomcat7-openshift:1.1" + "name": "jboss-webserver30-tomcat7-openshift:1.2" } } }, @@ -428,6 +434,11 @@ } ], "ports": [ + { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, { "name": "http", "containerPort": 8080, @@ -642,4 +653,4 @@ } } ] -} \ No newline at end of file +} diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-mysql-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-mysql-s2i.json index f5309db60..e48276f1b 100644 --- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-mysql-s2i.json +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-mysql-s2i.json @@ -6,13 +6,13 @@ "iconClass": "icon-tomcat", "description": "Application template for JWS MySQL applications built using S2I.", "tags": "tomcat,tomcat7,mysql,java,database,jboss,xpaas", - "version": "1.1.0" + "version": "1.2.0" }, "name": "jws30-tomcat7-mysql-s2i" }, "labels": { "template": "jws30-tomcat7-mysql-s2i", - "xpaas": "1.1.0" + "xpaas": "1.2.0" }, "parameters": [ { @@ -22,8 +22,14 @@ "required": true }, { - "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: ..", - "name": "APPLICATION_DOMAIN", + "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: -.", + "name": "HOSTNAME_HTTP", + "value": "", + "required": false + }, + { + "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure--.", + "name": "HOSTNAME_HTTPS", "value": "", "required": false }, @@ -36,7 +42,7 @@ { "description": "Git branch/tag reference", "name": "SOURCE_REPOSITORY_REF", - "value": "1.1", + "value": "1.2", "required": false }, { @@ -46,9 +52,9 @@ "required": false }, { - "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb", + "description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/mysqlDS", "name": "DB_JNDI", - "value": "java:jboss/datasources/TodoListDS", + "value": "jboss/datasources/defaultDS", "required": false }, { @@ -257,7 +263,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTP}", "to": { "name": "${APPLICATION_NAME}" } @@ -277,7 +283,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTPS}", "to": { "name": "secure-${APPLICATION_NAME}" }, @@ -321,7 +327,7 @@ "from": { "kind": "ImageStreamTag", "namespace": "${IMAGE_STREAM_NAMESPACE}", - "name": "jboss-webserver30-tomcat7-openshift:1.1" + "name": "jboss-webserver30-tomcat7-openshift:1.2" } } }, @@ -422,6 +428,11 @@ } ], "ports": [ + { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, { "name": "http", "containerPort": 8080, @@ -602,4 +613,4 @@ } } ] -} \ No newline at end of file +} diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-postgresql-persistent-s2i.json index ee88a4c69..d7876d066 100644 --- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-postgresql-persistent-s2i.json +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-postgresql-persistent-s2i.json @@ -6,13 +6,13 @@ "iconClass": "icon-tomcat", "description": "Application template for JWS PostgreSQL applications with persistent storage built using S2I.", "tags": "tomcat,tomcat7,postgresql,java,database,jboss,xpaas", - "version": "1.1.0" + "version": "1.2.0" }, "name": "jws30-tomcat7-postgresql-persistent-s2i" }, "labels": { "template": "jws30-tomcat7-postgresql-persistent-s2i", - "xpaas": "1.1.0" + "xpaas": "1.2.0" }, "parameters": [ { @@ -22,8 +22,14 @@ "required": true }, { - "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: ..", - "name": "APPLICATION_DOMAIN", + "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: -.", + "name": "HOSTNAME_HTTP", + "value": "", + "required": false + }, + { + "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure--.", + "name": "HOSTNAME_HTTPS", "value": "", "required": false }, @@ -36,7 +42,7 @@ { "description": "Git branch/tag reference", "name": "SOURCE_REPOSITORY_REF", - "value": "1.1", + "value": "1.2", "required": false }, { @@ -46,9 +52,9 @@ "required": false }, { - "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb", + "description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/postgresqlDS", "name": "DB_JNDI", - "value": "java:jboss/datasources/TodoListDS", + "value": "jboss/datasources/defaultDS", "required": false }, { @@ -248,7 +254,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTP}", "to": { "name": "${APPLICATION_NAME}" } @@ -268,7 +274,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTPS}", "to": { "name": "secure-${APPLICATION_NAME}" }, @@ -312,7 +318,7 @@ "from": { "kind": "ImageStreamTag", "namespace": "${IMAGE_STREAM_NAMESPACE}", - "name": "jboss-webserver30-tomcat7-openshift:1.1" + "name": "jboss-webserver30-tomcat7-openshift:1.2" } } }, @@ -413,6 +419,11 @@ } ], "ports": [ + { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, { "name": "http", "containerPort": 8080, @@ -615,4 +626,4 @@ } } ] -} \ No newline at end of file +} diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-postgresql-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-postgresql-s2i.json index f5940a7a1..5c1bdf6d5 100644 --- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-postgresql-s2i.json +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat7-postgresql-s2i.json @@ -6,13 +6,13 @@ "iconClass": "icon-tomcat", "description": "Application template for JWS PostgreSQL applications built using S2I.", "tags": "tomcat,tomcat7,postgresql,java,database,jboss,xpaas", - "version": "1.1.0" + "version": "1.2.0" }, "name": "jws30-tomcat7-postgresql-s2i" }, "labels": { "template": "jws30-tomcat7-postgresql-s2i", - "xpaas": "1.1.0" + "xpaas": "1.2.0" }, "parameters": [ { @@ -22,8 +22,14 @@ "required": true }, { - "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: ..", - "name": "APPLICATION_DOMAIN", + "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: -.", + "name": "HOSTNAME_HTTP", + "value": "", + "required": false + }, + { + "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure--.", + "name": "HOSTNAME_HTTPS", "value": "", "required": false }, @@ -36,7 +42,7 @@ { "description": "Git branch/tag reference", "name": "SOURCE_REPOSITORY_REF", - "value": "1.1", + "value": "1.2", "required": false }, { @@ -46,9 +52,9 @@ "required": false }, { - "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb", + "description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/postgresqlDS", "name": "DB_JNDI", - "value": "java:jboss/datasources/TodoListDS", + "value": "jboss/datasources/defaultDS", "required": false }, { @@ -242,7 +248,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTP}", "to": { "name": "${APPLICATION_NAME}" } @@ -262,7 +268,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTPS}", "to": { "name": "secure-${APPLICATION_NAME}" }, @@ -306,7 +312,7 @@ "from": { "kind": "ImageStreamTag", "namespace": "${IMAGE_STREAM_NAMESPACE}", - "name": "jboss-webserver30-tomcat7-openshift:1.1" + "name": "jboss-webserver30-tomcat7-openshift:1.2" } } }, @@ -407,6 +413,11 @@ } ], "ports": [ + { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, { "name": "http", "containerPort": 8080, @@ -575,4 +586,4 @@ } } ] -} \ No newline at end of file +} diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-basic-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-basic-s2i.json index b24ce40ae..b425891c6 100644 --- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-basic-s2i.json +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-basic-s2i.json @@ -6,13 +6,13 @@ "iconClass": "icon-tomcat", "description": "Application template for JWS applications built using S2I.", "tags": "tomcat,tomcat8,java,jboss,xpaas", - "version": "1.1.0" + "version": "1.2.0" }, "name": "jws30-tomcat8-basic-s2i" }, "labels": { "template": "jws30-tomcat8-basic-s2i", - "xpaas": "1.1.0" + "xpaas": "1.2.0" }, "parameters": [ { @@ -22,8 +22,8 @@ "required": true }, { - "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: ..", - "name": "APPLICATION_DOMAIN", + "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: -.", + "name": "HOSTNAME_HTTP", "value": "", "required": false }, @@ -36,7 +36,7 @@ { "description": "Git branch/tag reference", "name": "SOURCE_REPOSITORY_REF", - "value": "1.1", + "value": "1.2", "required": false }, { @@ -119,7 +119,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTP}", "to": { "name": "${APPLICATION_NAME}" } @@ -160,7 +160,7 @@ "from": { "kind": "ImageStreamTag", "namespace": "${IMAGE_STREAM_NAMESPACE}", - "name": "jboss-webserver30-tomcat8-openshift:1.1" + "name": "jboss-webserver30-tomcat8-openshift:1.2" } } }, @@ -253,6 +253,11 @@ } }, "ports": [ + { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, { "name": "http", "containerPort": 8080, diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-https-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-https-s2i.json index 7e788d0db..a20518cbc 100644 --- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-https-s2i.json +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-https-s2i.json @@ -6,13 +6,13 @@ "iconClass": "icon-tomcat", "description": "Application template for JWS applications built using S2I.", "tags": "tomcat,tomcat8,java,jboss,xpaas", - "version": "1.1.0" + "version": "1.2.0" }, "name": "jws30-tomcat8-https-s2i" }, "labels": { "template": "jws30-tomcat8-https-s2i", - "xpaas": "1.1.0" + "xpaas": "1.2.0" }, "parameters": [ { @@ -22,8 +22,14 @@ "required": true }, { - "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: ..", - "name": "APPLICATION_DOMAIN", + "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: -.", + "name": "HOSTNAME_HTTP", + "value": "", + "required": false + }, + { + "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure--.", + "name": "HOSTNAME_HTTPS", "value": "", "required": false }, @@ -36,7 +42,7 @@ { "description": "Git branch/tag reference", "name": "SOURCE_REPOSITORY_REF", - "value": "1.1", + "value": "1.2", "required": false }, { @@ -167,7 +173,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTP}", "to": { "name": "${APPLICATION_NAME}" } @@ -187,7 +193,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTPS}", "to": { "name": "secure-${APPLICATION_NAME}" }, @@ -231,7 +237,7 @@ "from": { "kind": "ImageStreamTag", "namespace": "${IMAGE_STREAM_NAMESPACE}", - "name": "jboss-webserver30-tomcat8-openshift:1.1" + "name": "jboss-webserver30-tomcat8-openshift:1.2" } } }, @@ -332,6 +338,11 @@ } ], "ports": [ + { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, { "name": "http", "containerPort": 8080, diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-mongodb-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-mongodb-persistent-s2i.json index 2f1d69c75..46b99593d 100644 --- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-mongodb-persistent-s2i.json +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-mongodb-persistent-s2i.json @@ -6,13 +6,13 @@ "iconClass": "icon-tomcat", "description": "Application template for JWS MongoDB applications with persistent storage built using S2I.", "tags": "tomcat,tomcat8,mongodb,java,database,jboss,xpaas", - "version": "1.1.0" + "version": "1.2.0" }, "name": "jws30-tomcat8-mongodb-persistent-s2i" }, "labels": { "template": "jws30-tomcat8-mongodb-persistent-s2i", - "xpaas": "1.1.0" + "xpaas": "1.2.0" }, "parameters": [ { @@ -22,8 +22,14 @@ "required": true }, { - "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: ..", - "name": "APPLICATION_DOMAIN", + "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: -.", + "name": "HOSTNAME_HTTP", + "value": "", + "required": false + }, + { + "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure--.", + "name": "HOSTNAME_HTTPS", "value": "", "required": false }, @@ -36,7 +42,7 @@ { "description": "Git branch/tag reference", "name": "SOURCE_REPOSITORY_REF", - "value": "1.1", + "value": "1.2", "required": false }, { @@ -260,7 +266,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTP}", "to": { "name": "${APPLICATION_NAME}" } @@ -280,7 +286,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTPS}", "to": { "name": "secure-${APPLICATION_NAME}" }, @@ -324,7 +330,7 @@ "from": { "kind": "ImageStreamTag", "namespace": "${IMAGE_STREAM_NAMESPACE}", - "name": "jboss-webserver30-tomcat8-openshift:1.1" + "name": "jboss-webserver30-tomcat8-openshift:1.2" } } }, @@ -425,6 +431,11 @@ } ], "ports": [ + { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, { "name": "http", "containerPort": 8080, @@ -640,4 +651,4 @@ } } ] -} \ No newline at end of file +} diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-mongodb-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-mongodb-s2i.json index bad676f2e..c01b6888a 100644 --- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-mongodb-s2i.json +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-mongodb-s2i.json @@ -6,13 +6,13 @@ "iconClass": "icon-tomcat", "description": "Application template for JWS MongoDB applications built using S2I.", "tags": "tomcat,tomcat8,mongodb,java,database,jboss,xpaas", - "version": "1.1.0" + "version": "1.2.0" }, "name": "jws30-tomcat8-mongodb-s2i" }, "labels": { "template": "jws30-tomcat8-mongodb-s2i", - "xpaas": "1.1.0" + "xpaas": "1.2.0" }, "parameters": [ { @@ -22,8 +22,14 @@ "required": true }, { - "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: ..", - "name": "APPLICATION_DOMAIN", + "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: -.", + "name": "HOSTNAME_HTTP", + "value": "", + "required": false + }, + { + "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure--.", + "name": "HOSTNAME_HTTPS", "value": "", "required": false }, @@ -36,7 +42,7 @@ { "description": "Git branch/tag reference", "name": "SOURCE_REPOSITORY_REF", - "value": "1.1", + "value": "1.2", "required": false }, { @@ -254,7 +260,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTP}", "to": { "name": "${APPLICATION_NAME}" } @@ -274,7 +280,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTPS}", "to": { "name": "secure-${APPLICATION_NAME}" }, @@ -318,7 +324,7 @@ "from": { "kind": "ImageStreamTag", "namespace": "${IMAGE_STREAM_NAMESPACE}", - "name": "jboss-webserver30-tomcat8-openshift:1.1" + "name": "jboss-webserver30-tomcat8-openshift:1.2" } } }, @@ -419,6 +425,11 @@ } ], "ports": [ + { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, { "name": "http", "containerPort": 8080, @@ -600,4 +611,4 @@ } } ] -} \ No newline at end of file +} diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-mysql-persistent-s2i.json index e20a45982..ebe1dc6af 100644 --- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-mysql-persistent-s2i.json +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-mysql-persistent-s2i.json @@ -6,13 +6,13 @@ "iconClass": "icon-tomcat", "description": "Application template for JWS MySQL applications with persistent storage built using S2I.", "tags": "tomcat,tomcat8,mysql,java,database,jboss,xpaas", - "version": "1.1.0" + "version": "1.2.0" }, "name": "jws30-tomcat8-mysql-persistent-s2i" }, "labels": { "template": "jws30-tomcat8-mysql-persistent-s2i", - "xpaas": "1.1.0" + "xpaas": "1.2.0" }, "parameters": [ { @@ -22,8 +22,14 @@ "required": true }, { - "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: ..", - "name": "APPLICATION_DOMAIN", + "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: -.", + "name": "HOSTNAME_HTTP", + "value": "", + "required": false + }, + { + "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure--.", + "name": "HOSTNAME_HTTPS", "value": "", "required": false }, @@ -36,7 +42,7 @@ { "description": "Git branch/tag reference", "name": "SOURCE_REPOSITORY_REF", - "value": "1.1", + "value": "1.2", "required": false }, { @@ -46,9 +52,9 @@ "required": false }, { - "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb", + "description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/mysqlDS", "name": "DB_JNDI", - "value": "java:jboss/datasources/TodoListDS", + "value": "jboss/datasources/defaultDS", "required": false }, { @@ -263,7 +269,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTP}", "to": { "name": "${APPLICATION_NAME}" } @@ -283,7 +289,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTPS}", "to": { "name": "secure-${APPLICATION_NAME}" }, @@ -327,7 +333,7 @@ "from": { "kind": "ImageStreamTag", "namespace": "${IMAGE_STREAM_NAMESPACE}", - "name": "jboss-webserver30-tomcat8-openshift:1.1" + "name": "jboss-webserver30-tomcat8-openshift:1.2" } } }, @@ -428,6 +434,11 @@ } ], "ports": [ + { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, { "name": "http", "containerPort": 8080, @@ -642,4 +653,4 @@ } } ] -} \ No newline at end of file +} diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-mysql-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-mysql-s2i.json index 1b9624756..fe068842a 100644 --- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-mysql-s2i.json +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-mysql-s2i.json @@ -6,13 +6,13 @@ "iconClass": "icon-tomcat", "description": "Application template for JWS MySQL applications built using S2I.", "tags": "tomcat,tomcat8,mysql,java,database,jboss,xpaas", - "version": "1.1.0" + "version": "1.2.0" }, "name": "jws30-tomcat8-mysql-s2i" }, "labels": { "template": "jws30-tomcat8-mysql-s2i", - "xpaas": "1.1.0" + "xpaas": "1.2.0" }, "parameters": [ { @@ -22,8 +22,14 @@ "required": true }, { - "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: ..", - "name": "APPLICATION_DOMAIN", + "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: -.", + "name": "HOSTNAME_HTTP", + "value": "", + "required": false + }, + { + "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure--.", + "name": "HOSTNAME_HTTPS", "value": "", "required": false }, @@ -36,7 +42,7 @@ { "description": "Git branch/tag reference", "name": "SOURCE_REPOSITORY_REF", - "value": "1.1", + "value": "1.2", "required": false }, { @@ -46,9 +52,9 @@ "required": false }, { - "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb", + "description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/mysqlDS", "name": "DB_JNDI", - "value": "java:jboss/datasources/TodoListDS", + "value": "jboss/datasources/defaultDS", "required": false }, { @@ -257,7 +263,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTP}", "to": { "name": "${APPLICATION_NAME}" } @@ -277,7 +283,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTPS}", "to": { "name": "secure-${APPLICATION_NAME}" }, @@ -321,7 +327,7 @@ "from": { "kind": "ImageStreamTag", "namespace": "${IMAGE_STREAM_NAMESPACE}", - "name": "jboss-webserver30-tomcat8-openshift:1.1" + "name": "jboss-webserver30-tomcat8-openshift:1.2" } } }, @@ -422,6 +428,11 @@ } ], "ports": [ + { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, { "name": "http", "containerPort": 8080, @@ -602,4 +613,4 @@ } } ] -} \ No newline at end of file +} diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-postgresql-persistent-s2i.json index dc492a38e..302a55315 100644 --- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-postgresql-persistent-s2i.json +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-postgresql-persistent-s2i.json @@ -6,13 +6,13 @@ "iconClass": "icon-tomcat", "description": "Application template for JWS PostgreSQL applications with persistent storage built using S2I.", "tags": "tomcat,tomcat8,postgresql,java,database,jboss,xpaas", - "version": "1.1.0" + "version": "1.2.0" }, "name": "jws30-tomcat8-postgresql-persistent-s2i" }, "labels": { "template": "jws30-tomcat8-postgresql-persistent-s2i", - "xpaas": "1.1.0" + "xpaas": "1.2.0" }, "parameters": [ { @@ -22,8 +22,14 @@ "required": true }, { - "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: ..", - "name": "APPLICATION_DOMAIN", + "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: -.", + "name": "HOSTNAME_HTTP", + "value": "", + "required": false + }, + { + "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure--.", + "name": "HOSTNAME_HTTPS", "value": "", "required": false }, @@ -36,7 +42,7 @@ { "description": "Git branch/tag reference", "name": "SOURCE_REPOSITORY_REF", - "value": "1.1", + "value": "1.2", "required": false }, { @@ -46,9 +52,9 @@ "required": false }, { - "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb", + "description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/postgresqlDS", "name": "DB_JNDI", - "value": "java:jboss/datasources/TodoListDS", + "value": "jboss/datasources/defaultDS", "required": false }, { @@ -248,7 +254,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTP}", "to": { "name": "${APPLICATION_NAME}" } @@ -268,7 +274,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTPS}", "to": { "name": "secure-${APPLICATION_NAME}" }, @@ -312,7 +318,7 @@ "from": { "kind": "ImageStreamTag", "namespace": "${IMAGE_STREAM_NAMESPACE}", - "name": "jboss-webserver30-tomcat8-openshift:1.1" + "name": "jboss-webserver30-tomcat8-openshift:1.2" } } }, @@ -413,6 +419,11 @@ } ], "ports": [ + { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, { "name": "http", "containerPort": 8080, @@ -615,4 +626,4 @@ } } ] -} \ No newline at end of file +} diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-postgresql-s2i.json b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-postgresql-s2i.json index 242b37a79..af2415905 100644 --- a/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-postgresql-s2i.json +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-templates/jws30-tomcat8-postgresql-s2i.json @@ -6,13 +6,13 @@ "iconClass": "icon-tomcat", "description": "Application template for JWS PostgreSQL applications built using S2I.", "tags": "tomcat,tomcat8,postgresql,java,database,jboss,xpaas", - "version": "1.1.0" + "version": "1.2.0" }, "name": "jws30-tomcat8-postgresql-s2i" }, "labels": { "template": "jws30-tomcat8-postgresql-s2i", - "xpaas": "1.1.0" + "xpaas": "1.2.0" }, "parameters": [ { @@ -22,8 +22,14 @@ "required": true }, { - "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: ..", - "name": "APPLICATION_DOMAIN", + "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: -.", + "name": "HOSTNAME_HTTP", + "value": "", + "required": false + }, + { + "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure--.", + "name": "HOSTNAME_HTTPS", "value": "", "required": false }, @@ -36,7 +42,7 @@ { "description": "Git branch/tag reference", "name": "SOURCE_REPOSITORY_REF", - "value": "1.1", + "value": "1.2", "required": false }, { @@ -46,9 +52,9 @@ "required": false }, { - "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb", + "description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/postgresqlDS", "name": "DB_JNDI", - "value": "java:jboss/datasources/TodoListDS", + "value": "jboss/datasources/defaultDS", "required": false }, { @@ -242,7 +248,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTP}", "to": { "name": "${APPLICATION_NAME}" } @@ -262,7 +268,7 @@ } }, "spec": { - "host": "${APPLICATION_DOMAIN}", + "host": "${HOSTNAME_HTTPS}", "to": { "name": "secure-${APPLICATION_NAME}" }, @@ -306,7 +312,7 @@ "from": { "kind": "ImageStreamTag", "namespace": "${IMAGE_STREAM_NAMESPACE}", - "name": "jboss-webserver30-tomcat8-openshift:1.1" + "name": "jboss-webserver30-tomcat8-openshift:1.2" } } }, @@ -406,6 +412,11 @@ } ], "ports": [ + { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, { "name": "http", "containerPort": 8080, @@ -573,4 +584,4 @@ } } ] -} \ No newline at end of file +} -- cgit v1.2.3 From 4aed54937b7f30699b2a5476321ba4f52ebac983 Mon Sep 17 00:00:00 2001 From: Scott Dodson Date: Thu, 17 Dec 2015 11:11:25 -0500 Subject: Add jboss-fuse/application-templates/fis-image-streams.json --- roles/openshift_examples/examples-sync.sh | 1 + .../v1.1/xpaas-streams/fis-image-streams.json | 56 ++++++++++++++++++++++ 2 files changed, 57 insertions(+) create mode 100644 roles/openshift_examples/files/examples/v1.1/xpaas-streams/fis-image-streams.json (limited to 'roles/openshift_examples') diff --git a/roles/openshift_examples/examples-sync.sh b/roles/openshift_examples/examples-sync.sh index c46044917..01ce6d819 100755 --- a/roles/openshift_examples/examples-sync.sh +++ b/roles/openshift_examples/examples-sync.sh @@ -37,6 +37,7 @@ cp dancer-ex-master/openshift/templates/* ${EXAMPLES_BASE}/quickstart-templates/ cp cakephp-ex-master/openshift/templates/* ${EXAMPLES_BASE}/quickstart-templates/ mv application-templates-${XPAAS_VERSION}/jboss-image-streams.json ${EXAMPLES_BASE}/xpaas-streams/ find application-templates-${XPAAS_VERSION}/ -name '*.json' ! -wholename '*secret*' -exec mv {} ${EXAMPLES_BASE}/xpaas-templates/ \; +wget https://raw.githubusercontent.com/jboss-fuse/application-templates/master/fis-image-streams.json -O ${EXAMPLES_BASE}/xpaas-streams/fis-image-streams.json wget https://raw.githubusercontent.com/openshift/origin-metrics/master/metrics.yaml -O ${EXAMPLES_BASE}/infrastructure-templates/origin/metrics-deployer.yaml cp ${EXAMPLES_BASE}/infrastructure-templates/origin/metrics-*.yaml ${EXAMPLES_BASE}/infrastructure-templates/enterprise/ diff --git a/roles/openshift_examples/files/examples/v1.1/xpaas-streams/fis-image-streams.json b/roles/openshift_examples/files/examples/v1.1/xpaas-streams/fis-image-streams.json new file mode 100644 index 000000000..ed0e94bed --- /dev/null +++ b/roles/openshift_examples/files/examples/v1.1/xpaas-streams/fis-image-streams.json @@ -0,0 +1,56 @@ +{ + "kind": "List", + "apiVersion": "v1", + "metadata": { + "name": "fis-image-streams", + "annotations": { + "description": "ImageStream definitions for JBoss Fuse Integration Services." + } + }, + "items": [ + { + "kind": "ImageStream", + "apiVersion": "v1", + "metadata": { + "name": "fis-java-openshift" + }, + "spec": { + "dockerImageRepository": "registry.access.redhat.com/jboss-fuse-6/fis-java-openshift", + "tags": [ + { + "name": "1.0", + "annotations": { + "description": "JBoss Fuse Integration Services 6.2.1 Java S2I images.", + "iconClass": "icon-jboss", + "tags": "builder,jboss-fuse,java,xpaas", + "supports":"jboss-fuse:6.2.1,java:8,xpaas:1.2", + "version": "1.0" + } + } + ] + } + }, + { + "kind": "ImageStream", + "apiVersion": "v1", + "metadata": { + "name": "fis-karaf-openshift" + }, + "spec": { + "dockerImageRepository": "registry.access.redhat.com/jboss-fuse-6/fis-karaf-openshift", + "tags": [ + { + "name": "1.0", + "annotations": { + "description": "JBoss Fuse Integration Services 6.2.1 Karaf S2I images.", + "iconClass": "icon-jboss", + "tags": "builder,jboss-fuse,java,karaf,xpaas", + "supports":"jboss-fuse:6.2.1,java:8,xpaas:1.2", + "version": "1.0" + } + } + ] + } + } + ] +} -- cgit v1.2.3 From 8bd9e81076688316678cb70d368400edd4ac0dff Mon Sep 17 00:00:00 2001 From: Scott Dodson Date: Tue, 22 Dec 2015 16:00:01 -0500 Subject: Install all xpaas streams when enabled --- roles/openshift_examples/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'roles/openshift_examples') diff --git a/roles/openshift_examples/defaults/main.yml b/roles/openshift_examples/defaults/main.yml index e27f4e0a6..6b9964aec 100644 --- a/roles/openshift_examples/defaults/main.yml +++ b/roles/openshift_examples/defaults/main.yml @@ -13,7 +13,7 @@ image_streams_base: "{{ examples_base }}/image-streams" centos_image_streams: "{{ image_streams_base}}/image-streams-centos7.json" rhel_image_streams: "{{ image_streams_base}}/image-streams-rhel7.json" db_templates_base: "{{ examples_base }}/db-templates" -xpaas_image_streams: "{{ examples_base }}/xpaas-streams/jboss-image-streams.json" +xpaas_image_streams: "{{ examples_base }}/xpaas-streams/" xpaas_templates_base: "{{ examples_base }}/xpaas-templates" quickstarts_base: "{{ examples_base }}/quickstart-templates" infrastructure_origin_base: "{{ examples_base }}/infrastructure-templates/origin" -- cgit v1.2.3