diff options
author | Scott Dodson <sdodson@redhat.com> | 2017-06-30 11:22:53 -0400 |
---|---|---|
committer | Scott Dodson <sdodson@redhat.com> | 2017-06-30 11:22:53 -0400 |
commit | 2e39bc8a2508a075544307bdcb210d6e667760b0 (patch) | |
tree | 475889be1efb9f855320373b8d391657b3b3440a /roles | |
parent | 10ca432b753bb837a462b7c9e61c4acea34c115b (diff) | |
download | openshift-2e39bc8a2508a075544307bdcb210d6e667760b0.tar.gz openshift-2e39bc8a2508a075544307bdcb210d6e667760b0.tar.bz2 openshift-2e39bc8a2508a075544307bdcb210d6e667760b0.tar.xz openshift-2e39bc8a2508a075544307bdcb210d6e667760b0.zip |
Sync latest image streams and templates for v1.5
Diffstat (limited to 'roles')
32 files changed, 2205 insertions, 208 deletions
diff --git a/roles/openshift_examples/files/examples/v1.5/db-templates/mariadb-ephemeral-template.json b/roles/openshift_examples/files/examples/v1.5/db-templates/mariadb-ephemeral-template.json index f347f1f9f..536f7275e 100644 --- a/roles/openshift_examples/files/examples/v1.5/db-templates/mariadb-ephemeral-template.json +++ b/roles/openshift_examples/files/examples/v1.5/db-templates/mariadb-ephemeral-template.json @@ -23,7 +23,12 @@ "kind": "Secret", "apiVersion": "v1", "metadata": { - "name": "${DATABASE_SERVICE_NAME}" + "name": "${DATABASE_SERVICE_NAME}", + "annotations": { + "template.openshift.io/expose-username": "{.data['database-user']}", + "template.openshift.io/expose-password": "{.data['database-password']}", + "template.openshift.io/expose-root_password": "{.data['database-root-password']}" + } }, "stringData" : { "database-user" : "${MYSQL_USER}", @@ -35,7 +40,10 @@ "kind": "Service", "apiVersion": "v1", "metadata": { - "name": "${DATABASE_SERVICE_NAME}" + "name": "${DATABASE_SERVICE_NAME}", + "annotations": { + "template.openshift.io/expose-uri": "mysql://{.spec.clusterIP}:{.spec.ports[?(.name==\"mariadb\")].port}" + } }, "spec": { "ports": [ diff --git a/roles/openshift_examples/files/examples/v1.5/db-templates/mariadb-persistent-template.json b/roles/openshift_examples/files/examples/v1.5/db-templates/mariadb-persistent-template.json index 6ed744777..3b7fdccce 100644 --- a/roles/openshift_examples/files/examples/v1.5/db-templates/mariadb-persistent-template.json +++ b/roles/openshift_examples/files/examples/v1.5/db-templates/mariadb-persistent-template.json @@ -23,7 +23,12 @@ "kind": "Secret", "apiVersion": "v1", "metadata": { - "name": "${DATABASE_SERVICE_NAME}" + "name": "${DATABASE_SERVICE_NAME}", + "annotations": { + "template.openshift.io/expose-username": "{.data['database-user']}", + "template.openshift.io/expose-password": "{.data['database-password']}", + "template.openshift.io/expose-root_password": "{.data['database-root-password']}" + } }, "stringData" : { "database-user" : "${MYSQL_USER}", @@ -35,7 +40,10 @@ "kind": "Service", "apiVersion": "v1", "metadata": { - "name": "${DATABASE_SERVICE_NAME}" + "name": "${DATABASE_SERVICE_NAME}", + "annotations": { + "template.openshift.io/expose-uri": "mysql://{.spec.clusterIP}:{.spec.ports[?(.name==\"mariadb\")].port}" + } }, "spec": { "ports": [ diff --git a/roles/openshift_examples/files/examples/v1.5/db-templates/mongodb-ephemeral-template.json b/roles/openshift_examples/files/examples/v1.5/db-templates/mongodb-ephemeral-template.json index 97a8abf6d..ee274194f 100644 --- a/roles/openshift_examples/files/examples/v1.5/db-templates/mongodb-ephemeral-template.json +++ b/roles/openshift_examples/files/examples/v1.5/db-templates/mongodb-ephemeral-template.json @@ -24,7 +24,12 @@ "kind": "Secret", "apiVersion": "v1", "metadata": { - "name": "${DATABASE_SERVICE_NAME}" + "name": "${DATABASE_SERVICE_NAME}", + "annotations": { + "template.openshift.io/expose-username": "{.data['database-user']}", + "template.openshift.io/expose-password": "{.data['database-password']}", + "template.openshift.io/expose-admin_password": "{.data['database-admin-password']}" + } }, "stringData" : { "database-user" : "${MONGODB_USER}", @@ -37,7 +42,10 @@ "apiVersion": "v1", "metadata": { "name": "${DATABASE_SERVICE_NAME}", - "creationTimestamp": null + "creationTimestamp": null, + "annotations": { + "template.openshift.io/expose-uri": "mongodb://{.spec.clusterIP}:{.spec.ports[?(.name==\"mongo\")].port}" + } }, "spec": { "ports": [ diff --git a/roles/openshift_examples/files/examples/v1.5/db-templates/mongodb-persistent-template.json b/roles/openshift_examples/files/examples/v1.5/db-templates/mongodb-persistent-template.json index 0656219fb..e5ba43669 100644 --- a/roles/openshift_examples/files/examples/v1.5/db-templates/mongodb-persistent-template.json +++ b/roles/openshift_examples/files/examples/v1.5/db-templates/mongodb-persistent-template.json @@ -24,7 +24,12 @@ "kind": "Secret", "apiVersion": "v1", "metadata": { - "name": "${DATABASE_SERVICE_NAME}" + "name": "${DATABASE_SERVICE_NAME}", + "annotations": { + "template.openshift.io/expose-username": "{.data['database-user']}", + "template.openshift.io/expose-password": "{.data['database-password']}", + "template.openshift.io/expose-admin_password": "{.data['database-admin-password']}" + } }, "stringData" : { "database-user" : "${MONGODB_USER}", @@ -37,7 +42,10 @@ "apiVersion": "v1", "metadata": { "name": "${DATABASE_SERVICE_NAME}", - "creationTimestamp": null + "creationTimestamp": null, + "annotations": { + "template.openshift.io/expose-uri": "mongodb://{.spec.clusterIP}:{.spec.ports[?(.name==\"mongo\")].port}" + } }, "spec": { "ports": [ diff --git a/roles/openshift_examples/files/examples/v1.5/db-templates/mysql-ephemeral-template.json b/roles/openshift_examples/files/examples/v1.5/db-templates/mysql-ephemeral-template.json index d60b4647d..969e62ac5 100644 --- a/roles/openshift_examples/files/examples/v1.5/db-templates/mysql-ephemeral-template.json +++ b/roles/openshift_examples/files/examples/v1.5/db-templates/mysql-ephemeral-template.json @@ -23,7 +23,12 @@ "kind": "Secret", "apiVersion": "v1", "metadata": { - "name": "${DATABASE_SERVICE_NAME}" + "name": "${DATABASE_SERVICE_NAME}", + "annotations": { + "template.openshift.io/expose-username": "{.data['database-user']}", + "template.openshift.io/expose-password": "{.data['database-password']}", + "template.openshift.io/expose-root_password": "{.data['database-root-password']}" + } }, "stringData" : { "database-user" : "${MYSQL_USER}", @@ -36,7 +41,10 @@ "apiVersion": "v1", "metadata": { "name": "${DATABASE_SERVICE_NAME}", - "creationTimestamp": null + "creationTimestamp": null, + "annotations": { + "template.openshift.io/expose-uri": "mysql://{.spec.clusterIP}:{.spec.ports[?(.name==\"mysql\")].port}" + } }, "spec": { "ports": [ diff --git a/roles/openshift_examples/files/examples/v1.5/db-templates/mysql-persistent-template.json b/roles/openshift_examples/files/examples/v1.5/db-templates/mysql-persistent-template.json index c2bfa40fd..4f39d41a5 100644 --- a/roles/openshift_examples/files/examples/v1.5/db-templates/mysql-persistent-template.json +++ b/roles/openshift_examples/files/examples/v1.5/db-templates/mysql-persistent-template.json @@ -23,7 +23,12 @@ "kind": "Secret", "apiVersion": "v1", "metadata": { - "name": "${DATABASE_SERVICE_NAME}" + "name": "${DATABASE_SERVICE_NAME}", + "annotations": { + "template.openshift.io/expose-username": "{.data['database-user']}", + "template.openshift.io/expose-password": "{.data['database-password']}", + "template.openshift.io/expose-root_password": "{.data['database-root-password']}" + } }, "stringData" : { "database-user" : "${MYSQL_USER}", @@ -35,7 +40,10 @@ "kind": "Service", "apiVersion": "v1", "metadata": { - "name": "${DATABASE_SERVICE_NAME}" + "name": "${DATABASE_SERVICE_NAME}", + "annotations": { + "template.openshift.io/expose-uri": "mysql://{.spec.clusterIP}:{.spec.ports[?(.name==\"mysql\")].port}" + } }, "spec": { "ports": [ diff --git a/roles/openshift_examples/files/examples/v1.5/db-templates/postgresql-ephemeral-template.json b/roles/openshift_examples/files/examples/v1.5/db-templates/postgresql-ephemeral-template.json index 7a16e742a..c37102cb0 100644 --- a/roles/openshift_examples/files/examples/v1.5/db-templates/postgresql-ephemeral-template.json +++ b/roles/openshift_examples/files/examples/v1.5/db-templates/postgresql-ephemeral-template.json @@ -24,7 +24,11 @@ "kind": "Secret", "apiVersion": "v1", "metadata": { - "name": "${DATABASE_SERVICE_NAME}" + "name": "${DATABASE_SERVICE_NAME}", + "annotations": { + "template.openshift.io/expose-username": "{.data['database-user']}", + "template.openshift.io/expose-password": "{.data['database-password']}" + } }, "stringData" : { "database-user" : "${POSTGRESQL_USER}", @@ -36,7 +40,10 @@ "apiVersion": "v1", "metadata": { "name": "${DATABASE_SERVICE_NAME}", - "creationTimestamp": null + "creationTimestamp": null, + "annotations": { + "template.openshift.io/expose-uri": "postgres://{.spec.clusterIP}:{.spec.ports[?(.name==\"postgresql\")].port}" + } }, "spec": { "ports": [ diff --git a/roles/openshift_examples/files/examples/v1.5/db-templates/postgresql-persistent-template.json b/roles/openshift_examples/files/examples/v1.5/db-templates/postgresql-persistent-template.json index 242212d6f..32dc93a95 100644 --- a/roles/openshift_examples/files/examples/v1.5/db-templates/postgresql-persistent-template.json +++ b/roles/openshift_examples/files/examples/v1.5/db-templates/postgresql-persistent-template.json @@ -24,7 +24,11 @@ "kind": "Secret", "apiVersion": "v1", "metadata": { - "name": "${DATABASE_SERVICE_NAME}" + "name": "${DATABASE_SERVICE_NAME}", + "annotations": { + "template.openshift.io/expose-username": "{.data['database-user']}", + "template.openshift.io/expose-password": "{.data['database-password']}" + } }, "stringData" : { "database-user" : "${POSTGRESQL_USER}", @@ -36,7 +40,10 @@ "apiVersion": "v1", "metadata": { "name": "${DATABASE_SERVICE_NAME}", - "creationTimestamp": null + "creationTimestamp": null, + "annotations": { + "template.openshift.io/expose-uri": "postgres://{.spec.clusterIP}:{.spec.ports[?(.name==\"postgresql\")].port}" + } }, "spec": { "ports": [ diff --git a/roles/openshift_examples/files/examples/v1.5/db-templates/redis-ephemeral-template.json b/roles/openshift_examples/files/examples/v1.5/db-templates/redis-ephemeral-template.json index e9af50937..6bb683e52 100644 --- a/roles/openshift_examples/files/examples/v1.5/db-templates/redis-ephemeral-template.json +++ b/roles/openshift_examples/files/examples/v1.5/db-templates/redis-ephemeral-template.json @@ -24,7 +24,10 @@ "kind": "Secret", "apiVersion": "v1", "metadata": { - "name": "${DATABASE_SERVICE_NAME}" + "name": "${DATABASE_SERVICE_NAME}", + "annotations": { + "template.openshift.io/expose-password": "{.data['database-password']}" + } }, "stringData" : { "database-password" : "${REDIS_PASSWORD}" @@ -35,7 +38,10 @@ "apiVersion": "v1", "metadata": { "name": "${DATABASE_SERVICE_NAME}", - "creationTimestamp": null + "creationTimestamp": null, + "annotations": { + "template.openshift.io/expose-uri": "redis://{.spec.clusterIP}:{.spec.ports[?(.name==\"redis\")].port}" + } }, "spec": { "ports": [ diff --git a/roles/openshift_examples/files/examples/v1.5/db-templates/redis-persistent-template.json b/roles/openshift_examples/files/examples/v1.5/db-templates/redis-persistent-template.json index aa27578a9..9e8be2309 100644 --- a/roles/openshift_examples/files/examples/v1.5/db-templates/redis-persistent-template.json +++ b/roles/openshift_examples/files/examples/v1.5/db-templates/redis-persistent-template.json @@ -24,7 +24,10 @@ "kind": "Secret", "apiVersion": "v1", "metadata": { - "name": "${DATABASE_SERVICE_NAME}" + "name": "${DATABASE_SERVICE_NAME}", + "annotations": { + "template.openshift.io/expose-password": "{.data['database-password']}" + } }, "stringData" : { "database-password" : "${REDIS_PASSWORD}" @@ -35,7 +38,10 @@ "apiVersion": "v1", "metadata": { "name": "${DATABASE_SERVICE_NAME}", - "creationTimestamp": null + "creationTimestamp": null, + "annotations": { + "template.openshift.io/expose-uri": "redis://{.spec.clusterIP}:{.spec.ports[?(.name==\"redis\")].port}" + } }, "spec": { "ports": [ diff --git a/roles/openshift_examples/files/examples/v1.5/image-streams/image-streams-centos7.json b/roles/openshift_examples/files/examples/v1.5/image-streams/image-streams-centos7.json index a81dbb654..6cef21945 100644 --- a/roles/openshift_examples/files/examples/v1.5/image-streams/image-streams-centos7.json +++ b/roles/openshift_examples/files/examples/v1.5/image-streams/image-streams-centos7.json @@ -7,6 +7,51 @@ "kind": "ImageStream", "apiVersion": "v1", "metadata": { + "name": "httpd", + "annotations": { + "openshift.io/display-name": "Httpd" + } + }, + "spec": { + "tags": [ + { + "name": "latest", + "annotations": { + "openshift.io/display-name": "Httpd (Latest)", + "description": "Build and serve static content via Httpd on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/httpd-container/blob/master/2.4/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of Httpd available on OpenShift, including major versions updates.", + "iconClass": "icon-apache", + "tags": "builder,httpd", + "supports":"httpd", + "sampleRepo": "https://github.com/openshift/httpd-ex.git" + }, + "from": { + "kind": "ImageStreamTag", + "name": "2.4" + } + }, + { + "name": "2.4", + "annotations": { + "openshift.io/display-name": "Httpd 2.4", + "description": "Build and serve static content via Httpd on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/httpd-container/blob/master/2.4/README.md.", + "iconClass": "icon-apache", + "tags": "builder,httpd", + "supports":"httpd", + "version": "2.4", + "sampleRepo": "https://github.com/openshift/httpd-ex.git" + }, + "from": { + "kind": "DockerImage", + "name": "centos/httpd-24-centos7:latest" + } + } + ] + } + }, + { + "kind": "ImageStream", + "apiVersion": "v1", + "metadata": { "name": "ruby", "annotations": { "openshift.io/display-name": "Ruby" @@ -103,7 +148,7 @@ }, "from": { "kind": "ImageStreamTag", - "name": "4" + "name": "6" } }, { @@ -137,6 +182,22 @@ "kind": "DockerImage", "name": "centos/nodejs-4-centos7:latest" } + }, + { + "name": "6", + "annotations": { + "openshift.io/display-name": "Node.js 6", + "description": "Build and run Node.js 6 applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-nodejs-container/blob/master/6/README.md.", + "iconClass": "icon-nodejs", + "tags": "builder,nodejs", + "supports":"nodejs:6,nodejs", + "version": "6", + "sampleRepo": "https://github.com/openshift/nodejs-ex.git" + }, + "from": { + "kind": "DockerImage", + "name": "centos/nodejs-6-centos7:latest" + } } ] } @@ -407,7 +468,7 @@ "iconClass": "icon-wildfly", "tags": "builder,wildfly,java", "supports":"jee,java", - "sampleRepo": "https://github.com/bparees/openshift-jee-sample.git" + "sampleRepo": "https://github.com/openshift/openshift-jee-sample.git" }, "from": { "kind": "ImageStreamTag", @@ -423,7 +484,7 @@ "tags": "builder,wildfly,java", "supports":"wildfly:8.1,jee,java", "version": "8.1", - "sampleRepo": "https://github.com/bparees/openshift-jee-sample.git" + "sampleRepo": "https://github.com/openshift/openshift-jee-sample.git" }, "from": { "kind": "DockerImage", @@ -439,7 +500,7 @@ "tags": "builder,wildfly,java", "supports":"wildfly:9.0,jee,java", "version": "9.0", - "sampleRepo": "https://github.com/bparees/openshift-jee-sample.git" + "sampleRepo": "https://github.com/openshift/openshift-jee-sample.git" }, "from": { "kind": "DockerImage", @@ -455,7 +516,7 @@ "tags": "builder,wildfly,java", "supports":"wildfly:10.0,jee,java", "version": "10.0", - "sampleRepo": "https://github.com/bparees/openshift-jee-sample.git" + "sampleRepo": "https://github.com/openshift/openshift-jee-sample.git" }, "from": { "kind": "DockerImage", @@ -471,7 +532,7 @@ "tags": "builder,wildfly,java", "supports":"wildfly:10.1,jee,java", "version": "10.1", - "sampleRepo": "https://github.com/bparees/openshift-jee-sample.git" + "sampleRepo": "https://github.com/openshift/openshift-jee-sample.git" }, "from": { "kind": "DockerImage", diff --git a/roles/openshift_examples/files/examples/v1.5/image-streams/image-streams-rhel7.json b/roles/openshift_examples/files/examples/v1.5/image-streams/image-streams-rhel7.json index 2ed0efe1e..abdae01e3 100644 --- a/roles/openshift_examples/files/examples/v1.5/image-streams/image-streams-rhel7.json +++ b/roles/openshift_examples/files/examples/v1.5/image-streams/image-streams-rhel7.json @@ -7,6 +7,51 @@ "kind": "ImageStream", "apiVersion": "v1", "metadata": { + "name": "httpd", + "annotations": { + "openshift.io/display-name": "Httpd" + } + }, + "spec": { + "tags": [ + { + "name": "latest", + "annotations": { + "openshift.io/display-name": "Httpd (Latest)", + "description": "Build and serve static content via Httpd on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/httpd-container/blob/master/2.4/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of Httpd available on OpenShift, including major versions updates.", + "iconClass": "icon-apache", + "tags": "builder,httpd", + "supports":"httpd", + "sampleRepo": "https://github.com/openshift/httpd-ex.git" + }, + "from": { + "kind": "ImageStreamTag", + "name": "2.4" + } + }, + { + "name": "2.4", + "annotations": { + "openshift.io/display-name": "Httpd 2.4", + "description": "Build and serve static content via Httpd on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/httpd-container/blob/master/2.4/README.md.", + "iconClass": "icon-apache", + "tags": "builder,httpd", + "supports":"httpd", + "version": "2.4", + "sampleRepo": "https://github.com/openshift/httpd-ex.git" + }, + "from": { + "kind": "DockerImage", + "name": "registry.access.redhat.com/rhscl/httpd-24-rhel7" + } + } + ] + } + }, + { + "kind": "ImageStream", + "apiVersion": "v1", + "metadata": { "name": "ruby", "annotations": { "openshift.io/display-name": "Ruby" @@ -103,7 +148,7 @@ }, "from": { "kind": "ImageStreamTag", - "name": "4" + "name": "6" } }, { @@ -137,6 +182,22 @@ "kind": "DockerImage", "name": "registry.access.redhat.com/rhscl/nodejs-4-rhel7:latest" } + }, + { + "name": "6", + "annotations": { + "openshift.io/display-name": "Node.js 6", + "description": "Build and run Node.js 6 applications on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-nodejs-container.", + "iconClass": "icon-nodejs", + "tags": "builder,nodejs", + "supports":"nodejs:6,nodejs", + "version": "6", + "sampleRepo": "https://github.com/openshift/nodejs-ex.git" + }, + "from": { + "kind": "DockerImage", + "name": "registry.access.redhat.com/rhscl/nodejs-6-rhel7:latest" + } } ] } @@ -253,7 +314,7 @@ "tags": "hidden,builder,php", "supports":"php:5.5,php", "version": "5.5", - "sampleRepo": "https://github.com/openshift/cakephp-ex.git" + "sampleRepo": "https://github.com/openshift/cakephp-ex.git" }, "from": { "kind": "DockerImage", diff --git a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/README.md b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/README.md index f48d8d4a8..6d2ccbf7f 100644 --- a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/README.md +++ b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/README.md @@ -17,6 +17,7 @@ instantiating them. * [Dancer persistent](https://raw.githubusercontent.com/openshift/dancer-ex/master/openshift/templates/dancer-mysql-persistent.json) - Provides a basic Dancer (Perl) application with a persistent MySQL database. Note: requires available persistent volumes. For more information see the [source repository](https://github.com/openshift/dancer-ex). * [Django](https://raw.githubusercontent.com/openshift/django-ex/master/openshift/templates/django-postgresql.json) - Provides a basic Django (Python) application with a PostgreSQL database. For more information see the [source repository](https://github.com/openshift/django-ex). * [Django persistent](https://raw.githubusercontent.com/openshift/django-ex/master/openshift/templates/django-postgresql-persistent.json) - Provides a basic Django (Python) application with a persistent PostgreSQL database. Note: requires available persistent volumes. For more information see the [source repository](https://github.com/openshift/django-ex). +* [Httpd](https://raw.githubusercontent.com/openshift/httpd-ex/master/openshift/templates/httpd.json) - Provides a basic Httpd static content application. For more information see the [source repository](https://github.com/openshift/httpd-ex). * [NodeJS](https://raw.githubusercontent.com/openshift/nodejs-ex/master/openshift/templates/nodejs-mongodb.json) - Provides a basic NodeJS application with a MongoDB database. For more information see the [source repository](https://github.com/openshift/nodejs-ex). * [NodeJS persistent](https://raw.githubusercontent.com/openshift/nodejs-ex/master/openshift/templates/nodejs-mongodb-persistent.json) - Provides a basic NodeJS application with a persistent MongoDB database. Note: requires available persistent volumes. For more information see the [source repository](https://github.com/openshift/nodejs-ex). * [Rails](https://raw.githubusercontent.com/openshift/rails-ex/master/openshift/templates/rails-postgresql.json) - Provides a basic Rails (Ruby) application with a PostgreSQL database. For more information see the [source repository](https://github.com/openshift/rails-ex). diff --git a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/amp.yml b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/amp.yml new file mode 100644 index 000000000..4e469f6e8 --- /dev/null +++ b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/amp.yml @@ -0,0 +1,1261 @@ +base_env: &base_env +- name: RAILS_ENV + value: "production" +- name: DATABASE_URL + value: "mysql2://root:${MYSQL_ROOT_PASSWORD}@system-mysql/${MYSQL_DATABASE}" +- name: FORCE_SSL + value: "true" +- name: THREESCALE_SUPERDOMAIN + value: "${WILDCARD_DOMAIN}" +- name: TENANT_NAME + value: "${TENANT_NAME}" +- name: APICAST_ACCESS_TOKEN + value: "${APICAST_ACCESS_TOKEN}" +- name: ADMIN_ACCESS_TOKEN + value: "${ADMIN_ACCESS_TOKEN}" +- name: PROVIDER_PLAN + value: 'enterprise' +- name: USER_LOGIN + value: "${ADMIN_USERNAME}" +- name: USER_PASSWORD + value: "${ADMIN_PASSWORD}" +- name: RAILS_LOG_TO_STDOUT + value: "true" +- name: RAILS_LOG_LEVEL + value: "info" +- name: THINKING_SPHINX_ADDRESS + value: "system-sphinx" +- name: THINKING_SPHINX_PORT + value: "9306" +- name: THINKING_SPHINX_CONFIGURATION_FILE + value: "/tmp/sphinx.conf" +- name: EVENTS_SHARED_SECRET + value: "${SYSTEM_BACKEND_SHARED_SECRET}" +- name: THREESCALE_SANDBOX_PROXY_OPENSSL_VERIFY_MODE + value: "VERIFY_NONE" +- name: APICAST_BACKEND_ROOT_ENDPOINT + value: "https://backend-${TENANT_NAME}.${WILDCARD_DOMAIN}" +- name: CONFIG_INTERNAL_API_USER + value: "${SYSTEM_BACKEND_USERNAME}" +- name: CONFIG_INTERNAL_API_PASSWORD + value: "${SYSTEM_BACKEND_PASSWORD}" +- name: SECRET_KEY_BASE + value: "${SYSTEM_APP_SECRET_KEY_BASE}" +- name: AMP_RELEASE + value: "${AMP_RELEASE}" +- name: SMTP_ADDRESS + valueFrom: + configMapKeyRef: + name: smtp + key: address +- name: SMTP_USER_NAME + valueFrom: + configMapKeyRef: + name: smtp + key: username +- name: SMTP_PASSWORD + valueFrom: + configMapKeyRef: + name: smtp + key: password +- name: SMTP_DOMAIN + valueFrom: + configMapKeyRef: + name: smtp + key: domain +- name: SMTP_PORT + valueFrom: + configMapKeyRef: + name: smtp + key: port +- name: SMTP_AUTHENTICATION + valueFrom: + configMapKeyRef: + name: smtp + key: authentication +- name: SMTP_OPENSSL_VERIFY_MODE + valueFrom: + configMapKeyRef: + name: smtp + key: openssl.verify.mode +- name: BACKEND_ROUTE + value: "https://backend-${TENANT_NAME}.${WILDCARD_DOMAIN}" + +apiVersion: v1 +kind: Template +metadata: + name: "system" +message: "Login on https://${TENANT_NAME}-admin.${WILDCARD_DOMAIN} as ${ADMIN_USERNAME}/${ADMIN_PASSWORD}" +objects: + +- apiVersion: "v1" + kind: "PersistentVolumeClaim" + metadata: + name: "system-storage" + spec: + accessModes: + - "ReadWriteMany" + resources: + requests: + storage: "100Mi" + +- apiVersion: "v1" + kind: "PersistentVolumeClaim" + metadata: + name: "mysql-storage" + spec: + accessModes: + - "ReadWriteOnce" + resources: + requests: + storage: "1Gi" + +- apiVersion: "v1" + kind: "PersistentVolumeClaim" + metadata: + name: "system-redis-storage" + spec: + accessModes: + - "ReadWriteOnce" + resources: + requests: + storage: "1Gi" + +- apiVersion: "v1" + kind: "PersistentVolumeClaim" + metadata: + name: "backend-redis-storage" + spec: + accessModes: + - "ReadWriteOnce" + resources: + requests: + storage: "1Gi" + +- apiVersion: v1 + kind: DeploymentConfig + metadata: + name: backend-cron + spec: + replicas: 1 + selector: + name: backend-cron + strategy: + rollingParams: + intervalSeconds: 1 + maxSurge: 25% + maxUnavailable: 25% + timeoutSeconds: 600 + updatePeriodSeconds: 1 + type: Rolling + template: + metadata: + labels: + name: backend-cron + spec: + containers: + - args: + - backend-cron + env: + - name: CONFIG_REDIS_PROXY + value: "backend-redis:6379" + - name: CONFIG_QUEUES_MASTER_NAME + value: "backend-redis:6379/1" + - name: RACK_ENV + value: "production" + image: 3scale-amp20/backend:1.0-2 + imagePullPolicy: IfNotPresent + name: backend-cron + triggers: + - type: ConfigChange + +- apiVersion: v1 + kind: DeploymentConfig + metadata: + name: backend-redis + spec: + replicas: 1 + selector: + name: backend-redis + strategy: + type: Recreate + template: + metadata: + labels: + name: backend-redis + spec: + containers: + - image: ${REDIS_IMAGE} + imagePullPolicy: IfNotPresent + name: backend-redis + readinessProbe: + exec: + command: + - "container-entrypoint" + - "bash" + - "-c" + - "redis-cli set liveness-probe \"`date`\" | grep OK" + initialDelaySeconds: 10 + periodSeconds: 30 + timeoutSeconds: 1 + livenessProbe: + tcpSocket: + port: 6379 + initialDelaySeconds: 10 + periodSeconds: 10 + volumeMounts: + - name: backend-redis-storage + mountPath: "/var/lib/redis/data" + - name: redis-config + mountPath: /etc/redis.conf + subPath: redis.conf + volumes: + - name: backend-redis-storage + persistentVolumeClaim: + claimName: backend-redis-storage + - name: redis-config + configMap: + name: redis-config + items: + - key: redis.conf + path: redis.conf + triggers: + - type: ConfigChange + +- apiVersion: v1 + kind: DeploymentConfig + metadata: + name: backend-listener + spec: + replicas: 1 + selector: + name: backend-listener + strategy: + rollingParams: + intervalSeconds: 1 + maxSurge: 25% + maxUnavailable: 25% + timeoutSeconds: 600 + updatePeriodSeconds: 1 + type: Rolling + template: + metadata: + labels: + name: backend-listener + spec: + containers: + - args: + - 3scale_backend + - start + - "-e" + - production + - "-p" + - '3000' + - "-x" + - "/dev/stdout" + env: + - name: CONFIG_REDIS_PROXY + value: "backend-redis:6379" + - name: CONFIG_QUEUES_MASTER_NAME + value: "backend-redis:6379/1" + - name: RACK_ENV + value: "production" + - name: CONFIG_INTERNAL_API_USER + value: "${SYSTEM_BACKEND_USERNAME}" + - name: CONFIG_INTERNAL_API_PASSWORD + value: "${SYSTEM_BACKEND_PASSWORD}" + image: 3scale-amp20/backend:1.0-2 + imagePullPolicy: IfNotPresent + name: backend-listener + livenessProbe: + initialDelaySeconds: 30 + periodSeconds: 10 + tcpSocket: + port: 3000 + readinessProbe: + httpGet: + path: "/status" + port: 3000 + initialDelaySeconds: 30 + timeoutSeconds: 5 + ports: + - containerPort: 3000 + protocol: TCP + triggers: + - type: ConfigChange + +- apiVersion: v1 + kind: Service + metadata: + name: backend-redis + spec: + ports: + - port: 6379 + protocol: TCP + targetPort: 6379 + selector: + name: backend-redis + +- apiVersion: v1 + kind: Service + metadata: + name: backend-listener + spec: + ports: + - port: 3000 + protocol: TCP + targetPort: 3000 + name: http + selector: + name: backend-listener + +- apiVersion: v1 + kind: Service + metadata: + name: system-provider + spec: + ports: + - port: 3000 + protocol: TCP + targetPort: provider + name: http + selector: + name: system-app + +- apiVersion: v1 + kind: Service + metadata: + name: system-developer + spec: + ports: + - port: 3000 + protocol: TCP + targetPort: developer + name: http + selector: + name: system-app + +- apiVersion: v1 + kind: DeploymentConfig + metadata: + name: backend-worker + spec: + replicas: 1 + selector: + name: backend-worker + strategy: + rollingParams: + intervalSeconds: 1 + maxSurge: 25% + maxUnavailable: 25% + timeoutSeconds: 600 + updatePeriodSeconds: 1 + type: Rolling + template: + metadata: + labels: + name: backend-worker + spec: + containers: + - args: + - 3scale_backend_worker + - run + env: + - name: CONFIG_REDIS_PROXY + value: "backend-redis:6379" + - name: CONFIG_QUEUES_MASTER_NAME + value: "backend-redis:6379/1" + - name: RACK_ENV + value: "production" + - name: CONFIG_EVENTS_HOOK + value: http://system-provider:3000/master/events/import + - name: CONFIG_EVENTS_HOOK_SHARED_SECRET + value: ${SYSTEM_BACKEND_SHARED_SECRET} + image: 3scale-amp20/backend:1.0-2 + imagePullPolicy: IfNotPresent + name: backend-worker + triggers: + - type: ConfigChange + +- kind: Service + apiVersion: v1 + metadata: + name: 'system-mysql' + spec: + ports: + - name: system-mysql + protocol: TCP + port: 3306 + targetPort: 3306 + nodePort: 0 + selector: + name: 'system-mysql' +- apiVersion: v1 + kind: Service + metadata: + name: system-redis + spec: + ports: + - port: 6379 + protocol: TCP + targetPort: 6379 + name: redis + selector: + name: system-redis + + +- apiVersion: v1 + kind: DeploymentConfig + metadata: + name: system-redis + spec: + replicas: 1 + selector: + name: system-redis + strategy: + type: Recreate + template: + metadata: + labels: + name: system-redis + spec: + containers: + - args: + image: ${REDIS_IMAGE} + imagePullPolicy: IfNotPresent + name: system-redis + terminationMessagePath: /dev/termination-log + volumeMounts: + - name: system-redis-storage + mountPath: "/var/lib/redis/data" + - name: redis-config + mountPath: /etc/redis.conf + subPath: redis.conf + readinessProbe: + exec: + command: + - "container-entrypoint" + - "bash" + - "-c" + - "redis-cli set liveness-probe \"`date`\" | grep OK" + initialDelaySeconds: 30 + periodSeconds: 10 + timeoutSeconds: 5 + livenessProbe: + tcpSocket: + port: 6379 + initialDelaySeconds: 10 + periodSeconds: 5 + volumes: + - name: system-redis-storage + persistentVolumeClaim: + claimName: system-redis-storage + - name: redis-config + configMap: + name: redis-config + items: + - key: redis.conf + path: redis.conf + triggers: + - type: ConfigChange + +- apiVersion: v1 + kind: Service + metadata: + name: system-sphinx + spec: + ports: + - port: 9306 + protocol: TCP + targetPort: 9306 + name: sphinx + selector: + name: system-sphinx + +- apiVersion: v1 + kind: DeploymentConfig + metadata: + name: system-sphinx + spec: + replicas: 1 + selector: + name: system-sphinx + strategy: + rollingParams: + intervalSeconds: 1 + maxSurge: 25% + maxUnavailable: 25% + timeoutSeconds: 600 + updatePeriodSeconds: 1 + type: Rolling + template: + metadata: + labels: + name: system-sphinx + spec: + volumes: + - name: system-sphinx-database + emptyDir: {} + containers: + - args: + - rake + - 'openshift:thinking_sphinx:start' + volumeMounts: + - name: system-sphinx-database + mountPath: "/opt/system/db/sphinx" + env: + - name: RAILS_ENV + value: production + - name: DATABASE_URL + value: "mysql2://root:${MYSQL_ROOT_PASSWORD}@system-mysql/${MYSQL_DATABASE}" + - name: THINKING_SPHINX_ADDRESS + value: 0.0.0.0 + - name: THINKING_SPHINX_CONFIGURATION_FILE + value: "db/sphinx/production.conf" + - name: THINKING_SPHINX_PID_FILE + value: db/sphinx/searchd.pid + - name: DELTA_INDEX_INTERVAL + value: '5' + - name: FULL_REINDEX_INTERVAL + value: '60' + image: 3scale-amp20/system:1.0-2 + imagePullPolicy: IfNotPresent + name: system-sphinx + livenessProbe: + tcpSocket: + port: 9306 + initialDelaySeconds: 60 + periodSeconds: 10 + triggers: + - type: ConfigChange + +- apiVersion: v1 + kind: Service + metadata: + name: system-memcache + spec: + ports: + - port: 11211 + protocol: TCP + targetPort: 11211 + name: memcache + selector: + name: system-memcache +- apiVersion: v1 + kind: DeploymentConfig + metadata: + name: system-memcache + spec: + replicas: 1 + selector: + name: system-memcache + strategy: + rollingParams: + intervalSeconds: 1 + maxSurge: 25% + maxUnavailable: 25% + timeoutSeconds: 600 + updatePeriodSeconds: 1 + type: Rolling + template: + metadata: + labels: + name: system-memcache + spec: + containers: + - args: + env: + image: 3scale-amp20/memcached:1.4.15-7 + imagePullPolicy: IfNotPresent + name: memcache + readinessProbe: + exec: + command: + - "sh" + - "-c" + - "echo version | nc $HOSTNAME 11211 | grep VERSION" + initialDelaySeconds: 10 + periodSeconds: 30 + timeoutSeconds: 5 + livenessProbe: + tcpSocket: + port: 11211 + initialDelaySeconds: 10 + periodSeconds: 10 + command: + - "memcached" + - "-m" + - "64" + ports: + - containerPort: 6379 + protocol: TCP + triggers: + - type: ConfigChange + +- apiVersion: v1 + kind: Route + metadata: + name: system-provider-admin-route + labels: + app: system-route + spec: + host: ${TENANT_NAME}-admin.${WILDCARD_DOMAIN} + to: + kind: Service + name: system-provider + port: + targetPort: http + tls: + termination: edge + insecureEdgeTerminationPolicy: Allow + +- apiVersion: v1 + kind: Route + metadata: + name: backend-route + labels: + app: system-route + spec: + host: backend-${TENANT_NAME}.${WILDCARD_DOMAIN} + to: + kind: Service + name: backend-listener + port: + targetPort: http + tls: + termination: edge + insecureEdgeTerminationPolicy: Allow + +- apiVersion: v1 + kind: Route + metadata: + name: system-developer-route + labels: + app: system-route + spec: + host: ${TENANT_NAME}.${WILDCARD_DOMAIN} + to: + kind: Service + name: system-developer + port: + targetPort: http + tls: + termination: edge + insecureEdgeTerminationPolicy: Allow + +- apiVersion: v1 + kind: DeploymentConfig + metadata: + name: apicast-staging + spec: + replicas: 1 + selector: + deploymentconfig: apicast-staging + strategy: + rollingParams: + intervalSeconds: 1 + maxSurge: 25% + maxUnavailable: 25% + timeoutSeconds: 1800 + updatePeriodSeconds: 1 + type: Rolling + template: + metadata: + labels: + deploymentconfig: apicast-staging + spec: + containers: + - env: + - name: THREESCALE_PORTAL_ENDPOINT + value: http://${APICAST_ACCESS_TOKEN}@system-provider:3000 + - name: APICAST_CONFIGURATION_LOADER + value: "lazy" + - name: APICAST_CONFIGURATION_CACHE + value: "0" + - name: THREESCALE_DEPLOYMENT_ENV + value: "sandbox" + - name: APICAST_MANAGEMENT_API + value: "${APICAST_MANAGEMENT_API}" + - name: BACKEND_ENDPOINT_OVERRIDE + value: http://backend-listener:3000 + - name: OPENSSL_VERIFY + value: '${APICAST_OPENSSL_VERIFY}' + - name: APICAST_RESPONSE_CODES + value: '${APICAST_RESPONSE_CODES}' + - name: REDIS_URL + value: "redis://system-redis:6379/2" + image: 3scale-amp20/apicast-gateway:1.0-3 + imagePullPolicy: IfNotPresent + name: apicast-staging + livenessProbe: + httpGet: + path: /status/live + port: 8090 + initialDelaySeconds: 10 + timeoutSeconds: 5 + periodSeconds: 10 + readinessProbe: + httpGet: + path: /status/ready + port: 8090 + initialDelaySeconds: 15 + timeoutSeconds: 5 + periodSeconds: 30 + ports: + - containerPort: 8080 + protocol: TCP + - containerPort: 8090 + protocol: TCP + triggers: + - type: ConfigChange + +- apiVersion: v1 + kind: Service + metadata: + name: apicast-staging + spec: + ports: + - name: gateway + port: 8080 + protocol: TCP + targetPort: 8080 + - name: management + port: 8090 + protocol: TCP + targetPort: 8090 + selector: + deploymentconfig: apicast-staging + +- apiVersion: v1 + kind: DeploymentConfig + metadata: + name: apicast-production + spec: + replicas: 1 + selector: + deploymentconfig: apicast-production + strategy: + rollingParams: + intervalSeconds: 1 + maxSurge: 25% + maxUnavailable: 25% + timeoutSeconds: 1800 + updatePeriodSeconds: 1 + type: Rolling + template: + metadata: + labels: + deploymentconfig: apicast-production + spec: + containers: + - env: + - name: THREESCALE_PORTAL_ENDPOINT + value: "http://${APICAST_ACCESS_TOKEN}@system-provider:3000" + - name: APICAST_CONFIGURATION_LOADER + value: "boot" + - name: APICAST_CONFIGURATION_CACHE + value: "300" + - name: THREESCALE_DEPLOYMENT_ENV + value: "production" + - name: APICAST_MANAGEMENT_API + value: "${APICAST_MANAGEMENT_API}" + - name: BACKEND_ENDPOINT_OVERRIDE + value: http://backend-listener:3000 + - name: OPENSSL_VERIFY + value: '${APICAST_OPENSSL_VERIFY}' + - name: APICAST_RESPONSE_CODES + value: '${APICAST_RESPONSE_CODES}' + - name: REDIS_URL + value: "redis://system-redis:6379/1" + image: 3scale-amp20/apicast-gateway:1.0-3 + imagePullPolicy: IfNotPresent + name: apicast-production + livenessProbe: + httpGet: + path: /status/live + port: 8090 + initialDelaySeconds: 10 + timeoutSeconds: 5 + periodSeconds: 10 + readinessProbe: + httpGet: + path: /status/ready + port: 8090 + initialDelaySeconds: 15 + timeoutSeconds: 5 + periodSeconds: 30 + ports: + - containerPort: 8080 + protocol: TCP + - containerPort: 8090 + protocol: TCP + triggers: + - type: ConfigChange + +- apiVersion: v1 + kind: Service + metadata: + name: apicast-production + spec: + ports: + - name: gateway + port: 8080 + protocol: TCP + targetPort: 8080 + - name: management + port: 8090 + protocol: TCP + targetPort: 8090 + selector: + deploymentconfig: apicast-production + +- apiVersion: v1 + kind: Route + metadata: + name: api-apicast-staging-route + labels: + app: apicast-staging + spec: + host: api-${TENANT_NAME}-apicast-staging.${WILDCARD_DOMAIN} + to: + kind: Service + name: apicast-staging + port: + targetPort: gateway + tls: + termination: edge + insecureEdgeTerminationPolicy: Allow + +- apiVersion: v1 + kind: Route + metadata: + name: api-apicast-production-route + labels: + app: apicast-production + spec: + host: api-${TENANT_NAME}-apicast-production.${WILDCARD_DOMAIN} + to: + kind: Service + name: apicast-production + port: + targetPort: gateway + tls: + termination: edge + insecureEdgeTerminationPolicy: Allow + +- apiVersion: v1 + kind: DeploymentConfig + metadata: + name: system-app + spec: + replicas: 1 + selector: + name: system-app + strategy: + rollingParams: + intervalSeconds: 1 + maxSurge: 25% + maxUnavailable: 25% + timeoutSeconds: 600 + updatePeriodSeconds: 1 + pre: + failurePolicy: Retry + execNewPod: + containerName: system-provider + command: + - bash + - -c + - bundle exec rake boot openshift:deploy + env: *base_env + volumes: + - system-storage + post: + failurePolicy: Abort + execNewPod: + containerName: system-provider + command: + - bash + - -c + - bundle exec rake boot openshift:post_deploy + type: Rolling + template: + metadata: + labels: + name: system-app + spec: + containers: + - args: + env: *base_env + image: 3scale-amp20/system:1.0-2 + imagePullPolicy: IfNotPresent + command: ['env', 'TENANT_MODE=provider', 'PORT=3000', 'container-entrypoint', 'bundle', 'exec', 'unicorn', '-c', 'config/unicorn.rb'] + name: system-provider + livenessProbe: + timeoutSeconds: 10 + initialDelaySeconds: 20 + tcpSocket: + port: provider + periodSeconds: 10 + readinessProbe: + httpGet: + path: /check.txt + port: provider + scheme: HTTP + httpHeaders: + - name: X-Forwarded-Proto + value: https + initialDelaySeconds: 30 + timeoutSeconds: 10 + periodSeconds: 30 + ports: + - containerPort: 3000 + protocol: TCP + name: provider + volumeMounts: + - name: system-storage + mountPath: /opt/system/public/system + - args: + env: *base_env + image: 3scale-amp20/system:1.0-2 + command: ['env', 'TENANT_MODE=developer', 'PORT=3001', 'container-entrypoint', 'bundle', 'exec', 'unicorn', '-c', 'config/unicorn.rb'] + imagePullPolicy: IfNotPresent + name: system-developer + livenessProbe: + timeoutSeconds: 10 + initialDelaySeconds: 20 + tcpSocket: + port: developer + periodSeconds: 10 + readinessProbe: + httpGet: + path: /check.txt + port: developer + scheme: HTTP + httpHeaders: + - name: X-Forwarded-Proto + value: https + initialDelaySeconds: 30 + timeoutSeconds: 10 + periodSeconds: 30 + ports: + - containerPort: 3001 + protocol: TCP + name: developer + volumeMounts: + - name: system-storage + mountPath: /opt/system/public/system + readOnly: true + volumes: + - name: system-storage + persistentVolumeClaim: + claimName: system-storage + triggers: + - type: ConfigChange + +- apiVersion: v1 + kind: DeploymentConfig + metadata: + name: system-resque + spec: + replicas: 1 + selector: + name: system-resque + strategy: + rollingParams: + intervalSeconds: 1 + maxSurge: 25% + maxUnavailable: 25% + timeoutSeconds: 600 + updatePeriodSeconds: 1 + type: Rolling + template: + metadata: + labels: + name: system-resque + spec: + containers: + - args: + - 'rake' + - 'resque:work' + - 'QUEUE=*' + env: *base_env + image: 3scale-amp20/system:1.0-2 + imagePullPolicy: IfNotPresent + name: system-resque + volumeMounts: + - name: system-storage + mountPath: /opt/system/public/system + - args: + - 'rake' + - 'resque:scheduler' + - 'QUEUE=*' + env: *base_env + image: 3scale-amp20/system:1.0-2 + imagePullPolicy: IfNotPresent + name: system-scheduler + volumes: + - name: system-storage + persistentVolumeClaim: + claimName: system-storage + triggers: + - type: ConfigChange + +- apiVersion: v1 + kind: DeploymentConfig + metadata: + name: system-sidekiq + spec: + replicas: 1 + selector: + name: system-sidekiq + strategy: + rollingParams: + intervalSeconds: 1 + maxSurge: 25% + maxUnavailable: 25% + timeoutSeconds: 600 + updatePeriodSeconds: 1 + type: Rolling + template: + metadata: + labels: + name: system-sidekiq + spec: + containers: + - args: + - rake + - sidekiq:worker + env: *base_env + image: 3scale-amp20/system:1.0-2 + imagePullPolicy: IfNotPresent + name: system-sidekiq + volumeMounts: + - name: system-storage + mountPath: /opt/system/public/system + volumes: + - name: system-storage + persistentVolumeClaim: + claimName: system-storage + triggers: + - type: ConfigChange + + +- kind: DeploymentConfig + apiVersion: v1 + metadata: + name: 'system-mysql' + spec: + strategy: + type: Recreate + triggers: + - type: ConfigChange + replicas: 1 + selector: + name: 'system-mysql' + template: + metadata: + labels: + name: 'system-mysql' + spec: + containers: + - name: system-mysql + image: ${MYSQL_IMAGE} + ports: + - containerPort: 3306 + protocol: TCP + resources: + limits: + memory: 2Gi + requests: + cpu: '1' + memory: 1Gi + readinessProbe: + timeoutSeconds: 5 + initialDelaySeconds: 10 + periodSeconds: 30 + exec: + command: + - /bin/sh + - '-i' + - '-c' + - MYSQL_PWD="$MYSQL_PASSWORD" mysql -h 127.0.0.1 -u $MYSQL_USER -D $MYSQL_DATABASE -e 'SELECT 1' + livenessProbe: + initialDelaySeconds: 30 + periodSeconds: 10 + tcpSocket: + port: 3306 + env: + - name: MYSQL_USER + value: ${MYSQL_USER} + - name: MYSQL_PASSWORD + value: ${MYSQL_PASSWORD} + - name: MYSQL_DATABASE + value: ${MYSQL_DATABASE} + - name: MYSQL_ROOT_PASSWORD + value: ${MYSQL_ROOT_PASSWORD} + - name: MYSQL_LOWER_CASE_TABLE_NAMES + value: "1" + volumeMounts: + - name: 'mysql-storage' + mountPath: /var/lib/mysql/data + imagePullPolicy: IfNotPresent + volumes: + - name: 'mysql-storage' + persistentVolumeClaim: + claimName: 'mysql-storage' +- kind: ConfigMap + apiVersion: v1 + metadata: + name: redis-config + data: + redis.conf: | + protected-mode no + + port 6379 + + timeout 0 + tcp-keepalive 300 + + daemonize no + supervised no + + loglevel notice + + databases 16 + + save 900 1 + save 300 10 + save 60 10000 + + stop-writes-on-bgsave-error yes + + rdbcompression yes + rdbchecksum yes + + dbfilename dump.rdb + + slave-serve-stale-data yes + slave-read-only yes + + repl-diskless-sync no + repl-disable-tcp-nodelay no + + appendonly yes + appendfilename "appendonly.aof" + appendfsync everysec + no-appendfsync-on-rewrite no + auto-aof-rewrite-percentage 100 + auto-aof-rewrite-min-size 64mb + aof-load-truncated yes + + lua-time-limit 5000 + + activerehashing no + + aof-rewrite-incremental-fsync yes + dir /var/lib/redis/data + +- kind: ConfigMap + + apiVersion: v1 + metadata: + name: smtp + data: + address: "" + username: "" + password: "" + domain: "" + port: "" + authentication: "" + openssl.verify.mode: "" + +parameters: +- name: AMP_RELEASE + description: "AMP release tag." + value: 2.0.0-CR2-redhat-1 + required: true +- name: ADMIN_PASSWORD + required: true + generate: expression + from: "[a-z0-9]{8}" +- name: ADMIN_USERNAME + value: admin + required: true +- name: APICAST_ACCESS_TOKEN + required: true + generate: expression + from: "[a-z0-9]{8}" + description: "Read Only Access Token that is APIcast going to use to download its configuration." +- name: ADMIN_ACCESS_TOKEN + required: false + generate: expression + from: "[a-z0-9]{16}" + description: "Admin Access Token with all scopes and write permissions for API access." +- name: WILDCARD_DOMAIN + description: Root domain for the wildcard routes. Eg. example.com will generate 3scale-admin.example.com. + required: true +- name: TENANT_NAME + description: "Tenant name under the root that Admin UI will be available with -admin suffix." + required: true + value: "3scale" +- name: MYSQL_USER + displayName: MySQL User + description: Username for MySQL user that will be used for accessing the database. + value: "mysql" + required: true +- name: MYSQL_PASSWORD + displayName: MySQL Password + description: Password for the MySQL user. + generate: expression + from: "[a-z0-9]{8}" + required: true +- name: MYSQL_DATABASE + displayName: MySQL Database Name + description: Name of the MySQL database accessed. + value: "system" + required: true +- name: MYSQL_ROOT_PASSWORD + displayName: MySQL Root password. + description: Password for Root user. + generate: expression + from: "[a-z0-9]{8}" + required: true +- name: SYSTEM_BACKEND_USERNAME + description: Internal 3scale API username for internal 3scale api auth. + value: "3scale_api_user" + required: true +- name: SYSTEM_BACKEND_PASSWORD + description: Internal 3scale API password for internal 3scale api auth. + generate: expression + from: "[a-z0-9]{8}" + required: true +- name: REDIS_IMAGE + description: Redis image to use + required: true + value: rhscl/redis-32-rhel7:3.2-5.7 +- name: MYSQL_IMAGE + description: Mysql image to use + required: true + value: rhscl/mysql-56-rhel7:5.6-13.14 +- name: SYSTEM_BACKEND_SHARED_SECRET + description: Shared secret to import events from backend to system. + generate: expression + from: "[a-z0-9]{8}" + required: true +- name: SYSTEM_APP_SECRET_KEY_BASE + description: System application secret key base + generate: expression + from: "[a-f0-9]{128}" + required: true +- name: APICAST_MANAGEMENT_API + description: "Scope of the APIcast Management API. Can be disabled, status or debug. At least status required for health checks." + required: false + value: "status" +- name: APICAST_OPENSSL_VERIFY + description: "Turn on/off the OpenSSL peer verification when downloading the configuration. Can be set to true/false." + required: false + value: "false" +- name: APICAST_RESPONSE_CODES + description: "Enable logging response codes in APIcast." + value: "true" + required: false diff --git a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/apicast-gateway-template.yml b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/apicast-gateway-template.yml deleted file mode 100644 index 34f5fcbcc..000000000 --- a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/apicast-gateway-template.yml +++ /dev/null @@ -1,149 +0,0 @@ -apiVersion: v1 -kind: Template -metadata: - creationTimestamp: null - name: 3scale-gateway - annotations: - description: "3scale API Gateway" - iconClass: "icon-load-balancer" - tags: "api,gateway,3scale" -objects: -- apiVersion: v1 - kind: DeploymentConfig - metadata: - name: ${THREESCALE_GATEWAY_NAME} - spec: - replicas: 2 - selector: - deploymentconfig: ${THREESCALE_GATEWAY_NAME} - strategy: - resources: {} - rollingParams: - intervalSeconds: 1 - maxSurge: 25% - maxUnavailable: 25% - timeoutSeconds: 600 - updatePeriodSeconds: 1 - type: Rolling - template: - metadata: - labels: - deploymentconfig: ${THREESCALE_GATEWAY_NAME} - spec: - containers: - - env: - - name: THREESCALE_PORTAL_ENDPOINT - valueFrom: - secretKeyRef: - name: ${THREESCALE_PORTAL_ENDPOINT_SECRET} - key: password - - name: THREESCALE_CONFIG_FILE - value: ${THREESCALE_CONFIG_FILE} - - name: RESOLVER - value: ${RESOLVER} - - name: APICAST_SERVICES - value: ${APICAST_SERVICES} - - name: APICAST_MISSING_CONFIGURATION - value: ${MISSING_CONFIGURATION} - - name: APICAST_LOG_LEVEL - value: ${APICAST_LOG_LEVEL} - - name: APICAST_PATH_ROUTING_ENABLED - value: ${PATH_ROUTING} - - name: APICAST_RESPONSE_CODES - value: ${RESPONSE_CODES} - - name: APICAST_REQUEST_LOGS - value: ${REQUEST_LOGS} - - name: APICAST_RELOAD_CONFIG - value: ${APICAST_RELOAD_CONFIG} - image: ${THREESCALE_GATEWAY_IMAGE} - imagePullPolicy: Always - name: ${THREESCALE_GATEWAY_NAME} - livenessProbe: - httpGet: - path: /status/live - port: 8090 - initialDelaySeconds: 10 - timeoutSeconds: 1 - readinessProbe: - httpGet: - path: /status/ready - port: 8090 - initialDelaySeconds: 15 - timeoutSeconds: 1 - ports: - - containerPort: 8080 - protocol: TCP - resources: {} - terminationMessagePath: /dev/termination-log - dnsPolicy: ClusterFirst - restartPolicy: Always - securityContext: {} - terminationGracePeriodSeconds: 30 - triggers: - - type: ConfigChange - status: {} -- apiVersion: v1 - kind: Service - metadata: - creationTimestamp: null - name: ${THREESCALE_GATEWAY_NAME} - spec: - ports: - - name: 8080-tcp - port: 8080 - protocol: TCP - targetPort: 8080 - selector: - deploymentconfig: ${THREESCALE_GATEWAY_NAME} - sessionAffinity: None - type: ClusterIP - status: - loadBalancer: {} -parameters: -- description: "Name of the secret containing the THREESCALE_PORTAL_ENDPOINT with the access-token or provider key" - value: threescale-portal-endpoint-secret - name: THREESCALE_PORTAL_ENDPOINT_SECRET - required: true -- description: "Path to saved JSON file with configuration for the gateway. Has to be injected to the docker image as read only volume." - value: - name: THREESCALE_CONFIG_FILE - required: false -- description: "Name for the 3scale API Gateway" - value: threescalegw - name: THREESCALE_GATEWAY_NAME - required: true -- description: "Docker image to use." - value: 'rhamp10/apicast-gateway:1.0.0-4' - name: THREESCALE_GATEWAY_IMAGE - required: true -- description: "DNS Resolver for openresty, if empty it will be autodiscovered" - value: - name: RESOLVER - required: false -- description: "Subset of services to run. Use comma separated list of service ids (eg. 42,1337)" - value: - name: APICAST_SERVICES - required: false -- description: "What to do on missing or invalid configuration. Allowed values are: log, exit." - value: exit - required: false - name: MISSING_CONFIGURATION -- description: "Log level. One of the following: debug, info, notice, warn, error, crit, alert, or emerg." - name: APICAST_LOG_LEVEL - required: false -- description: "Enable path routing. Experimental feature." - name: PATH_ROUTING - required: false - value: "false" -- description: "Enable traffic logging to 3scale. Includes whole request and response." - value: "false" - name: REQUEST_LOGS - required: false -- description: "Enable logging response codes to 3scale." - value: "false" - name: RESPONSE_CODES - required: false -- description: "Reload config on every request" - value: "false" - name: APICAST_RELOAD_CONFIG - required: false diff --git a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/apicast.yml b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/apicast.yml new file mode 100644 index 000000000..8e8051c0b --- /dev/null +++ b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/apicast.yml @@ -0,0 +1,157 @@ +apiVersion: v1 +kind: Template +metadata: + name: 3scale-gateway + annotations: + description: "3scale API Gateway" + iconClass: "icon-load-balancer" + tags: "api,gateway,3scale" +objects: + +- apiVersion: v1 + kind: DeploymentConfig + metadata: + name: "${APICAST_NAME}" + spec: + replicas: 2 + selector: + deploymentconfig: "${APICAST_NAME}" + strategy: + type: Rolling + template: + metadata: + labels: + deploymentconfig: "${APICAST_NAME}" + spec: + containers: + - env: + - name: THREESCALE_PORTAL_ENDPOINT + valueFrom: + secretKeyRef: + name: "${CONFIGURATION_URL_SECRET}" + key: password + - name: THREESCALE_CONFIG_FILE + value: "${CONFIGURATION_FILE_PATH}" + - name: THREESCALE_DEPLOYMENT_ENV + value: "${DEPLOYMENT_ENVIRONMENT}" + - name: RESOLVER + value: "${RESOLVER}" + - name: APICAST_SERVICES + value: "${SERVICES_LIST}" + - name: APICAST_CONFIGURATION_LOADER + value: "${CONFIGURATION_LOADER}" + - name: APICAST_LOG_LEVEL + value: "${LOG_LEVEL}" + - name: APICAST_PATH_ROUTING_ENABLED + value: "${PATH_ROUTING}" + - name: APICAST_RESPONSE_CODES + value: "${RESPONSE_CODES}" + - name: APICAST_CONFIGURATION_CACHE + value: "${CONFIGURATION_CACHE}" + - name: REDIS_URL + value: "${REDIS_URL}" + - name: APICAST_MANAGEMENT_API + value: "${MANAGEMENT_API}" + - name: OPENSSL_VERIFY + value: "${OPENSSL_VERIFY}" + image: 3scale-amp20/apicast-gateway:1.0-3 + imagePullPolicy: IfNotPresent + name: "${APICAST_NAME}" + livenessProbe: + httpGet: + path: /status/live + port: management + initialDelaySeconds: 10 + timeoutSeconds: 1 + readinessProbe: + httpGet: + path: /status/ready + port: management + initialDelaySeconds: 15 + timeoutSeconds: 1 + ports: + - name: proxy + containerPort: 8080 + protocol: TCP + - name: management + containerPort: 8090 + protocol: TCP + triggers: + - type: ConfigChange + +- apiVersion: v1 + kind: Service + metadata: + name: "${APICAST_NAME}" + spec: + ports: + - name: proxy + port: 8080 + protocol: TCP + targetPort: 8080 + - name: management + port: 8090 + protocol: TCP + targetPort: 8090 + selector: + deploymentconfig: "${APICAST_NAME}" + +parameters: +- name: AMP_RELEASE + description: "AMP release tag." + value: 2.0.0-CR2-redhat-1 + required: true +- description: "Name of the secret containing the THREESCALE_PORTAL_ENDPOINT with the access-token or provider key" + value: apicast-configuration-url-secret + name: CONFIGURATION_URL_SECRET + required: true +- description: "Path to saved JSON file with configuration for the gateway. Has to be injected to the docker image as read only volume." + value: + name: CONFIGURATION_FILE_PATH + required: false +- description: "Deployment environment. Can be sandbox or production." + value: production + name: DEPLOYMENT_ENVIRONMENT + required: true +- description: "Name for the 3scale API Gateway" + value: apicast + name: APICAST_NAME + required: true +- description: "DNS Resolver for openresty, if empty it will be autodiscovered" + value: + name: RESOLVER + required: false +- description: "Subset of services to run. Use comma separated list of service ids (eg. 42,1337)" + value: + name: SERVICES_LIST + required: false +- name: CONFIGURATION_LOADER + description: "When to load configuration. If on gateway start or incoming request. Allowed values are: lazy, boot." + value: boot + required: false +- description: "Log level. One of the following: debug, info, notice, warn, error, crit, alert, or emerg." + name: LOG_LEVEL + required: false +- description: "Enable path routing. Experimental feature." + name: PATH_ROUTING + required: false + value: "false" +- description: "Enable logging response codes to 3scale." + value: "false" + name: RESPONSE_CODES + required: false +- name: CONFIGURATION_CACHE + description: "For how long to cache the downloaded configuration in seconds. Can be left empty, 0 or greater than 60." + value: "" + required: false +- description: "Redis URL. Required for OAuth2 integration. ex: redis://PASSWORD@127.0.0.1:6379/0" + name: REDIS_URL + required: false +- name: MANAGEMENT_API + description: "Scope of the Management API. Can be disabled, status or debug. At least status required for health checks." + required: false + value: "status" +- name: OPENSSL_VERIFY + description: "Turn on/off the OpenSSL peer verification. Can be set to true/false." + required: true + value: "false" diff --git a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/cakephp-mysql-persistent.json b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/cakephp-mysql-persistent.json index eb3d296be..6d987ee33 100644 --- a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/cakephp-mysql-persistent.json +++ b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/cakephp-mysql-persistent.json @@ -60,7 +60,10 @@ "kind": "Route", "apiVersion": "v1", "metadata": { - "name": "${NAME}" + "name": "${NAME}", + "annotations": { + "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}" + } }, "spec": { "host": "${APPLICATION_DOMAIN}", @@ -510,7 +513,7 @@ { "name": "GITHUB_WEBHOOK_SECRET", "displayName": "GitHub Webhook Secret", - "description": "A secret string used to configure the GitHub webhook.", + "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.", "generate": "expression", "from": "[a-zA-Z0-9]{40}" }, diff --git a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/cakephp-mysql.json b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/cakephp-mysql.json index da2454d2e..fb2ef206e 100644 --- a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/cakephp-mysql.json +++ b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/cakephp-mysql.json @@ -60,7 +60,10 @@ "kind": "Route", "apiVersion": "v1", "metadata": { - "name": "${NAME}" + "name": "${NAME}", + "annotations": { + "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}" + } }, "spec": { "host": "${APPLICATION_DOMAIN}", @@ -484,7 +487,7 @@ { "name": "GITHUB_WEBHOOK_SECRET", "displayName": "GitHub Webhook Secret", - "description": "A secret string used to configure the GitHub webhook.", + "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.", "generate": "expression", "from": "[a-zA-Z0-9]{40}" }, diff --git a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/dancer-mysql-persistent.json b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/dancer-mysql-persistent.json index 81ae63416..7ffb25e14 100644 --- a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/dancer-mysql-persistent.json +++ b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/dancer-mysql-persistent.json @@ -58,7 +58,10 @@ "kind": "Route", "apiVersion": "v1", "metadata": { - "name": "${NAME}" + "name": "${NAME}", + "annotations": { + "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}" + } }, "spec": { "host": "${APPLICATION_DOMAIN}", @@ -147,6 +150,9 @@ } }, "spec": { + "strategy": { + "type": "Recreate" + }, "triggers": [ { "type": "ImageChange", @@ -472,7 +478,7 @@ { "name": "GITHUB_WEBHOOK_SECRET", "displayName": "GitHub Webhook Secret", - "description": "A secret string used to configure the GitHub webhook.", + "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.", "generate": "expression", "from": "[a-zA-Z0-9]{40}" }, diff --git a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/dancer-mysql.json b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/dancer-mysql.json index 7a285dba8..d787e376b 100644 --- a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/dancer-mysql.json +++ b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/dancer-mysql.json @@ -58,7 +58,10 @@ "kind": "Route", "apiVersion": "v1", "metadata": { - "name": "${NAME}" + "name": "${NAME}", + "annotations": { + "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}" + } }, "spec": { "host": "${APPLICATION_DOMAIN}", @@ -147,6 +150,9 @@ } }, "spec": { + "strategy": { + "type": "Recreate" + }, "triggers": [ { "type": "ImageChange", @@ -446,7 +452,7 @@ { "name": "GITHUB_WEBHOOK_SECRET", "displayName": "GitHub Webhook Secret", - "description": "A secret string used to configure the GitHub webhook.", + "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.", "generate": "expression", "from": "[a-zA-Z0-9]{40}" }, diff --git a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/django-postgresql-persistent.json b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/django-postgresql-persistent.json index 9f982c286..a2070207b 100644 --- a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/django-postgresql-persistent.json +++ b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/django-postgresql-persistent.json @@ -58,7 +58,10 @@ "kind": "Route", "apiVersion": "v1", "metadata": { - "name": "${NAME}" + "name": "${NAME}", + "annotations": { + "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}" + } }, "spec": { "host": "${APPLICATION_DOMAIN}", @@ -148,7 +151,7 @@ }, "spec": { "strategy": { - "type": "Rolling" + "type": "Recreate" }, "triggers": [ { @@ -479,7 +482,7 @@ { "name": "GITHUB_WEBHOOK_SECRET", "displayName": "GitHub Webhook Secret", - "description": "A secret string used to configure the GitHub webhook.", + "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.", "generate": "expression", "from": "[a-zA-Z0-9]{40}" }, diff --git a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/django-postgresql.json b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/django-postgresql.json index 7bee85ddd..0d33c6e0e 100644 --- a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/django-postgresql.json +++ b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/django-postgresql.json @@ -58,7 +58,10 @@ "kind": "Route", "apiVersion": "v1", "metadata": { - "name": "${NAME}" + "name": "${NAME}", + "annotations": { + "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}" + } }, "spec": { "host": "${APPLICATION_DOMAIN}", @@ -148,7 +151,7 @@ }, "spec": { "strategy": { - "type": "Rolling" + "type": "Recreate" }, "triggers": [ { @@ -453,7 +456,7 @@ { "name": "GITHUB_WEBHOOK_SECRET", "displayName": "GitHub Webhook Secret", - "description": "A secret string used to configure the GitHub webhook.", + "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.", "generate": "expression", "from": "[a-zA-Z0-9]{40}" }, diff --git a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/dotnet-example.json b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/dotnet-example.json index a09d71a00..af46579c8 100644 --- a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/dotnet-example.json +++ b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/dotnet-example.json @@ -4,7 +4,7 @@ "metadata": { "name": "dotnet-example", "annotations": { - "openshift.io/display-name": ".NET Core", + "openshift.io/display-name": ".NET Core Example", "description": "An example .NET Core application.", "tags": "quickstart,dotnet,.net", "iconClass": "icon-dotnet", diff --git a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/httpd.json b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/httpd.json new file mode 100644 index 000000000..ac671cc06 --- /dev/null +++ b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/httpd.json @@ -0,0 +1,274 @@ +{ + "kind": "Template", + "apiVersion": "v1", + "metadata": { + "name": "httpd-example", + "annotations": { + "openshift.io/display-name": "Httpd", + "description": "An example Httpd application that serves static content. For more information about using this template, including OpenShift considerations, see https://github.com/openshift/httpd-ex/blob/master/README.md.", + "tags": "quickstart,httpd", + "iconClass": "icon-apache", + "template.openshift.io/long-description": "This template defines resources needed to develop a static application served by httpd, including a build configuration and application deployment configuration.", + "template.openshift.io/provider-display-name": "Red Hat, Inc.", + "template.openshift.io/documentation-url": "https://github.com/openshift/httpd-ex", + "template.openshift.io/support-url": "https://access.redhat.com" + } + }, + "message": "The following service(s) have been created in your project: ${NAME}.\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/openshift/httpd-ex/blob/master/README.md.", + "labels": { + "template": "httpd-example" + }, + "objects": [ + { + "kind": "Service", + "apiVersion": "v1", + "metadata": { + "name": "${NAME}", + "annotations": { + "description": "Exposes and load balances the application pods" + } + }, + "spec": { + "ports": [ + { + "name": "web", + "port": 8080, + "targetPort": 8080 + } + ], + "selector": { + "name": "${NAME}" + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "metadata": { + "name": "${NAME}", + "annotations": { + "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}" + } + }, + "spec": { + "host": "${APPLICATION_DOMAIN}", + "to": { + "kind": "Service", + "name": "${NAME}" + } + } + }, + { + "kind": "ImageStream", + "apiVersion": "v1", + "metadata": { + "name": "${NAME}", + "annotations": { + "description": "Keeps track of changes in the application image" + } + } + }, + { + "kind": "BuildConfig", + "apiVersion": "v1", + "metadata": { + "name": "${NAME}", + "annotations": { + "description": "Defines how to build the application" + } + }, + "spec": { + "source": { + "type": "Git", + "git": { + "uri": "${SOURCE_REPOSITORY_URL}", + "ref": "${SOURCE_REPOSITORY_REF}" + }, + "contextDir": "${CONTEXT_DIR}" + }, + "strategy": { + "type": "Source", + "sourceStrategy": { + "from": { + "kind": "ImageStreamTag", + "namespace": "${NAMESPACE}", + "name": "httpd:2.4" + } + } + }, + "output": { + "to": { + "kind": "ImageStreamTag", + "name": "${NAME}:latest" + } + }, + "triggers": [ + { + "type": "ImageChange" + }, + { + "type": "ConfigChange" + }, + { + "type": "GitHub", + "github": { + "secret": "${GITHUB_WEBHOOK_SECRET}" + } + }, + { + "type": "Generic", + "generic": { + "secret": "${GENERIC_WEBHOOK_SECRET}" + } + } + ] + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${NAME}", + "annotations": { + "description": "Defines how to deploy the application server" + } + }, + "spec": { + "strategy": { + "type": "Rolling" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "httpd-example" + ], + "from": { + "kind": "ImageStreamTag", + "name": "${NAME}:latest" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "name": "${NAME}" + }, + "template": { + "metadata": { + "name": "${NAME}", + "labels": { + "name": "${NAME}" + } + }, + "spec": { + "containers": [ + { + "name": "httpd-example", + "image": " ", + "ports": [ + { + "containerPort": 8080 + } + ], + "readinessProbe": { + "timeoutSeconds": 3, + "initialDelaySeconds": 3, + "httpGet": { + "path": "/", + "port": 8080 + } + }, + "livenessProbe": { + "timeoutSeconds": 3, + "initialDelaySeconds": 30, + "httpGet": { + "path": "/", + "port": 8080 + } + }, + "resources": { + "limits": { + "memory": "${MEMORY_LIMIT}" + } + }, + "env": [ + ], + "resources": { + "limits": { + "memory": "${MEMORY_LIMIT}" + } + } + } + ] + } + } + } + } + ], + "parameters": [ + { + "name": "NAME", + "displayName": "Name", + "description": "The name assigned to all of the frontend objects defined in this template.", + "required": true, + "value": "httpd-example" + }, + { + "name": "NAMESPACE", + "displayName": "Namespace", + "description": "The OpenShift Namespace where the ImageStream resides.", + "required": true, + "value": "openshift" + }, + { + "name": "MEMORY_LIMIT", + "displayName": "Memory Limit", + "description": "Maximum amount of memory the container can use.", + "required": true, + "value": "512Mi" + }, + { + "name": "SOURCE_REPOSITORY_URL", + "displayName": "Git Repository URL", + "description": "The URL of the repository with your application source code.", + "required": true, + "value": "https://github.com/openshift/httpd-ex.git" + }, + { + "name": "SOURCE_REPOSITORY_REF", + "displayName": "Git Reference", + "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch." + }, + { + "name": "CONTEXT_DIR", + "displayName": "Context Directory", + "description": "Set this to the relative path to your project if it is not in the root of your repository." + }, + { + "name": "APPLICATION_DOMAIN", + "displayName": "Application Hostname", + "description": "The exposed hostname that will route to the httpd service, if left blank a value will be defaulted.", + "value": "" + }, + { + "name": "GITHUB_WEBHOOK_SECRET", + "displayName": "GitHub Webhook Secret", + "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.", + "generate": "expression", + "from": "[a-zA-Z0-9]{40}" + }, + { + "name": "GENERIC_WEBHOOK_SECRET", + "displayName": "Generic Webhook Secret", + "description": "A secret string used to configure the Generic webhook.", + "generate": "expression", + "from": "[a-zA-Z0-9]{40}" + } + ] +} diff --git a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/jenkins-ephemeral-template.json b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/jenkins-ephemeral-template.json index 264e4b2de..ce96684a9 100644 --- a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/jenkins-ephemeral-template.json +++ b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/jenkins-ephemeral-template.json @@ -22,7 +22,10 @@ "apiVersion": "v1", "metadata": { "name": "${JENKINS_SERVICE_NAME}", - "creationTimestamp": null + "creationTimestamp": null, + "annotations": { + "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}" + } }, "spec": { "to": { diff --git a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/jenkins-persistent-template.json b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/jenkins-persistent-template.json index b47bdf353..34b2b920b 100644 --- a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/jenkins-persistent-template.json +++ b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/jenkins-persistent-template.json @@ -22,7 +22,10 @@ "apiVersion": "v1", "metadata": { "name": "${JENKINS_SERVICE_NAME}", - "creationTimestamp": null + "creationTimestamp": null, + "annotations": { + "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}" + } }, "spec": { "to": { diff --git a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/nodejs-mongodb-persistent.json b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/nodejs-mongodb-persistent.json index 6ee999cb1..a9c365361 100644 --- a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/nodejs-mongodb-persistent.json +++ b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/nodejs-mongodb-persistent.json @@ -58,7 +58,10 @@ "kind": "Route", "apiVersion": "v1", "metadata": { - "name": "${NAME}" + "name": "${NAME}", + "annotations": { + "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}" + } }, "spec": { "host": "${APPLICATION_DOMAIN}", @@ -102,7 +105,7 @@ "from": { "kind": "ImageStreamTag", "namespace": "${NAMESPACE}", - "name": "nodejs:4" + "name": "nodejs:6" }, "env": [ { @@ -154,7 +157,7 @@ }, "spec": { "strategy": { - "type": "Rolling" + "type": "Recreate" }, "triggers": [ { @@ -491,7 +494,7 @@ { "name": "GITHUB_WEBHOOK_SECRET", "displayName": "GitHub Webhook Secret", - "description": "A secret string used to configure the GitHub webhook.", + "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.", "generate": "expression", "from": "[a-zA-Z0-9]{40}" }, diff --git a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/nodejs-mongodb.json b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/nodejs-mongodb.json index 5c177a7e0..53a6147d5 100644 --- a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/nodejs-mongodb.json +++ b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/nodejs-mongodb.json @@ -58,7 +58,10 @@ "kind": "Route", "apiVersion": "v1", "metadata": { - "name": "${NAME}" + "name": "${NAME}", + "annotations": { + "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}" + } }, "spec": { "host": "${APPLICATION_DOMAIN}", @@ -102,7 +105,7 @@ "from": { "kind": "ImageStreamTag", "namespace": "${NAMESPACE}", - "name": "nodejs:4" + "name": "nodejs:6" }, "env": [ { @@ -154,7 +157,7 @@ }, "spec": { "strategy": { - "type": "Rolling" + "type": "Recreate" }, "triggers": [ { @@ -467,7 +470,7 @@ { "name": "GITHUB_WEBHOOK_SECRET", "displayName": "GitHub Webhook Secret", - "description": "A secret string used to configure the GitHub webhook.", + "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.", "generate": "expression", "from": "[a-zA-Z0-9]{40}" }, diff --git a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/pvc.yml b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/pvc.yml new file mode 100644 index 000000000..0bbb8e625 --- /dev/null +++ b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/pvc.yml @@ -0,0 +1,49 @@ +apiVersion: v1 +kind: Template +metadata: + name: "amp-pvc" +objects: + +- apiVersion: "v1" + kind: "PersistentVolumeClaim" + metadata: + name: "system-storage" + spec: + accessModes: + - "ReadWriteMany" + resources: + requests: + storage: "100Mi" + +- apiVersion: "v1" + kind: "PersistentVolumeClaim" + metadata: + name: "mysql-storage" + spec: + accessModes: + - "ReadWriteOnce" + resources: + requests: + storage: "1Gi" + +- apiVersion: "v1" + kind: "PersistentVolumeClaim" + metadata: + name: "system-redis-storage" + spec: + accessModes: + - "ReadWriteOnce" + resources: + requests: + storage: "1Gi" + +- apiVersion: "v1" + kind: "PersistentVolumeClaim" + metadata: + name: "backend-redis-storage" + spec: + accessModes: + - "ReadWriteOnce" + resources: + requests: + storage: "1Gi" diff --git a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/rails-postgresql-persistent.json b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/rails-postgresql-persistent.json index b400cfdb3..f07a43071 100644 --- a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/rails-postgresql-persistent.json +++ b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/rails-postgresql-persistent.json @@ -23,7 +23,11 @@ "kind": "Secret", "apiVersion": "v1", "metadata": { - "name": "${NAME}" + "name": "${NAME}", + "annotations": { + "template.openshift.io/expose-username": "{.data['application-user']}", + "template.openshift.io/expose-password": "{.data['application-password']}" + } }, "stringData" : { "database-user" : "${DATABASE_USER}", @@ -60,7 +64,10 @@ "kind": "Route", "apiVersion": "v1", "metadata": { - "name": "${NAME}" + "name": "${NAME}", + "annotations": { + "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}" + } }, "spec": { "host": "${APPLICATION_DOMAIN}", @@ -526,7 +533,7 @@ { "name": "GITHUB_WEBHOOK_SECRET", "displayName": "GitHub Webhook Secret", - "description": "A secret string used to configure the GitHub webhook.", + "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.", "generate": "expression", "from": "[a-zA-Z0-9]{40}" }, diff --git a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/rails-postgresql.json b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/rails-postgresql.json index fa67412ff..a7992c988 100644 --- a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/rails-postgresql.json +++ b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/rails-postgresql.json @@ -23,7 +23,11 @@ "kind": "Secret", "apiVersion": "v1", "metadata": { - "name": "${NAME}" + "name": "${NAME}", + "annotations": { + "template.openshift.io/expose-username": "{.data['application-user']}", + "template.openshift.io/expose-password": "{.data['application-password']}" + } }, "stringData" : { "database-user" : "${DATABASE_USER}", @@ -60,7 +64,10 @@ "kind": "Route", "apiVersion": "v1", "metadata": { - "name": "${NAME}" + "name": "${NAME}", + "annotations": { + "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}" + } }, "spec": { "host": "${APPLICATION_DOMAIN}", @@ -500,7 +507,7 @@ { "name": "GITHUB_WEBHOOK_SECRET", "displayName": "GitHub Webhook Secret", - "description": "A secret string used to configure the GitHub webhook.", + "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.", "generate": "expression", "from": "[a-zA-Z0-9]{40}" }, diff --git a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/wildcard.yml b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/wildcard.yml new file mode 100644 index 000000000..00dedecd5 --- /dev/null +++ b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/wildcard.yml @@ -0,0 +1,158 @@ +apiVersion: v1 +kind: Template +metadata: + name: "amp-apicast-wildcard-router" +objects: + +- apiVersion: v1 + kind: DeploymentConfig + metadata: + name: apicast-router + spec: + replicas: 1 + selector: + deploymentconfig: apicast-router + strategy: + type: Rolling + template: + metadata: + labels: + deploymentconfig: apicast-router + spec: + volumes: + - name: apicast-router-config + configMap: + name: apicast-router-config + items: + - key: router.conf + path: router.conf + containers: + - env: + - name: APICAST_CONFIGURATION_LOADER + value: "lazy" + - name: APICAST_CONFIGURATION_CACHE + value: "0" + image: 3scale-amp20/apicast-gateway:1.0-3 + imagePullPolicy: IfNotPresent + name: apicast-router + command: ['bin/apicast'] + livenessProbe: + tcpSocket: + port: router + initialDelaySeconds: 5 + timeoutSeconds: 5 + periodSeconds: 10 + readinessProbe: + httpGet: + path: /status/ready + port: management + initialDelaySeconds: 5 + timeoutSeconds: 5 + periodSeconds: 30 + volumeMounts: + - name: apicast-router-config + mountPath: /opt/app-root/src/sites.d/ + readOnly: true + ports: + - containerPort: 8082 + name: router + protocol: TCP + - containerPort: 8090 + name: management + protocol: TCP + triggers: + - type: ConfigChange + +- apiVersion: v1 + kind: Service + metadata: + name: apicast-router + spec: + ports: + - name: router + port: 80 + protocol: TCP + targetPort: router + selector: + deploymentconfig: apicast-router + +- apiVersion: v1 + kind: ConfigMap + metadata: + name: apicast-router-config + data: + router.conf: |- + upstream wildcard { + server 0.0.0.1:1; + + balancer_by_lua_block { + local round_robin = require 'resty.balancer.round_robin' + local balancer = round_robin.new() + local peers = balancer:peers(ngx.ctx.apicast) + + local peer, err = balancer:set_peer(peers) + + if not peer then + ngx.status = ngx.HTTP_SERVICE_UNAVAILABLE + ngx.log(ngx.ERR, "failed to set current backend peer: ", err) + ngx.exit(ngx.status) + end + } + + keepalive 1024; + } + + server { + listen 8082; + server_name ~-(?<apicast>apicast-(staging|production))\.; + access_log /dev/stdout combined; + + location / { + access_by_lua_block { + local resolver = require('resty.resolver'):instance() + local servers = resolver:get_servers(ngx.var.apicast, { port = 8080 }) + + if #servers == 0 then + ngx.status = ngx.HTTP_BAD_GATEWAY + ngx.exit(ngx.HTTP_OK) + end + + ngx.ctx.apicast = servers + } + proxy_http_version 1.1; + proxy_pass $scheme://wildcard; + proxy_set_header Host $host; + proxy_set_header Connection ""; + } + } + +- apiVersion: v1 + kind: Route + metadata: + name: apicast-wildcard-router + labels: + app: apicast-wildcard-router + spec: + host: apicast-${TENANT_NAME}.${WILDCARD_DOMAIN} + to: + kind: Service + name: apicast-router + port: + targetPort: router + wildcardPolicy: Subdomain + tls: + termination: edge + insecureEdgeTerminationPolicy: Allow + +parameters: +- name: AMP_RELEASE + description: "AMP release tag." + value: 2.0.0-CR2-redhat-1 + required: true +- name: WILDCARD_DOMAIN + description: Root domain for the wildcard routes. Eg. example.com will generate 3scale-admin.example.com. + required: true +- name: TENANT_NAME + description: "Domain name under the root that Admin UI will be available with -admin suffix." + required: true + value: "3scale" |