diff options
Diffstat (limited to 'roles')
72 files changed, 2625 insertions, 1278 deletions
| diff --git a/roles/etcd/README.md b/roles/etcd/README.md new file mode 100644 index 000000000..49207c428 --- /dev/null +++ b/roles/etcd/README.md @@ -0,0 +1,39 @@ +Role Name +========= + +Configures an etcd cluster for an arbitrary number of hosts + +Requirements +------------ + +This role assumes it's being deployed on a RHEL/Fedora based host with package +named 'etcd' available via yum. + +Role Variables +-------------- + +TODO + +Dependencies +------------ + +None + +Example Playbook +---------------- + +    - hosts: etcd +      roles: +         - { etcd } + +License +------- + +MIT + +Author Information +------------------ + +Scott Dodson <sdodson@redhat.com> +Adapted from https://github.com/retr0h/ansible-etcd for use on RHEL/Fedora. We +should at some point submit a PR to merge this with that module. diff --git a/roles/etcd/defaults/main.yaml b/roles/etcd/defaults/main.yaml new file mode 100644 index 000000000..0fb45f37c --- /dev/null +++ b/roles/etcd/defaults/main.yaml @@ -0,0 +1,31 @@ +--- +etcd_interface: eth0 +etcd_client_port: 2379 +etcd_peer_port: 2380 +etcd_peers_group: etcd +etcd_url_scheme: http +etcd_peer_url_scheme: http +etcd_conf_dir: /etc/etcd +etcd_ca_file: "{{ etcd_conf_dir }}/ca.crt" +etcd_cert_file: "{{ etcd_conf_dir }}/server.crt" +etcd_key_file: "{{ etcd_conf_dir }}/server.key" +etcd_peer_ca_file: "{{ etcd_conf_dir }}/ca.crt" +etcd_peer_cert_file: "{{ etcd_conf_dir }}/peer.crt" +etcd_peer_key_file: "{{ etcd_conf_dir }}/peer.key" + +etcd_initial_cluster_state: new +etcd_initial_cluster_token: etcd-cluster-1 + +etcd_initial_advertise_peer_urls: "{{ etcd_peer_url_scheme }}://{{ hostvars[inventory_hostname]['ansible_' + etcd_interface]['ipv4']['address'] }}:{{ etcd_peer_port }}" +etcd_listen_peer_urls: "{{ etcd_peer_url_scheme }}://{{ hostvars[inventory_hostname]['ansible_' + etcd_interface]['ipv4']['address'] }}:{{ etcd_peer_port }}" +etcd_advertise_client_urls: "{{ etcd_url_scheme }}://{{ hostvars[inventory_hostname]['ansible_' + etcd_interface]['ipv4']['address'] }}:{{ etcd_client_port }}" +etcd_listen_client_urls: "{{ etcd_url_scheme }}://{{ hostvars[inventory_hostname]['ansible_' + etcd_interface]['ipv4']['address'] }}:{{ etcd_client_port }}" + +etcd_data_dir: /var/lib/etcd/ + +os_firewall_use_firewalld: False +os_firewall_allow: +- service: etcd +  port: "{{etcd_client_port}}/tcp" +- service: etcd peering +  port: "{{ etcd_peer_port }}/tcp" diff --git a/roles/etcd/handlers/main.yml b/roles/etcd/handlers/main.yml new file mode 100644 index 000000000..b897913f9 --- /dev/null +++ b/roles/etcd/handlers/main.yml @@ -0,0 +1,3 @@ +--- +- name: restart etcd +  service: name=etcd state=restarted diff --git a/roles/etcd/meta/main.yml b/roles/etcd/meta/main.yml new file mode 100644 index 000000000..82b1a62b8 --- /dev/null +++ b/roles/etcd/meta/main.yml @@ -0,0 +1,19 @@ +--- +# This module is based on https://github.com/retr0h/ansible-etcd with most +# changes centered around installing from a pre-existing rpm +# TODO: Extend https://github.com/retr0h/ansible-etcd rather than forking +galaxy_info: +  author: Scott Dodson +  description: etcd management +  company: Red Hat, Inc. +  license: Apache License, Version 2.0 +  min_ansible_version: 1.2 +  platforms: +  - name: EL +    versions: +    - 7 +  categories: +  - cloud +  - system +dependencies: +- { role: os_firewall } diff --git a/roles/etcd/tasks/main.yml b/roles/etcd/tasks/main.yml new file mode 100644 index 000000000..79a91dfde --- /dev/null +++ b/roles/etcd/tasks/main.yml @@ -0,0 +1,52 @@ +--- +- name: Install etcd +  yum: pkg=etcd state=present + +- name: Validate permissions on the config dir +  file: +    path: "{{ etcd_conf_dir }}" +    state: directory +    owner: etcd +    group: etcd +    mode: 0700 + +- name: Validate permissions on certificate files +  file: +    path: "{{ item }}" +    mode: 0600 +    group: etcd +    owner: etcd +  when: etcd_url_scheme == 'https' +  with_items: +  - "{{ etcd_ca_file }}" +  - "{{ etcd_cert_file }}" +  - "{{ etcd_key_file }}" + +- name: Validate permissions on peer certificate files +  file: +    path: "{{ item }}" +    mode: 0600 +    group: etcd +    owner: etcd +  when: etcd_peer_url_scheme == 'https' +  with_items: +  - "{{ etcd_peer_ca_file }}" +  - "{{ etcd_peer_cert_file }}" +  - "{{ etcd_peer_key_file }}" + +- name: Write etcd global config file +  template: +    src: etcd.conf.j2 +    dest: /etc/etcd/etcd.conf +  notify: +    - restart etcd + +- name: Enable etcd +  service: +    name: etcd +    state: started +    enabled: yes +  register: start_result + +- pause: seconds=30 +  when: start_result | changed diff --git a/roles/etcd/templates/etcd.conf.j2 b/roles/etcd/templates/etcd.conf.j2 new file mode 100644 index 000000000..801be2c97 --- /dev/null +++ b/roles/etcd/templates/etcd.conf.j2 @@ -0,0 +1,52 @@ +{% macro initial_cluster() -%} +{% for host in groups[etcd_peers_group] -%} +{% if loop.last -%} +{{ host }}={{ etcd_peer_url_scheme }}://{{ hostvars[host]['ansible_' + etcd_interface]['ipv4']['address'] }}:{{ etcd_peer_port }} +{%- else -%} +{{ host }}={{ etcd_peer_url_scheme }}://{{ hostvars[host]['ansible_' + etcd_interface]['ipv4']['address'] }}:{{ etcd_peer_port }}, +{%- endif -%} +{% endfor -%} +{% endmacro -%} + +{% if groups[etcd_peers_group] and groups[etcd_peers_group] | length > 1 %} +ETCD_NAME={{ inventory_hostname }} +ETCD_LISTEN_PEER_URLS={{ etcd_listen_peer_urls }} +{% else %} +ETCD_NAME=default +{% endif %} +ETCD_DATA_DIR={{ etcd_data_dir }} +#ETCD_SNAPSHOT_COUNTER="10000" +#ETCD_HEARTBEAT_INTERVAL="100" +#ETCD_ELECTION_TIMEOUT="1000" +ETCD_LISTEN_CLIENT_URLS={{ etcd_listen_client_urls }} +#ETCD_MAX_SNAPSHOTS="5" +#ETCD_MAX_WALS="5" +#ETCD_CORS="" + +{% if groups[etcd_peers_group] and groups[etcd_peers_group] | length > 1 %} +#[cluster] +ETCD_INITIAL_ADVERTISE_PEER_URLS={{ etcd_initial_advertise_peer_urls }} +ETCD_INITIAL_CLUSTER={{ initial_cluster() }} +ETCD_INITIAL_CLUSTER_STATE={{ etcd_initial_cluster_state }} +ETCD_INITIAL_CLUSTER_TOKEN={{ etcd_initial_cluster_token }} +#ETCD_DISCOVERY="" +#ETCD_DISCOVERY_SRV="" +#ETCD_DISCOVERY_FALLBACK="proxy" +#ETCD_DISCOVERY_PROXY="" +{% endif %} +ETCD_ADVERTISE_CLIENT_URLS={{ etcd_advertise_client_urls }} + +#[proxy] +#ETCD_PROXY="off" + +#[security] +{% if etcd_url_scheme == 'https' -%} +ETCD_CA_FILE={{ etcd_ca_file }} +ETCD_CERT_FILE={{ etcd_cert_file }} +ETCD_KEY_FILE={{ etcd_key_file }} +{% endif -%} +{% if etcd_peer_url_scheme == 'https' -%} +ETCD_PEER_CA_FILE={{ etcd_peer_ca_file }} +ETCD_PEER_CERT_FILE={{ etcd_peer_cert_file }} +ETCD_PEER_KEY_FILE={{ etcd_peer_key_file }} +{% endif -%} diff --git a/roles/etcd_ca/README.md b/roles/etcd_ca/README.md new file mode 100644 index 000000000..60a880e30 --- /dev/null +++ b/roles/etcd_ca/README.md @@ -0,0 +1,34 @@ +etcd_ca +======================== + +TODO + +Requirements +------------ + +TODO + +Role Variables +-------------- + +TODO + +Dependencies +------------ + +TODO + +Example Playbook +---------------- + +TODO + +License +------- + +Apache License Version 2.0 + +Author Information +------------------ + +Scott Dodson (sdodson@redhat.com) diff --git a/roles/etcd_ca/meta/main.yml b/roles/etcd_ca/meta/main.yml new file mode 100644 index 000000000..ce909b992 --- /dev/null +++ b/roles/etcd_ca/meta/main.yml @@ -0,0 +1,16 @@ +--- +galaxy_info: +  author: Jason DeTiberus +  description: +  company: Red Hat, Inc. +  license: Apache License, Version 2.0 +  min_ansible_version: 1.9 +  platforms: +  - name: EL +    versions: +    - 7 +  categories: +  - cloud +  - system +dependencies: +- { role: openshift_facts } diff --git a/roles/etcd_ca/tasks/main.yml b/roles/etcd_ca/tasks/main.yml new file mode 100644 index 000000000..ab151fe5b --- /dev/null +++ b/roles/etcd_ca/tasks/main.yml @@ -0,0 +1,44 @@ +--- +- file: +    path: "{{ etcd_ca_dir }}/{{ item }}" +    state: directory +    mode: 0700 +    owner: root +    group: root +  with_items: +  - certs +  - crl +  - fragments + +- command: cp /etc/pki/tls/openssl.cnf ./ +  args: +    chdir: "{{ etcd_ca_dir }}/fragments" +    creates: "{{ etcd_ca_dir }}/fragments/openssl.cnf" + +- template: +    dest: "{{ etcd_ca_dir }}/fragments/openssl_append.cnf" +    src: openssl_append.j2 + +- assemble: +    src: "{{ etcd_ca_dir }}/fragments" +    dest: "{{ etcd_ca_dir }}/openssl.cnf" + +- command: touch index.txt +  args: +    chdir: "{{ etcd_ca_dir }}" +    creates: "{{ etcd_ca_dir }}/index.txt" + +- copy: +    dest: "{{ etcd_ca_dir }}/serial" +    content: "01" +    force: no + +- command: > +    openssl req -config openssl.cnf -newkey rsa:4096 +    -keyout ca.key -new -out ca.crt -x509 -extensions etcd_v3_ca_self +    -batch -nodes -subj /CN=etcd-signer@{{ ansible_date_time.epoch }} +  args: +    chdir: "{{ etcd_ca_dir }}" +    creates: "{{ etcd_ca_dir }}/ca.crt" +  environment: +    SAN: '' diff --git a/roles/etcd_ca/templates/openssl_append.j2 b/roles/etcd_ca/templates/openssl_append.j2 new file mode 100644 index 000000000..de2adaead --- /dev/null +++ b/roles/etcd_ca/templates/openssl_append.j2 @@ -0,0 +1,51 @@ + +[ etcd_v3_req ] +basicConstraints = critical,CA:FALSE +keyUsage         = digitalSignature,keyEncipherment +subjectAltName   = ${ENV::SAN} + +[ etcd_ca ] +dir             = {{ etcd_ca_dir }} +crl_dir         = $dir/crl +database        = $dir/index.txt +new_certs_dir   = $dir/certs +certificate     = $dir/ca.crt +serial          = $dir/serial +private_key     = $dir/ca.key +crl_number      = $dir/crlnumber +x509_extensions = etcd_v3_ca_client +default_days    = 365 +default_md      = sha256 +preserve        = no +name_opt        = ca_default +cert_opt        = ca_default +policy          = policy_anything +unique_subject  = no +copy_extensions = copy + +[ etcd_v3_ca_self ] +authorityKeyIdentifier = keyid,issuer +basicConstraints       = critical,CA:TRUE,pathlen:0 +keyUsage               = critical,digitalSignature,keyEncipherment,keyCertSign +subjectKeyIdentifier   = hash + +[ etcd_v3_ca_peer ] +authorityKeyIdentifier = keyid,issuer:always +basicConstraints       = critical,CA:FALSE +extendedKeyUsage       = clientAuth,serverAuth +keyUsage               = digitalSignature,keyEncipherment +subjectKeyIdentifier   = hash + +[ etcd_v3_ca_server ] +authorityKeyIdentifier = keyid,issuer:always +basicConstraints       = critical,CA:FALSE +extendedKeyUsage       = serverAuth +keyUsage               = digitalSignature,keyEncipherment +subjectKeyIdentifier   = hash + +[ etcd_v3_ca_client ] +authorityKeyIdentifier = keyid,issuer:always +basicConstraints       = critical,CA:FALSE +extendedKeyUsage       = clientAuth +keyUsage               = digitalSignature,keyEncipherment +subjectKeyIdentifier   = hash diff --git a/roles/etcd_ca/vars/main.yml b/roles/etcd_ca/vars/main.yml new file mode 100644 index 000000000..901e95027 --- /dev/null +++ b/roles/etcd_ca/vars/main.yml @@ -0,0 +1,3 @@ +--- +etcd_conf_dir: /etc/etcd +etcd_ca_dir: /etc/etcd/ca diff --git a/roles/etcd_certificates/README.md b/roles/etcd_certificates/README.md new file mode 100644 index 000000000..95f8f8aab --- /dev/null +++ b/roles/etcd_certificates/README.md @@ -0,0 +1,34 @@ +OpenShift etcd certificates +======================== + +TODO + +Requirements +------------ + +TODO + +Role Variables +-------------- + +TODO + +Dependencies +------------ + +TODO + +Example Playbook +---------------- + +TODO + +License +------- + +Apache License Version 2.0 + +Author Information +------------------ + +Scott Dodson (sdodson@redhat.com) diff --git a/roles/etcd_certificates/meta/main.yml b/roles/etcd_certificates/meta/main.yml new file mode 100644 index 000000000..41370fab4 --- /dev/null +++ b/roles/etcd_certificates/meta/main.yml @@ -0,0 +1,16 @@ +--- +galaxy_info: +  author: Jason DeTiberus +  description: +  company: Red Hat, Inc. +  license: Apache License, Version 2.0 +  min_ansible_version: 1.8 +  platforms: +  - name: EL +    versions: +    - 7 +  categories: +  - cloud +  - system +dependencies: +- { role: etcd_ca } diff --git a/roles/etcd_certificates/tasks/client.yml b/roles/etcd_certificates/tasks/client.yml new file mode 100644 index 000000000..28f33f442 --- /dev/null +++ b/roles/etcd_certificates/tasks/client.yml @@ -0,0 +1,42 @@ +--- +- name: Ensure generated_certs directory present +  file: +    path: "{{ etcd_generated_certs_dir }}/{{ item.etcd_cert_subdir }}" +    state: directory +    mode: 0700 +  with_items: etcd_needing_client_certs + +- name: Create the client csr +  command: > +    openssl req -new -keyout {{ item.etcd_cert_prefix }}client.key +    -config {{ etcd_openssl_conf }} +    -out {{ item.etcd_cert_prefix }}client.csr +    -reqexts {{ etcd_req_ext }} -batch -nodes +    -subj /CN={{ item.openshift.common.hostname }} +  args: +    chdir: "{{ etcd_generated_certs_dir }}/{{ item.etcd_cert_subdir }}" +    creates: "{{ etcd_generated_certs_dir ~ '/' ~  item.etcd_cert_subdir ~ '/' +                 ~ item.etcd_cert_prefix ~ 'client.csr' }}" +  environment: +    SAN: "IP:{{ item.openshift.common.ip }}" +  with_items: etcd_needing_client_certs + +- name: Sign and create the client crt +  command: > +    openssl ca -name {{ etcd_ca_name }} -config {{ etcd_openssl_conf }} +    -out {{ item.etcd_cert_prefix }}client.crt +    -in {{ item.etcd_cert_prefix }}client.csr +    -batch +  args: +    chdir: "{{ etcd_generated_certs_dir }}/{{ item.etcd_cert_subdir }}" +    creates: "{{ etcd_generated_certs_dir ~ '/' ~  item.etcd_cert_subdir ~ '/' +                 ~ item.etcd_cert_prefix ~ 'client.crt' }}" +  environment: +    SAN: '' +  with_items: etcd_needing_client_certs + +- file: +    src: "{{ etcd_ca_cert }}" +    dest: "{{ etcd_generated_certs_dir}}/{{ item.etcd_cert_subdir }}/{{ item.etcd_cert_prefix }}ca.crt" +    state: hard +  with_items: etcd_needing_client_certs diff --git a/roles/etcd_certificates/tasks/main.yml b/roles/etcd_certificates/tasks/main.yml new file mode 100644 index 000000000..da875e8ea --- /dev/null +++ b/roles/etcd_certificates/tasks/main.yml @@ -0,0 +1,9 @@ +--- +- include: client.yml +  when: etcd_needing_client_certs is defined and etcd_needing_client_certs + +- include: server.yml +  when: etcd_needing_server_certs is defined and etcd_needing_server_certs + + + diff --git a/roles/etcd_certificates/tasks/server.yml b/roles/etcd_certificates/tasks/server.yml new file mode 100644 index 000000000..727b7fa2c --- /dev/null +++ b/roles/etcd_certificates/tasks/server.yml @@ -0,0 +1,73 @@ +--- +- name: Ensure generated_certs directory present +  file: +    path: "{{ etcd_generated_certs_dir }}/{{ item.etcd_cert_subdir }}" +    state: directory +    mode: 0700 +  with_items: etcd_needing_server_certs + +- name: Create the server csr +  command: > +    openssl req -new -keyout {{ item.etcd_cert_prefix }}server.key +    -config {{ etcd_openssl_conf }} +    -out {{ item.etcd_cert_prefix }}server.csr +    -reqexts {{ etcd_req_ext }} -batch -nodes +    -subj /CN={{ item.openshift.common.hostname }} +  args: +    chdir: "{{ etcd_generated_certs_dir }}/{{ item.etcd_cert_subdir }}" +    creates: "{{ etcd_generated_certs_dir ~ '/' ~  item.etcd_cert_subdir ~ '/' +                 ~ item.etcd_cert_prefix ~ 'server.csr' }}" +  environment: +    SAN: "IP:{{ item.openshift.common.ip }}" +  with_items: etcd_needing_server_certs + +- name: Sign and create the server crt +  command: > +    openssl ca -name {{ etcd_ca_name }} -config {{ etcd_openssl_conf }} +    -out {{ item.etcd_cert_prefix }}server.crt +    -in {{ item.etcd_cert_prefix }}server.csr +    -extensions {{ etcd_ca_exts_server }} -batch +  args: +    chdir: "{{ etcd_generated_certs_dir }}/{{ item.etcd_cert_subdir }}" +    creates: "{{ etcd_generated_certs_dir ~ '/' ~  item.etcd_cert_subdir ~ '/' +                 ~ item.etcd_cert_prefix ~ 'server.crt' }}" +  environment: +    SAN: '' +  with_items: etcd_needing_server_certs + +- name: Create the peer csr +  command: > +    openssl req -new -keyout {{ item.etcd_cert_prefix }}peer.key +    -config {{ etcd_openssl_conf }} +    -out {{ item.etcd_cert_prefix }}peer.csr +    -reqexts {{ etcd_req_ext }} -batch -nodes +    -subj /CN={{ item.openshift.common.hostname }} +  args: +    chdir: "{{ etcd_generated_certs_dir }}/{{ item.etcd_cert_subdir }}" +    creates: "{{ etcd_generated_certs_dir ~ '/' ~  item.etcd_cert_subdir ~ '/' +                 ~ item.etcd_cert_prefix ~ 'peer.csr' }}" +  environment: +    SAN: "IP:{{ item.openshift.common.ip }}" +  with_items: etcd_needing_server_certs + +- name: Sign and create the peer crt +  command: > +    openssl ca -name {{ etcd_ca_name }} -config {{ etcd_openssl_conf }} +    -out {{ item.etcd_cert_prefix }}peer.crt +    -in {{ item.etcd_cert_prefix }}peer.csr +    -extensions {{ etcd_ca_exts_peer }} -batch +  args: +    chdir: "{{ etcd_generated_certs_dir }}/{{ item.etcd_cert_subdir }}" +    creates: "{{ etcd_generated_certs_dir ~ '/' ~  item.etcd_cert_subdir ~ '/' +                 ~ item.etcd_cert_prefix ~ 'peer.crt' }}" +  environment: +    SAN: '' +  with_items: etcd_needing_server_certs + +- file: +    src: "{{ etcd_ca_cert }}" +    dest: "{{ etcd_generated_certs_dir}}/{{ item.etcd_cert_subdir }}/{{ item.etcd_cert_prefix }}ca.crt" +    state: hard +  with_items: etcd_needing_server_certs + + diff --git a/roles/etcd_certificates/vars/main.yml b/roles/etcd_certificates/vars/main.yml new file mode 100644 index 000000000..0eaeeb82b --- /dev/null +++ b/roles/etcd_certificates/vars/main.yml @@ -0,0 +1,11 @@ +--- +etcd_conf_dir: /etc/etcd +etcd_ca_dir: /etc/etcd/ca +etcd_generated_certs_dir: /etc/etcd/generated_certs +etcd_ca_cert: "{{ etcd_ca_dir }}/ca.crt" +etcd_ca_key: "{{ etcd_ca_dir }}/ca.key" +etcd_openssl_conf: "{{ etcd_ca_dir }}/openssl.cnf" +etcd_ca_name: etcd_ca +etcd_req_ext: etcd_v3_req +etcd_ca_exts_peer: etcd_v3_ca_peer +etcd_ca_exts_server: etcd_v3_ca_server diff --git a/roles/openshift_examples/README.md b/roles/openshift_examples/README.md index 787624ab6..7d8735a0a 100644 --- a/roles/openshift_examples/README.md +++ b/roles/openshift_examples/README.md @@ -4,6 +4,10 @@ OpenShift Examples  Installs example image streams, db-templates, and quickstart-templates by copying  examples from this module to your first master and importing them with oc create -n into the openshift namespace +The examples-sync.sh script can be used to pull the latest content from github +and stage it for updating the ansible repo. This script is not used directly by +ansible. +  Requirements  ------------ diff --git a/roles/openshift_examples/defaults/main.yml b/roles/openshift_examples/defaults/main.yml index 0f8e9f7ee..3246790aa 100644 --- a/roles/openshift_examples/defaults/main.yml +++ b/roles/openshift_examples/defaults/main.yml @@ -3,7 +3,7 @@  openshift_examples_load_centos: "{{ openshift_deployment_type != 'enterprise' }}"  openshift_examples_load_rhel: "{{ openshift_deployment_type == 'enterprise' }}"  openshift_examples_load_db_templates: true -openshift_examples_load_xpaas: false +openshift_examples_load_xpaas: "{{ openshift_deployment_type == 'enterprise' }}"  openshift_examples_load_quickstarts: true  examples_base: /usr/share/openshift/examples diff --git a/roles/openshift_examples/templates.sh b/roles/openshift_examples/examples-sync.sh index 4f3050494..12d3bc263 100755 --- a/roles/openshift_examples/templates.sh +++ b/roles/openshift_examples/examples-sync.sh @@ -1,5 +1,10 @@  #!/bin/bash +# Utility script to update the ansible repo with the latest templates and image +# streams from several github repos +# +# This script should be run from openshift-ansible/roles/openshift_examples +  EXAMPLES_BASE=$(pwd)/files/examples  find files/examples -name '*.json' -delete  TEMP=`mktemp -d` @@ -26,6 +31,6 @@ cp nodejs-ex-master/openshift/templates/* ${EXAMPLES_BASE}/quickstart-templates/  cp dancer-ex-master/openshift/templates/* ${EXAMPLES_BASE}/quickstart-templates/  cp cakephp-ex-master/openshift/templates/* ${EXAMPLES_BASE}/quickstart-templates/  mv application-templates-master/jboss-image-streams.json ${EXAMPLES_BASE}/xpaas-streams/ -find application-templates-master/ -name '*.json' -exec mv {} ${EXAMPLES_BASE}/xpaas-templates/ \; +find application-templates-master/ -name '*.json' ! -wholename '*secret*' -exec mv {} ${EXAMPLES_BASE}/xpaas-templates/ \;  popd  git diff files/examples diff --git a/roles/openshift_examples/files/examples/xpaas-streams/jboss-image-streams.json b/roles/openshift_examples/files/examples/xpaas-streams/jboss-image-streams.json index 425cc3e0f..37e6269fe 100644 --- a/roles/openshift_examples/files/examples/xpaas-streams/jboss-image-streams.json +++ b/roles/openshift_examples/files/examples/xpaas-streams/jboss-image-streams.json @@ -81,7 +81,7 @@                  "name": "jboss-amq-6"              },              "spec": { -                "dockerImageRepository": "registry.access.redhat.com/jboss-amq-6/amq-openshift:6.2", +                "dockerImageRepository": "registry.access.redhat.com/jboss-amq-6/amq-openshift",                  "tags": [                      {                          "name": "6.2", @@ -95,63 +95,6 @@                      }                  ]              } -        }, -        { -            "kind": "ImageStream", -            "apiVersion": "v1", -            "metadata": { -                "name": "jboss-mysql-55", -                "annotations": { -                    "description": "Provides MySQL 5.5 images for use with JBoss Middleware products." -                } -            }, -            "spec": { -                "dockerImageRepository": "registry.access.redhat.com/openshift3_beta/mysql-55-rhel7", -                "tags": [ -                    { -                        "name": "latest", -                        "dockerImageReference": "registry.access.redhat.com/openshift3_beta/mysql-55-rhel7:latest" -                    } -                ] -            } -        }, -        { -            "kind": "ImageStream", -            "apiVersion": "v1", -            "metadata": { -                "name": "jboss-postgresql-92", -                "annotations": { -                    "description": "Provides PostgreSQL 9.2 images for use with JBoss Middleware products." -                } -            }, -            "spec": { -                "dockerImageRepository": "registry.access.redhat.com/openshift3_beta/postgresql-92-rhel7", -                "tags": [ -                    { -                        "name": "latest", -                        "dockerImageReference": "registry.access.redhat.com/openshift3_beta/postgresql-92-rhel7:latest" -                    } -                ] -            } -        }, -        { -            "kind": "ImageStream", -            "apiVersion": "v1", -            "metadata": { -                "name": "jboss-mongodb-24", -                "annotations": { -                    "description": "Provides MongoDB 2.4 images for use with JBoss Middleware products." -                } -            }, -            "spec": { -                "dockerImageRepository": "registry.access.redhat.com/openshift3_beta/mongodb-24-rhel7", -                "tags": [ -                    { -                        "name": "latest", -                        "dockerImageReference": "registry.access.redhat.com/openshift3_beta/mongodb-24-rhel7:latest" -                    } -                ] -            }          }      ]  } diff --git a/roles/openshift_examples/files/examples/xpaas-templates/amq6-persistent.json b/roles/openshift_examples/files/examples/xpaas-templates/amq6-persistent.json index 00b63ce8c..c0925b453 100644 --- a/roles/openshift_examples/files/examples/xpaas-templates/amq6-persistent.json +++ b/roles/openshift_examples/files/examples/xpaas-templates/amq6-persistent.json @@ -64,6 +64,21 @@              "name": "AMQ_ADMIN_PASSWORD",              "from": "[a-zA-Z0-9]{8}",              "generate": "expression" +        }, +        { +            "description": "Name of a secret containing SSL related files", +            "name": "AMQ_SECRET", +            "value": "amq-app-secret" +        }, +        { +            "description": "SSL trust store filename", +            "name": "AMQ_TRUSTSTORE", +            "value": "broker.ts" +        }, +        { +            "description": "SSL key store filename", +            "name": "AMQ_KEYSTORE", +            "value": "broker.ks"          }      ],      "objects": [ @@ -258,6 +273,7 @@                              ],                              "from": {                                  "kind": "ImageStreamTag", +                                "namespace": "openshift",                                  "name": "jboss-amq-6:${AMQ_RELEASE}"                              }                          } @@ -276,11 +292,23 @@                          }                      },                      "spec": { +                        "serviceAccount": "amq-service-account",                          "containers": [                              {                                  "name": "${APPLICATION_NAME}-amq", -                                "image": "registry.access.redhat.com/jboss-amq-6/amq-openshift:${AMQ_RELEASE}", +                                "image": "jboss-amq-6",                                  "imagePullPolicy": "Always", +                                "volumeMounts": [ +                                    { +                                        "name": "broker-secret-volume", +                                        "mountPath": "/etc/amq-secret-volume", +                                        "readOnly": true +                                    }, +                                    { +                                        "mountPath": "/opt/amq/data/kahadb", +                                        "name": "${APPLICATION_NAME}-amq-pvol" +                                    } +                                ],                                  "readinessProbe": {                                      "exec": {                                          "command": [ @@ -327,12 +355,6 @@                                          "protocol": "TCP"                                      }                                  ], -                                "volumeMounts": [ -                                    { -                                        "mountPath": "/opt/amq/data/kahadb", -                                        "name": "${APPLICATION_NAME}-amq-pvol" -                                    } -                                ],                                  "env": [                                      {                                          "name": "AMQ_USER", @@ -361,12 +383,30 @@                                      {                                          "name": "AMQ_ADMIN_PASSWORD",                                          "value": "${AMQ_ADMIN_PASSWORD}" +                                    }, +                                    { +                                        "name": "AMQ_KEYSTORE_TRUSTSTORE_DIR", +                                        "value": "/etc/amq-secret-volume" +                                    }, +                                    { +                                        "name": "AMQ_TRUSTSTORE", +                                        "value": "${AMQ_TRUSTSTORE}" +                                    }, +                                    { +                                        "name": "AMQ_KEYSTORE", +                                        "value": "${AMQ_KEYSTORE}"                                      }                                  ]                              }                          ],                          "volumes": [                              { +                                "name": "broker-secret-volume", +                                "secret": { +                                    "secretName": "${AMQ_SECRET}" +                                } +                            }, +                            {                                  "name": "${APPLICATION_NAME}-amq-pvol",                                  "persistentVolumeClaim": {                                      "claimName": "${APPLICATION_NAME}-amq-claim" diff --git a/roles/openshift_examples/files/examples/xpaas-templates/amq6.json b/roles/openshift_examples/files/examples/xpaas-templates/amq6.json index 0bb1b0651..63ec9a235 100644 --- a/roles/openshift_examples/files/examples/xpaas-templates/amq6.json +++ b/roles/openshift_examples/files/examples/xpaas-templates/amq6.json @@ -59,6 +59,21 @@              "name": "AMQ_ADMIN_PASSWORD",              "from": "[a-zA-Z0-9]{8}",              "generate": "expression" +        }, +        { +            "description": "Name of a secret containing SSL related files", +            "name": "AMQ_SECRET", +            "value": "amq-app-secret" +        }, +        { +            "description": "SSL trust store filename", +            "name": "AMQ_TRUSTSTORE", +            "value": "broker.ts" +        }, +        { +            "description": "SSL key store filename", +            "name": "AMQ_KEYSTORE", +            "value": "broker.ks"          }      ],      "objects": [ @@ -253,6 +268,7 @@                              ],                              "from": {                                  "kind": "ImageStreamTag", +                                "namespace": "openshift",                                  "name": "jboss-amq-6:${AMQ_RELEASE}"                              }                          } @@ -271,11 +287,19 @@                          }                      },                      "spec": { +                        "serviceAccount": "amq-service-account",                          "containers": [                              {                                  "name": "${APPLICATION_NAME}-amq", -                                "image": "registry.access.redhat.com/jboss-amq-6/amq-openshift:${AMQ_RELEASE}", +                                "image": "jboss-amq-6",                                  "imagePullPolicy": "Always", +                                "volumeMounts": [ +                                    { +                                        "name": "broker-secret-volume", +                                        "mountPath": "/etc/amq-secret-volume", +                                        "readOnly": true +                                    } +                                ],                                  "readinessProbe": {                                      "exec": {                                          "command": [ @@ -354,9 +378,29 @@                                      {                                          "name": "AMQ_MESH_SERVICE_NAME",                                          "value": "${APPLICATION_NAME}-amq-tcp" +                                    }, +                                    { +                                        "name": "AMQ_KEYSTORE_TRUSTSTORE_DIR", +                                        "value": "/etc/amq-secret-volume" +                                    }, +                                    { +                                        "name": "AMQ_TRUSTSTORE", +                                        "value": "${AMQ_TRUSTSTORE}" +                                    }, +                                    { +                                        "name": "AMQ_KEYSTORE", +                                        "value": "${AMQ_KEYSTORE}"                                      }                                  ]                              } +                        ], +                        "volumes": [ +                            { +                                "name": "broker-secret-volume", +                                "secret": { +                                    "secretName": "${AMQ_SECRET}" +                                } +                            }                          ]                      }                  } diff --git a/roles/openshift_examples/files/examples/xpaas-templates/eap-app-secret.json b/roles/openshift_examples/files/examples/xpaas-templates/eap-app-secret.json deleted file mode 100644 index cfe038048..000000000 --- a/roles/openshift_examples/files/examples/xpaas-templates/eap-app-secret.json +++ /dev/null @@ -1,32 +0,0 @@ -{ -    "kind": "List", -    "apiVersion": "v1", -    "metadata": {}, -    "items": [ -        { -            "kind": "ServiceAccount", -            "apiVersion": "v1", -            "metadata": { -                "name": "eap-service-account" -            }, -            "secrets": [ -                { -                    "name": "eap-app-secret" -                } -            ] -        }, -        { -            "kind": "Secret", -            "apiVersion": "v1", -            "metadata": { -                "annotations": { -                    "description": "Default secret file with name 'jboss' and password 'mykeystorepass'" -                }, -                "name": "eap-app-secret" -            }, -            "data": { -                "keystore.jks": "/u3+7QAAAAIAAAABAAAAAQAFamJvc3MAAAFNbVtLLAAABQMwggT/MA4GCisGAQQBKgIRAQEFAASCBOsxl4wqa+E+XP8+qMZY9XLhvKrRX8V1MHdwFZQaLTEVURCizqYXoMnbhtfV0oMAUFsE7013TTA9Q2l+pSs+cqz6HH/vwjEEIkqJx5wD8WcD/bu9e9F9EHQ+zrjZFmpMFvXsvj9+ux1o/YLBDGY3kd4MoDcJy0yJ/ZpzNYLkXanlrMhWqxC7MAliCBsdyVgNn5RFb4Nn+JZgJuNSIGo/K292+0IFaFv9vsXbX889W9HPCvfO0mQIzoy8In0NhzdKli/67y4kbDkWaI0fRONckZTxNpxn6rMc0nN9zKrGVToLxj1Ufcoj/tCvR8agtPpv7KIWUqBYDg83ad+i4EE5XYISovlsl6RmtrrTb39PJcL86+wJ+x2ZrLuyzh6C9sAOdSBiKt/DY97ICIYltRMrb+cNwWdnJvT+PeYvv3vKo7YThha+akoJDjsWMp1HWpbIC9zg9ZjugU+/ao6nHtmoZmCaYjLuEE+sYl5s179uyQjE3LRc+0cVY2+bYCOD6P6JLH9GdfjkR40OhjryiWy2Md6vAGaATh6kjjreRHfSie4KCgIZx9Ngb1+uAwauYSM8d9OIwT5lRmLd4Go9CaFXtFdq/IZv3x5ZEPVqMjxcq0KXcs1QcfK3oSYL/rrkxXxKFTrd0N3KgvwATWx/KS90tdHBg65dF3PpBjK1AYQL3Q7KV3t45SVyYHd92TUsaduY1nUQk4TukNC8l9f8xYVeOFXoFHZRx9edqn8fjDMmCYn5PTPNuMPHQm7nKxeWhV2URY5jt774gmvHLNcXeEgrM7US81wOvs2y1jY/paJWn+OACf2x2a75MWFFkZH67bZoh9pPWAwOUEtegXTL5QVicHjzZrop8Qb7K7hlGgD0RP5YYOFYF4DD+SL5BHKr6fw/LS6MMJaK1wKsJd0oGg9HcHXjph9Kb+mqXrQ54C1KI42LpFftU3DCg8wGoqvg/zO/UtVeHX3rBZDUIkeQrCULEkki9oL5diDxe9mNx9Qua5FJ6FJGIffQmsC4b0+Xys6NyqUu1aeWLcAPA/5hcs6ZTiSRTHTBe3vxapyBjnAL5uij4ILbWbEGH1e0mAHBeiihRx+w4oxH4OGCvXOhwIDHETLJJUcnJe1CouECdqdfVy/eEsIfiEheVs8OwogJLiWgzB7PoebXM4SKsAWL3NcDtC1LV3KuPgFuTDH7MjPIR83eSxkKlJLMNGfEpUHyg+lm7aJ98PVIS+l1YV9oUzLfbo3S6S2sMjVgyviS90vNIPo5JOTEFHsg5aWJNHL0OV4zRUeILzwwdQz+VkTk9DobnkLWUeLnwUNWheOpaQh79Mk0IfwfLj4D0Vx9p+PShKKZCGs0wjckmCFBM5Pc1x2lwMdaP5yATzrw+jUc+/3UY4PF/4Ya66m/DRsBKEcXjVAHcTce6OdNdGlBNT8VgkxPiylwO8hvyvpf6j+wdb9iXi6eOnk0AiEJ6mUAXs/eyDD/cqQjnUBKRGLQUSdHhvtpw8RfvyVhAAxNOnBsOT0WYol9iK6pSclGTF5mZleASRzZhH69GgdebfFhXimb0j/wYj3uLgf6mrKMDwlrXJ80SiWkXxd5TX/7XtB9lbPzNpaR12M8U8UVg16VOtMwCR2Gss2vmhqQnQFLsUsAKcYM0TRp1pWqbzpGebCvJkVWiIYocN3ZI1csAhGX3G86ewAAAAEABVguNTA5AAADeTCCA3UwggJdoAMCAQICBGekovEwDQYJKoZIhvcNAQELBQAwazELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAk5DMRAwDgYDVQQHEwdSYWxlaWdoMRYwFAYDVQQKEw1teWNvbXBhbnkuY29tMRQwEgYDVQQLEwtFbmdpbmVlcmluZzEPMA0GA1UEAxMGanNtaXRoMB4XDTE1MDUxOTE4MDYxOFoXDTE1MDgxNzE4MDYxOFowazELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAk5DMRAwDgYDVQQHEwdSYWxlaWdoMRYwFAYDVQQKEw1teWNvbXBhbnkuY29tMRQwEgYDVQQLEwtFbmdpbmVlcmluZzEPMA0GA1UEAxMGanNtaXRoMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk0zbGtem+If//jw0OTszIcpX4ydOCC0PeqktulYkm4pG0qEVBB+HuMj7yeTBc1KCDl2xm+Q6LPeTzUufk7BXFEg4Ru1l3PSW70LyJBfHy5ns0dYE5M1I0Avv9rvjgC1VTsiBmdXh+tIIQDPknIKpWpcs79XPOURGLvuGjfyj08EZWFvAZzYrk3lKwkceDHpYYb5i+zxFRz5K6of/h9gQ9CzslqNd7uxxvyy/yTtNFk2J797Vk3hKtbiATqc9+egEHcEQrzADejPYol5ke3DA1NPRBqFGku5n215i2eYzYvVV1xmifID/3lzvNWN0bWlOxl74VsPnWa/2JPP3hZ6p5QIDAQABoyEwHzAdBgNVHQ4EFgQURLJKk/gaSrMjDyX8iYtCzPtTBqAwDQYJKoZIhvcNAQELBQADggEBAA4ESTKsWevv40hFv11t+lGNHT16u8Xk+WnvB4Ko5sZjVhvRWTTKOEBE5bDYfMhf0esn8gg0B4Qtm4Rb5t9PeaG/0d6xxD0BIV6eWihJVtEGOH47Wf/UzfC88fqoIxZ6MMBPik/WeafvOK+HIHfZSwAmqlXgl4nNVDdMNHtBhNAvikL3osxrSbqdi3eyI7rqSpb41Lm9v+PF+vZTOGRQf22Gq30/Ie85DlqugtRKimWHJYL2HeL4ywTtQKgde6JDRCOHwbDcsl6CbMjugt3yyI7Yo9EJdKb5p6YoVOpnCz7369W9Uim+Xrl2ELZWM5WTiQFxd6S36Ql2TUk+s8zj/GoN9ov0Y/yNNCxAibwyzo94N+Q4vA==" -            } -        } -    ] -} diff --git a/roles/openshift_examples/files/examples/xpaas-templates/eap6-amq-persistent-sti.json b/roles/openshift_examples/files/examples/xpaas-templates/eap6-amq-persistent-sti.json index 2a9c06bee..0790d6546 100644 --- a/roles/openshift_examples/files/examples/xpaas-templates/eap6-amq-persistent-sti.json +++ b/roles/openshift_examples/files/examples/xpaas-templates/eap6-amq-persistent-sti.json @@ -28,9 +28,9 @@              "value": "eap-app"          },          { -            "description": "Hostname for service routes", +            "description": "Custom hostname for service routes.  Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",              "name": "APPLICATION_HOSTNAME", -            "value": "eap-app.local" +            "value": ""          },          {              "description": "Git source URI for application", @@ -144,7 +144,7 @@                  }              },              "metadata": { -                "name": "${APPLICATION_NAME}-http-service", +                "name": "${APPLICATION_NAME}",                  "labels": {                      "application": "${APPLICATION_NAME}"                  }, @@ -168,7 +168,7 @@                  }              },              "metadata": { -                "name": "${APPLICATION_NAME}-https-service", +                "name": "secure-${APPLICATION_NAME}",                  "labels": {                      "application": "${APPLICATION_NAME}"                  }, @@ -242,7 +242,7 @@              "spec": {                  "host": "${APPLICATION_HOSTNAME}",                  "to": { -                    "name": "${APPLICATION_NAME}-http-service" +                    "name": "${APPLICATION_NAME}"                  }              }          }, @@ -262,7 +262,7 @@              "spec": {                  "host": "${APPLICATION_HOSTNAME}",                  "to": { -                    "name": "${APPLICATION_NAME}-https-service" +                    "name": "secure-${APPLICATION_NAME}"                  },                  "tls": {                      "termination" : "passthrough" @@ -302,6 +302,7 @@                      "sourceStrategy": {                          "from": {                              "kind": "ImageStreamTag", +                            "namespace": "openshift",                              "name": "jboss-eap6-openshift:${EAP_RELEASE}"                          }                      } @@ -502,6 +503,7 @@                              ],                              "from": {                                  "kind": "ImageStreamTag", +                                "namespace": "openshift",                                  "name": "jboss-amq-6:${AMQ_RELEASE}"                              }                          } @@ -523,7 +525,7 @@                          "containers": [                              {                                  "name": "${APPLICATION_NAME}-amq", -                                "image": "registry.access.redhat.com/jboss-amq-6/amq-openshift:${AMQ_RELEASE}", +                                "image": "jboss-amq-6",                                  "imagePullPolicy": "Always",                                  "readinessProbe": {                                      "exec": { diff --git a/roles/openshift_examples/files/examples/xpaas-templates/eap6-amq-sti.json b/roles/openshift_examples/files/examples/xpaas-templates/eap6-amq-sti.json index e96eef6f7..a0505f81e 100644 --- a/roles/openshift_examples/files/examples/xpaas-templates/eap6-amq-sti.json +++ b/roles/openshift_examples/files/examples/xpaas-templates/eap6-amq-sti.json @@ -28,9 +28,9 @@              "value": "eap-app"          },          { -            "description": "Hostname for service routes", +            "description": "Custom hostname for service routes.  Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",              "name": "APPLICATION_HOSTNAME", -            "value": "eap-app.local" +            "value": ""          },          {              "description": "Git source URI for application", @@ -139,7 +139,7 @@                  }              },              "metadata": { -                "name": "${APPLICATION_NAME}-http-service", +                "name": "${APPLICATION_NAME}",                  "labels": {                      "application": "${APPLICATION_NAME}"                  }, @@ -163,7 +163,7 @@                  }              },              "metadata": { -                "name": "${APPLICATION_NAME}-https-service", +                "name": "secure-${APPLICATION_NAME}",                  "labels": {                      "application": "${APPLICATION_NAME}"                  }, @@ -237,7 +237,7 @@              "spec": {                  "host": "${APPLICATION_HOSTNAME}",                  "to": { -                    "name": "${APPLICATION_NAME}-http-service" +                    "name": "${APPLICATION_NAME}"                  }              }          }, @@ -257,7 +257,7 @@              "spec": {                  "host": "${APPLICATION_HOSTNAME}",                  "to": { -                    "name": "${APPLICATION_NAME}-https-service" +                    "name": "secure-${APPLICATION_NAME}"                  },                  "tls": {                      "termination" : "passthrough" @@ -297,6 +297,7 @@                      "sourceStrategy": {                          "from": {                              "kind": "ImageStreamTag", +                            "namespace": "openshift",                              "name": "jboss-eap6-openshift:${EAP_RELEASE}"                          }                      } @@ -497,6 +498,7 @@                              ],                              "from": {                                  "kind": "ImageStreamTag", +                                "namespace": "openshift",                                  "name": "jboss-amq-6:${AMQ_RELEASE}"                              }                          } @@ -518,7 +520,7 @@                          "containers": [                              {                                  "name": "${APPLICATION_NAME}-amq", -                                "image": "registry.access.redhat.com/jboss-amq-6/amq-openshift:${AMQ_RELEASE}", +                                "image": "jboss-amq-6",                                  "imagePullPolicy": "Always",                                  "readinessProbe": {                                      "exec": { diff --git a/roles/openshift_examples/files/examples/xpaas-templates/eap6-basic-sti.json b/roles/openshift_examples/files/examples/xpaas-templates/eap6-basic-sti.json index 7148d8fd7..d894deda0 100644 --- a/roles/openshift_examples/files/examples/xpaas-templates/eap6-basic-sti.json +++ b/roles/openshift_examples/files/examples/xpaas-templates/eap6-basic-sti.json @@ -23,23 +23,24 @@              "value": "eap-app"          },          { -            "description": "Hostname for service routes", +            "description": "Custom hostname for service routes.  Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",              "name": "APPLICATION_HOSTNAME", -            "value": "eap-app.local" +            "value": ""          },          {              "description": "Git source URI for application", -            "name": "GIT_URI" +            "name": "GIT_URI", +            "value": "https://github.com/jboss-developer/jboss-eap-quickstarts"          },          {              "description": "Git branch/tag reference",              "name": "GIT_REF", -            "value": "master" +            "value": "6.4.x"          },          {              "description": "Path within Git project to build; empty for root project directory.",              "name": "GIT_CONTEXT_DIR", -            "value": "" +            "value": "kitchensink"          },          {              "description": "Queue names", @@ -52,26 +53,6 @@              "value": ""          },          { -            "description": "The name of the secret containing the keystore file", -            "name": "EAP_HTTPS_SECRET", -            "value": "eap-app-secret" -        }, -        { -            "description": "The name of the keystore file within the secret", -            "name": "EAP_HTTPS_KEYSTORE", -            "value": "keystore.jks" -        }, -        { -            "description": "The name associated with the server certificate", -            "name": "EAP_HTTPS_NAME", -            "value": "" -        }, -        { -            "description": "The password for the keystore and certificate", -            "name": "EAP_HTTPS_PASSWORD", -            "value": "" -        }, -        {              "description": "HornetQ cluster admin password",              "name": "HORNETQ_CLUSTER_PASSWORD",              "from": "[a-zA-Z0-9]{8}", @@ -106,7 +87,7 @@                  }              },              "metadata": { -                "name": "${APPLICATION_NAME}-http-service", +                "name": "${APPLICATION_NAME}",                  "labels": {                      "application": "${APPLICATION_NAME}"                  }, @@ -121,30 +102,6 @@              "spec": {                  "ports": [                      { -                        "port": 8443, -                        "targetPort": 8443 -                    } -                ], -                "selector": { -                    "deploymentConfig": "${APPLICATION_NAME}" -                } -            }, -            "metadata": { -                "name": "${APPLICATION_NAME}-https-service", -                "labels": { -                    "application": "${APPLICATION_NAME}" -                }, -                "annotations": { -                    "description": "The web server's https port." -                } -            } -        }, -        { -            "kind": "Service", -            "apiVersion": "v1", -            "spec": { -                "ports": [ -                    {                          "port": 8888,                          "targetPort": 8888                      } @@ -180,30 +137,7 @@              "spec": {                  "host": "${APPLICATION_HOSTNAME}",                  "to": { -                    "name": "${APPLICATION_NAME}-http-service" -                } -            } -        }, -        { -            "kind": "Route", -            "apiVersion": "v1", -            "id": "${APPLICATION_NAME}-https-route", -            "metadata": { -                "name": "${APPLICATION_NAME}-https-route", -                "labels": { -                    "application": "${APPLICATION_NAME}" -                }, -                "annotations": { -                    "description": "Route for application's https service." -                } -            }, -            "spec": { -                "host": "${APPLICATION_HOSTNAME}", -                "to": { -                    "name": "${APPLICATION_NAME}-https-service" -                }, -                "tls": { -                    "termination" : "passthrough" +                    "name": "${APPLICATION_NAME}"                  }              }          }, @@ -240,6 +174,7 @@                      "sourceStrategy": {                          "from": {                              "kind": "ImageStreamTag", +                            "namespace": "openshift",                              "name": "jboss-eap6-openshift:${EAP_RELEASE}"                          }                      } @@ -310,19 +245,11 @@                          }                      },                      "spec": { -                        "serviceAccount": "eap-service-account",                          "containers": [                              {                                  "name": "${APPLICATION_NAME}",                                  "image": "${APPLICATION_NAME}",                                  "imagePullPolicy": "Always", -                                "volumeMounts": [ -                                    { -                                        "name": "eap-keystore-volume", -                                        "mountPath": "/etc/eap-secret-volume", -                                        "readOnly": true -                                    } -                                ],                                  "readinessProbe": {                                      "exec": {                                          "command": [ @@ -339,11 +266,6 @@                                          "protocol": "TCP"                                      },                                      { -                                        "name": "${APPLICATION_NAME}-tcp-8443", -                                        "containerPort": 8443, -                                        "protocol": "TCP" -                                    }, -                                    {                                          "name": "${APPLICATION_NAME}-ping-8888",                                          "containerPort": 8888,                                          "protocol": "TCP" @@ -359,22 +281,6 @@                                          "value": "8888"                                      },                                      { -                                        "name": "EAP_HTTPS_KEYSTORE_DIR", -                                        "value": "/etc/eap-secret-volume" -                                    }, -                                    { -                                        "name": "EAP_HTTPS_KEYSTORE", -                                        "value": "${EAP_HTTPS_KEYSTORE}" -                                    }, -                                    { -                                        "name": "EAP_HTTPS_NAME", -                                        "value": "${EAP_HTTPS_NAME}" -                                    }, -                                    { -                                        "name": "EAP_HTTPS_PASSWORD", -                                        "value": "${EAP_HTTPS_PASSWORD}" -                                    }, -                                    {                                          "name": "HORNETQ_CLUSTER_PASSWORD",                                          "value": "${HORNETQ_CLUSTER_PASSWORD}"                                      }, @@ -388,14 +294,6 @@                                      }                                  ]                              } -                        ], -                        "volumes": [ -                            { -                                "name": "eap-keystore-volume", -                                "secret": { -                                    "secretName": "${EAP_HTTPS_SECRET}" -                                } -                            }                          ]                      }                  } diff --git a/roles/openshift_examples/files/examples/xpaas-templates/eap6-https-sti.json b/roles/openshift_examples/files/examples/xpaas-templates/eap6-https-sti.json new file mode 100644 index 000000000..14585d60f --- /dev/null +++ b/roles/openshift_examples/files/examples/xpaas-templates/eap6-https-sti.json @@ -0,0 +1,407 @@ +{ +    "kind": "Template", +    "apiVersion": "v1", +    "metadata": { +        "annotations": { +            "iconClass" : "icon-jboss", +            "description": "Application template for EAP 6 applications built using STI." +        }, +        "name": "eap6-basic-sti" +    }, +    "labels": { +        "template": "eap6-basic-sti" +    }, +    "parameters": [ +        { +            "description": "EAP Release version, e.g. 6.4, etc.", +            "name": "EAP_RELEASE", +            "value": "6.4" +        }, +        { +            "description": "The name for the application.", +            "name": "APPLICATION_NAME", +            "value": "eap-app" +        }, +        { +            "description": "Custom hostname for service routes.  Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>", +            "name": "APPLICATION_HOSTNAME", +            "value": "" +        }, +        { +            "description": "Git source URI for application", +            "name": "GIT_URI", +            "value": "https://github.com/jboss-developer/jboss-eap-quickstarts" +        }, +        { +            "description": "Git branch/tag reference", +            "name": "GIT_REF", +            "value": "6.4.x" +        }, +        { +            "description": "Path within Git project to build; empty for root project directory.", +            "name": "GIT_CONTEXT_DIR", +            "value": "kitchensink" +        }, +        { +            "description": "Queue names", +            "name": "HORNETQ_QUEUES", +            "value": "" +        }, +        { +            "description": "Topic names", +            "name": "HORNETQ_TOPICS", +            "value": "" +        }, +        { +            "description": "The name of the secret containing the keystore file", +            "name": "EAP_HTTPS_SECRET", +            "value": "eap-app-secret" +        }, +        { +            "description": "The name of the keystore file within the secret", +            "name": "EAP_HTTPS_KEYSTORE", +            "value": "keystore.jks" +        }, +        { +            "description": "The name associated with the server certificate", +            "name": "EAP_HTTPS_NAME", +            "value": "" +        }, +        { +            "description": "The password for the keystore and certificate", +            "name": "EAP_HTTPS_PASSWORD", +            "value": "" +        }, +        { +            "description": "HornetQ cluster admin password", +            "name": "HORNETQ_CLUSTER_PASSWORD", +            "from": "[a-zA-Z0-9]{8}", +            "generate": "expression" +        }, +        { +            "description": "Github trigger secret", +            "name": "GITHUB_TRIGGER_SECRET", +            "from": "[a-zA-Z0-9]{8}", +            "generate": "expression" +        }, +        { +            "description": "Generic build trigger secret", +            "name": "GENERIC_TRIGGER_SECRET", +            "from": "[a-zA-Z0-9]{8}", +            "generate": "expression" +        } +    ], +    "objects": [ +        { +            "kind": "Service", +            "apiVersion": "v1", +            "spec": { +                "ports": [ +                    { +                        "port": 8080, +                        "targetPort": 8080 +                    } +                ], +                "selector": { +                    "deploymentConfig": "${APPLICATION_NAME}" +                } +            }, +            "metadata": { +                "name": "${APPLICATION_NAME}", +                "labels": { +                    "application": "${APPLICATION_NAME}" +                }, +                "annotations": { +                    "description": "The web server's http port." +                } +            } +        }, +        { +            "kind": "Service", +            "apiVersion": "v1", +            "spec": { +                "ports": [ +                    { +                        "port": 8443, +                        "targetPort": 8443 +                    } +                ], +                "selector": { +                    "deploymentConfig": "${APPLICATION_NAME}" +                } +            }, +            "metadata": { +                "name": "secure-${APPLICATION_NAME}", +                "labels": { +                    "application": "${APPLICATION_NAME}" +                }, +                "annotations": { +                    "description": "The web server's https port." +                } +            } +        }, +        { +            "kind": "Service", +            "apiVersion": "v1", +            "spec": { +                "ports": [ +                    { +                        "port": 8888, +                        "targetPort": 8888 +                    } +                ], +                "portalIP": "None", +                "selector": { +                    "deploymentConfig": "${APPLICATION_NAME}" +                } +            }, +            "metadata": { +                "name": "${APPLICATION_NAME}-ping", +                "labels": { +                    "application": "${APPLICATION_NAME}" +                }, +                "annotations": { +                    "description": "Ping service for clustered applications." +                } +            } +        }, +        { +            "kind": "Route", +            "apiVersion": "v1", +            "id": "${APPLICATION_NAME}-http-route", +            "metadata": { +                "name": "${APPLICATION_NAME}-http-route", +                "labels": { +                    "application": "${APPLICATION_NAME}" +                }, +                "annotations": { +                    "description": "Route for application's http service." +                } +            }, +            "spec": { +                "host": "${APPLICATION_HOSTNAME}", +                "to": { +                    "name": "${APPLICATION_NAME}" +                } +            } +        }, +        { +            "kind": "Route", +            "apiVersion": "v1", +            "id": "${APPLICATION_NAME}-https-route", +            "metadata": { +                "name": "${APPLICATION_NAME}-https-route", +                "labels": { +                    "application": "${APPLICATION_NAME}" +                }, +                "annotations": { +                    "description": "Route for application's https service." +                } +            }, +            "spec": { +                "host": "${APPLICATION_HOSTNAME}", +                "to": { +                    "name": "secure-${APPLICATION_NAME}" +                }, +                "tls": { +                    "termination" : "passthrough" +                } +            } +        }, +        { +            "kind": "ImageStream", +            "apiVersion": "v1", +            "metadata": { +                "name": "${APPLICATION_NAME}", +                "labels": { +                    "application": "${APPLICATION_NAME}" +                } +            } +        }, +        { +            "kind": "BuildConfig", +            "apiVersion": "v1", +            "metadata": { +                "name": "${APPLICATION_NAME}", +                "labels": { +                    "application": "${APPLICATION_NAME}" +                } +            }, +            "spec": { +                "source": { +                    "type": "Git", +                    "git": { +                        "uri": "${GIT_URI}", +                        "ref": "${GIT_REF}" +                    }, +                    "contextDir":"${GIT_CONTEXT_DIR}" +                }, +                "strategy": { +                    "type": "Source", +                    "sourceStrategy": { +                        "from": { +                            "kind": "ImageStreamTag", +                            "namespace": "openshift", +                            "name": "jboss-eap6-openshift:${EAP_RELEASE}" +                        } +                    } +                }, +                "output": { +                    "to": { +                        "name": "${APPLICATION_NAME}" +                    } +                }, +                "triggers": [ +                    { +                        "type": "github", +                        "github": { +                            "secret": "${GITHUB_TRIGGER_SECRET}" +                        } +                    }, +                    { +                        "type": "generic", +                        "generic": { +                            "secret": "${GENERIC_TRIGGER_SECRET}" +                        } +                    }, +                    { +                        "type": "imageChange", +                        "imageChange": {} +                    } +                ] +            } +        }, +        { +            "kind": "DeploymentConfig", +            "apiVersion": "v1", +            "metadata": { +                "name": "${APPLICATION_NAME}", +                "labels": { +                    "application": "${APPLICATION_NAME}" +                } +            }, +            "spec": { +                "strategy": { +                    "type": "Recreate" +                }, +                "triggers": [ +                    { +                        "type": "ImageChange", +                        "imageChangeParams": { +                            "automatic": true, +                            "containerNames": [ +                                "${APPLICATION_NAME}" +                            ], +                            "from": { +                                "kind": "ImageStream", +                                "name": "${APPLICATION_NAME}" +                            } +                        } +                    } +                ], +                "replicas": 1, +                "selector": { +                    "deploymentConfig": "${APPLICATION_NAME}" +                }, +                "template": { +                    "metadata": { +                        "name": "${APPLICATION_NAME}", +                        "labels": { +                            "deploymentConfig": "${APPLICATION_NAME}", +                            "application": "${APPLICATION_NAME}" +                        } +                    }, +                    "spec": { +                        "serviceAccount": "eap-service-account", +                        "containers": [ +                            { +                                "name": "${APPLICATION_NAME}", +                                "image": "${APPLICATION_NAME}", +                                "imagePullPolicy": "Always", +                                "volumeMounts": [ +                                    { +                                        "name": "eap-keystore-volume", +                                        "mountPath": "/etc/eap-secret-volume", +                                        "readOnly": true +                                    } +                                ], +                                "readinessProbe": { +                                    "exec": { +                                        "command": [ +                                            "/bin/bash", +                                            "-c", +                                            "/opt/eap/bin/readinessProbe.sh" +                                        ] +                                    } +                                }, +                                "ports": [ +                                    { +                                        "name": "${APPLICATION_NAME}-tcp-8080", +                                        "containerPort": 8080, +                                        "protocol": "TCP" +                                    }, +                                    { +                                        "name": "${APPLICATION_NAME}-tcp-8443", +                                        "containerPort": 8443, +                                        "protocol": "TCP" +                                    }, +                                    { +                                        "name": "${APPLICATION_NAME}-ping-8888", +                                        "containerPort": 8888, +                                        "protocol": "TCP" +                                    } +                                ], +                                "env": [ +                                    { +                                        "name": "OPENSHIFT_DNS_PING_SERVICE_NAME", +                                        "value": "${APPLICATION_NAME}-ping" +                                    }, +                                    { +                                        "name": "OPENSHIFT_DNS_PING_SERVICE_PORT", +                                        "value": "8888" +                                    }, +                                    { +                                        "name": "EAP_HTTPS_KEYSTORE_DIR", +                                        "value": "/etc/eap-secret-volume" +                                    }, +                                    { +                                        "name": "EAP_HTTPS_KEYSTORE", +                                        "value": "${EAP_HTTPS_KEYSTORE}" +                                    }, +                                    { +                                        "name": "EAP_HTTPS_NAME", +                                        "value": "${EAP_HTTPS_NAME}" +                                    }, +                                    { +                                        "name": "EAP_HTTPS_PASSWORD", +                                        "value": "${EAP_HTTPS_PASSWORD}" +                                    }, +                                    { +                                        "name": "HORNETQ_CLUSTER_PASSWORD", +                                        "value": "${HORNETQ_CLUSTER_PASSWORD}" +                                    }, +                                    { +                                        "name": "HORNETQ_QUEUES", +                                        "value": "${HORNETQ_QUEUES}" +                                    }, +                                    { +                                        "name": "HORNETQ_TOPICS", +                                        "value": "${HORNETQ_TOPICS}" +                                    } +                                ] +                            } +                        ], +                        "volumes": [ +                            { +                                "name": "eap-keystore-volume", +                                "secret": { +                                    "secretName": "${EAP_HTTPS_SECRET}" +                                } +                            } +                        ] +                    } +                } +            } +        } +    ] +} diff --git a/roles/openshift_examples/files/examples/xpaas-templates/eap6-mongodb-persistent-sti.json b/roles/openshift_examples/files/examples/xpaas-templates/eap6-mongodb-persistent-sti.json index 03cfbb11e..13d4289ae 100644 --- a/roles/openshift_examples/files/examples/xpaas-templates/eap6-mongodb-persistent-sti.json +++ b/roles/openshift_examples/files/examples/xpaas-templates/eap6-mongodb-persistent-sti.json @@ -23,9 +23,9 @@              "value": "eap-app"          },          { -            "description": "Hostname for service routes", +            "description": "Custom hostname for service routes.  Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",              "name": "APPLICATION_HOSTNAME", -            "value": "eap-app.local" +            "value": ""          },          {              "description": "Git source URI for application", @@ -87,6 +87,18 @@              "value": ""          },          { +            "description": "Sets xa-pool/min-pool-size for the configured datasource.", +            "name": "DB_MIN_POOL_SIZE" +        }, +        { +            "description": "Sets xa-pool/max-pool-size for the configured datasource.", +            "name": "DB_MAX_POOL_SIZE" +        }, +        { +            "description": "Sets transaction-isolation for the configured datasource.", +            "name": "DB_TX_ISOLATION" +        }, +        {              "description": "Disable data file preallocation.",              "name": "MONGODB_NOPREALLOC"          }, @@ -151,7 +163,7 @@                  }              },              "metadata": { -                "name": "${APPLICATION_NAME}-http-service", +                "name": "${APPLICATION_NAME}",                  "labels": {                      "application": "${APPLICATION_NAME}"                  }, @@ -175,7 +187,7 @@                  }              },              "metadata": { -                "name": "${APPLICATION_NAME}-https-service", +                "name": "secure-${APPLICATION_NAME}",                  "labels": {                      "application": "${APPLICATION_NAME}"                  }, @@ -249,7 +261,7 @@              "spec": {                  "host": "${APPLICATION_HOSTNAME}",                  "to": { -                    "name": "${APPLICATION_NAME}-http-service" +                    "name": "${APPLICATION_NAME}"                  }              }          }, @@ -269,7 +281,7 @@              "spec": {                  "host": "${APPLICATION_HOSTNAME}",                  "to": { -                    "name": "${APPLICATION_NAME}-https-service" +                    "name": "secure-${APPLICATION_NAME}"                  },                  "tls": {                      "termination" : "passthrough" @@ -309,6 +321,7 @@                      "sourceStrategy": {                          "from": {                              "kind": "ImageStreamTag", +                            "namespace": "openshift",                              "name": "jboss-eap6-openshift:${EAP_RELEASE}"                          }                      } @@ -444,6 +457,18 @@                                          "value": "${DB_ADMIN_PASSWORD}"                                      },                                      { +                                        "name": "DB_MIN_POOL_SIZE", +                                        "value": "${DB_MIN_POOL_SIZE}" +                                    }, +                                    { +                                        "name": "DB_MAX_POOL_SIZE", +                                        "value": "${DB_MAX_POOL_SIZE}" +                                    }, +                                    { +                                        "name": "DB_TX_ISOLATION", +                                        "value": "${DB_TX_ISOLATION}" +                                    }, +                                    {                                          "name": "OPENSHIFT_DNS_PING_SERVICE_NAME",                                          "value": "${APPLICATION_NAME}-ping"                                      }, @@ -517,7 +542,8 @@                              ],                              "from": {                                  "kind": "ImageStreamTag", -                                "name": "jboss-mongodb-24:latest" +                                "namespace": "openshift", +                                "name": "mongodb:latest"                              }                          }                      } @@ -538,7 +564,7 @@                          "containers": [                              {                                  "name": "${APPLICATION_NAME}-mongodb", -                                "image": "registry.access.redhat.com/openshift3_beta/mongodb-24-rhel7:latest", +                                "image": "mongodb",                                  "imagePullPolicy": "Always",                                  "ports": [                                      { diff --git a/roles/openshift_examples/files/examples/xpaas-templates/eap6-mongodb-sti.json b/roles/openshift_examples/files/examples/xpaas-templates/eap6-mongodb-sti.json index 39f5a5a62..690b918a1 100644 --- a/roles/openshift_examples/files/examples/xpaas-templates/eap6-mongodb-sti.json +++ b/roles/openshift_examples/files/examples/xpaas-templates/eap6-mongodb-sti.json @@ -23,9 +23,9 @@              "value": "eap-app"          },          { -            "description": "Hostname for service routes", +            "description": "Custom hostname for service routes.  Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",              "name": "APPLICATION_HOSTNAME", -            "value": "eap-app.local" +            "value": ""          },          {              "description": "Git source URI for application", @@ -82,6 +82,18 @@              "value": ""          },          { +            "description": "Sets xa-pool/min-pool-size for the configured datasource.", +            "name": "DB_MIN_POOL_SIZE" +        }, +        { +            "description": "Sets xa-pool/max-pool-size for the configured datasource.", +            "name": "DB_MAX_POOL_SIZE" +        }, +        { +            "description": "Sets transaction-isolation for the configured datasource.", +            "name": "DB_TX_ISOLATION" +        }, +        {              "description": "Disable data file preallocation.",              "name": "MONGODB_NOPREALLOC"          }, @@ -146,7 +158,7 @@                  }              },              "metadata": { -                "name": "${APPLICATION_NAME}-http-service", +                "name": "${APPLICATION_NAME}",                  "labels": {                      "application": "${APPLICATION_NAME}"                  }, @@ -170,7 +182,7 @@                  }              },              "metadata": { -                "name": "${APPLICATION_NAME}-https-service", +                "name": "secure-${APPLICATION_NAME}",                  "labels": {                      "application": "${APPLICATION_NAME}"                  }, @@ -244,7 +256,7 @@              "spec": {                  "host": "${APPLICATION_HOSTNAME}",                  "to": { -                    "name": "${APPLICATION_NAME}-http-service" +                    "name": "${APPLICATION_NAME}"                  }              }          }, @@ -264,7 +276,7 @@              "spec": {                  "host": "${APPLICATION_HOSTNAME}",                  "to": { -                    "name": "${APPLICATION_NAME}-https-service" +                    "name": "secure-${APPLICATION_NAME}"                  },                  "tls": {                      "termination" : "passthrough" @@ -304,6 +316,7 @@                      "sourceStrategy": {                          "from": {                              "kind": "ImageStreamTag", +                            "namespace": "openshift",                              "name": "jboss-eap6-openshift:${EAP_RELEASE}"                          }                      } @@ -439,6 +452,18 @@                                          "value": "${DB_ADMIN_PASSWORD}"                                      },                                      { +                                        "name": "DB_MIN_POOL_SIZE", +                                        "value": "${DB_MIN_POOL_SIZE}" +                                    }, +                                    { +                                        "name": "DB_MAX_POOL_SIZE", +                                        "value": "${DB_MAX_POOL_SIZE}" +                                    }, +                                    { +                                        "name": "DB_TX_ISOLATION", +                                        "value": "${DB_TX_ISOLATION}" +                                    }, +                                    {                                          "name": "OPENSHIFT_DNS_PING_SERVICE_NAME",                                          "value": "${APPLICATION_NAME}-ping"                                      }, @@ -512,7 +537,8 @@                              ],                              "from": {                                  "kind": "ImageStreamTag", -                                "name": "jboss-mongodb-24:latest" +                                "namespace": "openshift", +                                "name": "mongodb:latest"                              }                          }                      } @@ -533,7 +559,7 @@                          "containers": [                              {                                  "name": "${APPLICATION_NAME}-mongodb", -                                "image": "registry.access.redhat.com/openshift3_beta/mongodb-24-rhel7:latest", +                                "image": "mongodb",                                  "imagePullPolicy": "Always",                                  "ports": [                                      { diff --git a/roles/openshift_examples/files/examples/xpaas-templates/eap6-mysql-persistent-sti.json b/roles/openshift_examples/files/examples/xpaas-templates/eap6-mysql-persistent-sti.json index 0fa4421c6..27062596f 100644 --- a/roles/openshift_examples/files/examples/xpaas-templates/eap6-mysql-persistent-sti.json +++ b/roles/openshift_examples/files/examples/xpaas-templates/eap6-mysql-persistent-sti.json @@ -23,9 +23,9 @@              "value": "eap-app"          },          { -            "description": "Hostname for service routes", +            "description": "Custom hostname for service routes.  Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",              "name": "APPLICATION_HOSTNAME", -            "value": "eap-app.local" +            "value": ""          },          {              "description": "Git source URI for application", @@ -87,6 +87,18 @@              "value": ""          },          { +            "description": "Sets xa-pool/min-pool-size for the configured datasource.", +            "name": "DB_MIN_POOL_SIZE" +        }, +        { +            "description": "Sets xa-pool/max-pool-size for the configured datasource.", +            "name": "DB_MAX_POOL_SIZE" +        }, +        { +            "description": "Sets transaction-isolation for the configured datasource.", +            "name": "DB_TX_ISOLATION" +        }, +        {              "description": "Sets how the table names are stored and compared.",              "name": "MYSQL_LOWER_CASE_TABLE_NAMES"          }, @@ -153,7 +165,7 @@                  }              },              "metadata": { -                "name": "${APPLICATION_NAME}-http-service", +                "name": "${APPLICATION_NAME}",                  "labels": {                      "application": "${APPLICATION_NAME}"                  }, @@ -177,7 +189,7 @@                  }              },              "metadata": { -                "name": "${APPLICATION_NAME}-https-service", +                "name": "secure-${APPLICATION_NAME}",                  "labels": {                      "application": "${APPLICATION_NAME}"                  }, @@ -251,7 +263,7 @@              "spec": {                  "host": "${APPLICATION_HOSTNAME}",                  "to": { -                    "name": "${APPLICATION_NAME}-http-service" +                    "name": "${APPLICATION_NAME}"                  }              }          }, @@ -271,7 +283,7 @@              "spec": {                  "host": "${APPLICATION_HOSTNAME}",                  "to": { -                    "name": "${APPLICATION_NAME}-https-service" +                    "name": "secure-${APPLICATION_NAME}"                  },                  "tls": {                      "termination" : "passthrough" @@ -311,6 +323,7 @@                      "sourceStrategy": {                          "from": {                              "kind": "ImageStreamTag", +                            "namespace": "openshift",                              "name": "jboss-eap6-openshift:${EAP_RELEASE}"                          }                      } @@ -443,7 +456,19 @@                                      },                                      {                                          "name": "TX_DATABASE_PREFIX_MAPPING", -                                        "value": "${APPLICATION_NAME}-postgresql=DB" +                                        "value": "${APPLICATION_NAME}-mysql=DB" +                                    }, +                                    { +                                        "name": "DB_MIN_POOL_SIZE", +                                        "value": "${DB_MIN_POOL_SIZE}" +                                    }, +                                    { +                                        "name": "DB_MAX_POOL_SIZE", +                                        "value": "${DB_MAX_POOL_SIZE}" +                                    }, +                                    { +                                        "name": "DB_TX_ISOLATION", +                                        "value": "${DB_TX_ISOLATION}"                                      },                                      {                                          "name": "OPENSHIFT_DNS_PING_SERVICE_NAME", @@ -519,7 +544,8 @@                              ],                              "from": {                                  "kind": "ImageStreamTag", -                                "name": "jboss-mysql-55:latest" +                                "namespace": "openshift", +                                "name": "mysql:latest"                              }                          }                      } @@ -540,7 +566,7 @@                          "containers": [                              {                                  "name": "${APPLICATION_NAME}-mysql", -                                "image": "registry.access.redhat.com/openshift3_beta/mysql-55-rhel7:latest", +                                "image": "mysql",                                  "imagePullPolicy": "Always",                                  "ports": [                                      { diff --git a/roles/openshift_examples/files/examples/xpaas-templates/eap6-mysql-sti.json b/roles/openshift_examples/files/examples/xpaas-templates/eap6-mysql-sti.json index 981e16cef..69537e697 100644 --- a/roles/openshift_examples/files/examples/xpaas-templates/eap6-mysql-sti.json +++ b/roles/openshift_examples/files/examples/xpaas-templates/eap6-mysql-sti.json @@ -23,9 +23,9 @@              "value": "eap-app"          },          { -            "description": "Hostname for service routes", +            "description": "Custom hostname for service routes.  Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",              "name": "APPLICATION_HOSTNAME", -            "value": "eap-app.local" +            "value": ""          },          {              "description": "Git source URI for application", @@ -82,6 +82,18 @@              "value": ""          },          { +            "description": "Sets xa-pool/min-pool-size for the configured datasource.", +            "name": "DB_MIN_POOL_SIZE" +        }, +        { +            "description": "Sets xa-pool/max-pool-size for the configured datasource.", +            "name": "DB_MAX_POOL_SIZE" +        }, +        { +            "description": "Sets transaction-isolation for the configured datasource.", +            "name": "DB_TX_ISOLATION" +        }, +        {              "description": "Sets how the table names are stored and compared.",              "name": "MYSQL_LOWER_CASE_TABLE_NAMES"          }, @@ -148,7 +160,7 @@                  }              },              "metadata": { -                "name": "${APPLICATION_NAME}-http-service", +                "name": "${APPLICATION_NAME}",                  "labels": {                      "application": "${APPLICATION_NAME}"                  }, @@ -172,7 +184,7 @@                  }              },              "metadata": { -                "name": "${APPLICATION_NAME}-https-service", +                "name": "secure-${APPLICATION_NAME}",                  "labels": {                      "application": "${APPLICATION_NAME}"                  }, @@ -246,7 +258,7 @@              "spec": {                  "host": "${APPLICATION_HOSTNAME}",                  "to": { -                    "name": "${APPLICATION_NAME}-http-service" +                    "name": "${APPLICATION_NAME}"                  }              }          }, @@ -266,7 +278,7 @@              "spec": {                  "host": "${APPLICATION_HOSTNAME}",                  "to": { -                    "name": "${APPLICATION_NAME}-https-service" +                    "name": "secure-${APPLICATION_NAME}"                  },                  "tls": {                      "termination" : "passthrough" @@ -306,6 +318,7 @@                      "sourceStrategy": {                          "from": {                              "kind": "ImageStreamTag", +                            "namespace": "openshift",                              "name": "jboss-eap6-openshift:${EAP_RELEASE}"                          }                      } @@ -441,6 +454,18 @@                                          "value": "${APPLICATION_NAME}-mysql=DB"                                      },                                      { +                                        "name": "DB_MIN_POOL_SIZE", +                                        "value": "${DB_MIN_POOL_SIZE}" +                                    }, +                                    { +                                        "name": "DB_MAX_POOL_SIZE", +                                        "value": "${DB_MAX_POOL_SIZE}" +                                    }, +                                    { +                                        "name": "DB_TX_ISOLATION", +                                        "value": "${DB_TX_ISOLATION}" +                                    }, +                                    {                                          "name": "OPENSHIFT_DNS_PING_SERVICE_NAME",                                          "value": "${APPLICATION_NAME}-ping"                                      }, @@ -514,7 +539,8 @@                              ],                              "from": {                                  "kind": "ImageStreamTag", -                                "name": "jboss-mysql-55:latest" +                                "namespace": "openshift", +                                "name": "mysql:latest"                              }                          }                      } @@ -535,7 +561,7 @@                          "containers": [                              {                                  "name": "${APPLICATION_NAME}-mysql", -                                "image": "registry.access.redhat.com/openshift3_beta/mysql-55-rhel7:latest", +                                "image": "mysql",                                  "imagePullPolicy": "Always",                                  "ports": [                                      { diff --git a/roles/openshift_examples/files/examples/xpaas-templates/eap6-postgresql-persistent-sti.json b/roles/openshift_examples/files/examples/xpaas-templates/eap6-postgresql-persistent-sti.json index 409ba5165..1325e26de 100644 --- a/roles/openshift_examples/files/examples/xpaas-templates/eap6-postgresql-persistent-sti.json +++ b/roles/openshift_examples/files/examples/xpaas-templates/eap6-postgresql-persistent-sti.json @@ -23,9 +23,9 @@              "value": "eap-app"          },          { -            "description": "Hostname for service routes", +            "description": "Custom hostname for service routes.  Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",              "name": "APPLICATION_HOSTNAME", -            "value": "eap-app.local" +            "value": ""          },          {              "description": "Git source URI for application", @@ -87,6 +87,18 @@              "value": ""          },          { +            "description": "Sets xa-pool/min-pool-size for the configured datasource.", +            "name": "DB_MIN_POOL_SIZE" +        }, +        { +            "description": "Sets xa-pool/max-pool-size for the configured datasource.", +            "name": "DB_MAX_POOL_SIZE" +        }, +        { +            "description": "Sets transaction-isolation for the configured datasource.", +            "name": "DB_TX_ISOLATION" +        }, +        {              "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",              "name": "POSTGRESQL_MAX_CONNECTIONS"          }, @@ -141,7 +153,7 @@                  }              },              "metadata": { -                "name": "${APPLICATION_NAME}-http-service", +                "name": "${APPLICATION_NAME}",                  "labels": {                      "application": "${APPLICATION_NAME}"                  }, @@ -165,7 +177,7 @@                  }              },              "metadata": { -                "name": "${APPLICATION_NAME}-https-service", +                "name": "secure-${APPLICATION_NAME}",                  "labels": {                      "application": "${APPLICATION_NAME}"                  }, @@ -239,7 +251,7 @@              "spec": {                  "host": "${APPLICATION_HOSTNAME}",                  "to": { -                    "name": "${APPLICATION_NAME}-http-service" +                    "name": "${APPLICATION_NAME}"                  }              }          }, @@ -259,7 +271,7 @@              "spec": {                  "host": "${APPLICATION_HOSTNAME}",                  "to": { -                    "name": "${APPLICATION_NAME}-https-service" +                    "name": "secure-${APPLICATION_NAME}"                  },                  "tls": {                      "termination" : "passthrough" @@ -299,6 +311,7 @@                      "sourceStrategy": {                          "from": {                              "kind": "ImageStreamTag", +                            "namespace": "openshift",                              "name": "jboss-eap6-openshift:${EAP_RELEASE}"                          }                      } @@ -434,6 +447,18 @@                                          "value": "${APPLICATION_NAME}-postgresql=DB"                                      },                                      { +                                        "name": "DB_MIN_POOL_SIZE", +                                        "value": "${DB_MIN_POOL_SIZE}" +                                    }, +                                    { +                                        "name": "DB_MAX_POOL_SIZE", +                                        "value": "${DB_MAX_POOL_SIZE}" +                                    }, +                                    { +                                        "name": "DB_TX_ISOLATION", +                                        "value": "${DB_TX_ISOLATION}" +                                    }, +                                    {                                          "name": "OPENSHIFT_DNS_PING_SERVICE_NAME",                                          "value": "${APPLICATION_NAME}-ping"                                      }, @@ -507,7 +532,8 @@                              ],                              "from": {                                  "kind": "ImageStreamTag", -                                "name": "jboss-postgresql-92:latest" +                                "namespace": "openshift", +                                "name": "postgresql:latest"                              }                          }                      } @@ -528,7 +554,7 @@                          "containers": [                              {                                  "name": "${APPLICATION_NAME}-postgresql", -                                "image": "registry.access.redhat.com/openshift3_beta/postgresql-92-rhel7:latest", +                                "image": "postgresql",                                  "imagePullPolicy": "Always",                                  "ports": [                                      { diff --git a/roles/openshift_examples/files/examples/xpaas-templates/eap6-postgresql-sti.json b/roles/openshift_examples/files/examples/xpaas-templates/eap6-postgresql-sti.json index c2ca18f9d..83921c57e 100644 --- a/roles/openshift_examples/files/examples/xpaas-templates/eap6-postgresql-sti.json +++ b/roles/openshift_examples/files/examples/xpaas-templates/eap6-postgresql-sti.json @@ -23,9 +23,9 @@              "value": "eap-app"          },          { -            "description": "Hostname for service routes", +            "description": "Custom hostname for service routes.  Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",              "name": "APPLICATION_HOSTNAME", -            "value": "eap-app.local" +            "value": ""          },          {              "description": "Git source URI for application", @@ -82,6 +82,18 @@              "value": ""          },          { +            "description": "Sets xa-pool/min-pool-size for the configured datasource.", +            "name": "DB_MIN_POOL_SIZE" +        }, +        { +            "description": "Sets xa-pool/max-pool-size for the configured datasource.", +            "name": "DB_MAX_POOL_SIZE" +        }, +        { +            "description": "Sets transaction-isolation for the configured datasource.", +            "name": "DB_TX_ISOLATION" +        }, +        {              "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",              "name": "POSTGRESQL_MAX_CONNECTIONS"          }, @@ -136,7 +148,7 @@                  }              },              "metadata": { -                "name": "${APPLICATION_NAME}-http-service", +                "name": "${APPLICATION_NAME}",                  "labels": {                      "application": "${APPLICATION_NAME}"                  }, @@ -160,7 +172,7 @@                  }              },              "metadata": { -                "name": "${APPLICATION_NAME}-https-service", +                "name": "secure-${APPLICATION_NAME}",                  "labels": {                      "application": "${APPLICATION_NAME}"                  }, @@ -234,7 +246,7 @@              "spec": {                  "host": "${APPLICATION_HOSTNAME}",                  "to": { -                    "name": "${APPLICATION_NAME}-http-service" +                    "name": "${APPLICATION_NAME}"                  }              }          }, @@ -254,7 +266,7 @@              "spec": {                  "host": "${APPLICATION_HOSTNAME}",                  "to": { -                    "name": "${APPLICATION_NAME}-https-service" +                    "name": "secure-${APPLICATION_NAME}"                  },                  "tls": {                      "termination" : "passthrough" @@ -294,6 +306,7 @@                      "sourceStrategy": {                          "from": {                              "kind": "ImageStreamTag", +                            "namespace": "openshift",                              "name": "jboss-eap6-openshift:${EAP_RELEASE}"                          }                      } @@ -429,6 +442,18 @@                                          "value": "${APPLICATION_NAME}-postgresql=DB"                                      },                                      { +                                        "name": "DB_MIN_POOL_SIZE", +                                        "value": "${DB_MIN_POOL_SIZE}" +                                    }, +                                    { +                                        "name": "DB_MAX_POOL_SIZE", +                                        "value": "${DB_MAX_POOL_SIZE}" +                                    }, +                                    { +                                        "name": "DB_TX_ISOLATION", +                                        "value": "${DB_TX_ISOLATION}" +                                    }, +                                    {                                          "name": "OPENSHIFT_DNS_PING_SERVICE_NAME",                                          "value": "${APPLICATION_NAME}-ping"                                      }, @@ -502,7 +527,8 @@                              ],                              "from": {                                  "kind": "ImageStreamTag", -                                "name": "jboss-postgresql-92:latest" +                                "namespace": "openshift", +                                "name": "postgresql:latest"                              }                          }                      } @@ -523,7 +549,7 @@                          "containers": [                              {                                  "name": "${APPLICATION_NAME}-postgresql", -                                "image": "registry.access.redhat.com/openshift3_beta/postgresql-92-rhel7:latest", +                                "image": "postgresql",                                  "imagePullPolicy": "Always",                                  "ports": [                                      { diff --git a/roles/openshift_examples/files/examples/xpaas-templates/jws-app-secret.json b/roles/openshift_examples/files/examples/xpaas-templates/jws-app-secret.json deleted file mode 100644 index c24e4ed8b..000000000 --- a/roles/openshift_examples/files/examples/xpaas-templates/jws-app-secret.json +++ /dev/null @@ -1,33 +0,0 @@ -{ -    "kind": "List", -    "apiVersion": "v1", -    "metadata": {}, -    "items": [ -        { -            "kind": "ServiceAccount", -            "apiVersion": "v1", -            "metadata": { -                "name": "jws-service-account" -            }, -            "secrets": [ -                { -                    "name": "jws-app-secret" -                } -            ] -        }, -        { -            "kind": "Secret", -            "apiVersion": "v1", -            "metadata": { -                "annotations": { -                    "description": "Default secret files with password 'mycertpass'" -                }, -                "name": "jws-app-secret" -            }, -            "data": { -                "server.crt": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURhakNDQWxLZ0F3SUJBZ0lKQUlVcmJBS2pjd3lkTUEwR0NTcUdTSWIzRFFFQkJRVUFNQ3d4Q3pBSkJnTlYKQkFZVEFrTkJNUXN3Q1FZRFZRUUlFd0pDUXpFUU1BNEdBMVVFQ2hNSFVtVmtJRWhoZERBZUZ3MHhOVEExTWpNdwpNalE0TWpCYUZ3MHhPREExTWpJd01qUTRNakJhTUN3eEN6QUpCZ05WQkFZVEFrTkJNUXN3Q1FZRFZRUUlFd0pDClF6RVFNQTRHQTFVRUNoTUhVbVZrSUVoaGREQ0NBU0l3RFFZSktvWklodmNOQVFFQkJRQURnZ0VQQURDQ0FRb0MKZ2dFQkFMejlGcWYwbFV0eHBXbFlqQVF3MGNPVU5NMmF0SjFjWmMybEx5UEh3NVVYMkNna29jaHhuY0ZhSDZsYwpSeWVvUC9KQXVlM2d2cjJ0ZURicTRGMitRRWRFL3hrM0xLZEVhVXhwaGgvaVpDYUg0VnlXdzE3Y01aaS83UFUxCkhTak1waEVoK3MwQ1JIZnBCSVZDZ2hFQjZCekhYazNLSHU1K0JsRTYzRDVOSXJuNVBiRGhwUG5VaG1vY05HNU0KdFlEZE9mRHphTVdzcWU2ZGFkL0c3eXpDeVZYMnA2RllIbEdvQWpDTkVPdkFtTEFtMVcwNDdOOGV0QjIybFA3NQozK2dYby83T2Q1WHJJU0xLWTBNZ0puaDdmVEh1VVdhWEIxSEZ0YmFReXVreGVYZG1wRFR4VkdzenhHVXIxemd4ClU4VVFnMjFGOFhONjVydGNScVdCNWNFQXcrRUNBd0VBQWFPQmpqQ0JpekFkQmdOVkhRNEVGZ1FVVXJZUm5NOXIKemNGUS9QMFk4VlhzUm1OWVlUUXdYQVlEVlIwakJGVXdVNEFVVXJZUm5NOXJ6Y0ZRL1AwWThWWHNSbU5ZWVRTaApNS1F1TUN3eEN6QUpCZ05WQkFZVEFrTkJNUXN3Q1FZRFZRUUlFd0pDUXpFUU1BNEdBMVVFQ2hNSFVtVmtJRWhoCmRJSUpBSVVyYkFLamN3eWRNQXdHQTFVZEV3UUZNQU1CQWY4d0RRWUpLb1pJaHZjTkFRRUZCUUFEZ2dFQkFEeGcKckh1NFpoeXU4UjlZWGpLZVBXaXUxQnZYUVhJRG5DQVZiZXlMNHZ5WHczdFZTeng1S3BuaHprTm5zemxpS1RQRAozOWNNbTJ0VTBUcGpHRVZ1TDVTR0R5V3JRakNQWDY2NjZpdjhzNkpVYUxmdnBPNlduN0wzVXVMVnFoMmpVM2FOCkU2TDB4UEg4SWRzc3lGZ3Rac3BueVlxZ0cvYUoxUEtmZDYweXRtK0hveUYyZW5xZnVKaHNKNnp3QUVZdi9vUCsKcXhYK04yZDJEVmt2RjVRZ3llSjZiYWd1M0QxbWRpbE5pWDliZmVHZ3ptT1JXaHBYNkVqdnFqeTZ4TllqQ2IxbAo1anVzdHhHZlFGSm1UOTdaZnZQK1kxeTJvUkZFc01BVy9BNWNrai92SnlUUlZIeWZZSG1qeW82SFhSdzRWdERNCjJtOWZqOFhYTDh5TlZha2h6dE09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K", -                "server.key": "LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpQcm9jLVR5cGU6IDQsRU5DUllQVEVECkRFSy1JbmZvOiBERVMtRURFMy1DQkMsODRGOEVFQjcyN0FCNzc4RgoKS2lkL0tKZ2JyWE1YUGwwQXc4azI0dW1QcW53NUhQZHk3ZUZ2aG1NNEU3T1V2bkZYeWpMN2dQZ0JjTmxTbEx2Rgp6eXZYVWZwUXROQ2dUWWJvU0dWVFpkV01OL0ttcTNheUJTckNvWGg3MUFMWm1KVDF4aDNCcWUyMzVNRzZlR2NTCngrY3hudW0yMXNWRFBHUnBmZUx4VXA3WU5mOTNwYzBNaTUzSVdmT0IvM2FscDJlajI0RkRTVG1xM0NpVFR1b3cKcUc2MjdjREY2RVNhNFphZmFXelpOVDJnUStrejRGQkcwc1dJYWVod012SXJiQWFldGpUSUhQTmZraUtOcTF3Qwpma2h0NU9xRDU0RzVnR1ZYd0tXcGF4S2M0K24rcEtsZk1od2NPQ3Z5Y2hwQmtQbzk0T2E2bE1oVUk3Y0FkemVOCmI0TmNVWS9UekxpNjgyRjlFZUpsOXJuQ0N2N0RJcEZJbkg5bG4zUElVT2pCYVlySFpqY0pSK2xWOFhWRVJzcTAKZ0hyTUZ2WjRXYXZPclhVaFhxTm10UmNSOVpoS3pvVnB5MStIRUlONTZIL2huaFB5ZEJLb3pnbXFwSFJoWVZwNApNWEk0ZGtlMVZ5VmlRQUMxUzU3Wi81anFTZTN5akRyYTZJMThJRzNPSGNxeEpuWXNNOS9NdVBRZjlJNlJWTEx3CnVXcDNDdkIvNUJyWlNQWVFGbnhCT09hLzd3SWVtNjE2Z2ZnREdCRjZpc3BVNTlhbjlKQWtHYmhKT2h4RzYvRjYKZFpNZUZOa0lkRUwzR3pQRWNjNWpVTGJmSE5tWmVsODlYRUVpak96LzhvVEdHYUNyRkUxVVZKLytZSVVzK3lnOQpwRFJ6bkxyV2hwNGxNTnVLYjRNeXkySlkrWW9DOHhMVUtaYnNYcUxlN2k5QTJwYWtFUmdhazZaK1BEZUR2OWpYCnU0M3dzU0dwRTRUeDFkR2JsRzJDd0pPSW53WnpETUEwTDliWm8xemY4bUZGN0FmejlCbjNMOWMybTVJUDlZQ1AKQ1dVcFA4S3AzbEhzQkpQWWl4VTJ3TlZWSGs1Vjlla2R3aEl3Mlc3d0gyOTB6azZFTXJvZ2NoMjdKTFk0MlBzOApyRDl6Wm5vbEgrN1pPa3lLQ1UxVWJHWUJFSUtvZVFGa1FCek01aEpFT0xGVXd0YmdvZE5YYS9oMStXMjdkaHd1CnIyMG1tb3lCRGpNNWdGVVh6dGpqNDZMakZuNE5iRmtwbkNNT1VDNVM2bkIyeTlONnoxUWRSekVPRy80cU5xVFkKRzY3c2szemlqVzFISkxJVGorMVNPZHdIWktSUFl3cGxNTkY4TFRKVlBOYVQ5L3FDVGV3bXl4WUpIVjljVWhuSwpMQUZZYXNKVG9HZytEQnNJL21GbDY3WHNhWnp1cUdSSksydnVvNG9jWjJNb250L3BSSXRwQStaUFNpREFqTzNjCm9kTW5LRmhkRkpMSTZZTXVja1RySGQycXREQmdPaEEyZjk3ajArckVGeWVNOHY2eGhGN0I4cEtscW5TQU01M2kKbGl1ZHh1NzA2RWNQQ3JlU3pPRjF5bWMrQnBmVjVtSnU0U1hEcUF4aEYzZFFPbEg5TDdPVmJtRDU4dUs0eDNldwpXQ05Qa2FGc1UxRThJR2M4UGVqc1kwdHUxdWtoK3ZMYnlNQlBVRXRxaEgrNFhNeUVJL0xjUVhIRlkybjBEcmZDCmxTclM3T3FKcGhPbW1VSWFwNGZLK0QzcldzZmFpSm9wc2Yxc044MEdLeVptSFY1TWtEY0k3NXdTWWp1RXhvcGgKVW0wcmJxMDdVVVVFR0tYL1JIQWhWS21nek5JMEZpYUZtbkhHOUw0bWZwclFHd2J5dTR1RktLUGtjOGxodlVwRAp6Z29SMTZQSUM4THpvcE5qTmJPem0xV0RUd1FxaUt5NWRsVWlWZlFRRlNmd09vcDMzakhvQXUzVWxYU3Bwby9vCnJnbGIxUUtBdm5zUEVFaG9HZUZpenFIWXhLVjZpT1hET3ZCcFhOcC8yMVB0OHpRbWVXUXZRZmhyOEc0cEpkVVcKRTFBWlc1b2JWWG1seWc4OWRML0pMTG02VFVNdUZaZFgxRlRNaVphangvQklqekhFVjdRNkhJZWFHYjBRb2dFZwotLS0tLUVORCBSU0EgUFJJVkFURSBLRVktLS0tLQo=" -            } -        } -    ] -} diff --git a/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat7-basic-sti.json b/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat7-basic-sti.json index bb5bbb134..a3947593c 100644 --- a/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat7-basic-sti.json +++ b/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat7-basic-sti.json @@ -23,9 +23,9 @@              "value": "jws-app"          },          { -            "description": "Hostname for service routes", +            "description": "Custom hostname for service routes.  Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",              "name": "APPLICATION_HOSTNAME", -            "value": "jws-app.local" +            "value": ""          },          {              "description": "Git source URI for application", @@ -42,26 +42,6 @@              "value": ""          },          { -            "description": "The name of the secret containing the certificate files", -            "name": "JWS_HTTPS_SECRET", -            "value": "jws-app-secret" -        }, -        { -            "description": "The name of the certificate file within the secret", -            "name": "JWS_HTTPS_CERTIFICATE", -            "value": "server.crt" -        }, -        { -            "description": "The name of the certificate key file within the secret", -            "name": "JWS_HTTPS_CERTIFICATE_KEY", -            "value": "server.key" -        }, -        { -            "description": "The certificate password", -            "name": "JWS_HTTPS_CERTIFICATE_PASSWORD", -            "value": "" -        }, -        {              "description": "JWS Admin User",              "name": "JWS_ADMIN_USERNAME",              "from": "[a-zA-Z0-9]{8}", @@ -102,7 +82,7 @@                  }              },              "metadata": { -                "name": "${APPLICATION_NAME}-http-service", +                "name": "${APPLICATION_NAME}",                  "labels": {                      "application": "${APPLICATION_NAME}"                  }, @@ -112,30 +92,6 @@              }          },          { -            "kind": "Service", -            "apiVersion": "v1", -            "spec": { -                "ports": [ -                    { -                        "port": 8443, -                        "targetPort": 8443 -                    } -                ], -                "selector": { -                    "deploymentConfig": "${APPLICATION_NAME}" -                } -            }, -            "metadata": { -                "name": "${APPLICATION_NAME}-https-service", -                "labels": { -                    "application": "${APPLICATION_NAME}" -                }, -                "annotations": { -                    "description": "The web server's https port." -                } -            } -        }, -        {              "kind": "Route",              "apiVersion": "v1",              "id": "${APPLICATION_NAME}-http-route", @@ -151,30 +107,7 @@              "spec": {                  "host": "${APPLICATION_HOSTNAME}",                  "to": { -                    "name": "${APPLICATION_NAME}-http-service" -                } -            } -        }, -        { -            "kind": "Route", -            "apiVersion": "v1", -            "id": "${APPLICATION_NAME}-https-route", -            "metadata": { -                "name": "${APPLICATION_NAME}-https-route", -                "labels": { -                    "application": "${APPLICATION_NAME}" -                }, -                "annotations": { -                    "description": "Route for application's https service." -                } -            }, -            "spec": { -                "host": "${APPLICATION_HOSTNAME}", -                "to": { -                    "name": "${APPLICATION_NAME}-https-service" -                }, -                "tls": { -                    "termination" : "passthrough" +                    "name": "${APPLICATION_NAME}"                  }              }          }, @@ -211,6 +144,7 @@                      "sourceStrategy": {                          "from": {                              "kind": "ImageStreamTag", +                            "namespace": "openshift",                              "name": "jboss-webserver3-tomcat7-openshift:${JWS_RELEASE}"                          }                      } @@ -281,7 +215,6 @@                          }                      },                      "spec": { -                        "serviceAccount": "jws-service-account",                          "containers": [                              {                                  "name": "${APPLICATION_NAME}", @@ -296,43 +229,15 @@                                          ]                                      }                                  }, -                                "volumeMounts": [ -                                    { -                                        "name": "jws-certificate-volume", -                                        "mountPath": "/etc/jws-secret-volume", -                                        "readOnly": true -                                    } -                                ],                                  "ports": [                                      {                                          "name": "${APPLICATION_NAME}-tcp-8080",                                          "containerPort": 8080,                                          "protocol": "TCP" -                                    }, -                                    { -                                        "name": "${APPLICATION_NAME}-tcp-8443", -                                        "containerPort": 8443, -                                        "protocol": "TCP"                                      }                                  ],                                  "env": [                                      { -                                        "name": "JWS_HTTPS_CERTIFICATE_DIR", -                                        "value": "/etc/jws-secret-volume" -                                    }, -                                    { -                                        "name": "JWS_HTTPS_CERTIFICATE", -                                        "value": "${JWS_HTTPS_CERTIFICATE}" -                                    }, -                                    { -                                        "name": "JWS_HTTPS_CERTIFICATE_KEY", -                                        "value": "${JWS_HTTPS_CERTIFICATE_KEY}" -                                    }, -                                    { -                                        "name": "JWS_HTTPS_CERTIFICATE_PASSWORD", -                                        "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}" -                                    }, -                                    {                                          "name": "JWS_ADMIN_USERNAME",                                          "value": "${JWS_ADMIN_USERNAME}"                                      }, @@ -342,14 +247,6 @@                                      }                                  ]                              } -                        ], -                        "volumes": [ -                            { -                                "name": "jws-certificate-volume", -                                "secret": { -                                    "secretName": "${JWS_HTTPS_SECRET}" -                                } -                            }                          ]                      }                  } diff --git a/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat7-https-sti.json b/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat7-https-sti.json new file mode 100644 index 000000000..1f9c17cf2 --- /dev/null +++ b/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat7-https-sti.json @@ -0,0 +1,360 @@ +{ +    "kind": "Template", +    "apiVersion": "v1", +    "metadata": { +        "annotations": { +            "iconClass" : "icon-tomcat", +            "description": "Application template for JWS applications built using STI." +        }, +        "name": "jws-tomcat7-basic-sti" +    }, +    "labels": { +        "template": "jws-tomcat7-basic-sti" +    }, +    "parameters": [ +        { +            "description": "JWS Release version, e.g. 3.0, 2.1, etc.", +            "name": "JWS_RELEASE", +            "value": "3.0" +        }, +        { +            "description": "The name for the application.", +            "name": "APPLICATION_NAME", +            "value": "jws-app" +        }, +        { +            "description": "Custom hostname for service routes.  Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>", +            "name": "APPLICATION_HOSTNAME", +            "value": "" +        }, +        { +            "description": "Git source URI for application", +            "name": "GIT_URI" +        }, +        { +            "description": "Git branch/tag reference", +            "name": "GIT_REF", +            "value": "master" +        }, +        { +            "description": "Path within Git project to build; empty for root project directory.", +            "name": "GIT_CONTEXT_DIR", +            "value": "" +        }, +        { +            "description": "The name of the secret containing the certificate files", +            "name": "JWS_HTTPS_SECRET", +            "value": "jws-app-secret" +        }, +        { +            "description": "The name of the certificate file within the secret", +            "name": "JWS_HTTPS_CERTIFICATE", +            "value": "server.crt" +        }, +        { +            "description": "The name of the certificate key file within the secret", +            "name": "JWS_HTTPS_CERTIFICATE_KEY", +            "value": "server.key" +        }, +        { +            "description": "The certificate password", +            "name": "JWS_HTTPS_CERTIFICATE_PASSWORD", +            "value": "" +        }, +        { +            "description": "JWS Admin User", +            "name": "JWS_ADMIN_USERNAME", +            "from": "[a-zA-Z0-9]{8}", +            "generate": "expression" +        }, +        { +            "description": "JWS Admin Password", +            "name": "JWS_ADMIN_PASSWORD", +            "from": "[a-zA-Z0-9]{8}", +            "generate": "expression" +        }, +        { +            "description": "Github trigger secret", +            "name": "GITHUB_TRIGGER_SECRET", +            "from": "[a-zA-Z0-9]{8}", +            "generate": "expression" +        }, +        { +            "description": "Generic build trigger secret", +            "name": "GENERIC_TRIGGER_SECRET", +            "from": "[a-zA-Z0-9]{8}", +            "generate": "expression" +        } +    ], +    "objects": [ +        { +            "kind": "Service", +            "apiVersion": "v1", +            "spec": { +                "ports": [ +                    { +                        "port": 8080, +                        "targetPort": 8080 +                    } +                ], +                "selector": { +                    "deploymentConfig": "${APPLICATION_NAME}" +                } +            }, +            "metadata": { +                "name": "${APPLICATION_NAME}", +                "labels": { +                    "application": "${APPLICATION_NAME}" +                }, +                "annotations": { +                    "description": "The web server's http port." +                } +            } +        }, +        { +            "kind": "Service", +            "apiVersion": "v1", +            "spec": { +                "ports": [ +                    { +                        "port": 8443, +                        "targetPort": 8443 +                    } +                ], +                "selector": { +                    "deploymentConfig": "${APPLICATION_NAME}" +                } +            }, +            "metadata": { +                "name": "secure-${APPLICATION_NAME}", +                "labels": { +                    "application": "${APPLICATION_NAME}" +                }, +                "annotations": { +                    "description": "The web server's https port." +                } +            } +        }, +        { +            "kind": "Route", +            "apiVersion": "v1", +            "id": "${APPLICATION_NAME}-http-route", +            "metadata": { +                "name": "${APPLICATION_NAME}-http-route", +                "labels": { +                    "application": "${APPLICATION_NAME}" +                }, +                "annotations": { +                    "description": "Route for application's http service." +                } +            }, +            "spec": { +                "host": "${APPLICATION_HOSTNAME}", +                "to": { +                    "name": "${APPLICATION_NAME}" +                } +            } +        }, +        { +            "kind": "Route", +            "apiVersion": "v1", +            "id": "${APPLICATION_NAME}-https-route", +            "metadata": { +                "name": "${APPLICATION_NAME}-https-route", +                "labels": { +                    "application": "${APPLICATION_NAME}" +                }, +                "annotations": { +                    "description": "Route for application's https service." +                } +            }, +            "spec": { +                "host": "${APPLICATION_HOSTNAME}", +                "to": { +                    "name": "secure-${APPLICATION_NAME}" +                }, +                "tls": { +                    "termination" : "passthrough" +                } +            } +        }, +        { +            "kind": "ImageStream", +            "apiVersion": "v1", +            "metadata": { +                "name": "${APPLICATION_NAME}", +                "labels": { +                    "application": "${APPLICATION_NAME}" +                } +            } +        }, +        { +            "kind": "BuildConfig", +            "apiVersion": "v1", +            "metadata": { +                "name": "${APPLICATION_NAME}", +                "labels": { +                    "application": "${APPLICATION_NAME}" +                } +            }, +            "spec": { +                "source": { +                    "type": "Git", +                    "git": { +                        "uri": "${GIT_URI}", +                        "ref": "${GIT_REF}" +                    }, +                    "contextDir":"${GIT_CONTEXT_DIR}" +                }, +                "strategy": { +                    "type": "Source", +                    "sourceStrategy": { +                        "from": { +                            "kind": "ImageStreamTag", +                            "namespace": "openshift", +                            "name": "jboss-webserver3-tomcat7-openshift:${JWS_RELEASE}" +                        } +                    } +                }, +                "output": { +                    "to": { +                        "name": "${APPLICATION_NAME}" +                    } +                }, +                "triggers": [ +                    { +                        "type": "github", +                        "github": { +                            "secret": "${GITHUB_TRIGGER_SECRET}" +                        } +                    }, +                    { +                        "type": "generic", +                        "generic": { +                            "secret": "${GENERIC_TRIGGER_SECRET}" +                        } +                    }, +                    { +                        "type": "imageChange", +                        "imageChange": {} +                    } +                ] +            } +        }, +        { +            "kind": "DeploymentConfig", +            "apiVersion": "v1", +            "metadata": { +                "name": "${APPLICATION_NAME}", +                "labels": { +                    "application": "${APPLICATION_NAME}" +                } +            }, +            "spec": { +                "strategy": { +                    "type": "Recreate" +                }, +                "triggers": [ +                    { +                        "type": "ImageChange", +                        "imageChangeParams": { +                            "automatic": true, +                            "containerNames": [ +                                "${APPLICATION_NAME}" +                            ], +                            "from": { +                                "kind": "ImageStream", +                                "name": "${APPLICATION_NAME}" +                            } +                        } +                    } +                ], +                "replicas": 1, +                "selector": { +                    "deploymentConfig": "${APPLICATION_NAME}" +                }, +                "template": { +                    "metadata": { +                        "name": "${APPLICATION_NAME}", +                        "labels": { +                            "deploymentConfig": "${APPLICATION_NAME}", +                            "application": "${APPLICATION_NAME}" +                        } +                    }, +                    "spec": { +                        "serviceAccount": "jws-service-account", +                        "containers": [ +                            { +                                "name": "${APPLICATION_NAME}", +                                "image": "${APPLICATION_NAME}", +                                "imagePullPolicy": "Always", +                                "readinessProbe": { +                                    "exec": { +                                        "command": [ +                                            "/bin/bash", +                                            "-c", +                                            "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'" +                                        ] +                                    } +                                }, +                                "volumeMounts": [ +                                    { +                                        "name": "jws-certificate-volume", +                                        "mountPath": "/etc/jws-secret-volume", +                                        "readOnly": true +                                    } +                                ], +                                "ports": [ +                                    { +                                        "name": "${APPLICATION_NAME}-tcp-8080", +                                        "containerPort": 8080, +                                        "protocol": "TCP" +                                    }, +                                    { +                                        "name": "${APPLICATION_NAME}-tcp-8443", +                                        "containerPort": 8443, +                                        "protocol": "TCP" +                                    } +                                ], +                                "env": [ +                                    { +                                        "name": "JWS_HTTPS_CERTIFICATE_DIR", +                                        "value": "/etc/jws-secret-volume" +                                    }, +                                    { +                                        "name": "JWS_HTTPS_CERTIFICATE", +                                        "value": "${JWS_HTTPS_CERTIFICATE}" +                                    }, +                                    { +                                        "name": "JWS_HTTPS_CERTIFICATE_KEY", +                                        "value": "${JWS_HTTPS_CERTIFICATE_KEY}" +                                    }, +                                    { +                                        "name": "JWS_HTTPS_CERTIFICATE_PASSWORD", +                                        "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}" +                                    }, +                                    { +                                        "name": "JWS_ADMIN_USERNAME", +                                        "value": "${JWS_ADMIN_USERNAME}" +                                    }, +                                    { +                                        "name": "JWS_ADMIN_PASSWORD", +                                        "value": "${JWS_ADMIN_PASSWORD}" +                                    } +                                ] +                            } +                        ], +                        "volumes": [ +                            { +                                "name": "jws-certificate-volume", +                                "secret": { +                                    "secretName": "${JWS_HTTPS_SECRET}" +                                } +                            } +                        ] +                    } +                } +            } +        } +    ] +} diff --git a/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat7-mongodb-persistent-sti.json b/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat7-mongodb-persistent-sti.json index 86d4d3d25..55746fc11 100644 --- a/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat7-mongodb-persistent-sti.json +++ b/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat7-mongodb-persistent-sti.json @@ -23,9 +23,9 @@              "value": "jws-app"          },          { -            "description": "Hostname for service routes", +            "description": "Custom hostname for service routes.  Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",              "name": "APPLICATION_HOSTNAME", -            "value": "jws-app.local" +            "value": ""          },          {              "description": "Git source URI for application", @@ -77,6 +77,18 @@              "value": ""          },          { +            "description": "Sets xa-pool/min-pool-size for the configured datasource.", +            "name": "DB_MIN_POOL_SIZE" +        }, +        { +            "description": "Sets xa-pool/max-pool-size for the configured datasource.", +            "name": "DB_MAX_POOL_SIZE" +        }, +        { +            "description": "Sets transaction-isolation for the configured datasource.", +            "name": "DB_TX_ISOLATION" +        }, +        {              "description": "Disable data file preallocation.",              "name": "MONGODB_NOPREALLOC"          }, @@ -147,7 +159,7 @@                  }              },              "metadata": { -                "name": "${APPLICATION_NAME}-http-service", +                "name": "${APPLICATION_NAME}",                  "labels": {                      "application": "${APPLICATION_NAME}"                  }, @@ -171,7 +183,7 @@                  }              },              "metadata": { -                "name": "${APPLICATION_NAME}-https-service", +                "name": "secure-${APPLICATION_NAME}",                  "labels": {                      "application": "${APPLICATION_NAME}"                  }, @@ -220,7 +232,7 @@              "spec": {                  "host": "${APPLICATION_HOSTNAME}",                  "to": { -                    "name": "${APPLICATION_NAME}-http-service" +                    "name": "${APPLICATION_NAME}"                  }              }          }, @@ -240,7 +252,7 @@              "spec": {                  "host": "${APPLICATION_HOSTNAME}",                  "to": { -                    "name": "${APPLICATION_NAME}-https-service" +                    "name": "secure-${APPLICATION_NAME}"                  },                  "tls": {                      "termination" : "passthrough" @@ -280,6 +292,7 @@                      "sourceStrategy": {                          "from": {                              "kind": "ImageStreamTag", +                            "namespace": "openshift",                              "name": "jboss-webserver3-tomcat7-openshift:${JWS_RELEASE}"                          }                      } @@ -410,6 +423,18 @@                                          "value": "${DB_ADMIN_PASSWORD}"                                      },                                      { +                                        "name": "DB_MIN_POOL_SIZE", +                                        "value": "${DB_MIN_POOL_SIZE}" +                                    }, +                                    { +                                        "name": "DB_MAX_POOL_SIZE", +                                        "value": "${DB_MAX_POOL_SIZE}" +                                    }, +                                    { +                                        "name": "DB_TX_ISOLATION", +                                        "value": "${DB_TX_ISOLATION}" +                                    }, +                                    {                                          "name": "JWS_HTTPS_CERTIFICATE_DIR",                                          "value": "/etc/jws-secret-volume"                                      }, @@ -471,7 +496,8 @@                              ],                              "from": {                                  "kind": "ImageStreamTag", -                                "name": "jboss-mongodb-24:latest" +                                "namespace": "openshift", +                                "name": "mongodb:latest"                              }                          }                      } @@ -492,7 +518,7 @@                          "containers": [                              {                                  "name": "${APPLICATION_NAME}-mongodb", -                                "image": "registry.access.redhat.com/openshift3_beta/mongodb-24-rhel7:latest", +                                "image": "mongodb",                                  "imagePullPolicy": "Always",                                  "ports": [                                      { diff --git a/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat7-mongodb-sti.json b/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat7-mongodb-sti.json index 696587cf3..f540c885c 100644 --- a/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat7-mongodb-sti.json +++ b/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat7-mongodb-sti.json @@ -23,9 +23,9 @@              "value": "jws-app"          },          { -            "description": "Hostname for service routes", +            "description": "Custom hostname for service routes.  Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",              "name": "APPLICATION_HOSTNAME", -            "value": "jws-app.local" +            "value": ""          },          {              "description": "Git source URI for application", @@ -72,6 +72,18 @@              "value": ""          },          { +            "description": "Sets xa-pool/min-pool-size for the configured datasource.", +            "name": "DB_MIN_POOL_SIZE" +        }, +        { +            "description": "Sets xa-pool/max-pool-size for the configured datasource.", +            "name": "DB_MAX_POOL_SIZE" +        }, +        { +            "description": "Sets transaction-isolation for the configured datasource.", +            "name": "DB_TX_ISOLATION" +        }, +        {              "description": "Disable data file preallocation.",              "name": "MONGODB_NOPREALLOC"          }, @@ -142,7 +154,7 @@                  }              },              "metadata": { -                "name": "${APPLICATION_NAME}-http-service", +                "name": "${APPLICATION_NAME}",                  "labels": {                      "application": "${APPLICATION_NAME}"                  }, @@ -166,7 +178,7 @@                  }              },              "metadata": { -                "name": "${APPLICATION_NAME}-https-service", +                "name": "secure-${APPLICATION_NAME}",                  "labels": {                      "application": "${APPLICATION_NAME}"                  }, @@ -215,7 +227,7 @@              "spec": {                  "host": "${APPLICATION_HOSTNAME}",                  "to": { -                    "name": "${APPLICATION_NAME}-http-service" +                    "name": "${APPLICATION_NAME}"                  }              }          }, @@ -235,7 +247,7 @@              "spec": {                  "host": "${APPLICATION_HOSTNAME}",                  "to": { -                    "name": "${APPLICATION_NAME}-https-service" +                    "name": "secure-${APPLICATION_NAME}"                  },                  "tls": {                      "termination" : "passthrough" @@ -275,6 +287,7 @@                      "sourceStrategy": {                          "from": {                              "kind": "ImageStreamTag", +                            "namespace": "openshift",                              "name": "jboss-webserver3-tomcat7-openshift:${JWS_RELEASE}"                          }                      } @@ -405,6 +418,18 @@                                          "value": "${DB_ADMIN_PASSWORD}"                                      },                                      { +                                        "name": "DB_MIN_POOL_SIZE", +                                        "value": "${DB_MIN_POOL_SIZE}" +                                    }, +                                    { +                                        "name": "DB_MAX_POOL_SIZE", +                                        "value": "${DB_MAX_POOL_SIZE}" +                                    }, +                                    { +                                        "name": "DB_TX_ISOLATION", +                                        "value": "${DB_TX_ISOLATION}" +                                    }, +                                    {                                          "name": "JWS_HTTPS_CERTIFICATE_DIR",                                          "value": "/etc/jws-secret-volume"                                      }, @@ -466,7 +491,8 @@                              ],                              "from": {                                  "kind": "ImageStreamTag", -                                "name": "jboss-mongodb-24:latest" +                                "namespace": "openshift", +                                "name": "mongodb:latest"                              }                          }                      } @@ -487,7 +513,7 @@                          "containers": [                              {                                  "name": "${APPLICATION_NAME}-mongodb", -                                "image": "registry.access.redhat.com/openshift3_beta/mongodb-24-rhel7:latest", +                                "image": "mongodb",                                  "imagePullPolicy": "Always",                                  "ports": [                                      { diff --git a/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat7-mysql-persistent-sti.json b/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat7-mysql-persistent-sti.json index 3ff5a712e..984b075a2 100644 --- a/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat7-mysql-persistent-sti.json +++ b/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat7-mysql-persistent-sti.json @@ -23,9 +23,9 @@              "value": "jws-app"          },          { -            "description": "Hostname for service routes", +            "description": "Custom hostname for service routes.  Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",              "name": "APPLICATION_HOSTNAME", -            "value": "jws-app.local" +            "value": ""          },          {              "description": "Git source URI for application", @@ -77,6 +77,18 @@              "value": ""          },          { +            "description": "Sets xa-pool/min-pool-size for the configured datasource.", +            "name": "DB_MIN_POOL_SIZE" +        }, +        { +            "description": "Sets xa-pool/max-pool-size for the configured datasource.", +            "name": "DB_MAX_POOL_SIZE" +        }, +        { +            "description": "Sets transaction-isolation for the configured datasource.", +            "name": "DB_TX_ISOLATION" +        }, +        {              "description": "Sets how the table names are stored and compared.",              "name": "MYSQL_LOWER_CASE_TABLE_NAMES"          }, @@ -149,7 +161,7 @@                  }              },              "metadata": { -                "name": "${APPLICATION_NAME}-http-service", +                "name": "${APPLICATION_NAME}",                  "labels": {                      "application": "${APPLICATION_NAME}"                  }, @@ -173,7 +185,7 @@                  }              },              "metadata": { -                "name": "${APPLICATION_NAME}-https-service", +                "name": "secure-${APPLICATION_NAME}",                  "labels": {                      "application": "${APPLICATION_NAME}"                  }, @@ -222,7 +234,7 @@              "spec": {                  "host": "${APPLICATION_HOSTNAME}",                  "to": { -                    "name": "${APPLICATION_NAME}-http-service" +                    "name": "${APPLICATION_NAME}"                  }              }          }, @@ -242,7 +254,7 @@              "spec": {                  "host": "${APPLICATION_HOSTNAME}",                  "to": { -                    "name": "${APPLICATION_NAME}-https-service" +                    "name": "secure-${APPLICATION_NAME}"                  },                  "tls": {                      "termination" : "passthrough" @@ -282,6 +294,7 @@                      "sourceStrategy": {                          "from": {                              "kind": "ImageStreamTag", +                            "namespace": "openshift",                              "name": "jboss-webserver3-tomcat7-openshift:${JWS_RELEASE}"                          }                      } @@ -408,6 +421,18 @@                                          "value": "${DB_DATABASE}"                                      },                                      { +                                        "name": "DB_MIN_POOL_SIZE", +                                        "value": "${DB_MIN_POOL_SIZE}" +                                    }, +                                    { +                                        "name": "DB_MAX_POOL_SIZE", +                                        "value": "${DB_MAX_POOL_SIZE}" +                                    }, +                                    { +                                        "name": "DB_TX_ISOLATION", +                                        "value": "${DB_TX_ISOLATION}" +                                    }, +                                    {                                          "name": "JWS_HTTPS_CERTIFICATE_DIR",                                          "value": "/etc/jws-secret-volume"                                      }, @@ -469,7 +494,8 @@                              ],                              "from": {                                  "kind": "ImageStreamTag", -                                "name": "jboss-mysql-55:latest" +                                "namespace": "openshift", +                                "name": "mysql:latest"                              }                          }                      } @@ -490,7 +516,7 @@                          "containers": [                              {                                  "name": "${APPLICATION_NAME}-mysql", -                                "image": "registry.access.redhat.com/openshift3_beta/mysql-55-rhel7:latest", +                                "image": "mysql",                                  "ports": [                                      {                                          "name": "${APPLICATION_NAME}-mysql-tcp-3306", diff --git a/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat7-mysql-sti.json b/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat7-mysql-sti.json index 872e13f95..af9c7c17c 100644 --- a/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat7-mysql-sti.json +++ b/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat7-mysql-sti.json @@ -23,9 +23,9 @@              "value": "jws-app"          },          { -            "description": "Hostname for service routes", +            "description": "Custom hostname for service routes.  Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",              "name": "APPLICATION_HOSTNAME", -            "value": "jws-app.local" +            "value": ""          },          {              "description": "Git source URI for application", @@ -72,6 +72,18 @@              "value": ""          },          { +            "description": "Sets xa-pool/min-pool-size for the configured datasource.", +            "name": "DB_MIN_POOL_SIZE" +        }, +        { +            "description": "Sets xa-pool/max-pool-size for the configured datasource.", +            "name": "DB_MAX_POOL_SIZE" +        }, +        { +            "description": "Sets transaction-isolation for the configured datasource.", +            "name": "DB_TX_ISOLATION" +        }, +        {              "description": "Sets how the table names are stored and compared.",              "name": "MYSQL_LOWER_CASE_TABLE_NAMES"          }, @@ -144,7 +156,7 @@                  }              },              "metadata": { -                "name": "${APPLICATION_NAME}-http-service", +                "name": "${APPLICATION_NAME}",                  "labels": {                      "application": "${APPLICATION_NAME}"                  }, @@ -168,7 +180,7 @@                  }              },              "metadata": { -                "name": "${APPLICATION_NAME}-https-service", +                "name": "secure-${APPLICATION_NAME}",                  "labels": {                      "application": "${APPLICATION_NAME}"                  }, @@ -217,7 +229,7 @@              "spec": {                  "host": "${APPLICATION_HOSTNAME}",                  "to": { -                    "name": "${APPLICATION_NAME}-http-service" +                    "name": "${APPLICATION_NAME}"                  }              }          }, @@ -237,7 +249,7 @@              "spec": {                  "host": "${APPLICATION_HOSTNAME}",                  "to": { -                    "name": "${APPLICATION_NAME}-https-service" +                    "name": "secure-${APPLICATION_NAME}"                  },                  "tls": {                      "termination" : "passthrough" @@ -277,6 +289,7 @@                      "sourceStrategy": {                          "from": {                              "kind": "ImageStreamTag", +                            "namespace": "openshift",                              "name": "jboss-webserver3-tomcat7-openshift:${JWS_RELEASE}"                          }                      } @@ -403,6 +416,18 @@                                          "value": "${DB_DATABASE}"                                      },                                      { +                                        "name": "DB_MIN_POOL_SIZE", +                                        "value": "${DB_MIN_POOL_SIZE}" +                                    }, +                                    { +                                        "name": "DB_MAX_POOL_SIZE", +                                        "value": "${DB_MAX_POOL_SIZE}" +                                    }, +                                    { +                                        "name": "DB_TX_ISOLATION", +                                        "value": "${DB_TX_ISOLATION}" +                                    }, +                                    {                                          "name": "JWS_HTTPS_CERTIFICATE_DIR",                                          "value": "/etc/jws-secret-volume"                                      }, @@ -464,7 +489,8 @@                              ],                              "from": {                                  "kind": "ImageStreamTag", -                                "name": "jboss-mysql-55:latest" +                                "namespace": "openshift", +                                "name": "mysql:latest"                              }                          }                      } @@ -485,7 +511,7 @@                          "containers": [                              {                                  "name": "${APPLICATION_NAME}-mysql", -                                "image": "registry.access.redhat.com/openshift3_beta/mysql-55-rhel7:latest", +                                "image": "mysql",                                  "ports": [                                      {                                          "name": "${APPLICATION_NAME}-mysql-tcp-3306", diff --git a/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat7-postgresql-persistent-sti.json b/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat7-postgresql-persistent-sti.json index b22cce6fd..ec59a6a5b 100644 --- a/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat7-postgresql-persistent-sti.json +++ b/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat7-postgresql-persistent-sti.json @@ -23,9 +23,9 @@              "value": "jws-app"          },          { -            "description": "Hostname for service routes", +            "description": "Custom hostname for service routes.  Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",              "name": "APPLICATION_HOSTNAME", -            "value": "jws-app.local" +            "value": ""          },          {              "description": "Git source URI for application", @@ -77,6 +77,18 @@              "value": ""          },          { +            "description": "Sets xa-pool/min-pool-size for the configured datasource.", +            "name": "DB_MIN_POOL_SIZE" +        }, +        { +            "description": "Sets xa-pool/max-pool-size for the configured datasource.", +            "name": "DB_MAX_POOL_SIZE" +        }, +        { +            "description": "Sets transaction-isolation for the configured datasource.", +            "name": "DB_TX_ISOLATION" +        }, +        {              "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",              "name": "POSTGRESQL_MAX_CONNECTIONS"          }, @@ -137,7 +149,7 @@                  }              },              "metadata": { -                "name": "${APPLICATION_NAME}-http-service", +                "name": "${APPLICATION_NAME}",                  "labels": {                      "application": "${APPLICATION_NAME}"                  }, @@ -161,7 +173,7 @@                  }              },              "metadata": { -                "name": "${APPLICATION_NAME}-https-service", +                "name": "secure-${APPLICATION_NAME}",                  "labels": {                      "application": "${APPLICATION_NAME}"                  }, @@ -210,7 +222,7 @@              "spec": {                  "host": "${APPLICATION_HOSTNAME}",                  "to": { -                    "name": "${APPLICATION_NAME}-http-service" +                    "name": "${APPLICATION_NAME}"                  }              }          }, @@ -230,7 +242,7 @@              "spec": {                  "host": "${APPLICATION_HOSTNAME}",                  "to": { -                    "name": "${APPLICATION_NAME}-https-service" +                    "name": "secure-${APPLICATION_NAME}"                  },                  "tls": {                      "termination" : "passthrough" @@ -270,6 +282,7 @@                      "sourceStrategy": {                          "from": {                              "kind": "ImageStreamTag", +                            "namespace": "openshift",                              "name": "jboss-webserver3-tomcat7-openshift:${JWS_RELEASE}"                          }                      } @@ -396,6 +409,18 @@                                          "value": "${DB_DATABASE}"                                      },                                      { +                                        "name": "DB_MIN_POOL_SIZE", +                                        "value": "${DB_MIN_POOL_SIZE}" +                                    }, +                                    { +                                        "name": "DB_MAX_POOL_SIZE", +                                        "value": "${DB_MAX_POOL_SIZE}" +                                    }, +                                    { +                                        "name": "DB_TX_ISOLATION", +                                        "value": "${DB_TX_ISOLATION}" +                                    }, +                                    {                                          "name": "JWS_HTTPS_CERTIFICATE_DIR",                                          "value": "/etc/jws-secret-volume"                                      }, @@ -457,7 +482,8 @@                              ],                              "from": {                                  "kind": "ImageStreamTag", -                                "name": "jboss-postgresql-92:latest" +                                "namespace": "openshift", +                                "name": "postgresql:latest"                              }                          }                      } @@ -478,7 +504,7 @@                          "containers": [                              {                                  "name": "${APPLICATION_NAME}-postgresql", -                                "image": "registry.access.redhat.com/openshift3_beta/postgresql-92-rhel7:latest", +                                "image": "postgresql",                                  "ports": [                                      {                                          "name": "${APPLICATION_NAME}-postgresql-tcp-5432", diff --git a/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat7-postgresql-sti.json b/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat7-postgresql-sti.json index 43be3c3fe..6040f7208 100644 --- a/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat7-postgresql-sti.json +++ b/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat7-postgresql-sti.json @@ -23,9 +23,9 @@              "value": "jws-app"          },          { -            "description": "Hostname for service routes", +            "description": "Custom hostname for service routes.  Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",              "name": "APPLICATION_HOSTNAME", -            "value": "jws-app.local" +            "value": ""          },          {              "description": "Git source URI for application", @@ -72,6 +72,18 @@              "value": ""          },          { +            "description": "Sets xa-pool/min-pool-size for the configured datasource.", +            "name": "DB_MIN_POOL_SIZE" +        }, +        { +            "description": "Sets xa-pool/max-pool-size for the configured datasource.", +            "name": "DB_MAX_POOL_SIZE" +        }, +        { +            "description": "Sets transaction-isolation for the configured datasource.", +            "name": "DB_TX_ISOLATION" +        }, +        {              "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",              "name": "POSTGRESQL_MAX_CONNECTIONS"          }, @@ -132,7 +144,7 @@                  }              },              "metadata": { -                "name": "${APPLICATION_NAME}-http-service", +                "name": "${APPLICATION_NAME}",                  "labels": {                      "application": "${APPLICATION_NAME}"                  }, @@ -156,7 +168,7 @@                  }              },              "metadata": { -                "name": "${APPLICATION_NAME}-https-service", +                "name": "secure-${APPLICATION_NAME}",                  "labels": {                      "application": "${APPLICATION_NAME}"                  }, @@ -205,7 +217,7 @@              "spec": {                  "host": "${APPLICATION_HOSTNAME}",                  "to": { -                    "name": "${APPLICATION_NAME}-http-service" +                    "name": "${APPLICATION_NAME}"                  }              }          }, @@ -225,7 +237,7 @@              "spec": {                  "host": "${APPLICATION_HOSTNAME}",                  "to": { -                    "name": "${APPLICATION_NAME}-https-service" +                    "name": "secure-${APPLICATION_NAME}"                  },                  "tls": {                      "termination" : "passthrough" @@ -265,6 +277,7 @@                      "sourceStrategy": {                          "from": {                              "kind": "ImageStreamTag", +                            "namespace": "openshift",                              "name": "jboss-webserver3-tomcat7-openshift:${JWS_RELEASE}"                          }                      } @@ -391,6 +404,18 @@                                          "value": "${DB_DATABASE}"                                      },                                      { +                                        "name": "DB_MIN_POOL_SIZE", +                                        "value": "${DB_MIN_POOL_SIZE}" +                                    }, +                                    { +                                        "name": "DB_MAX_POOL_SIZE", +                                        "value": "${DB_MAX_POOL_SIZE}" +                                    }, +                                    { +                                        "name": "DB_TX_ISOLATION", +                                        "value": "${DB_TX_ISOLATION}" +                                    }, +                                    {                                          "name": "JWS_HTTPS_CERTIFICATE_DIR",                                          "value": "/etc/jws-secret-volume"                                      }, @@ -452,7 +477,8 @@                              ],                              "from": {                                  "kind": "ImageStreamTag", -                                "name": "jboss-postgresql-92:latest" +                                "namespace": "openshift", +                                "name": "postgresql:latest"                              }                          }                      } @@ -473,7 +499,7 @@                          "containers": [                              {                                  "name": "${APPLICATION_NAME}-postgresql", -                                "image": "registry.access.redhat.com/openshift3_beta/postgresql-92-rhel7:latest", +                                "image": "postgresql",                                  "ports": [                                      {                                          "name": "${APPLICATION_NAME}-postgresql-tcp-5432", diff --git a/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat8-basic-sti.json b/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat8-basic-sti.json index 1d45b4214..25b6497b2 100644 --- a/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat8-basic-sti.json +++ b/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat8-basic-sti.json @@ -23,9 +23,9 @@              "value": "jws-app"          },          { -            "description": "Hostname for service routes", +            "description": "Custom hostname for service routes.  Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",              "name": "APPLICATION_HOSTNAME", -            "value": "jws-app.local" +            "value": ""          },          {              "description": "Git source URI for application", @@ -42,26 +42,6 @@              "value": ""          },          { -            "description": "The name of the secret containing the certificate files", -            "name": "JWS_HTTPS_SECRET", -            "value": "jws-app-secret" -        }, -        { -            "description": "The name of the certificate file within the secret", -            "name": "JWS_HTTPS_CERTIFICATE", -            "value": "server.crt" -        }, -        { -            "description": "The name of the certificate key file within the secret", -            "name": "JWS_HTTPS_CERTIFICATE_KEY", -            "value": "server.key" -        }, -        { -            "description": "The certificate password", -            "name": "JWS_HTTPS_CERTIFICATE_PASSWORD", -            "value": "" -        }, -        {              "description": "JWS Admin User",              "name": "JWS_ADMIN_USERNAME",              "from": "[a-zA-Z0-9]{8}", @@ -102,7 +82,7 @@                  }              },              "metadata": { -                "name": "${APPLICATION_NAME}-http-service", +                "name": "${APPLICATION_NAME}",                  "labels": {                      "application": "${APPLICATION_NAME}"                  }, @@ -112,30 +92,6 @@              }          },          { -            "kind": "Service", -            "apiVersion": "v1", -            "spec": { -                "ports": [ -                    { -                        "port": 8443, -                        "targetPort": 8443 -                    } -                ], -                "selector": { -                    "deploymentConfig": "${APPLICATION_NAME}" -                } -            }, -            "metadata": { -                "name": "${APPLICATION_NAME}-https-service", -                "labels": { -                    "application": "${APPLICATION_NAME}" -                }, -                "annotations": { -                    "description": "The web server's https port." -                } -            } -        }, -        {              "kind": "Route",              "apiVersion": "v1",              "id": "${APPLICATION_NAME}-http-route", @@ -151,30 +107,7 @@              "spec": {                  "host": "${APPLICATION_HOSTNAME}",                  "to": { -                    "name": "${APPLICATION_NAME}-http-service" -                } -            } -        }, -        { -            "kind": "Route", -            "apiVersion": "v1", -            "id": "${APPLICATION_NAME}-https-route", -            "metadata": { -                "name": "${APPLICATION_NAME}-https-route", -                "labels": { -                    "application": "${APPLICATION_NAME}" -                }, -                "annotations": { -                    "description": "Route for application's https service." -                } -            }, -            "spec": { -                "host": "${APPLICATION_HOSTNAME}", -                "to": { -                    "name": "${APPLICATION_NAME}-https-service" -                }, -                "tls": { -                    "termination" : "passthrough" +                    "name": "${APPLICATION_NAME}"                  }              }          }, @@ -211,6 +144,7 @@                      "sourceStrategy": {                          "from": {                              "kind": "ImageStreamTag", +                            "namespace": "openshift",                              "name": "jboss-webserver3-tomcat8-openshift:${JWS_RELEASE}"                          }                      } @@ -281,7 +215,6 @@                          }                      },                      "spec": { -                        "serviceAccount": "jws-service-account",                          "containers": [                              {                                  "name": "${APPLICATION_NAME}", @@ -296,43 +229,15 @@                                          ]                                      }                                  }, -                                "volumeMounts": [ -                                    { -                                        "name": "jws-certificate-volume", -                                        "mountPath": "/etc/jws-secret-volume", -                                        "readOnly": true -                                    } -                                ],                                  "ports": [                                      {                                          "name": "${APPLICATION_NAME}-tcp-8080",                                          "containerPort": 8080,                                          "protocol": "TCP" -                                    }, -                                    { -                                        "name": "${APPLICATION_NAME}-tcp-8443", -                                        "containerPort": 8443, -                                        "protocol": "TCP"                                      }                                  ],                                  "env": [                                      { -                                        "name": "JWS_HTTPS_CERTIFICATE_DIR", -                                        "value": "/etc/jws-secret-volume" -                                    }, -                                    { -                                        "name": "JWS_HTTPS_CERTIFICATE", -                                        "value": "${JWS_HTTPS_CERTIFICATE}" -                                    }, -                                    { -                                        "name": "JWS_HTTPS_CERTIFICATE_KEY", -                                        "value": "${JWS_HTTPS_CERTIFICATE_KEY}" -                                    }, -                                    { -                                        "name": "JWS_HTTPS_CERTIFICATE_PASSWORD", -                                        "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}" -                                    }, -                                    {                                          "name": "JWS_ADMIN_USERNAME",                                          "value": "${JWS_ADMIN_USERNAME}"                                      }, @@ -342,14 +247,6 @@                                      }                                  ]                              } -                        ], -                        "volumes": [ -                            { -                                "name": "jws-certificate-volume", -                                "secret": { -                                    "secretName": "${JWS_HTTPS_SECRET}" -                                } -                            }                          ]                      }                  } diff --git a/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat8-https-sti.json b/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat8-https-sti.json new file mode 100644 index 000000000..af4c94ae0 --- /dev/null +++ b/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat8-https-sti.json @@ -0,0 +1,360 @@ +{ +    "kind": "Template", +    "apiVersion": "v1", +    "metadata": { +        "annotations": { +            "iconClass" : "icon-tomcat", +            "description": "Application template for JWS applications built using STI." +        }, +        "name": "jws-tomcat8-basic-sti" +    }, +    "labels": { +        "template": "jws-tomcat8-basic-sti" +    }, +    "parameters": [ +        { +            "description": "JWS Release version, e.g. 3.0, 2.1, etc.", +            "name": "JWS_RELEASE", +            "value": "3.0" +        }, +        { +            "description": "The name for the application.", +            "name": "APPLICATION_NAME", +            "value": "jws-app" +        }, +        { +            "description": "Custom hostname for service routes.  Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>", +            "name": "APPLICATION_HOSTNAME", +            "value": "" +        }, +        { +            "description": "Git source URI for application", +            "name": "GIT_URI" +        }, +        { +            "description": "Git branch/tag reference", +            "name": "GIT_REF", +            "value": "master" +        }, +        { +            "description": "Path within Git project to build; empty for root project directory.", +            "name": "GIT_CONTEXT_DIR", +            "value": "" +        }, +        { +            "description": "The name of the secret containing the certificate files", +            "name": "JWS_HTTPS_SECRET", +            "value": "jws-app-secret" +        }, +        { +            "description": "The name of the certificate file within the secret", +            "name": "JWS_HTTPS_CERTIFICATE", +            "value": "server.crt" +        }, +        { +            "description": "The name of the certificate key file within the secret", +            "name": "JWS_HTTPS_CERTIFICATE_KEY", +            "value": "server.key" +        }, +        { +            "description": "The certificate password", +            "name": "JWS_HTTPS_CERTIFICATE_PASSWORD", +            "value": "" +        }, +        { +            "description": "JWS Admin User", +            "name": "JWS_ADMIN_USERNAME", +            "from": "[a-zA-Z0-9]{8}", +            "generate": "expression" +        }, +        { +            "description": "JWS Admin Password", +            "name": "JWS_ADMIN_PASSWORD", +            "from": "[a-zA-Z0-9]{8}", +            "generate": "expression" +        }, +        { +            "description": "Github trigger secret", +            "name": "GITHUB_TRIGGER_SECRET", +            "from": "[a-zA-Z0-9]{8}", +            "generate": "expression" +        }, +        { +            "description": "Generic build trigger secret", +            "name": "GENERIC_TRIGGER_SECRET", +            "from": "[a-zA-Z0-9]{8}", +            "generate": "expression" +        } +    ], +    "objects": [ +        { +            "kind": "Service", +            "apiVersion": "v1", +            "spec": { +                "ports": [ +                    { +                        "port": 8080, +                        "targetPort": 8080 +                    } +                ], +                "selector": { +                    "deploymentConfig": "${APPLICATION_NAME}" +                } +            }, +            "metadata": { +                "name": "${APPLICATION_NAME}", +                "labels": { +                    "application": "${APPLICATION_NAME}" +                }, +                "annotations": { +                    "description": "The web server's http port." +                } +            } +        }, +        { +            "kind": "Service", +            "apiVersion": "v1", +            "spec": { +                "ports": [ +                    { +                        "port": 8443, +                        "targetPort": 8443 +                    } +                ], +                "selector": { +                    "deploymentConfig": "${APPLICATION_NAME}" +                } +            }, +            "metadata": { +                "name": "secure-${APPLICATION_NAME}", +                "labels": { +                    "application": "${APPLICATION_NAME}" +                }, +                "annotations": { +                    "description": "The web server's https port." +                } +            } +        }, +        { +            "kind": "Route", +            "apiVersion": "v1", +            "id": "${APPLICATION_NAME}-http-route", +            "metadata": { +                "name": "${APPLICATION_NAME}-http-route", +                "labels": { +                    "application": "${APPLICATION_NAME}" +                }, +                "annotations": { +                    "description": "Route for application's http service." +                } +            }, +            "spec": { +                "host": "${APPLICATION_HOSTNAME}", +                "to": { +                    "name": "${APPLICATION_NAME}" +                } +            } +        }, +        { +            "kind": "Route", +            "apiVersion": "v1", +            "id": "${APPLICATION_NAME}-https-route", +            "metadata": { +                "name": "${APPLICATION_NAME}-https-route", +                "labels": { +                    "application": "${APPLICATION_NAME}" +                }, +                "annotations": { +                    "description": "Route for application's https service." +                } +            }, +            "spec": { +                "host": "${APPLICATION_HOSTNAME}", +                "to": { +                    "name": "secure-${APPLICATION_NAME}" +                }, +                "tls": { +                    "termination" : "passthrough" +                } +            } +        }, +        { +            "kind": "ImageStream", +            "apiVersion": "v1", +            "metadata": { +                "name": "${APPLICATION_NAME}", +                "labels": { +                    "application": "${APPLICATION_NAME}" +                } +            } +        }, +        { +            "kind": "BuildConfig", +            "apiVersion": "v1", +            "metadata": { +                "name": "${APPLICATION_NAME}", +                "labels": { +                    "application": "${APPLICATION_NAME}" +                } +            }, +            "spec": { +                "source": { +                    "type": "Git", +                    "git": { +                        "uri": "${GIT_URI}", +                        "ref": "${GIT_REF}" +                    }, +                    "contextDir":"${GIT_CONTEXT_DIR}" +                }, +                "strategy": { +                    "type": "Source", +                    "sourceStrategy": { +                        "from": { +                            "kind": "ImageStreamTag", +                            "namespace": "openshift", +                            "name": "jboss-webserver3-tomcat8-openshift:${JWS_RELEASE}" +                        } +                    } +                }, +                "output": { +                    "to": { +                        "name": "${APPLICATION_NAME}" +                    } +                }, +                "triggers": [ +                    { +                        "type": "github", +                        "github": { +                            "secret": "${GITHUB_TRIGGER_SECRET}" +                        } +                    }, +                    { +                        "type": "generic", +                        "generic": { +                            "secret": "${GENERIC_TRIGGER_SECRET}" +                        } +                    }, +                    { +                        "type": "imageChange", +                        "imageChange": {} +                    } +                ] +            } +        }, +        { +            "kind": "DeploymentConfig", +            "apiVersion": "v1", +            "metadata": { +                "name": "${APPLICATION_NAME}", +                "labels": { +                    "application": "${APPLICATION_NAME}" +                } +            }, +            "spec": { +                "strategy": { +                    "type": "Recreate" +                }, +                "triggers": [ +                    { +                        "type": "ImageChange", +                        "imageChangeParams": { +                            "automatic": true, +                            "containerNames": [ +                                "${APPLICATION_NAME}" +                            ], +                            "from": { +                                "kind": "ImageStream", +                                "name": "${APPLICATION_NAME}" +                            } +                        } +                    } +                ], +                "replicas": 1, +                "selector": { +                    "deploymentConfig": "${APPLICATION_NAME}" +                }, +                "template": { +                    "metadata": { +                        "name": "${APPLICATION_NAME}", +                        "labels": { +                            "deploymentConfig": "${APPLICATION_NAME}", +                            "application": "${APPLICATION_NAME}" +                        } +                    }, +                    "spec": { +                        "serviceAccount": "jws-service-account", +                        "containers": [ +                            { +                                "name": "${APPLICATION_NAME}", +                                "image": "${APPLICATION_NAME}", +                                "imagePullPolicy": "Always", +                                "readinessProbe": { +                                    "exec": { +                                        "command": [ +                                            "/bin/bash", +                                            "-c", +                                            "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'" +                                        ] +                                    } +                                }, +                                "volumeMounts": [ +                                    { +                                        "name": "jws-certificate-volume", +                                        "mountPath": "/etc/jws-secret-volume", +                                        "readOnly": true +                                    } +                                ], +                                "ports": [ +                                    { +                                        "name": "${APPLICATION_NAME}-tcp-8080", +                                        "containerPort": 8080, +                                        "protocol": "TCP" +                                    }, +                                    { +                                        "name": "${APPLICATION_NAME}-tcp-8443", +                                        "containerPort": 8443, +                                        "protocol": "TCP" +                                    } +                                ], +                                "env": [ +                                    { +                                        "name": "JWS_HTTPS_CERTIFICATE_DIR", +                                        "value": "/etc/jws-secret-volume" +                                    }, +                                    { +                                        "name": "JWS_HTTPS_CERTIFICATE", +                                        "value": "${JWS_HTTPS_CERTIFICATE}" +                                    }, +                                    { +                                        "name": "JWS_HTTPS_CERTIFICATE_KEY", +                                        "value": "${JWS_HTTPS_CERTIFICATE_KEY}" +                                    }, +                                    { +                                        "name": "JWS_HTTPS_CERTIFICATE_PASSWORD", +                                        "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}" +                                    }, +                                    { +                                        "name": "JWS_ADMIN_USERNAME", +                                        "value": "${JWS_ADMIN_USERNAME}" +                                    }, +                                    { +                                        "name": "JWS_ADMIN_PASSWORD", +                                        "value": "${JWS_ADMIN_PASSWORD}" +                                    } +                                ] +                            } +                        ], +                        "volumes": [ +                            { +                                "name": "jws-certificate-volume", +                                "secret": { +                                    "secretName": "${JWS_HTTPS_SECRET}" +                                } +                            } +                        ] +                    } +                } +            } +        } +    ] +} diff --git a/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat8-mongodb-persistent-sti.json b/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat8-mongodb-persistent-sti.json index 693cfaa0f..b5975b646 100644 --- a/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat8-mongodb-persistent-sti.json +++ b/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat8-mongodb-persistent-sti.json @@ -23,9 +23,9 @@              "value": "jws-app"          },          { -            "description": "Hostname for service routes", +            "description": "Custom hostname for service routes.  Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",              "name": "APPLICATION_HOSTNAME", -            "value": "jws-app.local" +            "value": ""          },          {              "description": "Git source URI for application", @@ -77,6 +77,18 @@              "value": ""          },          { +            "description": "Sets xa-pool/min-pool-size for the configured datasource.", +            "name": "DB_MIN_POOL_SIZE" +        }, +        { +            "description": "Sets xa-pool/max-pool-size for the configured datasource.", +            "name": "DB_MAX_POOL_SIZE" +        }, +        { +            "description": "Sets transaction-isolation for the configured datasource.", +            "name": "DB_TX_ISOLATION" +        }, +        {              "description": "Disable data file preallocation.",              "name": "MONGODB_NOPREALLOC"          }, @@ -147,7 +159,7 @@                  }              },              "metadata": { -                "name": "${APPLICATION_NAME}-http-service", +                "name": "${APPLICATION_NAME}",                  "labels": {                      "application": "${APPLICATION_NAME}"                  }, @@ -171,7 +183,7 @@                  }              },              "metadata": { -                "name": "${APPLICATION_NAME}-https-service", +                "name": "secure-${APPLICATION_NAME}",                  "labels": {                      "application": "${APPLICATION_NAME}"                  }, @@ -220,7 +232,7 @@              "spec": {                  "host": "${APPLICATION_HOSTNAME}",                  "to": { -                    "name": "${APPLICATION_NAME}-http-service" +                    "name": "${APPLICATION_NAME}"                  }              }          }, @@ -240,7 +252,7 @@              "spec": {                  "host": "${APPLICATION_HOSTNAME}",                  "to": { -                    "name": "${APPLICATION_NAME}-https-service" +                    "name": "secure-${APPLICATION_NAME}"                  },                  "tls": {                      "termination" : "passthrough" @@ -280,6 +292,7 @@                      "sourceStrategy": {                          "from": {                              "kind": "ImageStreamTag", +                            "namespace": "openshift",                              "name": "jboss-webserver3-tomcat8-openshift:${JWS_RELEASE}"                          }                      } @@ -410,6 +423,18 @@                                          "value": "${DB_ADMIN_PASSWORD}"                                      },                                      { +                                        "name": "DB_MIN_POOL_SIZE", +                                        "value": "${DB_MIN_POOL_SIZE}" +                                    }, +                                    { +                                        "name": "DB_MAX_POOL_SIZE", +                                        "value": "${DB_MAX_POOL_SIZE}" +                                    }, +                                    { +                                        "name": "DB_TX_ISOLATION", +                                        "value": "${DB_TX_ISOLATION}" +                                    }, +                                    {                                          "name": "JWS_HTTPS_CERTIFICATE_DIR",                                          "value": "/etc/jws-secret-volume"                                      }, @@ -471,7 +496,8 @@                              ],                              "from": {                                  "kind": "ImageStreamTag", -                                "name": "jboss-mongodb-24:latest" +                                "namespace": "openshift", +                                "name": "mongodb:latest"                              }                          }                      } @@ -492,7 +518,7 @@                          "containers": [                              {                                  "name": "${APPLICATION_NAME}-mongodb", -                                "image": "registry.access.redhat.com/openshift3_beta/mongodb-24-rhel7:latest", +                                "image": "mongodb",                                  "imagePullPolicy": "Always",                                  "ports": [                                      { diff --git a/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat8-mongodb-sti.json b/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat8-mongodb-sti.json index 8d27e8d94..8145ee34e 100644 --- a/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat8-mongodb-sti.json +++ b/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat8-mongodb-sti.json @@ -23,9 +23,9 @@              "value": "jws-app"          },          { -            "description": "Hostname for service routes", +            "description": "Custom hostname for service routes.  Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",              "name": "APPLICATION_HOSTNAME", -            "value": "jws-app.local" +            "value": ""          },          {              "description": "Git source URI for application", @@ -72,6 +72,18 @@              "value": ""          },          { +            "description": "Sets xa-pool/min-pool-size for the configured datasource.", +            "name": "DB_MIN_POOL_SIZE" +        }, +        { +            "description": "Sets xa-pool/max-pool-size for the configured datasource.", +            "name": "DB_MAX_POOL_SIZE" +        }, +        { +            "description": "Sets transaction-isolation for the configured datasource.", +            "name": "DB_TX_ISOLATION" +        }, +        {              "description": "Disable data file preallocation.",              "name": "MONGODB_NOPREALLOC"          }, @@ -142,7 +154,7 @@                  }              },              "metadata": { -                "name": "${APPLICATION_NAME}-http-service", +                "name": "${APPLICATION_NAME}",                  "labels": {                      "application": "${APPLICATION_NAME}"                  }, @@ -166,7 +178,7 @@                  }              },              "metadata": { -                "name": "${APPLICATION_NAME}-https-service", +                "name": "secure-${APPLICATION_NAME}",                  "labels": {                      "application": "${APPLICATION_NAME}"                  }, @@ -215,7 +227,7 @@              "spec": {                  "host": "${APPLICATION_HOSTNAME}",                  "to": { -                    "name": "${APPLICATION_NAME}-http-service" +                    "name": "${APPLICATION_NAME}"                  }              }          }, @@ -235,7 +247,7 @@              "spec": {                  "host": "${APPLICATION_HOSTNAME}",                  "to": { -                    "name": "${APPLICATION_NAME}-https-service" +                    "name": "secure-${APPLICATION_NAME}"                  },                  "tls": {                      "termination" : "passthrough" @@ -275,6 +287,7 @@                      "sourceStrategy": {                          "from": {                              "kind": "ImageStreamTag", +                            "namespace": "openshift",                              "name": "jboss-webserver3-tomcat8-openshift:${JWS_RELEASE}"                          }                      } @@ -405,6 +418,18 @@                                          "value": "${DB_ADMIN_PASSWORD}"                                      },                                      { +                                        "name": "DB_MIN_POOL_SIZE", +                                        "value": "${DB_MIN_POOL_SIZE}" +                                    }, +                                    { +                                        "name": "DB_MAX_POOL_SIZE", +                                        "value": "${DB_MAX_POOL_SIZE}" +                                    }, +                                    { +                                        "name": "DB_TX_ISOLATION", +                                        "value": "${DB_TX_ISOLATION}" +                                    }, +                                    {                                          "name": "JWS_HTTPS_CERTIFICATE_DIR",                                          "value": "/etc/jws-secret-volume"                                      }, @@ -466,7 +491,8 @@                              ],                              "from": {                                  "kind": "ImageStreamTag", -                                "name": "jboss-mongodb-24:latest" +                                "namespace": "openshift", +                                "name": "mongodb:latest"                              }                          }                      } @@ -487,7 +513,7 @@                          "containers": [                              {                                  "name": "${APPLICATION_NAME}-mongodb", -                                "image": "registry.access.redhat.com/openshift3_beta/mongodb-24-rhel7:latest", +                                "image": "mongodb",                                  "imagePullPolicy": "Always",                                  "ports": [                                      { diff --git a/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat8-mysql-persistent-sti.json b/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat8-mysql-persistent-sti.json index 1abf4e8cd..b0808949c 100644 --- a/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat8-mysql-persistent-sti.json +++ b/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat8-mysql-persistent-sti.json @@ -23,9 +23,9 @@              "value": "jws-app"          },          { -            "description": "Hostname for service routes", +            "description": "Custom hostname for service routes.  Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",              "name": "APPLICATION_HOSTNAME", -            "value": "jws-app.local" +            "value": ""          },          {              "description": "Git source URI for application", @@ -77,6 +77,18 @@              "value": ""          },          { +            "description": "Sets xa-pool/min-pool-size for the configured datasource.", +            "name": "DB_MIN_POOL_SIZE" +        }, +        { +            "description": "Sets xa-pool/max-pool-size for the configured datasource.", +            "name": "DB_MAX_POOL_SIZE" +        }, +        { +            "description": "Sets transaction-isolation for the configured datasource.", +            "name": "DB_TX_ISOLATION" +        }, +        {              "description": "Sets how the table names are stored and compared.",              "name": "MYSQL_LOWER_CASE_TABLE_NAMES"          }, @@ -149,7 +161,7 @@                  }              },              "metadata": { -                "name": "${APPLICATION_NAME}-http-service", +                "name": "${APPLICATION_NAME}",                  "labels": {                      "application": "${APPLICATION_NAME}"                  }, @@ -173,7 +185,7 @@                  }              },              "metadata": { -                "name": "${APPLICATION_NAME}-https-service", +                "name": "secure-${APPLICATION_NAME}",                  "labels": {                      "application": "${APPLICATION_NAME}"                  }, @@ -222,7 +234,7 @@              "spec": {                  "host": "${APPLICATION_HOSTNAME}",                  "to": { -                    "name": "${APPLICATION_NAME}-http-service" +                    "name": "${APPLICATION_NAME}"                  }              }          }, @@ -242,7 +254,7 @@              "spec": {                  "host": "${APPLICATION_HOSTNAME}",                  "to": { -                    "name": "${APPLICATION_NAME}-https-service" +                    "name": "secure-${APPLICATION_NAME}"                  },                  "tls": {                      "termination" : "passthrough" @@ -282,6 +294,7 @@                      "sourceStrategy": {                          "from": {                              "kind": "ImageStreamTag", +                            "namespace": "openshift",                              "name": "jboss-webserver3-tomcat8-openshift:${JWS_RELEASE}"                          }                      } @@ -408,6 +421,18 @@                                          "value": "${DB_DATABASE}"                                      },                                      { +                                        "name": "DB_MIN_POOL_SIZE", +                                        "value": "${DB_MIN_POOL_SIZE}" +                                    }, +                                    { +                                        "name": "DB_MAX_POOL_SIZE", +                                        "value": "${DB_MAX_POOL_SIZE}" +                                    }, +                                    { +                                        "name": "DB_TX_ISOLATION", +                                        "value": "${DB_TX_ISOLATION}" +                                    }, +                                    {                                          "name": "JWS_HTTPS_CERTIFICATE_DIR",                                          "value": "/etc/jws-secret-volume"                                      }, @@ -469,7 +494,8 @@                              ],                              "from": {                                  "kind": "ImageStreamTag", -                                "name": "jboss-mysql-55:latest" +                                "namespace": "openshift", +                                "name": "mysql:latest"                              }                          }                      } @@ -490,7 +516,7 @@                          "containers": [                              {                                  "name": "${APPLICATION_NAME}-mysql", -                                "image": "registry.access.redhat.com/openshift3_beta/mysql-55-rhel7:latest", +                                "image": "mysql",                                  "ports": [                                      {                                          "name": "${APPLICATION_NAME}-mysql-tcp-3306", diff --git a/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat8-mysql-sti.json b/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat8-mysql-sti.json index 1944d3557..46ad18b91 100644 --- a/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat8-mysql-sti.json +++ b/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat8-mysql-sti.json @@ -23,9 +23,9 @@              "value": "jws-app"          },          { -            "description": "Hostname for service routes", +            "description": "Custom hostname for service routes.  Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",              "name": "APPLICATION_HOSTNAME", -            "value": "jws-app.local" +            "value": ""          },          {              "description": "Git source URI for application", @@ -72,6 +72,18 @@              "value": ""          },          { +            "description": "Sets xa-pool/min-pool-size for the configured datasource.", +            "name": "DB_MIN_POOL_SIZE" +        }, +        { +            "description": "Sets xa-pool/max-pool-size for the configured datasource.", +            "name": "DB_MAX_POOL_SIZE" +        }, +        { +            "description": "Sets transaction-isolation for the configured datasource.", +            "name": "DB_TX_ISOLATION" +        }, +        {              "description": "Sets how the table names are stored and compared.",              "name": "MYSQL_LOWER_CASE_TABLE_NAMES"          }, @@ -144,7 +156,7 @@                  }              },              "metadata": { -                "name": "${APPLICATION_NAME}-http-service", +                "name": "${APPLICATION_NAME}",                  "labels": {                      "application": "${APPLICATION_NAME}"                  }, @@ -168,7 +180,7 @@                  }              },              "metadata": { -                "name": "${APPLICATION_NAME}-https-service", +                "name": "secure-${APPLICATION_NAME}",                  "labels": {                      "application": "${APPLICATION_NAME}"                  }, @@ -217,7 +229,7 @@              "spec": {                  "host": "${APPLICATION_HOSTNAME}",                  "to": { -                    "name": "${APPLICATION_NAME}-http-service" +                    "name": "${APPLICATION_NAME}"                  }              }          }, @@ -237,7 +249,7 @@              "spec": {                  "host": "${APPLICATION_HOSTNAME}",                  "to": { -                    "name": "${APPLICATION_NAME}-https-service" +                    "name": "secure-${APPLICATION_NAME}"                  },                  "tls": {                      "termination" : "passthrough" @@ -277,6 +289,7 @@                      "sourceStrategy": {                          "from": {                              "kind": "ImageStreamTag", +                            "namespace": "openshift",                              "name": "jboss-webserver3-tomcat8-openshift:${JWS_RELEASE}"                          }                      } @@ -403,6 +416,18 @@                                          "value": "${DB_DATABASE}"                                      },                                      { +                                        "name": "DB_MIN_POOL_SIZE", +                                        "value": "${DB_MIN_POOL_SIZE}" +                                    }, +                                    { +                                        "name": "DB_MAX_POOL_SIZE", +                                        "value": "${DB_MAX_POOL_SIZE}" +                                    }, +                                    { +                                        "name": "DB_TX_ISOLATION", +                                        "value": "${DB_TX_ISOLATION}" +                                    }, +                                    {                                          "name": "JWS_HTTPS_CERTIFICATE_DIR",                                          "value": "/etc/jws-secret-volume"                                      }, @@ -464,7 +489,8 @@                              ],                              "from": {                                  "kind": "ImageStreamTag", -                                "name": "jboss-mysql-55:latest" +                                "namespace": "openshift", +                                "name": "mysql:latest"                              }                          }                      } @@ -485,7 +511,7 @@                          "containers": [                              {                                  "name": "${APPLICATION_NAME}-mysql", -                                "image": "registry.access.redhat.com/openshift3_beta/mysql-55-rhel7:latest", +                                "image": "mysql",                                  "ports": [                                      {                                          "name": "${APPLICATION_NAME}-mysql-tcp-3306", diff --git a/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat8-postgresql-persistent-sti.json b/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat8-postgresql-persistent-sti.json index 619895655..19cd2be30 100644 --- a/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat8-postgresql-persistent-sti.json +++ b/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat8-postgresql-persistent-sti.json @@ -23,9 +23,9 @@              "value": "jws-app"          },          { -            "description": "Hostname for service routes", +            "description": "Custom hostname for service routes.  Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",              "name": "APPLICATION_HOSTNAME", -            "value": "jws-app.local" +            "value": ""          },          {              "description": "Git source URI for application", @@ -77,6 +77,18 @@              "value": ""          },          { +            "description": "Sets xa-pool/min-pool-size for the configured datasource.", +            "name": "DB_MIN_POOL_SIZE" +        }, +        { +            "description": "Sets xa-pool/max-pool-size for the configured datasource.", +            "name": "DB_MAX_POOL_SIZE" +        }, +        { +            "description": "Sets transaction-isolation for the configured datasource.", +            "name": "DB_TX_ISOLATION" +        }, +        {              "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",              "name": "POSTGRESQL_MAX_CONNECTIONS"          }, @@ -137,7 +149,7 @@                  }              },              "metadata": { -                "name": "${APPLICATION_NAME}-http-service", +                "name": "${APPLICATION_NAME}",                  "labels": {                      "application": "${APPLICATION_NAME}"                  }, @@ -161,7 +173,7 @@                  }              },              "metadata": { -                "name": "${APPLICATION_NAME}-https-service", +                "name": "secure-${APPLICATION_NAME}",                  "labels": {                      "application": "${APPLICATION_NAME}"                  }, @@ -210,7 +222,7 @@              "spec": {                  "host": "${APPLICATION_HOSTNAME}",                  "to": { -                    "name": "${APPLICATION_NAME}-http-service" +                    "name": "${APPLICATION_NAME}"                  }              }          }, @@ -230,7 +242,7 @@              "spec": {                  "host": "${APPLICATION_HOSTNAME}",                  "to": { -                    "name": "${APPLICATION_NAME}-https-service" +                    "name": "secure-${APPLICATION_NAME}"                  },                  "tls": {                      "termination" : "passthrough" @@ -270,6 +282,7 @@                      "sourceStrategy": {                          "from": {                              "kind": "ImageStreamTag", +                            "namespace": "openshift",                              "name": "jboss-webserver3-tomcat8-openshift:${JWS_RELEASE}"                          }                      } @@ -396,6 +409,18 @@                                          "value": "${DB_DATABASE}"                                      },                                      { +                                        "name": "DB_MIN_POOL_SIZE", +                                        "value": "${DB_MIN_POOL_SIZE}" +                                    }, +                                    { +                                        "name": "DB_MAX_POOL_SIZE", +                                        "value": "${DB_MAX_POOL_SIZE}" +                                    }, +                                    { +                                        "name": "DB_TX_ISOLATION", +                                        "value": "${DB_TX_ISOLATION}" +                                    }, +                                    {                                          "name": "JWS_HTTPS_CERTIFICATE_DIR",                                          "value": "/etc/jws-secret-volume"                                      }, @@ -457,7 +482,8 @@                              ],                              "from": {                                  "kind": "ImageStreamTag", -                                "name": "jboss-postgresql-92:latest" +                                "namespace": "openshift", +                                "name": "postgresql:latest"                              }                          }                      } @@ -478,7 +504,7 @@                          "containers": [                              {                                  "name": "${APPLICATION_NAME}-postgresql", -                                "image": "registry.access.redhat.com/openshift3_beta/postgresql-92-rhel7:latest", +                                "image": "postgresql",                                  "ports": [                                      {                                          "name": "${APPLICATION_NAME}-postgresql-tcp-5432", diff --git a/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat8-postgresql-sti.json b/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat8-postgresql-sti.json index 0e269d53f..185808baf 100644 --- a/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat8-postgresql-sti.json +++ b/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat8-postgresql-sti.json @@ -23,9 +23,9 @@              "value": "jws-app"          },          { -            "description": "Hostname for service routes", +            "description": "Custom hostname for service routes.  Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",              "name": "APPLICATION_HOSTNAME", -            "value": "jws-app.local" +            "value": ""          },          {              "description": "Git source URI for application", @@ -72,6 +72,18 @@              "value": ""          },          { +            "description": "Sets xa-pool/min-pool-size for the configured datasource.", +            "name": "DB_MIN_POOL_SIZE" +        }, +        { +            "description": "Sets xa-pool/max-pool-size for the configured datasource.", +            "name": "DB_MAX_POOL_SIZE" +        }, +        { +            "description": "Sets transaction-isolation for the configured datasource.", +            "name": "DB_TX_ISOLATION" +        }, +        {              "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",              "name": "POSTGRESQL_MAX_CONNECTIONS"          }, @@ -132,7 +144,7 @@                  }              },              "metadata": { -                "name": "${APPLICATION_NAME}-http-service", +                "name": "${APPLICATION_NAME}",                  "labels": {                      "application": "${APPLICATION_NAME}"                  }, @@ -156,7 +168,7 @@                  }              },              "metadata": { -                "name": "${APPLICATION_NAME}-https-service", +                "name": "secure-${APPLICATION_NAME}",                  "labels": {                      "application": "${APPLICATION_NAME}"                  }, @@ -205,7 +217,7 @@              "spec": {                  "host": "${APPLICATION_HOSTNAME}",                  "to": { -                    "name": "${APPLICATION_NAME}-http-service" +                    "name": "${APPLICATION_NAME}"                  }              }          }, @@ -225,7 +237,7 @@              "spec": {                  "host": "${APPLICATION_HOSTNAME}",                  "to": { -                    "name": "${APPLICATION_NAME}-https-service" +                    "name": "secure-${APPLICATION_NAME}"                  },                  "tls": {                      "termination" : "passthrough" @@ -265,6 +277,7 @@                      "sourceStrategy": {                          "from": {                              "kind": "ImageStreamTag", +                            "namespace": "openshift",                              "name": "jboss-webserver3-tomcat8-openshift:${JWS_RELEASE}"                          }                      } @@ -391,6 +404,18 @@                                          "value": "${DB_DATABASE}"                                      },                                      { +                                        "name": "DB_MIN_POOL_SIZE", +                                        "value": "${DB_MIN_POOL_SIZE}" +                                    }, +                                    { +                                        "name": "DB_MAX_POOL_SIZE", +                                        "value": "${DB_MAX_POOL_SIZE}" +                                    }, +                                    { +                                        "name": "DB_TX_ISOLATION", +                                        "value": "${DB_TX_ISOLATION}" +                                    }, +                                    {                                          "name": "JWS_HTTPS_CERTIFICATE_DIR",                                          "value": "/etc/jws-secret-volume"                                      }, @@ -452,7 +477,8 @@                              ],                              "from": {                                  "kind": "ImageStreamTag", -                                "name": "jboss-postgresql-92:latest" +                                "namespace": "openshift", +                                "name": "postgresql:latest"                              }                          }                      } @@ -473,7 +499,7 @@                          "containers": [                              {                                  "name": "${APPLICATION_NAME}-postgresql", -                                "image": "registry.access.redhat.com/openshift3_beta/postgresql-92-rhel7:latest", +                                "image": "postgresql",                                  "ports": [                                      {                                          "name": "${APPLICATION_NAME}-postgresql-tcp-5432", diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py index 1b789ca89..727861b07 100755 --- a/roles/openshift_facts/library/openshift_facts.py +++ b/roles/openshift_facts/library/openshift_facts.py @@ -366,13 +366,23 @@ def set_url_facts_if_unset(facts):          console_port = facts['master']['console_port']          console_path = facts['master']['console_path']          etcd_use_ssl = facts['master']['etcd_use_ssl'] +        etcd_hosts = facts['master']['etcd_hosts']          etcd_port = facts['master']['etcd_port'],          hostname = facts['common']['hostname']          public_hostname = facts['common']['public_hostname']          if 'etcd_urls' not in facts['master']: -            facts['master']['etcd_urls'] = [format_url(etcd_use_ssl, hostname, -                                                       etcd_port)] +            etcd_urls = [] +            if etcd_hosts != '': +                facts['master']['etcd_port'] = etcd_port +                facts['master']['embedded_etcd'] = False +                for host in etcd_hosts: +                    etcd_urls.append(format_url(etcd_use_ssl, host, +                                                etcd_port)) +            else: +                etcd_urls = [format_url(etcd_use_ssl, hostname, +                                        etcd_port)] +            facts['master']['etcd_urls'] = etcd_urls          if 'api_url' not in facts['master']:              facts['master']['api_url'] = format_url(api_use_ssl, hostname,                                                      api_port) @@ -487,7 +497,7 @@ def get_current_config(facts):                  current_config['kubeconfig'] = config              # override pylint broad-except warning, since we do not want -            # to bubble up any exceptions if openshift ex config view +            # to bubble up any exceptions if oc config view              # fails              # pylint: disable=broad-except              except Exception: @@ -683,7 +693,7 @@ class OpenShiftFacts(object):          hostname_f = output.strip() if exit_code == 0 else ''          hostname_values = [hostname_f, self.system_facts['nodename'],                             self.system_facts['fqdn']] -        hostname = choose_hostname(hostname_values) +        hostname = choose_hostname(hostname_values, ip_addr)          common = dict(use_openshift_sdn=True, ip=ip_addr, public_ip=ip_addr,                        deployment_type='origin', hostname=hostname, @@ -695,7 +705,7 @@ class OpenShiftFacts(object):          if 'master' in roles:              master = dict(api_use_ssl=True, api_port='8443',                            console_use_ssl=True, console_path='/console', -                          console_port='8443', etcd_use_ssl=True, +                          console_port='8443', etcd_use_ssl=True, etcd_hosts='',                            etcd_port='4001', portal_net='172.30.0.0/16',                            embedded_etcd=True, embedded_kube=True,                            embedded_dns=True, dns_port='53', @@ -707,11 +717,7 @@ class OpenShiftFacts(object):              defaults['master'] = master          if 'node' in roles: -            node = dict(pod_cidr='', labels={}, annotations={}, portal_net='172.30.0.0/16') -            node['resources_cpu'] = self.system_facts['processor_cores'] -            node['resources_memory'] = int( -                int(self.system_facts['memtotal_mb']) * 1024 * 1024 * 0.75 -            ) +            node = dict(labels={}, annotations={}, portal_net='172.30.0.0/16')              defaults['node'] = node          return defaults diff --git a/roles/openshift_manage_node/tasks/main.yml b/roles/openshift_manage_node/tasks/main.yml new file mode 100644 index 000000000..d17f3f532 --- /dev/null +++ b/roles/openshift_manage_node/tasks/main.yml @@ -0,0 +1,18 @@ +- name: Wait for Node Registration +  command: > +      {{ openshift.common.client_binary }} get node {{ item }} +  register: omd_get_node +  until: omd_get_node.rc == 0 +  retries: 10 +  delay: 5 +  with_items: openshift_nodes + +- name: Handle unscheduleable node +  command: > +    {{ openshift.common.admin_binary }} manage-node {{ item }} --schedulable=false +  with_items: openshift_unscheduleable_nodes + +- name: Handle scheduleable node +  command: > +    {{ openshift.common.admin_binary }} manage-node {{ item }} --schedulable=true +  with_items: openshift_scheduleable_nodes diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml index da0a663ec..02905f32d 100644 --- a/roles/openshift_master/tasks/main.yml +++ b/roles/openshift_master/tasks/main.yml @@ -12,11 +12,6 @@    yum: pkg=openshift-master state=present    register: install_result -# TODO: Is this necessary or was this a workaround for an old bug in packaging? -- name: Reload systemd units -  command: systemctl daemon-reload -  when: install_result | changed -  - name: Set master OpenShift facts    openshift_facts:      role: master @@ -31,6 +26,7 @@        console_url: "{{ openshift_master_console_url | default(None) }}"        console_use_ssl: "{{ openshift_master_console_use_ssl | default(None) }}"        public_console_url: "{{ openshift_master_public_console_url | default(None) }}" +      etcd_hosts: "{{ openshift_master_etcd_hosts | default(None)}}"        etcd_port: "{{ openshift_master_etcd_port | default(None) }}"        etcd_use_ssl: "{{ openshift_master_etcd_use_ssl | default(None) }}"        etcd_urls: "{{ openshift_master_etcd_urls | default(None) }}" @@ -65,16 +61,6 @@      path: "{{ openshift_master_config_dir }}"      state: directory -- name: Create the master certificates if they do not already exist -  command: > -    {{ openshift.common.admin_binary }} create-master-certs -      --hostnames={{ openshift.common.hostname }},{{ openshift.common.public_hostname }} -      --master={{ openshift.master.api_url }} -      --public-master={{ openshift.master.public_api_url }} -      --cert-dir={{ openshift_master_config_dir }} --overwrite=false -  args: -    creates: "{{ openshift_master_config_dir }}/master.server.key" -  - name: Create the policy file if it does not already exist    command: >      {{ openshift.common.admin_binary }} create-bootstrap-policy-file @@ -128,6 +114,11 @@  - name: Start and enable openshift-master    service: name=openshift-master enabled=yes state=started +  register: start_result + +- name: pause to prevent service restart from interfering with bootstrapping +  pause: seconds=30 +  when: start_result | changed  - name: Create the OpenShift client config dir(s)    file: diff --git a/roles/openshift_master/templates/master.yaml.v1.j2 b/roles/openshift_master/templates/master.yaml.v1.j2 index 9df07e925..bc766ec9b 100644 --- a/roles/openshift_master/templates/master.yaml.v1.j2 +++ b/roles/openshift_master/templates/master.yaml.v1.j2 @@ -18,19 +18,19 @@ corsAllowedOrigins:  {% for origin in ['127.0.0.1', 'localhost', openshift.common.hostname, openshift.common.ip, openshift.common.public_hostname, openshift.common.public_ip] %}    - {{ origin }}  {% endfor %} -{% if openshift.master.embedded_dns %} +{% if openshift.master.embedded_dns | bool %}  dnsConfig:    bindAddress: {{ openshift.master.bind_addr }}:{{ openshift.master.dns_port }}  {% endif %}  etcdClientInfo: -  ca: ca.crt +  ca: {{ "ca.crt" if (openshift.master.embedded_etcd | bool) else "master.etcd-ca.crt" }}    certFile: master.etcd-client.crt    keyFile: master.etcd-client.key    urls:  {% for etcd_url in openshift.master.etcd_urls %}      - {{ etcd_url }}  {% endfor %} -{% if openshift.master.embedded_etcd %} +{% if openshift.master.embedded_etcd | bool %}  etcdConfig:    address: {{ openshift.common.hostname }}:{{ openshift.master.etcd_port }}    peerAddress: {{ openshift.common.hostname }}:7001 @@ -61,7 +61,7 @@ kubeletClientInfo:    certFile: master.kubelet-client.crt    keyFile: master.kubelet-client.key    port: 10250 -{% if openshift.master.embedded_kube %} +{% if openshift.master.embedded_kube | bool %}  kubernetesMasterConfig:    apiLevels:    - v1beta3 @@ -100,6 +100,8 @@ projectConfig:      mcsAllocatorRange: s0:/2      mcsLabelsPerProject: 5      uidAllocatorRange: 1000000000-1999999999/10000 +routingConfig: +  subdomain: router.default.local  serviceAccountConfig:    managedNames:    - default @@ -113,5 +115,5 @@ servingInfo:    certFile: master.server.crt    clientCA: ca.crt    keyFile: master.server.key -  maxRequestsInFlight: 0 -  requestTimeoutSeconds: 0 +  maxRequestsInFlight: 500 +  requestTimeoutSeconds: 3600 diff --git a/roles/openshift_master_ca/README.md b/roles/openshift_master_ca/README.md new file mode 100644 index 000000000..5b2d3601b --- /dev/null +++ b/roles/openshift_master_ca/README.md @@ -0,0 +1,34 @@ +OpenShift Master CA +======================== + +TODO + +Requirements +------------ + +TODO + +Role Variables +-------------- + +TODO + +Dependencies +------------ + +TODO + +Example Playbook +---------------- + +TODO + +License +------- + +Apache License Version 2.0 + +Author Information +------------------ + +Jason DeTiberus (jdetiber@redhat.com) diff --git a/roles/openshift_register_nodes/meta/main.yml b/roles/openshift_master_ca/meta/main.yml index e40a152c1..f3236e850 100644 --- a/roles/openshift_register_nodes/meta/main.yml +++ b/roles/openshift_master_ca/meta/main.yml @@ -14,4 +14,3 @@ galaxy_info:    - system  dependencies:  - { role: openshift_facts } - diff --git a/roles/openshift_master_ca/tasks/main.yml b/roles/openshift_master_ca/tasks/main.yml new file mode 100644 index 000000000..8163ecd7f --- /dev/null +++ b/roles/openshift_master_ca/tasks/main.yml @@ -0,0 +1,22 @@ +--- +- name: Install the OpenShift package for admin tooling +  yum: pkg=openshift state=present +  register: install_result + +- name: Reload generated facts +  openshift_facts: + +- name: Create openshift_master_config_dir if it doesn't exist +  file: +    path: "{{ openshift_master_config_dir }}" +    state: directory + +- name: Create the master certificates if they do not already exist +  command: > +    {{ openshift.common.admin_binary }} create-master-certs +      --hostnames={{ openshift.common.hostname }},{{ openshift.common.public_hostname }} +      --master={{ openshift.master.api_url }} +      --public-master={{ openshift.master.public_api_url }} +      --cert-dir={{ openshift_master_config_dir }} --overwrite=false +  args: +    creates: "{{ openshift_master_config_dir }}/master.server.key" diff --git a/roles/openshift_master_ca/vars/main.yml b/roles/openshift_master_ca/vars/main.yml new file mode 100644 index 000000000..2925680bb --- /dev/null +++ b/roles/openshift_master_ca/vars/main.yml @@ -0,0 +1,5 @@ +--- +openshift_master_config_dir: /etc/openshift/master +openshift_master_ca_cert: "{{ openshift_master_config_dir }}/ca.crt" +openshift_master_ca_key: "{{ openshift_master_config_dir }}/ca.key" +openshift_master_ca_serial: "{{ openshift_master_config_dir }}/ca.serial.txt" diff --git a/roles/openshift_master_certificates/README.md b/roles/openshift_master_certificates/README.md new file mode 100644 index 000000000..ba3d5f28c --- /dev/null +++ b/roles/openshift_master_certificates/README.md @@ -0,0 +1,34 @@ +OpenShift Master Certificates +======================== + +TODO + +Requirements +------------ + +TODO + +Role Variables +-------------- + +TODO + +Dependencies +------------ + +TODO + +Example Playbook +---------------- + +TODO + +License +------- + +Apache License Version 2.0 + +Author Information +------------------ + +Jason DeTiberus (jdetiber@redhat.com) diff --git a/roles/openshift_master_certificates/meta/main.yml b/roles/openshift_master_certificates/meta/main.yml new file mode 100644 index 000000000..fd7b73b0f --- /dev/null +++ b/roles/openshift_master_certificates/meta/main.yml @@ -0,0 +1,16 @@ +--- +galaxy_info: +  author: Jason DeTiberus +  description: +  company: Red Hat, Inc. +  license: Apache License, Version 2.0 +  min_ansible_version: 1.8 +  platforms: +  - name: EL +    versions: +    - 7 +  categories: +  - cloud +  - system +dependencies: +- { role: openshift_master_ca } diff --git a/roles/openshift_master_certificates/tasks/main.yml b/roles/openshift_master_certificates/tasks/main.yml new file mode 100644 index 000000000..b5a3f8e40 --- /dev/null +++ b/roles/openshift_master_certificates/tasks/main.yml @@ -0,0 +1,24 @@ +--- +- name: Ensure the generated_configs directory present +  file: +    path: "{{ openshift_generated_configs_dir }}/{{ item.master_cert_subdir }}" +    state: directory +    mode: 0700 +  with_items: masters_needing_certs + +- file: +    src: "{{ openshift_master_ca_cert }}" +    dest: "{{ openshift_generated_configs_dir }}/{{ item.master_cert_subdir }}/ca.crt" +  with_items: masters_needing_certs + +- name: Create the master certificates if they do not already exist +  command: > +    {{ openshift.common.admin_binary }} create-master-certs +      --hostnames={{ item.openshift.common.hostname }},{{ item.openshift.common.public_hostname }} +      --master={{ item.openshift.master.api_url }} +      --public-master={{ item.openshift.master.public_api_url }} +      --cert-dir={{ openshift_generated_configs_dir }}/{{ item.master_cert_subdir }} +      --overwrite=false +  args: +    creates: "{{ openshift_generated_configs_dir }}/{{ item.master_cert_subdir }}/master.server.crt" +  with_items: masters_needing_certs diff --git a/roles/openshift_register_nodes/vars/main.yml b/roles/openshift_master_certificates/vars/main.yml index 3801b8427..6e577b13b 100644 --- a/roles/openshift_register_nodes/vars/main.yml +++ b/roles/openshift_master_certificates/vars/main.yml @@ -1,8 +1,6 @@  --- -openshift_node_config_dir: /etc/openshift/node -openshift_master_config_dir: /etc/openshift/master  openshift_generated_configs_dir: /etc/openshift/generated-configs +openshift_master_config_dir: /etc/openshift/master  openshift_master_ca_cert: "{{ openshift_master_config_dir }}/ca.crt"  openshift_master_ca_key: "{{ openshift_master_config_dir }}/ca.key"  openshift_master_ca_serial: "{{ openshift_master_config_dir }}/ca.serial.txt" -openshift_kube_api_version: v1beta3 diff --git a/roles/openshift_node/tasks/main.yml b/roles/openshift_node/tasks/main.yml index 13f30a6f8..e18846db8 100644 --- a/roles/openshift_node/tasks/main.yml +++ b/roles/openshift_node/tasks/main.yml @@ -1,5 +1,11 @@  ---  # TODO: allow for overriding default ports where possible +- fail: +    msg: This role requres that osn_cluster_dns_domain is set +  when: osn_cluster_dns_domain is not defined or not osn_cluster_dns_domain +- fail: +    msg: This role requres that osn_cluster_dns_ip is set +  when: osn_cluster_dns_ip is not defined or not osn_cluster_dns_ip  - name: Install OpenShift Node package    yum: pkg=openshift-node state=present @@ -10,11 +16,6 @@    register: sdn_install_result    when: openshift.common.use_openshift_sdn -- name: Reload systemd units -  command: systemctl daemon-reload -  when: (node_install_result | changed or (openshift.common.use_openshift_sdn -          and sdn_install_result | changed)) -  - name: Set node OpenShift facts    openshift_facts:      role: "{{ item.role }}" @@ -27,9 +28,6 @@        deployment_type: "{{ openshift_deployment_type }}"    - role: node      local_facts: -      resources_cpu: "{{ openshift_node_resources_cpu | default(none) }}" -      resources_memory: "{{ openshift_node_resources_memory | default(none) }}" -      pod_cidr: "{{ openshift_node_pod_cidr | default(none) }}"        labels: "{{ openshift_node_labels | default(none) }}"        annotations: "{{ openshift_node_annotations | default(none) }}"        registry_url: "{{ oreg_url | default(none) }}" @@ -73,24 +71,3 @@  - name: Start and enable openshift-node    service: name=openshift-node enabled=yes state=started - -- name: Check scheduleable state -  delegate_to: "{{ openshift_first_master }}" -  command: > -    {{ openshift.common.client_binary }} get node {{ openshift.common.hostname }} -  register: ond_get_node -  until: ond_get_node.rc == 0 -  retries: 10 -  delay: 5 - -- name: Handle unscheduleable node -  delegate_to: "{{ openshift_first_master }}" -  command: > -    {{ openshift.common.admin_binary }} manage-node {{ openshift.common.hostname }} --schedulable=false -  when: openshift_scheduleable is defined and openshift_scheduleable == False and "SchedulingDisabled" not in ond_get_node.stdout - -- name: Handle scheduleable node -  delegate_to: "{{ openshift_first_master }}" -  command: > -    {{ openshift.common.admin_binary }} manage-node {{ openshift.common.hostname }} --schedulable=true -  when: (openshift_scheduleable is not defined or openshift_scheduleable == True) and "SchedulingDisabled" in ond_get_node.stdout diff --git a/roles/openshift_node/templates/node.yaml.v1.j2 b/roles/openshift_node/templates/node.yaml.v1.j2 index f313f6a4b..7778a2a61 100644 --- a/roles/openshift_node/templates/node.yaml.v1.j2 +++ b/roles/openshift_node/templates/node.yaml.v1.j2 @@ -1,7 +1,7 @@  allowDisabledDocker: false  apiVersion: v1 -dnsDomain: {{ hostvars[openshift_first_master].openshift.dns.domain }} -dnsIP: {{ hostvars[openshift_first_master].openshift.dns.ip }} +dnsDomain: {{ osn_cluster_dns_domain }} +dnsIP: {{ osn_cluster_dns_ip }}  dockerConfig:    execHandlerName: ""  imageConfig: diff --git a/roles/openshift_node_certificates/tasks/main.yml b/roles/openshift_node_certificates/tasks/main.yml index 1b68bc673..64a799dfb 100644 --- a/roles/openshift_node_certificates/tasks/main.yml +++ b/roles/openshift_node_certificates/tasks/main.yml @@ -3,6 +3,7 @@    file:      path: "{{ openshift_generated_configs_dir }}"      state: directory +  when: nodes_needing_certs | length > 0  - name: Generate the node client config    command: > @@ -21,7 +22,6 @@    with_items: nodes_needing_certs  - name: Generate the node server certificate -  delegate_to: "{{ openshift_first_master }}"    command: >      {{ openshift.common.admin_binary }} create-server-cert        --cert=server.crt --key=server.key --overwrite=true diff --git a/roles/openshift_node_certificates/vars/main.yml b/roles/openshift_node_certificates/vars/main.yml index 3801b8427..a018bb0f9 100644 --- a/roles/openshift_node_certificates/vars/main.yml +++ b/roles/openshift_node_certificates/vars/main.yml @@ -5,4 +5,3 @@ openshift_generated_configs_dir: /etc/openshift/generated-configs  openshift_master_ca_cert: "{{ openshift_master_config_dir }}/ca.crt"  openshift_master_ca_key: "{{ openshift_master_config_dir }}/ca.key"  openshift_master_ca_serial: "{{ openshift_master_config_dir }}/ca.serial.txt" -openshift_kube_api_version: v1beta3 diff --git a/roles/openshift_register_nodes/README.md b/roles/openshift_register_nodes/README.md deleted file mode 100644 index b1d2000f1..000000000 --- a/roles/openshift_register_nodes/README.md +++ /dev/null @@ -1,15 +0,0 @@ -OpenShift Register Nodes -======================== - -DEPRECATED!!! -Nodes should now auto register themselves. Use openshift_node_certificates role instead. - -License -------- - -Apache License Version 2.0 - -Author Information ------------------- - -Jason DeTiberus (jdetiber@redhat.com) diff --git a/roles/openshift_register_nodes/library/kubernetes_register_node.py b/roles/openshift_register_nodes/library/kubernetes_register_node.py deleted file mode 100755 index a8c38627b..000000000 --- a/roles/openshift_register_nodes/library/kubernetes_register_node.py +++ /dev/null @@ -1,513 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# vim: expandtab:tabstop=4:shiftwidth=4 -# -# disable pylint checks -# permanently disabled unless someone wants to refactor the object model: -#   too-few-public-methods -#   no-self-use -#   too-many-arguments -#   too-many-locals -#   too-many-branches -# pylint:disable=too-many-arguments, no-self-use -# pylint:disable=too-many-locals, too-many-branches, too-few-public-methods -"""Ansible module to register a kubernetes node to the cluster""" - -import os - -DOCUMENTATION = ''' ---- -module: kubernetes_register_node -short_description: Registers a kubernetes node with a master -description: -    - Registers a kubernetes node with a master -options: -    name: -        default: null -        description: -            - Identifier for this node (usually the node fqdn). -        required: true -    api_verison: -        choices: ['v1beta1', 'v1beta3'] -        default: 'v1beta1' -        description: -            - Kubernetes API version to use -        required: true -    host_ip: -        default: null -        description: -            - IP Address to associate with the node when registering. -              Available in the following API versions: v1beta1. -        required: false -    cpu: -        default: null -        description: -            - Number of CPUs to allocate for this node. When using the v1beta1 -              API, you must specify the CPU count as a floating point number -              with no more than 3 decimal places. API version v1beta3 and newer -              accepts arbitrary float values. -        required: false -    memory: -        default: null -        description: -            - Memory available for this node. When using the v1beta1 API, you -              must specify the memory size in bytes. API version v1beta3 and -              newer accepts binary SI and decimal SI values. -        required: false -''' -EXAMPLES = ''' -# Minimal node registration -- openshift_register_node: name=ose3.node.example.com - -# Node registration using the v1beta1 API and assigning 1 CPU core and 10 GB of -# Memory -- openshift_register_node: -    name: ose3.node.example.com -    api_version: v1beta1 -    hostIP: 192.168.1.1 -    cpu: 1 -    memory: 500000000 -''' - - -class ClientConfigException(Exception): -    """Client Configuration Exception""" -    pass - -class ClientConfig(object): -    """ Representation of a client config - -        Attributes: -            config (dict): dictionary representing the client configuration - -        Args: -            client_opts (list of str): client options to use -            module (AnsibleModule): - -        Raises: -            ClientConfigException: -    """ -    def __init__(self, client_opts, module): -        kubectl = module.params['kubectl_cmd'] -        _, output, _ = module.run_command((kubectl + -                                           ["config", "view", "-o", "json"] + -                                           client_opts), check_rc=True) -        self.config = json.loads(output) - -        if not (bool(self.config['clusters']) or -                bool(self.config['contexts']) or -                bool(self.config['current-context']) or -                bool(self.config['users'])): -            raise ClientConfigException( -                "Client config missing required values: %s" % output -            ) - -    def current_context(self): -        """ Gets the current context for the client config - -            Returns: -                str: The current context as set in the config -        """ -        return self.config['current-context'] - -    def section_has_value(self, section_name, value): -        """ Test if specified section contains a value - -            Args: -                section_name (str): config section to test -                value (str): value to test if present -            Returns: -                bool: True if successful, false otherwise -        """ -        section = self.config[section_name] -        if isinstance(section, dict): -            return value in section -        else: -            val = next((item for item in section -                        if item['name'] == value), None) -            return val is not None - -    def has_context(self, context): -        """ Test if specified context exists in config - -            Args: -                context (str): value to test if present -            Returns: -                bool: True if successful, false otherwise -        """ -        return self.section_has_value('contexts', context) - -    def has_user(self, user): -        """ Test if specified user exists in config - -            Args: -                context (str): value to test if present -            Returns: -                bool: True if successful, false otherwise -        """ -        return self.section_has_value('users', user) - -    def has_cluster(self, cluster): -        """ Test if specified cluster exists in config - -            Args: -                context (str): value to test if present -            Returns: -                bool: True if successful, false otherwise -        """ -        return self.section_has_value('clusters', cluster) - -    def get_value_for_context(self, context, attribute): -        """ Get the value of attribute in context - -            Args: -                context (str): context to search -                attribute (str): attribute wanted -            Returns: -                str: The value for attribute in context -        """ -        contexts = self.config['contexts'] -        if isinstance(contexts, dict): -            return contexts[context][attribute] -        else: -            return next((c['context'][attribute] for c in contexts -                         if c['name'] == context), None) - -    def get_user_for_context(self, context): -        """ Get the user attribute in context - -            Args: -                context (str): context to search -            Returns: -                str: The value for the attribute in context -        """ -        return self.get_value_for_context(context, 'user') - -    def get_cluster_for_context(self, context): -        """ Get the cluster attribute in context - -            Args: -                context (str): context to search -            Returns: -                str: The value for the attribute in context -        """ -        return self.get_value_for_context(context, 'cluster') - -    def get_namespace_for_context(self, context): -        """ Get the namespace attribute in context - -            Args: -                context (str): context to search -            Returns: -                str: The value for the attribute in context -        """ -        return self.get_value_for_context(context, 'namespace') - -class Util(object): -    """Utility methods""" -    @staticmethod -    def remove_empty_elements(mapping): -        """ Recursively removes empty elements from a dict - -            Args: -                mapping (dict): dict to remove empty attributes from -            Returns: -                dict: A copy of the dict with empty elements removed -        """ -        if isinstance(mapping, dict): -            copy = mapping.copy() -            for key, val in mapping.iteritems(): -                if not val: -                    del copy[key] -            return copy -        else: -            return mapping - -class NodeResources(object): -    """ Kubernetes Node Resources - -        Attributes: -            resources (dict): A dictionary representing the node resources - -        Args: -            version (str): kubernetes api version -            cpu (str): string representation of the cpu resources for the node -            memory (str): string representation of the memory resources for the -                node -    """ -    def __init__(self, version, cpu=None, memory=None): -        if version == 'v1beta1': -            self.resources = dict(capacity=dict()) -            self.resources['capacity']['cpu'] = cpu -            self.resources['capacity']['memory'] = memory - -    def get_resources(self): -        """ Get the dict representing the node resources - -            Returns: -                dict: representation of the node resources with any empty -                    elements removed -        """ -        return Util.remove_empty_elements(self.resources) - -class NodeSpec(object): -    """ Kubernetes Node Spec - -        Attributes: -            spec (dict): A dictionary representing the node resources - -        Args: -            version (str): kubernetes api version -            cpu (str): string representation of the cpu resources for the node -            memory (str): string representation of the memory resources for the -                node -            cidr (str): string representation of the cidr block available for -                the node -            externalID (str): The external id of the node -    """ -    def __init__(self, version, cpu=None, memory=None, cidr=None, -                 externalID=None): -        if version == 'v1beta3': -            self.spec = dict(podCIDR=cidr, externalID=externalID, -                             capacity=dict()) -            self.spec['capacity']['cpu'] = cpu -            self.spec['capacity']['memory'] = memory - -    def get_spec(self): -        """ Get the dict representing the node spec - -            Returns: -                dict: representation of the node spec with any empty elements -                    removed -        """ -        return Util.remove_empty_elements(self.spec) - -class Node(object): -    """ Kubernetes Node - -        Attributes: -            node (dict): A dictionary representing the node - -        Args: -            module (AnsibleModule): -            client_opts (list): client connection options -            version (str, optional): kubernetes api version -            node_name (str, optional): name for node -            hostIP (str, optional): node host ip -            cpu (str, optional): cpu resources for the node -            memory (str, optional): memory resources for the node -            labels (list, optional): labels for the node -            annotations (list, optional): annotations for the node -            podCIDR (list, optional): cidr block to use for pods -            externalID (str, optional): external id of the node -    """ -    def __init__(self, module, client_opts, version='v1beta1', node_name=None, -                 hostIP=None, cpu=None, memory=None, labels=None, -                 annotations=None, podCIDR=None, externalID=None): -        self.module = module -        self.client_opts = client_opts -        if version == 'v1beta1': -            self.node = dict(id=node_name, -                             kind='Node', -                             apiVersion=version, -                             hostIP=hostIP, -                             resources=NodeResources(version, cpu, memory), -                             cidr=podCIDR, -                             labels=labels, -                             annotations=annotations, -                             externalID=externalID) -        elif version == 'v1beta3': -            metadata = dict(name=node_name, -                            labels=labels, -                            annotations=annotations) -            self.node = dict(kind='Node', -                             apiVersion=version, -                             metadata=metadata, -                             spec=NodeSpec(version, cpu, memory, podCIDR, -                                           externalID)) - -    def get_name(self): -        """ Get the name for the node - -            Returns: -                str: node name -        """ -        if self.node['apiVersion'] == 'v1beta1': -            return self.node['id'] -        elif self.node['apiVersion'] == 'v1beta3': -            return self.node['metadata']['name'] - -    def get_node(self): -        """ Get the dict representing the node - -            Returns: -                dict: representation of the node with any empty elements -                    removed -        """ -        node = self.node.copy() -        if self.node['apiVersion'] == 'v1beta1': -            node['resources'] = self.node['resources'].get_resources() -        elif self.node['apiVersion'] == 'v1beta3': -            node['spec'] = self.node['spec'].get_spec() -        return Util.remove_empty_elements(node) - -    def exists(self): -        """ Tests if the node already exists - -            Returns: -                bool: True if node exists, otherwise False -        """ -        kubectl = self.module.params['kubectl_cmd'] -        _, output, _ = self.module.run_command((kubectl + ["get", "nodes"] + -                                                self.client_opts), -                                               check_rc=True) -        if re.search(self.module.params['name'], output, re.MULTILINE): -            return True -        return False - -    def create(self): -        """ Creates the node - -            Returns: -                bool: True if node creation successful -        """ -        kubectl = self.module.params['kubectl_cmd'] -        cmd = kubectl + self.client_opts + ['create', '-f', '-'] -        exit_code, output, error = self.module.run_command( -            cmd, data=self.module.jsonify(self.get_node()) -        ) -        if exit_code != 0: -            if re.search("minion \"%s\" already exists" % self.get_name(), -                         error): -                self.module.exit_json(msg="node definition already exists", -                                      changed=False, node=self.get_node()) -            else: -                self.module.fail_json(msg="Node creation failed.", -                                      exit_code=exit_code, -                                      output=output, error=error, -                                      node=self.get_node()) -        else: -            return True - -def generate_client_opts(module): -    """ Generates the client options - -        Args: -            module(AnsibleModule) - -        Returns: -            str: client options -    """ -    client_config = '~/.kube/.kubeconfig' -    if 'default_client_config' in module.params: -        client_config = module.params['default_client_config'] -    user_has_client_config = os.path.exists(os.path.expanduser(client_config)) -    if not (user_has_client_config or module.params['client_config']): -        module.fail_json(msg="Could not locate client configuration, " -                         "client_config must be specified if " -                         "~/.kube/.kubeconfig is not present") - -    client_opts = [] -    if module.params['client_config']: -        kubeconfig_flag = '--kubeconfig' -        if 'kubeconfig_flag' in module.params: -            kubeconfig_flag = module.params['kubeconfig_flag'] -        client_opts.append(kubeconfig_flag + '=' + os.path.expanduser(module.params['client_config'])) - -    try: -        config = ClientConfig(client_opts, module) -    except ClientConfigException as ex: -        module.fail_json(msg="Failed to get client configuration", -                         exception=str(ex)) - -    client_context = module.params['client_context'] -    if config.has_context(client_context): -        if client_context != config.current_context(): -            client_opts.append("--context=%s" % client_context) -    else: -        module.fail_json(msg="Context %s not found in client config" % client_context) - -    client_user = module.params['client_user'] -    if config.has_user(client_user): -        if client_user != config.get_user_for_context(client_context): -            client_opts.append("--user=%s" % client_user) -    else: -        module.fail_json(msg="User %s not found in client config" % client_user) - -    client_cluster = module.params['client_cluster'] -    if config.has_cluster(client_cluster): -        if client_cluster != config.get_cluster_for_context(client_context): -            client_opts.append("--cluster=%s" % client_cluster) -    else: -        module.fail_json(msg="Cluster %s not found in client config" % client_cluster) - -    client_namespace = module.params['client_namespace'] -    if client_namespace != config.get_namespace_for_context(client_context): -        client_opts.append("--namespace=%s" % client_namespace) - -    return client_opts - - -def main(): -    """ main """ -    module = AnsibleModule( -        argument_spec=dict( -            name=dict(required=True, type='str'), -            host_ip=dict(type='str'), -            api_version=dict(type='str', default='v1beta1', -                             choices=['v1beta1', 'v1beta3']), -            cpu=dict(type='str'), -            memory=dict(type='str'), -            # TODO: needs documented -            labels=dict(type='dict', default={}), -            # TODO: needs documented -            annotations=dict(type='dict', default={}), -            # TODO: needs documented -            pod_cidr=dict(type='str'), -            # TODO: needs documented -            client_config=dict(type='str'), -            # TODO: needs documented -            client_cluster=dict(type='str', default='master'), -            # TODO: needs documented -            client_context=dict(type='str', default='default'), -            # TODO: needs documented -            client_namespace=dict(type='str', default='default'), -            # TODO: needs documented -            client_user=dict(type='str', default='system:admin'), -            # TODO: needs documented -            kubectl_cmd=dict(type='list', default=['kubectl']), -            # TODO: needs documented -            kubeconfig_flag=dict(type='str'), -            # TODO: needs documented -            default_client_config=dict(type='str') -        ), -        supports_check_mode=True -    ) - -    labels = module.params['labels'] -    kube_hostname_label = 'kubernetes.io/hostname' -    if kube_hostname_label not in labels: -        labels[kube_hostname_label] = module.params['name'] - -    node = Node(module, generate_client_opts(module), -                module.params['api_version'], module.params['name'], -                module.params['host_ip'], module.params['cpu'], -                module.params['memory'], labels, module.params['annotations'], -                module.params['pod_cidr']) - -    if node.exists(): -        module.exit_json(changed=False, node=node.get_node()) -    elif module.check_mode: -        module.exit_json(changed=True, node=node.get_node()) -    elif node.create(): -        module.exit_json(changed=True, msg="Node created successfully", -                         node=node.get_node()) -    else: -        module.fail_json(msg="Unknown error creating node", node=node.get_node()) - -# ignore pylint errors related to the module_utils import -# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import -# import module snippets -from ansible.module_utils.basic import * -if __name__ == '__main__': -    main() diff --git a/roles/openshift_register_nodes/tasks/main.yml b/roles/openshift_register_nodes/tasks/main.yml deleted file mode 100644 index 502dffc26..000000000 --- a/roles/openshift_register_nodes/tasks/main.yml +++ /dev/null @@ -1,53 +0,0 @@ ---- -- name: Create openshift_generated_configs_dir if it doesn't exist -  file: -    path: "{{ openshift_generated_configs_dir }}" -    state: directory - -- name: Generate the node client config -  command: > -    {{ openshift.common.admin_binary }} create-api-client-config -      --certificate-authority={{ openshift_master_ca_cert }} -      --client-dir={{ openshift_generated_configs_dir }}/node-{{ item.openshift.common.hostname }} -      --groups=system:nodes -      --master={{ openshift.master.api_url }} -      --signer-cert={{ openshift_master_ca_cert }} -      --signer-key={{ openshift_master_ca_key }} -      --signer-serial={{ openshift_master_ca_serial }} -      --user=system:node:{{ item.openshift.common.hostname }} -  args: -    chdir: "{{ openshift_generated_configs_dir }}" -    creates: "{{ openshift_generated_configs_dir }}/node-{{ item.openshift.common.hostname }}" -  with_items: nodes_needing_certs - -- name: Generate the node server certificate -  delegate_to: "{{ openshift_first_master }}" -  command: > -    {{ openshift.common.admin_binary }} create-server-cert -      --cert=server.crt --key=server.key --overwrite=true -      --hostnames={{ [item.openshift.common.hostname, item.openshift.common.public_hostname]|unique|join(",") }} -      --signer-cert={{ openshift_master_ca_cert }} -      --signer-key={{ openshift_master_ca_key }} -      --signer-serial={{ openshift_master_ca_serial }} -  args: -    chdir: "{{ openshift_generated_configs_dir }}/node-{{ item.openshift.common.hostname }}" -    creates: "{{ openshift_generated_configs_dir }}/node-{{ item.openshift.common.hostname }}/server.crt" -  with_items: nodes_needing_certs - -- name: Register unregistered nodes -  kubernetes_register_node: -    kubectl_cmd: "{{ [openshift.common.client_binary] }}" -    default_client_config: '~/.kube/config' -    name: "{{ item.openshift.common.hostname }}" -    api_version: "{{ openshift_kube_api_version }}" -    cpu: "{{ item.openshift.node.resources_cpu | default(None) }}" -    memory: "{{ item.openshift.node.resources_memory | default(None) }}" -    pod_cidr: "{{ item.openshift.node.pod_cidr | default(None) }}" -    host_ip: "{{ item.openshift.common.ip }}" -    labels: "{{ item.openshift.node.labels | default({}) }}" -    annotations: "{{ item.openshift.node.annotations | default({}) }}" -    client_context: default/ose3-master-example-com:8443/system:openshift-master -    client_user: system:openshift-master/ose3-master-example-com:8443 -    client_cluster: ose3-master-example-com:8443 -  with_items: openshift_nodes -  register: register_result diff --git a/roles/openshift_repos/files/online/repos/enterprise-v3.repo b/roles/openshift_repos/files/online/repos/enterprise-v3.repo index 69c480f0a..92bd35834 100644 --- a/roles/openshift_repos/files/online/repos/enterprise-v3.repo +++ b/roles/openshift_repos/files/online/repos/enterprise-v3.repo @@ -1,7 +1,7 @@  [enterprise-v3] -name=OpenShift Enterprise Beta4 -baseurl=https://mirror.ops.rhcloud.com/libra/libra-7-ose-beta4/ -        https://gce-mirror1.ops.rhcloud.com/libra/libra-7-ose-beta4/ +name=OpenShift Enterprise +baseurl=https://mirror.ops.rhcloud.com/libra/rhui-rhel-server-7-ose/ +        https://gce-mirror1.ops.rhcloud.com/libra/rhui-rhel-server-7-ose/  enabled=1  gpgcheck=0  failovermethod=priority diff --git a/roles/os_zabbix/library/zbxapi.py b/roles/os_zabbix/library/zbxapi.py index b5fa5ee2b..48f294938 100755 --- a/roles/os_zabbix/library/zbxapi.py +++ b/roles/os_zabbix/library/zbxapi.py @@ -103,7 +103,6 @@ class ZabbixAPI(object):          # pylint: disable=no-member          # This method does not exist until the metaprogramming executed -        # This is permanently disabled.          results = self.user.login(user=self.username, password=self.password)          if results[0]['status'] == '200': @@ -251,17 +250,26 @@ def exists(content, key='result'):      return True -def diff_content(from_zabbix, from_user): +def diff_content(from_zabbix, from_user, ignore=None):      ''' Compare passed in object to results returned from zabbix      ''' -    terms = ['search', 'output', 'groups', 'select', 'expand'] +    terms = ['search', 'output', 'groups', 'select', 'expand', 'filter'] +    if ignore: +        terms.extend(ignore)      regex = '(' + '|'.join(terms) + ')'      retval = {}      for key, value in from_user.items():          if re.findall(regex, key):              continue -        if from_zabbix[key] != str(value): +        # special case here for templates.  You query templates and +        # the zabbix api returns parentTemplates.  These will obviously fail. +        # So when its templates compare against parentTemplates. +        if key == 'templates' and from_zabbix.has_key('parentTemplates'): +            if from_zabbix['parentTemplates'] != value: +                retval[key] = value + +        elif from_zabbix[key] != str(value):              retval[key] = str(value)      return retval @@ -280,6 +288,7 @@ def main():              params=dict(),              debug=dict(default=False, type='bool'),              state=dict(default='present', type='str'), +            ignore=dict(default=None, type='list'),          ),          #supports_check_mode=True      ) @@ -306,10 +315,12 @@ def main():      zapi = ZabbixAPI(api_data) +    ignore = module.params['ignore']      zbx_class = module.params.get('zbx_class')      rpc_params = module.params.get('params', {})      state = module.params.get('state') +      # Get the instance we are trying to call      zbx_class_inst = zapi.__getattribute__(zbx_class.lower()) @@ -337,14 +348,14 @@ def main():          module.exit_json(changed=True, results=content['result'], state="absent")      if state == 'present': -	# It's not there, create it! +    # It's not there, create it!          if not exists(content):              zbx_action_method = zapi.__getattribute__(zbx_class.capitalize()).__dict__['create']              _, content = zbx_action_method(zbx_class_inst, rpc_params)              module.exit_json(changed=True, results=content['result'], state='present') -	# It's there and the same, do nothing! -        diff_params = diff_content(content['result'][0], rpc_params) +    # It's there and the same, do nothing! +        diff_params = diff_content(content['result'][0], rpc_params, ignore)          if not diff_params:              module.exit_json(changed=False, results=content['result'], state="present") @@ -368,3 +379,4 @@ def main():  from ansible.module_utils.basic import *  main() + | 
